1 /* 2 * gdb server stub 3 * 4 * This implements a subset of the remote protocol as described in: 5 * 6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html 7 * 8 * Copyright (c) 2003-2005 Fabrice Bellard 9 * 10 * This library is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU Lesser General Public 12 * License as published by the Free Software Foundation; either 13 * version 2 of the License, or (at your option) any later version. 14 * 15 * This library is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 * Lesser General Public License for more details. 19 * 20 * You should have received a copy of the GNU Lesser General Public 21 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 22 * 23 * SPDX-License-Identifier: LGPL-2.0+ 24 */ 25 26 #include "qemu/osdep.h" 27 #include "qapi/error.h" 28 #include "qemu/error-report.h" 29 #include "qemu/ctype.h" 30 #include "qemu/cutils.h" 31 #include "qemu/module.h" 32 #include "trace.h" 33 #include "exec/gdbstub.h" 34 #ifdef CONFIG_USER_ONLY 35 #include "qemu.h" 36 #else 37 #include "monitor/monitor.h" 38 #include "chardev/char.h" 39 #include "chardev/char-fe.h" 40 #include "hw/cpu/cluster.h" 41 #include "hw/boards.h" 42 #endif 43 44 #define MAX_PACKET_LENGTH 4096 45 46 #include "qemu/sockets.h" 47 #include "sysemu/hw_accel.h" 48 #include "sysemu/runstate.h" 49 #include "semihosting/semihost.h" 50 #include "exec/exec-all.h" 51 #include "exec/hwaddr.h" 52 #include "sysemu/replay.h" 53 54 #include "internals.h" 55 56 #ifdef CONFIG_USER_ONLY 57 #define GDB_ATTACHED "0" 58 #else 59 #define GDB_ATTACHED "1" 60 #endif 61 62 #ifndef CONFIG_USER_ONLY 63 static int phy_memory_mode; 64 #endif 65 66 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr, 67 uint8_t *buf, int len, bool is_write) 68 { 69 CPUClass *cc; 70 71 #ifndef CONFIG_USER_ONLY 72 if (phy_memory_mode) { 73 if (is_write) { 74 cpu_physical_memory_write(addr, buf, len); 75 } else { 76 cpu_physical_memory_read(addr, buf, len); 77 } 78 return 0; 79 } 80 #endif 81 82 cc = CPU_GET_CLASS(cpu); 83 if (cc->memory_rw_debug) { 84 return cc->memory_rw_debug(cpu, addr, buf, len, is_write); 85 } 86 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write); 87 } 88 89 /* Return the GDB index for a given vCPU state. 90 * 91 * For user mode this is simply the thread id. In system mode GDB 92 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index. 93 */ 94 static inline int cpu_gdb_index(CPUState *cpu) 95 { 96 #if defined(CONFIG_USER_ONLY) 97 TaskState *ts = (TaskState *) cpu->opaque; 98 return ts ? ts->ts_tid : -1; 99 #else 100 return cpu->cpu_index + 1; 101 #endif 102 } 103 104 enum { 105 GDB_SIGNAL_0 = 0, 106 GDB_SIGNAL_INT = 2, 107 GDB_SIGNAL_QUIT = 3, 108 GDB_SIGNAL_TRAP = 5, 109 GDB_SIGNAL_ABRT = 6, 110 GDB_SIGNAL_ALRM = 14, 111 GDB_SIGNAL_IO = 23, 112 GDB_SIGNAL_XCPU = 24, 113 GDB_SIGNAL_UNKNOWN = 143 114 }; 115 116 #ifdef CONFIG_USER_ONLY 117 118 /* Map target signal numbers to GDB protocol signal numbers and vice 119 * versa. For user emulation's currently supported systems, we can 120 * assume most signals are defined. 121 */ 122 123 static int gdb_signal_table[] = { 124 0, 125 TARGET_SIGHUP, 126 TARGET_SIGINT, 127 TARGET_SIGQUIT, 128 TARGET_SIGILL, 129 TARGET_SIGTRAP, 130 TARGET_SIGABRT, 131 -1, /* SIGEMT */ 132 TARGET_SIGFPE, 133 TARGET_SIGKILL, 134 TARGET_SIGBUS, 135 TARGET_SIGSEGV, 136 TARGET_SIGSYS, 137 TARGET_SIGPIPE, 138 TARGET_SIGALRM, 139 TARGET_SIGTERM, 140 TARGET_SIGURG, 141 TARGET_SIGSTOP, 142 TARGET_SIGTSTP, 143 TARGET_SIGCONT, 144 TARGET_SIGCHLD, 145 TARGET_SIGTTIN, 146 TARGET_SIGTTOU, 147 TARGET_SIGIO, 148 TARGET_SIGXCPU, 149 TARGET_SIGXFSZ, 150 TARGET_SIGVTALRM, 151 TARGET_SIGPROF, 152 TARGET_SIGWINCH, 153 -1, /* SIGLOST */ 154 TARGET_SIGUSR1, 155 TARGET_SIGUSR2, 156 #ifdef TARGET_SIGPWR 157 TARGET_SIGPWR, 158 #else 159 -1, 160 #endif 161 -1, /* SIGPOLL */ 162 -1, 163 -1, 164 -1, 165 -1, 166 -1, 167 -1, 168 -1, 169 -1, 170 -1, 171 -1, 172 -1, 173 #ifdef __SIGRTMIN 174 __SIGRTMIN + 1, 175 __SIGRTMIN + 2, 176 __SIGRTMIN + 3, 177 __SIGRTMIN + 4, 178 __SIGRTMIN + 5, 179 __SIGRTMIN + 6, 180 __SIGRTMIN + 7, 181 __SIGRTMIN + 8, 182 __SIGRTMIN + 9, 183 __SIGRTMIN + 10, 184 __SIGRTMIN + 11, 185 __SIGRTMIN + 12, 186 __SIGRTMIN + 13, 187 __SIGRTMIN + 14, 188 __SIGRTMIN + 15, 189 __SIGRTMIN + 16, 190 __SIGRTMIN + 17, 191 __SIGRTMIN + 18, 192 __SIGRTMIN + 19, 193 __SIGRTMIN + 20, 194 __SIGRTMIN + 21, 195 __SIGRTMIN + 22, 196 __SIGRTMIN + 23, 197 __SIGRTMIN + 24, 198 __SIGRTMIN + 25, 199 __SIGRTMIN + 26, 200 __SIGRTMIN + 27, 201 __SIGRTMIN + 28, 202 __SIGRTMIN + 29, 203 __SIGRTMIN + 30, 204 __SIGRTMIN + 31, 205 -1, /* SIGCANCEL */ 206 __SIGRTMIN, 207 __SIGRTMIN + 32, 208 __SIGRTMIN + 33, 209 __SIGRTMIN + 34, 210 __SIGRTMIN + 35, 211 __SIGRTMIN + 36, 212 __SIGRTMIN + 37, 213 __SIGRTMIN + 38, 214 __SIGRTMIN + 39, 215 __SIGRTMIN + 40, 216 __SIGRTMIN + 41, 217 __SIGRTMIN + 42, 218 __SIGRTMIN + 43, 219 __SIGRTMIN + 44, 220 __SIGRTMIN + 45, 221 __SIGRTMIN + 46, 222 __SIGRTMIN + 47, 223 __SIGRTMIN + 48, 224 __SIGRTMIN + 49, 225 __SIGRTMIN + 50, 226 __SIGRTMIN + 51, 227 __SIGRTMIN + 52, 228 __SIGRTMIN + 53, 229 __SIGRTMIN + 54, 230 __SIGRTMIN + 55, 231 __SIGRTMIN + 56, 232 __SIGRTMIN + 57, 233 __SIGRTMIN + 58, 234 __SIGRTMIN + 59, 235 __SIGRTMIN + 60, 236 __SIGRTMIN + 61, 237 __SIGRTMIN + 62, 238 __SIGRTMIN + 63, 239 __SIGRTMIN + 64, 240 __SIGRTMIN + 65, 241 __SIGRTMIN + 66, 242 __SIGRTMIN + 67, 243 __SIGRTMIN + 68, 244 __SIGRTMIN + 69, 245 __SIGRTMIN + 70, 246 __SIGRTMIN + 71, 247 __SIGRTMIN + 72, 248 __SIGRTMIN + 73, 249 __SIGRTMIN + 74, 250 __SIGRTMIN + 75, 251 __SIGRTMIN + 76, 252 __SIGRTMIN + 77, 253 __SIGRTMIN + 78, 254 __SIGRTMIN + 79, 255 __SIGRTMIN + 80, 256 __SIGRTMIN + 81, 257 __SIGRTMIN + 82, 258 __SIGRTMIN + 83, 259 __SIGRTMIN + 84, 260 __SIGRTMIN + 85, 261 __SIGRTMIN + 86, 262 __SIGRTMIN + 87, 263 __SIGRTMIN + 88, 264 __SIGRTMIN + 89, 265 __SIGRTMIN + 90, 266 __SIGRTMIN + 91, 267 __SIGRTMIN + 92, 268 __SIGRTMIN + 93, 269 __SIGRTMIN + 94, 270 __SIGRTMIN + 95, 271 -1, /* SIGINFO */ 272 -1, /* UNKNOWN */ 273 -1, /* DEFAULT */ 274 -1, 275 -1, 276 -1, 277 -1, 278 -1, 279 -1 280 #endif 281 }; 282 #else 283 /* In system mode we only need SIGINT and SIGTRAP; other signals 284 are not yet supported. */ 285 286 enum { 287 TARGET_SIGINT = 2, 288 TARGET_SIGTRAP = 5 289 }; 290 291 static int gdb_signal_table[] = { 292 -1, 293 -1, 294 TARGET_SIGINT, 295 -1, 296 -1, 297 TARGET_SIGTRAP 298 }; 299 #endif 300 301 #ifdef CONFIG_USER_ONLY 302 static int target_signal_to_gdb (int sig) 303 { 304 int i; 305 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++) 306 if (gdb_signal_table[i] == sig) 307 return i; 308 return GDB_SIGNAL_UNKNOWN; 309 } 310 #endif 311 312 static int gdb_signal_to_target (int sig) 313 { 314 if (sig < ARRAY_SIZE (gdb_signal_table)) 315 return gdb_signal_table[sig]; 316 else 317 return -1; 318 } 319 320 typedef struct GDBRegisterState { 321 int base_reg; 322 int num_regs; 323 gdb_get_reg_cb get_reg; 324 gdb_set_reg_cb set_reg; 325 const char *xml; 326 struct GDBRegisterState *next; 327 } GDBRegisterState; 328 329 typedef struct GDBProcess { 330 uint32_t pid; 331 bool attached; 332 333 char target_xml[1024]; 334 } GDBProcess; 335 336 enum RSState { 337 RS_INACTIVE, 338 RS_IDLE, 339 RS_GETLINE, 340 RS_GETLINE_ESC, 341 RS_GETLINE_RLE, 342 RS_CHKSUM1, 343 RS_CHKSUM2, 344 }; 345 typedef struct GDBState { 346 bool init; /* have we been initialised? */ 347 CPUState *c_cpu; /* current CPU for step/continue ops */ 348 CPUState *g_cpu; /* current CPU for other ops */ 349 CPUState *query_cpu; /* for q{f|s}ThreadInfo */ 350 enum RSState state; /* parsing state */ 351 char line_buf[MAX_PACKET_LENGTH]; 352 int line_buf_index; 353 int line_sum; /* running checksum */ 354 int line_csum; /* checksum at the end of the packet */ 355 GByteArray *last_packet; 356 int signal; 357 #ifdef CONFIG_USER_ONLY 358 int fd; 359 char *socket_path; 360 int running_state; 361 #else 362 CharBackend chr; 363 Chardev *mon_chr; 364 #endif 365 bool multiprocess; 366 GDBProcess *processes; 367 int process_num; 368 char syscall_buf[256]; 369 gdb_syscall_complete_cb current_syscall_cb; 370 GString *str_buf; 371 GByteArray *mem_buf; 372 int sstep_flags; 373 int supported_sstep_flags; 374 } GDBState; 375 376 static GDBState gdbserver_state; 377 378 static void init_gdbserver_state(void) 379 { 380 g_assert(!gdbserver_state.init); 381 memset(&gdbserver_state, 0, sizeof(GDBState)); 382 gdbserver_state.init = true; 383 gdbserver_state.str_buf = g_string_new(NULL); 384 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH); 385 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4); 386 387 /* 388 * What single-step modes are supported is accelerator dependent. 389 * By default try to use no IRQs and no timers while single 390 * stepping so as to make single stepping like a typical ICE HW step. 391 */ 392 gdbserver_state.supported_sstep_flags = accel_supported_gdbstub_sstep_flags(); 393 gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER; 394 gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags; 395 } 396 397 #ifndef CONFIG_USER_ONLY 398 static void reset_gdbserver_state(void) 399 { 400 g_free(gdbserver_state.processes); 401 gdbserver_state.processes = NULL; 402 gdbserver_state.process_num = 0; 403 } 404 #endif 405 406 bool gdb_has_xml; 407 408 #ifdef CONFIG_USER_ONLY 409 410 static int get_char(void) 411 { 412 uint8_t ch; 413 int ret; 414 415 for(;;) { 416 ret = recv(gdbserver_state.fd, &ch, 1, 0); 417 if (ret < 0) { 418 if (errno == ECONNRESET) 419 gdbserver_state.fd = -1; 420 if (errno != EINTR) 421 return -1; 422 } else if (ret == 0) { 423 close(gdbserver_state.fd); 424 gdbserver_state.fd = -1; 425 return -1; 426 } else { 427 break; 428 } 429 } 430 return ch; 431 } 432 #endif 433 434 /* 435 * Return true if there is a GDB currently connected to the stub 436 * and attached to a CPU 437 */ 438 static bool gdb_attached(void) 439 { 440 return gdbserver_state.init && gdbserver_state.c_cpu; 441 } 442 443 static enum { 444 GDB_SYS_UNKNOWN, 445 GDB_SYS_ENABLED, 446 GDB_SYS_DISABLED, 447 } gdb_syscall_mode; 448 449 /* Decide if either remote gdb syscalls or native file IO should be used. */ 450 int use_gdb_syscalls(void) 451 { 452 SemihostingTarget target = semihosting_get_target(); 453 if (target == SEMIHOSTING_TARGET_NATIVE) { 454 /* -semihosting-config target=native */ 455 return false; 456 } else if (target == SEMIHOSTING_TARGET_GDB) { 457 /* -semihosting-config target=gdb */ 458 return true; 459 } 460 461 /* -semihosting-config target=auto */ 462 /* On the first call check if gdb is connected and remember. */ 463 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) { 464 gdb_syscall_mode = gdb_attached() ? GDB_SYS_ENABLED : GDB_SYS_DISABLED; 465 } 466 return gdb_syscall_mode == GDB_SYS_ENABLED; 467 } 468 469 static bool stub_can_reverse(void) 470 { 471 #ifdef CONFIG_USER_ONLY 472 return false; 473 #else 474 return replay_mode == REPLAY_MODE_PLAY; 475 #endif 476 } 477 478 /* Resume execution. */ 479 static inline void gdb_continue(void) 480 { 481 482 #ifdef CONFIG_USER_ONLY 483 gdbserver_state.running_state = 1; 484 trace_gdbstub_op_continue(); 485 #else 486 if (!runstate_needs_reset()) { 487 trace_gdbstub_op_continue(); 488 vm_start(); 489 } 490 #endif 491 } 492 493 /* 494 * Resume execution, per CPU actions. For user-mode emulation it's 495 * equivalent to gdb_continue. 