File:  [Qemu by Fabrice Bellard] / qemu / monitor.c
Revision 1.1.1.16 (vendor branch): download - view: text, annotated - select for diffs
Tue Apr 24 19:17:26 2018 UTC (2 years, 7 months ago) by root
Branches: qemu, MAIN
CVS tags: qemu1001, HEAD
qemu 1.0.1

    1: /*
    2:  * QEMU monitor
    3:  *
    4:  * Copyright (c) 2003-2004 Fabrice Bellard
    5:  *
    6:  * Permission is hereby granted, free of charge, to any person obtaining a copy
    7:  * of this software and associated documentation files (the "Software"), to deal
    8:  * in the Software without restriction, including without limitation the rights
    9:  * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
   10:  * copies of the Software, and to permit persons to whom the Software is
   11:  * furnished to do so, subject to the following conditions:
   12:  *
   13:  * The above copyright notice and this permission notice shall be included in
   14:  * all copies or substantial portions of the Software.
   15:  *
   16:  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
   17:  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
   18:  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL
   19:  * THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
   20:  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
   21:  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
   22:  * THE SOFTWARE.
   23:  */
   24: #include <dirent.h>
   25: #include "hw/hw.h"
   26: #include "hw/qdev.h"
   27: #include "hw/usb.h"
   28: #include "hw/pcmcia.h"
   29: #include "hw/pc.h"
   30: #include "hw/pci.h"
   31: #include "hw/watchdog.h"
   32: #include "hw/loader.h"
   33: #include "gdbstub.h"
   34: #include "net.h"
   35: #include "net/slirp.h"
   36: #include "qemu-char.h"
   37: #include "ui/qemu-spice.h"
   38: #include "sysemu.h"
   39: #include "monitor.h"
   40: #include "readline.h"
   41: #include "console.h"
   42: #include "blockdev.h"
   43: #include "audio/audio.h"
   44: #include "disas.h"
   45: #include "balloon.h"
   46: #include "qemu-timer.h"
   47: #include "migration.h"
   48: #include "kvm.h"
   49: #include "acl.h"
   50: #include "qint.h"
   51: #include "qfloat.h"
   52: #include "qlist.h"
   53: #include "qbool.h"
   54: #include "qstring.h"
   55: #include "qjson.h"
   56: #include "json-streamer.h"
   57: #include "json-parser.h"
   58: #include "osdep.h"
   59: #include "cpu.h"
   60: #include "trace.h"
   61: #include "trace/control.h"
   62: #ifdef CONFIG_TRACE_SIMPLE
   63: #include "trace/simple.h"
   64: #endif
   65: #include "ui/qemu-spice.h"
   66: #include "memory.h"
   67: #include "qmp-commands.h"
   68: #include "hmp.h"
   69: 
   70: /* for pic/irq_info */
   71: #if defined(TARGET_SPARC)
   72: #include "hw/sun4m.h"
   73: #endif
   74: #include "hw/lm32_pic.h"
   75: 
   76: //#define DEBUG
   77: //#define DEBUG_COMPLETION
   78: 
   79: /*
   80:  * Supported types:
   81:  *
   82:  * 'F'          filename
   83:  * 'B'          block device name
   84:  * 's'          string (accept optional quote)
   85:  * 'O'          option string of the form NAME=VALUE,...
   86:  *              parsed according to QemuOptsList given by its name
   87:  *              Example: 'device:O' uses qemu_device_opts.
   88:  *              Restriction: only lists with empty desc are supported
   89:  *              TODO lift the restriction
   90:  * 'i'          32 bit integer
   91:  * 'l'          target long (32 or 64 bit)
   92:  * 'M'          just like 'l', except in user mode the value is
   93:  *              multiplied by 2^20 (think Mebibyte)
   94:  * 'o'          octets (aka bytes)
   95:  *              user mode accepts an optional T, t, G, g, M, m, K, k
   96:  *              suffix, which multiplies the value by 2^40 for
   97:  *              suffixes T and t, 2^30 for suffixes G and g, 2^20 for
   98:  *              M and m, 2^10 for K and k
   99:  * 'T'          double
  100:  *              user mode accepts an optional ms, us, ns suffix,
  101:  *              which divides the value by 1e3, 1e6, 1e9, respectively
  102:  * '/'          optional gdb-like print format (like "/10x")
  103:  *
  104:  * '?'          optional type (for all types, except '/')
  105:  * '.'          other form of optional type (for 'i' and 'l')
  106:  * 'b'          boolean
  107:  *              user mode accepts "on" or "off"
  108:  * '-'          optional parameter (eg. '-f')
  109:  *
  110:  */
  111: 
  112: typedef struct MonitorCompletionData MonitorCompletionData;
  113: struct MonitorCompletionData {
  114:     Monitor *mon;
  115:     void (*user_print)(Monitor *mon, const QObject *data);
  116: };
  117: 
  118: typedef struct mon_cmd_t {
  119:     const char *name;
  120:     const char *args_type;
  121:     const char *params;
  122:     const char *help;
  123:     void (*user_print)(Monitor *mon, const QObject *data);
  124:     union {
  125:         void (*info)(Monitor *mon);
  126:         void (*cmd)(Monitor *mon, const QDict *qdict);
  127:         int  (*cmd_new)(Monitor *mon, const QDict *params, QObject **ret_data);
  128:         int  (*cmd_async)(Monitor *mon, const QDict *params,
  129:                           MonitorCompletion *cb, void *opaque);
  130:     } mhandler;
  131:     bool qapi;
  132:     int flags;
  133: } mon_cmd_t;
  134: 
  135: /* file descriptors passed via SCM_RIGHTS */
  136: typedef struct mon_fd_t mon_fd_t;
  137: struct mon_fd_t {
  138:     char *name;
  139:     int fd;
  140:     QLIST_ENTRY(mon_fd_t) next;
  141: };
  142: 
  143: typedef struct MonitorControl {
  144:     QObject *id;
  145:     JSONMessageParser parser;
  146:     int command_mode;
  147: } MonitorControl;
  148: 
  149: struct Monitor {
  150:     CharDriverState *chr;
  151:     int mux_out;
  152:     int reset_seen;
  153:     int flags;
  154:     int suspend_cnt;
  155:     uint8_t outbuf[1024];
  156:     int outbuf_index;
  157:     ReadLineState *rs;
  158:     MonitorControl *mc;
  159:     CPUState *mon_cpu;
  160:     BlockDriverCompletionFunc *password_completion_cb;
  161:     void *password_opaque;
  162: #ifdef CONFIG_DEBUG_MONITOR
  163:     int print_calls_nr;
  164: #endif
  165:     QError *error;
  166:     QLIST_HEAD(,mon_fd_t) fds;
  167:     QLIST_ENTRY(Monitor) entry;
  168: };
  169: 
  170: #ifdef CONFIG_DEBUG_MONITOR
  171: #define MON_DEBUG(fmt, ...) do {    \
  172:     fprintf(stderr, "Monitor: ");       \
  173:     fprintf(stderr, fmt, ## __VA_ARGS__); } while (0)
  174: 
  175: static inline void mon_print_count_inc(Monitor *mon)
  176: {
  177:     mon->print_calls_nr++;
  178: }
  179: 
  180: static inline void mon_print_count_init(Monitor *mon)
  181: {
  182:     mon->print_calls_nr = 0;
  183: }
  184: 
  185: static inline int mon_print_count_get(const Monitor *mon)
  186: {
  187:     return mon->print_calls_nr;
  188: }
  189: 
  190: #else /* !CONFIG_DEBUG_MONITOR */
  191: #define MON_DEBUG(fmt, ...) do { } while (0)
  192: static inline void mon_print_count_inc(Monitor *mon) { }
  193: static inline void mon_print_count_init(Monitor *mon) { }
  194: static inline int mon_print_count_get(const Monitor *mon) { return 0; }
  195: #endif /* CONFIG_DEBUG_MONITOR */
  196: 
  197: /* QMP checker flags */
  198: #define QMP_ACCEPT_UNKNOWNS 1
  199: 
  200: static QLIST_HEAD(mon_list, Monitor) mon_list;
  201: 
  202: static mon_cmd_t mon_cmds[];
  203: static mon_cmd_t info_cmds[];
  204: 
  205: static const mon_cmd_t qmp_cmds[];
  206: 
  207: Monitor *cur_mon;
  208: Monitor *default_mon;
  209: 
  210: static void monitor_command_cb(Monitor *mon, const char *cmdline,
  211:                                void *opaque);
  212: 
  213: static inline int qmp_cmd_mode(const Monitor *mon)
  214: {
  215:     return (mon->mc ? mon->mc->command_mode : 0);
  216: }
  217: 
  218: /* Return true if in control mode, false otherwise */
  219: static inline int monitor_ctrl_mode(const Monitor *mon)
  220: {
  221:     return (mon->flags & MONITOR_USE_CONTROL);
  222: }
  223: 
  224: /* Return non-zero iff we have a current monitor, and it is in QMP mode.  */
  225: int monitor_cur_is_qmp(void)
  226: {
  227:     return cur_mon && monitor_ctrl_mode(cur_mon);
  228: }
  229: 
  230: static void monitor_read_command(Monitor *mon, int show_prompt)
  231: {
  232:     if (!mon->rs)
  233:         return;
  234: 
  235:     readline_start(mon->rs, "(qemu) ", 0, monitor_command_cb, NULL);
  236:     if (show_prompt)
  237:         readline_show_prompt(mon->rs);
  238: }
  239: 
  240: static int monitor_read_password(Monitor *mon, ReadLineFunc *readline_func,
  241:                                  void *opaque)
  242: {
  243:     if (monitor_ctrl_mode(mon)) {
  244:         qerror_report(QERR_MISSING_PARAMETER, "password");
  245:         return -EINVAL;
  246:     } else if (mon->rs) {
  247:         readline_start(mon->rs, "Password: ", 1, readline_func, opaque);
  248:         /* prompt is printed on return from the command handler */
  249:         return 0;
  250:     } else {
  251:         monitor_printf(mon, "terminal does not support password prompting\n");
  252:         return -ENOTTY;
  253:     }
  254: }
  255: 
  256: void monitor_flush(Monitor *mon)
  257: {
  258:     if (mon && mon->outbuf_index != 0 && !mon->mux_out) {
  259:         qemu_chr_fe_write(mon->chr, mon->outbuf, mon->outbuf_index);
  260:         mon->outbuf_index = 0;
  261:     }
  262: }
  263: 
  264: /* flush at every end of line or if the buffer is full */
  265: static void monitor_puts(Monitor *mon, const char *str)
  266: {
  267:     char c;
  268: 
  269:     for(;;) {
  270:         c = *str++;
  271:         if (c == '\0')
  272:             break;
  273:         if (c == '\n')
  274:             mon->outbuf[mon->outbuf_index++] = '\r';
  275:         mon->outbuf[mon->outbuf_index++] = c;
  276:         if (mon->outbuf_index >= (sizeof(mon->outbuf) - 1)
  277:             || c == '\n')
  278:             monitor_flush(mon);
  279:     }
  280: }
  281: 
  282: void monitor_vprintf(Monitor *mon, const char *fmt, va_list ap)
  283: {
  284:     char buf[4096];
  285: 
  286:     if (!mon)
  287:         return;
  288: 
  289:     mon_print_count_inc(mon);
  290: 
  291:     if (monitor_ctrl_mode(mon)) {
  292:         return;
  293:     }
  294: 
  295:     vsnprintf(buf, sizeof(buf), fmt, ap);
  296:     monitor_puts(mon, buf);
  297: }
  298: 
  299: void monitor_printf(Monitor *mon, const char *fmt, ...)
  300: {
  301:     va_list ap;
  302:     va_start(ap, fmt);
  303:     monitor_vprintf(mon, fmt, ap);
  304:     va_end(ap);
  305: }
  306: 
  307: void monitor_print_filename(Monitor *mon, const char *filename)
  308: {
  309:     int i;
  310: 
  311:     for (i = 0; filename[i]; i++) {
  312:         switch (filename[i]) {
  313:         case ' ':
  314:         case '"':
  315:         case '\\':
  316:             monitor_printf(mon, "\\%c", filename[i]);
  317:             break;
  318:         case '\t':
  319:             monitor_printf(mon, "\\t");
  320:             break;
  321:         case '\r':
  322:             monitor_printf(mon, "\\r");
  323:             break;
  324:         case '\n':
  325:             monitor_printf(mon, "\\n");
  326:             break;
  327:         default:
  328:             monitor_printf(mon, "%c", filename[i]);
  329:             break;
  330:         }
  331:     }
  332: }
  333: 
  334: static int GCC_FMT_ATTR(2, 3) monitor_fprintf(FILE *stream,
  335:                                               const char *fmt, ...)
  336: {
  337:     va_list ap;
  338:     va_start(ap, fmt);
  339:     monitor_vprintf((Monitor *)stream, fmt, ap);
  340:     va_end(ap);
  341:     return 0;
  342: }
  343: 
  344: static void monitor_user_noop(Monitor *mon, const QObject *data) { }
  345: 
  346: static inline int handler_is_qobject(const mon_cmd_t *cmd)
  347: {
  348:     return cmd->user_print != NULL;
  349: }
  350: 
  351: static inline bool handler_is_async(const mon_cmd_t *cmd)
  352: {
  353:     return cmd->flags & MONITOR_CMD_ASYNC;
  354: }
  355: 
  356: static inline int monitor_has_error(const Monitor *mon)
  357: {
  358:     return mon->error != NULL;
  359: }
  360: 
  361: static void monitor_json_emitter(Monitor *mon, const QObject *data)
  362: {
  363:     QString *json;
  364: 
  365:     json = mon->flags & MONITOR_USE_PRETTY ? qobject_to_json_pretty(data) :
  366:                                              qobject_to_json(data);
  367:     assert(json != NULL);
  368: 
  369:     qstring_append_chr(json, '\n');
  370:     monitor_puts(mon, qstring_get_str(json));
  371: 
  372:     QDECREF(json);
  373: }
  374: 
  375: static void monitor_protocol_emitter(Monitor *mon, QObject *data)
  376: {
  377:     QDict *qmp;
  378: 
  379:     trace_monitor_protocol_emitter(mon);
  380: 
  381:     qmp = qdict_new();
  382: 
  383:     if (!monitor_has_error(mon)) {
  384:         /* success response */
  385:         if (data) {
  386:             qobject_incref(data);
  387:             qdict_put_obj(qmp, "return", data);
  388:         } else {
  389:             /* return an empty QDict by default */
  390:             qdict_put(qmp, "return", qdict_new());
  391:         }
  392:     } else {
  393:         /* error response */
  394:         qdict_put(mon->error->error, "desc", qerror_human(mon->error));
  395:         qdict_put(qmp, "error", mon->error->error);
  396:         QINCREF(mon->error->error);
  397:         QDECREF(mon->error);
  398:         mon->error = NULL;
  399:     }
  400: 
  401:     if (mon->mc->id) {
  402:         qdict_put_obj(qmp, "id", mon->mc->id);
  403:         mon->mc->id = NULL;
  404:     }
  405: 
  406:     monitor_json_emitter(mon, QOBJECT(qmp));
  407:     QDECREF(qmp);
  408: }
  409: 
  410: static void timestamp_put(QDict *qdict)
  411: {
  412:     int err;
  413:     QObject *obj;
  414:     qemu_timeval tv;
  415: 
  416:     err = qemu_gettimeofday(&tv);
  417:     if (err < 0)
  418:         return;
  419: 
  420:     obj = qobject_from_jsonf("{ 'seconds': %" PRId64 ", "
  421:                                 "'microseconds': %" PRId64 " }",
  422:                                 (int64_t) tv.tv_sec, (int64_t) tv.tv_usec);
  423:     qdict_put_obj(qdict, "timestamp", obj);
  424: }
  425: 
  426: /**
  427:  * monitor_protocol_event(): Generate a Monitor event
  428:  *
  429:  * Event-specific data can be emitted through the (optional) 'data' parameter.
