1 /* 2 * gdb server stub 3 * 4 * This implements a subset of the remote protocol as described in: 5 * 6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html 7 * 8 * Copyright (c) 2003-2005 Fabrice Bellard 9 * 10 * This library is free software; you can redistribute it and/or 11 * modify it under the terms of the GNU Lesser General Public 12 * License as published by the Free Software Foundation; either 13 * version 2 of the License, or (at your option) any later version. 14 * 15 * This library is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 18 * Lesser General Public License for more details. 19 * 20 * You should have received a copy of the GNU Lesser General Public 21 * License along with this library; if not, see <http://www.gnu.org/licenses/>. 22 * 23 * SPDX-License-Identifier: LGPL-2.0+ 24 */ 25 26 #include "qemu/osdep.h" 27 #include "qapi/error.h" 28 #include "qemu/error-report.h" 29 #include "qemu/ctype.h" 30 #include "qemu/cutils.h" 31 #include "qemu/module.h" 32 #include "trace.h" 33 #include "exec/gdbstub.h" 34 #ifdef CONFIG_USER_ONLY 35 #include "qemu.h" 36 #else 37 #include "monitor/monitor.h" 38 #include "chardev/char.h" 39 #include "chardev/char-fe.h" 40 #include "hw/cpu/cluster.h" 41 #include "hw/boards.h" 42 #endif 43 44 #define MAX_PACKET_LENGTH 4096 45 46 #include "qemu/sockets.h" 47 #include "sysemu/hw_accel.h" 48 #include "sysemu/runstate.h" 49 #include "semihosting/semihost.h" 50 #include "exec/exec-all.h" 51 #include "exec/replay-core.h" 52 53 #include "internals.h" 54 55 #ifdef CONFIG_USER_ONLY 56 #define GDB_ATTACHED "0" 57 #else 58 #define GDB_ATTACHED "1" 59 #endif 60 61 #ifndef CONFIG_USER_ONLY 62 static int phy_memory_mode; 63 #endif 64 65 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr, 66 uint8_t *buf, int len, bool is_write) 67 { 68 CPUClass *cc; 69 70 #ifndef CONFIG_USER_ONLY 71 if (phy_memory_mode) { 72 if (is_write) { 73 cpu_physical_memory_write(addr, buf, len); 74 } else { 75 cpu_physical_memory_read(addr, buf, len); 76 } 77 return 0; 78 } 79 #endif 80 81 cc = CPU_GET_CLASS(cpu); 82 if (cc->memory_rw_debug) { 83 return cc->memory_rw_debug(cpu, addr, buf, len, is_write); 84 } 85 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write); 86 } 87 88 /* Return the GDB index for a given vCPU state. 89 * 90 * For user mode this is simply the thread id. In system mode GDB 91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index. 92 */ 93 static inline int cpu_gdb_index(CPUState *cpu) 94 { 95 #if defined(CONFIG_USER_ONLY) 96 TaskState *ts = (TaskState *) cpu->opaque; 97 return ts ? ts->ts_tid : -1; 98 #else 99 return cpu->cpu_index + 1; 100 #endif 101 } 102 103 enum { 104 GDB_SIGNAL_0 = 0, 105 GDB_SIGNAL_INT = 2, 106 GDB_SIGNAL_QUIT = 3, 107 GDB_SIGNAL_TRAP = 5, 108 GDB_SIGNAL_ABRT = 6, 109 GDB_SIGNAL_ALRM = 14, 110 GDB_SIGNAL_IO = 23, 111 GDB_SIGNAL_XCPU = 24, 112 GDB_SIGNAL_UNKNOWN = 143 113 }; 114 115 #ifdef CONFIG_USER_ONLY 116 117 /* Map target signal numbers to GDB protocol signal numbers and vice 118 * versa. For user emulation's currently supported systems, we can 119 * assume most signals are defined. 120 */ 121 122 static int gdb_signal_table[] = { 123 0, 124 TARGET_SIGHUP, 125 TARGET_SIGINT, 126 TARGET_SIGQUIT, 127 TARGET_SIGILL, 128 TARGET_SIGTRAP, 129 TARGET_SIGABRT, 130 -1, /* SIGEMT */ 131 TARGET_SIGFPE, 132 TARGET_SIGKILL, 133 TARGET_SIGBUS, 134 TARGET_SIGSEGV, 135 TARGET_SIGSYS, 136 TARGET_SIGPIPE, 137 TARGET_SIGALRM, 138 TARGET_SIGTERM, 139 TARGET_SIGURG, 140 TARGET_SIGSTOP, 141 TARGET_SIGTSTP, 142 TARGET_SIGCONT, 143 TARGET_SIGCHLD, 144 TARGET_SIGTTIN, 145 TARGET_SIGTTOU, 146 TARGET_SIGIO, 147 TARGET_SIGXCPU, 148 TARGET_SIGXFSZ, 149 TARGET_SIGVTALRM, 150 TARGET_SIGPROF, 151 TARGET_SIGWINCH, 152 -1, /* SIGLOST */ 153 TARGET_SIGUSR1, 154 TARGET_SIGUSR2, 155 #ifdef TARGET_SIGPWR 156 TARGET_SIGPWR, 157 #else 158 -1, 159 #endif 160 -1, /* SIGPOLL */ 161 -1, 162 -1, 163 -1, 164 -1, 165 -1, 166 -1, 167 -1, 168 -1, 169 -1, 170 -1, 171 -1, 172 #ifdef __SIGRTMIN 173 __SIGRTMIN + 1, 174 __SIGRTMIN + 2, 175 __SIGRTMIN + 3, 176 __SIGRTMIN + 4, 177 __SIGRTMIN + 5, 178 __SIGRTMIN + 6, 179 __SIGRTMIN + 7, 180 __SIGRTMIN + 8, 181 __SIGRTMIN + 9, 182 __SIGRTMIN + 10, 183 __SIGRTMIN + 11, 184 __SIGRTMIN + 12, 185 __SIGRTMIN + 13, 186 __SIGRTMIN + 14, 187 __SIGRTMIN + 15, 188 __SIGRTMIN + 16, 189 __SIGRTMIN + 17, 190 __SIGRTMIN + 18, 191 __SIGRTMIN + 19, 192 __SIGRTMIN + 20, 193 __SIGRTMIN + 21, 194 __SIGRTMIN + 22, 195 __SIGRTMIN + 23, 196 __SIGRTMIN + 24, 197 __SIGRTMIN + 25, 198 __SIGRTMIN + 26, 199 __SIGRTMIN + 27, 200 __SIGRTMIN + 28, 201 __SIGRTMIN + 29, 202 __SIGRTMIN + 30, 203 __SIGRTMIN + 31, 204 -1, /* SIGCANCEL */ 205 __SIGRTMIN, 206 __SIGRTMIN + 32, 207 __SIGRTMIN + 33, 208 __SIGRTMIN + 34, 209 __SIGRTMIN + 35, 210 __SIGRTMIN + 36, 211 __SIGRTMIN + 37, 212 __SIGRTMIN + 38, 213 __SIGRTMIN + 39, 214 __SIGRTMIN + 40, 215 __SIGRTMIN + 41, 216 __SIGRTMIN + 42, 217 __SIGRTMIN + 43, 218 __SIGRTMIN + 44, 219 __SIGRTMIN + 45, 220 __SIGRTMIN + 46, 221 __SIGRTMIN + 47, 222 __SIGRTMIN + 48, 223 __SIGRTMIN + 49, 224 __SIGRTMIN + 50, 225 __SIGRTMIN + 51, 226 __SIGRTMIN + 52, 227 __SIGRTMIN + 53, 228 __SIGRTMIN + 54, 229 __SIGRTMIN + 55, 230 __SIGRTMIN + 56, 231 __SIGRTMIN + 57, 232 __SIGRTMIN + 58, 233 __SIGRTMIN + 59, 234 __SIGRTMIN + 60, 235 __SIGRTMIN + 61, 236 __SIGRTMIN + 62, 237 __SIGRTMIN + 63, 238 __SIGRTMIN + 64, 239 __SIGRTMIN + 65, 240 __SIGRTMIN + 66, 241 __SIGRTMIN + 67, 242 __SIGRTMIN + 68, 243 __SIGRTMIN + 69, 244 __SIGRTMIN + 70, 245 __SIGRTMIN + 71, 246 __SIGRTMIN + 72, 247 __SIGRTMIN + 73, 248 __SIGRTMIN + 74, 249 __SIGRTMIN + 75, 250 __SIGRTMIN + 76, 251 __SIGRTMIN + 77, 252 __SIGRTMIN + 78, 253 __SIGRTMIN + 79, 254 __SIGRTMIN + 80, 255 __SIGRTMIN + 81, 256 __SIGRTMIN + 82, 257 __SIGRTMIN + 83, 258 __SIGRTMIN + 84, 259 __SIGRTMIN + 85, 260 __SIGRTMIN + 86, 261 __SIGRTMIN + 87, 262 __SIGRTMIN + 88, 263 __SIGRTMIN + 89, 264 __SIGRTMIN + 90, 265 __SIGRTMIN + 91, 266 __SIGRTMIN + 92, 267 __SIGRTMIN + 93, 268 __SIGRTMIN + 94, 269 __SIGRTMIN + 95, 270 -1, /* SIGINFO */ 271 -1, /* UNKNOWN */ 272 -1, /* DEFAULT */ 273 -1, 274 -1, 275 -1, 276 -1, 277 -1, 278 -1 279 #endif 280 }; 281 #else 282 /* In system mode we only need SIGINT and SIGTRAP; other signals 283 are not yet supported. */ 284 285 enum { 286 TARGET_SIGINT = 2, 287 TARGET_SIGTRAP = 5 288 }; 289 290 static int gdb_signal_table[] = { 291 -1, 292 -1, 293 TARGET_SIGINT, 294 -1, 295 -1, 296 TARGET_SIGTRAP 297 }; 298 #endif 299 300 #ifdef CONFIG_USER_ONLY 301 static int target_signal_to_gdb (int sig) 302 { 303 int i; 304 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++) 305 if (gdb_signal_table[i] == sig) 306 return i; 307 return GDB_SIGNAL_UNKNOWN; 308 } 309 #endif 310 311 static int gdb_signal_to_target (int sig) 312 { 313 if (sig < ARRAY_SIZE (gdb_signal_table)) 314 return gdb_signal_table[sig]; 315 else 316 return -1; 317 } 318 319 typedef struct GDBRegisterState { 320 int base_reg; 321 int num_regs; 322 gdb_get_reg_cb get_reg; 323 gdb_set_reg_cb set_reg; 324 const char *xml; 325 struct GDBRegisterState *next; 326 } GDBRegisterState; 327 328 typedef struct GDBProcess { 329 uint32_t pid; 330 bool attached; 331 332 char target_xml[1024]; 333 } GDBProcess; 334 335 enum RSState { 336 RS_INACTIVE, 337 RS_IDLE, 338 RS_GETLINE, 339 RS_GETLINE_ESC, 340 RS_GETLINE_RLE, 341 RS_CHKSUM1, 342 RS_CHKSUM2, 343 }; 344 typedef struct GDBState { 345 bool init; /* have we been initialised? */ 346 CPUState *c_cpu; /* current CPU for step/continue ops */ 347 CPUState *g_cpu; /* current CPU for other ops */ 348 CPUState *query_cpu; /* for q{f|s}ThreadInfo */ 349 enum RSState state; /* parsing state */ 350 char line_buf[MAX_PACKET_LENGTH]; 351 int line_buf_index; 352 int line_sum; /* running checksum */ 353 int line_csum; /* checksum at the end of the packet */ 354 GByteArray *last_packet; 355 int signal; 356 #ifdef CONFIG_USER_ONLY 357 int fd; 358 char *socket_path; 359 int running_state; 360 #else 361 CharBackend chr; 362 Chardev *mon_chr; 363 #endif 364 bool multiprocess; 365 GDBProcess *processes; 366 int process_num; 367 char syscall_buf[256]; 368 gdb_syscall_complete_cb current_syscall_cb; 369 GString *str_buf; 370 GByteArray *mem_buf; 371 int sstep_flags; 372 int supported_sstep_flags; 373 } GDBState; 374 375 static GDBState gdbserver_state; 376 377 static void init_gdbserver_state(void) 378 { 379 g_assert(!gdbserver_state.init); 380 memset(&gdbserver_state, 0, sizeof(GDBState)); 381 gdbserver_state.init = true; 382 gdbserver_state.str_buf = g_string_new(NULL); 383 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH); 384 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4); 385 386 /* 387 * What single-step modes are supported is accelerator dependent. 388 * By default try to use no IRQs and no timers while single 389 * stepping so as to make single stepping like a typical ICE HW step. 390 */ 391 gdbserver_state.supported_sstep_flags = accel_supported_gdbstub_sstep_flags(); 392 gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER; 393 gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags; 394 } 395 396 #ifndef CONFIG_USER_ONLY 397 static void reset_gdbserver_state(void) 398 { 399 g_free(gdbserver_state.processes); 400 gdbserver_state.processes = NULL; 401 gdbserver_state.process_num = 0; 402 } 403 #endif 404 405 bool gdb_has_xml; 406 407 #ifdef CONFIG_USER_ONLY 408 409 static int get_char(void) 410 { 411 uint8_t ch; 412 int ret; 413 414 for(;;) { 415 ret = recv(gdbserver_state.fd, &ch, 1, 0); 416 if (ret < 0) { 417 if (errno == ECONNRESET) 418 gdbserver_state.fd = -1; 419 if (errno != EINTR) 420 return -1; 421 } else if (ret == 0) { 422 close(gdbserver_state.fd); 423 gdbserver_state.fd = -1; 424 return -1; 425 } else { 426 break; 427 } 428 } 429 return ch; 430 } 431 #endif 432 433 /* 434 * Return true if there is a GDB currently connected to the stub 435 * and attached to a CPU 436 */ 437 static bool gdb_attached(void) 438 { 439 return gdbserver_state.init && gdbserver_state.c_cpu; 440 } 441 442 static enum { 443 GDB_SYS_UNKNOWN, 444 GDB_SYS_ENABLED, 445 GDB_SYS_DISABLED, 446 } gdb_syscall_mode; 447 448 /* Decide if either remote gdb syscalls or native file IO should be used. */ 449 int use_gdb_syscalls(void) 450 { 451 SemihostingTarget target = semihosting_get_target(); 452 if (target == SEMIHOSTING_TARGET_NATIVE) { 453 /* -semihosting-config target=native */ 454 return false; 455 } else if (target == SEMIHOSTING_TARGET_GDB) { 456 /* -semihosting-config target=gdb */ 457 return true; 458 } 459 460 /* -semihosting-config target=auto */ 461 /* On the first call check if gdb is connected and remember. */ 462 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) { 463 gdb_syscall_mode = gdb_attached() ? GDB_SYS_ENABLED : GDB_SYS_DISABLED; 464 } 465 return gdb_syscall_mode == GDB_SYS_ENABLED; 466 } 467 468 static bool stub_can_reverse(void) 469 { 470 #ifdef CONFIG_USER_ONLY 471 return false; 472 #else 473 return replay_mode == REPLAY_MODE_PLAY; 474 #endif 475 } 476 477 /* Resume execution. */ 478 static inline void gdb_continue(void) 479 { 480 481 #ifdef CONFIG_USER_ONLY 482 gdbserver_state.running_state = 1; 483 trace_gdbstub_op_continue(); 484 #else 485 if (!runstate_needs_reset()) { 486 trace_gdbstub_op_continue(); 487 vm_start(); 488 } 489 #endif 490 } 491 492 /* 493 * Resume execution, per CPU actions. For user-mode emulation it's 494 * equivalent to gdb_continue. 