xref: /openbmc/qemu/gdbstub/gdbstub.c (revision bb6cf6f0168efadb95cf3e41963ec295ad28a941)
1 /*
2  * gdb server stub
3  *
4  * This implements a subset of the remote protocol as described in:
5  *
6  *   https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7  *
8  * Copyright (c) 2003-2005 Fabrice Bellard
9  *
10  * This library is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU Lesser General Public
12  * License as published by the Free Software Foundation; either
13  * version 2 of the License, or (at your option) any later version.
14  *
15  * This library is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
18  * Lesser General Public License for more details.
19  *
20  * You should have received a copy of the GNU Lesser General Public
21  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22  *
23  * SPDX-License-Identifier: LGPL-2.0+
24  */
25 
26 #include "qemu/osdep.h"
27 #include "qemu/ctype.h"
28 #include "qemu/cutils.h"
29 #include "qemu/module.h"
30 #include "qemu/error-report.h"
31 #include "trace.h"
32 #include "exec/gdbstub.h"
33 #include "gdbstub/syscalls.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "gdbstub/user.h"
36 #else
37 #include "hw/cpu/cluster.h"
38 #include "hw/boards.h"
39 #endif
40 
41 #include "sysemu/hw_accel.h"
42 #include "sysemu/runstate.h"
43 #include "exec/replay-core.h"
44 #include "exec/hwaddr.h"
45 
46 #include "internals.h"
47 
48 typedef struct GDBRegisterState {
49     int base_reg;
50     int num_regs;
51     gdb_get_reg_cb get_reg;
52     gdb_set_reg_cb set_reg;
53     const char *xml;
54 } GDBRegisterState;
55 
56 GDBState gdbserver_state;
57 
58 void gdb_init_gdbserver_state(void)
59 {
60     g_assert(!gdbserver_state.init);
61     memset(&gdbserver_state, 0, sizeof(GDBState));
62     gdbserver_state.init = true;
63     gdbserver_state.str_buf = g_string_new(NULL);
64     gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
65     gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
66 
67     /*
68      * What single-step modes are supported is accelerator dependent.
69      * By default try to use no IRQs and no timers while single
70      * stepping so as to make single stepping like a typical ICE HW step.
71      */
72     gdbserver_state.supported_sstep_flags = accel_supported_gdbstub_sstep_flags();
73     gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
74     gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags;
75 }
76 
77 /* writes 2*len+1 bytes in buf */
78 void gdb_memtohex(GString *buf, const uint8_t *mem, int len)
79 {
80     int i, c;
81     for(i = 0; i < len; i++) {
82         c = mem[i];
83         g_string_append_c(buf, tohex(c >> 4));
84         g_string_append_c(buf, tohex(c & 0xf));
85     }
86     g_string_append_c(buf, '\0');
87 }
88 
89 void gdb_hextomem(GByteArray *mem, const char *buf, int len)
90 {
91     int i;
92 
93     for(i = 0; i < len; i++) {
94         guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
95         g_byte_array_append(mem, &byte, 1);
96         buf += 2;
97     }
98 }
99 
100 static void hexdump(const char *buf, int len,
101                     void (*trace_fn)(size_t ofs, char const *text))
102 {
103     char line_buffer[3 * 16 + 4 + 16 + 1];
104 
105     size_t i;
106     for (i = 0; i < len || (i & 0xF); ++i) {
107         size_t byte_ofs = i & 15;
108 
109         if (byte_ofs == 0) {
110             memset(line_buffer, ' ', 3 * 16 + 4 + 16);
111             line_buffer[3 * 16 + 4 + 16] = 0;
112         }
113 
114         size_t col_group = (i >> 2) & 3;
115         size_t hex_col = byte_ofs * 3 + col_group;
116         size_t txt_col = 3 * 16 + 4 + byte_ofs;
117 
118         if (i < len) {
119             char value = buf[i];
120 
121             line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
122             line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
123             line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
124                     ? value
125                     : '.';
126         }
127 
128         if (byte_ofs == 0xF)
129             trace_fn(i & -16, line_buffer);
130     }
131 }
132 
133 /* return -1 if error, 0 if OK */
134 int gdb_put_packet_binary(const char *buf, int len, bool dump)
135 {
136     int csum, i;
137     uint8_t footer[3];
138 
139     if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
140         hexdump(buf, len, trace_gdbstub_io_binaryreply);
141     }
142 
143     for(;;) {
144         g_byte_array_set_size(gdbserver_state.last_packet, 0);
145         g_byte_array_append(gdbserver_state.last_packet,
146                             (const uint8_t *) "$", 1);
147         g_byte_array_append(gdbserver_state.last_packet,
148                             (const uint8_t *) buf, len);
149         csum = 0;
150         for(i = 0; i < len; i++) {
151             csum += buf[i];
152         }
153         footer[0] = '#';
154         footer[1] = tohex((csum >> 4) & 0xf);
155         footer[2] = tohex((csum) & 0xf);
156         g_byte_array_append(gdbserver_state.last_packet, footer, 3);
157 
158         gdb_put_buffer(gdbserver_state.last_packet->data,
159                    gdbserver_state.last_packet->len);
160 
161         if (gdb_got_immediate_ack()) {
162             break;
163         }
164     }
165     return 0;
166 }
167 
168 /* return -1 if error, 0 if OK */
169 int gdb_put_packet(const char *buf)
170 {
171     trace_gdbstub_io_reply(buf);
172 
173     return gdb_put_packet_binary(buf, strlen(buf), false);
174 }
175 
176 void gdb_put_strbuf(void)
177 {
178     gdb_put_packet(gdbserver_state.str_buf->str);
179 }
180 
181 /* Encode data using the encoding for 'x' packets.  */
182 void gdb_memtox(GString *buf, const char *mem, int len)
183 {
184     char c;
185 
186     while (len--) {
187         c = *(mem++);
188         switch (c) {
189         case '#': case '$': case '*': case '}':
190             g_string_append_c(buf, '}');
191             g_string_append_c(buf, c ^ 0x20);
192             break;
193         default:
194             g_string_append_c(buf, c);
195             break;
196         }
197     }
198 }
199 
200 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
201 {
202 #ifdef CONFIG_USER_ONLY
203     return getpid();
204 #else
205     if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
206         /* Return the default process' PID */
207         int index = gdbserver_state.process_num - 1;
208         return gdbserver_state.processes[index].pid;
209     }
210     return cpu->cluster_index + 1;
211 #endif
212 }
213 
214 GDBProcess *gdb_get_process(uint32_t pid)
215 {
216     int i;
217 
218     if (!pid) {
219         /* 0 means any process, we take the first one */
220         return &gdbserver_state.processes[0];
221     }
222 
223     for (i = 0; i < gdbserver_state.process_num; i++) {
224         if (gdbserver_state.processes[i].pid == pid) {
225             return &gdbserver_state.processes[i];
226         }
227     }
228 
229     return NULL;
230 }
231 
232 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
233 {
234     return gdb_get_process(gdb_get_cpu_pid(cpu));
235 }
236 
237 static CPUState *find_cpu(uint32_t thread_id)
238 {
239     CPUState *cpu;
240 
241     CPU_FOREACH(cpu) {
242         if (gdb_get_cpu_index(cpu) == thread_id) {
243             return cpu;
244         }
245     }
246 
247     return NULL;
248 }
249 
250 CPUState *gdb_get_first_cpu_in_process(GDBProcess *process)
251 {
252     CPUState *cpu;
253 
254     CPU_FOREACH(cpu) {
255         if (gdb_get_cpu_pid(cpu) == process->pid) {
256             return cpu;
257         }
258     }
259 
260     return NULL;
261 }
262 
263 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
264 {
265     uint32_t pid = gdb_get_cpu_pid(cpu);
266     cpu = CPU_NEXT(cpu);
267 
268     while (cpu) {
269         if (gdb_get_cpu_pid(cpu) == pid) {
270             break;
271         }
272 
273         cpu = CPU_NEXT(cpu);
274     }
275 
276     return cpu;
277 }
278 
279 /* Return the cpu following @cpu, while ignoring unattached processes. */
280 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
281 {
282     cpu = CPU_NEXT(cpu);
283 
284     while (cpu) {
285         if (gdb_get_cpu_process(cpu)->attached) {
286             break;
287         }
288 
289         cpu = CPU_NEXT(cpu);
290     }
291 
292     return cpu;
293 }
294 
295 /* Return the first attached cpu */
296 CPUState *gdb_first_attached_cpu(void)
297 {
298     CPUState *cpu = first_cpu;
299     GDBProcess *process = gdb_get_cpu_process(cpu);
300 
301     if (!process->attached) {
302         return gdb_next_attached_cpu(cpu);