496 */ 497 static int gdb_continue_partial(char *newstates) 498 { 499 CPUState *cpu; 500 int res = 0; 501 #ifdef CONFIG_USER_ONLY 502 /* 503 * This is not exactly accurate, but it's an improvement compared to the 504 * previous situation, where only one CPU would be single-stepped. 505 */ 506 CPU_FOREACH(cpu) { 507 if (newstates[cpu->cpu_index] == 's') { 508 trace_gdbstub_op_stepping(cpu->cpu_index); 509 cpu_single_step(cpu, gdbserver_state.sstep_flags); 510 } 511 } 512 gdbserver_state.running_state = 1; 513 #else 514 int flag = 0; 515 516 if (!runstate_needs_reset()) { 517 bool step_requested = false; 518 CPU_FOREACH(cpu) { 519 if (newstates[cpu->cpu_index] == 's') { 520 step_requested = true; 521 break; 522 } 523 } 524 525 if (vm_prepare_start(step_requested)) { 526 return 0; 527 } 528 529 CPU_FOREACH(cpu) { 530 switch (newstates[cpu->cpu_index]) { 531 case 0: 532 case 1: 533 break; /* nothing to do here */ 534 case 's': 535 trace_gdbstub_op_stepping(cpu->cpu_index); 536 cpu_single_step(cpu, gdbserver_state.sstep_flags); 537 cpu_resume(cpu); 538 flag = 1; 539 break; 540 case 'c': 541 trace_gdbstub_op_continue_cpu(cpu->cpu_index); 542 cpu_resume(cpu); 543 flag = 1; 544 break; 545 default: 546 res = -1; 547 break; 548 } 549 } 550 } 551 if (flag) { 552 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true); 553 } 554 #endif 555 return res; 556 } 557 558 static void put_buffer(const uint8_t *buf, int len) 559 { 560 #ifdef CONFIG_USER_ONLY 561 int ret; 562 563 while (len > 0) { 564 ret = send(gdbserver_state.fd, buf, len, 0); 565 if (ret < 0) { 566 if (errno != EINTR) 567 return; 568 } else { 569 buf += ret; 570 len -= ret; 571 } 572 } 573 #else 574 /* XXX this blocks entire thread. Rewrite to use 575 * qemu_chr_fe_write and background I/O callbacks */ 576 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len); 577 #endif 578 } 579 580 static inline int fromhex(int v) 581 { 582 if (v >= '0' && v <= '9') 583 return v - '0'; 584 else if (v >= 'A' && v <= 'F') 585 return v - 'A' + 10; 586 else if (v >= 'a' && v <= 'f') 587 return v - 'a' + 10; 588 else 589 return 0; 590 } 591 592 static inline int tohex(int v) 593 { 594 if (v < 10) 595 return v + '0'; 596 else 597 return v - 10 + 'a'; 598 } 599 600 /* writes 2*len+1 bytes in buf */ 601 static void memtohex(GString *buf, const uint8_t *mem, int len) 602 { 603 int i, c; 604 for(i = 0; i < len; i++) { 605 c = mem[i]; 606 g_string_append_c(buf, tohex(c >> 4)); 607 g_string_append_c(buf, tohex(c & 0xf)); 608 } 609 g_string_append_c(buf, '\0'); 610 } 611 612 static void hextomem(GByteArray *mem, const char *buf, int len) 613 { 614 int i; 615 616 for(i = 0; i < len; i++) { 617 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]); 618 g_byte_array_append(mem, &byte, 1); 619 buf += 2; 620 } 621 } 622 623 static void hexdump(const char *buf, int len, 624 void (*trace_fn)(size_t ofs, char const *text)) 625 { 626 char line_buffer[3 * 16 + 4 + 16 + 1]; 627 628 size_t i; 629 for (i = 0; i < len || (i & 0xF); ++i) { 630 size_t byte_ofs = i & 15; 631 632 if (byte_ofs == 0) { 633 memset(line_buffer, ' ', 3 * 16 + 4 + 16); 634 line_buffer[3 * 16 + 4 + 16] = 0; 635 } 636 637 size_t col_group = (i >> 2) & 3; 638 size_t hex_col = byte_ofs * 3 + col_group; 639 size_t txt_col = 3 * 16 + 4 + byte_ofs; 640 641 if (i < len) { 642 char value = buf[i]; 643 644 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF); 645 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF); 646 line_buffer[txt_col + 0] = (value >= ' ' && value < 127) 647 ? value 648 : '.'; 649 } 650 651 if (byte_ofs == 0xF) 652 trace_fn(i & -16, line_buffer); 653 } 654 } 655 656 /* return -1 if error, 0 if OK */ 657 static int put_packet_binary(const char *buf, int len, bool dump) 658 { 659 int csum, i; 660 uint8_t footer[3]; 661 662 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) { 663 hexdump(buf, len, trace_gdbstub_io_binaryreply); 664 } 665 666 for(;;) { 667 g_byte_array_set_size(gdbserver_state.last_packet, 0); 668 g_byte_array_append(gdbserver_state.last_packet, 669 (const uint8_t *) "$", 1); 670 g_byte_array_append(gdbserver_state.last_packet, 671 (const uint8_t *) buf, len); 672 csum = 0; 673 for(i = 0; i < len; i++) { 674 csum += buf[i]; 675 } 676 footer[0] = '#'; 677 footer[1] = tohex((csum >> 4) & 0xf); 678 footer[2] = tohex((csum) & 0xf); 679 g_byte_array_append(gdbserver_state.last_packet, footer, 3); 680 681 put_buffer(gdbserver_state.last_packet->data, 682 gdbserver_state.last_packet->len); 683 684 #ifdef CONFIG_USER_ONLY 685 i = get_char(); 686 if (i < 0) 687 return -1; 688 if (i == '+') 689 break; 690 #else 691 break; 692 #endif 693 } 694 return 0; 695 } 696 697 /* return -1 if error, 0 if OK */ 698 static int put_packet(const char *buf) 699 { 700 trace_gdbstub_io_reply(buf); 701 702 return put_packet_binary(buf, strlen(buf), false); 703 } 704 705 static void put_strbuf(void) 706 { 707 put_packet(gdbserver_state.str_buf->str); 708 } 709 710 /* Encode data using the encoding for 'x' packets. */ 711 static void memtox(GString *buf, const char *mem, int len) 712 { 713 char c; 714 715 while (len--) { 716 c = *(mem++); 717 switch (c) { 718 case '#': case '$': case '*': case '}': 719 g_string_append_c(buf, '}'); 720 g_string_append_c(buf, c ^ 0x20); 721 break; 722 default: 723 g_string_append_c(buf, c); 724 break; 725 } 726 } 727 } 728 729 static uint32_t gdb_get_cpu_pid(CPUState *cpu) 730 { 731 /* TODO: In user mode, we should use the task state PID */ 732 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) { 733 /* Return the default process' PID */ 734 int index = gdbserver_state.process_num - 1; 735 return gdbserver_state.processes[index].pid; 736 } 737 return cpu->cluster_index + 1; 738 } 739 740 static GDBProcess *gdb_get_process(uint32_t pid) 741 { 742 int i; 743 744 if (!pid) { 745 /* 0 means any process, we take the first one */ 746 return &gdbserver_state.processes[0]; 747 } 748 749 for (i = 0; i < gdbserver_state.process_num; i++) { 750 if (gdbserver_state.processes[i].pid == pid) { 751 return &gdbserver_state.processes[i]; 752 } 753 } 754 755 return NULL; 756 } 757 758 static GDBProcess *gdb_get_cpu_process(CPUState *cpu) 759 { 760 return gdb_get_process(gdb_get_cpu_pid(cpu)); 761 } 762 763 static CPUState *find_cpu(uint32_t thread_id) 764 { 765 CPUState *cpu; 766 767 CPU_FOREACH(cpu) { 768 if (cpu_gdb_index(cpu) == thread_id) { 769 return cpu; 770 } 771 } 772 773 return NULL; 774 } 775 776 static CPUState *get_first_cpu_in_process(GDBProcess *process) 777 { 778 CPUState *cpu; 779 780 CPU_FOREACH(cpu) { 781 if (gdb_get_cpu_pid(cpu) == process->pid) { 782 return cpu; 783 } 784 } 785 786 return NULL; 787 } 788 789 static CPUState *gdb_next_cpu_in_process(CPUState *cpu) 790 { 791 uint32_t pid = gdb_get_cpu_pid(cpu); 792 cpu = CPU_NEXT(cpu); 793 794 while (cpu) { 795 if (gdb_get_cpu_pid(cpu) == pid) { 796 break; 797 } 798 799 cpu = CPU_NEXT(cpu); 800 } 801 802 return cpu; 803 } 804 805 /* Return the cpu following @cpu, while ignoring unattached processes. */ 806 static CPUState *gdb_next_attached_cpu(CPUState *cpu) 807 { 808 cpu = CPU_NEXT(cpu); 809 810 while (cpu) { 811 if (gdb_get_cpu_process(cpu)->attached) { 812 break; 813 } 814 815 cpu = CPU_NEXT(cpu); 816 } 817 818 return cpu; 819 } 820 821 /* Return the first attached cpu */ 822 static CPUState *gdb_first_attached_cpu(void) 823 { 824 CPUState *cpu = first_cpu; 825 GDBProcess *process = gdb_get_cpu_process(cpu); 826 827 if (!process->attached) { 828 return gdb_next_attached_cpu(cpu); 829 } 830 831 return cpu; 832 } 833 834 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid) 835 { 836 GDBProcess *process; 837 CPUState *cpu; 838 839 if (!pid && !tid) { 840 /* 0 means any process/thread, we take the first attached one */ 841 return gdb_first_attached_cpu(); 842 } else if (pid && !tid) { 843 /* any thread in a specific process */ 844 process = gdb_get_process(pid); 845 846 if (process == NULL) { 847 return NULL; 848 } 849 850 if (!process->attached) { 851 return NULL; 852 } 853 854 return get_first_cpu_in_process(process); 855 } else { 856 /* a specific thread */ 857 cpu = find_cpu(tid); 858 859 if (cpu == NULL) { 860 return NULL; 861 } 862 863 process = gdb_get_cpu_process(cpu); 864 865 if (pid && process->pid != pid) { 866 return NULL; 867 } 868 869 if (!process->attached) { 870 return NULL; 871 } 872 873 return cpu; 874 } 875 } 876 877 static const char *get_feature_xml(const char *p, const char **newp, 878 GDBProcess *process) 879 { 880 size_t len; 881 int i; 882 const char *name; 883 CPUState *cpu = get_first_cpu_in_process(process); 884 CPUClass *cc = CPU_GET_CLASS(cpu); 885 886 len = 0; 887 while (p[len] && p[len] != ':') 888 len++; 889 *newp = p + len; 890 891 name = NULL; 892 if (strncmp(p, "target.xml", len) == 0) { 893 char *buf = process->target_xml; 894 const size_t buf_sz = sizeof(process->target_xml); 895 896 /* Generate the XML description for this CPU. */ 897 if (!buf[0]) { 898 GDBRegisterState *r; 899 900 pstrcat(buf, buf_sz, 901 "<?xml version=\"1.0\"?>" 902 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">" 903 "<target>"); 904 if (cc->gdb_arch_name) { 905 gchar *arch = cc->gdb_arch_name(cpu); 906 pstrcat(buf, buf_sz, "<architecture>"); 907 pstrcat(buf, buf_sz, arch); 908 pstrcat(buf, buf_sz, "</architecture>"); 909 g_free(arch); 910 } 911 pstrcat(buf, buf_sz, "<xi:include href=\""); 912 pstrcat(buf, buf_sz, cc->gdb_core_xml_file); 913 pstrcat(buf, buf_sz, "\"/>"); 914 for (r = cpu->gdb_regs; r; r = r->next) { 915 pstrcat(buf, buf_sz, "<xi:include href=\""); 916 pstrcat(buf, buf_sz, r->xml); 917 pstrcat(buf, buf_sz, "\"/>"); 918 } 919 pstrcat(buf, buf_sz, "</target>"); 920 } 921 return buf; 922 } 923 if (cc->gdb_get_dynamic_xml) { 924 char *xmlname = g_strndup(p, len); 925 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname); 926 927 g_free(xmlname); 928 if (xml) { 929 return xml; 930 } 931 } 932 for (i = 0; ; i++) { 933 name = xml_builtin[i][0]; 934 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len)) 935 break; 936 } 937 return name ? xml_builtin[i][1] : NULL; 938 } 939 940 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg) 941 { 942 CPUClass *cc = CPU_GET_CLASS(cpu); 943 CPUArchState *env = cpu->env_ptr; 944 GDBRegisterState *r; 945 946 if (reg < cc->gdb_num_core_regs) { 947 return cc->gdb_read_register(cpu, buf, reg); 948 } 949 950 for (r = cpu->gdb_regs; r; r = r->next) { 951 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) { 952 return r->get_reg(env, buf, reg - r->base_reg); 953 } 954 } 955 return 0; 956 } 957 958 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg) 959 { 960 CPUClass *cc = CPU_GET_CLASS(cpu); 961 CPUArchState *env = cpu->env_ptr; 962 GDBRegisterState *r; 963 964 if (reg < cc->gdb_num_core_regs) { 965 return cc->gdb_write_register(cpu, mem_buf, reg); 966 } 967 968 for (r = cpu->gdb_regs; r; r = r->next) { 969 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) { 970 return r->set_reg(env, mem_buf, reg - r->base_reg); 971 } 972 } 973 return 0; 974 } 975 976 /* Register a supplemental set of CPU registers. If g_pos is nonzero it 977 specifies the first register number and these registers are included in 978 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is 979 gdb reading a CPU register, and set_reg is gdb modifying a CPU register. 