495 */ 496 static int gdb_continue_partial(char *newstates) 497 { 498 CPUState *cpu; 499 int res = 0; 500 #ifdef CONFIG_USER_ONLY 501 /* 502 * This is not exactly accurate, but it's an improvement compared to the 503 * previous situation, where only one CPU would be single-stepped. 504 */ 505 CPU_FOREACH(cpu) { 506 if (newstates[cpu->cpu_index] == 's') { 507 trace_gdbstub_op_stepping(cpu->cpu_index); 508 cpu_single_step(cpu, gdbserver_state.sstep_flags); 509 } 510 } 511 gdbserver_state.running_state = 1; 512 #else 513 int flag = 0; 514 515 if (!runstate_needs_reset()) { 516 bool step_requested = false; 517 CPU_FOREACH(cpu) { 518 if (newstates[cpu->cpu_index] == 's') { 519 step_requested = true; 520 break; 521 } 522 } 523 524 if (vm_prepare_start(step_requested)) { 525 return 0; 526 } 527 528 CPU_FOREACH(cpu) { 529 switch (newstates[cpu->cpu_index]) { 530 case 0: 531 case 1: 532 break; /* nothing to do here */ 533 case 's': 534 trace_gdbstub_op_stepping(cpu->cpu_index); 535 cpu_single_step(cpu, gdbserver_state.sstep_flags); 536 cpu_resume(cpu); 537 flag = 1; 538 break; 539 case 'c': 540 trace_gdbstub_op_continue_cpu(cpu->cpu_index); 541 cpu_resume(cpu); 542 flag = 1; 543 break; 544 default: 545 res = -1; 546 break; 547 } 548 } 549 } 550 if (flag) { 551 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true); 552 } 553 #endif 554 return res; 555 } 556 557 static void put_buffer(const uint8_t *buf, int len) 558 { 559 #ifdef CONFIG_USER_ONLY 560 int ret; 561 562 while (len > 0) { 563 ret = send(gdbserver_state.fd, buf, len, 0); 564 if (ret < 0) { 565 if (errno != EINTR) 566 return; 567 } else { 568 buf += ret; 569 len -= ret; 570 } 571 } 572 #else 573 /* XXX this blocks entire thread. Rewrite to use 574 * qemu_chr_fe_write and background I/O callbacks */ 575 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len); 576 #endif 577 } 578 579 static inline int fromhex(int v) 580 { 581 if (v >= '0' && v <= '9') 582 return v - '0'; 583 else if (v >= 'A' && v <= 'F') 584 return v - 'A' + 10; 585 else if (v >= 'a' && v <= 'f') 586 return v - 'a' + 10; 587 else 588 return 0; 589 } 590 591 static inline int tohex(int v) 592 { 593 if (v < 10) 594 return v + '0'; 595 else 596 return v - 10 + 'a'; 597 } 598 599 /* writes 2*len+1 bytes in buf */ 600 static void memtohex(GString *buf, const uint8_t *mem, int len) 601 { 602 int i, c; 603 for(i = 0; i < len; i++) { 604 c = mem[i]; 605 g_string_append_c(buf, tohex(c >> 4)); 606 g_string_append_c(buf, tohex(c & 0xf)); 607 } 608 g_string_append_c(buf, '\0'); 609 } 610 611 static void hextomem(GByteArray *mem, const char *buf, int len) 612 { 613 int i; 614 615 for(i = 0; i < len; i++) { 616 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]); 617 g_byte_array_append(mem, &byte, 1); 618 buf += 2; 619 } 620 } 621 622 static void hexdump(const char *buf, int len, 623 void (*trace_fn)(size_t ofs, char const *text)) 624 { 625 char line_buffer[3 * 16 + 4 + 16 + 1]; 626 627 size_t i; 628 for (i = 0; i < len || (i & 0xF); ++i) { 629 size_t byte_ofs = i & 15; 630 631 if (byte_ofs == 0) { 632 memset(line_buffer, ' ', 3 * 16 + 4 + 16); 633 line_buffer[3 * 16 + 4 + 16] = 0; 634 } 635 636 size_t col_group = (i >> 2) & 3; 637 size_t hex_col = byte_ofs * 3 + col_group; 638 size_t txt_col = 3 * 16 + 4 + byte_ofs; 639 640 if (i < len) { 641 char value = buf[i]; 642 643 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF); 644 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF); 645 line_buffer[txt_col + 0] = (value >= ' ' && value < 127) 646 ? value 647 : '.'; 648 } 649 650 if (byte_ofs == 0xF) 651 trace_fn(i & -16, line_buffer); 652 } 653 } 654 655 /* return -1 if error, 0 if OK */ 656 static int put_packet_binary(const char *buf, int len, bool dump) 657 { 658 int csum, i; 659 uint8_t footer[3]; 660 661 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) { 662 hexdump(buf, len, trace_gdbstub_io_binaryreply); 663 } 664 665 for(;;) { 666 g_byte_array_set_size(gdbserver_state.last_packet, 0); 667 g_byte_array_append(gdbserver_state.last_packet, 668 (const uint8_t *) "$", 1); 669 g_byte_array_append(gdbserver_state.last_packet, 670 (const uint8_t *) buf, len); 671 csum = 0; 672 for(i = 0; i < len; i++) { 673 csum += buf[i]; 674 } 675 footer[0] = '#'; 676 footer[1] = tohex((csum >> 4) & 0xf); 677 footer[2] = tohex((csum) & 0xf); 678 g_byte_array_append(gdbserver_state.last_packet, footer, 3); 679 680 put_buffer(gdbserver_state.last_packet->data, 681 gdbserver_state.last_packet->len); 682 683 #ifdef CONFIG_USER_ONLY 684 i = get_char(); 685 if (i < 0) 686 return -1; 687 if (i == '+') 688 break; 689 #else 690 break; 691 #endif 692 } 693 return 0; 694 } 695 696 /* return -1 if error, 0 if OK */ 697 static int put_packet(const char *buf) 698 { 699 trace_gdbstub_io_reply(buf); 700 701 return put_packet_binary(buf, strlen(buf), false); 702 } 703 704 static void put_strbuf(void) 705 { 706 put_packet(gdbserver_state.str_buf->str); 707 } 708 709 /* Encode data using the encoding for 'x' packets. */ 710 static void memtox(GString *buf, const char *mem, int len) 711 { 712 char c; 713 714 while (len--) { 715 c = *(mem++); 716 switch (c) { 717 case '#': case '$': case '*': case '}': 718 g_string_append_c(buf, '}'); 719 g_string_append_c(buf, c ^ 0x20); 720 break; 721 default: 722 g_string_append_c(buf, c); 723 break; 724 } 725 } 726 } 727 728 static uint32_t gdb_get_cpu_pid(CPUState *cpu) 729 { 730 /* TODO: In user mode, we should use the task state PID */ 731 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) { 732 /* Return the default process' PID */ 733 int index = gdbserver_state.process_num - 1; 734 return gdbserver_state.processes[index].pid; 735 } 736 return cpu->cluster_index + 1; 737 } 738 739 static GDBProcess *gdb_get_process(uint32_t pid) 740 { 741 int i; 742 743 if (!pid) { 744 /* 0 means any process, we take the first one */ 745 return &gdbserver_state.processes[0]; 746 } 747 748 for (i = 0; i < gdbserver_state.process_num; i++) { 749 if (gdbserver_state.processes[i].pid == pid) { 750 return &gdbserver_state.processes[i]; 751 } 752 } 753 754 return NULL; 755 } 756 757 static GDBProcess *gdb_get_cpu_process(CPUState *cpu) 758 { 759 return gdb_get_process(gdb_get_cpu_pid(cpu)); 760 } 761 762 static CPUState *find_cpu(uint32_t thread_id) 763 { 764 CPUState *cpu; 765 766 CPU_FOREACH(cpu) { 767 if (cpu_gdb_index(cpu) == thread_id) { 768 return cpu; 769 } 770 } 771 772 return NULL; 773 } 774 775 static CPUState *get_first_cpu_in_process(GDBProcess *process) 776 { 777 CPUState *cpu; 778 779 CPU_FOREACH(cpu) { 780 if (gdb_get_cpu_pid(cpu) == process->pid) { 781 return cpu; 782 } 783 } 784 785 return NULL; 786 } 787 788 static CPUState *gdb_next_cpu_in_process(CPUState *cpu) 789 { 790 uint32_t pid = gdb_get_cpu_pid(cpu); 791 cpu = CPU_NEXT(cpu); 792 793 while (cpu) { 794 if (gdb_get_cpu_pid(cpu) == pid) { 795 break; 796 } 797 798 cpu = CPU_NEXT(cpu); 799 } 800 801 return cpu; 802 } 803 804 /* Return the cpu following @cpu, while ignoring unattached processes. */ 805 static CPUState *gdb_next_attached_cpu(CPUState *cpu) 806 { 807 cpu = CPU_NEXT(cpu); 808 809 while (cpu) { 810 if (gdb_get_cpu_process(cpu)->attached) { 811 break; 812 } 813 814 cpu = CPU_NEXT(cpu); 815 } 816 817 return cpu; 818 } 819 820 /* Return the first attached cpu */ 821 static CPUState *gdb_first_attached_cpu(void) 822 { 823 CPUState *cpu = first_cpu; 824 GDBProcess *process = gdb_get_cpu_process(cpu); 825 826 if (!process->attached) { 827 return gdb_next_attached_cpu(cpu); 828 } 829 830 return cpu; 831 } 832 833 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid) 834 { 835 GDBProcess *process; 836 CPUState *cpu; 837 838 if (!pid && !tid) { 839 /* 0 means any process/thread, we take the first attached one */ 840 return gdb_first_attached_cpu(); 841 } else if (pid && !tid) { 842 /* any thread in a specific process */ 843 process = gdb_get_process(pid); 844 845 if (process == NULL) { 846 return NULL; 847 } 848 849 if (!process->attached) { 850 return NULL; 851 } 852 853 return get_first_cpu_in_process(process); 854 } else { 855 /* a specific thread */ 856 cpu = find_cpu(tid); 857 858 if (cpu == NULL) { 859 return NULL; 860 } 861 862 process = gdb_get_cpu_process(cpu); 863 864 if (pid && process->pid != pid) { 865 return NULL; 866 } 867 868 if (!process->attached) { 869 return NULL; 870 } 871 872 return cpu; 873 } 874 } 875 876 static const char *get_feature_xml(const char *p, const char **newp, 877 GDBProcess *process) 878 { 879 size_t len; 880 int i; 881 const char *name; 882 CPUState *cpu = get_first_cpu_in_process(process); 883 CPUClass *cc = CPU_GET_CLASS(cpu); 884 885 len = 0; 886 while (p[len] && p[len] != ':') 887 len++; 888 *newp = p + len; 889 890 name = NULL; 891 if (strncmp(p, "target.xml", len) == 0) { 892 char *buf = process->target_xml; 893 const size_t buf_sz = sizeof(process->target_xml); 894 895 /* Generate the XML description for this CPU. */ 896 if (!buf[0]) { 897 GDBRegisterState *r; 898 899 pstrcat(buf, buf_sz, 900 "<?xml version=\"1.0\"?>" 901 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">" 902 "<target>"); 903 if (cc->gdb_arch_name) { 904 gchar *arch = cc->gdb_arch_name(cpu); 905 pstrcat(buf, buf_sz, "<architecture>"); 906 pstrcat(buf, buf_sz, arch); 907 pstrcat(buf, buf_sz, "</architecture>"); 908 g_free(arch); 909 } 910 pstrcat(buf, buf_sz, "<xi:include href=\""); 911 pstrcat(buf, buf_sz, cc->gdb_core_xml_file); 912 pstrcat(buf, buf_sz, "\"/>"); 913 for (r = cpu->gdb_regs; r; r = r->next) { 914 pstrcat(buf, buf_sz, "<xi:include href=\""); 915 pstrcat(buf, buf_sz, r->xml); 916 pstrcat(buf, buf_sz, "\"/>"); 917 } 918 pstrcat(buf, buf_sz, "</target>"); 919 } 920 return buf; 921 } 922 if (cc->gdb_get_dynamic_xml) { 923 char *xmlname = g_strndup(p, len); 924 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname); 925 926 g_free(xmlname); 927 if (xml) { 928 return xml; 929 } 930 } 931 for (i = 0; ; i++) { 932 name = xml_builtin[i][0]; 933 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len)) 934 break; 935 } 936 return name ? xml_builtin[i][1] : NULL; 937 } 938 939 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg) 940 { 941 CPUClass *cc = CPU_GET_CLASS(cpu); 942 CPUArchState *env = cpu->env_ptr; 943 GDBRegisterState *r; 944 945 if (reg < cc->gdb_num_core_regs) { 946 return cc->gdb_read_register(cpu, buf, reg); 947 } 948 949 for (r = cpu->gdb_regs; r; r = r->next) { 950 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) { 951 return r->get_reg(env, buf, reg - r->base_reg); 952 } 953 } 954 return 0; 955 } 956 957 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg) 958 { 959 CPUClass *cc = CPU_GET_CLASS(cpu); 960 CPUArchState *env = cpu->env_ptr; 961 GDBRegisterState *r; 962 963 if (reg < cc->gdb_num_core_regs) { 964 return cc->gdb_write_register(cpu, mem_buf, reg); 965 } 966 967 for (r = cpu->gdb_regs; r; r = r->next) { 968 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) { 969 return r->set_reg(env, mem_buf, reg - r->base_reg); 970 } 971 } 972 return 0; 973 } 974 975 /* Register a supplemental set of CPU registers. If g_pos is nonzero it 976 specifies the first register number and these registers are included in 977 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is 978 gdb reading a CPU register, and set_reg is gdb modifying a CPU register. 