303     }
304 
305     return cpu;
306 }
307 
308 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
309 {
310     GDBProcess *process;
311     CPUState *cpu;
312 
313     if (!pid && !tid) {
314         /* 0 means any process/thread, we take the first attached one */
315         return gdb_first_attached_cpu();
316     } else if (pid && !tid) {
317         /* any thread in a specific process */
318         process = gdb_get_process(pid);
319 
320         if (process == NULL) {
321             return NULL;
322         }
323 
324         if (!process->attached) {
325             return NULL;
326         }
327 
328         return gdb_get_first_cpu_in_process(process);
329     } else {
330         /* a specific thread */
331         cpu = find_cpu(tid);
332 
333         if (cpu == NULL) {
334             return NULL;
335         }
336 
337         process = gdb_get_cpu_process(cpu);
338 
339         if (pid && process->pid != pid) {
340             return NULL;
341         }
342 
343         if (!process->attached) {
344             return NULL;
345         }
346 
347         return cpu;
348     }
349 }
350 
351 static const char *get_feature_xml(const char *p, const char **newp,
352                                    GDBProcess *process)
353 {
354     CPUState *cpu = gdb_get_first_cpu_in_process(process);
355     CPUClass *cc = CPU_GET_CLASS(cpu);
356     size_t len;
357 
358     /*
359      * qXfer:features:read:ANNEX:OFFSET,LENGTH'
360      *                     ^p    ^newp
361      */
362     char *term = strchr(p, ':');
363     *newp = term + 1;
364     len = term - p;
365 
366     /* Is it the main target xml? */
367     if (strncmp(p, "target.xml", len) == 0) {
368         if (!process->target_xml) {
369             GDBRegisterState *r;
370             g_autoptr(GPtrArray) xml = g_ptr_array_new_with_free_func(g_free);
371 
372             g_ptr_array_add(
373                 xml,
374                 g_strdup("<?xml version=\"1.0\"?>"
375                          "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
376                          "<target>"));
377 
378             if (cc->gdb_arch_name) {
379                 g_ptr_array_add(
380                     xml,
381                     g_markup_printf_escaped("<architecture>%s</architecture>",
382                                             cc->gdb_arch_name(cpu)));
383             }
384             g_ptr_array_add(
385                 xml,
386                 g_markup_printf_escaped("<xi:include href=\"%s\"/>",
387                                         cc->gdb_core_xml_file));
388             if (cpu->gdb_regs) {
389                 for (guint i = 0; i < cpu->gdb_regs->len; i++) {
390                     r = &g_array_index(cpu->gdb_regs, GDBRegisterState, i);
391                     g_ptr_array_add(
392                         xml,
393                         g_markup_printf_escaped("<xi:include href=\"%s\"/>",
394                                                 r->xml));
395                 }
396             }
397             g_ptr_array_add(xml, g_strdup("</target>"));
398             g_ptr_array_add(xml, NULL);
399 
400             process->target_xml = g_strjoinv(NULL, (void *)xml->pdata);
401         }
402         return process->target_xml;
403     }
404     /* Is it dynamically generated by the target? */
405     if (cc->gdb_get_dynamic_xml) {
406         g_autofree char *xmlname = g_strndup(p, len);
407         const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
408         if (xml) {
409             return xml;
410         }
411     }
412     /* Is it one of the encoded gdb-xml/ files? */
413     for (int i = 0; gdb_static_features[i].xmlname; i++) {
414         const char *name = gdb_static_features[i].xmlname;
415         if ((strncmp(name, p, len) == 0) &&
416             strlen(name) == len) {
417             return gdb_static_features[i].xml;
418         }
419     }
420 
421     /* failed */
422     return NULL;
423 }
424 
425 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
426 {
427     CPUClass *cc = CPU_GET_CLASS(cpu);
428     CPUArchState *env = cpu_env(cpu);
429     GDBRegisterState *r;
430 
431     if (reg < cc->gdb_num_core_regs) {
432         return cc->gdb_read_register(cpu, buf, reg);
433     }
434 
435     if (cpu->gdb_regs) {
436         for (guint i = 0; i < cpu->gdb_regs->len; i++) {
437             r = &g_array_index(cpu->gdb_regs, GDBRegisterState, i);
438             if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
439                 return r->get_reg(env, buf, reg - r->base_reg);
440             }
441         }
442     }
443     return 0;
444 }
445 
446 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
447 {
448     CPUClass *cc = CPU_GET_CLASS(cpu);
449     CPUArchState *env = cpu_env(cpu);
450     GDBRegisterState *r;
451 
452     if (reg < cc->gdb_num_core_regs) {
453         return cc->gdb_write_register(cpu, mem_buf, reg);
454     }
455 
456     if (cpu->gdb_regs) {
457         for (guint i = 0; i < cpu->gdb_regs->len; i++) {
458             r =  &g_array_index(cpu->gdb_regs, GDBRegisterState, i);
459             if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
460                 return r->set_reg(env, mem_buf, reg - r->base_reg);
461             }
462         }
463     }
464     return 0;
465 }
466 
467 void gdb_register_coprocessor(CPUState *cpu,
468                               gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
469                               int num_regs, const char *xml, int g_pos)
470 {
471     GDBRegisterState *s;
472     guint i;
473 
474     if (cpu->gdb_regs) {
475         for (i = 0; i < cpu->gdb_regs->len; i++) {
476             /* Check for duplicates.  */
477             s = &g_array_index(cpu->gdb_regs, GDBRegisterState, i);
478             if (strcmp(s->xml, xml) == 0) {
479                 return;
480             }
481         }
482     } else {
483         cpu->gdb_regs = g_array_new(false, false, sizeof(GDBRegisterState));
484         i = 0;
485     }
486 
487     g_array_set_size(cpu->gdb_regs, i + 1);
488     s = &g_array_index(cpu->gdb_regs, GDBRegisterState, i);
489     s->base_reg = cpu->gdb_num_regs;
490     s->num_regs = num_regs;
491     s->get_reg = get_reg;
492     s->set_reg = set_reg;
493     s->xml = xml;
494 
495     /* Add to end of list.  */
496     cpu->gdb_num_regs += num_regs;
497     if (g_pos) {
498         if (g_pos != s->base_reg) {
499             error_report("Error: Bad gdb register numbering for '%s', "
500                          "expected %d got %d", xml, g_pos, s->base_reg);
501         } else {
502             cpu->gdb_num_g_regs = cpu->gdb_num_regs;
503         }
504     }
505 }
506 
507 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
508 {
509     CPUState *cpu = gdb_get_first_cpu_in_process(p);
510 
511     while (cpu) {
512         gdb_breakpoint_remove_all(cpu);
513         cpu = gdb_next_cpu_in_process(cpu);
514     }
515 }
516 
517 
518 static void gdb_set_cpu_pc(vaddr pc)
519 {
520     CPUState *cpu = gdbserver_state.c_cpu;
521 
522     cpu_synchronize_state(cpu);
523     cpu_set_pc(cpu, pc);
524 }
525 
526 void gdb_append_thread_id(CPUState *cpu, GString *buf)
527 {
528     if (gdbserver_state.multiprocess) {
529         g_string_append_printf(buf, "p%02x.%02x",
530                                gdb_get_cpu_pid(cpu), gdb_get_cpu_index(cpu));
531     } else {
532         g_string_append_printf(buf, "%02x", gdb_get_cpu_index(cpu));
533     }
534 }
535 
536 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
537                                       uint32_t *pid, uint32_t *tid)
538 {
539     unsigned long p, t;
540     int ret;
541 
542     if (*buf == 'p') {
543         buf++;
544         ret = qemu_strtoul(buf, &buf, 16, &p);
545 
546         if (ret) {
547             return GDB_READ_THREAD_ERR;
548         }
549 
550         /* Skip '.' */
551         buf++;
552     } else {
553         p = 0;
554     }
555 
556     ret = qemu_strtoul(buf, &buf, 16, &t);
557 
558     if (ret) {
559         return GDB_READ_THREAD_ERR;
560     }
561 
562     *end_buf = buf;
563 
564     if (p == -1) {
565         return GDB_ALL_PROCESSES;
566     }
567 
568     if (pid) {
569         *pid = p;
570     }
571 
572     if (t == -1) {
573         return GDB_ALL_THREADS;
574     }
575 
576     if (tid) {
577         *tid = t;
578     }
579 
580     return GDB_ONE_THREAD;
581 }
582 
583 /**
584  * gdb_handle_vcont - Parses and handles a vCont packet.
585  * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
586  *         a format error, 0 on success.
