xref: /openbmc/qemu/gdbstub/gdbstub.c (revision bac4711b)
1 /*
2  * gdb server stub
3  *
4  * This implements a subset of the remote protocol as described in:
5  *
6  *   https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
7  *
8  * Copyright (c) 2003-2005 Fabrice Bellard
9  *
10  * This library is free software; you can redistribute it and/or
11  * modify it under the terms of the GNU Lesser General Public
12  * License as published by the Free Software Foundation; either
13  * version 2 of the License, or (at your option) any later version.
14  *
15  * This library is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
18  * Lesser General Public License for more details.
19  *
20  * You should have received a copy of the GNU Lesser General Public
21  * License along with this library; if not, see <http://www.gnu.org/licenses/>.
22  *
23  * SPDX-License-Identifier: LGPL-2.0+
24  */
25 
26 #include "qemu/osdep.h"
27 #include "qemu/ctype.h"
28 #include "qemu/cutils.h"
29 #include "qemu/module.h"
30 #include "qemu/error-report.h"
31 #include "trace.h"
32 #include "exec/gdbstub.h"
33 #include "gdbstub/syscalls.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "gdbstub/user.h"
36 #else
37 #include "hw/cpu/cluster.h"
38 #include "hw/boards.h"
39 #endif
40 
41 #include "sysemu/hw_accel.h"
42 #include "sysemu/runstate.h"
43 #include "exec/replay-core.h"
44 #include "exec/hwaddr.h"
45 
46 #include "internals.h"
47 
48 typedef struct GDBRegisterState {
49     int base_reg;
50     int num_regs;
51     gdb_get_reg_cb get_reg;
52     gdb_set_reg_cb set_reg;
53     const char *xml;
54     struct GDBRegisterState *next;
55 } GDBRegisterState;
56 
57 GDBState gdbserver_state;
58 
59 void gdb_init_gdbserver_state(void)
60 {
61     g_assert(!gdbserver_state.init);
62     memset(&gdbserver_state, 0, sizeof(GDBState));
63     gdbserver_state.init = true;
64     gdbserver_state.str_buf = g_string_new(NULL);
65     gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
66     gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
67 
68     /*
69      * What single-step modes are supported is accelerator dependent.
70      * By default try to use no IRQs and no timers while single
71      * stepping so as to make single stepping like a typical ICE HW step.
72      */
73     gdbserver_state.supported_sstep_flags = accel_supported_gdbstub_sstep_flags();
74     gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
75     gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags;
76 }
77 
78 bool gdb_has_xml;
79 
80 /* writes 2*len+1 bytes in buf */
81 void gdb_memtohex(GString *buf, const uint8_t *mem, int len)
82 {
83     int i, c;
84     for(i = 0; i < len; i++) {
85         c = mem[i];
86         g_string_append_c(buf, tohex(c >> 4));
87         g_string_append_c(buf, tohex(c & 0xf));
88     }
89     g_string_append_c(buf, '\0');
90 }
91 
92 void gdb_hextomem(GByteArray *mem, const char *buf, int len)
93 {
94     int i;
95 
96     for(i = 0; i < len; i++) {
97         guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
98         g_byte_array_append(mem, &byte, 1);
99         buf += 2;
100     }
101 }
102 
103 static void hexdump(const char *buf, int len,
104                     void (*trace_fn)(size_t ofs, char const *text))
105 {
106     char line_buffer[3 * 16 + 4 + 16 + 1];
107 
108     size_t i;
109     for (i = 0; i < len || (i & 0xF); ++i) {
110         size_t byte_ofs = i & 15;
111 
112         if (byte_ofs == 0) {
113             memset(line_buffer, ' ', 3 * 16 + 4 + 16);
114             line_buffer[3 * 16 + 4 + 16] = 0;
115         }
116 
117         size_t col_group = (i >> 2) & 3;
118         size_t hex_col = byte_ofs * 3 + col_group;
119         size_t txt_col = 3 * 16 + 4 + byte_ofs;
120 
121         if (i < len) {
122             char value = buf[i];
123 
124             line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
125             line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
126             line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
127                     ? value
128                     : '.';
129         }
130 
131         if (byte_ofs == 0xF)
132             trace_fn(i & -16, line_buffer);
133     }
134 }
135 
136 /* return -1 if error, 0 if OK */
137 int gdb_put_packet_binary(const char *buf, int len, bool dump)
138 {
139     int csum, i;
140     uint8_t footer[3];
141 
142     if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
143         hexdump(buf, len, trace_gdbstub_io_binaryreply);
144     }
145 
146     for(;;) {
147         g_byte_array_set_size(gdbserver_state.last_packet, 0);
148         g_byte_array_append(gdbserver_state.last_packet,
149                             (const uint8_t *) "$", 1);
150         g_byte_array_append(gdbserver_state.last_packet,
151                             (const uint8_t *) buf, len);
152         csum = 0;
153         for(i = 0; i < len; i++) {
154             csum += buf[i];
155         }
156         footer[0] = '#';
157         footer[1] = tohex((csum >> 4) & 0xf);
158         footer[2] = tohex((csum) & 0xf);
159         g_byte_array_append(gdbserver_state.last_packet, footer, 3);
160 
161         gdb_put_buffer(gdbserver_state.last_packet->data,
162                    gdbserver_state.last_packet->len);
163 
164         if (gdb_got_immediate_ack()) {
165             break;
166         }
167     }
168     return 0;
169 }
170 
171 /* return -1 if error, 0 if OK */
172 int gdb_put_packet(const char *buf)
173 {
174     trace_gdbstub_io_reply(buf);
175 
176     return gdb_put_packet_binary(buf, strlen(buf), false);
177 }
178 
179 void gdb_put_strbuf(void)
180 {
181     gdb_put_packet(gdbserver_state.str_buf->str);
182 }
183 
184 /* Encode data using the encoding for 'x' packets.  */
185 void gdb_memtox(GString *buf, const char *mem, int len)
186 {
187     char c;
188 
189     while (len--) {
190         c = *(mem++);
191         switch (c) {
192         case '#': case '$': case '*': case '}':
193             g_string_append_c(buf, '}');
194             g_string_append_c(buf, c ^ 0x20);
195             break;
196         default:
197             g_string_append_c(buf, c);
198             break;
199         }
200     }
201 }
202 
203 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
204 {
205 #ifdef CONFIG_USER_ONLY
206     return getpid();
207 #else
208     if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
209         /* Return the default process' PID */
210         int index = gdbserver_state.process_num - 1;
211         return gdbserver_state.processes[index].pid;
212     }
213     return cpu->cluster_index + 1;
214 #endif
215 }
216 
217 GDBProcess *gdb_get_process(uint32_t pid)
218 {
219     int i;
220 
221     if (!pid) {
222         /* 0 means any process, we take the first one */
223         return &gdbserver_state.processes[0];
224     }
225 
226     for (i = 0; i < gdbserver_state.process_num; i++) {
227         if (gdbserver_state.processes[i].pid == pid) {
228             return &gdbserver_state.processes[i];
229         }
230     }
231 
232     return NULL;
233 }
234 
235 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
236 {
237     return gdb_get_process(gdb_get_cpu_pid(cpu));
238 }
239 
240 static CPUState *find_cpu(uint32_t thread_id)
241 {
242     CPUState *cpu;
243 
244     CPU_FOREACH(cpu) {
245         if (gdb_get_cpu_index(cpu) == thread_id) {
246             return cpu;
247         }
248     }
249 
250     return NULL;
251 }
252 
253 CPUState *gdb_get_first_cpu_in_process(GDBProcess *process)
254 {
255     CPUState *cpu;
256 
257     CPU_FOREACH(cpu) {
258         if (gdb_get_cpu_pid(cpu) == process->pid) {
259             return cpu;
260         }
261     }
262 
263     return NULL;
264 }
265 
266 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
267 {
268     uint32_t pid = gdb_get_cpu_pid(cpu);
269     cpu = CPU_NEXT(cpu);
270 
271     while (cpu) {
272         if (gdb_get_cpu_pid(cpu) == pid) {
273             break;
274         }
275 
276         cpu = CPU_NEXT(cpu);
277     }
278 
279     return cpu;
280 }
281 
282 /* Return the cpu following @cpu, while ignoring unattached processes. */
283 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
284 {
285     cpu = CPU_NEXT(cpu);
286 
287     while (cpu) {
288         if (gdb_get_cpu_process(cpu)->attached) {
289             break;
290         }
291 
292         cpu = CPU_NEXT(cpu);
293     }
294 
295     return cpu;
296 }
297 
298 /* Return the first attached cpu */
299 CPUState *gdb_first_attached_cpu(void)
300 {
301     CPUState *cpu = first_cpu;
302     GDBProcess *process = gdb_get_cpu_process(cpu);
303 