  430:  */
  431: void monitor_protocol_event(MonitorEvent event, QObject *data)
  432: {
  433:     QDict *qmp;
  434:     const char *event_name;
  435:     Monitor *mon;
  436: 
  437:     assert(event < QEVENT_MAX);
  438: 
  439:     switch (event) {
  440:         case QEVENT_SHUTDOWN:
  441:             event_name = "SHUTDOWN";
  442:             break;
  443:         case QEVENT_RESET:
  444:             event_name = "RESET";
  445:             break;
  446:         case QEVENT_POWERDOWN:
  447:             event_name = "POWERDOWN";
  448:             break;
  449:         case QEVENT_STOP:
  450:             event_name = "STOP";
  451:             break;
  452:         case QEVENT_RESUME:
  453:             event_name = "RESUME";
  454:             break;
  455:         case QEVENT_VNC_CONNECTED:
  456:             event_name = "VNC_CONNECTED";
  457:             break;
  458:         case QEVENT_VNC_INITIALIZED:
  459:             event_name = "VNC_INITIALIZED";
  460:             break;
  461:         case QEVENT_VNC_DISCONNECTED:
  462:             event_name = "VNC_DISCONNECTED";
  463:             break;
  464:         case QEVENT_BLOCK_IO_ERROR:
  465:             event_name = "BLOCK_IO_ERROR";
  466:             break;
  467:         case QEVENT_RTC_CHANGE:
  468:             event_name = "RTC_CHANGE";
  469:             break;
  470:         case QEVENT_WATCHDOG:
  471:             event_name = "WATCHDOG";
  472:             break;
  473:         case QEVENT_SPICE_CONNECTED:
  474:             event_name = "SPICE_CONNECTED";
  475:             break;
  476:         case QEVENT_SPICE_INITIALIZED:
  477:             event_name = "SPICE_INITIALIZED";
  478:             break;
  479:         case QEVENT_SPICE_DISCONNECTED:
  480:             event_name = "SPICE_DISCONNECTED";
  481:             break;
  482:         default:
  483:             abort();
  484:             break;
  485:     }
  486: 
  487:     qmp = qdict_new();
  488:     timestamp_put(qmp);
  489:     qdict_put(qmp, "event", qstring_from_str(event_name));
  490:     if (data) {
  491:         qobject_incref(data);
  492:         qdict_put_obj(qmp, "data", data);
  493:     }
  494: 
  495:     QLIST_FOREACH(mon, &mon_list, entry) {
  496:         if (monitor_ctrl_mode(mon) && qmp_cmd_mode(mon)) {
  497:             monitor_json_emitter(mon, QOBJECT(qmp));
  498:         }
  499:     }
  500:     QDECREF(qmp);
  501: }
  502: 
  503: static int do_qmp_capabilities(Monitor *mon, const QDict *params,
  504:                                QObject **ret_data)
  505: {
  506:     /* Will setup QMP capabilities in the future */
  507:     if (monitor_ctrl_mode(mon)) {
  508:         mon->mc->command_mode = 1;
  509:     }
  510: 
  511:     return 0;
  512: }
  513: 
  514: static void handle_user_command(Monitor *mon, const char *cmdline);
  515: 
  516: static int do_hmp_passthrough(Monitor *mon, const QDict *params,
  517:                               QObject **ret_data)
  518: {
  519:     int ret = 0;
  520:     Monitor *old_mon, hmp;
  521:     CharDriverState mchar;
  522: 
  523:     memset(&hmp, 0, sizeof(hmp));
  524:     qemu_chr_init_mem(&mchar);
  525:     hmp.chr = &mchar;
  526: 
  527:     old_mon = cur_mon;
  528:     cur_mon = &hmp;
  529: 
  530:     if (qdict_haskey(params, "cpu-index")) {
  531:         ret = monitor_set_cpu(qdict_get_int(params, "cpu-index"));
  532:         if (ret < 0) {
  533:             cur_mon = old_mon;
  534:             qerror_report(QERR_INVALID_PARAMETER_VALUE, "cpu-index", "a CPU number");
  535:             goto out;
  536:         }
  537:     }
  538: 
  539:     handle_user_command(&hmp, qdict_get_str(params, "command-line"));
  540:     cur_mon = old_mon;
  541: 
  542:     if (qemu_chr_mem_osize(hmp.chr) > 0) {
  543:         *ret_data = QOBJECT(qemu_chr_mem_to_qs(hmp.chr));
  544:     }
  545: 
  546: out:
  547:     qemu_chr_close_mem(hmp.chr);
  548:     return ret;
  549: }
  550: 
  551: static int compare_cmd(const char *name, const char *list)
  552: {
  553:     const char *p, *pstart;
  554:     int len;
  555:     len = strlen(name);
  556:     p = list;
  557:     for(;;) {
  558:         pstart = p;
  559:         p = strchr(p, '|');
  560:         if (!p)
  561:             p = pstart + strlen(pstart);
  562:         if ((p - pstart) == len && !memcmp(pstart, name, len))
  563:             return 1;
  564:         if (*p == '\0')
  565:             break;
  566:         p++;
  567:     }
  568:     return 0;
  569: }
  570: 
  571: static void help_cmd_dump(Monitor *mon, const mon_cmd_t *cmds,
  572:                           const char *prefix, const char *name)
  573: {
  574:     const mon_cmd_t *cmd;
  575: 
  576:     for(cmd = cmds; cmd->name != NULL; cmd++) {
  577:         if (!name || !strcmp(name, cmd->name))
  578:             monitor_printf(mon, "%s%s %s -- %s\n", prefix, cmd->name,
  579:                            cmd->params, cmd->help);
  580:     }
  581: }
  582: 
  583: static void help_cmd(Monitor *mon, const char *name)
  584: {
  585:     if (name && !strcmp(name, "info")) {
  586:         help_cmd_dump(mon, info_cmds, "info ", NULL);
  587:     } else {
  588:         help_cmd_dump(mon, mon_cmds, "", name);
  589:         if (name && !strcmp(name, "log")) {
  590:             const CPULogItem *item;
  591:             monitor_printf(mon, "Log items (comma separated):\n");
  592:             monitor_printf(mon, "%-10s %s\n", "none", "remove all logs");
  593:             for(item = cpu_log_items; item->mask != 0; item++) {
  594:                 monitor_printf(mon, "%-10s %s\n", item->name, item->help);
  595:             }
  596:         }
  597:     }
  598: }
  599: 
  600: static void do_help_cmd(Monitor *mon, const QDict *qdict)
  601: {
  602:     help_cmd(mon, qdict_get_try_str(qdict, "name"));
  603: }
  604: 
  605: static void do_trace_event_set_state(Monitor *mon, const QDict *qdict)
  606: {
  607:     const char *tp_name = qdict_get_str(qdict, "name");
  608:     bool new_state = qdict_get_bool(qdict, "option");
  609:     int ret = trace_event_set_state(tp_name, new_state);
  610: 
  611:     if (!ret) {
  612:         monitor_printf(mon, "unknown event name \"%s\"\n", tp_name);
  613:     }
  614: }
  615: 
  616: #ifdef CONFIG_TRACE_SIMPLE
  617: static void do_trace_file(Monitor *mon, const QDict *qdict)
  618: {
  619:     const char *op = qdict_get_try_str(qdict, "op");
  620:     const char *arg = qdict_get_try_str(qdict, "arg");
  621: 
  622:     if (!op) {
  623:         st_print_trace_file_status((FILE *)mon, &monitor_fprintf);
  624:     } else if (!strcmp(op, "on")) {
  625:         st_set_trace_file_enabled(true);
  626:     } else if (!strcmp(op, "off")) {
  627:         st_set_trace_file_enabled(false);
  628:     } else if (!strcmp(op, "flush")) {
  629:         st_flush_trace_buffer();
  630:     } else if (!strcmp(op, "set")) {
  631:         if (arg) {
  632:             st_set_trace_file(arg);
  633:         }
  634:     } else {
  635:         monitor_printf(mon, "unexpected argument \"%s\"\n", op);
  636:         help_cmd(mon, "trace-file");
  637:     }
  638: }
  639: #endif
  640: 
  641: static void user_monitor_complete(void *opaque, QObject *ret_data)
  642: {
  643:     MonitorCompletionData *data = (MonitorCompletionData *)opaque; 
  644: 
  645:     if (ret_data) {
  646:         data->user_print(data->mon, ret_data);
  647:     }
  648:     monitor_resume(data->mon);
  649:     g_free(data);
  650: }
  651: 
  652: static void qmp_monitor_complete(void *opaque, QObject *ret_data)
  653: {
  654:     monitor_protocol_emitter(opaque, ret_data);
  655: }
  656: 
  657: static int qmp_async_cmd_handler(Monitor *mon, const mon_cmd_t *cmd,
  658:                                  const QDict *params)
  659: {
  660:     return cmd->mhandler.cmd_async(mon, params, qmp_monitor_complete, mon);
  661: }
  662: 
  663: static void user_async_cmd_handler(Monitor *mon, const mon_cmd_t *cmd,
  664:                                    const QDict *params)
  665: {
  666:     int ret;
  667: 
  668:     MonitorCompletionData *cb_data = g_malloc(sizeof(*cb_data));
  669:     cb_data->mon = mon;
  670:     cb_data->user_print = cmd->user_print;
  671:     monitor_suspend(mon);
  672:     ret = cmd->mhandler.cmd_async(mon, params,
  673:                                   user_monitor_complete, cb_data);
  674:     if (ret < 0) {
  675:         monitor_resume(mon);
  676:         g_free(cb_data);
  677:     }
  678: }
  679: 
  680: static void do_info(Monitor *mon, const QDict *qdict)
  681: {
  682:     const mon_cmd_t *cmd;
  683:     const char *item = qdict_get_try_str(qdict, "item");
  684: 
  685:     if (!item) {
  686:         goto help;
  687:     }
  688: 
  689:     for (cmd = info_cmds; cmd->name != NULL; cmd++) {
  690:         if (compare_cmd(item, cmd->name))
  691:             break;
  692:     }
  693: 
  694:     if (cmd->name == NULL) {
  695:         goto help;
  696:     }
  697: 
  698:     cmd->mhandler.info(mon);
  699:     return;
  700: 
  701: help:
  702:     help_cmd(mon, "info");
  703: }
  704: 
  705: CommandInfoList *qmp_query_commands(Error **errp)
  706: {
  707:     CommandInfoList *info, *cmd_list = NULL;
  708:     const mon_cmd_t *cmd;
  709: 
  710:     for (cmd = qmp_cmds; cmd->name != NULL; cmd++) {
  711:         info = g_malloc0(sizeof(*info));
  712:         info->value = g_malloc0(sizeof(*info->value));
  713:         info->value->name = g_strdup(cmd->name);
  714: 
  715:         info->next = cmd_list;
  716:         cmd_list = info;
  717:     }
  718: 
  719:     return cmd_list;
  720: }
  721: 
  722: /* set the current CPU defined by the user */
  723: int monitor_set_cpu(int cpu_index)
  724: {
  725:     CPUState *env;
  726: 
  727:     for(env = first_cpu; env != NULL; env = env->next_cpu) {
  728:         if (env->cpu_index == cpu_index) {
  729:             cur_mon->mon_cpu = env;
  730:             return 0;
  731:         }
  732:     }
  733:     return -1;
  734: }
  735: 
  736: static CPUState *mon_get_cpu(void)
  737: {
  738:     if (!cur_mon->mon_cpu) {
  739:         monitor_set_cpu(0);
  740:     }
  741:     cpu_synchronize_state(cur_mon->mon_cpu);
  742:     return cur_mon->mon_cpu;
  743: }
  744: 
  745: int monitor_get_cpu_index(void)
  746: {
  747:     return mon_get_cpu()->cpu_index;
  748: }
  749: 
  750: static void do_info_registers(Monitor *mon)
  751: {
  752:     CPUState *env;
  753:     env = mon_get_cpu();
  754: #ifdef TARGET_I386
  755:     cpu_dump_state(env, (FILE *)mon, monitor_fprintf,
  756:                    X86_DUMP_FPU);
  757: #else
  758:     cpu_dump_state(env, (FILE *)mon, monitor_fprintf,
  759:                    0);
  760: #endif
  761: }
  762: 
  763: static void do_info_jit(Monitor *mon)
  764: {
  765:     dump_exec_info((FILE *)mon, monitor_fprintf);
  766: }
  767: 
  768: static void do_info_history(Monitor *mon)
  769: {
  770:     int i;
  771:     const char *str;
  772: 
  773:     if (!mon->rs)
  774:         return;
  775:     i = 0;
  776:     for(;;) {
  777:         str = readline_get_history(mon->rs, i);
  778:         if (!str)
  779:             break;
  780:         monitor_printf(mon, "%d: '%s'\n", i, str);
  781:         i++;
  782:     }
  783: }
  784: 
  785: #if defined(TARGET_PPC)
  786: /* XXX: not implemented in other targets */
  787: static void do_info_cpu_stats(Monitor *mon)
  788: {
  789:     CPUState *env;
  790: 
  791:     env = mon_get_cpu();
  792:     cpu_dump_statistics(env, (FILE *)mon, &monitor_fprintf, 0);
  793: }
  794: #endif
  795: 
  796: #if defined(CONFIG_TRACE_SIMPLE)
  797: static void do_info_trace(Monitor *mon)
  798: {
  799:     st_print_trace((FILE *)mon, &monitor_fprintf);
  800: }
  801: #endif
  802: 
  803: static void do_trace_print_events(Monitor *mon)
  804: {
  805:     trace_print_events((FILE *)mon, &monitor_fprintf);
  806: }
  807: 
  808: #ifdef CONFIG_VNC
  809: static int change_vnc_password(const char *password)
  810: {
  811:     if (!password || !password[0]) {
  812:         if (vnc_display_disable_login(NULL)) {
  813:             qerror_report(QERR_SET_PASSWD_FAILED);
  814:             return -1;
  815:         }
  816:         return 0;
  817:     }
  818: 
  819:     if (vnc_display_password(NULL, password) < 0) {
  820:         qerror_report(QERR_SET_PASSWD_FAILED);
  821:         return -1;
  822:     }
  823: 
  824:     return 0;
  825: }
  826: 
  827: static void change_vnc_password_cb(Monitor *mon, const char *password,
  828:                                    void *opaque)
  829: {
  830:     change_vnc_password(password);
  831:     monitor_read_command(mon, 1);
  832: }
  833: 
  834: static int do_change_vnc(Monitor *mon, const char *target, const char *arg)
  835: {
  836:     if (strcmp(target, "passwd") == 0 ||
  837:         strcmp(target, "password") == 0) {
  838:         if (arg) {
  839:             char password[9];
  840:             strncpy(password, arg, sizeof(password));
  841:             password[sizeof(password) - 1] = '\0';
  842:             return change_vnc_password(password);
  843:         } else {
  844:             return monitor_read_password(mon, change_vnc_password_cb, NULL);
  845:         }
  846:     } else {
  847:         if (vnc_display_open(NULL, target) < 0) {
  848:             qerror_report(QERR_VNC_SERVER_FAILED, target);
  849:             return -1;
  850:         }
  851:     }
  852: 
  853:     return 0;
  854: }
  855: #else
  856: static int do_change_vnc(Monitor *mon, const char *target, const char *arg)
  857: {
  858:     qerror_report(QERR_FEATURE_DISABLED, "vnc");
  859:     return -ENODEV;
  860: }
  861: #endif
  862: 
  863: /**
  864:  * do_change(): Change a removable medium, or VNC configuration
  865:  */
  866: static int do_change(Monitor *mon, const QDict *qdict, QObject **ret_data)
  867: {
  868:     const char *device = qdict_get_str(qdict, "device");
  869:     const char *target = qdict_get_str(qdict, "target");
  870:     const char *arg = qdict_get_try_str(qdict, "arg");
  871:     int ret;
  872: 
  873:     if (strcmp(device, "vnc") == 0) {
  874:         ret = do_change_vnc(mon, target, arg);
  875:     } else {
  876:         ret = do_change_block(mon, device, target, arg);
  877:     }
  878: 
  879:     return ret;
  880: }
  881: 
  882: static int set_password(Monitor *mon, const QDict *qdict, QObject **ret_data)
  883: {
  884:     const char *protocol  = qdict_get_str(qdict, "protocol");
  885:     const char *password  = qdict_get_str(qdict, "password");
  886:     const char *connected = qdict_get_try_str(qdict, "connected");
  887:     int disconnect_if_connected = 0;
  888:     int fail_if_connected = 0;
  889:     int rc;
  890: 
  891:     if (connected) {
  892:         if (strcmp(connected, "fail") == 0) {
  893:             fail_if_connected = 1;
  894:         } else if (strcmp(connected, "disconnect") == 0) {
  895:             disconnect_if_connected = 1;
  896:         } else if (strcmp(connected, "keep") == 0) {
  897:             /* nothing */
  898:         } else {
  899:             qerror_report(QERR_INVALID_PARAMETER, "connected");
  900:             return -1;
  901:         }
  902:     }
  903: 
  904:     if (strcmp(protocol, "spice") == 0) {
  905:         if (!using_spice) {
  906:             /* correct one? spice isn't a device ,,, */
  907:             qerror_report(QERR_DEVICE_NOT_ACTIVE, "spice");
  908:             return -1;
  909:         }
  910:         rc = qemu_spice_set_passwd(password, fail_if_connected,
  911:                                    disconnect_if_connected);
  912:         if (rc != 0) {
  913:             qerror_report(QERR_SET_PASSWD_FAILED);
  914:             return -1;
  915:         }
  916:         return 0;
  917:     }
  918: 
  919:     if (strcmp(protocol, "vnc") == 0) {
  920:         if (fail_if_connected || disconnect_if_connected) {
  921:             /* vnc supports "connected=keep" only */
  922:             qerror_report(QERR_INVALID_PARAMETER, "connected");
  923:             return -1;
  924:         }
  925:         /* Note that setting an empty password will not disable login through
  926:          * this interface. */
  927:         return vnc_display_password(NULL, password);
  928:     }
  929: 
  930:     qerror_report(QERR_INVALID_PARAMETER, "protocol");
  931:     return -1;
  932: }
  933: 
  934: static int expire_password(Monitor *mon, const QDict *qdict, QObject **ret_data)
  935: {
  936:     const char *protocol  = qdict_get_str(qdict, "protocol");
  937:     const char *whenstr = qdict_get_str(qdict, "time");
  938:     time_t when;
  939:     int rc;
  940: 
  941:     if (strcmp(whenstr, "now") == 0) {
  942:         when = 0;
  943:     } else if (strcmp(whenstr, "never") == 0) {
  944:         when = TIME_MAX;
  945:     } else if (whenstr[0] == '+') {
  946:         when = time(NULL) + strtoull(whenstr+1, NULL, 10);
  947:     } else {
  948:         when = strtoull(whenstr, NULL, 10);
  949:     }
  950: 
  951:     if (strcmp(protocol, "spice") == 0) {
  952:         if (!using_spice) {
  953:             /* correct one? spice isn't a device ,,, */
  954:             qerror_report(QERR_DEVICE_NOT_ACTIVE, "spice");
  955:             return -1;
  956:         }
  957:         rc = qemu_spice_set_pw_expire(when);
  958:         if (rc != 0) {
  959:             qerror_report(QERR_SET_PASSWD_FAILED);
  960:             return -1;
  961:         }
  962:         return 0;
  963:     }
  964: 
  965:     if (strcmp(protocol, "vnc") == 0) {
  966:         return vnc_display_pw_expire(NULL, when);
  967:     }
  968: 
  969:     qerror_report(QERR_INVALID_PARAMETER, "protocol");
  970:     return -1;
  971: }
  972: 
  973: static int add_graphics_client(Monitor *mon, const QDict *qdict, QObject **ret_data)
  974: {
  975:     const char *protocol  = qdict_get_str(qdict, "protocol");
  976:     const char *fdname = qdict_get_str(qdict, "fdname");
  977:     CharDriverState *s;
  978: 
  979:     if (strcmp(protocol, "spice") == 0) {
  980:         if (!using_spice) {
  981:             /* correct one? spice isn't a device ,,, */
  982:             qerror_report(QERR_DEVICE_NOT_ACTIVE, "spice");
  983:             return -1;
  984:         }
  985: 	qerror_report(QERR_ADD_CLIENT_FAILED);
  986: 	return -1;
  987: #ifdef CONFIG_VNC
  988:     } else if (strcmp(protocol, "vnc") == 0) {
  989: 	int fd = monitor_get_fd(mon, fdname);
  990:         int skipauth = qdict_get_try_bool(qdict, "skipauth", 0);
  991: 	vnc_display_add_client(NULL, fd, skipauth);
  992: 	return 0;
  993: #endif
  994:     } else if ((s = qemu_chr_find(protocol)) != NULL) {
  995: 	int fd = monitor_get_fd(mon, fdname);
  996: 	if (qemu_chr_add_client(s, fd) < 0) {
  997: 	    qerror_report(QERR_ADD_CLIENT_FAILED);
  998: 	    return -1;
  999: 	}
 1000: 	return 0;
 1001:     }
 1002: 
 1003:     qerror_report(QERR_INVALID_PARAMETER, "protocol");
 1004:     return -1;
 1005: }
 1006: 
 1007: static int client_migrate_info(Monitor *mon, const QDict *qdict,
 1008:                                MonitorCompletion cb, void *opaque)
 1009: {
 1010:     const char *protocol = qdict_get_str(qdict, "protocol");
 1011:     const char *hostname = qdict_get_str(qdict, "hostname");
 1012:     const char *subject  = qdict_get_try_str(qdict, "cert-subject");
 1013:     int port             = qdict_get_try_int(qdict, "port", -1);
 1014:     int tls_port         = qdict_get_try_int(qdict, "tls-port", -1);
 1015:     int ret;
 1016: 
 1017:     if (strcmp(protocol, "spice") == 0) {
 1018:         if (!using_spice) {
 1019:             qerror_report(QERR_DEVICE_NOT_ACTIVE, "spice");
 1020:             return -1;
 1021:         }
 1022: 
 1023:         ret = qemu_spice_migrate_info(hostname, port, tls_port, subject,
 1024:                                       cb, opaque);
 1025:         if (ret != 0) {
 1026:             qerror_report(QERR_UNDEFINED_ERROR);
 1027:             return -1;
 1028:         }
 1029:         return 0;
 1030:     }
 1031: 
 1032:     qerror_report(QERR_INVALID_PARAMETER, "protocol");
 1033:     return -1;
 1034: }
 1035: 
 1036: static int do_screen_dump(Monitor *mon, const QDict *qdict, QObject **ret_data)
 1037: {
 1038:     vga_hw_screen_dump(qdict_get_str(qdict, "filename"));
 1039:     return 0;
 1040: }
 1041: 
 1042: static void do_logfile(Monitor *mon, const QDict *qdict)
 1043: {
 1044:     cpu_set_log_filename(qdict_get_str(qdict, "filename"));
 1045: }
 1046: 
 1047: static void do_log(Monitor *mon, const QDict *qdict)
 1048: {
 1049:     int mask;
 1050:     const char *items = qdict_get_str(qdict, "items");
 1051: 
 1052:     if (!strcmp(items, "none")) {
 1053:         mask = 0;
 1054:     } else {
 1055:         mask = cpu_str_to_log_mask(items);
 1056:         if (!mask) {
 1057:             help_cmd(mon, "log");
 1058:             return;
 1059:         }
 1060:     }
 1061:     cpu_set_log(mask);
 1062: }
 1063: 
 1064: static void do_singlestep(Monitor *mon, const QDict *qdict)
 1065: {
 1066:     const char *option = qdict_get_try_str(qdict, "option");
 1067:     if (!option || !strcmp(option, "on")) {
 1068:         singlestep = 1;
 1069:     } else if (!strcmp(option, "off")) {
 1070:         singlestep = 0;
 1071:     } else {
 1072:         monitor_printf(mon, "unexpected option %s\n", option);
 1073:     }
 1074: }
 1075: 
 1076: static void encrypted_bdrv_it(void *opaque, BlockDriverState *bs);
 1077: 
 1078: struct bdrv_iterate_context {
 1079:     Monitor *mon;
 1080:     int err;
 1081: };
 1082: 
 1083: static void iostatus_bdrv_it(void *opaque, BlockDriverState *bs)
 1084: {
 1085:     bdrv_iostatus_reset(bs);
 1086: }
 1087: 
 1088: /**
 1089:  * do_cont(): Resume emulation.