979 */ 980 981 void gdb_register_coprocessor(CPUState *cpu, 982 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg, 983 int num_regs, const char *xml, int g_pos) 984 { 985 GDBRegisterState *s; 986 GDBRegisterState **p; 987 988 p = &cpu->gdb_regs; 989 while (*p) { 990 /* Check for duplicates. */ 991 if (strcmp((*p)->xml, xml) == 0) 992 return; 993 p = &(*p)->next; 994 } 995 996 s = g_new0(GDBRegisterState, 1); 997 s->base_reg = cpu->gdb_num_regs; 998 s->num_regs = num_regs; 999 s->get_reg = get_reg; 1000 s->set_reg = set_reg; 1001 s->xml = xml; 1002 1003 /* Add to end of list. */ 1004 cpu->gdb_num_regs += num_regs; 1005 *p = s; 1006 if (g_pos) { 1007 if (g_pos != s->base_reg) { 1008 error_report("Error: Bad gdb register numbering for '%s', " 1009 "expected %d got %d", xml, g_pos, s->base_reg); 1010 } else { 1011 cpu->gdb_num_g_regs = cpu->gdb_num_regs; 1012 } 1013 } 1014 } 1015 1016 static void gdb_process_breakpoint_remove_all(GDBProcess *p) 1017 { 1018 CPUState *cpu = get_first_cpu_in_process(p); 1019 1020 while (cpu) { 1021 gdb_breakpoint_remove_all(cpu); 1022 cpu = gdb_next_cpu_in_process(cpu); 1023 } 1024 } 1025 1026 1027 static void gdb_set_cpu_pc(target_ulong pc) 1028 { 1029 CPUState *cpu = gdbserver_state.c_cpu; 1030 1031 cpu_synchronize_state(cpu); 1032 cpu_set_pc(cpu, pc); 1033 } 1034 1035 static void gdb_append_thread_id(CPUState *cpu, GString *buf) 1036 { 1037 if (gdbserver_state.multiprocess) { 1038 g_string_append_printf(buf, "p%02x.%02x", 1039 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu)); 1040 } else { 1041 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu)); 1042 } 1043 } 1044 1045 typedef enum GDBThreadIdKind { 1046 GDB_ONE_THREAD = 0, 1047 GDB_ALL_THREADS, /* One process, all threads */ 1048 GDB_ALL_PROCESSES, 1049 GDB_READ_THREAD_ERR 1050 } GDBThreadIdKind; 1051 1052 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf, 1053 uint32_t *pid, uint32_t *tid) 1054 { 1055 unsigned long p, t; 1056 int ret; 1057 1058 if (*buf == 'p') { 1059 buf++; 1060 ret = qemu_strtoul(buf, &buf, 16, &p); 1061 1062 if (ret) { 1063 return GDB_READ_THREAD_ERR; 1064 } 1065 1066 /* Skip '.' */ 1067 buf++; 1068 } else { 1069 p = 1; 1070 } 1071 1072 ret = qemu_strtoul(buf, &buf, 16, &t); 1073 1074 if (ret) { 1075 return GDB_READ_THREAD_ERR; 1076 } 1077 1078 *end_buf = buf; 1079 1080 if (p == -1) { 1081 return GDB_ALL_PROCESSES; 1082 } 1083 1084 if (pid) { 1085 *pid = p; 1086 } 1087 1088 if (t == -1) { 1089 return GDB_ALL_THREADS; 1090 } 1091 1092 if (tid) { 1093 *tid = t; 1094 } 1095 1096 return GDB_ONE_THREAD; 1097 } 1098 1099 /** 1100 * gdb_handle_vcont - Parses and handles a vCont packet. 1101 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is 1102 * a format error, 0 on success. 1103 */ 1104 static int gdb_handle_vcont(const char *p) 1105 { 1106 int res, signal = 0; 1107 char cur_action; 1108 char *newstates; 1109 unsigned long tmp; 1110 uint32_t pid, tid; 1111 GDBProcess *process; 1112 CPUState *cpu; 1113 GDBThreadIdKind kind; 1114 #ifdef CONFIG_USER_ONLY 1115 int max_cpus = 1; /* global variable max_cpus exists only in system mode */ 1116 1117 CPU_FOREACH(cpu) { 1118 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus; 1119 } 1120 #else 1121 MachineState *ms = MACHINE(qdev_get_machine()); 1122 unsigned int max_cpus = ms->smp.max_cpus; 1123 #endif 1124 /* uninitialised CPUs stay 0 */ 1125 newstates = g_new0(char, max_cpus); 1126 1127 /* mark valid CPUs with 1 */ 1128 CPU_FOREACH(cpu) { 1129 newstates[cpu->cpu_index] = 1; 1130 } 1131 1132 /* 1133 * res keeps track of what error we are returning, with -ENOTSUP meaning 1134 * that the command is unknown or unsupported, thus returning an empty 1135 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid, 1136 * or incorrect parameters passed. 1137 */ 1138 res = 0; 1139 while (*p) { 1140 if (*p++ != ';') { 1141 res = -ENOTSUP; 1142 goto out; 1143 } 1144 1145 cur_action = *p++; 1146 if (cur_action == 'C' || cur_action == 'S') { 1147 cur_action = qemu_tolower(cur_action); 1148 res = qemu_strtoul(p, &p, 16, &tmp); 1149 if (res) { 1150 goto out; 1151 } 1152 signal = gdb_signal_to_target(tmp); 1153 } else if (cur_action != 'c' && cur_action != 's') { 1154 /* unknown/invalid/unsupported command */ 1155 res = -ENOTSUP; 1156 goto out; 1157 } 1158 1159 if (*p == '\0' || *p == ';') { 1160 /* 1161 * No thread specifier, action is on "all threads". The 1162 * specification is unclear regarding the process to act on. We 1163 * choose all processes. 1164 */ 1165 kind = GDB_ALL_PROCESSES; 1166 } else if (*p++ == ':') { 1167 kind = read_thread_id(p, &p, &pid, &tid); 1168 } else { 1169 res = -ENOTSUP; 1170 goto out; 1171 } 1172 1173 switch (kind) { 1174 case GDB_READ_THREAD_ERR: 1175 res = -EINVAL; 1176 goto out; 1177 1178 case GDB_ALL_PROCESSES: 1179 cpu = gdb_first_attached_cpu(); 1180 while (cpu) { 1181 if (newstates[cpu->cpu_index] == 1) { 1182 newstates[cpu->cpu_index] = cur_action; 1183 } 1184 1185 cpu = gdb_next_attached_cpu(cpu); 1186 } 1187 break; 1188 1189 case GDB_ALL_THREADS: 1190 process = gdb_get_process(pid); 1191 1192 if (!process->attached) { 1193 res = -EINVAL; 1194 goto out; 1195 } 1196 1197 cpu = get_first_cpu_in_process(process); 1198 while (cpu) { 1199 if (newstates[cpu->cpu_index] == 1) { 1200 newstates[cpu->cpu_index] = cur_action; 1201 } 1202 1203 cpu = gdb_next_cpu_in_process(cpu); 1204 } 1205 break; 1206 1207 case GDB_ONE_THREAD: 1208 cpu = gdb_get_cpu(pid, tid); 1209 1210 /* invalid CPU/thread specified */ 1211 if (!cpu) { 1212 res = -EINVAL; 1213 goto out; 1214 } 1215 1216 /* only use if no previous match occourred */ 1217 if (newstates[cpu->cpu_index] == 1) { 1218 newstates[cpu->cpu_index] = cur_action; 1219 } 1220 break; 1221 } 1222 } 1223 gdbserver_state.signal = signal; 1224 gdb_continue_partial(newstates); 1225 1226 out: 1227 g_free(newstates); 1228 1229 return res; 1230 } 1231 1232 typedef union GdbCmdVariant { 1233 const char *data; 1234 uint8_t opcode; 1235 unsigned long val_ul; 1236 unsigned long long val_ull; 1237 struct { 1238 GDBThreadIdKind kind; 1239 uint32_t pid; 1240 uint32_t tid; 1241 } thread_id; 1242 } GdbCmdVariant; 1243 1244 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i)) 1245 1246 static const char *cmd_next_param(const char *param, const char delimiter) 1247 { 1248 static const char all_delimiters[] = ",;:="; 1249 char curr_delimiters[2] = {0}; 1250 const char *delimiters; 1251 1252 if (delimiter == '?') { 1253 delimiters = all_delimiters; 1254 } else if (delimiter == '0') { 1255 return strchr(param, '\0'); 1256 } else if (delimiter == '.' && *param) { 1257 return param + 1; 1258 } else { 1259 curr_delimiters[0] = delimiter; 1260 delimiters = curr_delimiters; 1261 } 1262 1263 param += strcspn(param, delimiters); 1264 if (*param) { 1265 param++; 1266 } 1267 return param; 1268 } 1269 1270 static int cmd_parse_params(const char *data, const char *schema, 1271 GArray *params) 1272 { 1273 const char *curr_schema, *curr_data; 1274 1275 g_assert(schema); 1276 g_assert(params->len == 0); 1277 1278 curr_schema = schema; 1279 curr_data = data; 1280 while (curr_schema[0] && curr_schema[1] && *curr_data) { 1281 GdbCmdVariant this_param; 1282 1283 switch (curr_schema[0]) { 1284 case 'l': 1285 if (qemu_strtoul(curr_data, &curr_data, 16, 1286 &this_param.val_ul)) { 1287 return -EINVAL; 1288 } 1289 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1290 g_array_append_val(params, this_param); 1291 break; 1292 case 'L': 1293 if (qemu_strtou64(curr_data, &curr_data, 16, 1294 (uint64_t *)&this_param.val_ull)) { 1295 return -EINVAL; 1296 } 1297 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1298 g_array_append_val(params, this_param); 1299 break; 1300 case 's': 1301 this_param.data = curr_data; 1302 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1303 g_array_append_val(params, this_param); 1304 break; 1305 case 'o': 1306 this_param.opcode = *(uint8_t *)curr_data; 1307 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1308 g_array_append_val(params, this_param); 1309 break; 1310 case 't': 1311 this_param.thread_id.kind = 1312 read_thread_id(curr_data, &curr_data, 1313 &this_param.thread_id.pid, 1314 &this_param.thread_id.tid); 1315 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1316 g_array_append_val(params, this_param); 1317 break; 1318 case '?': 1319 curr_data = cmd_next_param(curr_data, curr_schema[1]); 1320 break; 1321 default: 1322 return -EINVAL; 1323 } 1324 curr_schema += 2; 1325 } 1326 1327 return 0; 1328 } 1329 1330 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx); 1331 1332 /* 1333 * cmd_startswith -> cmd is compared using startswith 1334 * 1335 * 1336 * schema definitions: 1337 * Each schema parameter entry consists of 2 chars, 1338 * the first char represents the parameter type handling 1339 * the second char represents the delimiter for the next parameter 1340 * 1341 * Currently supported schema types: 1342 * 'l' -> unsigned long (stored in .val_ul) 1343 * 'L' -> unsigned long long (stored in .val_ull) 1344 * 's' -> string (stored in .data) 1345 * 'o' -> single char (stored in .opcode) 1346 * 't' -> thread id (stored in .thread_id) 1347 * '?' -> skip according to delimiter 1348 * 1349 * Currently supported delimiters: 1350 * '?' -> Stop at any delimiter (",;:=\0") 1351 * '0' -> Stop at "\0" 1352 * '.' -> Skip 1 char unless reached "\0" 1353 * Any other value is treated as the delimiter value itself 1354 */ 1355 typedef struct GdbCmdParseEntry { 1356 GdbCmdHandler handler; 1357 const char *cmd; 1358 bool cmd_startswith; 1359 const char *schema; 1360 } GdbCmdParseEntry; 1361 1362 static inline int startswith(const char *string, const char *pattern) 1363 { 1364 return !strncmp(string, pattern, strlen(pattern)); 1365 } 1366 1367 static int process_string_cmd(void *user_ctx, const char *data, 1368 const