304     if (!process->attached) {
305         return gdb_next_attached_cpu(cpu);
306     }
307 
308     return cpu;
309 }
310 
311 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
312 {
313     GDBProcess *process;
314     CPUState *cpu;
315 
316     if (!pid && !tid) {
317         /* 0 means any process/thread, we take the first attached one */
318         return gdb_first_attached_cpu();
319     } else if (pid && !tid) {
320         /* any thread in a specific process */
321         process = gdb_get_process(pid);
322 
323         if (process == NULL) {
324             return NULL;
325         }
326 
327         if (!process->attached) {
328             return NULL;
329         }
330 
331         return gdb_get_first_cpu_in_process(process);
332     } else {
333         /* a specific thread */
334         cpu = find_cpu(tid);
335 
336         if (cpu == NULL) {
337             return NULL;
338         }
339 
340         process = gdb_get_cpu_process(cpu);
341 
342         if (pid && process->pid != pid) {
343             return NULL;
344         }
345 
346         if (!process->attached) {
347             return NULL;
348         }
349 
350         return cpu;
351     }
352 }
353 
354 static const char *get_feature_xml(const char *p, const char **newp,
355                                    GDBProcess *process)
356 {
357     size_t len;
358     int i;
359     const char *name;
360     CPUState *cpu = gdb_get_first_cpu_in_process(process);
361     CPUClass *cc = CPU_GET_CLASS(cpu);
362 
363     len = 0;
364     while (p[len] && p[len] != ':')
365         len++;
366     *newp = p + len;
367 
368     name = NULL;
369     if (strncmp(p, "target.xml", len) == 0) {
370         char *buf = process->target_xml;
371         const size_t buf_sz = sizeof(process->target_xml);
372 
373         /* Generate the XML description for this CPU.  */
374         if (!buf[0]) {
375             GDBRegisterState *r;
376 
377             pstrcat(buf, buf_sz,
378                     "<?xml version=\"1.0\"?>"
379                     "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
380                     "<target>");
381             if (cc->gdb_arch_name) {
382                 gchar *arch = cc->gdb_arch_name(cpu);
383                 pstrcat(buf, buf_sz, "<architecture>");
384                 pstrcat(buf, buf_sz, arch);
385                 pstrcat(buf, buf_sz, "</architecture>");
386                 g_free(arch);
387             }
388             pstrcat(buf, buf_sz, "<xi:include href=\"");
389             pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
390             pstrcat(buf, buf_sz, "\"/>");
391             for (r = cpu->gdb_regs; r; r = r->next) {
392                 pstrcat(buf, buf_sz, "<xi:include href=\"");
393                 pstrcat(buf, buf_sz, r->xml);
394                 pstrcat(buf, buf_sz, "\"/>");
395             }
396             pstrcat(buf, buf_sz, "</target>");
397         }
398         return buf;
399     }
400     if (cc->gdb_get_dynamic_xml) {
401         char *xmlname = g_strndup(p, len);
402         const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
403 
404         g_free(xmlname);
405         if (xml) {
406             return xml;
407         }
408     }
409     for (i = 0; ; i++) {
410         name = xml_builtin[i][0];
411         if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
412             break;
413     }
414     return name ? xml_builtin[i][1] : NULL;
415 }
416 
417 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
418 {
419     CPUClass *cc = CPU_GET_CLASS(cpu);
420     CPUArchState *env = cpu->env_ptr;
421     GDBRegisterState *r;
422 
423     if (reg < cc->gdb_num_core_regs) {
424         return cc->gdb_read_register(cpu, buf, reg);
425     }
426 
427     for (r = cpu->gdb_regs; r; r = r->next) {
428         if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
429             return r->get_reg(env, buf, reg - r->base_reg);
430         }
431     }
432     return 0;
433 }
434 
435 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
436 {
437     CPUClass *cc = CPU_GET_CLASS(cpu);
438     CPUArchState *env = cpu->env_ptr;
439     GDBRegisterState *r;
440 
441     if (reg < cc->gdb_num_core_regs) {
442         return cc->gdb_write_register(cpu, mem_buf, reg);
443     }
444 
445     for (r = cpu->gdb_regs; r; r = r->next) {
446         if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
447             return r->set_reg(env, mem_buf, reg - r->base_reg);
448         }
449     }
450     return 0;
451 }
452 
453 /* Register a supplemental set of CPU registers.  If g_pos is nonzero it
454    specifies the first register number and these registers are included in
455    a standard "g" packet.  Direction is relative to gdb, i.e. get_reg is
456    gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
457  */
458 
459 void gdb_register_coprocessor(CPUState *cpu,
460                               gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
461                               int num_regs, const char *xml, int g_pos)
462 {
463     GDBRegisterState *s;
464     GDBRegisterState **p;
465 
466     p = &cpu->gdb_regs;
467     while (*p) {
468         /* Check for duplicates.  */
469         if (strcmp((*p)->xml, xml) == 0)
470             return;
471         p = &(*p)->next;
472     }
473 
474     s = g_new0(GDBRegisterState, 1);
475     s->base_reg = cpu->gdb_num_regs;
476     s->num_regs = num_regs;
477     s->get_reg = get_reg;
478     s->set_reg = set_reg;
479     s->xml = xml;
480 
481     /* Add to end of list.  */
482     cpu->gdb_num_regs += num_regs;
483     *p = s;
484     if (g_pos) {
485         if (g_pos != s->base_reg) {
486             error_report("Error: Bad gdb register numbering for '%s', "
487                          "expected %d got %d", xml, g_pos, s->base_reg);
488         } else {
489             cpu->gdb_num_g_regs = cpu->gdb_num_regs;
490         }
491     }
492 }
493 
494 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
495 {
496     CPUState *cpu = gdb_get_first_cpu_in_process(p);
497 
498     while (cpu) {
499         gdb_breakpoint_remove_all(cpu);
500         cpu = gdb_next_cpu_in_process(cpu);
501     }
502 }
503 
504 
505 static void gdb_set_cpu_pc(vaddr pc)
506 {
507     CPUState *cpu = gdbserver_state.c_cpu;
508 
509     cpu_synchronize_state(cpu);
510     cpu_set_pc(cpu, pc);
511 }
512 
513 void gdb_append_thread_id(CPUState *cpu, GString *buf)
514 {
515     if (gdbserver_state.multiprocess) {
516         g_string_append_printf(buf, "p%02x.%02x",
517                                gdb_get_cpu_pid(cpu), gdb_get_cpu_index(cpu));
518     } else {
519         g_string_append_printf(buf, "%02x", gdb_get_cpu_index(cpu));
520     }
521 }
522 
523 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
524                                       uint32_t *pid, uint32_t *tid)
525 {
526     unsigned long p, t;
527     int ret;
528 
529     if (*buf == 'p') {
530         buf++;
531         ret = qemu_strtoul(buf, &buf, 16, &p);
532 
533         if (ret) {
534             return GDB_READ_THREAD_ERR;
535         }
536 
537         /* Skip '.' */
538         buf++;
539     } else {
540         p = 1;
541     }
542 
543     ret = qemu_strtoul(buf, &buf, 16, &t);
544 
545     if (ret) {
546         return GDB_READ_THREAD_ERR;
547     }
548 
549     *end_buf = buf;
550 
551     if (p == -1) {
552         return GDB_ALL_PROCESSES;
553     }
554 
555     if (pid) {
556         *pid = p;
557     }
558 
559     if (t == -1) {
560         return GDB_ALL_THREADS;
561     }
562 
563     if (tid) {
564         *tid = t;
565     }
566 
567     return GDB_ONE_THREAD;
568 }
569 
570 /**
571  * gdb_handle_vcont - Parses and handles a vCont packet.
572  * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
573  *         a format error, 0 on success.
574  */
575 static int gdb_handle_vcont(const char *p)
576 {
577     int res, signal = 0;
578     char cur_action;
579     unsigned long tmp;
580     uint32_t pid, tid;
581     GDBProcess *process;
582     CPUState *cpu;
583     GDBThreadIdKind kind;
584     unsigned int max_cpus = gdb_get_max_cpus();
585     /* uninitialised CPUs stay 0 */
586     g_autofree char *newstates = g_new0(char, max_cpus);
587 
588     /* mark valid CPUs with 1 */
589     CPU_FOREACH(cpu) {
590         newstates[cpu->cpu_index] = 1;
591     }
592 
593     /*
594      * res keeps track of what error we are returning, with -ENOTSUP meaning
595      * that the command is unknown or unsupported, thus returning an empty
596      * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
597      *  or incorrect parameters passed.