 1090:  */
 1091: static int do_cont(Monitor *mon, const QDict *qdict, QObject **ret_data)
 1092: {
 1093:     struct bdrv_iterate_context context = { mon, 0 };
 1094: 
 1095:     if (runstate_check(RUN_STATE_INMIGRATE)) {
 1096:         qerror_report(QERR_MIGRATION_EXPECTED);
 1097:         return -1;
 1098:     } else if (runstate_check(RUN_STATE_INTERNAL_ERROR) ||
 1099:                runstate_check(RUN_STATE_SHUTDOWN)) {
 1100:         qerror_report(QERR_RESET_REQUIRED);
 1101:         return -1;
 1102:     }
 1103: 
 1104:     bdrv_iterate(iostatus_bdrv_it, NULL);
 1105:     bdrv_iterate(encrypted_bdrv_it, &context);
 1106:     /* only resume the vm if all keys are set and valid */
 1107:     if (!context.err) {
 1108:         vm_start();
 1109:         return 0;
 1110:     } else {
 1111:         return -1;
 1112:     }
 1113: }
 1114: 
 1115: static void bdrv_key_cb(void *opaque, int err)
 1116: {
 1117:     Monitor *mon = opaque;
 1118: 
 1119:     /* another key was set successfully, retry to continue */
 1120:     if (!err)
 1121:         do_cont(mon, NULL, NULL);
 1122: }
 1123: 
 1124: static void encrypted_bdrv_it(void *opaque, BlockDriverState *bs)
 1125: {
 1126:     struct bdrv_iterate_context *context = opaque;
 1127: 
 1128:     if (!context->err && bdrv_key_required(bs)) {
 1129:         context->err = -EBUSY;
 1130:         monitor_read_bdrv_key_start(context->mon, bs, bdrv_key_cb,
 1131:                                     context->mon);
 1132:     }
 1133: }
 1134: 
 1135: static void do_gdbserver(Monitor *mon, const QDict *qdict)
 1136: {
 1137:     const char *device = qdict_get_try_str(qdict, "device");
 1138:     if (!device)
 1139:         device = "tcp::" DEFAULT_GDBSTUB_PORT;
 1140:     if (gdbserver_start(device) < 0) {
 1141:         monitor_printf(mon, "Could not open gdbserver on device '%s'\n",
 1142:                        device);
 1143:     } else if (strcmp(device, "none") == 0) {
 1144:         monitor_printf(mon, "Disabled gdbserver\n");
 1145:     } else {
 1146:         monitor_printf(mon, "Waiting for gdb connection on device '%s'\n",
 1147:                        device);
 1148:     }
 1149: }
 1150: 
 1151: static void do_watchdog_action(Monitor *mon, const QDict *qdict)
 1152: {
 1153:     const char *action = qdict_get_str(qdict, "action");
 1154:     if (select_watchdog_action(action) == -1) {
 1155:         monitor_printf(mon, "Unknown watchdog action '%s'\n", action);
 1156:     }
 1157: }
 1158: 
 1159: static void monitor_printc(Monitor *mon, int c)
 1160: {
 1161:     monitor_printf(mon, "'");
 1162:     switch(c) {
 1163:     case '\'':
 1164:         monitor_printf(mon, "\\'");
 1165:         break;
 1166:     case '\\':
 1167:         monitor_printf(mon, "\\\\");
 1168:         break;
 1169:     case '\n':
 1170:         monitor_printf(mon, "\\n");
 1171:         break;
 1172:     case '\r':
 1173:         monitor_printf(mon, "\\r");
 1174:         break;
 1175:     default:
 1176:         if (c >= 32 && c <= 126) {
 1177:             monitor_printf(mon, "%c", c);
 1178:         } else {
 1179:             monitor_printf(mon, "\\x%02x", c);
 1180:         }
 1181:         break;
 1182:     }
 1183:     monitor_printf(mon, "'");
 1184: }
 1185: 
 1186: static void memory_dump(Monitor *mon, int count, int format, int wsize,
 1187:                         target_phys_addr_t addr, int is_physical)
 1188: {
 1189:     CPUState *env;
 1190:     int l, line_size, i, max_digits, len;
 1191:     uint8_t buf[16];
 1192:     uint64_t v;
 1193: 
 1194:     if (format == 'i') {
 1195:         int flags;
 1196:         flags = 0;
 1197:         env = mon_get_cpu();
 1198: #ifdef TARGET_I386
 1199:         if (wsize == 2) {
 1200:             flags = 1;
 1201:         } else if (wsize == 4) {
 1202:             flags = 0;
 1203:         } else {
 1204:             /* as default we use the current CS size */
 1205:             flags = 0;
 1206:             if (env) {
 1207: #ifdef TARGET_X86_64
 1208:                 if ((env->efer & MSR_EFER_LMA) &&
 1209:                     (env->segs[R_CS].flags & DESC_L_MASK))
 1210:                     flags = 2;
 1211:                 else
 1212: #endif
 1213:                 if (!(env->segs[R_CS].flags & DESC_B_MASK))
 1214:                     flags = 1;
 1215:             }
 1216:         }
 1217: #endif
 1218:         monitor_disas(mon, env, addr, count, is_physical, flags);
 1219:         return;
 1220:     }
 1221: 
 1222:     len = wsize * count;
 1223:     if (wsize == 1)
 1224:         line_size = 8;
 1225:     else
 1226:         line_size = 16;
 1227:     max_digits = 0;
 1228: 
 1229:     switch(format) {
 1230:     case 'o':
 1231:         max_digits = (wsize * 8 + 2) / 3;
 1232:         break;
 1233:     default:
 1234:     case 'x':
 1235:         max_digits = (wsize * 8) / 4;
 1236:         break;
 1237:     case 'u':
 1238:     case 'd':
 1239:         max_digits = (wsize * 8 * 10 + 32) / 33;
 1240:         break;
 1241:     case 'c':
 1242:         wsize = 1;
 1243:         break;
 1244:     }
 1245: 
 1246:     while (len > 0) {
 1247:         if (is_physical)
 1248:             monitor_printf(mon, TARGET_FMT_plx ":", addr);
 1249:         else
 1250:             monitor_printf(mon, TARGET_FMT_lx ":", (target_ulong)addr);
 1251:         l = len;
 1252:         if (l > line_size)
 1253:             l = line_size;
 1254:         if (is_physical) {
 1255:             cpu_physical_memory_read(addr, buf, l);
 1256:         } else {
 1257:             env = mon_get_cpu();
 1258:             if (cpu_memory_rw_debug(env, addr, buf, l, 0) < 0) {
 1259:                 monitor_printf(mon, " Cannot access memory\n");
 1260:                 break;
 1261:             }
 1262:         }
 1263:         i = 0;
 1264:         while (i < l) {
 1265:             switch(wsize) {
 1266:             default:
 1267:             case 1:
 1268:                 v = ldub_raw(buf + i);
 1269:                 break;
 1270:             case 2:
 1271:                 v = lduw_raw(buf + i);
 1272:                 break;
 1273:             case 4:
 1274:                 v = (uint32_t)ldl_raw(buf + i);
 1275:                 break;
 1276:             case 8:
 1277:                 v = ldq_raw(buf + i);
 1278:                 break;
 1279:             }
 1280:             monitor_printf(mon, " ");
 1281:             switch(format) {
 1282:             case 'o':
 1283:                 monitor_printf(mon, "%#*" PRIo64, max_digits, v);
 1284:                 break;
 1285:             case 'x':
 1286:                 monitor_printf(mon, "0x%0*" PRIx64, max_digits, v);
 1287:                 break;
 1288:             case 'u':
 1289:                 monitor_printf(mon, "%*" PRIu64, max_digits, v);
 1290:                 break;
 1291:             case 'd':
 1292:                 monitor_printf(mon, "%*" PRId64, max_digits, v);
 1293:                 break;
 1294:             case 'c':
 1295:                 monitor_printc(mon, v);
 1296:                 break;
 1297:             }
 1298:             i += wsize;
 1299:         }
 1300:         monitor_printf(mon, "\n");
 1301:         addr += l;
 1302:         len -= l;
 1303:     }
 1304: }
 1305: 
 1306: static void do_memory_dump(Monitor *mon, const QDict *qdict)
 1307: {
 1308:     int count = qdict_get_int(qdict, "count");
 1309:     int format = qdict_get_int(qdict, "format");
 1310:     int size = qdict_get_int(qdict, "size");
 1311:     target_long addr = qdict_get_int(qdict, "addr");
 1312: 
 1313:     memory_dump(mon, count, format, size, addr, 0);
 1314: }
 1315: 
 1316: static void do_physical_memory_dump(Monitor *mon, const QDict *qdict)
 1317: {
 1318:     int count = qdict_get_int(qdict, "count");
 1319:     int format = qdict_get_int(qdict, "format");
 1320:     int size = qdict_get_int(qdict, "size");
 1321:     target_phys_addr_t addr = qdict_get_int(qdict, "addr");
 1322: 
 1323:     memory_dump(mon, count, format, size, addr, 1);
 1324: }
 1325: 
 1326: static void do_print(Monitor *mon, const QDict *qdict)
 1327: {
 1328:     int format = qdict_get_int(qdict, "format");
 1329:     target_phys_addr_t val = qdict_get_int(qdict, "val");
 1330: 
 1331: #if TARGET_PHYS_ADDR_BITS == 32
 1332:     switch(format) {
 1333:     case 'o':
 1334:         monitor_printf(mon, "%#o", val);
 1335:         break;
 1336:     case 'x':
 1337:         monitor_printf(mon, "%#x", val);
 1338:         break;
 1339:     case 'u':
 1340:         monitor_printf(mon, "%u", val);
 1341:         break;
 1342:     default:
 1343:     case 'd':
 1344:         monitor_printf(mon, "%d", val);
 1345:         break;
 1346:     case 'c':
 1347:         monitor_printc(mon, val);
 1348:         break;
 1349:     }
 1350: #else
 1351:     switch(format) {
 1352:     case 'o':
 1353:         monitor_printf(mon, "%#" PRIo64, val);
 1354:         break;
 1355:     case 'x':
 1356:         monitor_printf(mon, "%#" PRIx64, val);
 1357:         break;
 1358:     case 'u':
 1359:         monitor_printf(mon, "%" PRIu64, val);
 1360:         break;
 1361:     default:
 1362:     case 'd':
 1363:         monitor_printf(mon, "%" PRId64, val);
 1364:         break;
 1365:     case 'c':
 1366:         monitor_printc(mon, val);
 1367:         break;
 1368:     }
 1369: #endif
 1370:     monitor_printf(mon, "\n");
 1371: }
 1372: 
 1373: static int do_memory_save(Monitor *mon, const QDict *qdict, QObject **ret_data)
 1374: {
 1375:     FILE *f;
 1376:     uint32_t size = qdict_get_int(qdict, "size");
 1377:     const char *filename = qdict_get_str(qdict, "filename");
 1378:     target_long addr = qdict_get_int(qdict, "val");
 1379:     uint32_t l;
 1380:     CPUState *env;
 1381:     uint8_t buf[1024];
 1382:     int ret = -1;
 1383: 
 1384:     env = mon_get_cpu();
 1385: 
 1386:     f = fopen(filename, "wb");
 1387:     if (!f) {
 1388:         qerror_report(QERR_OPEN_FILE_FAILED, filename);
 1389:         return -1;
 1390:     }
 1391:     while (size != 0) {
 1392:         l = sizeof(buf);
 1393:         if (l > size)
 1394:             l = size;
 1395:         cpu_memory_rw_debug(env, addr, buf, l, 0);
 1396:         if (fwrite(buf, 1, l, f) != l) {
 1397:             monitor_printf(mon, "fwrite() error in do_memory_save\n");
 1398:             goto exit;
 1399:         }
 1400:         addr += l;
 1401:         size -= l;
 1402:     }
 1403: 
 1404:     ret = 0;
 1405: 
 1406: exit:
 1407:     fclose(f);
 1408:     return ret;
 1409: }
 1410: 
 1411: static int do_physical_memory_save(Monitor *mon, const QDict *qdict,
 1412:                                     QObject **ret_data)
 1413: {
 1414:     FILE *f;
 1415:     uint32_t l;
 1416:     uint8_t buf[1024];
 1417:     uint32_t size = qdict_get_int(qdict, "size");
 1418:     const char *filename = qdict_get_str(qdict, "filename");
 1419:     target_phys_addr_t addr = qdict_get_int(qdict, "val");
 1420:     int ret = -1;
 1421: 
 1422:     f = fopen(filename, "wb");
 1423:     if (!f) {
 1424:         qerror_report(QERR_OPEN_FILE_FAILED, filename);
 1425:         return -1;
 1426:     }
 1427:     while (size != 0) {
 1428:         l = sizeof(buf);
 1429:         if (l > size)
 1430:             l = size;
 1431:         cpu_physical_memory_read(addr, buf, l);
 1432:         if (fwrite(buf, 1, l, f) != l) {
 1433:             monitor_printf(mon, "fwrite() error in do_physical_memory_save\n");
 1434:             goto exit;
 1435:         }
 1436:         fflush(f);
 1437:         addr += l;
 1438:         size -= l;
 1439:     }
 1440: 
 1441:     ret = 0;
 1442: 
 1443: exit:
 1444:     fclose(f);
 1445:     return ret;
 1446: }
 1447: 
 1448: static void do_sum(Monitor *mon, const QDict *qdict)
 1449: {
 1450:     uint32_t addr;
 1451:     uint16_t sum;
 1452:     uint32_t start = qdict_get_int(qdict, "start");
 1453:     uint32_t size = qdict_get_int(qdict, "size");
 1454: 
 1455:     sum = 0;
 1456:     for(addr = start; addr < (start + size); addr++) {
 1457:         uint8_t val = ldub_phys(addr);
 1458:         /* BSD sum algorithm ('sum' Unix command) */
 1459:         sum = (sum >> 1) | (sum << 15);
 1460:         sum += val;
 1461:     }
 1462:     monitor_printf(mon, "%05d\n", sum);
 1463: }
 1464: 
 1465: typedef struct {
 1466:     int keycode;
 1467:     const char *name;
 1468: } KeyDef;
 1469: 
 1470: static const KeyDef key_defs[] = {
 1471:     { 0x2a, "shift" },
 1472:     { 0x36, "shift_r" },
 1473: 
 1474:     { 0x38, "alt" },
 1475:     { 0xb8, "alt_r" },
 1476:     { 0x64, "altgr" },
 1477:     { 0xe4, "altgr_r" },
 1478:     { 0x1d, "ctrl" },
 1479:     { 0x9d, "ctrl_r" },
 1480: 
 1481:     { 0xdd, "menu" },
 1482: 
 1483:     { 0x01, "esc" },
 1484: 
 1485:     { 0x02, "1" },
 1486:     { 0x03, "2" },
 1487:     { 0x04, "3" },
 1488:     { 0x05, "4" },
 1489:     { 0x06, "5" },
 1490:     { 0x07, "6" },
 1491:     { 0x08, "7" },
 1492:     { 0x09, "8" },
 1493:     { 0x0a, "9" },
 1494:     { 0x0b, "0" },
 1495:     { 0x0c, "minus" },
 1496:     { 0x0d, "equal" },
 1497:     { 0x0e, "backspace" },
 1498: 
 1499:     { 0x0f, "tab" },
 1500:     { 0x10, "q" },
 1501:     { 0x11, "w" },
 1502:     { 0x12, "e" },
 1503:     { 0x13, "r" },
 1504:     { 0x14, "t" },
 1505:     { 0x15, "y" },
 1506:     { 0x16, "u" },
 1507:     { 0x17, "i" },
 1508:     { 0x18, "o" },
 1509:     { 0x19, "p" },
 1510:     { 0x1a, "bracket_left" },
 1511:     { 0x1b, "bracket_right" },
 1512:     { 0x1c, "ret" },
 1513: 
 1514:     { 0x1e, "a" },
 1515:     { 0x1f, "s" },
 1516:     { 0x20, "d" },
 1517:     { 0x21, "f" },
 1518:     { 0x22, "g" },
 1519:     { 0x23, "h" },
 1520:     { 0x24, "j" },
 1521:     { 0x25, "k" },
 1522:     { 0x26, "l" },
 1523:     { 0x27, "semicolon" },
 1524:     { 0x28, "apostrophe" },
 1525:     { 0x29, "grave_accent" },
 1526: 
 1527:     { 0x2b, "backslash" },
 1528:     { 0x2c, "z" },
 1529:     { 0x2d, "x" },
 1530:     { 0x2e, "c" },
 1531:     { 0x2f, "v" },
 1532:     { 0x30, "b" },
 1533:     { 0x31, "n" },
 1534:     { 0x32, "m" },
 1535:     { 0x33, "comma" },
 1536:     { 0x34, "dot" },
 1537:     { 0x35, "slash" },
 1538: 
 1539:     { 0x37, "asterisk" },
 1540: 
 1541:     { 0x39, "spc" },
 1542:     { 0x3a, "caps_lock" },
 1543:     { 0x3b, "f1" },
 1544:     { 0x3c, "f2" },
 1545:     { 0x3d, "f3" },
 1546:     { 0x3e, "f4" },
 1547:     { 0x3f, "f5" },
 1548:     { 0x40, "f6" },
 1549:     { 0x41, "f7" },
 1550:     { 0x42, "f8" },
 1551:     { 0x43, "f9" },
 1552:     { 0x44, "f10" },
 1553:     { 0x45, "num_lock" },
 1554:     { 0x46, "scroll_lock" },
 1555: 
 1556:     { 0xb5, "kp_divide" },
 1557:     { 0x37, "kp_multiply" },
 1558:     { 0x4a, "kp_subtract" },
 1559:     { 0x4e, "kp_add" },
 1560:     { 0x9c, "kp_enter" },
 1561:     { 0x53, "kp_decimal" },
 1562:     { 0x54, "sysrq" },
 1563: 
 1564:     { 0x52, "kp_0" },
 1565:     { 0x4f, "kp_1" },
 1566:     { 0x50, "kp_2" },
 1567:     { 0x51, "kp_3" },
 1568:     { 0x4b, "kp_4" },
 1569:     { 0x4c, "kp_5" },
 1570:     { 0x4d, "kp_6" },
 1571:     { 0x47, "kp_7" },
 1572:     { 0x48, "kp_8" },
 1573:     { 0x49, "kp_9" },
 1574: 
 1575:     { 0x56, "<" },
 1576: 
 1577:     { 0x57, "f11" },
 1578:     { 0x58, "f12" },
 1579: 
 1580:     { 0xb7, "print" },
 1581: 
 1582:     { 0xc7, "home" },
 1583:     { 0xc9, "pgup" },
 1584:     { 0xd1, "pgdn" },
 1585:     { 0xcf, "end" },
 1586: 
 1587:     { 0xcb, "left" },
 1588:     { 0xc8, "up" },
 1589:     { 0xd0, "down" },
 1590:     { 0xcd, "right" },
 1591: 
 1592:     { 0xd2, "insert" },
 1593:     { 0xd3, "delete" },
 1594: #if defined(TARGET_SPARC) && !defined(TARGET_SPARC64)
 1595:     { 0xf0, "stop" },
 1596:     { 0xf1, "again" },
 1597:     { 0xf2, "props" },
 1598:     { 0xf3, "undo" },
 1599:     { 0xf4, "front" },
 1600:     { 0xf5, "copy" },
 1601:     { 0xf6, "open" },
 1602:     { 0xf7, "paste" },
 1603:     { 0xf8, "find" },
 1604:     { 0xf9, "cut" },
 1605:     { 0xfa, "lf" },
 1606:     { 0xfb, "help" },
 1607:     { 0xfc, "meta_l" },
 1608:     { 0xfd, "meta_r" },
 1609:     { 0xfe, "compose" },
 1610: #endif
 1611:     { 0, NULL },
 1612: };
 1613: 
 1614: static int get_keycode(const char *key)
 1615: {
 1616:     const KeyDef *p;
 1617:     char *endp;
 1618:     int ret;
 1619: 
 1620:     for(p = key_defs; p->name != NULL; p++) {
 1621:         if (!strcmp(key, p->name))
 1622:             return p->keycode;
 1623:     }
 1624:     if (strstart(key, "0x", NULL)) {
 1625:         ret = strtoul(key, &endp, 0);
 1626:         if (*endp == '\0' && ret >= 0x01 && ret <= 0xff)
 1627:             return ret;
 1628:     }
 1629:     return -1;
 1630: }
 1631: 
 1632: #define MAX_KEYCODES 16
 1633: static uint8_t keycodes[MAX_KEYCODES];
 1634: static int nb_pending_keycodes;
 1635: static QEMUTimer *key_timer;
 1636: 
 1637: static void release_keys(void *opaque)
 1638: {
 1639:     int keycode;
 1640: 
 1641:     while (nb_pending_keycodes > 0) {
 1642:         nb_pending_keycodes--;
 1643:         keycode = keycodes[nb_pending_keycodes];
 1644:         if (keycode & 0x80)
 1645:             kbd_put_keycode(0xe0);
 1646:         kbd_put_keycode(keycode | 0x80);
 1647:     }
 1648: }
 1649: 
 1650: static void do_sendkey(Monitor *mon, const QDict *qdict)
 1651: {
 1652:     char keyname_buf[16];
 1653:     char *separator;
 1654:     int keyname_len, keycode, i;
 1655:     const char *string = qdict_get_str(qdict, "string");
 1656:     int has_hold_time = qdict_haskey(qdict, "hold_time");
 1657:     int hold_time = qdict_get_try_int(qdict, "hold_time", -1);
 1658: 
 1659:     if (nb_pending_keycodes > 0) {
 1660:         qemu_del_timer(key_timer);
 1661:         release_keys(NULL);
 1662:     }
 1663:     if (!has_hold_time)
 1664:         hold_time = 100;
 1665:     i = 0;
 1666:     while (1) {
 1667:         separator = strchr(string, '-');
 1668:         keyname_len = separator ? separator - string : strlen(string);
 1669:         if (keyname_len > 0) {
 1670:             pstrcpy(keyname_buf, sizeof(keyname_buf), string);
 1671:             if (keyname_len > sizeof(keyname_buf) - 1) {
 1672:                 monitor_printf(mon, "invalid key: '%s...'\n", keyname_buf);
 1673:                 return;
 1674:             }