GdbCmdParseEntry *cmds, int num_cmds) 1369 { 1370 int i; 1371 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant)); 1372 1373 if (!cmds) { 1374 return -1; 1375 } 1376 1377 for (i = 0; i < num_cmds; i++) { 1378 const GdbCmdParseEntry *cmd = &cmds[i]; 1379 g_assert(cmd->handler && cmd->cmd); 1380 1381 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) || 1382 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) { 1383 continue; 1384 } 1385 1386 if (cmd->schema) { 1387 if (cmd_parse_params(&data[strlen(cmd->cmd)], 1388 cmd->schema, params)) { 1389 return -1; 1390 } 1391 } 1392 1393 cmd->handler(params, user_ctx); 1394 return 0; 1395 } 1396 1397 return -1; 1398 } 1399 1400 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd) 1401 { 1402 if (!data) { 1403 return; 1404 } 1405 1406 g_string_set_size(gdbserver_state.str_buf, 0); 1407 g_byte_array_set_size(gdbserver_state.mem_buf, 0); 1408 1409 /* In case there was an error during the command parsing we must 1410 * send a NULL packet to indicate the command is not supported */ 1411 if (process_string_cmd(NULL, data, cmd, 1)) { 1412 put_packet(""); 1413 } 1414 } 1415 1416 static void handle_detach(GArray *params, void *user_ctx) 1417 { 1418 GDBProcess *process; 1419 uint32_t pid = 1; 1420 1421 if (gdbserver_state.multiprocess) { 1422 if (!params->len) { 1423 put_packet("E22"); 1424 return; 1425 } 1426 1427 pid = get_param(params, 0)->val_ul; 1428 } 1429 1430 process = gdb_get_process(pid); 1431 gdb_process_breakpoint_remove_all(process); 1432 process->attached = false; 1433 1434 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) { 1435 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 1436 } 1437 1438 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) { 1439 gdbserver_state.g_cpu = gdb_first_attached_cpu(); 1440 } 1441 1442 if (!gdbserver_state.c_cpu) { 1443 /* No more process attached */ 1444 gdb_syscall_mode = GDB_SYS_DISABLED; 1445 gdb_continue(); 1446 } 1447 put_packet("OK"); 1448 } 1449 1450 static void handle_thread_alive(GArray *params, void *user_ctx) 1451 { 1452 CPUState *cpu; 1453 1454 if (!params->len) { 1455 put_packet("E22"); 1456 return; 1457 } 1458 1459 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) { 1460 put_packet("E22"); 1461 return; 1462 } 1463 1464 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid, 1465 get_param(params, 0)->thread_id.tid); 1466 if (!cpu) { 1467 put_packet("E22"); 1468 return; 1469 } 1470 1471 put_packet("OK"); 1472 } 1473 1474 static void handle_continue(GArray *params, void *user_ctx) 1475 { 1476 if (params->len) { 1477 gdb_set_cpu_pc(get_param(params, 0)->val_ull); 1478 } 1479 1480 gdbserver_state.signal = 0; 1481 gdb_continue(); 1482 } 1483 1484 static void handle_cont_with_sig(GArray *params, void *user_ctx) 1485 { 1486 unsigned long signal = 0; 1487 1488 /* 1489 * Note: C sig;[addr] is currently unsupported and we simply 1490 * omit the addr parameter 1491 */ 1492 if (params->len) { 1493 signal = get_param(params, 0)->val_ul; 1494 } 1495 1496 gdbserver_state.signal = gdb_signal_to_target(signal); 1497 if (gdbserver_state.signal == -1) { 1498 gdbserver_state.signal = 0; 1499 } 1500 gdb_continue(); 1501 } 1502 1503 static void handle_set_thread(GArray *params, void *user_ctx) 1504 { 1505 CPUState *cpu; 1506 1507 if (params->len != 2) { 1508 put_packet("E22"); 1509 return; 1510 } 1511 1512 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) { 1513 put_packet("E22"); 1514 return; 1515 } 1516 1517 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) { 1518 put_packet("OK"); 1519 return; 1520 } 1521 1522 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid, 1523 get_param(params, 1)->thread_id.tid); 1524 if (!cpu) { 1525 put_packet("E22"); 1526 return; 1527 } 1528 1529 /* 1530 * Note: This command is deprecated and modern gdb's will be using the 1531 * vCont command instead. 1532 */ 1533 switch (get_param(params, 0)->opcode) { 1534 case 'c': 1535 gdbserver_state.c_cpu = cpu; 1536 put_packet("OK"); 1537 break; 1538 case 'g': 1539 gdbserver_state.g_cpu = cpu; 1540 put_packet("OK"); 1541 break; 1542 default: 1543 put_packet("E22"); 1544 break; 1545 } 1546 } 1547 1548 static void handle_insert_bp(GArray *params, void *user_ctx) 1549 { 1550 int res; 1551 1552 if (params->len != 3) { 1553 put_packet("E22"); 1554 return; 1555 } 1556 1557 res = gdb_breakpoint_insert(gdbserver_state.c_cpu, 1558 get_param(params, 0)->val_ul, 1559 get_param(params, 1)->val_ull, 1560 get_param(params, 2)->val_ull); 1561 if (res >= 0) { 1562 put_packet("OK"); 1563 return; 1564 } else if (res == -ENOSYS) { 1565 put_packet(""); 1566 return; 1567 } 1568 1569 put_packet("E22"); 1570 } 1571 1572 static void handle_remove_bp(GArray *params, void *user_ctx) 1573 { 1574 int res; 1575 1576 if (params->len != 3) { 1577 put_packet("E22"); 1578 return; 1579 } 1580 1581 res = gdb_breakpoint_remove(gdbserver_state.c_cpu, 1582 get_param(params, 0)->val_ul, 1583 get_param(params, 1)->val_ull, 1584 get_param(params, 2)->val_ull); 1585 if (res >= 0) { 1586 put_packet("OK"); 1587 return; 1588 } else if (res == -ENOSYS) { 1589 put_packet(""); 1590 return; 1591 } 1592 1593 put_packet("E22"); 1594 } 1595 1596 /* 1597 * handle_set/get_reg 1598 * 1599 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available. 1600 * This works, but can be very slow. Anything new enough to understand 1601 * XML also knows how to use this properly. However to use this we 1602 * need to define a local XML file as well as be talking to a 1603 * reasonably modern gdb. Responding with an empty packet will cause 1604 * the remote gdb to fallback to older methods. 1605 */ 1606 1607 static void handle_set_reg(GArray *params, void *user_ctx) 1608 { 1609 int reg_size; 1610 1611 if (!gdb_has_xml) { 1612 put_packet(""); 1613 return; 1614 } 1615 1616 if (params->len != 2) { 1617 put_packet("E22"); 1618 return; 1619 } 1620 1621 reg_size = strlen(get_param(params, 1)->data) / 2; 1622 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size); 1623 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data, 1624 get_param(params, 0)->val_ull); 1625 put_packet("OK"); 1626 } 1627 1628 static void handle_get_reg(GArray *params, void *user_ctx) 1629 { 1630 int reg_size; 1631 1632 if (!gdb_has_xml) { 1633 put_packet(""); 1634 return; 1635 } 1636 1637 if (!params->len) { 1638 put_packet("E14"); 1639 return; 1640 } 1641 1642 reg_size = gdb_read_register(gdbserver_state.g_cpu, 1643 gdbserver_state.mem_buf, 1644 get_param(params, 0)->val_ull); 1645 if (!reg_size) { 1646 put_packet("E14"); 1647 return; 1648 } else { 1649 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size); 1650 } 1651 1652 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size); 1653 put_strbuf(); 1654 } 1655 1656 static void handle_write_mem(GArray *params, void *user_ctx) 1657 { 1658 if (params->len != 3) { 1659 put_packet("E22"); 1660 return; 1661 } 1662 1663 /* hextomem() reads 2*len bytes */ 1664 if (get_param(params, 1)->val_ull > 1665 strlen(get_param(params, 2)->data) / 2) { 1666 put_packet("E22"); 1667 return; 1668 } 1669 1670 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data, 1671 get_param(params, 1)->val_ull); 1672 if (target_memory_rw_debug(gdbserver_state.g_cpu, 1673 get_param(params, 0)->val_ull, 1674 gdbserver_state.mem_buf->data, 1675 gdbserver_state.mem_buf->len, true)) { 1676 put_packet("E14"); 1677 return; 1678 } 1679 1680 put_packet("OK"); 1681 } 1682 1683 static void handle_read_mem(GArray *params, void *user_ctx) 1684 { 1685 if (params->len != 2) { 1686 put_packet("E22"); 1687 return; 1688 } 1689 1690 /* memtohex() doubles the required space */ 1691 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) { 1692 put_packet("E22"); 1693 return; 1694 } 1695 1696 g_byte_array_set_size(gdbserver_state.mem_buf, 1697 get_param(params, 1)->val_ull); 1698 1699 if (target_memory_rw_debug(gdbserver_state.g_cpu, 1700 get_param(params, 0)->val_ull, 1701 gdbserver_state.mem_buf->data, 1702 gdbserver_state.mem_buf->len, false)) { 1703 put_packet("E14"); 1704 return; 1705 } 1706 1707 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, 1708 gdbserver_state.mem_buf->len); 1709 put_strbuf(); 1710 } 1711 1712 static void handle_write_all_regs(GArray *params, void *user_ctx) 1713 { 1714 target_ulong addr, len; 1715 uint8_t *registers; 1716 int reg_size; 1717 1718 if (!params->len) { 1719 return; 1720 } 1721 1722 cpu_synchronize_state(gdbserver_state.g_cpu); 1723 len = strlen(get_param(params, 0)->data) / 2; 1724 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len); 1725 registers = gdbserver_state.mem_buf->data; 1726 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0; 1727 addr++) { 1728 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr); 1729 len -= reg_size; 1730 registers += reg_size; 1731 } 1732 put_packet("OK"); 1733 } 1734 1735 static void handle_read_all_regs(GArray *params, void *user_ctx) 1736 { 1737 target_ulong addr, len; 1738 1739 cpu_synchronize_state(gdbserver_state.g_cpu); 1740 g_byte_array_set_size(gdbserver_state.mem_buf, 0); 1741 len = 0; 1742 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) { 1743 len += gdb_read_register(gdbserver_state.g_cpu, 1744 gdbserver_state.mem_buf, 1745 addr); 1746 } 1747 g_assert(len == gdbserver_state.mem_buf->len); 1748 1749 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len); 1750 put_strbuf(); 1751 } 1752 1753 static void handle_file_io(GArray *params, void *user_ctx) 1754 { 1755 if (params->len >= 1 && gdbserver_state.current_syscall_cb) { 1756 uint64_t ret; 1757 int err; 1758 1759 ret = get_param(params, 0)->val_ull; 1760 if (params->len >= 2) { 1761 err = get_param(params, 1)->val_ull; 1762 } else { 1763 err = 0; 1764 } 1765 1766 /* Convert GDB error numbers back to host error numbers. */ 1767 #define E(X) case GDB_E##X: err = E##X; break 1768 switch (err) { 1769 case 0: 1770 break; 1771 E(PERM); 1772 E(NOENT); 1773 E(INTR); 1774 E(BADF); 1775 E(ACCES); 1776 E(FAULT); 1777 E(BUSY); 1778 E(EXIST); 1779 E(NODEV); 1780 E(NOTDIR); 1781 E(ISDIR); 1782 E(INVAL); 1783 E(NFILE); 1784 E(MFILE); 1785 E(FBIG); 1786 E(NOSPC); 1787 E(SPIPE); 1788 E(ROFS); 1789 E(NAMETOOLONG); 1790 default: 1791 err = EINVAL; 1792 break; 1793 } 1794 #undef E 1795 1796 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err); 1797 gdbserver_state.current_syscall_cb = NULL; 1798 } 1799 1800 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') { 1801 put_packet("T02"); 1802 return; 1803 } 1804 1805 gdb_continue(); 1806 } 1807 1808 static void handle_step(GArray *params, void *user_ctx) 1809 { 1810 if (params->len) { 1811 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull); 1812 } 1813 1814 cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags); 1815 gdb_continue(); 1816 } 1817 1818 static void handle_backward(GArray *params, void *user_ctx) 1819 { 1820 if (!stub_can_reverse()) { 