598      */
599     res = 0;
600     while (*p) {
601         if (*p++ != ';') {
602             return -ENOTSUP;
603         }
604 
605         cur_action = *p++;
606         if (cur_action == 'C' || cur_action == 'S') {
607             cur_action = qemu_tolower(cur_action);
608             res = qemu_strtoul(p, &p, 16, &tmp);
609             if (res) {
610                 return res;
611             }
612             signal = gdb_signal_to_target(tmp);
613         } else if (cur_action != 'c' && cur_action != 's') {
614             /* unknown/invalid/unsupported command */
615             return -ENOTSUP;
616         }
617 
618         if (*p == '\0' || *p == ';') {
619             /*
620              * No thread specifier, action is on "all threads". The
621              * specification is unclear regarding the process to act on. We
622              * choose all processes.
623              */
624             kind = GDB_ALL_PROCESSES;
625         } else if (*p++ == ':') {
626             kind = read_thread_id(p, &p, &pid, &tid);
627         } else {
628             return -ENOTSUP;
629         }
630 
631         switch (kind) {
632         case GDB_READ_THREAD_ERR:
633             return -EINVAL;
634 
635         case GDB_ALL_PROCESSES:
636             cpu = gdb_first_attached_cpu();
637             while (cpu) {
638                 if (newstates[cpu->cpu_index] == 1) {
639                     newstates[cpu->cpu_index] = cur_action;
640                 }
641 
642                 cpu = gdb_next_attached_cpu(cpu);
643             }
644             break;
645 
646         case GDB_ALL_THREADS:
647             process = gdb_get_process(pid);
648 
649             if (!process->attached) {
650                 return -EINVAL;
651             }
652 
653             cpu = gdb_get_first_cpu_in_process(process);
654             while (cpu) {
655                 if (newstates[cpu->cpu_index] == 1) {
656                     newstates[cpu->cpu_index] = cur_action;
657                 }
658 
659                 cpu = gdb_next_cpu_in_process(cpu);
660             }
661             break;
662 
663         case GDB_ONE_THREAD:
664             cpu = gdb_get_cpu(pid, tid);
665 
666             /* invalid CPU/thread specified */
667             if (!cpu) {
668                 return -EINVAL;
669             }
670 
671             /* only use if no previous match occourred */
672             if (newstates[cpu->cpu_index] == 1) {
673                 newstates[cpu->cpu_index] = cur_action;
674             }
675             break;
676         }
677     }
678 
679     gdbserver_state.signal = signal;
680     gdb_continue_partial(newstates);
681     return res;
682 }
683 
684 static const char *cmd_next_param(const char *param, const char delimiter)
685 {
686     static const char all_delimiters[] = ",;:=";
687     char curr_delimiters[2] = {0};
688     const char *delimiters;
689 
690     if (delimiter == '?') {
691         delimiters = all_delimiters;
692     } else if (delimiter == '0') {
693         return strchr(param, '\0');
694     } else if (delimiter == '.' && *param) {
695         return param + 1;
696     } else {
697         curr_delimiters[0] = delimiter;
698         delimiters = curr_delimiters;
699     }
700 
701     param += strcspn(param, delimiters);
702     if (*param) {
703         param++;
704     }
705     return param;
706 }
707 
708 static int cmd_parse_params(const char *data, const char *schema,
709                             GArray *params)
710 {
711     const char *curr_schema, *curr_data;
712 
713     g_assert(schema);
714     g_assert(params->len == 0);
715 
716     curr_schema = schema;
717     curr_data = data;
718     while (curr_schema[0] && curr_schema[1] && *curr_data) {
719         GdbCmdVariant this_param;
720 
721         switch (curr_schema[0]) {
722         case 'l':
723             if (qemu_strtoul(curr_data, &curr_data, 16,
724                              &this_param.val_ul)) {
725                 return -EINVAL;
726             }
727             curr_data = cmd_next_param(curr_data, curr_schema[1]);
728             g_array_append_val(params, this_param);
729             break;
730         case 'L':
731             if (qemu_strtou64(curr_data, &curr_data, 16,
732                               (uint64_t *)&this_param.val_ull)) {
733                 return -EINVAL;
734             }
735             curr_data = cmd_next_param(curr_data, curr_schema[1]);
736             g_array_append_val(params, this_param);
737             break;
738         case 's':
739             this_param.data = curr_data;
740             curr_data = cmd_next_param(curr_data, curr_schema[1]);
741             g_array_append_val(params, this_param);
742             break;
743         case 'o':
744             this_param.opcode = *(uint8_t *)curr_data;
745             curr_data = cmd_next_param(curr_data, curr_schema[1]);
746             g_array_append_val(params, this_param);
747             break;
748         case 't':
749             this_param.thread_id.kind =
750                 read_thread_id(curr_data, &curr_data,
751                                &this_param.thread_id.pid,
752                                &this_param.thread_id.tid);
753             curr_data = cmd_next_param(curr_data, curr_schema[1]);
754             g_array_append_val(params, this_param);
755             break;
756         case '?':
757             curr_data = cmd_next_param(curr_data, curr_schema[1]);
758             break;
759         default:
760             return -EINVAL;
761         }
762         curr_schema += 2;
763     }
764 
765     return 0;
766 }
767 
768 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx);
769 
770 /*
771  * cmd_startswith -> cmd is compared using startswith
772  *
773  * allow_stop_reply -> true iff the gdbstub can respond to this command with a
774  *   "stop reply" packet. The list of commands that accept such response is
775  *   defined at the GDB Remote Serial Protocol documentation. see:
776  *   https://sourceware.org/gdb/onlinedocs/gdb/Stop-Reply-Packets.html#Stop-Reply-Packets.