 1675:             if (i == MAX_KEYCODES) {
 1676:                 monitor_printf(mon, "too many keys\n");
 1677:                 return;
 1678:             }
 1679:             keyname_buf[keyname_len] = 0;
 1680:             keycode = get_keycode(keyname_buf);
 1681:             if (keycode < 0) {
 1682:                 monitor_printf(mon, "unknown key: '%s'\n", keyname_buf);
 1683:                 return;
 1684:             }
 1685:             keycodes[i++] = keycode;
 1686:         }
 1687:         if (!separator)
 1688:             break;
 1689:         string = separator + 1;
 1690:     }
 1691:     nb_pending_keycodes = i;
 1692:     /* key down events */
 1693:     for (i = 0; i < nb_pending_keycodes; i++) {
 1694:         keycode = keycodes[i];
 1695:         if (keycode & 0x80)
 1696:             kbd_put_keycode(0xe0);
 1697:         kbd_put_keycode(keycode & 0x7f);
 1698:     }
 1699:     /* delayed key up events */
 1700:     qemu_mod_timer(key_timer, qemu_get_clock_ns(vm_clock) +
 1701:                    muldiv64(get_ticks_per_sec(), hold_time, 1000));
 1702: }
 1703: 
 1704: static int mouse_button_state;
 1705: 
 1706: static void do_mouse_move(Monitor *mon, const QDict *qdict)
 1707: {
 1708:     int dx, dy, dz;
 1709:     const char *dx_str = qdict_get_str(qdict, "dx_str");
 1710:     const char *dy_str = qdict_get_str(qdict, "dy_str");
 1711:     const char *dz_str = qdict_get_try_str(qdict, "dz_str");
 1712:     dx = strtol(dx_str, NULL, 0);
 1713:     dy = strtol(dy_str, NULL, 0);
 1714:     dz = 0;
 1715:     if (dz_str)
 1716:         dz = strtol(dz_str, NULL, 0);
 1717:     kbd_mouse_event(dx, dy, dz, mouse_button_state);
 1718: }
 1719: 
 1720: static void do_mouse_button(Monitor *mon, const QDict *qdict)
 1721: {
 1722:     int button_state = qdict_get_int(qdict, "button_state");
 1723:     mouse_button_state = button_state;
 1724:     kbd_mouse_event(0, 0, 0, mouse_button_state);
 1725: }
 1726: 
 1727: static void do_ioport_read(Monitor *mon, const QDict *qdict)
 1728: {
 1729:     int size = qdict_get_int(qdict, "size");
 1730:     int addr = qdict_get_int(qdict, "addr");
 1731:     int has_index = qdict_haskey(qdict, "index");
 1732:     uint32_t val;
 1733:     int suffix;
 1734: 
 1735:     if (has_index) {
 1736:         int index = qdict_get_int(qdict, "index");
 1737:         cpu_outb(addr & IOPORTS_MASK, index & 0xff);
 1738:         addr++;
 1739:     }
 1740:     addr &= 0xffff;
 1741: 
 1742:     switch(size) {
 1743:     default:
 1744:     case 1:
 1745:         val = cpu_inb(addr);
 1746:         suffix = 'b';
 1747:         break;
 1748:     case 2:
 1749:         val = cpu_inw(addr);
 1750:         suffix = 'w';
 1751:         break;
 1752:     case 4:
 1753:         val = cpu_inl(addr);
 1754:         suffix = 'l';
 1755:         break;
 1756:     }
 1757:     monitor_printf(mon, "port%c[0x%04x] = %#0*x\n",
 1758:                    suffix, addr, size * 2, val);
 1759: }
 1760: 
 1761: static void do_ioport_write(Monitor *mon, const QDict *qdict)
 1762: {
 1763:     int size = qdict_get_int(qdict, "size");
 1764:     int addr = qdict_get_int(qdict, "addr");
 1765:     int val = qdict_get_int(qdict, "val");
 1766: 
 1767:     addr &= IOPORTS_MASK;
 1768: 
 1769:     switch (size) {
 1770:     default:
 1771:     case 1:
 1772:         cpu_outb(addr, val);
 1773:         break;
 1774:     case 2:
 1775:         cpu_outw(addr, val);
 1776:         break;
 1777:     case 4:
 1778:         cpu_outl(addr, val);
 1779:         break;
 1780:     }
 1781: }
 1782: 
 1783: static void do_boot_set(Monitor *mon, const QDict *qdict)
 1784: {
 1785:     int res;
 1786:     const char *bootdevice = qdict_get_str(qdict, "bootdevice");
 1787: 
 1788:     res = qemu_boot_set(bootdevice);
 1789:     if (res == 0) {
 1790:         monitor_printf(mon, "boot device list now set to %s\n", bootdevice);
 1791:     } else if (res > 0) {
 1792:         monitor_printf(mon, "setting boot device list failed\n");
 1793:     } else {
 1794:         monitor_printf(mon, "no function defined to set boot device list for "
 1795:                        "this architecture\n");
 1796:     }
 1797: }
 1798: 
 1799: /**
 1800:  * do_system_powerdown(): Issue a machine powerdown
 1801:  */
 1802: static int do_system_powerdown(Monitor *mon, const QDict *qdict,
 1803:                                QObject **ret_data)
 1804: {
 1805:     qemu_system_powerdown_request();
 1806:     return 0;
 1807: }
 1808: 
 1809: #if defined(TARGET_I386)
 1810: static void print_pte(Monitor *mon, target_phys_addr_t addr,
 1811:                       target_phys_addr_t pte,
 1812:                       target_phys_addr_t mask)
 1813: {
 1814: #ifdef TARGET_X86_64
 1815:     if (addr & (1ULL << 47)) {
 1816:         addr |= -1LL << 48;
 1817:     }
 1818: #endif
 1819:     monitor_printf(mon, TARGET_FMT_plx ": " TARGET_FMT_plx
 1820:                    " %c%c%c%c%c%c%c%c%c\n",
 1821:                    addr,
 1822:                    pte & mask,
 1823:                    pte & PG_NX_MASK ? 'X' : '-',
 1824:                    pte & PG_GLOBAL_MASK ? 'G' : '-',
 1825:                    pte & PG_PSE_MASK ? 'P' : '-',
 1826:                    pte & PG_DIRTY_MASK ? 'D' : '-',
 1827:                    pte & PG_ACCESSED_MASK ? 'A' : '-',
 1828:                    pte & PG_PCD_MASK ? 'C' : '-',
 1829:                    pte & PG_PWT_MASK ? 'T' : '-',
 1830:                    pte & PG_USER_MASK ? 'U' : '-',
 1831:                    pte & PG_RW_MASK ? 'W' : '-');
 1832: }
 1833: 
 1834: static void tlb_info_32(Monitor *mon, CPUState *env)
 1835: {
 1836:     unsigned int l1, l2;
 1837:     uint32_t pgd, pde, pte;
 1838: 
 1839:     pgd = env->cr[3] & ~0xfff;
 1840:     for(l1 = 0; l1 < 1024; l1++) {
 1841:         cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
 1842:         pde = le32_to_cpu(pde);
 1843:         if (pde & PG_PRESENT_MASK) {
 1844:             if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
 1845:                 /* 4M pages */
 1846:                 print_pte(mon, (l1 << 22), pde, ~((1 << 21) - 1));
 1847:             } else {
 1848:                 for(l2 = 0; l2 < 1024; l2++) {
 1849:                     cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
 1850:                     pte = le32_to_cpu(pte);
 1851:                     if (pte & PG_PRESENT_MASK) {
 1852:                         print_pte(mon, (l1 << 22) + (l2 << 12),
 1853:                                   pte & ~PG_PSE_MASK,
 1854:                                   ~0xfff);
 1855:                     }
 1856:                 }
 1857:             }
 1858:         }
 1859:     }
 1860: }
 1861: 
 1862: static void tlb_info_pae32(Monitor *mon, CPUState *env)
 1863: {
 1864:     unsigned int l1, l2, l3;
 1865:     uint64_t pdpe, pde, pte;
 1866:     uint64_t pdp_addr, pd_addr, pt_addr;
 1867: 
 1868:     pdp_addr = env->cr[3] & ~0x1f;
 1869:     for (l1 = 0; l1 < 4; l1++) {
 1870:         cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
 1871:         pdpe = le64_to_cpu(pdpe);
 1872:         if (pdpe & PG_PRESENT_MASK) {
 1873:             pd_addr = pdpe & 0x3fffffffff000ULL;
 1874:             for (l2 = 0; l2 < 512; l2++) {
 1875:                 cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
 1876:                 pde = le64_to_cpu(pde);
 1877:                 if (pde & PG_PRESENT_MASK) {
 1878:                     if (pde & PG_PSE_MASK) {
 1879:                         /* 2M pages with PAE, CR4.PSE is ignored */
 1880:                         print_pte(mon, (l1 << 30 ) + (l2 << 21), pde,
 1881:                                   ~((target_phys_addr_t)(1 << 20) - 1));
 1882:                     } else {
 1883:                         pt_addr = pde & 0x3fffffffff000ULL;
 1884:                         for (l3 = 0; l3 < 512; l3++) {
 1885:                             cpu_physical_memory_read(pt_addr + l3 * 8, &pte, 8);
 1886:                             pte = le64_to_cpu(pte);
 1887:                             if (pte & PG_PRESENT_MASK) {
 1888:                                 print_pte(mon, (l1 << 30 ) + (l2 << 21)
 1889:                                           + (l3 << 12),
 1890:                                           pte & ~PG_PSE_MASK,
 1891:                                           ~(target_phys_addr_t)0xfff);
 1892:                             }
 1893:                         }
 1894:                     }
 1895:                 }
 1896:             }
 1897:         }
 1898:     }
 1899: }
 1900: 
 1901: #ifdef TARGET_X86_64
 1902: static void tlb_info_64(Monitor *mon, CPUState *env)
 1903: {
 1904:     uint64_t l1, l2, l3, l4;
 1905:     uint64_t pml4e, pdpe, pde, pte;
 1906:     uint64_t pml4_addr, pdp_addr, pd_addr, pt_addr;
 1907: 
 1908:     pml4_addr = env->cr[3] & 0x3fffffffff000ULL;
 1909:     for (l1 = 0; l1 < 512; l1++) {
 1910:         cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
 1911:         pml4e = le64_to_cpu(pml4e);
 1912:         if (pml4e & PG_PRESENT_MASK) {
 1913:             pdp_addr = pml4e & 0x3fffffffff000ULL;
 1914:             for (l2 = 0; l2 < 512; l2++) {
 1915:                 cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
 1916:                 pdpe = le64_to_cpu(pdpe);
 1917:                 if (pdpe & PG_PRESENT_MASK) {
 1918:                     if (pdpe & PG_PSE_MASK) {
 1919:                         /* 1G pages, CR4.PSE is ignored */
 1920:                         print_pte(mon, (l1 << 39) + (l2 << 30), pdpe,
 1921:                                   0x3ffffc0000000ULL);
 1922:                     } else {
 1923:                         pd_addr = pdpe & 0x3fffffffff000ULL;
 1924:                         for (l3 = 0; l3 < 512; l3++) {
 1925:                             cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
 1926:                             pde = le64_to_cpu(pde);
 1927:                             if (pde & PG_PRESENT_MASK) {
 1928:                                 if (pde & PG_PSE_MASK) {
 1929:                                     /* 2M pages, CR4.PSE is ignored */
 1930:                                     print_pte(mon, (l1 << 39) + (l2 << 30) +
 1931:                                               (l3 << 21), pde,
 1932:                                               0x3ffffffe00000ULL);
 1933:                                 } else {
 1934:                                     pt_addr = pde & 0x3fffffffff000ULL;
 1935:                                     for (l4 = 0; l4 < 512; l4++) {
 1936:                                         cpu_physical_memory_read(pt_addr
 1937:                                                                  + l4 * 8,
 1938:                                                                  &pte, 8);
 1939:                                         pte = le64_to_cpu(pte);
 1940:                                         if (pte & PG_PRESENT_MASK) {
 1941:                                             print_pte(mon, (l1 << 39) +
 1942:                                                       (l2 << 30) +
 1943:                                                       (l3 << 21) + (l4 << 12),
 1944:                                                       pte & ~PG_PSE_MASK,
 1945:                                                       0x3fffffffff000ULL);
 1946:                                         }
 1947:                                     }
 1948:                                 }
 1949:                             }
 1950:                         }
 1951:                     }
 1952:                 }
 1953:             }
 1954:         }
 1955:     }
 1956: }
 1957: #endif
 1958: 
 1959: static void tlb_info(Monitor *mon)
 1960: {
 1961:     CPUState *env;
 1962: 
 1963:     env = mon_get_cpu();
 1964: 
 1965:     if (!(env->cr[0] & CR0_PG_MASK)) {
 1966:         monitor_printf(mon, "PG disabled\n");
 1967:         return;
 1968:     }
 1969:     if (env->cr[4] & CR4_PAE_MASK) {
 1970: #ifdef TARGET_X86_64
 1971:         if (env->hflags & HF_LMA_MASK) {
 1972:             tlb_info_64(mon, env);
 1973:         } else
 1974: #endif
 1975:         {
 1976:             tlb_info_pae32(mon, env);
 1977:         }
 1978:     } else {
 1979:         tlb_info_32(mon, env);
 1980:     }
 1981: }
 1982: 
 1983: static void mem_print(Monitor *mon, target_phys_addr_t *pstart,
 1984:                       int *plast_prot,
 1985:                       target_phys_addr_t end, int prot)
 1986: {
 1987:     int prot1;
 1988:     prot1 = *plast_prot;
 1989:     if (prot != prot1) {
 1990:         if (*pstart != -1) {
 1991:             monitor_printf(mon, TARGET_FMT_plx "-" TARGET_FMT_plx " "
 1992:                            TARGET_FMT_plx " %c%c%c\n",
 1993:                            *pstart, end, end - *pstart,
 1994:                            prot1 & PG_USER_MASK ? 'u' : '-',
 1995:                            'r',
 1996:                            prot1 & PG_RW_MASK ? 'w' : '-');
 1997:         }
 1998:         if (prot != 0)
 1999:             *pstart = end;
 2000:         else
 2001:             *pstart = -1;
 2002:         *plast_prot = prot;
 2003:     }
 2004: }
 2005: 
 2006: static void mem_info_32(Monitor *mon, CPUState *env)
 2007: {
 2008:     unsigned int l1, l2;
 2009:     int prot, last_prot;
 2010:     uint32_t pgd, pde, pte;
 2011:     target_phys_addr_t start, end;
 2012: 
 2013:     pgd = env->cr[3] & ~0xfff;
 2014:     last_prot = 0;
 2015:     start = -1;
 2016:     for(l1 = 0; l1 < 1024; l1++) {
 2017:         cpu_physical_memory_read(pgd + l1 * 4, &pde, 4);
 2018:         pde = le32_to_cpu(pde);
 2019:         end = l1 << 22;
 2020:         if (pde & PG_PRESENT_MASK) {
 2021:             if ((pde & PG_PSE_MASK) && (env->cr[4] & CR4_PSE_MASK)) {
 2022:                 prot = pde & (PG_USER_MASK | PG_RW_MASK | PG_PRESENT_MASK);
 2023:                 mem_print(mon, &start, &last_prot, end, prot);
 2024:             } else {
 2025:                 for(l2 = 0; l2 < 1024; l2++) {
 2026:                     cpu_physical_memory_read((pde & ~0xfff) + l2 * 4, &pte, 4);
 2027:                     pte = le32_to_cpu(pte);
 2028:                     end = (l1 << 22) + (l2 << 12);
 2029:                     if (pte & PG_PRESENT_MASK) {
 2030:                         prot = pte & pde &
 2031:                             (PG_USER_MASK | PG_RW_MASK | PG_PRESENT_MASK);
 2032:                     } else {
 2033:                         prot = 0;
 2034:                     }
 2035:                     mem_print(mon, &start, &last_prot, end, prot);
 2036:                 }
 2037:             }
 2038:         } else {
 2039:             prot = 0;
 2040:             mem_print(mon, &start, &last_prot, end, prot);
 2041:         }
 2042:     }
 2043:     /* Flush last range */
 2044:     mem_print(mon, &start, &last_prot, (target_phys_addr_t)1 << 32, 0);
 2045: }
 2046: 
 2047: static void mem_info_pae32(Monitor *mon, CPUState *env)
 2048: {
 2049:     unsigned int l1, l2, l3;
 2050:     int prot, last_prot;
 2051:     uint64_t pdpe, pde, pte;
 2052:     uint64_t pdp_addr, pd_addr, pt_addr;
 2053:     target_phys_addr_t start, end;
 2054: 
 2055:     pdp_addr = env->cr[3] & ~0x1f;
 2056:     last_prot = 0;
 2057:     start = -1;
 2058:     for (l1 = 0; l1 < 4; l1++) {
 2059:         cpu_physical_memory_read(pdp_addr + l1 * 8, &pdpe, 8);
 2060:         pdpe = le64_to_cpu(pdpe);
 2061:         end = l1 << 30;
 2062:         if (pdpe & PG_PRESENT_MASK) {
 2063:             pd_addr = pdpe & 0x3fffffffff000ULL;
 2064:             for (l2 = 0; l2 < 512; l2++) {
 2065:                 cpu_physical_memory_read(pd_addr + l2 * 8, &pde, 8);
 2066:                 pde = le64_to_cpu(pde);
 2067:                 end = (l1 << 30) + (l2 << 21);
 2068:                 if (pde & PG_PRESENT_MASK) {
 2069:                     if (pde & PG_PSE_MASK) {
 2070:                         prot = pde & (PG_USER_MASK | PG_RW_MASK |
 2071:                                       PG_PRESENT_MASK);
 2072:                         mem_print(mon, &start, &last_prot, end, prot);
 2073:                     } else {
 2074:                         pt_addr = pde & 0x3fffffffff000ULL;
 2075:                         for (l3 = 0; l3 < 512; l3++) {
 2076:                             cpu_physical_memory_read(pt_addr + l3 * 8, &pte, 8);
 2077:                             pte = le64_to_cpu(pte);
 2078:                             end = (l1 << 30) + (l2 << 21) + (l3 << 12);
 2079:                             if (pte & PG_PRESENT_MASK) {
 2080:                                 prot = pte & pde & (PG_USER_MASK | PG_RW_MASK |
 2081:                                                     PG_PRESENT_MASK);
 2082:                             } else {
 2083:                                 prot = 0;
 2084:                             }
 2085:                             mem_print(mon, &start, &last_prot, end, prot);
 2086:                         }
 2087:                     }
 2088:                 } else {
 2089:                     prot = 0;
 2090:                     mem_print(mon, &start, &last_prot, end, prot);
 2091:                 }
 2092:             }
 2093:         } else {
 2094:             prot = 0;
 2095:             mem_print(mon, &start, &last_prot, end, prot);
 2096:         }
 2097:     }
 2098:     /* Flush last range */
 2099:     mem_print(mon, &start, &last_prot, (target_phys_addr_t)1 << 32, 0);
 2100: }
 2101: 
 2102: 
 2103: #ifdef TARGET_X86_64
 2104: static void mem_info_64(Monitor *mon, CPUState *env)
 2105: {
 2106:     int prot, last_prot;
 2107:     uint64_t l1, l2, l3, l4;
 2108:     uint64_t pml4e, pdpe, pde, pte;
 2109:     uint64_t pml4_addr, pdp_addr, pd_addr, pt_addr, start, end;
 2110: 
 2111:     pml4_addr = env->cr[3] & 0x3fffffffff000ULL;
 2112:     last_prot = 0;
 2113:     start = -1;
 2114:     for (l1 = 0; l1 < 512; l1++) {
 2115:         cpu_physical_memory_read(pml4_addr + l1 * 8, &pml4e, 8);
 2116:         pml4e = le64_to_cpu(pml4e);
 2117:         end = l1 << 39;
 2118:         if (pml4e & PG_PRESENT_MASK) {
 2119:             pdp_addr = pml4e & 0x3fffffffff000ULL;
 2120:             for (l2 = 0; l2 < 512; l2++) {
 2121:                 cpu_physical_memory_read(pdp_addr + l2 * 8, &pdpe, 8);