587  */
588 static int gdb_handle_vcont(const char *p)
589 {
590     int res, signal = 0;
591     char cur_action;
592     unsigned long tmp;
593     uint32_t pid, tid;
594     GDBProcess *process;
595     CPUState *cpu;
596     GDBThreadIdKind kind;
597     unsigned int max_cpus = gdb_get_max_cpus();
598     /* uninitialised CPUs stay 0 */
599     g_autofree char *newstates = g_new0(char, max_cpus);
600 
601     /* mark valid CPUs with 1 */
602     CPU_FOREACH(cpu) {
603         newstates[cpu->cpu_index] = 1;
604     }
605 
606     /*
607      * res keeps track of what error we are returning, with -ENOTSUP meaning
608      * that the command is unknown or unsupported, thus returning an empty
609      * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
610      *  or incorrect parameters passed.
611      */
612     res = 0;
613 
614     /*
615      * target_count and last_target keep track of how many CPUs we are going to
616      * step or resume, and a pointer to the state structure of one of them,
617      * respectivelly
618      */
619     int target_count = 0;
620     CPUState *last_target = NULL;
621 
622     while (*p) {
623         if (*p++ != ';') {
624             return -ENOTSUP;
625         }
626 
627         cur_action = *p++;
628         if (cur_action == 'C' || cur_action == 'S') {
629             cur_action = qemu_tolower(cur_action);
630             res = qemu_strtoul(p, &p, 16, &tmp);
631             if (res) {
632                 return res;
633             }
634             signal = gdb_signal_to_target(tmp);
635         } else if (cur_action != 'c' && cur_action != 's') {
636             /* unknown/invalid/unsupported command */
637             return -ENOTSUP;
638         }
639 
640         if (*p == '\0' || *p == ';') {
641             /*
642              * No thread specifier, action is on "all threads". The
643              * specification is unclear regarding the process to act on. We
644              * choose all processes.
645              */
646             kind = GDB_ALL_PROCESSES;
647         } else if (*p++ == ':') {
648             kind = read_thread_id(p, &p, &pid, &tid);
649         } else {
650             return -ENOTSUP;
651         }
652 
653         switch (kind) {
654         case GDB_READ_THREAD_ERR:
655             return -EINVAL;
656 
657         case GDB_ALL_PROCESSES:
658             cpu = gdb_first_attached_cpu();
659             while (cpu) {
660                 if (newstates[cpu->cpu_index] == 1) {
661                     newstates[cpu->cpu_index] = cur_action;
662 
663                     target_count++;
664                     last_target = cpu;
665                 }
666 
667                 cpu = gdb_next_attached_cpu(cpu);
668             }
669             break;
670 
671         case GDB_ALL_THREADS:
672             process = gdb_get_process(pid);
673 
674             if (!process->attached) {
675                 return -EINVAL;
676             }
677 
678             cpu = gdb_get_first_cpu_in_process(process);
679             while (cpu) {
680                 if (newstates[cpu->cpu_index] == 1) {
681                     newstates[cpu->cpu_index] = cur_action;
682 
683                     target_count++;
684                     last_target = cpu;
685                 }
686 
687                 cpu = gdb_next_cpu_in_process(cpu);
688             }
689             break;
690 
691         case GDB_ONE_THREAD:
692             cpu = gdb_get_cpu(pid, tid);
693 
694             /* invalid CPU/thread specified */
695             if (!cpu) {
696                 return -EINVAL;
697             }
698 
699             /* only use if no previous match occourred */
700             if (newstates[cpu->cpu_index] == 1) {
701                 newstates[cpu->cpu_index] = cur_action;
702 
703                 target_count++;
704                 last_target = cpu;
705             }
706             break;
707         }
708     }
709 
710     /*
711      * if we're about to resume a specific set of CPUs/threads, make it so that
712      * in case execution gets interrupted, we can send GDB a stop reply with a
713      * correct value. it doesn't really matter which CPU we tell GDB the signal
714      * happened in (VM pauses stop all of them anyway), so long as it is one of
715      * the ones we resumed/single stepped here.
716      */
717     if (target_count > 0) {
718         gdbserver_state.c_cpu = last_target;
719     }
720 
721     gdbserver_state.signal = signal;
722     gdb_continue_partial(newstates);
723     return res;
724 }
725 
726 static const char *cmd_next_param(const char *param, const char delimiter)
727 {
728     static const char all_delimiters[] = ",;:=";
729     char curr_delimiters[2] = {0};
730     const char *delimiters;
731 
732     if (delimiter == '?') {
733         delimiters = all_delimiters;
734     } else if (delimiter == '0') {
735         return strchr(param, '\0');
736     } else if (delimiter == '.' && *param) {
737         return param + 1;
738     } else {
739         curr_delimiters[0] = delimiter;
740         delimiters = curr_delimiters;
741     }
742 
743     param += strcspn(param, delimiters);
744     if (*param) {
745         param++;
746     }
747     return param;
748 }
749 
750 static int cmd_parse_params(const char *data, const char *schema,
751                             GArray *params)
752 {
753     const char *curr_schema, *curr_data;
754 
755     g_assert(schema);
756     g_assert(params->len == 0);
757 
758     curr_schema = schema;
759     curr_data = data;
760     while (curr_schema[0] && curr_schema[1] && *curr_data) {
761         GdbCmdVariant this_param;
762 
763         switch (curr_schema[0]) {
764         case 'l':
765             if (qemu_strtoul(curr_data, &curr_data, 16,
766                              &this_param.val_ul)) {
767                 return -EINVAL;
768             }
769             curr_data = cmd_next_param(curr_data, curr_schema[1]);
770             g_array_append_val(params, this_param);
771             break;
772         case 'L':
773             if (qemu_strtou64(curr_data, &curr_data, 16,
774                               (uint64_t *)&this_param.val_ull)) {
775                 return -EINVAL;
776             }
777             curr_data = cmd_next_param(curr_data, curr_schema[1]);
778             g_array_append_val(params, this_param);
779             break;
780         case 's':
781             this_param.data = curr_data;
782             curr_data = cmd_next_param(curr_data, curr_schema[1]);
783             g_array_append_val(params, this_param);
784             break;
785         case 'o':
786             this_param.opcode = *(uint8_t *)curr_data;
787             curr_data = cmd_next_param(curr_data, curr_schema[1]);
788             g_array_append_val(params, this_param);
789             break;
790         case 't':
791             this_param.thread_id.kind =
792                 read_thread_id(curr_data, &curr_data,
793                                &this_param.thread_id.pid,
794                                &this_param.thread_id.tid);
795             curr_data = cmd_next_param(curr_data, curr_schema[1]);
796             g_array_append_val(params, this_param);
797             break;
798         case '?':
799             curr_data = cmd_next_param(curr_data, curr_schema[1]);
800             break;
801         default:
802             return -EINVAL;
803         }
804         curr_schema += 2;
805     }
806 
807     return 0;
808 }
809 
810 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx);
811 
812 /*
813  * cmd_startswith -> cmd is compared using startswith
814  *
815  * allow_stop_reply -> true iff the gdbstub can respond to this command with a
816  *   "stop reply" packet. The list of commands that accept such response is
817  *   defined at the GDB Remote Serial Protocol documentation. see:
818  *   https://sourceware.org/gdb/onlinedocs/gdb/Stop-Reply-Packets.html#Stop-Reply-Packets.