777  *
778  * schema definitions:
779  * Each schema parameter entry consists of 2 chars,
780  * the first char represents the parameter type handling
781  * the second char represents the delimiter for the next parameter
782  *
783  * Currently supported schema types:
784  * 'l' -> unsigned long (stored in .val_ul)
785  * 'L' -> unsigned long long (stored in .val_ull)
786  * 's' -> string (stored in .data)
787  * 'o' -> single char (stored in .opcode)
788  * 't' -> thread id (stored in .thread_id)
789  * '?' -> skip according to delimiter
790  *
791  * Currently supported delimiters:
792  * '?' -> Stop at any delimiter (",;:=\0")
793  * '0' -> Stop at "\0"
794  * '.' -> Skip 1 char unless reached "\0"
795  * Any other value is treated as the delimiter value itself
796  */
797 typedef struct GdbCmdParseEntry {
798     GdbCmdHandler handler;
799     const char *cmd;
800     bool cmd_startswith;
801     const char *schema;
802     bool allow_stop_reply;
803 } GdbCmdParseEntry;
804 
805 static inline int startswith(const char *string, const char *pattern)
806 {
807   return !strncmp(string, pattern, strlen(pattern));
808 }
809 
810 static int process_string_cmd(void *user_ctx, const char *data,
811                               const GdbCmdParseEntry *cmds, int num_cmds)
812 {
813     int i;
814     g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant));
815 
816     if (!cmds) {
817         return -1;
818     }
819 
820     for (i = 0; i < num_cmds; i++) {
821         const GdbCmdParseEntry *cmd = &cmds[i];
822         g_assert(cmd->handler && cmd->cmd);
823 
824         if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
825             (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
826             continue;
827         }
828 
829         if (cmd->schema) {
830             if (cmd_parse_params(&data[strlen(cmd->cmd)],
831                                  cmd->schema, params)) {
832                 return -1;
833             }
834         }
835 
836         gdbserver_state.allow_stop_reply = cmd->allow_stop_reply;
837         cmd->handler(params, user_ctx);
838         return 0;
839     }
840 
841     return -1;
842 }
843 
844 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
845 {
846     if (!data) {
847         return;
848     }
849 
850     g_string_set_size(gdbserver_state.str_buf, 0);
851     g_byte_array_set_size(gdbserver_state.mem_buf, 0);
852 
853     /* In case there was an error during the command parsing we must
854     * send a NULL packet to indicate the command is not supported */
855     if (process_string_cmd(NULL, data, cmd, 1)) {
856         gdb_put_packet("");
857     }
858 }
859 
860 static void handle_detach(GArray *params, void *user_ctx)
861 {
862     GDBProcess *process;
863     uint32_t pid = 1;
864 
865     if (gdbserver_state.multiprocess) {
866         if (!params->len) {
867             gdb_put_packet("E22");
868             return;
869         }
870 
871         pid = get_param(params, 0)->val_ul;
872     }
873 
874     process = gdb_get_process(pid);
875     gdb_process_breakpoint_remove_all(process);
876     process->attached = false;
877 
878     if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
879         gdbserver_state.c_cpu = gdb_first_attached_cpu();
880     }
881 
882     if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
883         gdbserver_state.g_cpu = gdb_first_attached_cpu();
884     }
885 
886     if (!gdbserver_state.c_cpu) {
887         /* No more process attached */
888         gdb_disable_syscalls();
889         gdb_continue();
890     }
891     gdb_put_packet("OK");
892 }
893 
894 static void handle_thread_alive(GArray *params, void *user_ctx)
895 {
896     CPUState *cpu;
897 
898     if (!params->len) {
899         gdb_put_packet("E22");
900         return;
901     }
902 
903     if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
904         gdb_put_packet("E22");
905         return;
906     }
907 
908     cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
909                       get_param(params, 0)->thread_id.tid);
910     if (!cpu) {
911         gdb_put_packet("E22");
912         return;
913     }
914 
915     gdb_put_packet("OK");
916 }
917 
918 static void handle_continue(GArray *params, void *user_ctx)
919 {
920     if (params->len) {
921         gdb_set_cpu_pc(get_param(params, 0)->val_ull);
922     }
923 
924     gdbserver_state.signal = 0;
925     gdb_continue();
926 }
927 
928 static void handle_cont_with_sig(GArray *params, void *user_ctx)
929 {
930     unsigned long signal = 0;
931 
932     /*
933      * Note: C sig;[addr] is currently unsupported and we simply
934      *       omit the addr parameter
935      */
936     if (params->len) {
937         signal = get_param(params, 0)->val_ul;
938     }
939 
940     gdbserver_state.signal = gdb_signal_to_target(signal);
941     if (gdbserver_state.signal == -1) {
942         gdbserver_state.signal = 0;
943     }
944     gdb_continue();
945 }
946 
947 static void handle_set_thread(GArray *params, void *user_ctx)
948 {
949     CPUState *cpu;
950 
951     if (params->len != 2) {
952         gdb_put_packet("E22");
953         return;
954     }
955 
956     if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) {
957         gdb_put_packet("E22");
958         return;
959     }
960 
961     if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) {
962         gdb_put_packet("OK");
963         return;
964     }
965 
966     cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid,
967                       get_param(params, 1)->thread_id.tid);
968     if (!cpu) {
969         gdb_put_packet("E22");
970         return;
971     }
972 
973     /*
974      * Note: This command is deprecated and modern gdb's will be using the
975      *       vCont command instead.
976      */
977     switch (get_param(params, 0)->opcode) {
978     case 'c':
979         gdbserver_state.c_cpu = cpu;
980         gdb_put_packet("OK");
981         break;
982     case 'g':
983         gdbserver_state.g_cpu = cpu;
984         gdb_put_packet("OK");
985         break;
986     default:
987         gdb_put_packet("E22");
988         break;
989     }
990 }
991 
992 static void handle_insert_bp(GArray *params, void *user_ctx)
993 {
994     int res;
995 
996     if (params->len != 3) {
997         gdb_put_packet("E22");
998         return;
999     }
1000 
1001     res = gdb_breakpoint_insert(gdbserver_state.c_cpu,
1002                                 get_param(params, 0)->val_ul,
1003                                 get_param(params, 1)->val_ull,
1004                                 get_param(params, 2)->val_ull);
1005     if (res >= 0) {
1006         gdb_put_packet("OK");
1007         return;
1008     } else if (res == -ENOSYS) {
1009         gdb_put_packet("");
1010         return;
1011     }
1012 
1013     gdb_put_packet("E22");
1014 }
1015 
1016 static void handle_remove_bp(GArray *params, void *user_ctx)
1017 {
1018     int res;
1019 
1020     if (params->len != 3) {
1021         gdb_put_packet("E22");
1022         return;
1023     }
1024 
1025     res = gdb_breakpoint_remove(gdbserver_state.c_cpu,
1026                                 get_param(params, 0)->val_ul,
1027                                 get_param(params, 1)->val_ull,
1028                                 get_param(params, 2)->val_ull);
1029     if (res >= 0) {
1030         gdb_put_packet("OK");
1031         return;
1032     } else if (res == -ENOSYS) {
1033         gdb_put_packet("");
1034         return;
1035     }
1036 
1037     gdb_put_packet("E22");
1038 }
1039 
1040 /*
1041  * handle_set/get_reg
1042  *
1043  * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1044  * This works, but can be very slow. Anything new enough to understand
1045  * XML also knows how to use this properly. However to use this we
1046  * need to define a local XML file as well as be talking to a
1047  * reasonably modern gdb. Responding with an empty packet will cause
1048  * the remote gdb to fallback to older methods.
1049  */
1050 
1051 static void handle_set_reg(GArray *params, void *user_ctx)
1052 {
1053     int reg_size;
1054 
1055     if (!gdb_has_xml) {
1056         gdb_put_packet("");
1057         return;
1058     }
1059 
1060     if (params->len != 2) {
1061         gdb_put_packet("E22");
1062         return;
1063     }
1064 
1065     reg_size = strlen(get_param(params, 1)->data) / 2;
1066     gdb_hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size);
1067     gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1068                        get_param(params, 0)->val_ull);
1069     gdb_put_packet("OK");
1070 }
1071 
1072 static void handle_get_reg(GArray *params, void *user_ctx)
1073 {
1074     int reg_size;
1075 
1076     if (!gdb_has_xml) {
1077         gdb_put_packet("");
1078         return;
1079     }
1080 
1081     if (!params->len) {
1082         gdb_put_packet("E14");
1083         return;
1084     }
1085 
1086     reg_size = gdb_read_register(gdbserver_state.g_cpu,
1087                                  gdbserver_state.mem_buf,
1088                                  get_param(params, 0)->val_ull);
1089     if (!reg_size) {
1090         gdb_put_packet("E14");
1091         return;
1092     } else {
1093         g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1094     }
1095 
1096     gdb_memtohex(gdbserver_state.str_buf,
1097                  gdbserver_state.mem_buf->data, reg_size);
1098     gdb_put_strbuf();
1099 }
1100 
1101 static void handle_write_mem(GArray *params, void *user_ctx)
1102 {
1103     if (params->len != 3) {
1104         gdb_put_packet("E22");
1105         return;
1106     }
1107 
1108     /* gdb_hextomem() reads 2*len bytes */