 2122:                 pdpe = le64_to_cpu(pdpe);
 2123:                 end = (l1 << 39) + (l2 << 30);
 2124:                 if (pdpe & PG_PRESENT_MASK) {
 2125:                     if (pdpe & PG_PSE_MASK) {
 2126:                         prot = pdpe & (PG_USER_MASK | PG_RW_MASK |
 2127:                                        PG_PRESENT_MASK);
 2128:                         prot &= pml4e;
 2129:                         mem_print(mon, &start, &last_prot, end, prot);
 2130:                     } else {
 2131:                         pd_addr = pdpe & 0x3fffffffff000ULL;
 2132:                         for (l3 = 0; l3 < 512; l3++) {
 2133:                             cpu_physical_memory_read(pd_addr + l3 * 8, &pde, 8);
 2134:                             pde = le64_to_cpu(pde);
 2135:                             end = (l1 << 39) + (l2 << 30) + (l3 << 21);
 2136:                             if (pde & PG_PRESENT_MASK) {
 2137:                                 if (pde & PG_PSE_MASK) {
 2138:                                     prot = pde & (PG_USER_MASK | PG_RW_MASK |
 2139:                                                   PG_PRESENT_MASK);
 2140:                                     prot &= pml4e & pdpe;
 2141:                                     mem_print(mon, &start, &last_prot, end, prot);
 2142:                                 } else {
 2143:                                     pt_addr = pde & 0x3fffffffff000ULL;
 2144:                                     for (l4 = 0; l4 < 512; l4++) {
 2145:                                         cpu_physical_memory_read(pt_addr
 2146:                                                                  + l4 * 8,
 2147:                                                                  &pte, 8);
 2148:                                         pte = le64_to_cpu(pte);
 2149:                                         end = (l1 << 39) + (l2 << 30) +
 2150:                                             (l3 << 21) + (l4 << 12);
 2151:                                         if (pte & PG_PRESENT_MASK) {
 2152:                                             prot = pte & (PG_USER_MASK | PG_RW_MASK |
 2153:                                                           PG_PRESENT_MASK);
 2154:                                             prot &= pml4e & pdpe & pde;
 2155:                                         } else {
 2156:                                             prot = 0;
 2157:                                         }
 2158:                                         mem_print(mon, &start, &last_prot, end, prot);
 2159:                                     }
 2160:                                 }
 2161:                             } else {
 2162:                                 prot = 0;
 2163:                                 mem_print(mon, &start, &last_prot, end, prot);
 2164:                             }
 2165:                         }
 2166:                     }
 2167:                 } else {
 2168:                     prot = 0;
 2169:                     mem_print(mon, &start, &last_prot, end, prot);
 2170:                 }
 2171:             }
 2172:         } else {
 2173:             prot = 0;
 2174:             mem_print(mon, &start, &last_prot, end, prot);
 2175:         }
 2176:     }
 2177:     /* Flush last range */
 2178:     mem_print(mon, &start, &last_prot, (target_phys_addr_t)1 << 48, 0);
 2179: }
 2180: #endif
 2181: 
 2182: static void mem_info(Monitor *mon)
 2183: {
 2184:     CPUState *env;
 2185: 
 2186:     env = mon_get_cpu();
 2187: 
 2188:     if (!(env->cr[0] & CR0_PG_MASK)) {
 2189:         monitor_printf(mon, "PG disabled\n");
 2190:         return;
 2191:     }
 2192:     if (env->cr[4] & CR4_PAE_MASK) {
 2193: #ifdef TARGET_X86_64
 2194:         if (env->hflags & HF_LMA_MASK) {
 2195:             mem_info_64(mon, env);
 2196:         } else
 2197: #endif
 2198:         {
 2199:             mem_info_pae32(mon, env);
 2200:         }
 2201:     } else {
 2202:         mem_info_32(mon, env);
 2203:     }
 2204: }
 2205: #endif
 2206: 
 2207: #if defined(TARGET_SH4)
 2208: 
 2209: static void print_tlb(Monitor *mon, int idx, tlb_t *tlb)
 2210: {
 2211:     monitor_printf(mon, " tlb%i:\t"
 2212:                    "asid=%hhu vpn=%x\tppn=%x\tsz=%hhu size=%u\t"
 2213:                    "v=%hhu shared=%hhu cached=%hhu prot=%hhu "
 2214:                    "dirty=%hhu writethrough=%hhu\n",
 2215:                    idx,
 2216:                    tlb->asid, tlb->vpn, tlb->ppn, tlb->sz, tlb->size,
 2217:                    tlb->v, tlb->sh, tlb->c, tlb->pr,
 2218:                    tlb->d, tlb->wt);
 2219: }
 2220: 
 2221: static void tlb_info(Monitor *mon)
 2222: {
 2223:     CPUState *env = mon_get_cpu();
 2224:     int i;
 2225: 
 2226:     monitor_printf (mon, "ITLB:\n");
 2227:     for (i = 0 ; i < ITLB_SIZE ; i++)
 2228:         print_tlb (mon, i, &env->itlb[i]);
 2229:     monitor_printf (mon, "UTLB:\n");
 2230:     for (i = 0 ; i < UTLB_SIZE ; i++)
 2231:         print_tlb (mon, i, &env->utlb[i]);
 2232: }
 2233: 
 2234: #endif
 2235: 
 2236: #if defined(TARGET_SPARC) || defined(TARGET_PPC)
 2237: static void tlb_info(Monitor *mon)
 2238: {
 2239:     CPUState *env1 = mon_get_cpu();
 2240: 
 2241:     dump_mmu((FILE*)mon, (fprintf_function)monitor_printf, env1);
 2242: }
 2243: #endif
 2244: 
 2245: static void do_info_mtree(Monitor *mon)
 2246: {
 2247:     mtree_info((fprintf_function)monitor_printf, mon);
 2248: }
 2249: 
 2250: static void do_info_numa(Monitor *mon)
 2251: {
 2252:     int i;
 2253:     CPUState *env;
 2254: 
 2255:     monitor_printf(mon, "%d nodes\n", nb_numa_nodes);
 2256:     for (i = 0; i < nb_numa_nodes; i++) {
 2257:         monitor_printf(mon, "node %d cpus:", i);
 2258:         for (env = first_cpu; env != NULL; env = env->next_cpu) {
 2259:             if (env->numa_node == i) {
 2260:                 monitor_printf(mon, " %d", env->cpu_index);
 2261:             }
 2262:         }
 2263:         monitor_printf(mon, "\n");
 2264:         monitor_printf(mon, "node %d size: %" PRId64 " MB\n", i,
 2265:             node_mem[i] >> 20);
 2266:     }
 2267: }
 2268: 
 2269: #ifdef CONFIG_PROFILER
 2270: 
 2271: int64_t qemu_time;
 2272: int64_t dev_time;
 2273: 
 2274: static void do_info_profile(Monitor *mon)
 2275: {
 2276:     int64_t total;
 2277:     total = qemu_time;
 2278:     if (total == 0)
 2279:         total = 1;
 2280:     monitor_printf(mon, "async time  %" PRId64 " (%0.3f)\n",
 2281:                    dev_time, dev_time / (double)get_ticks_per_sec());
 2282:     monitor_printf(mon, "qemu time   %" PRId64 " (%0.3f)\n",
 2283:                    qemu_time, qemu_time / (double)get_ticks_per_sec());
 2284:     qemu_time = 0;
 2285:     dev_time = 0;
 2286: }
 2287: #else
 2288: static void do_info_profile(Monitor *mon)
 2289: {
 2290:     monitor_printf(mon, "Internal profiler not compiled\n");
 2291: }
 2292: #endif
 2293: 
 2294: /* Capture support */
 2295: static QLIST_HEAD (capture_list_head, CaptureState) capture_head;
 2296: 
 2297: static void do_info_capture(Monitor *mon)
 2298: {
 2299:     int i;
 2300:     CaptureState *s;
 2301: 
 2302:     for (s = capture_head.lh_first, i = 0; s; s = s->entries.le_next, ++i) {
 2303:         monitor_printf(mon, "[%d]: ", i);
 2304:         s->ops.info (s->opaque);
 2305:     }
 2306: }
 2307: 
 2308: #ifdef HAS_AUDIO
 2309: static void do_stop_capture(Monitor *mon, const QDict *qdict)
 2310: {
 2311:     int i;
 2312:     int n = qdict_get_int(qdict, "n");
 2313:     CaptureState *s;
 2314: 
 2315:     for (s = capture_head.lh_first, i = 0; s; s = s->entries.le_next, ++i) {
 2316:         if (i == n) {
 2317:             s->ops.destroy (s->opaque);
 2318:             QLIST_REMOVE (s, entries);
 2319:             g_free (s);
 2320:             return;
 2321:         }
 2322:     }
 2323: }
 2324: 
 2325: static void do_wav_capture(Monitor *mon, const QDict *qdict)
 2326: {
 2327:     const char *path = qdict_get_str(qdict, "path");
 2328:     int has_freq = qdict_haskey(qdict, "freq");
 2329:     int freq = qdict_get_try_int(qdict, "freq", -1);
 2330:     int has_bits = qdict_haskey(qdict, "bits");
 2331:     int bits = qdict_get_try_int(qdict, "bits", -1);
 2332:     int has_channels = qdict_haskey(qdict, "nchannels");
 2333:     int nchannels = qdict_get_try_int(qdict, "nchannels", -1);
 2334:     CaptureState *s;
 2335: 
 2336:     s = g_malloc0 (sizeof (*s));
 2337: 
 2338:     freq = has_freq ? freq : 44100;
 2339:     bits = has_bits ? bits : 16;
 2340:     nchannels = has_channels ? nchannels : 2;
 2341: 
 2342:     if (wav_start_capture (s, path, freq, bits, nchannels)) {
 2343:         monitor_printf(mon, "Failed to add wave capture\n");
 2344:         g_free (s);
 2345:         return;
 2346:     }
 2347:     QLIST_INSERT_HEAD (&capture_head, s, entries);
 2348: }
 2349: #endif
 2350: 
 2351: #if defined(TARGET_I386)
 2352: static int do_inject_nmi(Monitor *mon, const QDict *qdict, QObject **ret_data)
 2353: {
 2354:     CPUState *env;
 2355: 
 2356:     for (env = first_cpu; env != NULL; env = env->next_cpu) {
 2357:         cpu_interrupt(env, CPU_INTERRUPT_NMI);
 2358:     }
 2359: 
 2360:     return 0;
 2361: }
 2362: #else
 2363: static int do_inject_nmi(Monitor *mon, const QDict *qdict, QObject **ret_data)
 2364: {
 2365:     qerror_report(QERR_UNSUPPORTED);
 2366:     return -1;
 2367: }
 2368: #endif
 2369: 
 2370: static qemu_acl *find_acl(Monitor *mon, const char *name)
 2371: {
 2372:     qemu_acl *acl = qemu_acl_find(name);
 2373: 
 2374:     if (!acl) {
 2375:         monitor_printf(mon, "acl: unknown list '%s'\n", name);
 2376:     }
 2377:     return acl;
 2378: }
 2379: 
 2380: static void do_acl_show(Monitor *mon, const QDict *qdict)
 2381: {
 2382:     const char *aclname = qdict_get_str(qdict, "aclname");
 2383:     qemu_acl *acl = find_acl(mon, aclname);
 2384:     qemu_acl_entry *entry;
 2385:     int i = 0;
 2386: 
 2387:     if (acl) {
 2388:         monitor_printf(mon, "policy: %s\n",
 2389:                        acl->defaultDeny ? "deny" : "allow");
 2390:         QTAILQ_FOREACH(entry, &acl->entries, next) {
 2391:             i++;
 2392:             monitor_printf(mon, "%d: %s %s\n", i,
 2393:                            entry->deny ? "deny" : "allow", entry->match);
 2394:         }
 2395:     }
 2396: }
 2397: 
 2398: static void do_acl_reset(Monitor *mon, const QDict *qdict)
 2399: {
 2400:     const char *aclname = qdict_get_str(qdict, "aclname");
 2401:     qemu_acl *acl = find_acl(mon, aclname);
 2402: 
 2403:     if (acl) {
 2404:         qemu_acl_reset(acl);
 2405:         monitor_printf(mon, "acl: removed all rules\n");
 2406:     }
 2407: }
 2408: 
 2409: static void do_acl_policy(Monitor *mon, const QDict *qdict)
 2410: {
 2411:     const char *aclname = qdict_get_str(qdict, "aclname");
 2412:     const char *policy = qdict_get_str(qdict, "policy");
 2413:     qemu_acl *acl = find_acl(mon, aclname);
 2414: 
 2415:     if (acl) {
 2416:         if (strcmp(policy, "allow") == 0) {
 2417:             acl->defaultDeny = 0;
 2418:             monitor_printf(mon, "acl: policy set to 'allow'\n");
 2419:         } else if (strcmp(policy, "deny") == 0) {
 2420:             acl->defaultDeny = 1;
 2421:             monitor_printf(mon, "acl: policy set to 'deny'\n");
 2422:         } else {
 2423:             monitor_printf(mon, "acl: unknown policy '%s', "
 2424:                            "expected 'deny' or 'allow'\n", policy);
 2425:         }
 2426:     }
 2427: }
 2428: 
 2429: static void do_acl_add(Monitor *mon, const QDict *qdict)
 2430: {
 2431:     const char *aclname = qdict_get_str(qdict, "aclname");
 2432:     const char *match = qdict_get_str(qdict, "match");
 2433:     const char *policy = qdict_get_str(qdict, "policy");
 2434:     int has_index = qdict_haskey(qdict, "index");
 2435:     int index = qdict_get_try_int(qdict, "index", -1);
 2436:     qemu_acl *acl = find_acl(mon, aclname);
 2437:     int deny, ret;
 2438: 
 2439:     if (acl) {
 2440:         if (strcmp(policy, "allow") == 0) {
 2441:             deny = 0;
 2442:         } else if (strcmp(policy, "deny") == 0) {
 2443:             deny = 1;
 2444:         } else {
 2445:             monitor_printf(mon, "acl: unknown policy '%s', "
 2446:                            "expected 'deny' or 'allow'\n", policy);
 2447:             return;
 2448:         }
 2449:         if (has_index)
 2450:             ret = qemu_acl_insert(acl, deny, match, index);
 2451:         else
 2452:             ret = qemu_acl_append(acl, deny, match);
 2453:         if (ret < 0)
 2454:             monitor_printf(mon, "acl: unable to add acl entry\n");
 2455:         else
 2456:             monitor_printf(mon, "acl: added rule at position %d\n", ret);
 2457:     }
 2458: }
 2459: 
 2460: static void do_acl_remove(Monitor *mon, const QDict *qdict)
 2461: {
 2462:     const char *aclname = qdict_get_str(qdict, "aclname");
 2463:     const char *match = qdict_get_str(qdict, "match");
 2464:     qemu_acl *acl = find_acl(mon, aclname);
 2465:     int ret;
 2466: 
 2467:     if (acl) {
 2468:         ret = qemu_acl_remove(acl, match);
 2469:         if (ret < 0)
 2470:             monitor_printf(mon, "acl: no matching acl entry\n");
 2471:         else
 2472:             monitor_printf(mon, "acl: removed rule at position %d\n", ret);
 2473:     }
 2474: }
 2475: 
 2476: #if defined(TARGET_I386)
 2477: static void do_inject_mce(Monitor *mon, const QDict *qdict)
 2478: {
 2479:     CPUState *cenv;
 2480:     int cpu_index = qdict_get_int(qdict, "cpu_index");
 2481:     int bank = qdict_get_int(qdict, "bank");
 2482:     uint64_t status = qdict_get_int(qdict, "status");
 2483:     uint64_t mcg_status = qdict_get_int(qdict, "mcg_status");
 2484:     uint64_t addr = qdict_get_int(qdict, "addr");
 2485:     uint64_t misc = qdict_get_int(qdict, "misc");
 2486:     int flags = MCE_INJECT_UNCOND_AO;
 2487: 
 2488:     if (qdict_get_try_bool(qdict, "broadcast", 0)) {
 2489:         flags |= MCE_INJECT_BROADCAST;
 2490:     }
 2491:     for (cenv = first_cpu; cenv != NULL; cenv = cenv->next_cpu) {
 2492:         if (cenv->cpu_index == cpu_index) {
 2493:             cpu_x86_inject_mce(mon, cenv, bank, status, mcg_status, addr, misc,
 2494:                                flags);
 2495:             break;
 2496:         }
 2497:     }
 2498: }
 2499: #endif
 2500: 
 2501: static int do_getfd(Monitor *mon, const QDict *qdict, QObject **ret_data)
 2502: {
 2503:     const char *fdname = qdict_get_str(qdict, "fdname");
 2504:     mon_fd_t *monfd;
 2505:     int fd;
 2506: 
 2507:     fd = qemu_chr_fe_get_msgfd(mon->chr);
 2508:     if (fd == -1) {
 2509:         qerror_report(QERR_FD_NOT_SUPPLIED);
 2510:         return -1;
 2511:     }
 2512: 
 2513:     if (qemu_isdigit(fdname[0])) {
 2514:         qerror_report(QERR_INVALID_PARAMETER_VALUE, "fdname",
 2515:                       "a name not starting with a digit");
 2516:         return -1;
 2517:     }
 2518: 
 2519:     QLIST_FOREACH(monfd, &mon->fds, next) {
 2520:         if (strcmp(monfd->name, fdname) != 0) {
 2521:             continue;
 2522:         }
 2523: 
 2524:         close(monfd->fd);
 2525:         monfd->fd = fd;
 2526:         return 0;
 2527:     }
 2528: 
 2529:     monfd = g_malloc0(sizeof(mon_fd_t));
 2530:     monfd->name = g_strdup(fdname);
 2531:     monfd->fd = fd;
 2532: 
 2533:     QLIST_INSERT_HEAD(&mon->fds, monfd, next);
 2534:     return 0;
 2535: }
 2536: 
 2537: static int do_closefd(Monitor *mon, const QDict *qdict, QObject **ret_data)
 2538: {
 2539:     const char *fdname = qdict_get_str(qdict, "fdname");
 2540:     mon_fd_t *monfd;
 2541: 
 2542:     QLIST_FOREACH(monfd, &mon->fds, next) {
 2543:         if (strcmp(monfd->name, fdname) != 0) {
 2544:             continue;
 2545:         }
 2546: 
 2547:         QLIST_REMOVE(monfd, next);
 2548:         close(monfd->fd);
 2549:         g_free(monfd->name);
 2550:         g_free(monfd);
 2551:         return 0;
 2552:     }
 2553: 
 2554:     qerror_report(QERR_FD_NOT_FOUND, fdname);
 2555:     return -1;
 2556: }
 2557: 
 2558: static void do_loadvm(Monitor *mon, const QDict *qdict)
 2559: {
 2560:     int saved_vm_running  = runstate_is_running();
 2561:     const char *name = qdict_get_str(qdict, "name");
 2562: 
 2563:     vm_stop(RUN_STATE_RESTORE_VM);
 2564: 
 2565:     if (load_vmstate(name) == 0 && saved_vm_running) {
 2566:         vm_start();
 2567:     }
 2568: }
 2569: 
 2570: int monitor_get_fd(Monitor *mon, const char *fdname)
 2571: {
 2572:     mon_fd_t *monfd;
 2573: 
 2574:     QLIST_FOREACH(monfd, &mon->fds, next) {
 2575:         int fd;
 2576: 
 2577:         if (strcmp(monfd->name, fdname) != 0) {
 2578:             continue;
 2579:         }
 2580: 
 2581:         fd = monfd->fd;
 2582: 
 2583:         /* caller takes ownership of fd */
 2584:         QLIST_REMOVE(monfd, next);
 2585:         g_free(monfd->name);
 2586:         g_free(monfd);
 2587: 
 2588:         return fd;
 2589:     }
 2590: 
 2591:     return -1;
 2592: }
 2593: 
 2594: /* mon_cmds and info_cmds would be sorted at runtime */
 2595: static mon_cmd_t mon_cmds[] = {
 2596: #include "hmp-commands.h"
 2597:     { NULL, NULL, },
 2598: };
 2599: 
 2600: /* Please update hmp-commands.hx when adding or changing commands */
 2601: static mon_cmd_t info_cmds[] = {
 2602:     {
 2603:         .name       = "version",
 2604:         .args_type  = "",
 2605:         .params     = "",
 2606:         .help       = "show the version of QEMU",
 2607:         .mhandler.info = hmp_info_version,
 2608:     },
 2609:     {
 2610:         .name       = "network",
 2611:         .args_type  = "",
 2612:         .params     = "",
 2613:         .help       = "show the network state",
 2614:         .mhandler.info = do_info_network,
 2615:     },
 2616:     {
 2617:         .name       = "chardev",
 2618:         .args_type  = "",
 2619:         .params     = "",
 2620:         .help       = "show the character devices",
 2621:         .mhandler.info = hmp_info_chardev,
 2622:     },
 2623:     {
 2624:         .name       = "block",
 2625:         .args_type  = "",
 2626:         .params     = "",
 2627:         .help       = "show the block devices",