980 */ 981 982 void gdb_register_coprocessor(CPUState *cpu, 983 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg, 984 int num_regs, const char *xml, int g_pos) 985 { 986 GDBRegisterState *s; 987 GDBRegisterState **p; 988 989 p = &cpu->gdb_regs; 990 while (*p) { 991 /* Check for duplicates. */ 992 if (strcmp((*p)->xml, xml) == 0) 993 return; 994 p = &(*p)->next; 995 } 996 997 s = g_new0(GDBRegisterState, 1); 998 s->base_reg = cpu->gdb_num_regs; 999 s->num_regs = num_regs; 1000 s->get_reg = get_reg; 1001 s->set_reg = set_reg; 1002 s->xml = xml; 1003 1004 /* Add to end of list. */ 1005 cpu->gdb_num_regs += num_regs; 1006 *p = s; 1007 if (g_pos) { 1008 if (g_pos != s->base_reg) { 1009 error_report("Error: Bad gdb register numbering for '%s', " 1010 "expected %d got %d", xml, g_pos, s->base_reg); 1011 } else { 1012 cpu->gdb_num_g_regs = cpu->gdb_num_regs; 1013 } 1014 } 1015 } 1016 1017 static void gdb_process_breakpoint_remove_all(GDBProcess *p) 1018 { 1019 CPUState *cpu = get_first_cpu_in_process(p); 1020 1021 while (cpu) { 1022 gdb_breakpoint_remove_all(cpu); 1023 cpu = gdb_next_cpu_in_process(cpu); 1024 } 1025 } 1026 1027 1028 static void gdb_set_cpu_pc(target_ulong pc) 1029 { 1030 CPUState *cpu = gdbserver_state.c_cpu; 1031 1032 cpu_synchronize_state(cpu); 1033 cpu_set_pc(cpu, pc); 1034 } 1035 1036 static void gdb_append_thread_id(CPUState *cpu, GString *buf) 1037 { 1038 if (gdbserver_state.multiprocess) { 1039 g_string_append_printf(buf, "p%02x.%02x", 1040 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu)); 1041 } else { 1042 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu)); 1043 } 1044 } 1045 1046 typedef enum GDBThreadIdKind { 1047 GDB_ONE_THREAD = 0, 1048 GDB_ALL_THREADS, /* One process, all threads */ 1049 GDB_ALL_PROCESSES, 1050 GDB_READ_THREAD_ERR 1051 } GDBThreadIdKind; 1052 1053 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf, 1054 uint32_t *pid, uint32_t *tid) 1055 { 1056 unsigned long p, t; 1057 int ret; 1058 1059 if (*buf == 'p') { 1060 buf++; 1061 ret = qemu_strtoul(buf, &buf, 16, &p); 1062 1063 if (ret) { 1064 return GDB_READ_THREAD_ERR; 1065 } 1066 1067 /* Skip '.' */ 1068 buf++; 1069 } else { 1070 p = 1; 1071 } 1072 1073 ret = qemu_strtoul(buf, &buf, 16, &t); 1074 1075 if (ret) { 1076 return GDB_READ_THREAD_ERR; 1077 } 1078 1079 *end_buf = buf; 1080 1081 if (p == -1) { 1082 return GDB_ALL_PROCESSES; 1083 } 1084 1085 if (pid) { 1086 *pid = p; 1087 } 1088 1089 if (t == -1) { 1090 return GDB_ALL_THREADS; 1091 } 1092 1093 if (tid) { 1094 *tid = t; 1095 } 1096 1097 return GDB_ONE_THREAD; 1098 } 1099 1100 /** 1101 * gdb_handle_vcont - Parses and handles a vCont packet. 1102 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is 1103 * a format error, 0 on success. 1104 */ 1105 static int gdb_handle_vcont(const char *p) 1106 { 1107 int res, signal = 0; 1108 char cur_action; 1109 char *newstates; 1110 unsigned long tmp; 1111 uint32_t pid, tid; 1112 GDBProcess *process; 1113 CPUState *cpu; 1114 GDBThreadIdKind kind; 1115 #ifdef CONFIG_USER_ONLY 1116 int max_cpus = 1; /* global variable max_cpus exists only in system mode */ 1117 1118 CPU_FOREACH(cpu) { 1119 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus; 1120 } 1121 #else 1122 MachineState *ms = MACHINE(qdev_get_machine()); 1123 unsigned int max_cpus = ms->smp.max_cpus; 1124 #endif 1125 /* uninitialised CPUs stay 0 */ 1126 newstates = g_new0(char, max_cpus); 1127 1128 /* mark valid CPUs with 1 */ 1129 CPU_FOREACH(cpu) { 1130 newstates[cpu->cpu_index] = 1; 1131 } 1132 1133 /* 1134 * res keeps track of what error we are returning, with -ENOTSUP meaning 1135 * that the command is unknown or unsupported, thus returning an empty 1136 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid, 1137 * or incorrect parameters passed. 1138 */ 1139 res = 0; 1140 while (*p) { 1141 if (*p++ != ';') { 1142 res = -ENOTSUP; 1143 goto out; 1144 } 1145 1146 cur_action = *p++; 1147 if (cur_action == 'C' || cur_action == 'S') { 1148 cur_action = qemu_tolower(cur_action); 1149 res = qemu_strtoul(p, &p, 16, &tmp); 1150 if (res) { 1151 goto out; 1152 } 1153 signal = gdb_signal_to_target(tmp); 1154 } else if (cur_action != 'c' && cur_action != 's') { 1155 /* unknown/invalid/unsupported command */ 1156 res = -ENOTSUP; 1157 goto out; 1158 } 1159 1160 if (*p == '\0' || *p == ';') { 1161 /* 1162 * No thread specifier, action is on "all threads". The 1163 * specification is unclear regarding the process to act on. We 1164 * choose all processes. 1165 */ 1166 kind = GDB_ALL_PROCESSES; 1167 } else if (*p++ == ':') { 1168 kind = read_thread_id(p, &p, &pid, &tid); 1169 } else { 1170 res = -ENOTSUP; 1171 goto out; 1172 } 1173 1174 switch (kind) { 1175 case GDB_READ_THREAD_ERR: 1176 res = -EINVAL; 1177 goto out; 1178 1179 case GDB_ALL_PROCESSES: 1180 cpu = gdb_first_attached_cpu(); 1181 while (cpu) { 1182 if (newstates[cpu->cpu_index] == 1) { 1183 newstates[cpu->cpu_index] = cur_action; 1184 } 1185 1186 cpu = gdb_next_attached_cpu(cpu); 1187 } 1188 break; 1189 1190 case GDB_ALL_THREADS: 1191 process = gdb_get_process(pid); 1192 1193 if (!process->attached) { 1194 res = -EINVAL; 1195 goto out; 1196 } 1197 1198 cpu = get_first_cpu_in_process(process); 1199 while (cpu) { 1200 if (newstates[cpu->cpu_index] == 1) { 1201 newstates[cpu->cpu_index] = cur_action; 1202 } 1203 1204 cpu = gdb_next_cpu_in_process(cpu); 1205 } 1206 break; 1207 1208 case GDB_ONE_THREAD: 1209 cpu = gdb_get_cpu(pid, tid); 1210 1211 /* invalid CPU/thread specified */ 1212 if (!cpu) { 1213 res = -EINVAL; 1214 goto out; 1215 } 1216 1217 /* only use if no previous match occourred */ 1218 if (newstates[cpu->cpu_index] == 1) { 1219 newstates[cpu->cpu_index] = cur_action; 1220 } 1221 break; 1222 } 1223 } 1224 gdbserver_state.signal = signal; 1225 gdb_continue_partial(newstates); 1226 1227 out: 1228 g_free(newstates); 1229 1230 return res; 1231 } 1232 1233 typedef union GdbCmdVariant { 1234 const char *data; 1235 uint8_t opcode; 1236 unsigned long val_ul; 1237 unsigned long long val_ull; 1238 struct { 1239 GDBThreadIdKind kind; 1240 uint32_t pid; 1241 uint32_t tid; 1242 } thread_id; 1243 } GdbCmdVariant; 1244 1245 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i)) 1246 1247 static const char *cmd_next_param(const char *param, const char delimiter) 1248 { 1249 static const char all_delimiters[] = ",;:="; 1250 char curr_delimiters[2] = {0}; 1251 const char *delimiters; 1252 1253 if (delimiter == '?') { 1254 delimiters = all_delimiters; 1255 } else if (delimiter == '0') { 1256 return strchr(param, '\0'); 1257 } else if (delimiter == '.' && *param) { 1258 return param + 1; 1259 } else { 1260 curr_delimiters[0] = delimiter; 1261 delimiters = curr_delimiters; 1262 } 1263 1264 param += strcspn(param, delimiters); 1265 if (*param) { 1266 param++; 1267 } 1268 return param; 1269 } 1270 1271 static int cmd_parse_params(const char *data, const char *schema, 1272 GArray *params) 1273 { 1274 const char *curr_schema, *curr_data; 1275 1276 g_assert(schema); 1277 g_assert(params->len == 0); 1278 1279 curr_schema = schema; 1280 curr_data = data; 1281 while (curr_schema[0] && curr_schema[1] && *curr_data) { 1282 GdbCmdVariant this_param; 1283 1284 switch (curr_schema[0]) { 1285 case 'l': 1286 if (qemu_strtoul(curr_data, &curr_data, 16, 1287 &this_param.val_ul)) { 1288 return -EINVAL; 1289 } 1290 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1291 g_array_append_val(params, this_param); 1292 break; 1293 case 'L': 1294 if (qemu_strtou64(curr_data, &curr_data, 16, 1295 (uint64_t *)&this_param.val_ull)) { 1296 return -EINVAL; 1297 } 1298 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1299 g_array_append_val(params, this_param); 1300 break; 1301 case 's': 1302 this_param.data = curr_data; 1303 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1304 g_array_append_val(params, this_param); 1305 break; 1306 case 'o': 1307 this_param.opcode = *(uint8_t *)curr_data; 1308 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1309 g_array_append_val(params, this_param); 1310 break; 1311 case 't': 1312 this_param.thread_id.kind = 1313 read_thread_id(curr_data, &curr_data, 1314 &this_param.thread_id.pid, 1315 &this_param.thread_id.tid); 1316 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1317 g_array_append_val(params, this_param); 1318 break; 1319 case '?': 1320 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1321 break; 1322 default: 1323 return -EINVAL; 1324 } 1325 curr_schema += 2; 1326 } 1327 1328 return 0; 1329 } 1330 1331 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx); 1332 1333 /* 1334 * cmd_startswith -> cmd is compared using startswith 1335 * 1336 * 1337 * schema definitions: 1338 * Each schema parameter entry consists of 2 chars, 1339 * the first char represents the parameter type handling 1340 * the second char represents the delimiter for the next parameter 1341 * 1342 * Currently supported schema types: 1343 * 'l' -> unsigned long (stored in .val_ul) 1344 * 'L' -> unsigned long long (stored in .val_ull) 1345 * 's' -> string (stored in .data) 1346 * 'o' -> single char (stored in .opcode) 1347 * 't' -> thread id (stored in .thread_id) 1348 * '?' -> skip according to delimiter 1349 * 1350 * Currently supported delimiters: 1351 * '?' -> Stop at any delimiter (",;:=\0") 1352 * '0' -> Stop at "\0" 1353 * '.' -> Skip 1 char unless reached "\0" 1354 * Any other value is treated as the delimiter value itself 1355 */ 1356 typedef struct GdbCmdParseEntry { 1357 GdbCmdHandler handler; 1358 const char *cmd; 1359 bool cmd_startswith; 1360 const char *schema; 1361 } GdbCmdParseEntry; 1362 1363 static inline int startswith(const char *string, const char *pattern) 1364 { 1365 return !strncmp(string, pattern, strlen(pattern)); 1366 } 1367 1368 static int process_string_cmd(void *user_ctx, const char *data, 1369 const GdbCmdParseEntry *cmds, int