1821 put_packet("E22"); 1822 } 1823 if (params->len == 1) { 1824 switch (get_param(params, 0)->opcode) { 1825 case 's': 1826 if (replay_reverse_step()) { 1827 gdb_continue(); 1828 } else { 1829 put_packet("E14"); 1830 } 1831 return; 1832 case 'c': 1833 if (replay_reverse_continue()) { 1834 gdb_continue(); 1835 } else { 1836 put_packet("E14"); 1837 } 1838 return; 1839 } 1840 } 1841 1842 /* Default invalid command */ 1843 put_packet(""); 1844 } 1845 1846 static void handle_v_cont_query(GArray *params, void *user_ctx) 1847 { 1848 put_packet("vCont;c;C;s;S"); 1849 } 1850 1851 static void handle_v_cont(GArray *params, void *user_ctx) 1852 { 1853 int res; 1854 1855 if (!params->len) { 1856 return; 1857 } 1858 1859 res = gdb_handle_vcont(get_param(params, 0)->data); 1860 if ((res == -EINVAL) || (res == -ERANGE)) { 1861 put_packet("E22"); 1862 } else if (res) { 1863 put_packet(""); 1864 } 1865 } 1866 1867 static void handle_v_attach(GArray *params, void *user_ctx) 1868 { 1869 GDBProcess *process; 1870 CPUState *cpu; 1871 1872 g_string_assign(gdbserver_state.str_buf, "E22"); 1873 if (!params->len) { 1874 goto cleanup; 1875 } 1876 1877 process = gdb_get_process(get_param(params, 0)->val_ul); 1878 if (!process) { 1879 goto cleanup; 1880 } 1881 1882 cpu = get_first_cpu_in_process(process); 1883 if (!cpu) { 1884 goto cleanup; 1885 } 1886 1887 process->attached = true; 1888 gdbserver_state.g_cpu = cpu; 1889 gdbserver_state.c_cpu = cpu; 1890 1891 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP); 1892 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 1893 g_string_append_c(gdbserver_state.str_buf, ';'); 1894 cleanup: 1895 put_strbuf(); 1896 } 1897 1898 static void handle_v_kill(GArray *params, void *user_ctx) 1899 { 1900 /* Kill the target */ 1901 put_packet("OK"); 1902 error_report("QEMU: Terminated via GDBstub"); 1903 gdb_exit(0); 1904 exit(0); 1905 } 1906 1907 static const GdbCmdParseEntry gdb_v_commands_table[] = { 1908 /* Order is important if has same prefix */ 1909 { 1910 .handler = handle_v_cont_query, 1911 .cmd = "Cont?", 1912 .cmd_startswith = 1 1913 }, 1914 { 1915 .handler = handle_v_cont, 1916 .cmd = "Cont", 1917 .cmd_startswith = 1, 1918 .schema = "s0" 1919 }, 1920 { 1921 .handler = handle_v_attach, 1922 .cmd = "Attach;", 1923 .cmd_startswith = 1, 1924 .schema = "l0" 1925 }, 1926 { 1927 .handler = handle_v_kill, 1928 .cmd = "Kill;", 1929 .cmd_startswith = 1 1930 }, 1931 }; 1932 1933 static void handle_v_commands(GArray *params, void *user_ctx) 1934 { 1935 if (!params->len) { 1936 return; 1937 } 1938 1939 if (process_string_cmd(NULL, get_param(params, 0)->data, 1940 gdb_v_commands_table, 1941 ARRAY_SIZE(gdb_v_commands_table))) { 1942 put_packet(""); 1943 } 1944 } 1945 1946 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx) 1947 { 1948 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE); 1949 1950 if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) { 1951 g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x", 1952 SSTEP_NOIRQ); 1953 } 1954 1955 if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) { 1956 g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x", 1957 SSTEP_NOTIMER); 1958 } 1959 1960 put_strbuf(); 1961 } 1962 1963 static void handle_set_qemu_sstep(GArray *params, void *user_ctx) 1964 { 1965 int new_sstep_flags; 1966 1967 if (!params->len) { 1968 return; 1969 } 1970 1971 new_sstep_flags = get_param(params, 0)->val_ul; 1972 1973 if (new_sstep_flags & ~gdbserver_state.supported_sstep_flags) { 1974 put_packet("E22"); 1975 return; 1976 } 1977 1978 gdbserver_state.sstep_flags = new_sstep_flags; 1979 put_packet("OK"); 1980 } 1981 1982 static void handle_query_qemu_sstep(GArray *params, void *user_ctx) 1983 { 1984 g_string_printf(gdbserver_state.str_buf, "0x%x", 1985 gdbserver_state.sstep_flags); 1986 put_strbuf(); 1987 } 1988 1989 static void handle_query_curr_tid(GArray *params, void *user_ctx) 1990 { 1991 CPUState *cpu; 1992 GDBProcess *process; 1993 1994 /* 1995 * "Current thread" remains vague in the spec, so always return 1996 * the first thread of the current process (gdb returns the 1997 * first thread). 1998 */ 1999 process = gdb_get_cpu_process(gdbserver_state.g_cpu); 2000 cpu = get_first_cpu_in_process(process); 2001 g_string_assign(gdbserver_state.str_buf, "QC"); 2002 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 2003 put_strbuf(); 2004 } 2005 2006 static void handle_query_threads(GArray *params, void *user_ctx) 2007 { 2008 if (!gdbserver_state.query_cpu) { 2009 put_packet("l"); 2010 return; 2011 } 2012 2013 g_string_assign(gdbserver_state.str_buf, "m"); 2014 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf); 2015 put_strbuf(); 2016 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu); 2017 } 2018 2019 static void handle_query_first_threads(GArray *params, void *user_ctx) 2020 { 2021 gdbserver_state.query_cpu = gdb_first_attached_cpu(); 2022 handle_query_threads(params, user_ctx); 2023 } 2024 2025 static void handle_query_thread_extra(GArray *params, void *user_ctx) 2026 { 2027 g_autoptr(GString) rs = g_string_new(NULL); 2028 CPUState *cpu; 2029 2030 if (!params->len || 2031 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) { 2032 put_packet("E22"); 2033 return; 2034 } 2035 2036 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid, 2037 get_param(params, 0)->thread_id.tid); 2038 if (!cpu) { 2039 return; 2040 } 2041 2042 cpu_synchronize_state(cpu); 2043 2044 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) { 2045 /* Print the CPU model and name in multiprocess mode */ 2046 ObjectClass *oc = object_get_class(OBJECT(cpu)); 2047 const char *cpu_model = object_class_get_name(oc); 2048 const char *cpu_name = 2049 object_get_canonical_path_component(OBJECT(cpu)); 2050 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name, 2051 cpu->halted ? "halted " : "running"); 2052 } else { 2053 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index, 2054 cpu->halted ? "halted " : "running"); 2055 } 2056 trace_gdbstub_op_extra_info(rs->str); 2057 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len); 2058 put_strbuf(); 2059 } 2060 2061 #ifdef CONFIG_USER_ONLY 2062 static void handle_query_offsets(GArray *params, void *user_ctx) 2063 { 2064 TaskState *ts; 2065 2066 ts = gdbserver_state.c_cpu->opaque; 2067 g_string_printf(gdbserver_state.str_buf, 2068 "Text=" TARGET_ABI_FMT_lx 2069 ";Data=" TARGET_ABI_FMT_lx 2070 ";Bss=" TARGET_ABI_FMT_lx, 2071 ts->info->code_offset, 2072 ts->info->data_offset, 2073 ts->info->data_offset); 2074 put_strbuf(); 2075 } 2076 #else 2077 static void handle_query_rcmd(GArray *params, void *user_ctx) 2078 { 2079 const guint8 zero = 0; 2080 int len; 2081 2082 if (!params->len) { 2083 put_packet("E22"); 2084 return; 2085 } 2086 2087 len = strlen(get_param(params, 0)->data); 2088 if (len % 2) { 2089 put_packet("E01"); 2090 return; 2091 } 2092 2093 g_assert(gdbserver_state.mem_buf->len == 0); 2094 len = len / 2; 2095 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len); 2096 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1); 2097 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data, 2098 gdbserver_state.mem_buf->len); 2099 put_packet("OK"); 2100 } 2101 #endif 2102 2103 static void handle_query_supported(GArray *params, void *user_ctx) 2104 { 2105 CPUClass *cc; 2106 2107 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH); 2108 cc = CPU_GET_CLASS(first_cpu); 2109 if (cc->gdb_core_xml_file) { 2110 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+"); 2111 } 2112 2113 if (stub_can_reverse()) { 2114 g_string_append(gdbserver_state.str_buf, 2115 ";ReverseStep+;ReverseContinue+"); 2116 } 2117 2118 #ifdef CONFIG_USER_ONLY 2119 if (gdbserver_state.c_cpu->opaque) { 2120 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+"); 2121 } 2122 #endif 2123 2124 if (params->len && 2125 strstr(get_param(params, 0)->data, "multiprocess+")) { 2126 gdbserver_state.multiprocess = true; 2127 } 2128 2129 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+"); 2130 put_strbuf(); 2131 } 2132 2133 static void handle_query_xfer_features(GArray *params, void *user_ctx) 2134 { 2135 GDBProcess *process; 2136 CPUClass *cc; 2137 unsigned long len, total_len, addr; 2138 const char *xml; 2139 const char *p; 2140 2141 if (params->len < 3) { 2142 put_packet("E22"); 2143 return; 2144 } 2145 2146 process = gdb_get_cpu_process(gdbserver_state.g_cpu); 2147 cc = CPU_GET_CLASS(gdbserver_state.g_cpu); 2148 if (!cc->gdb_core_xml_file) { 2149 put_packet(""); 2150 return; 2151 } 2152 2153 gdb_has_xml = true; 2154 p = get_param(params, 0)->data; 2155 xml = get_feature_xml(p, &p, process); 2156 if (!xml) { 2157 put_packet("E00"); 2158 return; 2159 } 2160 2161 addr = get_param(params, 1)->val_ul; 2162 len = get_param(params, 2)->val_ul; 2163 total_len = strlen(xml); 2164 if (addr > total_len) { 2165 put_packet("E00"); 2166 return; 2167 } 2168 2169 if (len > (MAX_PACKET_LENGTH - 5) / 2) { 2170 len = (MAX_PACKET_LENGTH - 5) / 2; 2171 } 2172 2173 if (len < total_len - addr) { 2174 g_string_assign(gdbserver_state.str_buf, "m"); 2175 memtox(gdbserver_state.str_buf, xml + addr, len); 2176 } else { 2177 g_string_assign(gdbserver_state.str_buf, "l"); 2178 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr); 2179 } 2180 2181 put_packet_binary(gdbserver_state.str_buf->str, 2182 gdbserver_state.str_buf->len, true); 2183 } 2184 2185 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER) 2186 static void handle_query_xfer_auxv(GArray *params, void *user_ctx) 2187 { 2188 TaskState *ts; 2189 unsigned long offset, len, saved_auxv, auxv_len; 2190 2191 if (params->len < 2) { 2192 put_packet("E22"); 2193 return; 2194 } 2195 2196 offset = get_param(params, 0)->val_ul; 2197 len = get_param(params, 1)->val_ul; 2198 ts = gdbserver_state.c_cpu->opaque; 2199 saved_auxv = ts->info->saved_auxv; 2200 auxv_len = ts->info->auxv_len; 2201 2202 if (offset >= auxv_len) { 2203 put_packet("E00"); 2204 return; 2205 } 2206 2207 if (len > (MAX_PACKET_LENGTH - 5) / 2) { 2208 len = (MAX_PACKET_LENGTH - 5) / 2; 2209 } 2210 2211 if (len < auxv_len - offset) { 2212 g_string_assign(gdbserver_state.str_buf, "m"); 2213 } else { 2214 g_string_assign(gdbserver_state.str_buf, "l"); 2215 len = auxv_len - offset; 2216 } 2217 2218 g_byte_array_set_size(gdbserver_state.mem_buf, len); 2219 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset, 2220 gdbserver_state.mem_buf->data, len, false)) { 2221 put_packet("E14"); 2222 return; 2223 } 2224 2225 memtox(gdbserver_state.str_buf, 2226 (const char *)gdbserver_state.mem_buf->data, len); 2227 put_packet_binary(gdbserver_state.str_buf->str, 2228 gdbserver_state.str_buf->len, true); 2229 } 2230 #endif 2231 2232 static void handle_query_attached(GArray *params, void *user_ctx) 2233 { 2234 put_packet(GDB_ATTACHED); 2235 } 2236 2237 static void handle_query_qemu_supported(GArray *params, void *user_ctx) 2238 { 2239 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep"); 2240 #ifndef CONFIG_USER_ONLY 2241 g_string_append(gdbserver_state.str_buf, ";PhyMemMode"); 2242 #endif 2243 put_strbuf(); 2244 } 2245 2246 #ifndef CONFIG_USER_ONLY 2247 static void handle_query_qemu_phy_mem_mode(GArray *params, 2248 void *user_ctx) 2249 { 2250 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode); 2251 put_strbuf(); 2252 } 2253 2254 static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx) 2255 { 2256 if (!params->len) { 2257 put_packet("E22"); 2258 return; 2259 } 2260 2261 if (!get_param(params, 0)->val_ul) { 2262 phy_memory_mode = 0; 2263 } else { 2264 phy_memory_mode = 1; 2265 } 2266 put_packet("OK"); 2267 } 2268 #endif 2269 2270 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = { 2271 /* Order is important if has same prefix */ 2272 { 2273 .handler = handle_query_qemu_sstepbits, 2274 .cmd = "qemu.sstepbits", 2275 }, 2276 { 2277 .handler = handle_query_qemu_sstep, 2278 .cmd = "qemu.sstep", 2279 }, 2280 { 2281 .handler = handle_set_qemu_sstep, 2282 .cmd = "qemu.sstep=", 2283 .cmd_startswith = 1, 2284 .schema = "l0" 2285 }, 2286 }; 2287 2288 static const GdbCmdParseEntry gdb_gen_query_table[] = { 2289 { 2290 .handler = handle_query_curr_tid, 2291 .cmd = "C", 2292 }, 2293 { 2294 .handler = handle_query_threads, 2295 .cmd = "sThreadInfo", 2296 }, 2297 { 2298 .handler = handle_query_first_threads, 2299 .cmd = "fThreadInfo", 2300 }, 2301 { 2302 .handler = handle_query_thread_extra, 2303 .cmd = "ThreadExtraInfo,", 2304 .cmd_startswith = 1, 2305 .schema = "t0" 2306 }, 2307 #ifdef CONFIG_USER_ONLY 2308 { 2309 .handler = handle_query_offsets, 2310 .cmd = "Offsets", 2311 }, 2312 #else 2313 { 2314 .handler = handle_query_rcmd, 2315 .cmd = "Rcmd,", 2316 .cmd_startswith = 1, 2317 .schema = "s0" 2318 }, 2319 #endif 2320 { 2321 .handler = handle_query_supported, 2322 .cmd = "Supported:", 2323 .cmd_startswith = 1, 2324 .schema = "s0" 2325 }, 2326 { 2327 .handler = handle_query_supported, 2328 .cmd = "Supported", 2329 .schema = "s0" 2330 }, 2331 { 2332 .handler = handle_query_xfer_features, 2333 .cmd = "Xfer:features:read:", 2334 .cmd_startswith = 1, 2335 .schema = "s:l,l0" 2336 }, 2337 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER) 2338 { 2339 .handler = handle_query_xfer_auxv, 2340 .cmd = "Xfer:auxv:read::", 2341 .cmd_startswith = 1, 2342 .schema = "l,l0" 2343 }, 2344 #endif 2345 { 2346 .handler = handle_query_attached, 2347 .cmd = "Attached:", 2348 .cmd_startswith = 1 2349 }, 2350 { 2351 .handler = handle_query_attached, 2352 .cmd = "Attached", 2353 }, 2354 { 2355 .handler = handle_query_qemu_supported, 2356 .cmd = "qemu.Supported", 2357 }, 2358 #ifndef CONFIG_USER_ONLY 2359 { 2360 .handler = handle_query_qemu_phy_mem_mode, 2361 .cmd = "qemu.PhyMemMode", 2362 }, 2363 #endif 2364 }; 2365 2366 static const GdbCmdParseEntry gdb_gen_set_table[] = { 2367 /* Order is important if has same prefix */ 2368 { 2369 .handler = handle_set_qemu_sstep, 2370 .cmd = "qemu.sstep:", 2371 .cmd_startswith = 1, 2372 .schema = "l0" 2373 }, 2374 #ifndef CONFIG_USER_ONLY 2375 { 2376 .handler = handle_set_qemu_phy_mem_mode, 2377 .cmd = "qemu.PhyMemMode:", 2378 .cmd_startswith = 1, 2379 .schema = "l0" 2380 }, 2381 #endif 2382 }; 2383 2384 static void handle_gen_query(GArray *params, void *user_ctx) 2385 { 2386 if (!params->len) { 2387 return; 2388 } 2389 2390 if (!process_string_cmd(NULL, get_param(params, 0)->data, 2391 gdb_gen_query_set_common_table, 2392 ARRAY_SIZE(gdb_gen_query_set_common_table))) { 2393 return; 2394 } 2395 2396 if (process_string_cmd(NULL, get_param(params, 0)->data, 2397 gdb_gen_query_table, 2398 ARRAY_SIZE(gdb_gen_query_table))) { 2399 put_packet(""); 2400 } 2401 } 2402 2403 static void handle_gen_set(GArray *params, void *user_ctx) 2404 { 2405 if (!params->len) { 2406 return; 2407 } 2408 2409 if (!process_string_cmd(NULL, get_param(params, 0)->data, 2410 gdb_gen_query_set_common_table, 2411 ARRAY_SIZE(gdb_gen_query_set_common_table))) { 2412 return; 2413 } 2414 2415 if (process_string_cmd(NULL, get_param(params, 0)->data, 2416 gdb_gen_set_table, 2417 ARRAY_SIZE(gdb_gen_set_table))) { 2418 put_packet(""); 2419 } 2420 } 2421 2422 static void handle_target_halt(GArray *params, void *user_ctx) 2423 { 2424 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP); 2425 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf); 2426 g_string_append_c(gdbserver_state.str_buf, ';'); 2427 put_strbuf(); 2428 /* 2429 * Remove all the breakpoints when this query is issued, 2430 * because gdb is doing an initial connect and the state 2431 * should be cleaned up. 2432 */ 2433 gdb_breakpoint_remove_all(gdbserver_state.c_cpu); 2434 } 2435 2436 static int gdb_handle_packet(const char *line_buf) 2437 { 2438 const GdbCmdParseEntry *cmd_parser = NULL; 2439 2440 trace_gdbstub_io_command(line_buf); 2441 2442 switch (line_buf[0]) { 2443 case '!': 2444 put_packet("OK"); 2445 break; 2446 case '?': 2447 { 2448 static const GdbCmdParseEntry target_halted_cmd_desc = { 2449 .handler = handle_target_halt, 2450 .cmd = "?", 2451 .cmd_startswith = 1 2452 }; 2453 cmd_parser = &target_halted_cmd_desc; 2454 } 2455 break; 2456 case 'c': 2457 { 2458 static const GdbCmdParseEntry continue_cmd_desc = { 2459 .handler = handle_continue, 2460 .cmd = "c", 2461 .cmd_startswith = 1, 2462 .schema = "L0" 2463 }; 2464 cmd_parser = &continue_cmd_desc; 2465 } 2466 break; 2467 case 'C': 2468 { 2469 static const GdbCmdParseEntry cont_with_sig_cmd_desc = { 2470 .handler = handle_cont_with_sig, 2471 .cmd = "C", 2472 .cmd_startswith = 1, 2473 .schema = "l0" 2474 }; 2475 cmd_parser = &cont_with_sig_cmd_desc; 2476 } 2477 break; 2478 case 'v': 2479 { 2480 static const GdbCmdParseEntry v_cmd_desc = { 2481 .handler = handle_v_commands, 2482 .cmd = "v", 2483 .cmd_startswith = 1, 2484 .schema = "s0" 2485 }; 2486 cmd_parser = &v_cmd_desc; 2487 } 2488 break; 2489 case 'k': 2490 /* Kill the target */ 2491 error_report("QEMU: Terminated via GDBstub"); 2492 gdb_exit(0); 2493 exit(0); 2494 case 'D': 2495 { 2496 static const GdbCmdParseEntry detach_cmd_desc = { 2497 .handler = handle_detach, 2498 .cmd = "D", 2499 .cmd_startswith = 1, 2500 .schema = "?.l0" 2501 }; 2502 cmd_parser = &detach_cmd_desc; 2503 } 2504 break; 2505 case 's': 2506 { 2507 static const GdbCmdParseEntry step_cmd_desc = { 2508 .handler = handle_step, 2509 .cmd = "s", 2510 .cmd_startswith = 1, 2511 .schema = "L0" 2512 }; 2513 cmd_parser = &step_cmd_desc; 2514 } 2515 break; 2516 case 'b': 2517 { 2518 static const GdbCmdParseEntry backward_cmd_desc = { 2519 .handler = handle_backward, 2520 .cmd = "b", 2521 .cmd_startswith = 1, 2522 .schema = "o0" 2523 }; 2524 cmd_parser = &backward_cmd_desc; 2525 } 2526 break; 2527 case 'F': 2528 { 2529 static const GdbCmdParseEntry file_io_cmd_desc = { 2530 .handler = handle_file_io, 2531 .cmd = "F", 2532 .cmd_startswith = 1, 2533 .schema = "L,L,o0" 2534 }; 2535 cmd_parser = &file_io_cmd_desc; 2536 } 2537 break; 2538 case 'g': 2539 { 2540 static const GdbCmdParseEntry read_all_regs_cmd_desc = { 2541 .handler = handle_read_all_regs, 2542 .cmd = "g", 2543 .cmd_startswith = 1 2544 }; 2545 cmd_parser = &read_all_regs_cmd_desc; 2546 } 2547 break; 2548 case 'G': 2549 { 2550 static const GdbCmdParseEntry write_all_regs_cmd_desc = { 2551 .handler = handle_write_all_regs, 2552 .cmd = "G", 2553 .cmd_startswith = 1, 2554 .schema = "s0" 2555 }; 2556 cmd_parser = &write_all_regs_cmd_desc; 2557 } 2558 break; 2559 case 'm': 2560 { 2561 static const GdbCmdParseEntry read_mem_cmd_desc = { 2562 .handler = handle_read_mem, 2563 .cmd = "m", 2564 .cmd_startswith = 1, 2565 .schema = "L,L0" 2566 }; 2567 cmd_parser = &read_mem_cmd_desc; 2568 } 2569 break; 2570 case 'M': 2571 { 2572 static const GdbCmdParseEntry write_mem_cmd_desc = { 2573 .handler = handle_write_mem, 2574 .cmd = "M", 2575 .cmd_startswith = 1, 2576 .schema = "L,L:s0" 2577 }; 2578 cmd_parser = &write_mem_cmd_desc; 2579 } 2580 break; 2581 case 'p': 2582 { 2583 static const GdbCmdParseEntry get_reg_cmd_desc = { 2584 .handler = handle_get_reg, 2585 .cmd = "p", 2586 .cmd_startswith = 1, 2587 .schema = "L0" 2588 }; 2589 cmd_parser = &get_reg_cmd_desc; 2590 } 2591 break; 2592 case 'P': 2593 { 2594 static const GdbCmdParseEntry set_reg_cmd_desc = { 2595 .handler = handle_set_reg, 2596 .cmd = "P", 2597 .cmd_startswith = 1, 2598 .schema = "L?s0" 2599 }; 2600 cmd_parser = &set_reg_cmd_desc; 2601 } 2602 break; 2603 case 'Z': 2604 { 2605 static const GdbCmdParseEntry insert_bp_cmd_desc = { 2606 .handler = handle_insert_bp, 2607 .cmd = "Z", 2608 .cmd_startswith = 1, 2609 .schema = "l?L?L0" 2610 }; 2611 cmd_parser = &insert_bp_cmd_desc; 2612 } 2613 break; 2614 case 'z': 2615 { 2616 static const GdbCmdParseEntry remove_bp_cmd_desc = { 2617 .handler = handle_remove_bp, 2618 .cmd = "z", 2619 .cmd_startswith = 1, 2620 .schema = "l?L?L0" 2621 }; 2622 cmd_parser = &remove_bp_cmd_desc; 2623 } 2624 break; 2625 case 'H': 2626 { 2627 static const GdbCmdParseEntry set_thread_cmd_desc = { 2628 .handler = handle_set_thread, 2629 .cmd = "H", 2630 .cmd_startswith = 1, 2631 .schema = "o.t0" 2632 }; 2633 cmd_parser = &set_thread_cmd_desc; 2634 } 2635 break; 2636 case 'T': 2637 { 2638 static const GdbCmdParseEntry thread_alive_cmd_desc = { 2639 .handler = handle_thread_alive, 2640 .cmd = "T", 2641 .cmd_startswith = 1, 2642 .schema = "t0" 2643 }; 2644 cmd_parser = &thread_alive_cmd_desc; 2645 } 2646 break; 2647 case 'q': 2648 { 2649 static const GdbCmdParseEntry gen_query_cmd_desc = { 2650 .handler = handle_gen_query, 2651 .cmd = "q", 2652 .cmd_startswith = 1, 2653 .schema = "s0" 2654 }; 2655 cmd_parser = &gen_query_cmd_desc; 2656 } 2657 break; 2658 case 'Q': 2659 { 2660 static const GdbCmdParseEntry gen_set_cmd_desc = { 2661 .handler = handle_gen_set, 2662 .cmd = "Q", 2663 .cmd_startswith = 1, 2664 .schema = "s0" 2665 }; 2666 cmd_parser = &gen_set_cmd_desc; 2667 } 2668 break; 2669 default: 2670 /* put empty packet */ 2671 put_packet(""); 2672 break; 2673 } 2674 2675 if (cmd_parser) { 2676 run_cmd_parser(line_buf, cmd_parser); 2677 } 2678 2679 return RS_IDLE; 2680 } 2681 2682 void gdb_set_stop_cpu(CPUState *cpu) 2683 { 2684 GDBProcess *p = gdb_get_cpu_process(cpu); 2685 2686 if (!p->attached) { 2687 /* 2688 * Having a stop CPU corresponding to a process that is not attached 2689 * confuses GDB. So we ignore the request. 