819  *
820  * schema definitions:
821  * Each schema parameter entry consists of 2 chars,
822  * the first char represents the parameter type handling
823  * the second char represents the delimiter for the next parameter
824  *
825  * Currently supported schema types:
826  * 'l' -> unsigned long (stored in .val_ul)
827  * 'L' -> unsigned long long (stored in .val_ull)
828  * 's' -> string (stored in .data)
829  * 'o' -> single char (stored in .opcode)
830  * 't' -> thread id (stored in .thread_id)
831  * '?' -> skip according to delimiter
832  *
833  * Currently supported delimiters:
834  * '?' -> Stop at any delimiter (",;:=\0")
835  * '0' -> Stop at "\0"
836  * '.' -> Skip 1 char unless reached "\0"
837  * Any other value is treated as the delimiter value itself
838  */
839 typedef struct GdbCmdParseEntry {
840     GdbCmdHandler handler;
841     const char *cmd;
842     bool cmd_startswith;
843     const char *schema;
844     bool allow_stop_reply;
845 } GdbCmdParseEntry;
846 
847 static inline int startswith(const char *string, const char *pattern)
848 {
849   return !strncmp(string, pattern, strlen(pattern));
850 }
851 
852 static int process_string_cmd(const char *data,
853                               const GdbCmdParseEntry *cmds, int num_cmds)
854 {
855     int i;
856     g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant));
857 
858     if (!cmds) {
859         return -1;
860     }
861 
862     for (i = 0; i < num_cmds; i++) {
863         const GdbCmdParseEntry *cmd = &cmds[i];
864         g_assert(cmd->handler && cmd->cmd);
865 
866         if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
867             (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
868             continue;
869         }
870 
871         if (cmd->schema) {
872             if (cmd_parse_params(&data[strlen(cmd->cmd)],
873                                  cmd->schema, params)) {
874                 return -1;
875             }
876         }
877 
878         gdbserver_state.allow_stop_reply = cmd->allow_stop_reply;
879         cmd->handler(params, NULL);
880         return 0;
881     }
882 
883     return -1;
884 }
885 
886 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
887 {
888     if (!data) {
889         return;
890     }
891 
892     g_string_set_size(gdbserver_state.str_buf, 0);
893     g_byte_array_set_size(gdbserver_state.mem_buf, 0);
894 
895     /* In case there was an error during the command parsing we must
896     * send a NULL packet to indicate the command is not supported */
897     if (process_string_cmd(data, cmd, 1)) {
898         gdb_put_packet("");
899     }
900 }
901 
902 static void handle_detach(GArray *params, void *user_ctx)
903 {
904     GDBProcess *process;
905     uint32_t pid = 1;
906 
907     if (gdbserver_state.multiprocess) {
908         if (!params->len) {
909             gdb_put_packet("E22");
910             return;
911         }
912 
913         pid = get_param(params, 0)->val_ul;
914     }
915 
916     process = gdb_get_process(pid);
917     gdb_process_breakpoint_remove_all(process);
918     process->attached = false;
919 
920     if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
921         gdbserver_state.c_cpu = gdb_first_attached_cpu();
922     }
923 
924     if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
925         gdbserver_state.g_cpu = gdb_first_attached_cpu();
926     }
927 
928     if (!gdbserver_state.c_cpu) {
929         /* No more process attached */
930         gdb_disable_syscalls();
931         gdb_continue();
932     }
933     gdb_put_packet("OK");
934 }
935 
936 static void handle_thread_alive(GArray *params, void *user_ctx)
937 {
938     CPUState *cpu;
939 
940     if (!params->len) {
941         gdb_put_packet("E22");
942         return;
943     }
944 
945     if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
946         gdb_put_packet("E22");
947         return;
948     }
949 
950     cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
951                       get_param(params, 0)->thread_id.tid);
952     if (!cpu) {
953         gdb_put_packet("E22");
954         return;
955     }
956 
957     gdb_put_packet("OK");
958 }
959 
960 static void handle_continue(GArray *params, void *user_ctx)
961 {
962     if (params->len) {
963         gdb_set_cpu_pc(get_param(params, 0)->val_ull);
964     }
965 
966     gdbserver_state.signal = 0;
967     gdb_continue();
968 }
969 
970 static void handle_cont_with_sig(GArray *params, void *user_ctx)
971 {
972     unsigned long signal = 0;
973 
974     /*
975      * Note: C sig;[addr] is currently unsupported and we simply
976      *       omit the addr parameter
977      */
978     if (params->len) {
979         signal = get_param(params, 0)->val_ul;
980     }
981 
982     gdbserver_state.signal = gdb_signal_to_target(signal);
983     if (gdbserver_state.signal == -1) {
984         gdbserver_state.signal = 0;
985     }
986     gdb_continue();
987 }
988 
989 static void handle_set_thread(GArray *params, void *user_ctx)
990 {
991     CPUState *cpu;
992 
993     if (params->len != 2) {
994         gdb_put_packet("E22");
995         return;
996     }
997 
998     if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) {
999         gdb_put_packet("E22");
1000         return;
1001     }
1002 
1003     if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) {
1004         gdb_put_packet("OK");
1005         return;
1006     }
1007 
1008     cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid,
1009                       get_param(params, 1)->thread_id.tid);
1010     if (!cpu) {
1011         gdb_put_packet("E22");
1012         return;
1013     }
1014 
1015     /*
1016      * Note: This command is deprecated and modern gdb's will be using the
1017      *       vCont command instead.
1018      */
1019     switch (get_param(params, 0)->opcode) {
1020     case 'c':
1021         gdbserver_state.c_cpu = cpu;
1022         gdb_put_packet("OK");
1023         break;
1024     case 'g':
1025         gdbserver_state.g_cpu = cpu;
1026         gdb_put_packet("OK");
1027         break;
1028     default:
1029         gdb_put_packet("E22");
1030         break;
1031     }
1032 }
1033 
1034 static void handle_insert_bp(GArray *params, void *user_ctx)
1035 {
1036     int res;
1037 
1038     if (params->len != 3) {
1039         gdb_put_packet("E22");
1040         return;
1041     }
1042 
1043     res = gdb_breakpoint_insert(gdbserver_state.c_cpu,
1044                                 get_param(params, 0)->val_ul,
1045                                 get_param(params, 1)->val_ull,
1046                                 get_param(params, 2)->val_ull);
1047     if (res >= 0) {
1048         gdb_put_packet("OK");
1049         return;
1050     } else if (res == -ENOSYS) {
1051         gdb_put_packet("");
1052         return;
1053     }
1054 
1055     gdb_put_packet("E22");
1056 }
1057 
1058 static void handle_remove_bp(GArray *params, void *user_ctx)
1059 {
1060     int res;
1061 
1062     if (params->len != 3) {
1063         gdb_put_packet("E22");
1064         return;
1065     }
1066 
1067     res = gdb_breakpoint_remove(gdbserver_state.c_cpu,
1068                                 get_param(params, 0)->val_ul,
1069                                 get_param(params, 1)->val_ull,
1070                                 get_param(params, 2)->val_ull);
1071     if (res >= 0) {
1072         gdb_put_packet("OK");
1073         return;
1074     } else if (res == -ENOSYS) {
1075         gdb_put_packet("");
1076         return;
1077     }
1078 
1079     gdb_put_packet("E22");
1080 }
1081 
1082 /*
1083  * handle_set/get_reg
1084  *
1085  * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1086  * This works, but can be very slow. Anything new enough to understand
1087  * XML also knows how to use this properly. However to use this we
1088  * need to define a local XML file as well as be talking to a
1089  * reasonably modern gdb. Responding with an empty packet will cause
1090  * the remote gdb to fallback to older methods.
1091  */
1092 
1093 static void handle_set_reg(GArray *params, void *user_ctx)
1094 {
1095     int reg_size;
1096 
1097     if (params->len != 2) {
1098         gdb_put_packet("E22");
1099         return;
1100     }
1101 
1102     reg_size = strlen(get_param(params, 1)->data) / 2;
1103     gdb_hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size);
1104     gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1105                        get_param(params, 0)->val_ull);
1106     gdb_put_packet("OK");
1107 }
1108 
1109 static void handle_get_reg(GArray *params, void *user_ctx)
1110 {
1111     int reg_size;
1112 
1113     if (!params->len) {
1114         gdb_put_packet("E14");
1115         return;
1116     }
1117 
1118     reg_size = gdb_read_register(gdbserver_state.g_cpu,
1119                                  gdbserver_state.mem_buf,
1120                                  get_param(params, 0)->val_ull);
1121     if (!reg_size) {
1122         gdb_put_packet("E14");
1123         return;
1124     } else {
1125         g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1126     }
1127 
1128     gdb_memtohex(gdbserver_state.str_buf,
1129                  gdbserver_state.mem_buf->data, reg_size);
1130     gdb_put_strbuf();
1131 }
1132 
1133 static void handle_write_mem(GArray *params, void *user_ctx)
1134 {
1135     if (params->len != 3) {
1136         gdb_put_packet("E22");
1137         return;
1138     }
1139 
1140     /* gdb_hextomem() reads 2*len bytes */
1141     if (get_param(params, 1)->val_ull >
1142         strlen(get_param(params, 2)->data) / 2) {