num_cmds) 1370 { 1371 int i; 1372 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant)); 1373 1374 if (!cmds) { 1375 return -1; 1376 } 1377 1378 for (i = 0; i < num_cmds; i++) { 1379 const GdbCmdParseEntry *cmd = &cmds[i]; 1380 g_assert(cmd->handler && cmd->cmd); 1381 1382 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) || 1383 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) { 1384 continue; 1385 } 1386 1387 if (cmd->schema) { 1388 if (cmd_parse_params(&data[strlen(cmd->cmd)], 1389 cmd->schema, params)) { 1390 return -1; 1391 } 1392 } 1393 1394 cmd->handler(params, user_ctx); 1395 return 0; 1396 } 1397 1398 return -1; 1399 } 1400 1401 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd) 1402 { 1403 if (!data) { 1404 return; 1405 } 1406 1407 g_string_set_size(gdbserver_state.str_buf, 0); 1408 g_byte_array_set_size(gdbserver_state.mem_buf, 0); 1409 1410 /* In case there was an error during the command parsing we must 1411 * send a NULL packet to indicate the command is not supported */ 1412 if (process_string_cmd(NULL, data, cmd, 1)) { 1413 put_packet(""); 1414 } 1415 } 1416 1417 static void handle_detach(GArray *params, void *user_ctx) 1418 { 1419 GDBProcess *process; 1420 uint32_t pid = 1; 1421 1422 if (gdbserver_state.multiprocess) { 1423 if (!params->len) { 1424 put_packet("E22"); 1425 return; 1426 } 1427 1428 pid = get_param(params, 0)->val_ul; 1429 } 1430 1431 process = gdb_get_process(pid); 1432 gdb_process_breakpoint_remove_all(process); 1433 process->attached = false; 1434 1435 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) { 1436 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 1437 } 1438 1439 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) { 1440 gdbserver_state.g_cpu = gdb_first_attached_cpu(); 1441 } 1442 1443 if (!gdbserver_state.c_cpu) { 1444 /* No more process attached */ 1445 gdb_syscall_mode = GDB_SYS_DISABLED; 1446 gdb_continue(); 1447 } 1448 put_packet("OK"); 1449 } 1450 1451 static void handle_thread_alive(GArray *params, void *user_ctx) 1452 { 1453 CPUState *cpu; 1454 1455 if (!params->len) { 1456 put_packet("E22"); 1457 return; 1458 } 1459 1460 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) { 1461 put_packet("E22"); 1462 return; 1463 } 1464 1465 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid, 1466 get_param(params, 0)->thread_id.tid); 1467 if (!cpu) { 1468 put_packet("E22"); 1469 return; 1470 } 1471 1472 put_packet("OK"); 1473 } 1474 1475 static void handle_continue(GArray *params, void *user_ctx) 1476 { 1477 if (params->len) { 1478 gdb_set_cpu_pc(get_param(params, 0)->val_ull); 1479 } 1480 1481 gdbserver_state.signal = 0; 1482 gdb_continue(); 1483 } 1484 1485 static void handle_cont_with_sig(GArray *params, void *user_ctx) 1486 { 1487 unsigned long signal = 0; 1488 1489 /* 1490 * Note: C sig;[addr] is currently unsupported and we simply 1491 * omit the addr parameter 1492 */ 1493 if (params->len) { 1494 signal = get_param(params, 0)->val_ul; 1495 } 1496 1497 gdbserver_state.signal = gdb_signal_to_target(signal); 1498 if (gdbserver_state.signal == -1) { 1499 gdbserver_state.signal = 0; 1500 } 1501 gdb_continue(); 1502 } 1503 1504 static void handle_set_thread(GArray *params, void *user_ctx) 1505 { 1506 CPUState *cpu; 1507 1508 if (params->len != 2) { 1509 put_packet("E22"); 1510 return; 1511 } 1512 1513 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) { 1514 put_packet("E22"); 1515 return; 1516 } 1517 1518 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) { 1519 put_packet("OK"); 1520 return; 1521 } 1522 1523 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid, 1524 get_param(params, 1)->thread_id.tid); 1525 if (!cpu) { 1526 put_packet("E22"); 1527 return; 1528 } 1529 1530 /* 1531 * Note: This command is deprecated and modern gdb's will be using the 1532 * vCont command instead. 1533 */ 1534 switch (get_param(params, 0)->opcode) { 1535 case 'c': 1536 gdbserver_state.c_cpu = cpu; 1537 put_packet("OK"); 1538 break; 1539 case 'g': 1540 gdbserver_state.g_cpu = cpu; 1541 put_packet("OK"); 1542 break; 1543 default: 1544 put_packet("E22"); 1545 break; 1546 } 1547 } 1548 1549 static void handle_insert_bp(GArray *params, void *user_ctx) 1550 { 1551 int res; 1552 1553 if (params->len != 3) { 1554 put_packet("E22"); 1555 return; 1556 } 1557 1558 res = gdb_breakpoint_insert(gdbserver_state.c_cpu, 1559 get_param(params, 0)->val_ul, 1560 get_param(params, 1)->val_ull, 1561 get_param(params, 2)->val_ull); 1562 if (res >= 0) { 1563 put_packet("OK"); 1564 return; 1565 } else if (res == -ENOSYS) { 1566 put_packet(""); 1567 return; 1568 } 1569 1570 put_packet("E22"); 1571 } 1572 1573 static void handle_remove_bp(GArray *params, void *user_ctx) 1574 { 1575 int res; 1576 1577 if (params->len != 3) { 1578 put_packet("E22"); 1579 return; 1580 } 1581 1582 res = gdb_breakpoint_remove(gdbserver_state.c_cpu, 1583 get_param(params, 0)->val_ul, 1584 get_param(params, 1)->val_ull, 1585 get_param(params, 2)->val_ull); 1586 if (res >= 0) { 1587 put_packet("OK"); 1588 return; 1589 } else if (res == -ENOSYS) { 1590 put_packet(""); 1591 return; 1592 } 1593 1594 put_packet("E22"); 1595 } 1596 1597 /* 1598 * handle_set/get_reg 1599 * 1600 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available. 1601 * This works, but can be very slow. Anything new enough to understand 1602 * XML also knows how to use this properly. However to use this we 1603 * need to define a local XML file as well as be talking to a 1604 * reasonably modern gdb. Responding with an empty packet will cause 1605 * the remote gdb to fallback to older methods. 1606 */ 1607 1608 static void handle_set_reg(GArray *params, void *user_ctx) 1609 { 1610 int reg_size; 1611 1612 if (!gdb_has_xml) { 1613 put_packet(""); 1614 return; 1615 } 1616 1617 if (params->len != 2) { 1618 put_packet("E22"); 1619 return; 1620 } 1621 1622 reg_size = strlen(get_param(params, 1)->data) / 2; 1623 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size); 1624 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data, 1625 get_param(params, 0)->val_ull); 1626 put_packet("OK"); 1627 } 1628 1629 static void handle_get_reg(GArray *params, void *user_ctx) 1630 { 1631 int reg_size; 1632 1633 if (!gdb_has_xml) { 1634 put_packet(""); 1635 return; 1636 } 1637 1638 if (!params->len) { 1639 put_packet("E14"); 1640 return; 1641 } 1642 1643 reg_size = gdb_read_register(gdbserver_state.g_cpu, 1644 gdbserver_state.mem_buf, 1645 get_param(params, 0)->val_ull); 1646 if (!reg_size) { 1647 put_packet("E14"); 1648 return; 1649 } else { 1650 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size); 1651 } 1652 1653 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size); 1654 put_strbuf(); 1655 } 1656 1657 static void handle_write_mem(GArray *params, void *user_ctx) 1658 { 1659 if (params->len != 3) { 1660 put_packet("E22"); 1661 return; 1662 } 1663 1664 /* hextomem() reads 2*len bytes */ 1665 if (get_param(params, 1)->val_ull > 1666 strlen(get_param(params, 2)->data) / 2) { 1667 put_packet("E22"); 1668 return; 1669 } 1670 1671 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data, 1672 get_param(params, 1)->val_ull); 1673 if (target_memory_rw_debug(gdbserver_state.g_cpu, 1674 get_param(params, 0)->val_ull, 1675 gdbserver_state.mem_buf->data, 1676 gdbserver_state.mem_buf->len, true)) { 1677 put_packet("E14"); 1678 return; 1679 } 1680 1681 put_packet("OK"); 1682 } 1683 1684 static void handle_read_mem(GArray *params, void *user_ctx) 1685 { 1686 if (params->len != 2) { 1687 put_packet("E22"); 1688 return; 1689 } 1690 1691 /* memtohex() doubles the required space */ 1692 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) { 1693 put_packet("E22"); 1694 return; 1695 } 1696 1697 g_byte_array_set_size(gdbserver_state.mem_buf, 1698 get_param(params, 1)->val_ull); 1699 1700 if (target_memory_rw_debug(gdbserver_state.g_cpu, 1701 get_param(params, 0)->val_ull, 1702 gdbserver_state.mem_buf->data, 1703 gdbserver_state.mem_buf->len, false)) { 1704 put_packet("E14"); 1705 return; 1706 } 1707 1708 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, 1709 gdbserver_state.mem_buf->len); 1710 put_strbuf(); 1711 } 1712 1713 static void handle_write_all_regs(GArray *params, void *user_ctx) 1714 { 1715 target_ulong addr, len; 1716 uint8_t *registers; 1717 int reg_size; 1718 1719 if (!params->len) { 1720 return; 1721 } 1722 1723 cpu_synchronize_state(gdbserver_state.g_cpu); 1724 len = strlen(get_param(params, 0)->data) / 2; 1725 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len); 1726 registers = gdbserver_state.mem_buf->data; 1727 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0; 1728 addr++) { 1729 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr); 1730 len -= reg_size; 1731 registers += reg_size; 1732 } 1733 put_packet("OK"); 1734 } 1735 1736 static void handle_read_all_regs(GArray *params, void *user_ctx) 1737 { 1738 target_ulong addr, len; 1739 1740 cpu_synchronize_state(gdbserver_state.g_cpu); 1741 g_byte_array_set_size(gdbserver_state.mem_buf, 0); 1742 len = 0; 1743 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) { 1744 len += gdb_read_register(gdbserver_state.g_cpu, 1745 gdbserver_state.mem_buf, 1746 addr); 1747 } 1748 g_assert(len == gdbserver_state.mem_buf->len); 1749 1750 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len); 1751 put_strbuf(); 1752 } 1753 1754 static void handle_file_io(GArray *params, void *user_ctx) 1755 { 1756 if (params->len >= 1 && gdbserver_state.current_syscall_cb) { 1757 uint64_t ret; 1758 int err; 1759 1760 ret = get_param(params, 0)->val_ull; 1761 if (params->len >= 2) { 1762 err = get_param(params, 1)->val_ull; 1763 } else { 1764 err = 0; 1765 } 1766 1767 /* Convert GDB error numbers back to host error numbers. */ 1768 #define E(X) case GDB_E##X: err = E##X; break 1769 switch (err) { 1770 case 0: 1771 break; 1772 E(PERM); 1773 E(NOENT); 1774 E(INTR); 1775 E(BADF); 1776 E(ACCES); 1777 E(FAULT); 1778 E(BUSY); 1779 E(EXIST); 1780 E(NODEV); 1781 E(NOTDIR); 1782 E(ISDIR); 1783 E(INVAL); 1784 E(NFILE); 1785 E(MFILE); 1786 E(FBIG); 1787 E(NOSPC); 1788 E(SPIPE); 1789 E(ROFS); 1790 E(NAMETOOLONG); 1791 default: 1792 err = EINVAL; 1793 break; 1794 } 1795 #undef E 1796 1797 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err); 1798 gdbserver_state.current_syscall_cb = NULL; 1799 } 1800 1801 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') { 1802 put_packet("T02"); 1803 return; 1804 } 1805 1806 gdb_continue(); 1807 } 1808 1809 static void handle_step(GArray *params, void *user_ctx) 1810 { 1811 if (params->len) { 1812 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull); 1813 } 1814 1815 cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags); 1816 gdb_continue(); 1817 } 1818 1819 static void handle_backward(GArray *params, void *user_ctx) 1820 { 1821 if (!stub_can_reverse()) { 1822 