1109     if (get_param(params, 1)->val_ull >
1110         strlen(get_param(params, 2)->data) / 2) {
1111         gdb_put_packet("E22");
1112         return;
1113     }
1114 
1115     gdb_hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data,
1116                  get_param(params, 1)->val_ull);
1117     if (gdb_target_memory_rw_debug(gdbserver_state.g_cpu,
1118                                    get_param(params, 0)->val_ull,
1119                                    gdbserver_state.mem_buf->data,
1120                                    gdbserver_state.mem_buf->len, true)) {
1121         gdb_put_packet("E14");
1122         return;
1123     }
1124 
1125     gdb_put_packet("OK");
1126 }
1127 
1128 static void handle_read_mem(GArray *params, void *user_ctx)
1129 {
1130     if (params->len != 2) {
1131         gdb_put_packet("E22");
1132         return;
1133     }
1134 
1135     /* gdb_memtohex() doubles the required space */
1136     if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) {
1137         gdb_put_packet("E22");
1138         return;
1139     }
1140 
1141     g_byte_array_set_size(gdbserver_state.mem_buf,
1142                           get_param(params, 1)->val_ull);
1143 
1144     if (gdb_target_memory_rw_debug(gdbserver_state.g_cpu,
1145                                    get_param(params, 0)->val_ull,
1146                                    gdbserver_state.mem_buf->data,
1147                                    gdbserver_state.mem_buf->len, false)) {
1148         gdb_put_packet("E14");
1149         return;
1150     }
1151 
1152     gdb_memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1153              gdbserver_state.mem_buf->len);
1154     gdb_put_strbuf();
1155 }
1156 
1157 static void handle_write_all_regs(GArray *params, void *user_ctx)
1158 {
1159     int reg_id;
1160     size_t len;
1161     uint8_t *registers;
1162     int reg_size;
1163 
1164     if (!params->len) {
1165         return;
1166     }
1167 
1168     cpu_synchronize_state(gdbserver_state.g_cpu);
1169     len = strlen(get_param(params, 0)->data) / 2;
1170     gdb_hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
1171     registers = gdbserver_state.mem_buf->data;
1172     for (reg_id = 0;
1173          reg_id < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1174          reg_id++) {
1175         reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, reg_id);
1176         len -= reg_size;
1177         registers += reg_size;
1178     }
1179     gdb_put_packet("OK");
1180 }
1181 
1182 static void handle_read_all_regs(GArray *params, void *user_ctx)
1183 {
1184     int reg_id;
1185     size_t len;
1186 
1187     cpu_synchronize_state(gdbserver_state.g_cpu);
1188     g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1189     len = 0;
1190     for (reg_id = 0; reg_id < gdbserver_state.g_cpu->gdb_num_g_regs; reg_id++) {
1191         len += gdb_read_register(gdbserver_state.g_cpu,
1192                                  gdbserver_state.mem_buf,
1193                                  reg_id);
1194     }
1195     g_assert(len == gdbserver_state.mem_buf->len);
1196 
1197     gdb_memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1198     gdb_put_strbuf();
1199 }
1200 
1201 
1202 static void handle_step(GArray *params, void *user_ctx)
1203 {
1204     if (params->len) {
1205         gdb_set_cpu_pc(get_param(params, 0)->val_ull);
1206     }
1207 
1208     cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags);
1209     gdb_continue();
1210 }
1211 
1212 static void handle_backward(GArray *params, void *user_ctx)
1213 {
1214     if (!gdb_can_reverse()) {
1215         gdb_put_packet("E22");
1216     }
1217     if (params->len == 1) {
1218         switch (get_param(params, 0)->opcode) {
1219         case 's':
1220             if (replay_reverse_step()) {
1221                 gdb_continue();
1222             } else {
1223                 gdb_put_packet("E14");
1224             }
1225             return;
1226         case 'c':
1227             if (replay_reverse_continue()) {
1228                 gdb_continue();
1229             } else {
1230                 gdb_put_packet("E14");
1231             }
1232             return;
1233         }
1234     }
1235 
1236     /* Default invalid command */
1237     gdb_put_packet("");
1238 }
1239 
1240 static void handle_v_cont_query(GArray *params, void *user_ctx)
1241 {
1242     gdb_put_packet("vCont;c;C;s;S");
1243 }
1244 
1245 static void handle_v_cont(GArray *params, void *user_ctx)
1246 {
1247     int res;
1248 
1249     if (!params->len) {
1250         return;
1251     }
1252 
1253     res = gdb_handle_vcont(get_param(params, 0)->data);
1254     if ((res == -EINVAL) || (res == -ERANGE)) {
1255         gdb_put_packet("E22");
1256     } else if (res) {
1257         gdb_put_packet("");
1258     }
1259 }
1260 
1261 static void handle_v_attach(GArray *params, void *user_ctx)
1262 {
1263     GDBProcess *process;
1264     CPUState *cpu;
1265 
1266     g_string_assign(gdbserver_state.str_buf, "E22");
1267     if (!params->len) {
1268         goto cleanup;
1269     }
1270 
1271     process = gdb_get_process(get_param(params, 0)->val_ul);
1272     if (!process) {
1273         goto cleanup;
1274     }
1275 
1276     cpu = gdb_get_first_cpu_in_process(process);
1277     if (!cpu) {
1278         goto cleanup;
1279     }
1280 
1281     process->attached = true;
1282     gdbserver_state.g_cpu = cpu;
1283     gdbserver_state.c_cpu = cpu;
1284 
1285     if (gdbserver_state.allow_stop_reply) {
1286         g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1287         gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1288         g_string_append_c(gdbserver_state.str_buf, ';');
1289         gdbserver_state.allow_stop_reply = false;
1290 cleanup:
1291         gdb_put_strbuf();
1292     }
1293 }
1294 
1295 static void handle_v_kill(GArray *params, void *user_ctx)
1296 {
1297     /* Kill the target */
1298     gdb_put_packet("OK");
1299     error_report("QEMU: Terminated via GDBstub");
1300     gdb_exit(0);
1301     exit(0);
1302 }
1303 
1304 static const GdbCmdParseEntry gdb_v_commands_table[] = {
1305     /* Order is important if has same prefix */
1306     {
1307         .handler = handle_v_cont_query,
1308         .cmd = "Cont?",
1309         .cmd_startswith = 1
1310     },
1311     {
1312         .handler = handle_v_cont,
1313         .cmd = "Cont",
1314         .cmd_startswith = 1,
1315         .allow_stop_reply = true,
1316         .schema = "s0"
1317     },
1318     {
1319         .handler = handle_v_attach,
1320         .cmd = "Attach;",
1321         .cmd_startswith = 1,
1322         .allow_stop_reply = true,
1323         .schema = "l0"
1324     },
1325     {
1326         .handler = handle_v_kill,
1327         .cmd = "Kill;",
1328         .cmd_startswith = 1
1329     },
1330 #ifdef CONFIG_USER_ONLY
1331     /*
1332      * Host I/O Packets. See [1] for details.
1333      * [1] https://sourceware.org/gdb/onlinedocs/gdb/Host-I_002fO-Packets.html
1334      */
1335     {
1336         .handler = gdb_handle_v_file_open,
1337         .cmd = "File:open:",
1338         .cmd_startswith = 1,
1339         .schema = "s,L,L0"
1340     },
1341     {
1342         .handler = gdb_handle_v_file_close,
1343         .cmd = "File:close:",
1344         .cmd_startswith = 1,
1345         .schema = "l0"
1346     },
1347     {
1348         .handler = gdb_handle_v_file_pread,
1349         .cmd = "File:pread:",
1350         .cmd_startswith = 1,
1351         .schema = "l,L,L0"
1352     },
1353     {
1354         .handler = gdb_handle_v_file_readlink,
1355         .cmd = "File:readlink:",
1356         .cmd_startswith = 1,
1357         .schema = "s0"
1358     },
1359 #endif
1360 };
1361 
1362 static void handle_v_commands(GArray *params, void *user_ctx)
1363 {
1364     if (!params->len) {
1365         return;
1366     }
1367 
1368     if (process_string_cmd(NULL, get_param(params, 0)->data,
1369                            gdb_v_commands_table,
1370                            ARRAY_SIZE(gdb_v_commands_table))) {
1371         gdb_put_packet("");
1372     }
1373 }
1374 
1375 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx)
1376 {
1377     g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE);
1378 
1379     if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) {
1380         g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x",
1381                                SSTEP_NOIRQ);
1382     }
1383 
1384     if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) {
1385         g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x",
1386                                SSTEP_NOTIMER);
1387     }
1388 
1389     gdb_put_strbuf();
1390 }
1391 
1392 static void handle_set_qemu_sstep(GArray *params, void *user_ctx)
1393 {
1394     int new_sstep_flags;
1395 
1396     if (!params->len) {
1397         return;
1398     }
1399 
1400     new_sstep_flags = get_param(params, 0)->val_ul;
1401 
1402     if (new_sstep_flags  & ~gdbserver_state.supported_sstep_flags) {
1403         gdb_put_packet("E22");
1404         return;
1405     }
1406 
1407     gdbserver_state.sstep_flags = new_sstep_flags;
1408     gdb_put_packet("OK");
1409 }
1410 
1411 static void handle_query_qemu_sstep(GArray *params, void *user_ctx)
1412 {
1413     g_string_printf(gdbserver_state.str_buf, "0x%x",
1414                     gdbserver_state.sstep_flags);
1415     gdb_put_strbuf();
1416 }
1417 
1418 static void handle_query_curr_tid(GArray *params, void *user_ctx)
1419 {
1420     CPUState *cpu;
1421     GDBProcess *process;
1422 
1423     /*
1424      * "Current thread" remains vague in the spec, so always return
1425      * the first thread of the current process (gdb returns the
1426      * first thread).