 2628:         .mhandler.info = hmp_info_block,
 2629:     },
 2630:     {
 2631:         .name       = "blockstats",
 2632:         .args_type  = "",
 2633:         .params     = "",
 2634:         .help       = "show block device statistics",
 2635:         .mhandler.info = hmp_info_blockstats,
 2636:     },
 2637:     {
 2638:         .name       = "registers",
 2639:         .args_type  = "",
 2640:         .params     = "",
 2641:         .help       = "show the cpu registers",
 2642:         .mhandler.info = do_info_registers,
 2643:     },
 2644:     {
 2645:         .name       = "cpus",
 2646:         .args_type  = "",
 2647:         .params     = "",
 2648:         .help       = "show infos for each CPU",
 2649:         .mhandler.info = hmp_info_cpus,
 2650:     },
 2651:     {
 2652:         .name       = "history",
 2653:         .args_type  = "",
 2654:         .params     = "",
 2655:         .help       = "show the command line history",
 2656:         .mhandler.info = do_info_history,
 2657:     },
 2658: #if defined(TARGET_I386) || defined(TARGET_PPC) || defined(TARGET_MIPS) || \
 2659:     defined(TARGET_LM32) || (defined(TARGET_SPARC) && !defined(TARGET_SPARC64))
 2660:     {
 2661:         .name       = "irq",
 2662:         .args_type  = "",
 2663:         .params     = "",
 2664:         .help       = "show the interrupts statistics (if available)",
 2665: #ifdef TARGET_SPARC
 2666:         .mhandler.info = sun4m_irq_info,
 2667: #elif defined(TARGET_LM32)
 2668:         .mhandler.info = lm32_irq_info,
 2669: #else
 2670:         .mhandler.info = irq_info,
 2671: #endif
 2672:     },
 2673:     {
 2674:         .name       = "pic",
 2675:         .args_type  = "",
 2676:         .params     = "",
 2677:         .help       = "show i8259 (PIC) state",
 2678: #ifdef TARGET_SPARC
 2679:         .mhandler.info = sun4m_pic_info,
 2680: #elif defined(TARGET_LM32)
 2681:         .mhandler.info = lm32_do_pic_info,
 2682: #else
 2683:         .mhandler.info = pic_info,
 2684: #endif
 2685:     },
 2686: #endif
 2687:     {
 2688:         .name       = "pci",
 2689:         .args_type  = "",
 2690:         .params     = "",
 2691:         .help       = "show PCI info",
 2692:         .mhandler.info = hmp_info_pci,
 2693:     },
 2694: #if defined(TARGET_I386) || defined(TARGET_SH4) || defined(TARGET_SPARC) || \
 2695:     defined(TARGET_PPC)
 2696:     {
 2697:         .name       = "tlb",
 2698:         .args_type  = "",
 2699:         .params     = "",
 2700:         .help       = "show virtual to physical memory mappings",
 2701:         .mhandler.info = tlb_info,
 2702:     },
 2703: #endif
 2704: #if defined(TARGET_I386)
 2705:     {
 2706:         .name       = "mem",
 2707:         .args_type  = "",
 2708:         .params     = "",
 2709:         .help       = "show the active virtual memory mappings",
 2710:         .mhandler.info = mem_info,
 2711:     },
 2712: #endif
 2713:     {
 2714:         .name       = "mtree",
 2715:         .args_type  = "",
 2716:         .params     = "",
 2717:         .help       = "show memory tree",
 2718:         .mhandler.info = do_info_mtree,
 2719:     },
 2720:     {
 2721:         .name       = "jit",
 2722:         .args_type  = "",
 2723:         .params     = "",
 2724:         .help       = "show dynamic compiler info",
 2725:         .mhandler.info = do_info_jit,
 2726:     },
 2727:     {
 2728:         .name       = "kvm",
 2729:         .args_type  = "",
 2730:         .params     = "",
 2731:         .help       = "show KVM information",
 2732:         .mhandler.info = hmp_info_kvm,
 2733:     },
 2734:     {
 2735:         .name       = "numa",
 2736:         .args_type  = "",
 2737:         .params     = "",
 2738:         .help       = "show NUMA information",
 2739:         .mhandler.info = do_info_numa,
 2740:     },
 2741:     {
 2742:         .name       = "usb",
 2743:         .args_type  = "",
 2744:         .params     = "",
 2745:         .help       = "show guest USB devices",
 2746:         .mhandler.info = usb_info,
 2747:     },
 2748:     {
 2749:         .name       = "usbhost",
 2750:         .args_type  = "",
 2751:         .params     = "",
 2752:         .help       = "show host USB devices",
 2753:         .mhandler.info = usb_host_info,
 2754:     },
 2755:     {
 2756:         .name       = "profile",
 2757:         .args_type  = "",
 2758:         .params     = "",
 2759:         .help       = "show profiling information",
 2760:         .mhandler.info = do_info_profile,
 2761:     },
 2762:     {
 2763:         .name       = "capture",
 2764:         .args_type  = "",
 2765:         .params     = "",
 2766:         .help       = "show capture information",
 2767:         .mhandler.info = do_info_capture,
 2768:     },
 2769:     {
 2770:         .name       = "snapshots",
 2771:         .args_type  = "",
 2772:         .params     = "",
 2773:         .help       = "show the currently saved VM snapshots",
 2774:         .mhandler.info = do_info_snapshots,
 2775:     },
 2776:     {
 2777:         .name       = "status",
 2778:         .args_type  = "",
 2779:         .params     = "",
 2780:         .help       = "show the current VM status (running|paused)",
 2781:         .mhandler.info = hmp_info_status,
 2782:     },
 2783:     {
 2784:         .name       = "pcmcia",
 2785:         .args_type  = "",
 2786:         .params     = "",
 2787:         .help       = "show guest PCMCIA status",
 2788:         .mhandler.info = pcmcia_info,
 2789:     },
 2790:     {
 2791:         .name       = "mice",
 2792:         .args_type  = "",
 2793:         .params     = "",
 2794:         .help       = "show which guest mouse is receiving events",
 2795:         .mhandler.info = hmp_info_mice,
 2796:     },
 2797:     {
 2798:         .name       = "vnc",
 2799:         .args_type  = "",
 2800:         .params     = "",
 2801:         .help       = "show the vnc server status",
 2802:         .mhandler.info = hmp_info_vnc,
 2803:     },
 2804: #if defined(CONFIG_SPICE)
 2805:     {
 2806:         .name       = "spice",
 2807:         .args_type  = "",
 2808:         .params     = "",
 2809:         .help       = "show the spice server status",
 2810:         .mhandler.info = hmp_info_spice,
 2811:     },
 2812: #endif
 2813:     {
 2814:         .name       = "name",
 2815:         .args_type  = "",
 2816:         .params     = "",
 2817:         .help       = "show the current VM name",
 2818:         .mhandler.info = hmp_info_name,
 2819:     },
 2820:     {
 2821:         .name       = "uuid",
 2822:         .args_type  = "",
 2823:         .params     = "",
 2824:         .help       = "show the current VM UUID",
 2825:         .mhandler.info = hmp_info_uuid,
 2826:     },
 2827: #if defined(TARGET_PPC)
 2828:     {
 2829:         .name       = "cpustats",
 2830:         .args_type  = "",
 2831:         .params     = "",
 2832:         .help       = "show CPU statistics",
 2833:         .mhandler.info = do_info_cpu_stats,
 2834:     },
 2835: #endif
 2836: #if defined(CONFIG_SLIRP)
 2837:     {
 2838:         .name       = "usernet",
 2839:         .args_type  = "",
 2840:         .params     = "",
 2841:         .help       = "show user network stack connection states",
 2842:         .mhandler.info = do_info_usernet,
 2843:     },
 2844: #endif
 2845:     {
 2846:         .name       = "migrate",
 2847:         .args_type  = "",
 2848:         .params     = "",
 2849:         .help       = "show migration status",
 2850:         .mhandler.info = hmp_info_migrate,
 2851:     },
 2852:     {
 2853:         .name       = "balloon",
 2854:         .args_type  = "",
 2855:         .params     = "",
 2856:         .help       = "show balloon information",
 2857:         .mhandler.info = hmp_info_balloon,
 2858:     },
 2859:     {
 2860:         .name       = "qtree",
 2861:         .args_type  = "",
 2862:         .params     = "",
 2863:         .help       = "show device tree",
 2864:         .mhandler.info = do_info_qtree,
 2865:     },
 2866:     {
 2867:         .name       = "qdm",
 2868:         .args_type  = "",
 2869:         .params     = "",
 2870:         .help       = "show qdev device model list",
 2871:         .mhandler.info = do_info_qdm,
 2872:     },
 2873:     {
 2874:         .name       = "roms",
 2875:         .args_type  = "",
 2876:         .params     = "",
 2877:         .help       = "show roms",
 2878:         .mhandler.info = do_info_roms,
 2879:     },
 2880: #if defined(CONFIG_TRACE_SIMPLE)
 2881:     {
 2882:         .name       = "trace",
 2883:         .args_type  = "",
 2884:         .params     = "",
 2885:         .help       = "show current contents of trace buffer",
 2886:         .mhandler.info = do_info_trace,
 2887:     },
 2888: #endif
 2889:     {
 2890:         .name       = "trace-events",
 2891:         .args_type  = "",
 2892:         .params     = "",
 2893:         .help       = "show available trace-events & their state",
 2894:         .mhandler.info = do_trace_print_events,
 2895:     },
 2896:     {
 2897:         .name       = NULL,
 2898:     },
 2899: };
 2900: 
 2901: static const mon_cmd_t qmp_cmds[] = {
 2902: #include "qmp-commands-old.h"
 2903:     { /* NULL */ },
 2904: };
 2905: 
 2906: /*******************************************************************/
 2907: 
 2908: static const char *pch;
 2909: static jmp_buf expr_env;
 2910: 
 2911: #define MD_TLONG 0
 2912: #define MD_I32   1
 2913: 
 2914: typedef struct MonitorDef {
 2915:     const char *name;
 2916:     int offset;
 2917:     target_long (*get_value)(const struct MonitorDef *md, int val);
 2918:     int type;
 2919: } MonitorDef;
 2920: 
 2921: #if defined(TARGET_I386)
 2922: static target_long monitor_get_pc (const struct MonitorDef *md, int val)
 2923: {
 2924:     CPUState *env = mon_get_cpu();
 2925:     return env->eip + env->segs[R_CS].base;
 2926: }
 2927: #endif
 2928: 
 2929: #if defined(TARGET_PPC)
 2930: static target_long monitor_get_ccr (const struct MonitorDef *md, int val)
 2931: {
 2932:     CPUState *env = mon_get_cpu();
 2933:     unsigned int u;
 2934:     int i;
 2935: 
 2936:     u = 0;
 2937:     for (i = 0; i < 8; i++)
 2938:         u |= env->crf[i] << (32 - (4 * i));
 2939: 
 2940:     return u;
 2941: }
 2942: 
 2943: static target_long monitor_get_msr (const struct MonitorDef *md, int val)
 2944: {
 2945:     CPUState *env = mon_get_cpu();
 2946:     return env->msr;
 2947: }
 2948: 
 2949: static target_long monitor_get_xer (const struct MonitorDef *md, int val)
 2950: {
 2951:     CPUState *env = mon_get_cpu();
 2952:     return env->xer;
 2953: }
 2954: 
 2955: static target_long monitor_get_decr (const struct MonitorDef *md, int val)
 2956: {
 2957:     CPUState *env = mon_get_cpu();
 2958:     return cpu_ppc_load_decr(env);
 2959: }
 2960: 
 2961: static target_long monitor_get_tbu (const struct MonitorDef *md, int val)
 2962: {
 2963:     CPUState *env = mon_get_cpu();
 2964:     return cpu_ppc_load_tbu(env);
 2965: }
 2966: 
 2967: static target_long monitor_get_tbl (const struct MonitorDef *md, int val)
 2968: {
 2969:     CPUState *env = mon_get_cpu();
 2970:     return cpu_ppc_load_tbl(env);
 2971: }
 2972: #endif
 2973: 
 2974: #if defined(TARGET_SPARC)
 2975: #ifndef TARGET_SPARC64
 2976: static target_long monitor_get_psr (const struct MonitorDef *md, int val)
 2977: {
 2978:     CPUState *env = mon_get_cpu();
 2979: 
 2980:     return cpu_get_psr(env);
 2981: }
 2982: #endif
 2983: 
 2984: static target_long monitor_get_reg(const struct MonitorDef *md, int val)
 2985: {
 2986:     CPUState *env = mon_get_cpu();
 2987:     return env->regwptr[val];
 2988: }
 2989: #endif
 2990: 
 2991: static const MonitorDef monitor_defs[] = {
 2992: #ifdef TARGET_I386
 2993: 
 2994: #define SEG(name, seg) \
 2995:     { name, offsetof(CPUState, segs[seg].selector), NULL, MD_I32 },\
 2996:     { name ".base", offsetof(CPUState, segs[seg].base) },\
 2997:     { name ".limit", offsetof(CPUState, segs[seg].limit), NULL, MD_I32 },
 2998: 
 2999:     { "eax", offsetof(CPUState, regs[0]) },
 3000:     { "ecx", offsetof(CPUState, regs[1]) },
 3001:     { "edx", offsetof(CPUState, regs[2]) },
 3002:     { "ebx", offsetof(CPUState, regs[3]) },
 3003:     { "esp|sp", offsetof(CPUState, regs[4]) },
 3004:     { "ebp|fp", offsetof(CPUState, regs[5]) },
 3005:     { "esi", offsetof(CPUState, regs[6]) },
 3006:     { "edi", offsetof(CPUState, regs[7]) },
 3007: #ifdef TARGET_X86_64
 3008:     { "r8", offsetof(CPUState, regs[8]) },
 3009:     { "r9", offsetof(CPUState, regs[9]) },
 3010:     { "r10", offsetof(CPUState, regs[10]) },
 3011:     { "r11", offsetof(CPUState, regs[11]) },
 3012:     { "r12", offsetof(CPUState, regs[12]) },
 3013:     { "r13", offsetof(CPUState, regs[13]) },
 3014:     { "r14", offsetof(CPUState, regs[14]) },
 3015:     { "r15", offsetof(CPUState, regs[15]) },
 3016: #endif
 3017:     { "eflags", offsetof(CPUState, eflags) },
 3018:     { "eip", offsetof(CPUState, eip) },
 3019:     SEG("cs", R_CS)
 3020:     SEG("ds", R_DS)
 3021:     SEG("es", R_ES)
 3022:     SEG("ss", R_SS)
 3023:     SEG("fs", R_FS)
 3024:     SEG("gs", R_GS)
 3025:     { "pc", 0, monitor_get_pc, },
 3026: #elif defined(TARGET_PPC)
 3027:     /* General purpose registers */
 3028:     { "r0", offsetof(CPUState, gpr[0]) },
 3029:     { "r1", offsetof(CPUState, gpr[1]) },
 3030:     { "r2", offsetof(CPUState, gpr[2]) },
 3031:     { "r3", offsetof(CPUState, gpr[3]) },
 3032:     { "r4", offsetof(CPUState, gpr[4]) },
 3033:     { "r5", offsetof(CPUState, gpr[5]) },
 3034:     { "r6", offsetof(CPUState, gpr[6]) },
 3035:     { "r7", offsetof(CPUState, gpr[7]) },
 3036:     { "r8", offsetof(CPUState, gpr[8]) },
 3037:     { "r9", offsetof(CPUState, gpr[9]) },
 3038:     { "r10", offsetof(CPUState, gpr[10]) },
 3039:     { "r11", offsetof(CPUState, gpr[11]) },
 3040:     { "r12", offsetof(CPUState, gpr[12]) },
 3041:     { "r13", offsetof(CPUState, gpr[13]) },
 3042:     { "r14", offsetof(CPUState, gpr[14]) },
 3043:     { "r15", offsetof(CPUState, gpr[15]) },
 3044:     { "r16", offsetof(CPUState, gpr[16]) },
 3045:     { "r17", offsetof(CPUState, gpr[17]) },
 3046:     { "r18", offsetof(CPUState, gpr[18]) },
 3047:     { "r19", offsetof(CPUState, gpr[19]) },
 3048:     { "r20", offsetof(CPUState, gpr[20]) },
 3049:     { "r21", offsetof(CPUState, gpr[21]) },
 3050:     { "r22", offsetof(CPUState, gpr[22]) },
 3051:     { "r23", offsetof(CPUState, gpr[23]) },
 3052:     { "r24", offsetof(CPUState, gpr[24]) },
 3053:     { "r25", offsetof(CPUState, gpr[25]) },
 3054:     { "r26", offsetof(CPUState, gpr[26]) },
 3055:     { "r27", offsetof(CPUState, gpr[27]) },
 3056:     { "r28", offsetof(CPUState, gpr[28]) },
 3057:     { "r29", offsetof(CPUState, gpr[29]) },
 3058:     { "r30", offsetof(CPUState, gpr[30]) },
 3059:     { "r31", offsetof(CPUState, gpr[31]) },
 3060:     /* Floating point registers */
 3061:     { "f0", offsetof(CPUState, fpr[0]) },
 3062:     { "f1", offsetof(CPUState, fpr[1]) },
 3063:     { "f2", offsetof(CPUState, fpr[2]) },
 3064:     { "f3", offsetof(CPUState, fpr[3]) },
 3065:     { "f4", offsetof(CPUState, fpr[4]) },
 3066:     { "f5", offsetof(CPUState, fpr[5]) },
 3067:     { "f6", offsetof(CPUState, fpr[6]) },
 3068:     { "f7", offsetof(CPUState, fpr[7]) },
 3069:     { "f8", offsetof(CPUState, fpr[8]) },
 3070:     { "f9", offsetof(CPUState, fpr[9]) },
 3071:     { "f10", offsetof(CPUState, fpr[10]) },
 3072:     { "f11", offsetof(CPUState, fpr[11]) },
 3073:     { "f12", offsetof(CPUState, fpr[12]) },
 3074:     { "f13", offsetof(CPUState, fpr[13]) },
 3075:     { "f14", offsetof(CPUState, fpr[14]) },
 3076:     { "f15", offsetof(CPUState, fpr[15]) },
 3077:     { "f16", offsetof(CPUState, fpr[16]) },
 3078:     { "f17", offsetof(CPUState, fpr[17]) },
 3079:     { "f18", offsetof(CPUState, fpr[18]) },
 3080:     { "f19", offsetof(CPUState, fpr[19]) },
 3081:     { "f20", offsetof(CPUState, fpr[20]) },
 3082:     { "f21", offsetof(CPUState, fpr[21]) },
 3083:     { "f22", offsetof(CPUState, fpr[22]) },
 3084:     { "f23", offsetof(CPUState, fpr[23]) },
 3085:     { "f24", offsetof(CPUState, fpr[24]) },
 3086:     { "f25", offsetof(CPUState, fpr[25]) },
 3087:     { "f26", offsetof(CPUState, fpr[26]) },
 3088:     { "f27", offsetof(CPUState, fpr[27]) },
 3089:     { "f28", offsetof(CPUState, fpr[28]) },
 3090:     { "f29", offsetof(CPUState, fpr[29]) },
 3091:     { "f30", offsetof(CPUState, fpr[30]) },
 3092:     { "f31", offsetof(CPUState, fpr[31]) },
 3093:     { "fpscr", offsetof(CPUState, fpscr) },
 3094:     /* Next instruction pointer */
 3095:     { "nip|pc", offsetof(CPUState, nip) },
 3096:     { "lr", offsetof(CPUState, lr) },
 3097:     { "ctr", offsetof(CPUState, ctr) },
 3098:     { "decr", 0, &monitor_get_decr, },
 3099:     { "ccr", 0, &monitor_get_ccr, },
 3100:     /* Machine state register */
 3101:     { "msr", 0, &monitor_get_msr, },
 3102:     { "xer", 0, &monitor_get_xer, },
 3103:     { "tbu", 0, &monitor_get_tbu, },
 3104:     { "tbl", 0, &monitor_get_tbl, },
 3105: #if defined(TARGET_PPC64)
 3106:     /* Address space register */
 3107:     { "asr", offsetof(CPUState, asr) },
 3108: #endif
 3109:     /* Segment registers */
 3110:     { "sdr1", offsetof(CPUState, spr[SPR_SDR1]) },
 3111:     { "sr0", offsetof(CPUState, sr[0]) },
 3112:     { "sr1", offsetof(CPUState, sr[1]) },
 3113:     { "sr2", offsetof(CPUState, sr[2]) },
 3114:     { "sr3", offsetof(CPUState, sr[3]) },
 3115:     { "sr4", offsetof(CPUState, sr[4]) },
 3116:     { "sr5", offsetof(CPUState, sr[5]) },
 3117:     { "sr6", offsetof(CPUState, sr[6]) },
 3118:     { "sr7", offsetof(CPUState, sr[7]) },
 3119:     { "sr8", offsetof(CPUState, sr[8]) },
 3120:     { "sr9", offsetof(CPUState, sr[9]) },
 3121:     { "sr10", offsetof(CPUState, sr[10]) },
 3122:     { "sr11", offsetof(CPUState, sr[11]) },
 3123:     { "sr12", offsetof(CPUState, sr[12]) },
 3124:     { "sr13", offsetof(CPUState, sr[13]) },
 3125:     { "sr14", offsetof(CPUState, sr[14]) },
 3126:     { "sr15", offsetof(CPUState, sr[15]) },
 3127:     /* Too lazy to put BATs... */
 3128:     { "pvr", offsetof(CPUState, spr[SPR_PVR]) },