2690 */ 2691 return; 2692 } 2693 2694 gdbserver_state.c_cpu = cpu; 2695 gdbserver_state.g_cpu = cpu; 2696 } 2697 2698 #ifndef CONFIG_USER_ONLY 2699 static void gdb_vm_state_change(void *opaque, bool running, RunState state) 2700 { 2701 CPUState *cpu = gdbserver_state.c_cpu; 2702 g_autoptr(GString) buf = g_string_new(NULL); 2703 g_autoptr(GString) tid = g_string_new(NULL); 2704 const char *type; 2705 int ret; 2706 2707 if (running || gdbserver_state.state == RS_INACTIVE) { 2708 return; 2709 } 2710 /* Is there a GDB syscall waiting to be sent? */ 2711 if (gdbserver_state.current_syscall_cb) { 2712 put_packet(gdbserver_state.syscall_buf); 2713 return; 2714 } 2715 2716 if (cpu == NULL) { 2717 /* No process attached */ 2718 return; 2719 } 2720 2721 gdb_append_thread_id(cpu, tid); 2722 2723 switch (state) { 2724 case RUN_STATE_DEBUG: 2725 if (cpu->watchpoint_hit) { 2726 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) { 2727 case BP_MEM_READ: 2728 type = "r"; 2729 break; 2730 case BP_MEM_ACCESS: 2731 type = "a"; 2732 break; 2733 default: 2734 type = ""; 2735 break; 2736 } 2737 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu), 2738 (target_ulong)cpu->watchpoint_hit->vaddr); 2739 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";", 2740 GDB_SIGNAL_TRAP, tid->str, type, 2741 (target_ulong)cpu->watchpoint_hit->vaddr); 2742 cpu->watchpoint_hit = NULL; 2743 goto send_packet; 2744 } else { 2745 trace_gdbstub_hit_break(); 2746 } 2747 tb_flush(cpu); 2748 ret = GDB_SIGNAL_TRAP; 2749 break; 2750 case RUN_STATE_PAUSED: 2751 trace_gdbstub_hit_paused(); 2752 ret = GDB_SIGNAL_INT; 2753 break; 2754 case RUN_STATE_SHUTDOWN: 2755 trace_gdbstub_hit_shutdown(); 2756 ret = GDB_SIGNAL_QUIT; 2757 break; 2758 case RUN_STATE_IO_ERROR: 2759 trace_gdbstub_hit_io_error(); 2760 ret = GDB_SIGNAL_IO; 2761 break; 2762 case RUN_STATE_WATCHDOG: 2763 trace_gdbstub_hit_watchdog(); 2764 ret = GDB_SIGNAL_ALRM; 2765 break; 2766 case RUN_STATE_INTERNAL_ERROR: 2767 trace_gdbstub_hit_internal_error(); 2768 ret = GDB_SIGNAL_ABRT; 2769 break; 2770 case RUN_STATE_SAVE_VM: 2771 case RUN_STATE_RESTORE_VM: 2772 return; 2773 case RUN_STATE_FINISH_MIGRATE: 2774 ret = GDB_SIGNAL_XCPU; 2775 break; 2776 default: 2777 trace_gdbstub_hit_unknown(state); 2778 ret = GDB_SIGNAL_UNKNOWN; 2779 break; 2780 } 2781 gdb_set_stop_cpu(cpu); 2782 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str); 2783 2784 send_packet: 2785 put_packet(buf->str); 2786 2787 /* disable single step if it was enabled */ 2788 cpu_single_step(cpu, 0); 2789 } 2790 #endif 2791 2792 /* Send a gdb syscall request. 2793 This accepts limited printf-style format specifiers, specifically: 2794 %x - target_ulong argument printed in hex. 2795 %lx - 64-bit argument printed in hex. 2796 %s - string pointer (target_ulong) and length (int) pair. */ 2797 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va) 2798 { 2799 char *p; 2800 char *p_end; 2801 target_ulong addr; 2802 uint64_t i64; 2803 2804 if (!gdb_attached()) { 2805 return; 2806 } 2807 2808 gdbserver_state.current_syscall_cb = cb; 2809 #ifndef CONFIG_USER_ONLY 2810 vm_stop(RUN_STATE_DEBUG); 2811 #endif 2812 p = &gdbserver_state.syscall_buf[0]; 2813 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)]; 2814 *(p++) = 'F'; 2815 while (*fmt) { 2816 if (*fmt == '%') { 2817 fmt++; 2818 switch (*fmt++) { 2819 case 'x': 2820 addr = va_arg(va, target_ulong); 2821 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr); 2822 break; 2823 case 'l': 2824 if (*(fmt++) != 'x') 2825 goto bad_format; 2826 i64 = va_arg(va, uint64_t); 2827 p += snprintf(p, p_end - p, "%" PRIx64, i64); 2828 break; 2829 case 's': 2830 addr = va_arg(va, target_ulong); 2831 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x", 2832 addr, va_arg(va, int)); 2833 break; 2834 default: 2835 bad_format: 2836 error_report("gdbstub: Bad syscall format string '%s'", 2837 fmt - 1); 2838 break; 2839 } 2840 } else { 2841 *(p++) = *(fmt++); 2842 } 2843 } 2844 *p = 0; 2845 #ifdef CONFIG_USER_ONLY 2846 put_packet(gdbserver_state.syscall_buf); 2847 /* Return control to gdb for it to process the syscall request. 2848 * Since the protocol requires that gdb hands control back to us 2849 * using a "here are the results" F packet, we don't need to check 2850 * gdb_handlesig's return value (which is the signal to deliver if 2851 * execution was resumed via a continue packet). 2852 */ 2853 gdb_handlesig(gdbserver_state.c_cpu, 0); 2854 #else 2855 /* In this case wait to send the syscall packet until notification that 2856 the CPU has stopped. This must be done because if the packet is sent 2857 now the reply from the syscall request could be received while the CPU 2858 is still in the running state, which can cause packets to be dropped 2859 and state transition 'T' packets to be sent while the syscall is still 2860 being processed. */ 2861 qemu_cpu_kick(gdbserver_state.c_cpu); 2862 #endif 2863 } 2864 2865 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...) 2866 { 2867 va_list va; 2868 2869 va_start(va, fmt); 2870 gdb_do_syscallv(cb, fmt, va); 2871 va_end(va); 2872 } 2873 2874 static void gdb_read_byte(uint8_t ch) 2875 { 2876 uint8_t reply; 2877 2878 #ifndef CONFIG_USER_ONLY 2879 if (gdbserver_state.last_packet->len) { 2880 /* Waiting for a response to the last packet. If we see the start 2881 of a new command then abandon the previous response. */ 2882 if (ch == '-') { 2883 trace_gdbstub_err_got_nack(); 2884 put_buffer(gdbserver_state.last_packet->data, 2885 gdbserver_state.last_packet->len); 2886 } else if (ch == '+') { 2887 trace_gdbstub_io_got_ack(); 2888 } else { 2889 trace_gdbstub_io_got_unexpected(ch); 2890 } 2891 2892 if (ch == '+' || ch == '$') { 2893 g_byte_array_set_size(gdbserver_state.last_packet, 0); 2894 } 2895 if (ch != '$') 2896 return; 2897 } 2898 if (runstate_is_running()) { 2899 /* when the CPU is running, we cannot do anything except stop 2900 it when receiving a char */ 2901 vm_stop(RUN_STATE_PAUSED); 2902 } else 2903 #endif 2904 { 2905 switch(gdbserver_state.state) { 2906 case RS_IDLE: 2907 if (ch == '$') { 2908 /* start of command packet */ 2909 gdbserver_state.line_buf_index = 0; 2910 gdbserver_state.line_sum = 0; 2911 gdbserver_state.state = RS_GETLINE; 2912 } else { 2913 trace_gdbstub_err_garbage(ch); 2914 } 2915 break; 2916 case RS_GETLINE: 2917 if (ch == '}') { 2918 /* start escape sequence */ 2919 gdbserver_state.state = RS_GETLINE_ESC; 2920 gdbserver_state.line_sum += ch; 2921 } else if (ch == '*') { 2922 /* start run length encoding sequence */ 2923 gdbserver_state.state = RS_GETLINE_RLE; 2924 gdbserver_state.line_sum += ch; 2925 } else if (ch == '#') { 2926 /* end of command, start of checksum*/ 2927 gdbserver_state.state = RS_CHKSUM1; 2928 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) { 2929 trace_gdbstub_err_overrun(); 2930 gdbserver_state.state = RS_IDLE; 2931 } else { 2932 /* unescaped command character */ 2933 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch; 2934 gdbserver_state.line_sum += ch; 2935 } 2936 break; 2937 case RS_GETLINE_ESC: 2938 if (ch == '#') { 2939 /* unexpected end of command in escape sequence */ 2940 gdbserver_state.state = RS_CHKSUM1; 2941 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) { 2942 /* command buffer overrun */ 2943 trace_gdbstub_err_overrun(); 2944 gdbserver_state.state = RS_IDLE; 2945 } else { 2946 /* parse escaped character and leave escape state */ 2947 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20; 2948 gdbserver_state.line_sum += ch; 2949 gdbserver_state.state = RS_GETLINE; 2950 } 2951 break; 2952 case RS_GETLINE_RLE: 2953 /* 2954 * Run-length encoding is explained in "Debugging with GDB / 2955 * Appendix E GDB Remote Serial Protocol / Overview". 2956 */ 2957 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) { 2958 /* invalid RLE count encoding */ 2959 trace_gdbstub_err_invalid_repeat(ch); 2960 gdbserver_state.state = RS_GETLINE; 2961 } else { 2962 /* decode repeat length */ 2963 int repeat = ch - ' ' + 3; 2964 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) { 2965 /* that many repeats would overrun the command buffer */ 2966 trace_gdbstub_err_overrun(); 2967 gdbserver_state.state = RS_IDLE; 2968 } else if (gdbserver_state.line_buf_index < 1) { 2969 /* got a repeat but we have nothing to repeat */ 2970 trace_gdbstub_err_invalid_rle(); 2971 gdbserver_state.state = RS_GETLINE; 2972 } else { 2973 /* repeat the last character */ 2974 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index, 2975 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat); 2976 gdbserver_state.line_buf_index += repeat; 2977 gdbserver_state.line_sum += ch; 2978 gdbserver_state.state = RS_GETLINE; 2979 } 2980 } 2981 break; 2982 case RS_CHKSUM1: 2983 /* get high hex digit of checksum */ 2984 if (!isxdigit(ch)) { 2985 trace_gdbstub_err_checksum_invalid(ch); 2986 gdbserver_state.state = RS_GETLINE; 2987 break; 2988 } 2989 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0'; 2990 gdbserver_state.line_csum = fromhex(ch) << 4; 2991 gdbserver_state.state = RS_CHKSUM2; 2992 break; 2993 case RS_CHKSUM2: 2994 /* get low hex digit of checksum */ 2995 if (!isxdigit(ch)) { 2996 trace_gdbstub_err_checksum_invalid(ch); 2997 gdbserver_state.state = RS_GETLINE; 2998 break; 2999 } 3000 gdbserver_state.line_csum |= fromhex(ch); 3001 3002 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) { 3003 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum); 3004 /* send NAK reply */ 3005 reply = '-'; 3006 put_buffer(&reply, 1); 3007 gdbserver_state.state = RS_IDLE; 3008 } else { 3009 /* send ACK reply */ 3010 reply = '+'; 3011 put_buffer(&reply, 1); 3012 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf); 3013 } 3014 break; 3015 default: 3016 abort(); 3017 } 3018 } 3019 } 3020 3021 /* Tell the remote gdb that the process has exited. */ 3022 void gdb_exit(int code) 3023 { 3024 char buf[4]; 3025 3026 if (!gdbserver_state.init) { 3027 return; 3028 } 3029 #ifdef CONFIG_USER_ONLY 3030 if (gdbserver_state.socket_path) { 3031 unlink(gdbserver_state.socket_path); 3032 } 3033 if (gdbserver_state.fd < 0) { 3034 return; 3035 } 3036 #endif 3037 3038 trace_gdbstub_op_exiting((uint8_t)code); 3039 3040 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code); 3041 put_packet(buf); 3042 3043 #ifndef CONFIG_USER_ONLY 3044 qemu_chr_fe_deinit(&gdbserver_state.chr, true); 3045 #endif 3046 } 3047 3048 /* 3049 * Create the process that will contain all the "orphan" CPUs (that are not 3050 * part of a CPU cluster). Note that if this process contains no CPUs, it won't 3051 * be attachable and thus will be invisible to the user. 3052 */ 3053 static void create_default_process(GDBState *s) 3054 { 3055 GDBProcess *process; 3056 int max_pid = 0; 3057 3058 if (gdbserver_state.process_num) { 3059 max_pid = s->processes[s->process_num - 1].pid; 3060 } 3061 3062 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num); 3063 process = &s->processes[s->process_num - 1]; 3064 3065 /* We need an available PID slot for this process */ 3066 assert(max_pid < UINT32_MAX); 3067 3068 process->pid = max_pid + 1; 3069 process->attached = false; 3070 process->target_xml[0] = '\0'; 3071 } 3072 3073 #ifdef CONFIG_USER_ONLY 3074 int 3075 gdb_handlesig(CPUState *cpu, int sig) 3076 { 3077 char buf[256]; 3078 int n; 3079 3080 