1143         gdb_put_packet("E22");
1144         return;
1145     }
1146 
1147     gdb_hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data,
1148                  get_param(params, 1)->val_ull);
1149     if (gdb_target_memory_rw_debug(gdbserver_state.g_cpu,
1150                                    get_param(params, 0)->val_ull,
1151                                    gdbserver_state.mem_buf->data,
1152                                    gdbserver_state.mem_buf->len, true)) {
1153         gdb_put_packet("E14");
1154         return;
1155     }
1156 
1157     gdb_put_packet("OK");
1158 }
1159 
1160 static void handle_read_mem(GArray *params, void *user_ctx)
1161 {
1162     if (params->len != 2) {
1163         gdb_put_packet("E22");
1164         return;
1165     }
1166 
1167     /* gdb_memtohex() doubles the required space */
1168     if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) {
1169         gdb_put_packet("E22");
1170         return;
1171     }
1172 
1173     g_byte_array_set_size(gdbserver_state.mem_buf,
1174                           get_param(params, 1)->val_ull);
1175 
1176     if (gdb_target_memory_rw_debug(gdbserver_state.g_cpu,
1177                                    get_param(params, 0)->val_ull,
1178                                    gdbserver_state.mem_buf->data,
1179                                    gdbserver_state.mem_buf->len, false)) {
1180         gdb_put_packet("E14");
1181         return;
1182     }
1183 
1184     gdb_memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1185              gdbserver_state.mem_buf->len);
1186     gdb_put_strbuf();
1187 }
1188 
1189 static void handle_write_all_regs(GArray *params, void *user_ctx)
1190 {
1191     int reg_id;
1192     size_t len;
1193     uint8_t *registers;
1194     int reg_size;
1195 
1196     if (!params->len) {
1197         return;
1198     }
1199 
1200     cpu_synchronize_state(gdbserver_state.g_cpu);
1201     len = strlen(get_param(params, 0)->data) / 2;
1202     gdb_hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
1203     registers = gdbserver_state.mem_buf->data;
1204     for (reg_id = 0;
1205          reg_id < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1206          reg_id++) {
1207         reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, reg_id);
1208         len -= reg_size;
1209         registers += reg_size;
1210     }
1211     gdb_put_packet("OK");
1212 }
1213 
1214 static void handle_read_all_regs(GArray *params, void *user_ctx)
1215 {
1216     int reg_id;
1217     size_t len;
1218 
1219     cpu_synchronize_state(gdbserver_state.g_cpu);
1220     g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1221     len = 0;
1222     for (reg_id = 0; reg_id < gdbserver_state.g_cpu->gdb_num_g_regs; reg_id++) {
1223         len += gdb_read_register(gdbserver_state.g_cpu,
1224                                  gdbserver_state.mem_buf,
1225                                  reg_id);
1226     }
1227     g_assert(len == gdbserver_state.mem_buf->len);
1228 
1229     gdb_memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1230     gdb_put_strbuf();
1231 }
1232 
1233 
1234 static void handle_step(GArray *params, void *user_ctx)
1235 {
1236     if (params->len) {
1237         gdb_set_cpu_pc(get_param(params, 0)->val_ull);
1238     }
1239 
1240     cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags);
1241     gdb_continue();
1242 }
1243 
1244 static void handle_backward(GArray *params, void *user_ctx)
1245 {
1246     if (!gdb_can_reverse()) {
1247         gdb_put_packet("E22");
1248     }
1249     if (params->len == 1) {
1250         switch (get_param(params, 0)->opcode) {
1251         case 's':
1252             if (replay_reverse_step()) {
1253                 gdb_continue();
1254             } else {
1255                 gdb_put_packet("E14");
1256             }
1257             return;
1258         case 'c':
1259             if (replay_reverse_continue()) {
1260                 gdb_continue();
1261             } else {
1262                 gdb_put_packet("E14");
1263             }
1264             return;
1265         }
1266     }
1267 
1268     /* Default invalid command */
1269     gdb_put_packet("");
1270 }
1271 
1272 static void handle_v_cont_query(GArray *params, void *user_ctx)
1273 {
1274     gdb_put_packet("vCont;c;C;s;S");
1275 }
1276 
1277 static void handle_v_cont(GArray *params, void *user_ctx)
1278 {
1279     int res;
1280 
1281     if (!params->len) {
1282         return;
1283     }
1284 
1285     res = gdb_handle_vcont(get_param(params, 0)->data);
1286     if ((res == -EINVAL) || (res == -ERANGE)) {
1287         gdb_put_packet("E22");
1288     } else if (res) {
1289         gdb_put_packet("");
1290     }
1291 }
1292 
1293 static void handle_v_attach(GArray *params, void *user_ctx)
1294 {
1295     GDBProcess *process;
1296     CPUState *cpu;
1297 
1298     g_string_assign(gdbserver_state.str_buf, "E22");
1299     if (!params->len) {
1300         goto cleanup;
1301     }
1302 
1303     process = gdb_get_process(get_param(params, 0)->val_ul);
1304     if (!process) {
1305         goto cleanup;
1306     }
1307 
1308     cpu = gdb_get_first_cpu_in_process(process);
1309     if (!cpu) {
1310         goto cleanup;
1311     }
1312 
1313     process->attached = true;
1314     gdbserver_state.g_cpu = cpu;
1315     gdbserver_state.c_cpu = cpu;
1316 
1317     if (gdbserver_state.allow_stop_reply) {
1318         g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1319         gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1320         g_string_append_c(gdbserver_state.str_buf, ';');
1321         gdbserver_state.allow_stop_reply = false;
1322 cleanup:
1323         gdb_put_strbuf();
1324     }
1325 }
1326 
1327 static void handle_v_kill(GArray *params, void *user_ctx)
1328 {
1329     /* Kill the target */
1330     gdb_put_packet("OK");
1331     error_report("QEMU: Terminated via GDBstub");
1332     gdb_exit(0);
1333     gdb_qemu_exit(0);
1334 }
1335 
1336 static const GdbCmdParseEntry gdb_v_commands_table[] = {
1337     /* Order is important if has same prefix */
1338     {
1339         .handler = handle_v_cont_query,
1340         .cmd = "Cont?",
1341         .cmd_startswith = 1
1342     },
1343     {
1344         .handler = handle_v_cont,
1345         .cmd = "Cont",
1346         .cmd_startswith = 1,
1347         .allow_stop_reply = true,
1348         .schema = "s0"
1349     },
1350     {
1351         .handler = handle_v_attach,
1352         .cmd = "Attach;",
1353         .cmd_startswith = 1,
1354         .allow_stop_reply = true,
1355         .schema = "l0"
1356     },
1357     {
1358         .handler = handle_v_kill,
1359         .cmd = "Kill;",
1360         .cmd_startswith = 1
1361     },
1362 #ifdef CONFIG_USER_ONLY
1363     /*
1364      * Host I/O Packets. See [1] for details.
1365      * [1] https://sourceware.org/gdb/onlinedocs/gdb/Host-I_002fO-Packets.html
1366      */
1367     {
1368         .handler = gdb_handle_v_file_open,
1369         .cmd = "File:open:",
1370         .cmd_startswith = 1,
1371         .schema = "s,L,L0"
1372     },
1373     {
1374         .handler = gdb_handle_v_file_close,
1375         .cmd = "File:close:",
1376         .cmd_startswith = 1,
1377         .schema = "l0"
1378     },
1379     {
1380         .handler = gdb_handle_v_file_pread,
1381         .cmd = "File:pread:",
1382         .cmd_startswith = 1,
1383         .schema = "l,L,L0"
1384     },
1385     {
1386         .handler = gdb_handle_v_file_readlink,
1387         .cmd = "File:readlink:",
1388         .cmd_startswith = 1,
1389         .schema = "s0"
1390     },
1391 #endif
1392 };
1393 
1394 static void handle_v_commands(GArray *params, void *user_ctx)
1395 {
1396     if (!params->len) {
1397         return;
1398     }
1399 
1400     if (process_string_cmd(get_param(params, 0)->data,
1401                            gdb_v_commands_table,
1402                            ARRAY_SIZE(gdb_v_commands_table))) {
1403         gdb_put_packet("");
1404     }
1405 }
1406 
1407 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx)
1408 {
1409     g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE);
1410 
1411     if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) {
1412         g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x",
1413                                SSTEP_NOIRQ);
1414     }
1415 
1416     if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) {
1417         g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x",
1418                                SSTEP_NOTIMER);
1419     }
1420 
1421     gdb_put_strbuf();
1422 }
1423 
1424 static void handle_set_qemu_sstep(GArray *params, void *user_ctx)
1425 {
1426     int new_sstep_flags;
1427 
1428     if (!params->len) {
1429         return;
1430     }
1431 
1432     new_sstep_flags = get_param(params, 0)->val_ul;
1433 
1434     if (new_sstep_flags  & ~gdbserver_state.supported_sstep_flags) {
1435         gdb_put_packet("E22");
1436         return;
1437     }
1438 
1439     gdbserver_state.sstep_flags = new_sstep_flags;
1440     gdb_put_packet("OK");
1441 }
1442 
1443 static void handle_query_qemu_sstep(GArray *params, void *user_ctx)
1444 {
1445     g_string_printf(gdbserver_state.str_buf, "0x%x",
1446                     gdbserver_state.sstep_flags);
1447     gdb_put_strbuf();
1448 }
1449 
1450 static void handle_query_curr_tid(GArray *params, void *user_ctx)
1451 {
1452     CPUState *cpu;
1453     GDBProcess *process;
1454 
1455     /*
1456      * "Current thread" remains vague in the spec, so always return
1457      * the first thread of the current process (gdb returns the
1458      * first thread).