put_packet("E22"); 1823 } 1824 if (params->len == 1) { 1825 switch (get_param(params, 0)->opcode) { 1826 case 's': 1827 if (replay_reverse_step()) { 1828 gdb_continue(); 1829 } else { 1830 put_packet("E14"); 1831 } 1832 return; 1833 case 'c': 1834 if (replay_reverse_continue()) { 1835 gdb_continue(); 1836 } else { 1837 put_packet("E14"); 1838 } 1839 return; 1840 } 1841 } 1842 1843 /* Default invalid command */ 1844 put_packet(""); 1845 } 1846 1847 static void handle_v_cont_query(GArray *params, void *user_ctx) 1848 { 1849 put_packet("vCont;c;C;s;S"); 1850 } 1851 1852 static void handle_v_cont(GArray *params, void *user_ctx) 1853 { 1854 int res; 1855 1856 if (!params->len) { 1857 return; 1858 } 1859 1860 res = gdb_handle_vcont(get_param(params, 0)->data); 1861 if ((res == -EINVAL) || (res == -ERANGE)) { 1862 put_packet("E22"); 1863 } else if (res) { 1864 put_packet(""); 1865 } 1866 } 1867 1868 static void handle_v_attach(GArray *params, void *user_ctx) 1869 { 1870 GDBProcess *process; 1871 CPUState *cpu; 1872 1873 g_string_assign(gdbserver_state.str_buf, "E22"); 1874 if (!params->len) { 1875 goto cleanup; 1876 } 1877 1878 process = gdb_get_process(get_param(params, 0)->val_ul); 1879 if (!process) { 1880 goto cleanup; 1881 } 1882 1883 cpu = get_first_cpu_in_process(process); 1884 if (!cpu) { 1885 goto cleanup; 1886 } 1887 1888 process->attached = true; 1889 gdbserver_state.g_cpu = cpu; 1890 gdbserver_state.c_cpu = cpu; 1891 1892 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP); 1893 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 1894 g_string_append_c(gdbserver_state.str_buf, ';'); 1895 cleanup: 1896 put_strbuf(); 1897 } 1898 1899 static void handle_v_kill(GArray *params, void *user_ctx) 1900 { 1901 /* Kill the target */ 1902 put_packet("OK"); 1903 error_report("QEMU: Terminated via GDBstub"); 1904 gdb_exit(0); 1905 exit(0); 1906 } 1907 1908 static const GdbCmdParseEntry gdb_v_commands_table[] = { 1909 /* Order is important if has same prefix */ 1910 { 1911 .handler = handle_v_cont_query, 1912 .cmd = "Cont?", 1913 .cmd_startswith = 1 1914 }, 1915 { 1916 .handler = handle_v_cont, 1917 .cmd = "Cont", 1918 .cmd_startswith = 1, 1919 .schema = "s0" 1920 }, 1921 { 1922 .handler = handle_v_attach, 1923 .cmd = "Attach;", 1924 .cmd_startswith = 1, 1925 .schema = "l0" 1926 }, 1927 { 1928 .handler = handle_v_kill, 1929 .cmd = "Kill;", 1930 .cmd_startswith = 1 1931 }, 1932 }; 1933 1934 static void handle_v_commands(GArray *params, void *user_ctx) 1935 { 1936 if (!params->len) { 1937 return; 1938 } 1939 1940 if (process_string_cmd(NULL, get_param(params, 0)->data, 1941 gdb_v_commands_table, 1942 ARRAY_SIZE(gdb_v_commands_table))) { 1943 put_packet(""); 1944 } 1945 } 1946 1947 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx) 1948 { 1949 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE); 1950 1951 if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) { 1952 g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x", 1953 SSTEP_NOIRQ); 1954 } 1955 1956 if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) { 1957 g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x", 1958 SSTEP_NOTIMER); 1959 } 1960 1961 put_strbuf(); 1962 } 1963 1964 static void handle_set_qemu_sstep(GArray *params, void *user_ctx) 1965 { 1966 int new_sstep_flags; 1967 1968 if (!params->len) { 1969 return; 1970 } 1971 1972 new_sstep_flags = get_param(params, 0)->val_ul; 1973 1974 if (new_sstep_flags & ~gdbserver_state.supported_sstep_flags) { 1975 put_packet("E22"); 1976 return; 1977 } 1978 1979 gdbserver_state.sstep_flags = new_sstep_flags; 1980 put_packet("OK"); 1981 } 1982 1983 static void handle_query_qemu_sstep(GArray *params, void *user_ctx) 1984 { 1985 g_string_printf(gdbserver_state.str_buf, "0x%x", 1986 gdbserver_state.sstep_flags); 1987 put_strbuf(); 1988 } 1989 1990 static void handle_query_curr_tid(GArray *params, void *user_ctx) 1991 { 1992 CPUState *cpu; 1993 GDBProcess *process; 1994 1995 /* 1996 * "Current thread" remains vague in the spec, so always return 1997 * the first thread of the current process (gdb returns the 1998 * first thread). 1999 */ 2000 process = gdb_get_cpu_process(gdbserver_state.g_cpu); 2001 cpu = get_first_cpu_in_process(process); 2002 g_string_assign(gdbserver_state.str_buf, "QC"); 2003 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 2004 put_strbuf(); 2005 } 2006 2007 static void handle_query_threads(GArray *params, void *user_ctx) 2008 { 2009 if (!gdbserver_state.query_cpu) { 2010 put_packet("l"); 2011 return; 2012 } 2013 2014 g_string_assign(gdbserver_state.str_buf, "m"); 2015 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf); 2016 put_strbuf(); 2017 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu); 2018 } 2019 2020 static void handle_query_first_threads(GArray *params, void *user_ctx) 2021 { 2022 gdbserver_state.query_cpu = gdb_first_attached_cpu(); 2023 handle_query_threads(params, user_ctx); 2024 } 2025 2026 static void handle_query_thread_extra(GArray *params, void *user_ctx) 2027 { 2028 g_autoptr(GString) rs = g_string_new(NULL); 2029 CPUState *cpu; 2030 2031 if (!params->len || 2032 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) { 2033 put_packet("E22"); 2034 return; 2035 } 2036 2037 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid, 2038 get_param(params, 0)->thread_id.tid); 2039 if (!cpu) { 2040 return; 2041 } 2042 2043 cpu_synchronize_state(cpu); 2044 2045 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) { 2046 /* Print the CPU model and name in multiprocess mode */ 2047 ObjectClass *oc = object_get_class(OBJECT(cpu)); 2048 const char *cpu_model = object_class_get_name(oc); 2049 const char *cpu_name = 2050 object_get_canonical_path_component(OBJECT(cpu)); 2051 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name, 2052 cpu->halted ? "halted " : "running"); 2053 } else { 2054 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index, 2055 cpu->halted ? "halted " : "running"); 2056 } 2057 trace_gdbstub_op_extra_info(rs->str); 2058 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len); 2059 put_strbuf(); 2060 } 2061 2062 #ifdef CONFIG_USER_ONLY 2063 static void handle_query_offsets(GArray *params, void *user_ctx) 2064 { 2065 TaskState *ts; 2066 2067 ts = gdbserver_state.c_cpu->opaque; 2068 g_string_printf(gdbserver_state.str_buf, 2069 "Text=" TARGET_ABI_FMT_lx 2070 ";Data=" TARGET_ABI_FMT_lx 2071 ";Bss=" TARGET_ABI_FMT_lx, 2072 ts->info->code_offset, 2073 ts->info->data_offset, 2074 ts->info->data_offset); 2075 put_strbuf(); 2076 } 2077 #else 2078 static void handle_query_rcmd(GArray *params, void *user_ctx) 2079 { 2080 const guint8 zero = 0; 2081 int len; 2082 2083 if (!params->len) { 2084 put_packet("E22"); 2085 return; 2086 } 2087 2088 len = strlen(get_param(params, 0)->data); 2089 if (len % 2) { 2090 put_packet("E01"); 2091 return; 2092 } 2093 2094 g_assert(gdbserver_state.mem_buf->len == 0); 2095 len = len / 2; 2096 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len); 2097 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1); 2098 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data, 2099 gdbserver_state.mem_buf->len); 2100 put_packet("OK"); 2101 } 2102 #endif 2103 2104 static void handle_query_supported(GArray *params, void *user_ctx) 2105 { 2106 CPUClass *cc; 2107 2108 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH); 2109 cc = CPU_GET_CLASS(first_cpu); 2110 if (cc->gdb_core_xml_file) { 2111 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+"); 2112 } 2113 2114 if (stub_can_reverse()) { 2115 g_string_append(gdbserver_state.str_buf, 2116 ";ReverseStep+;ReverseContinue+"); 2117 } 2118 2119 #ifdef CONFIG_USER_ONLY 2120 if (gdbserver_state.c_cpu->opaque) { 2121 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+"); 2122 } 2123 #endif 2124 2125 if (params->len && 2126 strstr(get_param(params, 0)->data, "multiprocess+")) { 2127 gdbserver_state.multiprocess = true; 2128 } 2129 2130 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+"); 2131 put_strbuf(); 2132 } 2133 2134 static void handle_query_xfer_features(GArray *params, void *user_ctx) 2135 { 2136 GDBProcess *process; 2137 CPUClass *cc; 2138 unsigned long len, total_len, addr; 2139 const char *xml; 2140 const char *p; 2141 2142 if (params->len < 3) { 2143 put_packet("E22"); 2144 return; 2145 } 2146 2147 process = gdb_get_cpu_process(gdbserver_state.g_cpu); 2148 cc = CPU_GET_CLASS(gdbserver_state.g_cpu); 2149 if (!cc->gdb_core_xml_file) { 2150 put_packet(""); 2151 return; 2152 } 2153 2154 gdb_has_xml = true; 2155 p = get_param(params, 0)->data; 2156 xml = get_feature_xml(p, &p, process); 2157 if (!xml) { 2158 put_packet("E00"); 2159 return; 2160 } 2161 2162 addr = get_param(params, 1)->val_ul; 2163 len = get_param(params, 2)->val_ul; 2164 total_len = strlen(xml); 2165 if (addr > total_len) { 2166 put_packet("E00"); 2167 return; 2168 } 2169 2170 if (len > (MAX_PACKET_LENGTH - 5) / 2) { 2171 len = (MAX_PACKET_LENGTH - 5) / 2; 2172 } 2173 2174 if (len < total_len - addr) { 2175 g_string_assign(gdbserver_state.str_buf, "m"); 2176 memtox(gdbserver_state.str_buf, xml + addr, len); 2177 } else { 2178 g_string_assign(gdbserver_state.str_buf, "l"); 2179 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr); 2180 } 2181 2182 put_packet_binary(gdbserver_state.str_buf->str, 2183 gdbserver_state.str_buf->len, true); 2184 } 2185 2186 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER) 2187 static void handle_query_xfer_auxv(GArray *params, void *user_ctx) 2188 { 2189 TaskState *ts; 2190 unsigned long offset, len, saved_auxv, auxv_len; 2191 2192 if (params->len < 2) { 2193 put_packet("E22"); 2194 return; 2195 } 2196 2197 offset = get_param(params, 0)->val_ul; 2198 len = get_param(params, 1)->val_ul; 2199 ts = gdbserver_state.c_cpu->opaque; 2200 saved_auxv = ts->info->saved_auxv; 2201 auxv_len = ts->info->auxv_len; 2202 2203 if (offset >= auxv_len) { 2204 put_packet("E00"); 2205 return; 2206 } 2207 2208 if (len > (MAX_PACKET_LENGTH - 5) / 2) { 2209 len = (MAX_PACKET_LENGTH - 5) / 2; 2210 } 2211 2212 if (len < auxv_len - offset) { 2213 g_string_assign(gdbserver_state.str_buf, "m"); 2214 } else { 2215 g_string_assign(gdbserver_state.str_buf, "l"); 2216 len = auxv_len - offset; 2217 } 2218 2219 g_byte_array_set_size(gdbserver_state.mem_buf, len); 2220 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset, 2221 gdbserver_state.mem_buf->data, len, false)) { 2222 put_packet("E14"); 2223 return; 2224 } 2225 2226 memtox(gdbserver_state.str_buf, 2227 (const char *)gdbserver_state.mem_buf->data, len); 2228 put_packet_binary(gdbserver_state.str_buf->str, 2229 gdbserver_state.str_buf->len, true); 2230 } 2231 #endif 2232 2233 static void handle_query_attached(GArray *params, void *user_ctx) 2234 { 2235 put_packet(GDB_ATTACHED); 2236 } 2237 2238 static void handle_query_qemu_supported(GArray *params, void *user_ctx) 2239 { 2240 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep"); 2241 #ifndef CONFIG_USER_ONLY 2242 g_string_append(gdbserver_state.str_buf, ";PhyMemMode"); 2243 #endif 2244 put_strbuf(); 2245 } 2246 2247 #ifndef CONFIG_USER_ONLY 2248 static void handle_query_qemu_phy_mem_mode(GArray *params, 2249 void *user_ctx) 2250 { 2251 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode); 2252 put_strbuf(); 2253 } 2254 2255 static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx) 2256 { 2257 if (!params->len) { 2258 put_packet("E22"); 2259 return; 2260 } 2261 2262 if (!get_param(params, 0)->val_ul) { 2263 phy_memory_mode = 0; 2264 } else { 2265 phy_memory_mode = 1; 2266 } 2267 put_packet("OK"); 2268 } 2269 #endif 2270 2271 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = { 2272 /* Order is important if has same prefix */ 2273 { 2274 .handler = handle_query_qemu_sstepbits, 2275 .cmd = "qemu.sstepbits", 2276 }, 2277 { 2278 .handler = handle_query_qemu_sstep, 2279 .cmd = "qemu.sstep", 2280 }, 2281 { 2282 .handler = handle_set_qemu_sstep, 2283 .cmd = "qemu.sstep=", 2284 .cmd_startswith = 1, 2285 .schema = "l0" 2286 }, 2287 }; 2288 2289 static const GdbCmdParseEntry gdb_gen_query_table[] = { 2290 { 2291 .handler = handle_query_curr_tid, 2292 .cmd = "C", 2293 }, 2294 { 2295 .handler = handle_query_threads, 2296 .cmd = "sThreadInfo", 2297 }, 2298 { 2299 .handler = handle_query_first_threads, 2300 .cmd = "fThreadInfo", 2301 }, 2302 { 2303 .handler = handle_query_thread_extra, 2304 .cmd = "ThreadExtraInfo,", 2305 .cmd_startswith = 1, 2306 .schema = "t0" 2307 }, 2308 #ifdef CONFIG_USER_ONLY 2309 { 2310 .handler = handle_query_offsets, 2311 .cmd = "Offsets", 2312 }, 2313 #else 2314 { 2315 .handler = handle_query_rcmd, 2316 .cmd = "Rcmd,", 2317 .cmd_startswith = 1, 2318 .schema = "s0" 2319 }, 2320 #endif 2321 { 2322 .handler = handle_query_supported, 2323 .cmd = "Supported:", 2324 .cmd_startswith = 1, 2325 .schema = "s0" 2326 }, 2327 { 2328 .handler = handle_query_supported, 2329 .cmd = "Supported", 2330 .schema = "s0" 2331 }, 2332 { 2333 .handler = handle_query_xfer_features, 2334 .cmd = "Xfer:features:read:", 2335 .cmd_startswith = 1, 2336 .schema = "s:l,l0" 2337 }, 2338 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER) 2339 { 2340 .handler = handle_query_xfer_auxv, 2341 .cmd = "Xfer:auxv:read::", 2342 .cmd_startswith = 1, 2343 .schema = "l,l0" 2344 }, 2345 #endif 2346 { 2347 .handler = handle_query_attached, 2348 .cmd = "Attached:", 2349 .cmd_startswith = 1 2350 }, 2351 { 2352 .handler = handle_query_attached, 2353 .cmd = "Attached", 2354 }, 2355 { 2356 .handler = handle_query_qemu_supported, 2357 .cmd = "qemu.Supported", 2358 }, 2359 #ifndef CONFIG_USER_ONLY 2360 { 2361 .handler = handle_query_qemu_phy_mem_mode, 2362 .cmd = "qemu.PhyMemMode", 2363 }, 2364 #endif 2365 }; 2366 2367 static const GdbCmdParseEntry gdb_gen_set_table[] = { 2368 /* Order is important if has same prefix */ 2369 { 2370 .handler = handle_set_qemu_sstep, 2371 .cmd = "qemu.sstep:", 2372 .cmd_startswith = 1, 2373 .schema = "l0" 2374 }, 2375 #ifndef CONFIG_USER_ONLY 2376 { 2377 .handler = handle_set_qemu_phy_mem_mode, 2378 .cmd = "qemu.PhyMemMode:", 2379 .cmd_startswith = 1, 2380 .schema = "l0" 2381 }, 2382 #endif 2383 }; 2384 2385 static void handle_gen_query(GArray *params, void *user_ctx) 2386 { 2387 if (!params->len) { 2388 return; 2389 } 2390 2391 if (!process_string_cmd(NULL, get_param(params, 0)->data, 2392 gdb_gen_query_set_common_table, 2393 ARRAY_SIZE(gdb_gen_query_set_common_table))) { 2394 return; 2395 } 2396 2397 if (process_string_cmd(NULL, get_param(params, 0)->data, 2398 gdb_gen_query_table, 2399 ARRAY_SIZE(gdb_gen_query_table))) { 2400 put_packet(""); 2401 } 2402 } 2403 2404 static void handle_gen_set(GArray *params, void *user_ctx) 2405 { 2406 if (!params->len) { 2407 return; 2408 } 2409 2410 if (!process_string_cmd(NULL, get_param(params, 0)->data, 2411 gdb_gen_query_set_common_table, 2412 ARRAY_SIZE(gdb_gen_query_set_common_table))) { 2413 return; 2414 } 2415 2416 if (process_string_cmd(NULL, get_param(params, 0)->data, 2417 gdb_gen_set_table, 2418 ARRAY_SIZE(gdb_gen_set_table))) { 2419 put_packet(""); 2420 } 2421 } 2422 2423 static void handle_target_halt(GArray *params, void *user_ctx) 2424 { 2425 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP); 2426 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf); 2427 g_string_append_c(gdbserver_state.str_buf, ';'); 2428 put_strbuf(); 2429 /* 2430 * Remove all the breakpoints when this query is issued, 2431 * because gdb is doing an initial connect and the state 2432 * should be cleaned up. 2433 */ 2434 gdb_breakpoint_remove_all(gdbserver_state.c_cpu); 2435 } 2436 2437 static int gdb_handle_packet(const char *line_buf) 2438 { 2439 const GdbCmdParseEntry *cmd_parser = NULL; 2440 2441 trace_gdbstub_io_command(line_buf); 2442 2443 switch (line_buf[0]) { 2444 case '!': 2445 put_packet("OK"); 2446 break; 2447 case '?': 2448 { 2449 static const GdbCmdParseEntry target_halted_cmd_desc = { 2450 .handler = handle_target_halt, 2451 .cmd = "?", 2452 .cmd_startswith = 1 2453 }; 2454 cmd_parser = &target_halted_cmd_desc; 2455 } 2456 break; 2457 case 'c': 2458 { 2459 static const GdbCmdParseEntry continue_cmd_desc = { 2460 .handler = handle_continue, 2461 .cmd = "c", 2462 .cmd_startswith = 1, 2463 .schema = "L0" 2464 }; 2465 cmd_parser = &continue_cmd_desc; 2466 } 2467 break; 2468 case 'C': 2469 { 2470 static const GdbCmdParseEntry cont_with_sig_cmd_desc = { 2471 .handler = handle_cont_with_sig, 2472 .cmd = "C", 2473 .cmd_startswith = 1, 2474 .schema = "l0" 2475 }; 2476 cmd_parser = &cont_with_sig_cmd_desc; 2477 } 2478 break; 2479 case 'v': 2480 { 2481 static const GdbCmdParseEntry v_cmd_desc = { 2482 .handler = handle_v_commands, 2483 .cmd = "v", 2484 .cmd_startswith = 1, 2485 .schema = "s0" 2486 }; 2487 cmd_parser = &v_cmd_desc; 2488 } 2489 break; 2490 case 'k': 2491 /* Kill the target */ 2492 error_report("QEMU: Terminated via GDBstub"); 2493 gdb_exit(0); 2494 exit(0); 2495 case 'D': 2496 { 2497 static const GdbCmdParseEntry detach_cmd_desc = { 2498 .handler = handle_detach, 2499 .cmd = "D", 2500 .cmd_startswith = 1, 2501 .schema = "?.l0" 2502 }; 2503 cmd_parser = &detach_cmd_desc; 2504 } 2505 break; 2506 case 's': 2507 { 2508 static const GdbCmdParseEntry step_cmd_desc = { 2509 .handler = handle_step, 2510 .cmd = "s", 2511 .cmd_startswith = 1, 2512 .schema = "L0" 2513 }; 2514 cmd_parser = &step_cmd_desc; 2515 } 2516 break; 2517 case 'b': 2518 { 2519 static const GdbCmdParseEntry backward_cmd_desc = { 2520 .handler = handle_backward, 2521 .cmd = "b", 2522 .cmd_startswith = 1, 2523 .schema = "o0" 2524 }; 2525 cmd_parser = &backward_cmd_desc; 2526 } 2527 break; 2528 case 'F': 2529 { 2530 static const GdbCmdParseEntry file_io_cmd_desc = { 2531 .handler = handle_file_io, 2532 .cmd = "F", 2533 .cmd_startswith = 1, 2534 .schema = "L,L,o0" 2535 }; 2536 cmd_parser = &file_io_cmd_desc; 2537 } 2538 break; 2539 case 'g': 2540 { 2541 static const GdbCmdParseEntry read_all_regs_cmd_desc = { 2542 .handler = handle_read_all_regs, 2543 .cmd = "g", 2544 .cmd_startswith = 1 2545 }; 2546 cmd_parser = &read_all_regs_cmd_desc; 2547 } 2548 break; 2549 case 'G': 2550 { 2551 static const GdbCmdParseEntry write_all_regs_cmd_desc = { 2552 .handler = handle_write_all_regs, 2553 .cmd = "G", 2554 .cmd_startswith = 1, 2555 .schema = "s0" 2556 }; 2557 cmd_parser = &write_all_regs_cmd_desc; 2558 } 2559 break; 2560 case 'm': 2561 { 2562 static const GdbCmdParseEntry read_mem_cmd_desc = { 2563 .handler = handle_read_mem, 2564 .cmd = "m", 2565 .cmd_startswith = 1, 2566 .schema = "L,L0" 2567 }; 2568 cmd_parser = &read_mem_cmd_desc; 2569 } 2570 break; 2571 case 'M': 2572 { 2573 static const GdbCmdParseEntry write_mem_cmd_desc = { 2574 .handler = handle_write_mem, 2575 .cmd = "M", 2576 .cmd_startswith = 1, 2577 .schema = "L,L:s0" 2578 }; 2579 cmd_parser = &write_mem_cmd_desc; 2580 } 2581 break; 2582 case 'p': 2583 { 2584 static const GdbCmdParseEntry get_reg_cmd_desc = { 2585 .handler = handle_get_reg, 2586 .cmd = "p", 2587 .cmd_startswith = 1, 2588 .schema = "L0" 2589 }; 2590 cmd_parser = &get_reg_cmd_desc; 2591 } 2592 break; 2593 case 'P': 2594 { 2595 static const GdbCmdParseEntry set_reg_cmd_desc = { 2596 .handler = handle_set_reg, 2597 .cmd = "P", 2598 .cmd_startswith = 1, 2599 .schema = "L?s0" 2600 }; 2601 cmd_parser = &set_reg_cmd_desc; 2602 } 2603 break; 2604 case 'Z': 2605 { 2606 static const GdbCmdParseEntry insert_bp_cmd_desc = { 2607 .handler = handle_insert_bp, 2608 .cmd = "Z", 2609 .cmd_startswith = 1, 2610 .schema = "l?L?L0" 2611 }; 2612 cmd_parser = &insert_bp_cmd_desc; 2613 } 2614 break; 2615 case 'z': 2616 { 2617 static const GdbCmdParseEntry remove_bp_cmd_desc = { 2618 .handler = handle_remove_bp, 2619 .cmd = "z", 2620 .cmd_startswith = 1, 2621 .schema = "l?L?L0" 2622 }; 2623 cmd_parser = &remove_bp_cmd_desc; 2624 } 2625 break; 2626 case 'H': 2627 { 2628 static const GdbCmdParseEntry set_thread_cmd_desc = { 2629 .handler = handle_set_thread, 2630 .cmd = "H", 2631 .cmd_startswith = 1, 2632 .schema = "o.t0" 2633 }; 2634 cmd_parser = &set_thread_cmd_desc; 2635 } 2636 break; 2637 case 'T': 2638 { 2639 static const GdbCmdParseEntry thread_alive_cmd_desc = { 2640 .handler = handle_thread_alive, 2641 .cmd = "T", 2642 .cmd_startswith = 1, 2643 .schema = "t0" 2644 }; 2645 cmd_parser = &thread_alive_cmd_desc; 2646 } 2647 break; 2648 case 'q': 2649 { 2650 static const GdbCmdParseEntry gen_query_cmd_desc = { 2651 .handler = handle_gen_query, 2652 .cmd = "q", 2653 .cmd_startswith = 1, 2654 .schema = "s0" 2655 }; 2656 cmd_parser = &gen_query_cmd_desc; 2657 } 2658 break; 2659 case 'Q': 2660 { 2661 static const GdbCmdParseEntry gen_set_cmd_desc = { 2662 .handler = handle_gen_set, 2663 .cmd = "Q", 2664 .cmd_startswith = 1, 2665 .schema = "s0" 2666 }; 2667 cmd_parser = &gen_set_cmd_desc; 2668 } 2669 break; 2670 default: 2671 /* put empty packet */ 2672 put_packet(""); 2673 break; 2674 } 2675 2676 if (cmd_parser) { 2677 run_cmd_parser(line_buf, cmd_parser); 2678 } 2679 2680 return RS_IDLE; 2681 } 2682 2683 void gdb_set_stop_cpu(CPUState *cpu) 2684 { 2685 GDBProcess *p = gdb_get_cpu_process(cpu); 2686 2687 if (!p->attached) { 2688 /* 2689 * Having a stop CPU corresponding to a process that is not attached 2690 * confuses GDB. So we ignore the request. 