1427      */
1428     process = gdb_get_cpu_process(gdbserver_state.g_cpu);
1429     cpu = gdb_get_first_cpu_in_process(process);
1430     g_string_assign(gdbserver_state.str_buf, "QC");
1431     gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1432     gdb_put_strbuf();
1433 }
1434 
1435 static void handle_query_threads(GArray *params, void *user_ctx)
1436 {
1437     if (!gdbserver_state.query_cpu) {
1438         gdb_put_packet("l");
1439         return;
1440     }
1441 
1442     g_string_assign(gdbserver_state.str_buf, "m");
1443     gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
1444     gdb_put_strbuf();
1445     gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
1446 }
1447 
1448 static void handle_query_first_threads(GArray *params, void *user_ctx)
1449 {
1450     gdbserver_state.query_cpu = gdb_first_attached_cpu();
1451     handle_query_threads(params, user_ctx);
1452 }
1453 
1454 static void handle_query_thread_extra(GArray *params, void *user_ctx)
1455 {
1456     g_autoptr(GString) rs = g_string_new(NULL);
1457     CPUState *cpu;
1458 
1459     if (!params->len ||
1460         get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
1461         gdb_put_packet("E22");
1462         return;
1463     }
1464 
1465     cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
1466                       get_param(params, 0)->thread_id.tid);
1467     if (!cpu) {
1468         return;
1469     }
1470 
1471     cpu_synchronize_state(cpu);
1472 
1473     if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
1474         /* Print the CPU model and name in multiprocess mode */
1475         ObjectClass *oc = object_get_class(OBJECT(cpu));
1476         const char *cpu_model = object_class_get_name(oc);
1477         const char *cpu_name =
1478             object_get_canonical_path_component(OBJECT(cpu));
1479         g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
1480                         cpu->halted ? "halted " : "running");
1481     } else {
1482         g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
1483                         cpu->halted ? "halted " : "running");
1484     }
1485     trace_gdbstub_op_extra_info(rs->str);
1486     gdb_memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
1487     gdb_put_strbuf();
1488 }
1489 
1490 static void handle_query_supported(GArray *params, void *user_ctx)
1491 {
1492     CPUClass *cc;
1493 
1494     g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
1495     cc = CPU_GET_CLASS(first_cpu);
1496     if (cc->gdb_core_xml_file) {
1497         g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
1498     }
1499 
1500     if (gdb_can_reverse()) {
1501         g_string_append(gdbserver_state.str_buf,
1502             ";ReverseStep+;ReverseContinue+");
1503     }
1504 
1505 #if defined(CONFIG_USER_ONLY)
1506 #if defined(CONFIG_LINUX)
1507     if (gdbserver_state.c_cpu->opaque) {
1508         g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
1509     }
1510 #endif
1511     g_string_append(gdbserver_state.str_buf, ";qXfer:exec-file:read+");
1512 #endif
1513 
1514     if (params->len &&
1515         strstr(get_param(params, 0)->data, "multiprocess+")) {
1516         gdbserver_state.multiprocess = true;
1517     }
1518 
1519     g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
1520     gdb_put_strbuf();
1521 }
1522 
1523 static void handle_query_xfer_features(GArray *params, void *user_ctx)
1524 {
1525     GDBProcess *process;
1526     CPUClass *cc;
1527     unsigned long len, total_len, addr;
1528     const char *xml;
1529     const char *p;
1530 
1531     if (params->len < 3) {
1532         gdb_put_packet("E22");
1533         return;
1534     }
1535 
1536     process = gdb_get_cpu_process(gdbserver_state.g_cpu);
1537     cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
1538     if (!cc->gdb_core_xml_file) {
1539         gdb_put_packet("");
1540         return;
1541     }
1542 
1543     gdb_has_xml = true;
1544     p = get_param(params, 0)->data;
1545     xml = get_feature_xml(p, &p, process);
1546     if (!xml) {
1547         gdb_put_packet("E00");
1548         return;
1549     }
1550 
1551     addr = get_param(params, 1)->val_ul;
1552     len = get_param(params, 2)->val_ul;
1553     total_len = strlen(xml);
1554     if (addr > total_len) {
1555         gdb_put_packet("E00");
1556         return;
1557     }
1558 
1559     if (len > (MAX_PACKET_LENGTH - 5) / 2) {
1560         len = (MAX_PACKET_LENGTH - 5) / 2;
1561     }
1562 
1563     if (len < total_len - addr) {
1564         g_string_assign(gdbserver_state.str_buf, "m");
1565         gdb_memtox(gdbserver_state.str_buf, xml + addr, len);
1566     } else {
1567         g_string_assign(gdbserver_state.str_buf, "l");
1568         gdb_memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
1569     }
1570 
1571     gdb_put_packet_binary(gdbserver_state.str_buf->str,
1572                       gdbserver_state.str_buf->len, true);
1573 }
1574 
1575 static void handle_query_qemu_supported(GArray *params, void *user_ctx)
1576 {
1577     g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
1578 #ifndef CONFIG_USER_ONLY
1579     g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
1580 #endif
1581     gdb_put_strbuf();
1582 }
1583 
1584 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
1585     /* Order is important if has same prefix */
1586     {
1587         .handler = handle_query_qemu_sstepbits,
1588         .cmd = "qemu.sstepbits",
1589     },
1590     {
1591         .handler = handle_query_qemu_sstep,
1592         .cmd = "qemu.sstep",
1593     },
1594     {
1595         .handler = handle_set_qemu_sstep,
1596         .cmd = "qemu.sstep=",
1597         .cmd_startswith = 1,
1598         .schema = "l0"
1599     },
1600 };
1601 
1602 static const GdbCmdParseEntry gdb_gen_query_table[] = {
1603     {
1604         .handler = handle_query_curr_tid,
1605         .cmd = "C",
1606     },
1607     {
1608         .handler = handle_query_threads,
1609         .cmd = "sThreadInfo",
1610     },
1611     {
1612         .handler = handle_query_first_threads,
1613         .cmd = "fThreadInfo",
1614     },
1615     {
1616         .handler = handle_query_thread_extra,
1617         .cmd = "ThreadExtraInfo,",
1618         .cmd_startswith = 1,
1619         .schema = "t0"
1620     },
1621 #ifdef CONFIG_USER_ONLY
1622     {
1623         .handler = gdb_handle_query_offsets,
1624         .cmd = "Offsets",
1625     },
1626 #else
1627     {
1628         .handler = gdb_handle_query_rcmd,
1629         .cmd = "Rcmd,",
1630         .cmd_startswith = 1,
1631         .schema = "s0"
1632     },
1633 #endif
1634     {
1635         .handler = handle_query_supported,
1636         .cmd = "Supported:",
1637         .cmd_startswith = 1,
1638         .schema = "s0"
1639     },
1640     {
1641         .handler = handle_query_supported,
1642         .cmd = "Supported",
1643         .schema = "s0"
1644     },
1645     {
1646         .handler = handle_query_xfer_features,
1647         .cmd = "Xfer:features:read:",
1648         .cmd_startswith = 1,
1649         .schema = "s:l,l0"
1650     },
1651 #if defined(CONFIG_USER_ONLY)
1652 #if defined(CONFIG_LINUX)
1653     {
1654         .handler = gdb_handle_query_xfer_auxv,
1655         .cmd = "Xfer:auxv:read::",
1656         .cmd_startswith = 1,
1657         .schema = "l,l0"
1658     },
1659 #endif
1660     {
1661         .handler = gdb_handle_query_xfer_exec_file,
1662         .cmd = "Xfer:exec-file:read:",
1663         .cmd_startswith = 1,
1664         .schema = "l:l,l0"
1665     },
1666 #endif
1667     {
1668         .handler = gdb_handle_query_attached,
1669         .cmd = "Attached:",
1670         .cmd_startswith = 1
1671     },
1672     {
1673         .handler = gdb_handle_query_attached,
1674         .cmd = "Attached",
1675     },
1676     {
1677         .handler = handle_query_qemu_supported,
1678         .cmd = "qemu.Supported",
1679     },
1680 #ifndef CONFIG_USER_ONLY
1681     {
1682         .handler = gdb_handle_query_qemu_phy_mem_mode,
1683         .cmd = "qemu.PhyMemMode",
1684     },
1685 #endif
1686 };
1687 
1688 static const GdbCmdParseEntry gdb_gen_set_table[] = {
1689     /* Order is important if has same prefix */
1690     {
1691         .handler = handle_set_qemu_sstep,
1692         .cmd = "qemu.sstep:",
1693         .cmd_startswith = 1,
1694         .schema = "l0"
1695     },
1696 #ifndef CONFIG_USER_ONLY
1697     {
1698         .handler = gdb_handle_set_qemu_phy_mem_mode,
1699         .cmd = "qemu.PhyMemMode:",
1700         .cmd_startswith = 1,
1701         .schema = "l0"
1702     },
1703 #endif
1704 };
1705 
1706 static void handle_gen_query(GArray *params, void *user_ctx)
1707 {
1708     if (!params->len) {
1709         return;
1710     }
1711 
1712     if (!process_string_cmd(NULL, get_param(params, 0)->data,
1713                             gdb_gen_query_set_common_table,
1714                             ARRAY_SIZE(gdb_gen_query_set_common_table))) {
1715         return;
1716     }
1717 
1718     if (process_string_cmd(NULL, get_param(params, 0)->data,
1719                            gdb_gen_query_table,
1720                            ARRAY_SIZE(gdb_gen_query_table))) {
1721         gdb_put_packet("");
1722     }
1723 }
1724 
1725 static void handle_gen_set(GArray *params, void *user_ctx)
1726 {
1727     if (!params->len) {
1728         return;
1729     }
1730 
1731     if (!process_string_cmd(NULL, get_param(params, 0)->data,
1732                             gdb_gen_query_set_common_table,
1733                             ARRAY_SIZE(gdb_gen_query_set_common_table))) {
1734         return;
1735     }
1736 
1737     if (process_string_cmd(NULL, get_param(params, 0)->data,
1738                            gdb_gen_set_table,
1739                            ARRAY_SIZE(gdb_gen_set_table))) {
1740         gdb_put_packet("");
1741     }
1742 }
1743 
1744 static void handle_target_halt(GArray *params, void *user_ctx)
1745 {
1746     if (gdbserver_state.allow_stop_reply) {
1747         g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1748         gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
1749         g_string_append_c(gdbserver_state.str_buf, ';');
1750         gdb_put_strbuf();
1751         gdbserver_state.allow_stop_reply = false;
1752     }
1753     /*
1754      * Remove all the breakpoints when this query is issued,
1755      * because gdb is doing an initial connect and the state
1756      * should be cleaned up.