 3129: 
 3130:     { "srr0", offsetof(CPUState, spr[SPR_SRR0]) },
 3131:     { "srr1", offsetof(CPUState, spr[SPR_SRR1]) },
 3132:     { "sprg0", offsetof(CPUState, spr[SPR_SPRG0]) },
 3133:     { "sprg1", offsetof(CPUState, spr[SPR_SPRG1]) },
 3134:     { "sprg2", offsetof(CPUState, spr[SPR_SPRG2]) },
 3135:     { "sprg3", offsetof(CPUState, spr[SPR_SPRG3]) },
 3136:     { "sprg4", offsetof(CPUState, spr[SPR_SPRG4]) },
 3137:     { "sprg5", offsetof(CPUState, spr[SPR_SPRG5]) },
 3138:     { "sprg6", offsetof(CPUState, spr[SPR_SPRG6]) },
 3139:     { "sprg7", offsetof(CPUState, spr[SPR_SPRG7]) },
 3140:     { "pid", offsetof(CPUState, spr[SPR_BOOKE_PID]) },
 3141:     { "csrr0", offsetof(CPUState, spr[SPR_BOOKE_CSRR0]) },
 3142:     { "csrr1", offsetof(CPUState, spr[SPR_BOOKE_CSRR1]) },
 3143:     { "esr", offsetof(CPUState, spr[SPR_BOOKE_ESR]) },
 3144:     { "dear", offsetof(CPUState, spr[SPR_BOOKE_DEAR]) },
 3145:     { "mcsr", offsetof(CPUState, spr[SPR_BOOKE_MCSR]) },
 3146:     { "tsr", offsetof(CPUState, spr[SPR_BOOKE_TSR]) },
 3147:     { "tcr", offsetof(CPUState, spr[SPR_BOOKE_TCR]) },
 3148:     { "vrsave", offsetof(CPUState, spr[SPR_VRSAVE]) },
 3149:     { "pir", offsetof(CPUState, spr[SPR_BOOKE_PIR]) },
 3150:     { "mcsrr0", offsetof(CPUState, spr[SPR_BOOKE_MCSRR0]) },
 3151:     { "mcsrr1", offsetof(CPUState, spr[SPR_BOOKE_MCSRR1]) },
 3152:     { "decar", offsetof(CPUState, spr[SPR_BOOKE_DECAR]) },
 3153:     { "ivpr", offsetof(CPUState, spr[SPR_BOOKE_IVPR]) },
 3154:     { "epcr", offsetof(CPUState, spr[SPR_BOOKE_EPCR]) },
 3155:     { "sprg8", offsetof(CPUState, spr[SPR_BOOKE_SPRG8]) },
 3156:     { "ivor0", offsetof(CPUState, spr[SPR_BOOKE_IVOR0]) },
 3157:     { "ivor1", offsetof(CPUState, spr[SPR_BOOKE_IVOR1]) },
 3158:     { "ivor2", offsetof(CPUState, spr[SPR_BOOKE_IVOR2]) },
 3159:     { "ivor3", offsetof(CPUState, spr[SPR_BOOKE_IVOR3]) },
 3160:     { "ivor4", offsetof(CPUState, spr[SPR_BOOKE_IVOR4]) },
 3161:     { "ivor5", offsetof(CPUState, spr[SPR_BOOKE_IVOR5]) },
 3162:     { "ivor6", offsetof(CPUState, spr[SPR_BOOKE_IVOR6]) },
 3163:     { "ivor7", offsetof(CPUState, spr[SPR_BOOKE_IVOR7]) },
 3164:     { "ivor8", offsetof(CPUState, spr[SPR_BOOKE_IVOR8]) },
 3165:     { "ivor9", offsetof(CPUState, spr[SPR_BOOKE_IVOR9]) },
 3166:     { "ivor10", offsetof(CPUState, spr[SPR_BOOKE_IVOR10]) },
 3167:     { "ivor11", offsetof(CPUState, spr[SPR_BOOKE_IVOR11]) },
 3168:     { "ivor12", offsetof(CPUState, spr[SPR_BOOKE_IVOR12]) },
 3169:     { "ivor13", offsetof(CPUState, spr[SPR_BOOKE_IVOR13]) },
 3170:     { "ivor14", offsetof(CPUState, spr[SPR_BOOKE_IVOR14]) },
 3171:     { "ivor15", offsetof(CPUState, spr[SPR_BOOKE_IVOR15]) },
 3172:     { "ivor32", offsetof(CPUState, spr[SPR_BOOKE_IVOR32]) },
 3173:     { "ivor33", offsetof(CPUState, spr[SPR_BOOKE_IVOR33]) },
 3174:     { "ivor34", offsetof(CPUState, spr[SPR_BOOKE_IVOR34]) },
 3175:     { "ivor35", offsetof(CPUState, spr[SPR_BOOKE_IVOR35]) },
 3176:     { "ivor36", offsetof(CPUState, spr[SPR_BOOKE_IVOR36]) },
 3177:     { "ivor37", offsetof(CPUState, spr[SPR_BOOKE_IVOR37]) },
 3178:     { "mas0", offsetof(CPUState, spr[SPR_BOOKE_MAS0]) },
 3179:     { "mas1", offsetof(CPUState, spr[SPR_BOOKE_MAS1]) },
 3180:     { "mas2", offsetof(CPUState, spr[SPR_BOOKE_MAS2]) },
 3181:     { "mas3", offsetof(CPUState, spr[SPR_BOOKE_MAS3]) },
 3182:     { "mas4", offsetof(CPUState, spr[SPR_BOOKE_MAS4]) },
 3183:     { "mas6", offsetof(CPUState, spr[SPR_BOOKE_MAS6]) },
 3184:     { "mas7", offsetof(CPUState, spr[SPR_BOOKE_MAS7]) },
 3185:     { "mmucfg", offsetof(CPUState, spr[SPR_MMUCFG]) },
 3186:     { "tlb0cfg", offsetof(CPUState, spr[SPR_BOOKE_TLB0CFG]) },
 3187:     { "tlb1cfg", offsetof(CPUState, spr[SPR_BOOKE_TLB1CFG]) },
 3188:     { "epr", offsetof(CPUState, spr[SPR_BOOKE_EPR]) },
 3189:     { "eplc", offsetof(CPUState, spr[SPR_BOOKE_EPLC]) },
 3190:     { "epsc", offsetof(CPUState, spr[SPR_BOOKE_EPSC]) },
 3191:     { "svr", offsetof(CPUState, spr[SPR_E500_SVR]) },
 3192:     { "mcar", offsetof(CPUState, spr[SPR_Exxx_MCAR]) },
 3193:     { "pid1", offsetof(CPUState, spr[SPR_BOOKE_PID1]) },
 3194:     { "pid2", offsetof(CPUState, spr[SPR_BOOKE_PID2]) },
 3195:     { "hid0", offsetof(CPUState, spr[SPR_HID0]) },
 3196: 
 3197: #elif defined(TARGET_SPARC)
 3198:     { "g0", offsetof(CPUState, gregs[0]) },
 3199:     { "g1", offsetof(CPUState, gregs[1]) },
 3200:     { "g2", offsetof(CPUState, gregs[2]) },
 3201:     { "g3", offsetof(CPUState, gregs[3]) },
 3202:     { "g4", offsetof(CPUState, gregs[4]) },
 3203:     { "g5", offsetof(CPUState, gregs[5]) },
 3204:     { "g6", offsetof(CPUState, gregs[6]) },
 3205:     { "g7", offsetof(CPUState, gregs[7]) },
 3206:     { "o0", 0, monitor_get_reg },
 3207:     { "o1", 1, monitor_get_reg },
 3208:     { "o2", 2, monitor_get_reg },
 3209:     { "o3", 3, monitor_get_reg },
 3210:     { "o4", 4, monitor_get_reg },
 3211:     { "o5", 5, monitor_get_reg },
 3212:     { "o6", 6, monitor_get_reg },
 3213:     { "o7", 7, monitor_get_reg },
 3214:     { "l0", 8, monitor_get_reg },
 3215:     { "l1", 9, monitor_get_reg },
 3216:     { "l2", 10, monitor_get_reg },
 3217:     { "l3", 11, monitor_get_reg },
 3218:     { "l4", 12, monitor_get_reg },
 3219:     { "l5", 13, monitor_get_reg },
 3220:     { "l6", 14, monitor_get_reg },
 3221:     { "l7", 15, monitor_get_reg },
 3222:     { "i0", 16, monitor_get_reg },
 3223:     { "i1", 17, monitor_get_reg },
 3224:     { "i2", 18, monitor_get_reg },
 3225:     { "i3", 19, monitor_get_reg },
 3226:     { "i4", 20, monitor_get_reg },
 3227:     { "i5", 21, monitor_get_reg },
 3228:     { "i6", 22, monitor_get_reg },
 3229:     { "i7", 23, monitor_get_reg },
 3230:     { "pc", offsetof(CPUState, pc) },
 3231:     { "npc", offsetof(CPUState, npc) },
 3232:     { "y", offsetof(CPUState, y) },
 3233: #ifndef TARGET_SPARC64
 3234:     { "psr", 0, &monitor_get_psr, },
 3235:     { "wim", offsetof(CPUState, wim) },
 3236: #endif
 3237:     { "tbr", offsetof(CPUState, tbr) },
 3238:     { "fsr", offsetof(CPUState, fsr) },
 3239:     { "f0", offsetof(CPUState, fpr[0].l.upper) },
 3240:     { "f1", offsetof(CPUState, fpr[0].l.lower) },
 3241:     { "f2", offsetof(CPUState, fpr[1].l.upper) },
 3242:     { "f3", offsetof(CPUState, fpr[1].l.lower) },
 3243:     { "f4", offsetof(CPUState, fpr[2].l.upper) },
 3244:     { "f5", offsetof(CPUState, fpr[2].l.lower) },
 3245:     { "f6", offsetof(CPUState, fpr[3].l.upper) },
 3246:     { "f7", offsetof(CPUState, fpr[3].l.lower) },
 3247:     { "f8", offsetof(CPUState, fpr[4].l.upper) },
 3248:     { "f9", offsetof(CPUState, fpr[4].l.lower) },
 3249:     { "f10", offsetof(CPUState, fpr[5].l.upper) },
 3250:     { "f11", offsetof(CPUState, fpr[5].l.lower) },
 3251:     { "f12", offsetof(CPUState, fpr[6].l.upper) },
 3252:     { "f13", offsetof(CPUState, fpr[6].l.lower) },
 3253:     { "f14", offsetof(CPUState, fpr[7].l.upper) },
 3254:     { "f15", offsetof(CPUState, fpr[7].l.lower) },
 3255:     { "f16", offsetof(CPUState, fpr[8].l.upper) },
 3256:     { "f17", offsetof(CPUState, fpr[8].l.lower) },
 3257:     { "f18", offsetof(CPUState, fpr[9].l.upper) },
 3258:     { "f19", offsetof(CPUState, fpr[9].l.lower) },
 3259:     { "f20", offsetof(CPUState, fpr[10].l.upper) },
 3260:     { "f21", offsetof(CPUState, fpr[10].l.lower) },
 3261:     { "f22", offsetof(CPUState, fpr[11].l.upper) },
 3262:     { "f23", offsetof(CPUState, fpr[11].l.lower) },
 3263:     { "f24", offsetof(CPUState, fpr[12].l.upper) },
 3264:     { "f25", offsetof(CPUState, fpr[12].l.lower) },
 3265:     { "f26", offsetof(CPUState, fpr[13].l.upper) },
 3266:     { "f27", offsetof(CPUState, fpr[13].l.lower) },
 3267:     { "f28", offsetof(CPUState, fpr[14].l.upper) },
 3268:     { "f29", offsetof(CPUState, fpr[14].l.lower) },
 3269:     { "f30", offsetof(CPUState, fpr[15].l.upper) },
 3270:     { "f31", offsetof(CPUState, fpr[15].l.lower) },
 3271: #ifdef TARGET_SPARC64
 3272:     { "f32", offsetof(CPUState, fpr[16]) },
 3273:     { "f34", offsetof(CPUState, fpr[17]) },
 3274:     { "f36", offsetof(CPUState, fpr[18]) },
 3275:     { "f38", offsetof(CPUState, fpr[19]) },
 3276:     { "f40", offsetof(CPUState, fpr[20]) },
 3277:     { "f42", offsetof(CPUState, fpr[21]) },
 3278:     { "f44", offsetof(CPUState, fpr[22]) },
 3279:     { "f46", offsetof(CPUState, fpr[23]) },
 3280:     { "f48", offsetof(CPUState, fpr[24]) },
 3281:     { "f50", offsetof(CPUState, fpr[25]) },
 3282:     { "f52", offsetof(CPUState, fpr[26]) },
 3283:     { "f54", offsetof(CPUState, fpr[27]) },
 3284:     { "f56", offsetof(CPUState, fpr[28]) },
 3285:     { "f58", offsetof(CPUState, fpr[29]) },
 3286:     { "f60", offsetof(CPUState, fpr[30]) },
 3287:     { "f62", offsetof(CPUState, fpr[31]) },
 3288:     { "asi", offsetof(CPUState, asi) },
 3289:     { "pstate", offsetof(CPUState, pstate) },
 3290:     { "cansave", offsetof(CPUState, cansave) },
 3291:     { "canrestore", offsetof(CPUState, canrestore) },
 3292:     { "otherwin", offsetof(CPUState, otherwin) },
 3293:     { "wstate", offsetof(CPUState, wstate) },
 3294:     { "cleanwin", offsetof(CPUState, cleanwin) },
 3295:     { "fprs", offsetof(CPUState, fprs) },
 3296: #endif
 3297: #endif
 3298:     { NULL },
 3299: };
 3300: 
 3301: static void expr_error(Monitor *mon, const char *msg)
 3302: {
 3303:     monitor_printf(mon, "%s\n", msg);
 3304:     longjmp(expr_env, 1);
 3305: }
 3306: 
 3307: /* return 0 if OK, -1 if not found */
 3308: static int get_monitor_def(target_long *pval, const char *name)
 3309: {
 3310:     const MonitorDef *md;
 3311:     void *ptr;
 3312: 
 3313:     for(md = monitor_defs; md->name != NULL; md++) {
 3314:         if (compare_cmd(name, md->name)) {
 3315:             if (md->get_value) {
 3316:                 *pval = md->get_value(md, md->offset);
 3317:             } else {
 3318:                 CPUState *env = mon_get_cpu();
 3319:                 ptr = (uint8_t *)env + md->offset;
 3320:                 switch(md->type) {
 3321:                 case MD_I32:
 3322:                     *pval = *(int32_t *)ptr;
 3323:                     break;
 3324:                 case MD_TLONG:
 3325:                     *pval = *(target_long *)ptr;
 3326:                     break;
 3327:                 default:
 3328:                     *pval = 0;
 3329:                     break;
 3330:                 }
 3331:             }
 3332:             return 0;
 3333:         }
 3334:     }
 3335:     return -1;
 3336: }
 3337: 
 3338: static void next(void)
 3339: {
 3340:     if (*pch != '\0') {
 3341:         pch++;
 3342:         while (qemu_isspace(*pch))
 3343:             pch++;
 3344:     }
 3345: }
 3346: 
 3347: static int64_t expr_sum(Monitor *mon);
 3348: 
 3349: static int64_t expr_unary(Monitor *mon)
 3350: {
 3351:     int64_t n;
 3352:     char *p;
 3353:     int ret;
 3354: 
 3355:     switch(*pch) {
 3356:     case '+':
 3357:         next();
 3358:         n = expr_unary(mon);
 3359:         break;
 3360:     case '-':
 3361:         next();
 3362:         n = -expr_unary(mon);
 3363:         break;
 3364:     case '~':
 3365:         next();
 3366:         n = ~expr_unary(mon);
 3367:         break;
 3368:     case '(':
 3369:         next();
 3370:         n = expr_sum(mon);
 3371:         if (*pch != ')') {
 3372:             expr_error(mon, "')' expected");
 3373:         }
 3374:         next();
 3375:         break;
 3376:     case '\'':
 3377:         pch++;
 3378:         if (*pch == '\0')
 3379:             expr_error(mon, "character constant expected");
 3380:         n = *pch;
 3381:         pch++;
 3382:         if (*pch != '\'')
 3383:             expr_error(mon, "missing terminating \' character");
 3384:         next();
 3385:         break;
 3386:     case '$':
 3387:         {
 3388:             char buf[128], *q;
 3389:             target_long reg=0;
 3390: 
 3391:             pch++;
 3392:             q = buf;
 3393:             while ((*pch >= 'a' && *pch <= 'z') ||
 3394:                    (*pch >= 'A' && *pch <= 'Z') ||
 3395:                    (*pch >= '0' && *pch <= '9') ||
 3396:                    *pch == '_' || *pch == '.') {
 3397:                 if ((q - buf) < sizeof(buf) - 1)
 3398:                     *q++ = *pch;
 3399:                 pch++;
 3400:             }
 3401:             while (qemu_isspace(*pch))
 3402:                 pch++;
 3403:             *q = 0;
 3404:             ret = get_monitor_def(&reg, buf);
 3405:             if (ret < 0)
 3406:                 expr_error(mon, "unknown register");
 3407:             n = reg;
 3408:         }
 3409:         break;
 3410:     case '\0':
 3411:         expr_error(mon, "unexpected end of expression");
 3412:         n = 0;
 3413:         break;
 3414:     default:
 3415: #if TARGET_PHYS_ADDR_BITS > 32
 3416:         n = strtoull(pch, &p, 0);
 3417: #else
 3418:         n = strtoul(pch, &p, 0);
 3419: #endif
 3420:         if (pch == p) {
 3421:             expr_error(mon, "invalid char in expression");
 3422:         }
 3423:         pch = p;
 3424:         while (qemu_isspace(*pch))
 3425:             pch++;
 3426:         break;
 3427:     }
 3428:     return n;
 3429: }
 3430: 
 3431: 
 3432: static int64_t expr_prod(Monitor *mon)
 3433: {
 3434:     int64_t val, val2;
 3435:     int op;
 3436: 
 3437:     val = expr_unary(mon);
 3438:     for(;;) {
 3439:         op = *pch;
 3440:         if (op != '*' && op != '/' && op != '%')
 3441:             break;
 3442:         next();
 3443:         val2 = expr_unary(mon);
 3444:         switch(op) {
 3445:         default:
 3446:         case '*':
 3447:             val *= val2;
 3448:             break;
 3449:         case '/':
 3450:         case '%':
 3451:             if (val2 == 0)
 3452:                 expr_error(mon, "division by zero");
 3453:             if (op == '/')
 3454:                 val /= val2;
 3455:             else
 3456:                 val %= val2;
 3457:             break;
 3458:         }
 3459:     }
 3460:     return val;
 3461: }
 3462: 
 3463: static int64_t expr_logic(Monitor *mon)
 3464: {
 3465:     int64_t val, val2;
 3466:     int op;
 3467: 
 3468:     val = expr_prod(mon);
 3469:     for(;;) {
 3470:         op = *pch;
 3471:         if (op != '&' && op != '|' && op != '^')
 3472:             break;
 3473:         next();
 3474:         val2 = expr_prod(mon);
 3475:         switch(op) {
 3476:         default:
 3477:         case '&':
 3478:             val &= val2;
 3479:             break;
 3480:         case '|':
 3481:             val |= val2;
 3482:             break;
 3483:         case '^':
 3484:             val ^= val2;
 3485:             break;
 3486:         }
 3487:     }
 3488:     return val;
 3489: }
 3490: 
 3491: static int64_t expr_sum(Monitor *mon)
 3492: {
 3493:     int64_t val, val2;
 3494:     int op;
 3495: 
 3496:     val = expr_logic(mon);
 3497:     for(;;) {
 3498:         op = *pch;
 3499:         if (op != '+' && op != '-')
 3500:             break;
 3501:         next();
 3502:         val2 = expr_logic(mon);
 3503:         if (op == '+')
 3504:             val += val2;
 3505:         else
 3506:             val -= val2;
 3507:     }
 3508:     return val;
 3509: }
 3510: 
 3511: static int get_expr(Monitor *mon, int64_t *pval, const char **pp)
 3512: {
 3513:     pch = *pp;
 3514:     if (setjmp(expr_env)) {
 3515:         *pp = pch;
 3516:         return -1;
 3517:     }
 3518:     while (qemu_isspace(*pch))
 3519:         pch++;
 3520:     *pval = expr_sum(mon);
 3521:     *pp = pch;
 3522:     return 0;
 3523: }
 3524: 
 3525: static int get_double(Monitor *mon, double *pval, const char **pp)
 3526: {
 3527:     const char *p = *pp;
 3528:     char *tailp;
 3529:     double d;
 3530: 
 3531:     d = strtod(p, &tailp);
 3532:     if (tailp == p) {
 3533:         monitor_printf(mon, "Number expected\n");
 3534:         return -1;
 3535:     }
 3536:     if (d != d || d - d != 0) {
 3537:         /* NaN or infinity */
 3538:         monitor_printf(mon, "Bad number\n");
 3539:         return -1;
 3540:     }
 3541:     *pval = d;
 3542:     *pp = tailp;
 3543:     return 0;
 3544: }
 3545: 
 3546: static int get_str(char *buf, int buf_size, const char **pp)
 3547: {
 3548:     const char *p;
 3549:     char *q;
 3550:     int c;
 3551: 
 3552:     q = buf;
 3553:     p = *pp;
 3554:     while (qemu_isspace(*p))
 3555:         p++;
 3556:     if (*p == '\0') {
 3557:     fail:
 3558:         *q = '\0';
 3559:         *pp = p;
 3560:         return -1;
 3561:     }
 3562:     if (*p == '\"') {
 3563:         p++;
 3564:         while (*p != '\0' && *p != '\"') {
 3565:             if (*p == '\\') {
 3566:                 p++;
 3567:                 c = *p++;
 3568:                 switch(c) {
 3569:                 case 'n':
 3570:                     c = '\n';
 3571:                     break;
 3572:                 case 'r':
 3573:                     c = '\r';
 3574:                     break;
 3575:                 case '\\':
 3576:                 case '\'':
 3577:                 case '\"':
 3578:                     break;
 3579:                 default:
 3580:                     qemu_printf("unsupported escape code: '\\%c'\n", c);
 3581:                     goto fail;
 3582:                 }
 3583:                 if ((q - buf) < buf_size - 1) {
 3584:                     *q++ = c;
 3585:                 }
 3586:             } else {
 3587:                 if ((q - buf) < buf_size - 1) {
 3588:                     *q++ = *p;
 3589:                 }
 3590:                 p++;
 3591:             }
 3592:         }
 3593:         if (*p != '\"') {
 3594:             qemu_printf("unterminated string\n");
 3595:             goto fail;
 3596:         }
 3597:         p++;
 3598:     } else {
 3599:         while (*p != '\0' && !qemu_isspace(*p)) {
 3600:             if ((q - buf) < buf_size - 1) {
 3601:                 *q++ = *p;
 3602:             }
 3603:             p++;
 3604:         }
 3605:     }
 3606:     *q = '\0';
 3607:     *pp = p;
 3608:     return 0;
 3609: }
 3610: 
 3611: /*
 3612:  * Store the command-name in cmdname, and return a pointer to
 3613:  * the remaining of the command string.