1459      */
1460     process = gdb_get_cpu_process(gdbserver_state.g_cpu);
1461     cpu = gdb_get_first_cpu_in_process(process);
1462     g_string_assign(gdbserver_state.str_buf, "QC");
1463     gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1464     gdb_put_strbuf();
1465 }
1466 
1467 static void handle_query_threads(GArray *params, void *user_ctx)
1468 {
1469     if (!gdbserver_state.query_cpu) {
1470         gdb_put_packet("l");
1471         return;
1472     }
1473 
1474     g_string_assign(gdbserver_state.str_buf, "m");
1475     gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
1476     gdb_put_strbuf();
1477     gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
1478 }
1479 
1480 static void handle_query_first_threads(GArray *params, void *user_ctx)
1481 {
1482     gdbserver_state.query_cpu = gdb_first_attached_cpu();
1483     handle_query_threads(params, user_ctx);
1484 }
1485 
1486 static void handle_query_thread_extra(GArray *params, void *user_ctx)
1487 {
1488     g_autoptr(GString) rs = g_string_new(NULL);
1489     CPUState *cpu;
1490 
1491     if (!params->len ||
1492         get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
1493         gdb_put_packet("E22");
1494         return;
1495     }
1496 
1497     cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
1498                       get_param(params, 0)->thread_id.tid);
1499     if (!cpu) {
1500         return;
1501     }
1502 
1503     cpu_synchronize_state(cpu);
1504 
1505     if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
1506         /* Print the CPU model and name in multiprocess mode */
1507         ObjectClass *oc = object_get_class(OBJECT(cpu));
1508         const char *cpu_model = object_class_get_name(oc);
1509         const char *cpu_name =
1510             object_get_canonical_path_component(OBJECT(cpu));
1511         g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
1512                         cpu->halted ? "halted " : "running");
1513     } else {
1514         g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
1515                         cpu->halted ? "halted " : "running");
1516     }
1517     trace_gdbstub_op_extra_info(rs->str);
1518     gdb_memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
1519     gdb_put_strbuf();
1520 }
1521 
1522 static void handle_query_supported(GArray *params, void *user_ctx)
1523 {
1524     CPUClass *cc;
1525 
1526     g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
1527     cc = CPU_GET_CLASS(first_cpu);
1528     if (cc->gdb_core_xml_file) {
1529         g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
1530     }
1531 
1532     if (gdb_can_reverse()) {
1533         g_string_append(gdbserver_state.str_buf,
1534             ";ReverseStep+;ReverseContinue+");
1535     }
1536 
1537 #if defined(CONFIG_USER_ONLY)
1538 #if defined(CONFIG_LINUX)
1539     if (gdbserver_state.c_cpu->opaque) {
1540         g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
1541     }
1542 #endif
1543     g_string_append(gdbserver_state.str_buf, ";qXfer:exec-file:read+");
1544 #endif
1545 
1546     if (params->len &&
1547         strstr(get_param(params, 0)->data, "multiprocess+")) {
1548         gdbserver_state.multiprocess = true;
1549     }
1550 
1551     g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
1552     gdb_put_strbuf();
1553 }
1554 
1555 static void handle_query_xfer_features(GArray *params, void *user_ctx)
1556 {
1557     GDBProcess *process;
1558     CPUClass *cc;
1559     unsigned long len, total_len, addr;
1560     const char *xml;
1561     const char *p;
1562 
1563     if (params->len < 3) {
1564         gdb_put_packet("E22");
1565         return;
1566     }
1567 
1568     process = gdb_get_cpu_process(gdbserver_state.g_cpu);
1569     cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
1570     if (!cc->gdb_core_xml_file) {
1571         gdb_put_packet("");
1572         return;
1573     }
1574 
1575     p = get_param(params, 0)->data;
1576     xml = get_feature_xml(p, &p, process);
1577     if (!xml) {
1578         gdb_put_packet("E00");
1579         return;
1580     }
1581 
1582     addr = get_param(params, 1)->val_ul;
1583     len = get_param(params, 2)->val_ul;
1584     total_len = strlen(xml);
1585     if (addr > total_len) {
1586         gdb_put_packet("E00");
1587         return;
1588     }
1589 
1590     if (len > (MAX_PACKET_LENGTH - 5) / 2) {
1591         len = (MAX_PACKET_LENGTH - 5) / 2;
1592     }
1593 
1594     if (len < total_len - addr) {
1595         g_string_assign(gdbserver_state.str_buf, "m");
1596         gdb_memtox(gdbserver_state.str_buf, xml + addr, len);
1597     } else {
1598         g_string_assign(gdbserver_state.str_buf, "l");
1599         gdb_memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
1600     }
1601 
1602     gdb_put_packet_binary(gdbserver_state.str_buf->str,
1603                       gdbserver_state.str_buf->len, true);
1604 }
1605 
1606 static void handle_query_qemu_supported(GArray *params, void *user_ctx)
1607 {
1608     g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
1609 #ifndef CONFIG_USER_ONLY
1610     g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
1611 #endif
1612     gdb_put_strbuf();
1613 }
1614 
1615 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
1616     /* Order is important if has same prefix */
1617     {
1618         .handler = handle_query_qemu_sstepbits,
1619         .cmd = "qemu.sstepbits",
1620     },
1621     {
1622         .handler = handle_query_qemu_sstep,
1623         .cmd = "qemu.sstep",
1624     },
1625     {
1626         .handler = handle_set_qemu_sstep,
1627         .cmd = "qemu.sstep=",
1628         .cmd_startswith = 1,
1629         .schema = "l0"
1630     },
1631 };
1632 
1633 static const GdbCmdParseEntry gdb_gen_query_table[] = {
1634     {
1635         .handler = handle_query_curr_tid,
1636         .cmd = "C",
1637     },
1638     {
1639         .handler = handle_query_threads,
1640         .cmd = "sThreadInfo",
1641     },
1642     {
1643         .handler = handle_query_first_threads,
1644         .cmd = "fThreadInfo",
1645     },
1646     {
1647         .handler = handle_query_thread_extra,
1648         .cmd = "ThreadExtraInfo,",
1649         .cmd_startswith = 1,
1650         .schema = "t0"
1651     },
1652 #ifdef CONFIG_USER_ONLY
1653     {
1654         .handler = gdb_handle_query_offsets,
1655         .cmd = "Offsets",
1656     },
1657 #else
1658     {
1659         .handler = gdb_handle_query_rcmd,
1660         .cmd = "Rcmd,",
1661         .cmd_startswith = 1,
1662         .schema = "s0"
1663     },
1664 #endif
1665     {
1666         .handler = handle_query_supported,
1667         .cmd = "Supported:",
1668         .cmd_startswith = 1,
1669         .schema = "s0"
1670     },
1671     {
1672         .handler = handle_query_supported,
1673         .cmd = "Supported",
1674         .schema = "s0"
1675     },
1676     {
1677         .handler = handle_query_xfer_features,
1678         .cmd = "Xfer:features:read:",
1679         .cmd_startswith = 1,
1680         .schema = "s:l,l0"
1681     },
1682 #if defined(CONFIG_USER_ONLY)
1683 #if defined(CONFIG_LINUX)
1684     {
1685         .handler = gdb_handle_query_xfer_auxv,
1686         .cmd = "Xfer:auxv:read::",
1687         .cmd_startswith = 1,
1688         .schema = "l,l0"
1689     },
1690 #endif
1691     {
1692         .handler = gdb_handle_query_xfer_exec_file,
1693         .cmd = "Xfer:exec-file:read:",
1694         .cmd_startswith = 1,
1695         .schema = "l:l,l0"
1696     },
1697 #endif
1698     {
1699         .handler = gdb_handle_query_attached,
1700         .cmd = "Attached:",
1701         .cmd_startswith = 1
1702     },
1703     {
1704         .handler = gdb_handle_query_attached,
1705         .cmd = "Attached",
1706     },
1707     {
1708         .handler = handle_query_qemu_supported,
1709         .cmd = "qemu.Supported",
1710     },
1711 #ifndef CONFIG_USER_ONLY
1712     {
1713         .handler = gdb_handle_query_qemu_phy_mem_mode,
1714         .cmd = "qemu.PhyMemMode",
1715     },
1716 #endif
1717 };
1718 
1719 static const GdbCmdParseEntry gdb_gen_set_table[] = {
1720     /* Order is important if has same prefix */
1721     {
1722         .handler = handle_set_qemu_sstep,
1723         .cmd = "qemu.sstep:",
1724         .cmd_startswith = 1,
1725         .schema = "l0"
1726     },
1727 #ifndef CONFIG_USER_ONLY
1728     {
1729         .handler = gdb_handle_set_qemu_phy_mem_mode,
1730         .cmd = "qemu.PhyMemMode:",
1731         .cmd_startswith = 1,
1732         .schema = "l0"
1733     },
1734 #endif
1735 };
1736 
1737 static void handle_gen_query(GArray *params, void *user_ctx)
1738 {
1739     if (!params->len) {
1740         return;
1741     }
1742 
1743     if (!process_string_cmd(get_param(params, 0)->data,
1744                             gdb_gen_query_set_common_table,
1745                             ARRAY_SIZE(gdb_gen_query_set_common_table))) {
1746         return;
1747     }
1748 
1749     if (process_string_cmd(get_param(params, 0)->data,
1750                            gdb_gen_query_table,
1751                            ARRAY_SIZE(gdb_gen_query_table))) {
1752         gdb_put_packet("");
1753     }
1754 }
1755 
1756 static void handle_gen_set(GArray *params, void *user_ctx)
1757 {
1758     if (!params->len) {
1759         return;
1760     }
1761 
1762     if (!process_string_cmd(get_param(params, 0)->data,
1763                             gdb_gen_query_set_common_table,
1764                             ARRAY_SIZE(gdb_gen_query_set_common_table))) {
1765         return;
1766     }
1767 
1768     if (process_string_cmd(get_param(params, 0)->data,
1769                            gdb_gen_set_table,
1770                            ARRAY_SIZE(gdb_gen_set_table))) {
1771         gdb_put_packet("");
1772     }
1773 }
1774 
1775 static void handle_target_halt(GArray *params, void *user_ctx)
1776 {
1777     if (gdbserver_state.allow_stop_reply) {
1778         g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1779         gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
1780         g_string_append_c(gdbserver_state.str_buf, ';');
1781         gdb_put_strbuf();
1782         gdbserver_state.allow_stop_reply = false;
1783     }
1784     /*
1785      * Remove all the breakpoints when this query is issued,
1786      * because gdb is doing an initial connect and the state
1787      * should be cleaned up.