1757      */
1758     gdb_breakpoint_remove_all(gdbserver_state.c_cpu);
1759 }
1760 
1761 static int gdb_handle_packet(const char *line_buf)
1762 {
1763     const GdbCmdParseEntry *cmd_parser = NULL;
1764 
1765     trace_gdbstub_io_command(line_buf);
1766 
1767     switch (line_buf[0]) {
1768     case '!':
1769         gdb_put_packet("OK");
1770         break;
1771     case '?':
1772         {
1773             static const GdbCmdParseEntry target_halted_cmd_desc = {
1774                 .handler = handle_target_halt,
1775                 .cmd = "?",
1776                 .cmd_startswith = 1,
1777                 .allow_stop_reply = true,
1778             };
1779             cmd_parser = &target_halted_cmd_desc;
1780         }
1781         break;
1782     case 'c':
1783         {
1784             static const GdbCmdParseEntry continue_cmd_desc = {
1785                 .handler = handle_continue,
1786                 .cmd = "c",
1787                 .cmd_startswith = 1,
1788                 .allow_stop_reply = true,
1789                 .schema = "L0"
1790             };
1791             cmd_parser = &continue_cmd_desc;
1792         }
1793         break;
1794     case 'C':
1795         {
1796             static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
1797                 .handler = handle_cont_with_sig,
1798                 .cmd = "C",
1799                 .cmd_startswith = 1,
1800                 .allow_stop_reply = true,
1801                 .schema = "l0"
1802             };
1803             cmd_parser = &cont_with_sig_cmd_desc;
1804         }
1805         break;
1806     case 'v':
1807         {
1808             static const GdbCmdParseEntry v_cmd_desc = {
1809                 .handler = handle_v_commands,
1810                 .cmd = "v",
1811                 .cmd_startswith = 1,
1812                 .schema = "s0"
1813             };
1814             cmd_parser = &v_cmd_desc;
1815         }
1816         break;
1817     case 'k':
1818         /* Kill the target */
1819         error_report("QEMU: Terminated via GDBstub");
1820         gdb_exit(0);
1821         exit(0);
1822     case 'D':
1823         {
1824             static const GdbCmdParseEntry detach_cmd_desc = {
1825                 .handler = handle_detach,
1826                 .cmd = "D",
1827                 .cmd_startswith = 1,
1828                 .schema = "?.l0"
1829             };
1830             cmd_parser = &detach_cmd_desc;
1831         }
1832         break;
1833     case 's':
1834         {
1835             static const GdbCmdParseEntry step_cmd_desc = {
1836                 .handler = handle_step,
1837                 .cmd = "s",
1838                 .cmd_startswith = 1,
1839                 .allow_stop_reply = true,
1840                 .schema = "L0"
1841             };
1842             cmd_parser = &step_cmd_desc;
1843         }
1844         break;
1845     case 'b':
1846         {
1847             static const GdbCmdParseEntry backward_cmd_desc = {
1848                 .handler = handle_backward,
1849                 .cmd = "b",
1850                 .cmd_startswith = 1,
1851                 .allow_stop_reply = true,
1852                 .schema = "o0"
1853             };
1854             cmd_parser = &backward_cmd_desc;
1855         }
1856         break;
1857     case 'F':
1858         {
1859             static const GdbCmdParseEntry file_io_cmd_desc = {
1860                 .handler = gdb_handle_file_io,
1861                 .cmd = "F",
1862                 .cmd_startswith = 1,
1863                 .schema = "L,L,o0"
1864             };
1865             cmd_parser = &file_io_cmd_desc;
1866         }
1867         break;
1868     case 'g':
1869         {
1870             static const GdbCmdParseEntry read_all_regs_cmd_desc = {
1871                 .handler = handle_read_all_regs,
1872                 .cmd = "g",
1873                 .cmd_startswith = 1
1874             };
1875             cmd_parser = &read_all_regs_cmd_desc;
1876         }
1877         break;
1878     case 'G':
1879         {
1880             static const GdbCmdParseEntry write_all_regs_cmd_desc = {
1881                 .handler = handle_write_all_regs,
1882                 .cmd = "G",
1883                 .cmd_startswith = 1,
1884                 .schema = "s0"
1885             };
1886             cmd_parser = &write_all_regs_cmd_desc;
1887         }
1888         break;
1889     case 'm':
1890         {
1891             static const GdbCmdParseEntry read_mem_cmd_desc = {
1892                 .handler = handle_read_mem,
1893                 .cmd = "m",
1894                 .cmd_startswith = 1,
1895                 .schema = "L,L0"
1896             };
1897             cmd_parser = &read_mem_cmd_desc;
1898         }
1899         break;
1900     case 'M':
1901         {
1902             static const GdbCmdParseEntry write_mem_cmd_desc = {
1903                 .handler = handle_write_mem,
1904                 .cmd = "M",
1905                 .cmd_startswith = 1,
1906                 .schema = "L,L:s0"
1907             };
1908             cmd_parser = &write_mem_cmd_desc;
1909         }
1910         break;
1911     case 'p':
1912         {
1913             static const GdbCmdParseEntry get_reg_cmd_desc = {
1914                 .handler = handle_get_reg,
1915                 .cmd = "p",
1916                 .cmd_startswith = 1,
1917                 .schema = "L0"
1918             };
1919             cmd_parser = &get_reg_cmd_desc;
1920         }
1921         break;
1922     case 'P':
1923         {
1924             static const GdbCmdParseEntry set_reg_cmd_desc = {
1925                 .handler = handle_set_reg,
1926                 .cmd = "P",
1927                 .cmd_startswith = 1,
1928                 .schema = "L?s0"
1929             };
1930             cmd_parser = &set_reg_cmd_desc;
1931         }
1932         break;
1933     case 'Z':
1934         {
1935             static const GdbCmdParseEntry insert_bp_cmd_desc = {
1936                 .handler = handle_insert_bp,
1937                 .cmd = "Z",
1938                 .cmd_startswith = 1,
1939                 .schema = "l?L?L0"
1940             };
1941             cmd_parser = &insert_bp_cmd_desc;
1942         }
1943         break;
1944     case 'z':
1945         {
1946             static const GdbCmdParseEntry remove_bp_cmd_desc = {
1947                 .handler = handle_remove_bp,
1948                 .cmd = "z",
1949                 .cmd_startswith = 1,
1950                 .schema = "l?L?L0"
1951             };
1952             cmd_parser = &remove_bp_cmd_desc;
1953         }
1954         break;
1955     case 'H':
1956         {
1957             static const GdbCmdParseEntry set_thread_cmd_desc = {
1958                 .handler = handle_set_thread,
1959                 .cmd = "H",
1960                 .cmd_startswith = 1,
1961                 .schema = "o.t0"
1962             };
1963             cmd_parser = &set_thread_cmd_desc;
1964         }
1965         break;
1966     case 'T':
1967         {
1968             static const GdbCmdParseEntry thread_alive_cmd_desc = {
1969                 .handler = handle_thread_alive,
1970                 .cmd = "T",
1971                 .cmd_startswith = 1,
1972                 .schema = "t0"
1973             };
1974             cmd_parser = &thread_alive_cmd_desc;
1975         }
1976         break;
1977     case 'q':
1978         {
1979             static const GdbCmdParseEntry gen_query_cmd_desc = {
1980                 .handler = handle_gen_query,
1981                 .cmd = "q",
1982                 .cmd_startswith = 1,
1983                 .schema = "s0"
1984             };
1985             cmd_parser = &gen_query_cmd_desc;
1986         }
1987         break;
1988     case 'Q':
1989         {
1990             static const GdbCmdParseEntry gen_set_cmd_desc = {
1991                 .handler = handle_gen_set,
1992                 .cmd = "Q",
1993                 .cmd_startswith = 1,
1994                 .schema = "s0"
1995             };
1996             cmd_parser = &gen_set_cmd_desc;
1997         }
1998         break;
1999     default:
2000         /* put empty packet */
2001         gdb_put_packet("");
2002         break;
2003     }
2004 
2005     if (cmd_parser) {
2006         run_cmd_parser(line_buf, cmd_parser);
2007     }
2008 
2009     return RS_IDLE;
2010 }
2011 
2012 void gdb_set_stop_cpu(CPUState *cpu)
2013 {
2014     GDBProcess *p = gdb_get_cpu_process(cpu);
2015 
2016     if (!p->attached) {
2017         /*
2018          * Having a stop CPU corresponding to a process that is not attached
2019          * confuses GDB. So we ignore the request.