2691 */ 2692 return; 2693 } 2694 2695 gdbserver_state.c_cpu = cpu; 2696 gdbserver_state.g_cpu = cpu; 2697 } 2698 2699 #ifndef CONFIG_USER_ONLY 2700 static void gdb_vm_state_change(void *opaque, bool running, RunState state) 2701 { 2702 CPUState *cpu = gdbserver_state.c_cpu; 2703 g_autoptr(GString) buf = g_string_new(NULL); 2704 g_autoptr(GString) tid = g_string_new(NULL); 2705 const char *type; 2706 int ret; 2707 2708 if (running || gdbserver_state.state == RS_INACTIVE) { 2709 return; 2710 } 2711 /* Is there a GDB syscall waiting to be sent? */ 2712 if (gdbserver_state.current_syscall_cb) { 2713 put_packet(gdbserver_state.syscall_buf); 2714 return; 2715 } 2716 2717 if (cpu == NULL) { 2718 /* No process attached */ 2719 return; 2720 } 2721 2722 gdb_append_thread_id(cpu, tid); 2723 2724 switch (state) { 2725 case RUN_STATE_DEBUG: 2726 if (cpu->watchpoint_hit) { 2727 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) { 2728 case BP_MEM_READ: 2729 type = "r"; 2730 break; 2731 case BP_MEM_ACCESS: 2732 type = "a"; 2733 break; 2734 default: 2735 type = ""; 2736 break; 2737 } 2738 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu), 2739 (target_ulong)cpu->watchpoint_hit->vaddr); 2740 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";", 2741 GDB_SIGNAL_TRAP, tid->str, type, 2742 (target_ulong)cpu->watchpoint_hit->vaddr); 2743 cpu->watchpoint_hit = NULL; 2744 goto send_packet; 2745 } else { 2746 trace_gdbstub_hit_break(); 2747 } 2748 tb_flush(cpu); 2749 ret = GDB_SIGNAL_TRAP; 2750 break; 2751 case RUN_STATE_PAUSED: 2752 trace_gdbstub_hit_paused(); 2753 ret = GDB_SIGNAL_INT; 2754 break; 2755 case RUN_STATE_SHUTDOWN: 2756 trace_gdbstub_hit_shutdown(); 2757 ret = GDB_SIGNAL_QUIT; 2758 break; 2759 case RUN_STATE_IO_ERROR: 2760 trace_gdbstub_hit_io_error(); 2761 ret = GDB_SIGNAL_IO; 2762 break; 2763 case RUN_STATE_WATCHDOG: 2764 trace_gdbstub_hit_watchdog(); 2765 ret = GDB_SIGNAL_ALRM; 2766 break; 2767 case RUN_STATE_INTERNAL_ERROR: 2768 trace_gdbstub_hit_internal_error(); 2769 ret = GDB_SIGNAL_ABRT; 2770 break; 2771 case RUN_STATE_SAVE_VM: 2772 case RUN_STATE_RESTORE_VM: 2773 return; 2774 case RUN_STATE_FINISH_MIGRATE: 2775 ret = GDB_SIGNAL_XCPU; 2776 break; 2777 default: 2778 trace_gdbstub_hit_unknown(state); 2779 ret = GDB_SIGNAL_UNKNOWN; 2780 break; 2781 } 2782 gdb_set_stop_cpu(cpu); 2783 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str); 2784 2785 send_packet: 2786 put_packet(buf->str); 2787 2788 /* disable single step if it was enabled */ 2789 cpu_single_step(cpu, 0); 2790 } 2791 #endif 2792 2793 /* Send a gdb syscall request. 2794 This accepts limited printf-style format specifiers, specifically: 2795 %x - target_ulong argument printed in hex. 2796 %lx - 64-bit argument printed in hex. 2797 %s - string pointer (target_ulong) and length (int) pair. */ 2798 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va) 2799 { 2800 char *p; 2801 char *p_end; 2802 target_ulong addr; 2803 uint64_t i64; 2804 2805 if (!gdb_attached()) { 2806 return; 2807 } 2808 2809 gdbserver_state.current_syscall_cb = cb; 2810 #ifndef CONFIG_USER_ONLY 2811 vm_stop(RUN_STATE_DEBUG); 2812 #endif 2813 p = &gdbserver_state.syscall_buf[0]; 2814 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)]; 2815 *(p++) = 'F'; 2816 while (*fmt) { 2817 if (*fmt == '%') { 2818 fmt++; 2819 switch (*fmt++) { 2820 case 'x': 2821 addr = va_arg(va, target_ulong); 2822 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr); 2823 break; 2824 case 'l': 2825 if (*(fmt++) != 'x') 2826 goto bad_format; 2827 i64 = va_arg(va, uint64_t); 2828 p += snprintf(p, p_end - p, "%" PRIx64, i64); 2829 break; 2830 case 's': 2831 addr = va_arg(va, target_ulong); 2832 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x", 2833 addr, va_arg(va, int)); 2834 break; 2835 default: 2836 bad_format: 2837 error_report("gdbstub: Bad syscall format string '%s'", 2838 fmt - 1); 2839 break; 2840 } 2841 } else { 2842 *(p++) = *(fmt++); 2843 } 2844 } 2845 *p = 0; 2846 #ifdef CONFIG_USER_ONLY 2847 put_packet(gdbserver_state.syscall_buf); 2848 /* Return control to gdb for it to process the syscall request. 2849 * Since the protocol requires that gdb hands control back to us 2850 * using a "here are the results" F packet, we don't need to check 2851 * gdb_handlesig's return value (which is the signal to deliver if 2852 * execution was resumed via a continue packet). 2853 */ 2854 gdb_handlesig(gdbserver_state.c_cpu, 0); 2855 #else 2856 /* In this case wait to send the syscall packet until notification that 2857 the CPU has stopped. This must be done because if the packet is sent 2858 now the reply from the syscall request could be received while the CPU 2859 is still in the running state, which can cause packets to be dropped 2860 and state transition 'T' packets to be sent while the syscall is still 2861 being processed. */ 2862 qemu_cpu_kick(gdbserver_state.c_cpu); 2863 #endif 2864 } 2865 2866 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...) 2867 { 2868 va_list va; 2869 2870 va_start(va, fmt); 2871 gdb_do_syscallv(cb, fmt, va); 2872 va_end(va); 2873 } 2874 2875 static void gdb_read_byte(uint8_t ch) 2876 { 2877 uint8_t reply; 2878 2879 #ifndef CONFIG_USER_ONLY 2880 if (gdbserver_state.last_packet->len) { 2881 /* Waiting for a response to the last packet. If we see the start 2882 of a new command then abandon the previous response. */ 2883 if (ch == '-') { 2884 trace_gdbstub_err_got_nack(); 2885 put_buffer(gdbserver_state.last_packet->data, 2886 gdbserver_state.last_packet->len); 2887 } else if (ch == '+') { 2888 trace_gdbstub_io_got_ack(); 2889 } else { 2890 trace_gdbstub_io_got_unexpected(ch); 2891 } 2892 2893 if (ch == '+' || ch == '$') { 2894 g_byte_array_set_size(gdbserver_state.last_packet, 0); 2895 } 2896 if (ch != '$') 2897 return; 2898 } 2899 if (runstate_is_running()) { 2900 /* when the CPU is running, we cannot do anything except stop 2901 it when receiving a char */ 2902 vm_stop(RUN_STATE_PAUSED); 2903 } else 2904 #endif 2905 { 2906 switch(gdbserver_state.state) { 2907 case RS_IDLE: 2908 if (ch == '$') { 2909 /* start of command packet */ 2910 gdbserver_state.line_buf_index = 0; 2911 gdbserver_state.line_sum = 0; 2912 gdbserver_state.state = RS_GETLINE; 2913 } else { 2914 trace_gdbstub_err_garbage(ch); 2915 } 2916 break; 2917 case RS_GETLINE: 2918 if (ch == '}') { 2919 /* start escape sequence */ 2920 gdbserver_state.state = RS_GETLINE_ESC; 2921 gdbserver_state.line_sum += ch; 2922 } else if (ch == '*') { 2923 /* start run length encoding sequence */ 2924 gdbserver_state.state = RS_GETLINE_RLE; 2925 gdbserver_state.line_sum += ch; 2926 } else if (ch == '#') { 2927 /* end of command, start of checksum*/ 2928 gdbserver_state.state = RS_CHKSUM1; 2929 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) { 2930 trace_gdbstub_err_overrun(); 2931 gdbserver_state.state = RS_IDLE; 2932 } else { 2933 /* unescaped command character */ 2934 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch; 2935 gdbserver_state.line_sum += ch; 2936 } 2937 break; 2938 case RS_GETLINE_ESC: 2939 if (ch == '#') { 2940 /* unexpected end of command in escape sequence */ 2941 gdbserver_state.state = RS_CHKSUM1; 2942 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) { 2943 /* command buffer overrun */ 2944 trace_gdbstub_err_overrun(); 2945 gdbserver_state.state = RS_IDLE; 2946 } else { 2947 /* parse escaped character and leave escape state */ 2948 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20; 2949 gdbserver_state.line_sum += ch; 2950 gdbserver_state.state = RS_GETLINE; 2951 } 2952 break; 2953 case RS_GETLINE_RLE: 2954 /* 2955 * Run-length encoding is explained in "Debugging with GDB / 2956 * Appendix E GDB Remote Serial Protocol / Overview". 2957 */ 2958 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) { 2959 /* invalid RLE count encoding */ 2960 trace_gdbstub_err_invalid_repeat(ch); 2961 gdbserver_state.state = RS_GETLINE; 2962 } else { 2963 /* decode repeat length */ 2964 int repeat = ch - ' ' + 3; 2965 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) { 2966 /* that many repeats would overrun the command buffer */ 2967 trace_gdbstub_err_overrun(); 2968 gdbserver_state.state = RS_IDLE; 2969 } else if (gdbserver_state.line_buf_index < 1) { 2970 /* got a repeat but we have nothing to repeat */ 2971 trace_gdbstub_err_invalid_rle(); 2972 gdbserver_state.state = RS_GETLINE; 2973 } else { 2974 /* repeat the last character */ 2975 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index, 2976 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat); 2977 gdbserver_state.line_buf_index += repeat; 2978 gdbserver_state.line_sum += ch; 2979 gdbserver_state.state = RS_GETLINE; 2980 } 2981 } 2982 break; 2983 case RS_CHKSUM1: 2984 /* get high hex digit of checksum */ 2985 if (!isxdigit(ch)) { 2986 trace_gdbstub_err_checksum_invalid(ch); 2987 gdbserver_state.state = RS_GETLINE; 2988 break; 2989 } 2990 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0'; 2991 gdbserver_state.line_csum = fromhex(ch) << 4; 2992 gdbserver_state.state = RS_CHKSUM2; 2993 break; 2994 case RS_CHKSUM2: 2995 /* get low hex digit of checksum */ 2996 if (!isxdigit(ch)) { 2997 trace_gdbstub_err_checksum_invalid(ch); 2998 gdbserver_state.state = RS_GETLINE; 2999 break; 3000 } 3001 gdbserver_state.line_csum |= fromhex(ch); 3002 3003 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) { 3004 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum); 3005 /* send NAK reply */ 3006 reply = '-'; 3007 put_buffer(&reply, 1); 3008 gdbserver_state.state = RS_IDLE; 3009 } else { 3010 /* send ACK reply */ 3011 reply = '+'; 3012 put_buffer(&reply, 1); 3013 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf); 3014 } 3015 break; 3016 default: 3017 abort(); 3018 } 3019 } 3020 } 3021 3022 /* Tell the remote gdb that the process has exited. */ 3023 void gdb_exit(int code) 3024 { 3025 char buf[4]; 3026 3027 if (!gdbserver_state.init) { 3028 return; 3029 } 3030 #ifdef CONFIG_USER_ONLY 3031 if (gdbserver_state.socket_path) { 3032 unlink(gdbserver_state.socket_path); 3033 } 3034 if (gdbserver_state.fd < 0) { 3035 return; 3036 } 3037 #endif 3038 3039 trace_gdbstub_op_exiting((uint8_t)code); 3040 3041 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code); 3042 put_packet(buf); 3043 3044 #ifndef CONFIG_USER_ONLY 3045 qemu_chr_fe_deinit(&gdbserver_state.chr, true); 3046 #endif 3047 } 3048 3049 /* 3050 * Create the process that will contain all the "orphan" CPUs (that are not 3051 * part of a CPU cluster). Note that if this process contains no CPUs, it won't 3052 * be attachable and thus will be invisible to the user. 3053 */ 3054 static void create_default_process(GDBState *s) 3055 { 3056 GDBProcess *process; 3057 int max_pid = 0; 3058 3059 if (gdbserver_state.process_num) { 3060 max_pid = s->processes[s->process_num - 1].pid; 3061 } 3062 3063 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num); 3064 process = &s->processes[s->process_num - 1]; 3065 3066 /* We need an available PID slot for this process */ 3067 assert(max_pid < UINT32_MAX); 3068 3069 process->pid = max_pid + 1; 3070 process->attached = false; 3071 process->target_xml[0] = '\0'; 3072 } 3073 3074 #ifdef CONFIG_USER_ONLY 3075 int 3076 gdb_handlesig(CPUState *cpu, int sig) 3077 { 3078 char buf[256]; 3079 int n; 3080 3081 