1788      */
1789     gdb_breakpoint_remove_all(gdbserver_state.c_cpu);
1790 }
1791 
1792 static int gdb_handle_packet(const char *line_buf)
1793 {
1794     const GdbCmdParseEntry *cmd_parser = NULL;
1795 
1796     trace_gdbstub_io_command(line_buf);
1797 
1798     switch (line_buf[0]) {
1799     case '!':
1800         gdb_put_packet("OK");
1801         break;
1802     case '?':
1803         {
1804             static const GdbCmdParseEntry target_halted_cmd_desc = {
1805                 .handler = handle_target_halt,
1806                 .cmd = "?",
1807                 .cmd_startswith = 1,
1808                 .allow_stop_reply = true,
1809             };
1810             cmd_parser = &target_halted_cmd_desc;
1811         }
1812         break;
1813     case 'c':
1814         {
1815             static const GdbCmdParseEntry continue_cmd_desc = {
1816                 .handler = handle_continue,
1817                 .cmd = "c",
1818                 .cmd_startswith = 1,
1819                 .allow_stop_reply = true,
1820                 .schema = "L0"
1821             };
1822             cmd_parser = &continue_cmd_desc;
1823         }
1824         break;
1825     case 'C':
1826         {
1827             static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
1828                 .handler = handle_cont_with_sig,
1829                 .cmd = "C",
1830                 .cmd_startswith = 1,
1831                 .allow_stop_reply = true,
1832                 .schema = "l0"
1833             };
1834             cmd_parser = &cont_with_sig_cmd_desc;
1835         }
1836         break;
1837     case 'v':
1838         {
1839             static const GdbCmdParseEntry v_cmd_desc = {
1840                 .handler = handle_v_commands,
1841                 .cmd = "v",
1842                 .cmd_startswith = 1,
1843                 .schema = "s0"
1844             };
1845             cmd_parser = &v_cmd_desc;
1846         }
1847         break;
1848     case 'k':
1849         /* Kill the target */
1850         error_report("QEMU: Terminated via GDBstub");
1851         gdb_exit(0);
1852         gdb_qemu_exit(0);
1853         break;
1854     case 'D':
1855         {
1856             static const GdbCmdParseEntry detach_cmd_desc = {
1857                 .handler = handle_detach,
1858                 .cmd = "D",
1859                 .cmd_startswith = 1,
1860                 .schema = "?.l0"
1861             };
1862             cmd_parser = &detach_cmd_desc;
1863         }
1864         break;
1865     case 's':
1866         {
1867             static const GdbCmdParseEntry step_cmd_desc = {
1868                 .handler = handle_step,
1869                 .cmd = "s",
1870                 .cmd_startswith = 1,
1871                 .allow_stop_reply = true,
1872                 .schema = "L0"
1873             };
1874             cmd_parser = &step_cmd_desc;
1875         }
1876         break;
1877     case 'b':
1878         {
1879             static const GdbCmdParseEntry backward_cmd_desc = {
1880                 .handler = handle_backward,
1881                 .cmd = "b",
1882                 .cmd_startswith = 1,
1883                 .allow_stop_reply = true,
1884                 .schema = "o0"
1885             };
1886             cmd_parser = &backward_cmd_desc;
1887         }
1888         break;
1889     case 'F':
1890         {
1891             static const GdbCmdParseEntry file_io_cmd_desc = {
1892                 .handler = gdb_handle_file_io,
1893                 .cmd = "F",
1894                 .cmd_startswith = 1,
1895                 .schema = "L,L,o0"
1896             };
1897             cmd_parser = &file_io_cmd_desc;
1898         }
1899         break;
1900     case 'g':
1901         {
1902             static const GdbCmdParseEntry read_all_regs_cmd_desc = {
1903                 .handler = handle_read_all_regs,
1904                 .cmd = "g",
1905                 .cmd_startswith = 1
1906             };
1907             cmd_parser = &read_all_regs_cmd_desc;
1908         }
1909         break;
1910     case 'G':
1911         {
1912             static const GdbCmdParseEntry write_all_regs_cmd_desc = {
1913                 .handler = handle_write_all_regs,
1914                 .cmd = "G",
1915                 .cmd_startswith = 1,
1916                 .schema = "s0"
1917             };
1918             cmd_parser = &write_all_regs_cmd_desc;
1919         }
1920         break;
1921     case 'm':
1922         {
1923             static const GdbCmdParseEntry read_mem_cmd_desc = {
1924                 .handler = handle_read_mem,
1925                 .cmd = "m",
1926                 .cmd_startswith = 1,
1927                 .schema = "L,L0"
1928             };
1929             cmd_parser = &read_mem_cmd_desc;
1930         }
1931         break;
1932     case 'M':
1933         {
1934             static const GdbCmdParseEntry write_mem_cmd_desc = {
1935                 .handler = handle_write_mem,
1936                 .cmd = "M",
1937                 .cmd_startswith = 1,
1938                 .schema = "L,L:s0"
1939             };
1940             cmd_parser = &write_mem_cmd_desc;
1941         }
1942         break;
1943     case 'p':
1944         {
1945             static const GdbCmdParseEntry get_reg_cmd_desc = {
1946                 .handler = handle_get_reg,
1947                 .cmd = "p",
1948                 .cmd_startswith = 1,
1949                 .schema = "L0"
1950             };
1951             cmd_parser = &get_reg_cmd_desc;
1952         }
1953         break;
1954     case 'P':
1955         {
1956             static const GdbCmdParseEntry set_reg_cmd_desc = {
1957                 .handler = handle_set_reg,
1958                 .cmd = "P",
1959                 .cmd_startswith = 1,
1960                 .schema = "L?s0"
1961             };
1962             cmd_parser = &set_reg_cmd_desc;
1963         }
1964         break;
1965     case 'Z':
1966         {
1967             static const GdbCmdParseEntry insert_bp_cmd_desc = {
1968                 .handler = handle_insert_bp,
1969                 .cmd = "Z",
1970                 .cmd_startswith = 1,
1971                 .schema = "l?L?L0"
1972             };
1973             cmd_parser = &insert_bp_cmd_desc;
1974         }
1975         break;
1976     case 'z':
1977         {
1978             static const GdbCmdParseEntry remove_bp_cmd_desc = {
1979                 .handler = handle_remove_bp,
1980                 .cmd = "z",
1981                 .cmd_startswith = 1,
1982                 .schema = "l?L?L0"
1983             };
1984             cmd_parser = &remove_bp_cmd_desc;
1985         }
1986         break;
1987     case 'H':
1988         {
1989             static const GdbCmdParseEntry set_thread_cmd_desc = {
1990                 .handler = handle_set_thread,
1991                 .cmd = "H",
1992                 .cmd_startswith = 1,
1993                 .schema = "o.t0"
1994             };
1995             cmd_parser = &set_thread_cmd_desc;
1996         }
1997         break;
1998     case 'T':
1999         {
2000             static const GdbCmdParseEntry thread_alive_cmd_desc = {
2001                 .handler = handle_thread_alive,
2002                 .cmd = "T",
2003                 .cmd_startswith = 1,
2004                 .schema = "t0"
2005             };
2006             cmd_parser = &thread_alive_cmd_desc;
2007         }
2008         break;
2009     case 'q':
2010         {
2011             static const GdbCmdParseEntry gen_query_cmd_desc = {
2012                 .handler = handle_gen_query,
2013                 .cmd = "q",
2014                 .cmd_startswith = 1,
2015                 .schema = "s0"
2016             };
2017             cmd_parser = &gen_query_cmd_desc;
2018         }
2019         break;
2020     case 'Q':
2021         {
2022             static const GdbCmdParseEntry gen_set_cmd_desc = {
2023                 .handler = handle_gen_set,
2024                 .cmd = "Q",
2025                 .cmd_startswith = 1,
2026                 .schema = "s0"
2027             };
2028             cmd_parser = &gen_set_cmd_desc;
2029         }
2030         break;
2031     default:
2032         /* put empty packet */
2033         gdb_put_packet("");
2034         break;
2035     }
2036 
2037     if (cmd_parser) {
2038         run_cmd_parser(line_buf, cmd_parser);
2039     }
2040 
2041     return RS_IDLE;
2042 }
2043 
2044 void gdb_set_stop_cpu(CPUState *cpu)
2045 {
2046     GDBProcess *p = gdb_get_cpu_process(cpu);
2047 
2048     if (!p->attached) {
2049         /*
2050          * Having a stop CPU corresponding to a process that is not attached
2051          * confuses GDB. So we ignore the request.