2020          */
2021         return;
2022     }
2023 
2024     gdbserver_state.c_cpu = cpu;
2025     gdbserver_state.g_cpu = cpu;
2026 }
2027 
2028 void gdb_read_byte(uint8_t ch)
2029 {
2030     uint8_t reply;
2031 
2032     gdbserver_state.allow_stop_reply = false;
2033 #ifndef CONFIG_USER_ONLY
2034     if (gdbserver_state.last_packet->len) {
2035         /* Waiting for a response to the last packet.  If we see the start
2036            of a new command then abandon the previous response.  */
2037         if (ch == '-') {
2038             trace_gdbstub_err_got_nack();
2039             gdb_put_buffer(gdbserver_state.last_packet->data,
2040                        gdbserver_state.last_packet->len);
2041         } else if (ch == '+') {
2042             trace_gdbstub_io_got_ack();
2043         } else {
2044             trace_gdbstub_io_got_unexpected(ch);
2045         }
2046 
2047         if (ch == '+' || ch == '$') {
2048             g_byte_array_set_size(gdbserver_state.last_packet, 0);
2049         }
2050         if (ch != '$')
2051             return;
2052     }
2053     if (runstate_is_running()) {
2054         /* when the CPU is running, we cannot do anything except stop
2055            it when receiving a char */
2056         vm_stop(RUN_STATE_PAUSED);
2057     } else
2058 #endif
2059     {
2060         switch(gdbserver_state.state) {
2061         case RS_IDLE:
2062             if (ch == '$') {
2063                 /* start of command packet */
2064                 gdbserver_state.line_buf_index = 0;
2065                 gdbserver_state.line_sum = 0;
2066                 gdbserver_state.state = RS_GETLINE;
2067             } else {
2068                 trace_gdbstub_err_garbage(ch);
2069             }
2070             break;
2071         case RS_GETLINE:
2072             if (ch == '}') {
2073                 /* start escape sequence */
2074                 gdbserver_state.state = RS_GETLINE_ESC;
2075                 gdbserver_state.line_sum += ch;
2076             } else if (ch == '*') {
2077                 /* start run length encoding sequence */
2078                 gdbserver_state.state = RS_GETLINE_RLE;
2079                 gdbserver_state.line_sum += ch;
2080             } else if (ch == '#') {
2081                 /* end of command, start of checksum*/
2082                 gdbserver_state.state = RS_CHKSUM1;
2083             } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2084                 trace_gdbstub_err_overrun();
2085                 gdbserver_state.state = RS_IDLE;
2086             } else {
2087                 /* unescaped command character */
2088                 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2089                 gdbserver_state.line_sum += ch;
2090             }
2091             break;
2092         case RS_GETLINE_ESC:
2093             if (ch == '#') {
2094                 /* unexpected end of command in escape sequence */
2095                 gdbserver_state.state = RS_CHKSUM1;
2096             } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2097                 /* command buffer overrun */
2098                 trace_gdbstub_err_overrun();
2099                 gdbserver_state.state = RS_IDLE;
2100             } else {
2101                 /* parse escaped character and leave escape state */
2102                 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
2103                 gdbserver_state.line_sum += ch;
2104                 gdbserver_state.state = RS_GETLINE;
2105             }
2106             break;
2107         case RS_GETLINE_RLE:
2108             /*
2109              * Run-length encoding is explained in "Debugging with GDB /
2110              * Appendix E GDB Remote Serial Protocol / Overview".
2111              */
2112             if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
2113                 /* invalid RLE count encoding */
2114                 trace_gdbstub_err_invalid_repeat(ch);
2115                 gdbserver_state.state = RS_GETLINE;
2116             } else {
2117                 /* decode repeat length */
2118                 int repeat = ch - ' ' + 3;
2119                 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
2120                     /* that many repeats would overrun the command buffer */
2121                     trace_gdbstub_err_overrun();
2122                     gdbserver_state.state = RS_IDLE;
2123                 } else if (gdbserver_state.line_buf_index < 1) {
2124                     /* got a repeat but we have nothing to repeat */
2125                     trace_gdbstub_err_invalid_rle();
2126                     gdbserver_state.state = RS_GETLINE;
2127                 } else {
2128                     /* repeat the last character */
2129                     memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
2130                            gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
2131                     gdbserver_state.line_buf_index += repeat;
2132                     gdbserver_state.line_sum += ch;
2133                     gdbserver_state.state = RS_GETLINE;
2134                 }
2135             }
2136             break;
2137         case RS_CHKSUM1:
2138             /* get high hex digit of checksum */
2139             if (!isxdigit(ch)) {
2140                 trace_gdbstub_err_checksum_invalid(ch);
2141                 gdbserver_state.state = RS_GETLINE;
2142                 break;
2143             }
2144             gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
2145             gdbserver_state.line_csum = fromhex(ch) << 4;
2146             gdbserver_state.state = RS_CHKSUM2;
2147             break;
2148         case RS_CHKSUM2:
2149             /* get low hex digit of checksum */
2150             if (!isxdigit(ch)) {
2151                 trace_gdbstub_err_checksum_invalid(ch);
2152                 gdbserver_state.state = RS_GETLINE;
2153                 break;
2154             }
2155             gdbserver_state.line_csum |= fromhex(ch);
2156 
2157             if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
2158                 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
2159                 /* send NAK reply */
2160                 reply = '-';
2161                 gdb_put_buffer(&reply, 1);
2162                 gdbserver_state.state = RS_IDLE;
2163             } else {
2164                 /* send ACK reply */
2165                 reply = '+';
2166                 gdb_put_buffer(&reply, 1);
2167                 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
2168             }
2169             break;
2170         default:
2171             abort();
2172         }
2173     }
2174 }
2175 
2176 /*
2177  * Create the process that will contain all the "orphan" CPUs (that are not
2178  * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2179  * be attachable and thus will be invisible to the user.
2180  */
2181 void gdb_create_default_process(GDBState *s)
2182 {
2183     GDBProcess *process;
2184     int pid;
2185 
2186 #ifdef CONFIG_USER_ONLY
2187     assert(gdbserver_state.process_num == 0);
2188     pid = getpid();
2189 #else
2190     if (gdbserver_state.process_num) {
2191         pid = s->processes[s->process_num - 1].pid;
2192     } else {
2193         pid = 0;
2194     }
2195     /* We need an available PID slot for this process */
2196     assert(pid < UINT32_MAX);
2197     pid++;
2198 #endif
2199 
2200     s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2201     process = &s->processes[s->process_num - 1];
2202     process->pid = pid;
2203     process->attached = false;
2204     process->target_xml[0] = '\0';
2205 }
2206 
2207