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3081 return sig; 3082 } 3083 3084 /* disable single step if it was enabled */ 3085 cpu_single_step(cpu, 0); 3086 tb_flush(cpu); 3087 3088 if (sig != 0) { 3089 gdb_set_stop_cpu(cpu); 3090 g_string_printf(gdbserver_state.str_buf, 3091 "T%02xthread:", target_signal_to_gdb(sig)); 3092 gdb_append_thread_id(cpu, gdbserver_state.str_buf); 3093 g_string_append_c(gdbserver_state.str_buf, ';'); 3094 put_strbuf(); 3095 } 3096 /* put_packet() might have detected that the peer terminated the 3097 connection. */ 3098 if (gdbserver_state.fd < 0) { 3099 return sig; 3100 } 3101 3102 sig = 0; 3103 gdbserver_state.state = RS_IDLE; 3104 gdbserver_state.running_state = 0; 3105 while (gdbserver_state.running_state == 0) { 3106 n = read(gdbserver_state.fd, buf, 256); 3107 if (n > 0) { 3108 int i; 3109 3110 for (i = 0; i < n; i++) { 3111 gdb_read_byte(buf[i]); 3112 } 3113 } else { 3114 /* XXX: Connection closed. Should probably wait for another 3115 connection before continuing. */ 3116 if (n == 0) { 3117 close(gdbserver_state.fd); 3118 } 3119 gdbserver_state.fd = -1; 3120 return sig; 3121 } 3122 } 3123 sig = gdbserver_state.signal; 3124 gdbserver_state.signal = 0; 3125 return sig; 3126 } 3127 3128 /* Tell the remote gdb that the process has exited due to SIG. */ 3129 void gdb_signalled(CPUArchState *env, int sig) 3130 { 3131 char buf[4]; 3132 3133 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3134 return; 3135 } 3136 3137 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig)); 3138 put_packet(buf); 3139 } 3140 3141 static void gdb_accept_init(int fd) 3142 { 3143 init_gdbserver_state(); 3144 create_default_process(&gdbserver_state); 3145 gdbserver_state.processes[0].attached = true; 3146 gdbserver_state.c_cpu = gdb_first_attached_cpu(); 3147 gdbserver_state.g_cpu = gdbserver_state.c_cpu; 3148 gdbserver_state.fd = fd; 3149 gdb_has_xml = false; 3150 } 3151 3152 static bool gdb_accept_socket(int gdb_fd) 3153 { 3154 int fd; 3155 3156 for(;;) { 3157 fd = accept(gdb_fd, NULL, NULL); 3158 if (fd < 0 && errno != EINTR) { 3159 perror("accept socket"); 3160 return false; 3161 } else if (fd >= 0) { 3162 qemu_set_cloexec(fd); 3163 break; 3164 } 3165 } 3166 3167 gdb_accept_init(fd); 3168 return true; 3169 } 3170 3171 static int gdbserver_open_socket(const char *path) 3172 { 3173 struct sockaddr_un sockaddr = {}; 3174 int fd, ret; 3175 3176 fd = socket(AF_UNIX, SOCK_STREAM, 0); 3177 if (fd < 0) { 3178 perror("create socket"); 3179 return -1; 3180 } 3181 3182 sockaddr.sun_family = AF_UNIX; 3183 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path); 3184 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 3185 if (ret < 0) { 3186 perror("bind socket"); 3187 close(fd); 3188 return -1; 3189 } 3190 ret = listen(fd, 1); 3191 if (ret < 0) { 3192 perror("listen socket"); 3193 close(fd); 3194 return -1; 3195 } 3196 3197 return fd; 3198 } 3199 3200 static bool gdb_accept_tcp(int gdb_fd) 3201 { 3202 struct sockaddr_in sockaddr = {}; 3203 socklen_t len; 3204 int fd; 3205 3206 for(;;) { 3207 len = sizeof(sockaddr); 3208 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len); 3209 if (fd < 0 && errno != EINTR) { 3210 perror("accept"); 3211 return false; 3212 } else if (fd >= 0) { 3213 qemu_set_cloexec(fd); 3214 break; 3215 } 3216 } 3217 3218 /* set short latency */ 3219 if (socket_set_nodelay(fd)) { 3220 perror("setsockopt"); 3221 close(fd); 3222 return false; 3223 } 3224 3225 gdb_accept_init(fd); 3226 return true; 3227 } 3228 3229 static int gdbserver_open_port(int port) 3230 { 3231 struct sockaddr_in sockaddr; 3232 int fd, ret; 3233 3234 fd = socket(PF_INET, SOCK_STREAM, 0); 3235 if (fd < 0) { 3236 perror("socket"); 3237 return -1; 3238 } 3239 qemu_set_cloexec(fd); 3240 3241 socket_set_fast_reuse(fd); 3242 3243 sockaddr.sin_family = AF_INET; 3244 sockaddr.sin_port = htons(port); 3245 sockaddr.sin_addr.s_addr = 0; 3246 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr)); 3247 if (ret < 0) { 3248 perror("bind"); 3249 close(fd); 3250 return -1; 3251 } 3252 ret = listen(fd, 1); 3253 if (ret < 0) { 3254 perror("listen"); 3255 close(fd); 3256 return -1; 3257 } 3258 3259 return fd; 3260 } 3261 3262 int gdbserver_start(const char *port_or_path) 3263 { 3264 int port = g_ascii_strtoull(port_or_path, NULL, 10); 3265 int gdb_fd; 3266 3267 if (port > 0) { 3268 gdb_fd = gdbserver_open_port(port); 3269 } else { 3270 gdb_fd = gdbserver_open_socket(port_or_path); 3271 } 3272 3273 if (gdb_fd < 0) { 3274 return -1; 3275 } 3276 3277 if (port > 0 && gdb_accept_tcp(gdb_fd)) { 3278 return 0; 3279 } else if (gdb_accept_socket(gdb_fd)) { 3280 gdbserver_state.socket_path = g_strdup(port_or_path); 3281 return 0; 3282 } 3283 3284 /* gone wrong */ 3285 close(gdb_fd); 3286 return -1; 3287 } 3288 3289 /* Disable gdb stub for child processes. */ 3290 void gdbserver_fork(CPUState *cpu) 3291 { 3292 if (!gdbserver_state.init || gdbserver_state.fd < 0) { 3293 return; 3294 } 3295 close(gdbserver_state.fd); 3296 gdbserver_state.fd = -1; 3297 cpu_breakpoint_remove_all(cpu, BP_GDB); 3298 cpu_watchpoint_remove_all(cpu, BP_GDB); 3299 } 3300 #else 3301 static int gdb_chr_can_receive(void *opaque) 3302 { 3303 /* We can handle an arbitrarily large amount of data. 3304 Pick the maximum packet size, which is as good as anything. */ 3305 return MAX_PACKET_LENGTH; 3306 } 3307 3308 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size) 3309 { 3310 int i; 3311 3312 for (i = 0; i < size; i++) { 3313 gdb_read_byte(buf[i]); 3314 } 3315 } 3316 3317 static void gdb_chr_event(void *opaque, QEMUChrEvent event) 3318 { 3319 int i; 3320 GDBState *s = (GDBState *) opaque; 3321 3322 switch (event) { 3323 case CHR_EVENT_OPENED: 3324 /* Start with first process attached, others detached */ 3325 for (i = 0; i < s->process_num; i++) { 3326 s->processes[i].attached = !i; 3327 } 3328 3329 s->c_cpu = gdb_first_attached_cpu(); 3330 s->g_cpu = s->c_cpu; 3331 3332 vm_stop(RUN_STATE_PAUSED); 3333 replay_gdb_attached(); 3334 gdb_has_xml = false; 3335 break; 3336 default: 3337 break; 3338 } 3339 } 3340 3341 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len) 3342 { 3343 g_autoptr(GString) hex_buf = g_string_new("O"); 3344 memtohex(hex_buf, buf, len); 3345 put_packet(hex_buf->str); 3346 return len; 3347 } 3348 3349 #ifndef _WIN32 3350 static void gdb_sigterm_handler(int signal) 3351 { 3352 if (runstate_is_running()) { 3353 vm_stop(RUN_STATE_PAUSED); 3354 } 3355 } 3356 #endif 3357 3358 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend, 3359 bool *be_opened, Error **errp) 3360 { 3361 *be_opened = false; 3362 } 3363 3364 static void char_gdb_class_init(ObjectClass *oc, void *data) 3365 { 3366 ChardevClass *cc = CHARDEV_CLASS(oc); 3367 3368 cc->internal = true; 3369 cc->open = gdb_monitor_open; 3370 cc->chr_write = gdb_monitor_write; 3371 } 3372 3373 #define TYPE_CHARDEV_GDB "chardev-gdb" 3374 3375 static const TypeInfo char_gdb_type_info = { 3376 .name = TYPE_CHARDEV_GDB, 3377 .parent = TYPE_CHARDEV, 3378 .class_init = char_gdb_class_init, 3379 }; 3380 3381 static int find_cpu_clusters(Object *child, void *opaque) 3382 { 3383 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) { 3384 GDBState *s = (GDBState *) opaque; 3385 CPUClusterState *cluster = CPU_CLUSTER(child); 3386 GDBProcess *process; 3387 3388 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num); 3389 3390 process = &s->processes[s->process_num - 1]; 3391 3392 /* 3393 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at 3394 * runtime, we enforce here that the machine does not use a cluster ID 3395 * that would lead to PID 0. 3396 */ 3397 assert(cluster->cluster_id != UINT32_MAX); 3398 process->pid = cluster->cluster_id + 1; 3399 process->attached = false; 3400 process->target_xml[0] = '\0'; 3401 3402 return 0; 3403 } 3404 3405 return object_child_foreach(child, find_cpu_clusters, opaque); 3406 } 3407 3408 static int pid_order(const void *a, const void *b) 3409 { 3410 GDBProcess *pa = (GDBProcess *) a; 3411 GDBProcess *pb = (GDBProcess *) b; 3412 3413 if (pa->pid < pb->pid) { 3414 return -1; 3415 } else if (pa->pid > pb->pid) { 3416 return 1; 3417 } else { 3418 return 0; 3419 } 3420 } 3421 3422 static void create_processes(GDBState *s) 3423 { 3424 object_child_foreach(object_get_root(), find_cpu_clusters, s); 3425 3426 if (gdbserver_state.processes) { 3427 /* Sort by PID */ 3428 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order); 3429 } 3430 3431 create_default_process(s); 3432 } 3433 3434 int gdbserver_start(const char *device) 3435 { 3436 trace_gdbstub_op_start(device); 3437 3438 char gdbstub_device_name[128]; 3439 Chardev *chr = NULL; 3440 Chardev *mon_chr; 3441 3442 if (!first_cpu) { 3443 error_report("gdbstub: meaningless to attach gdb to a " 3444 "machine without any CPU."); 3445 return -1; 3446 } 3447 3448 if (!gdb_supports_guest_debug()) { 3449 error_report("gdbstub: current accelerator doesn't support guest debugging"); 3450 return -1; 3451 } 3452 3453 if (!device) 3454 return -1; 3455 if (strcmp(device, "none") != 0) { 3456 if (strstart(device, "tcp:", NULL)) { 3457 /* enforce required TCP attributes */ 3458 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name), 3459 "%s,wait=off,nodelay=on,server=on", device); 3460 device = gdbstub_device_name; 3461 } 3462 #ifndef _WIN32 3463 else if (strcmp(device, "stdio") == 0) { 3464 struct sigaction act; 3465 3466 memset(&act, 0, sizeof(act)); 3467 act.sa_handler = gdb_sigterm_handler; 3468 sigaction(SIGINT, &act, NULL); 3469 } 3470 #endif 3471 /* 3472 * FIXME: it's a bit weird to allow using a mux chardev here 3473 * and implicitly setup a monitor. We may want to break this. 3474 */ 3475 chr = qemu_chr_new_noreplay("gdb", device, true, NULL); 3476 if (!chr) 3477 return -1; 3478 } 3479 3480 if (!gdbserver_state.init) { 3481 init_gdbserver_state(); 3482 3483 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL); 3484 3485 /* Initialize a monitor terminal for gdb */ 3486 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB, 3487 NULL, NULL, &error_abort); 3488 monitor_init_hmp(mon_chr, false, &error_abort); 3489 } else { 3490 qemu_chr_fe_deinit(&gdbserver_state.chr, true); 3491 mon_chr = gdbserver_state.mon_chr; 3492 reset_gdbserver_state(); 3493 } 3494 3495 create_processes(&gdbserver_state); 3496 3497 if (chr) { 3498 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort); 3499 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive, 3500 gdb_chr_receive, gdb_chr_event, 3501 NULL, &gdbserver_state, NULL, true); 3502 } 3503 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE; 3504 gdbserver_state.mon_chr = mon_chr; 3505 gdbserver_state.current_syscall_cb = NULL; 3506 3507 return 0; 3508 } 3509 3510 static void register_types(void) 3511 { 3512 type_register_static(&char_gdb_type_info); 3513 } 3514 3515 type_init(register_types); 3516 #endif 3517