2052          */
2053         return;
2054     }
2055 
2056     gdbserver_state.c_cpu = cpu;
2057     gdbserver_state.g_cpu = cpu;
2058 }
2059 
2060 void gdb_read_byte(uint8_t ch)
2061 {
2062     uint8_t reply;
2063 
2064     gdbserver_state.allow_stop_reply = false;
2065 #ifndef CONFIG_USER_ONLY
2066     if (gdbserver_state.last_packet->len) {
2067         /* Waiting for a response to the last packet.  If we see the start
2068            of a new command then abandon the previous response.  */
2069         if (ch == '-') {
2070             trace_gdbstub_err_got_nack();
2071             gdb_put_buffer(gdbserver_state.last_packet->data,
2072                        gdbserver_state.last_packet->len);
2073         } else if (ch == '+') {
2074             trace_gdbstub_io_got_ack();
2075         } else {
2076             trace_gdbstub_io_got_unexpected(ch);
2077         }
2078 
2079         if (ch == '+' || ch == '$') {
2080             g_byte_array_set_size(gdbserver_state.last_packet, 0);
2081         }
2082         if (ch != '$')
2083             return;
2084     }
2085     if (runstate_is_running()) {
2086         /*
2087          * When the CPU is running, we cannot do anything except stop
2088          * it when receiving a char. This is expected on a Ctrl-C in the
2089          * gdb client. Because we are in all-stop mode, gdb sends a
2090          * 0x03 byte which is not a usual packet, so we handle it specially
2091          * here, but it does expect a stop reply.
2092          */
2093         if (ch != 0x03) {
2094             trace_gdbstub_err_unexpected_runpkt(ch);
2095         } else {
2096             gdbserver_state.allow_stop_reply = true;
2097         }
2098         vm_stop(RUN_STATE_PAUSED);
2099     } else
2100 #endif
2101     {
2102         switch(gdbserver_state.state) {
2103         case RS_IDLE:
2104             if (ch == '$') {
2105                 /* start of command packet */
2106                 gdbserver_state.line_buf_index = 0;
2107                 gdbserver_state.line_sum = 0;
2108                 gdbserver_state.state = RS_GETLINE;
2109             } else if (ch == '+') {
2110                 /*
2111                  * do nothing, gdb may preemptively send out ACKs on
2112                  * initial connection
2113                  */
2114             } else {
2115                 trace_gdbstub_err_garbage(ch);
2116             }
2117             break;
2118         case RS_GETLINE:
2119             if (ch == '}') {
2120                 /* start escape sequence */
2121                 gdbserver_state.state = RS_GETLINE_ESC;
2122                 gdbserver_state.line_sum += ch;
2123             } else if (ch == '*') {
2124                 /* start run length encoding sequence */
2125                 gdbserver_state.state = RS_GETLINE_RLE;
2126                 gdbserver_state.line_sum += ch;
2127             } else if (ch == '#') {
2128                 /* end of command, start of checksum*/
2129                 gdbserver_state.state = RS_CHKSUM1;
2130             } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2131                 trace_gdbstub_err_overrun();
2132                 gdbserver_state.state = RS_IDLE;
2133             } else {
2134                 /* unescaped command character */
2135                 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2136                 gdbserver_state.line_sum += ch;
2137             }
2138             break;
2139         case RS_GETLINE_ESC:
2140             if (ch == '#') {
2141                 /* unexpected end of command in escape sequence */
2142                 gdbserver_state.state = RS_CHKSUM1;
2143             } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2144                 /* command buffer overrun */
2145                 trace_gdbstub_err_overrun();
2146                 gdbserver_state.state = RS_IDLE;
2147             } else {
2148                 /* parse escaped character and leave escape state */
2149                 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
2150                 gdbserver_state.line_sum += ch;
2151                 gdbserver_state.state = RS_GETLINE;
2152             }
2153             break;
2154         case RS_GETLINE_RLE:
2155             /*
2156              * Run-length encoding is explained in "Debugging with GDB /
2157              * Appendix E GDB Remote Serial Protocol / Overview".
2158              */
2159             if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
2160                 /* invalid RLE count encoding */
2161                 trace_gdbstub_err_invalid_repeat(ch);
2162                 gdbserver_state.state = RS_GETLINE;
2163             } else {
2164                 /* decode repeat length */
2165                 int repeat = ch - ' ' + 3;
2166                 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
2167                     /* that many repeats would overrun the command buffer */
2168                     trace_gdbstub_err_overrun();
2169                     gdbserver_state.state = RS_IDLE;
2170                 } else if (gdbserver_state.line_buf_index < 1) {
2171                     /* got a repeat but we have nothing to repeat */
2172                     trace_gdbstub_err_invalid_rle();
2173                     gdbserver_state.state = RS_GETLINE;
2174                 } else {
2175                     /* repeat the last character */
2176                     memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
2177                            gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
2178                     gdbserver_state.line_buf_index += repeat;
2179                     gdbserver_state.line_sum += ch;
2180                     gdbserver_state.state = RS_GETLINE;
2181                 }
2182             }
2183             break;
2184         case RS_CHKSUM1:
2185             /* get high hex digit of checksum */
2186             if (!isxdigit(ch)) {
2187                 trace_gdbstub_err_checksum_invalid(ch);
2188                 gdbserver_state.state = RS_GETLINE;
2189                 break;
2190             }
2191             gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
2192             gdbserver_state.line_csum = fromhex(ch) << 4;
2193             gdbserver_state.state = RS_CHKSUM2;
2194             break;
2195         case RS_CHKSUM2:
2196             /* get low hex digit of checksum */
2197             if (!isxdigit(ch)) {
2198                 trace_gdbstub_err_checksum_invalid(ch);
2199                 gdbserver_state.state = RS_GETLINE;
2200                 break;
2201             }
2202             gdbserver_state.line_csum |= fromhex(ch);
2203 
2204             if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
2205                 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
2206                 /* send NAK reply */
2207                 reply = '-';
2208                 gdb_put_buffer(&reply, 1);
2209                 gdbserver_state.state = RS_IDLE;
2210             } else {
2211                 /* send ACK reply */
2212                 reply = '+';
2213                 gdb_put_buffer(&reply, 1);
2214                 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
2215             }
2216             break;
2217         default:
2218             abort();
2219         }
2220     }
2221 }
2222 
2223 /*
2224  * Create the process that will contain all the "orphan" CPUs (that are not
2225  * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2226  * be attachable and thus will be invisible to the user.
2227  */
2228 void gdb_create_default_process(GDBState *s)
2229 {
2230     GDBProcess *process;
2231     int pid;
2232 
2233 #ifdef CONFIG_USER_ONLY
2234     assert(gdbserver_state.process_num == 0);
2235     pid = getpid();
2236 #else
2237     if (gdbserver_state.process_num) {
2238         pid = s->processes[s->process_num - 1].pid;
2239     } else {
2240         pid = 0;
2241     }
2242     /* We need an available PID slot for this process */
2243     assert(pid < UINT32_MAX);
2244     pid++;
2245 #endif
2246 
2247     s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2248     process = &s->processes[s->process_num - 1];
2249     process->pid = pid;
2250     process->attached = false;
2251     process->target_xml = NULL;
2252 }
2253 
2254