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3082 return sig; 3083 } 3084 3085 /* disable single step if it was enabled */ 3086 cpu_single_step(cpu, 0); 3087 tb_flush(cpu); 3088 3089 if (sig != 0) { 3090 gdb_set_stop_cpu(cpu); 3091 g_string_printf(gdbserver_state.str_buf, 3092 "T%02xthread:", target_signal_to_gdb(sig)); 3093 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 3094 g_string_append_c(gdbserver_state.str_buf, ';'); 3095 put_strbuf(); 3096 } 3097 /* put_packet() might have detected that the peer terminated the 3098 connection. */ 3099 if (gdbserver_state.fd < 0) { 3100 return sig; 3101 } 3102 3103 sig = 0; 3104 gdbserver_state.state = RS_IDLE; 3105 gdbserver_state.running_state = 0; 3106 while (gdbserver_state.running_state == 0) { 3107 n = read(gdbserver_state.fd, buf, 256); 3108 if (n > 0) { 3109 int i; 3110 3111 for (i = 0; i < n; i++) { 3112 gdb_read_byte(buf[i]); 3113 } 3114 } else { 3115 /* XXX: Connection closed. Should probably wait for another 3116 connection before continuing. */ 3117 if (n == 0) { 3118 close(gdbserver_state.fd); 3119 } 3120 gdbserver_state.fd = -1; 3121 return sig; 3122 } 3123 } 3124 sig = gdbserver_state.signal; 3125 gdbserver_state.signal = 0; 3126 return sig; 3127 } 3128 3129 /* Tell the remote gdb that the process has exited due to SIG. */ 3130 void gdb_signalled(CPUArchState *env, int sig) 3131 { 3132 char buf[4]; 3133 3134 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3135 return; 3136 } 3137 3138 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig)); 3139 put_packet(buf); 3140 } 3141 3142 static void gdb_accept_init(int fd) 3143 { 3144 init_gdbserver_state(); 3145 create_default_process(&gdbserver_state); 3146 gdbserver_state.processes[0].attached = true; 3147 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 3148 gdbserver_state.g_cpu = gdbserver_state.c_cpu; 3149 gdbserver_state.fd = fd; 3150 gdb_has_xml = false; 3151 } 3152 3153 static bool gdb_accept_socket(int gdb_fd) 3154 { 3155 int fd; 3156 3157 for(;;) { 3158 fd = accept(gdb_fd, NULL, NULL); 3159 if (fd < 0 && errno != EINTR) { 3160 perror("accept socket"); 3161 return false; 3162 } else if (fd >= 0) { 3163 qemu_set_cloexec(fd); 3164 break; 3165 } 3166 } 3167 3168 gdb_accept_init(fd); 3169 return true; 3170 } 3171 3172 static int gdbserver_open_socket(const char *path) 3173 { 3174 struct sockaddr_un sockaddr = {}; 3175 int fd, ret; 3176 3177 fd = socket(AF_UNIX, SOCK_STREAM, 0); 3178 if (fd < 0) { 3179 perror("create socket"); 3180 return -1; 3181 } 3182 3183 sockaddr.sun_family = AF_UNIX; 3184 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path); 3185 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 3186 if (ret < 0) { 3187 perror("bind socket"); 3188 close(fd); 3189 return -1; 3190 } 3191 ret = listen(fd, 1); 3192 if (ret < 0) { 3193 perror("listen socket"); 3194 close(fd); 3195 return -1; 3196 } 3197 3198 return fd; 3199 } 3200 3201 static bool gdb_accept_tcp(int gdb_fd) 3202 { 3203 struct sockaddr_in sockaddr = {}; 3204 socklen_t len; 3205 int fd; 3206 3207 for(;;) { 3208 len = sizeof(sockaddr); 3209 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len); 3210 if (fd < 0 && errno != EINTR) { 3211 perror("accept"); 3212 return false; 3213 } else if (fd >= 0) { 3214 qemu_set_cloexec(fd); 3215 break; 3216 } 3217 } 3218 3219 /* set short latency */ 3220 if (socket_set_nodelay(fd)) { 3221 perror("setsockopt"); 3222 close(fd); 3223 return false; 3224 } 3225 3226 gdb_accept_init(fd); 3227 return true; 3228 } 3229 3230 static int gdbserver_open_port(int port) 3231 { 3232 struct sockaddr_in sockaddr; 3233 int fd, ret; 3234 3235 fd = socket(PF_INET, SOCK_STREAM, 0); 3236 if (fd < 0) { 3237 perror("socket"); 3238 return -1; 3239 } 3240 qemu_set_cloexec(fd); 3241 3242 socket_set_fast_reuse(fd); 3243 3244 sockaddr.sin_family = AF_INET; 3245 sockaddr.sin_port = htons(port); 3246 sockaddr.sin_addr.s_addr = 0; 3247 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 3248 if (ret < 0) { 3249 perror("bind"); 3250 close(fd); 3251 return -1; 3252 } 3253 ret = listen(fd, 1); 3254 if (ret < 0) { 3255 perror("listen"); 3256 close(fd); 3257 return -1; 3258 } 3259 3260 return fd; 3261 } 3262 3263 int gdbserver_start(const char *port_or_path) 3264 { 3265 int port = g_ascii_strtoull(port_or_path, NULL, 10); 3266 int gdb_fd; 3267 3268 if (port > 0) { 3269 gdb_fd = gdbserver_open_port(port); 3270 } else { 3271 gdb_fd = gdbserver_open_socket(port_or_path); 3272 } 3273 3274 if (gdb_fd < 0) { 3275 return -1; 3276 } 3277 3278 if (port > 0 && gdb_accept_tcp(gdb_fd)) { 3279 return 0; 3280 } else if (gdb_accept_socket(gdb_fd)) { 3281 gdbserver_state.socket_path = g_strdup(port_or_path); 3282 return 0; 3283 } 3284 3285 /* gone wrong */ 3286 close(gdb_fd); 3287 return -1; 3288 } 3289 3290 /* Disable gdb stub for child processes. */ 3291 void gdbserver_fork(CPUState *cpu) 3292 { 3293 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3294 return; 3295 } 3296 close(gdbserver_state.fd); 3297 gdbserver_state.fd = -1; 3298 cpu_breakpoint_remove_all(cpu, BP_GDB); 3299 cpu_watchpoint_remove_all(cpu, BP_GDB); 3300 } 3301 #else 3302 static int gdb_chr_can_receive(void *opaque) 3303 { 3304 /* We can handle an arbitrarily large amount of data. 3305 Pick the maximum packet size, which is as good as anything. */ 3306 return MAX_PACKET_LENGTH; 3307 } 3308 3309 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size) 3310 { 3311 int i; 3312 3313 for (i = 0; i < size; i++) { 3314 gdb_read_byte(buf[i]); 3315 } 3316 } 3317 3318 static void gdb_chr_event(void *opaque, QEMUChrEvent event) 3319 { 3320 int i; 3321 GDBState *s = (GDBState *) opaque; 3322 3323 switch (event) { 3324 case CHR_EVENT_OPENED: 3325 /* Start with first process attached, others detached */ 3326 for (i = 0; i < s->process_num; i++) { 3327 s->processes[i].attached = !i; 3328 } 3329 3330 s->c_cpu = gdb_first_attached_cpu(); 3331 s->g_cpu = s->c_cpu; 3332 3333 vm_stop(RUN_STATE_PAUSED); 3334 replay_gdb_attached(); 3335 gdb_has_xml = false; 3336 break; 3337 default: 3338 break; 3339 } 3340 } 3341 3342 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len) 3343 { 3344 g_autoptr(GString) hex_buf = g_string_new("O"); 3345 memtohex(hex_buf, buf, len); 3346 put_packet(hex_buf->str); 3347 return len; 3348 } 3349 3350 #ifndef _WIN32 3351 static void gdb_sigterm_handler(int signal) 3352 { 3353 if (runstate_is_running()) { 3354 vm_stop(RUN_STATE_PAUSED); 3355 } 3356 } 3357 #endif 3358 3359 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend, 3360 bool *be_opened, Error **errp) 3361 { 3362 *be_opened = false; 3363 } 3364 3365 static void char_gdb_class_init(ObjectClass *oc, void *data) 3366 { 3367 ChardevClass *cc = CHARDEV_CLASS(oc); 3368 3369 cc->internal = true; 3370 cc->open = gdb_monitor_open; 3371 cc->chr_write = gdb_monitor_write; 3372 } 3373 3374 #define TYPE_CHARDEV_GDB "chardev-gdb" 3375 3376 static const TypeInfo char_gdb_type_info = { 3377 .name = TYPE_CHARDEV_GDB, 3378 .parent = TYPE_CHARDEV, 3379 .class_init = char_gdb_class_init, 3380 }; 3381 3382 static int find_cpu_clusters(Object *child, void *opaque) 3383 { 3384 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) { 3385 GDBState *s = (GDBState *) opaque; 3386 CPUClusterState *cluster = CPU_CLUSTER(child); 3387 GDBProcess *process; 3388 3389 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num); 3390 3391 process = &s->processes[s->process_num - 1]; 3392 3393 /* 3394 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at 3395 * runtime, we enforce here that the machine does not use a cluster ID 3396 * that would lead to PID 0. 3397 */ 3398 assert(cluster->cluster_id != UINT32_MAX); 3399 process->pid = cluster->cluster_id + 1; 3400 process->attached = false; 3401 process->target_xml[0] = '\0'; 3402 3403 return 0; 3404 } 3405 3406 return object_child_foreach(child, find_cpu_clusters, opaque); 3407 } 3408 3409 static int pid_order(const void *a, const void *b) 3410 { 3411 GDBProcess *pa = (GDBProcess *) a; 3412 GDBProcess *pb = (GDBProcess *) b; 3413 3414 if (pa->pid < pb->pid) { 3415 return -1; 3416 } else if (pa->pid > pb->pid) { 3417 return 1; 3418 } else { 3419 return 0; 3420 } 3421 } 3422 3423 static void create_processes(GDBState *s) 3424 { 3425 object_child_foreach(object_get_root(), find_cpu_clusters, s); 3426 3427 if (gdbserver_state.processes) { 3428 /* Sort by PID */ 3429 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order); 3430 } 3431 3432 create_default_process(s); 3433 } 3434 3435 int gdbserver_start(const char *device) 3436 { 3437 trace_gdbstub_op_start(device); 3438 3439 char gdbstub_device_name[128]; 3440 Chardev *chr = NULL; 3441 Chardev *mon_chr; 3442 3443 if (!first_cpu) { 3444 error_report("gdbstub: meaningless to attach gdb to a " 3445 "machine without any CPU."); 3446 return -1; 3447 } 3448 3449 if (!gdb_supports_guest_debug()) { 3450 error_report("gdbstub: current accelerator doesn't support guest debugging"); 3451 return -1; 3452 } 3453 3454 if (!device) 3455 return -1; 3456 if (strcmp(device, "none") != 0) { 3457 if (strstart(device, "tcp:", NULL)) { 3458 /* enforce required TCP attributes */ 3459 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name), 3460 "%s,wait=off,nodelay=on,server=on", device); 3461 device = gdbstub_device_name; 3462 } 3463 #ifndef _WIN32 3464 else if (strcmp(device, "stdio") == 0) { 3465 struct sigaction act; 3466 3467 memset(&act, 0, sizeof(act)); 3468 act.sa_handler = gdb_sigterm_handler; 3469 sigaction(SIGINT, &act, NULL); 3470 } 3471 #endif 3472 /* 3473 * FIXME: it's a bit weird to allow using a mux chardev here 3474 * and implicitly setup a monitor. We may want to break this. 3475 */ 3476 chr = qemu_chr_new_noreplay("gdb", device, true, NULL); 3477 if (!chr) 3478 return -1; 3479 } 3480 3481 if (!gdbserver_state.init) { 3482 init_gdbserver_state(); 3483 3484 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL); 3485 3486 /* Initialize a monitor terminal for gdb */ 3487 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB, 3488 NULL, NULL, &error_abort); 3489 monitor_init_hmp(mon_chr, false, &error_abort); 3490 } else { 3491 qemu_chr_fe_deinit(&gdbserver_state.chr, true); 3492 mon_chr = gdbserver_state.mon_chr; 3493 reset_gdbserver_state(); 3494 } 3495 3496 create_processes(&gdbserver_state); 3497 3498 if (chr) { 3499 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort); 3500 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive, 3501 gdb_chr_receive, gdb_chr_event, 3502 NULL, &gdbserver_state, NULL, true); 3503 } 3504 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE; 3505 gdbserver_state.mon_chr = mon_chr; 3506 gdbserver_state.current_syscall_cb = NULL; 3507 3508 return 0; 3509 } 3510 3511 static void register_types(void) 3512 { 3513 type_register_static(&char_gdb_type_info); 3514 } 3515 3516 type_init(register_types); 3517 #endif 3518