 3614:  */
 3615: static const char *get_command_name(const char *cmdline,
 3616:                                     char *cmdname, size_t nlen)
 3617: {
 3618:     size_t len;
 3619:     const char *p, *pstart;
 3620: 
 3621:     p = cmdline;
 3622:     while (qemu_isspace(*p))
 3623:         p++;
 3624:     if (*p == '\0')
 3625:         return NULL;
 3626:     pstart = p;
 3627:     while (*p != '\0' && *p != '/' && !qemu_isspace(*p))
 3628:         p++;
 3629:     len = p - pstart;
 3630:     if (len > nlen - 1)
 3631:         len = nlen - 1;
 3632:     memcpy(cmdname, pstart, len);
 3633:     cmdname[len] = '\0';
 3634:     return p;
 3635: }
 3636: 
 3637: /**
 3638:  * Read key of 'type' into 'key' and return the current
 3639:  * 'type' pointer.
 3640:  */
 3641: static char *key_get_info(const char *type, char **key)
 3642: {
 3643:     size_t len;
 3644:     char *p, *str;
 3645: 
 3646:     if (*type == ',')
 3647:         type++;
 3648: 
 3649:     p = strchr(type, ':');
 3650:     if (!p) {
 3651:         *key = NULL;
 3652:         return NULL;
 3653:     }
 3654:     len = p - type;
 3655: 
 3656:     str = g_malloc(len + 1);
 3657:     memcpy(str, type, len);
 3658:     str[len] = '\0';
 3659: 
 3660:     *key = str;
 3661:     return ++p;
 3662: }
 3663: 
 3664: static int default_fmt_format = 'x';
 3665: static int default_fmt_size = 4;
 3666: 
 3667: #define MAX_ARGS 16
 3668: 
 3669: static int is_valid_option(const char *c, const char *typestr)
 3670: {
 3671:     char option[3];
 3672:   
 3673:     option[0] = '-';
 3674:     option[1] = *c;
 3675:     option[2] = '\0';
 3676:   
 3677:     typestr = strstr(typestr, option);
 3678:     return (typestr != NULL);
 3679: }
 3680: 
 3681: static const mon_cmd_t *search_dispatch_table(const mon_cmd_t *disp_table,
 3682:                                               const char *cmdname)
 3683: {
 3684:     const mon_cmd_t *cmd;
 3685: 
 3686:     for (cmd = disp_table; cmd->name != NULL; cmd++) {
 3687:         if (compare_cmd(cmdname, cmd->name)) {
 3688:             return cmd;
 3689:         }
 3690:     }
 3691: 
 3692:     return NULL;
 3693: }
 3694: 
 3695: static const mon_cmd_t *monitor_find_command(const char *cmdname)
 3696: {
 3697:     return search_dispatch_table(mon_cmds, cmdname);
 3698: }
 3699: 
 3700: static const mon_cmd_t *qmp_find_cmd(const char *cmdname)
 3701: {
 3702:     return search_dispatch_table(qmp_cmds, cmdname);
 3703: }
 3704: 
 3705: static const mon_cmd_t *monitor_parse_command(Monitor *mon,
 3706:                                               const char *cmdline,
 3707:                                               QDict *qdict)
 3708: {
 3709:     const char *p, *typestr;
 3710:     int c;
 3711:     const mon_cmd_t *cmd;
 3712:     char cmdname[256];
 3713:     char buf[1024];
 3714:     char *key;
 3715: 
 3716: #ifdef DEBUG
 3717:     monitor_printf(mon, "command='%s'\n", cmdline);
 3718: #endif
 3719: 
 3720:     /* extract the command name */
 3721:     p = get_command_name(cmdline, cmdname, sizeof(cmdname));
 3722:     if (!p)
 3723:         return NULL;
 3724: 
 3725:     cmd = monitor_find_command(cmdname);
 3726:     if (!cmd) {
 3727:         monitor_printf(mon, "unknown command: '%s'\n", cmdname);
 3728:         return NULL;
 3729:     }
 3730: 
 3731:     /* parse the parameters */
 3732:     typestr = cmd->args_type;
 3733:     for(;;) {
 3734:         typestr = key_get_info(typestr, &key);
 3735:         if (!typestr)
 3736:             break;
 3737:         c = *typestr;
 3738:         typestr++;
 3739:         switch(c) {
 3740:         case 'F':
 3741:         case 'B':
 3742:         case 's':
 3743:             {
 3744:                 int ret;
 3745: 
 3746:                 while (qemu_isspace(*p))
 3747:                     p++;
 3748:                 if (*typestr == '?') {
 3749:                     typestr++;
 3750:                     if (*p == '\0') {
 3751:                         /* no optional string: NULL argument */
 3752:                         break;
 3753:                     }
 3754:                 }
 3755:                 ret = get_str(buf, sizeof(buf), &p);
 3756:                 if (ret < 0) {
 3757:                     switch(c) {
 3758:                     case 'F':
 3759:                         monitor_printf(mon, "%s: filename expected\n",
 3760:                                        cmdname);
 3761:                         break;
 3762:                     case 'B':
 3763:                         monitor_printf(mon, "%s: block device name expected\n",
 3764:                                        cmdname);
 3765:                         break;
 3766:                     default:
 3767:                         monitor_printf(mon, "%s: string expected\n", cmdname);
 3768:                         break;
 3769:                     }
 3770:                     goto fail;
 3771:                 }
 3772:                 qdict_put(qdict, key, qstring_from_str(buf));
 3773:             }
 3774:             break;
 3775:         case 'O':
 3776:             {
 3777:                 QemuOptsList *opts_list;
 3778:                 QemuOpts *opts;
 3779: 
 3780:                 opts_list = qemu_find_opts(key);
 3781:                 if (!opts_list || opts_list->desc->name) {
 3782:                     goto bad_type;
 3783:                 }
 3784:                 while (qemu_isspace(*p)) {
 3785:                     p++;
 3786:                 }
 3787:                 if (!*p)
 3788:                     break;
 3789:                 if (get_str(buf, sizeof(buf), &p) < 0) {
 3790:                     goto fail;
 3791:                 }
 3792:                 opts = qemu_opts_parse(opts_list, buf, 1);
 3793:                 if (!opts) {
 3794:                     goto fail;
 3795:                 }
 3796:                 qemu_opts_to_qdict(opts, qdict);
 3797:                 qemu_opts_del(opts);
 3798:             }
 3799:             break;
 3800:         case '/':
 3801:             {
 3802:                 int count, format, size;
 3803: 
 3804:                 while (qemu_isspace(*p))
 3805:                     p++;
 3806:                 if (*p == '/') {
 3807:                     /* format found */
 3808:                     p++;
 3809:                     count = 1;
 3810:                     if (qemu_isdigit(*p)) {
 3811:                         count = 0;
 3812:                         while (qemu_isdigit(*p)) {
 3813:                             count = count * 10 + (*p - '0');
 3814:                             p++;
 3815:                         }
 3816:                     }
 3817:                     size = -1;
 3818:                     format = -1;
 3819:                     for(;;) {
 3820:                         switch(*p) {
 3821:                         case 'o':
 3822:                         case 'd':
 3823:                         case 'u':
 3824:                         case 'x':
 3825:                         case 'i':
 3826:                         case 'c':
 3827:                             format = *p++;
 3828:                             break;
 3829:                         case 'b':
 3830:                             size = 1;
 3831:                             p++;
 3832:                             break;
 3833:                         case 'h':
 3834:                             size = 2;
 3835:                             p++;
 3836:                             break;
 3837:                         case 'w':
 3838:                             size = 4;
 3839:                             p++;
 3840:                             break;
 3841:                         case 'g':
 3842:                         case 'L':
 3843:                             size = 8;
 3844:                             p++;
 3845:                             break;
 3846:                         default:
 3847:                             goto next;
 3848:                         }
 3849:                     }
 3850:                 next:
 3851:                     if (*p != '\0' && !qemu_isspace(*p)) {
 3852:                         monitor_printf(mon, "invalid char in format: '%c'\n",
 3853:                                        *p);
 3854:                         goto fail;
 3855:                     }
 3856:                     if (format < 0)
 3857:                         format = default_fmt_format;
 3858:                     if (format != 'i') {
 3859:                         /* for 'i', not specifying a size gives -1 as size */
 3860:                         if (size < 0)
 3861:                             size = default_fmt_size;
 3862:                         default_fmt_size = size;
 3863:                     }
 3864:                     default_fmt_format = format;
 3865:                 } else {
 3866:                     count = 1;
 3867:                     format = default_fmt_format;
 3868:                     if (format != 'i') {
 3869:                         size = default_fmt_size;
 3870:                     } else {
 3871:                         size = -1;
 3872:                     }
 3873:                 }
 3874:                 qdict_put(qdict, "count", qint_from_int(count));
 3875:                 qdict_put(qdict, "format", qint_from_int(format));
 3876:                 qdict_put(qdict, "size", qint_from_int(size));
 3877:             }
 3878:             break;
 3879:         case 'i':
 3880:         case 'l':
 3881:         case 'M':
 3882:             {
 3883:                 int64_t val;
 3884: 
 3885:                 while (qemu_isspace(*p))
 3886:                     p++;
 3887:                 if (*typestr == '?' || *typestr == '.') {
 3888:                     if (*typestr == '?') {
 3889:                         if (*p == '\0') {
 3890:                             typestr++;
 3891:                             break;
 3892:                         }
 3893:                     } else {
 3894:                         if (*p == '.') {
 3895:                             p++;
 3896:                             while (qemu_isspace(*p))
 3897:                                 p++;
 3898:                         } else {
 3899:                             typestr++;
 3900:                             break;
 3901:                         }
 3902:                     }
 3903:                     typestr++;
 3904:                 }
 3905:                 if (get_expr(mon, &val, &p))
 3906:                     goto fail;
 3907:                 /* Check if 'i' is greater than 32-bit */
 3908:                 if ((c == 'i') && ((val >> 32) & 0xffffffff)) {
 3909:                     monitor_printf(mon, "\'%s\' has failed: ", cmdname);
 3910:                     monitor_printf(mon, "integer is for 32-bit values\n");
 3911:                     goto fail;
 3912:                 } else if (c == 'M') {
 3913:                     val <<= 20;
 3914:                 }
 3915:                 qdict_put(qdict, key, qint_from_int(val));
 3916:             }
 3917:             break;
 3918:         case 'o':
 3919:             {
 3920:                 int64_t val;
 3921:                 char *end;
 3922: 
 3923:                 while (qemu_isspace(*p)) {
 3924:                     p++;
 3925:                 }
 3926:                 if (*typestr == '?') {
 3927:                     typestr++;
 3928:                     if (*p == '\0') {
 3929:                         break;
 3930:                     }
 3931:                 }
 3932:                 val = strtosz(p, &end);
 3933:                 if (val < 0) {
 3934:                     monitor_printf(mon, "invalid size\n");
 3935:                     goto fail;
 3936:                 }
 3937:                 qdict_put(qdict, key, qint_from_int(val));
 3938:                 p = end;
 3939:             }
 3940:             break;
 3941:         case 'T':
 3942:             {
 3943:                 double val;
 3944: 
 3945:                 while (qemu_isspace(*p))
 3946:                     p++;
 3947:                 if (*typestr == '?') {
 3948:                     typestr++;
 3949:                     if (*p == '\0') {
 3950:                         break;
 3951:                     }
 3952:                 }
 3953:                 if (get_double(mon, &val, &p) < 0) {
 3954:                     goto fail;
 3955:                 }
 3956:                 if (p[0] && p[1] == 's') {
 3957:                     switch (*p) {
 3958:                     case 'm':
 3959:                         val /= 1e3; p += 2; break;
 3960:                     case 'u':
 3961:                         val /= 1e6; p += 2; break;
 3962:                     case 'n':
 3963:                         val /= 1e9; p += 2; break;
 3964:                     }
 3965:                 }
 3966:                 if (*p && !qemu_isspace(*p)) {
 3967:                     monitor_printf(mon, "Unknown unit suffix\n");
 3968:                     goto fail;
 3969:                 }
 3970:                 qdict_put(qdict, key, qfloat_from_double(val));
 3971:             }
 3972:             break;
 3973:         case 'b':
 3974:             {
 3975:                 const char *beg;
 3976:                 int val;
 3977: 
 3978:                 while (qemu_isspace(*p)) {
 3979:                     p++;
 3980:                 }
 3981:                 beg = p;
 3982:                 while (qemu_isgraph(*p)) {
 3983:                     p++;
 3984:                 }
 3985:                 if (p - beg == 2 && !memcmp(beg, "on", p - beg)) {
 3986:                     val = 1;
 3987:                 } else if (p - beg == 3 && !memcmp(beg, "off", p - beg)) {
 3988:                     val = 0;
 3989:                 } else {
 3990:                     monitor_printf(mon, "Expected 'on' or 'off'\n");
 3991:                     goto fail;
 3992:                 }
 3993:                 qdict_put(qdict, key, qbool_from_int(val));
 3994:             }
 3995:             break;
 3996:         case '-':
 3997:             {
 3998:                 const char *tmp = p;
 3999:                 int skip_key = 0;
 4000:                 /* option */
 4001: 
 4002:                 c = *typestr++;
 4003:                 if (c == '\0')
 4004:                     goto bad_type;
 4005:                 while (qemu_isspace(*p))
 4006:                     p++;
 4007:                 if (*p == '-') {
 4008:                     p++;
 4009:                     if(c != *p) {
 4010:                         if(!is_valid_option(p, typestr)) {
 4011:                   
 4012:                             monitor_printf(mon, "%s: unsupported option -%c\n",
 4013:                                            cmdname, *p);
 4014:                             goto fail;
 4015:                         } else {
 4016:                             skip_key = 1;
 4017:                         }
 4018:                     }
 4019:                     if(skip_key) {
 4020:                         p = tmp;
 4021:                     } else {
 4022:                         /* has option */
 4023:                         p++;
 4024:                         qdict_put(qdict, key, qbool_from_int(1));
 4025:                     }
 4026:                 }
 4027:             }
 4028:             break;
 4029:         default:
 4030:         bad_type:
 4031:             monitor_printf(mon, "%s: unknown type '%c'\n", cmdname, c);
 4032:             goto fail;
 4033:         }
 4034:         g_free(key);
 4035:         key = NULL;
 4036:     }
 4037:     /* check that all arguments were parsed */
 4038:     while (qemu_isspace(*p))
 4039:         p++;
 4040:     if (*p != '\0') {
 4041:         monitor_printf(mon, "%s: extraneous characters at the end of line\n",
 4042:                        cmdname);
 4043:         goto fail;
 4044:     }
 4045: 
 4046:     return cmd;
 4047: 
 4048: fail:
 4049:     g_free(key);
 4050:     return NULL;
 4051: }
 4052: 
 4053: void monitor_set_error(Monitor *mon, QError *qerror)
 4054: {
 4055:     /* report only the first error */
 4056:     if (!mon->error) {
 4057:         mon->error = qerror;
 4058:     } else {
 4059:         MON_DEBUG("Additional error report at %s:%d\n",
 4060:                   qerror->file, qerror->linenr);
 4061:         QDECREF(qerror);
 4062:     }
 4063: }
 4064: 
 4065: static void handler_audit(Monitor *mon, const mon_cmd_t *cmd, int ret)
 4066: {
 4067:     if (ret && !monitor_has_error(mon)) {
 4068:         /*
 4069:          * If it returns failure, it must have passed on error.
 4070:          *
 4071:          * Action: Report an internal error to the client if in QMP.
 4072:          */
 4073:         qerror_report(QERR_UNDEFINED_ERROR);
 4074:         MON_DEBUG("command '%s' returned failure but did not pass an error\n",
 4075:                   cmd->name);
 4076:     }
 4077: 
 4078: #ifdef CONFIG_DEBUG_MONITOR
 4079:     if (!ret && monitor_has_error(mon)) {
 4080:         /*
 4081:          * If it returns success, it must not have passed an error.
 4082:          *
 4083:          * Action: Report the passed error to the client.
 4084:          */
 4085:         MON_DEBUG("command '%s' returned success but passed an error\n",
 4086:                   cmd->name);
 4087:     }
 4088: 
 4089:     if (mon_print_count_get(mon) > 0 && strcmp(cmd->name, "info") != 0) {
 4090:         /*
 4091:          * Handlers should not call Monitor print functions.
 4092:          *
 4093:          * Action: Ignore them in QMP.
 4094:          *
 4095:          * (XXX: we don't check any 'info' or 'query' command here
 4096:          * because the user print function _is_ called by do_info(), hence
 4097:          * we will trigger this check. This problem will go away when we
 4098:          * make 'query' commands real and kill do_info())
 4099:          */
 4100:         MON_DEBUG("command '%s' called print functions %d time(s)\n",
 4101:                   cmd->name, mon_print_count_get(mon));
 4102:     }
 4103: #endif
 4104: }
 4105: 
 4106: static void handle_user_command(Monitor *mon, const char *cmdline)
 4107: {
 4108:     QDict *qdict;
 4109:     const mon_cmd_t *cmd;
 4110: 
 4111:     qdict = qdict_new();
 4112: 
 4113:     cmd = monitor_parse_command(mon, cmdline, qdict);
 4114:     if (!cmd)
 4115:         goto out;
 4116: 
 4117:     if (handler_is_async(cmd)) {
 4118:         user_async_cmd_handler(mon, cmd, qdict);
 4119:     } else if (handler_is_qobject(cmd)) {
 4120:         QObject *data = NULL;
 4121: 
 4122:         /* XXX: ignores the error code */
 4123:         cmd->mhandler.cmd_new(mon, qdict, &data);
 4124:         assert(!monitor_has_error(mon));
 4125:         if (data) {
 4126:             cmd->user_print(mon, data);
 4127:             qobject_decref(data);
 4128:         }
 4129:     } else {
 4130:         cmd->mhandler.cmd(mon, qdict);
 4131:     }
 4132: 
 4133: out:
 4134:     QDECREF(qdict);
 4135: }
 4136: 
 4137: static void cmd_completion(const char *name, const char *list)
 4138: {
 4139:     const char *p, *pstart;
 4140:     char cmd[128];
 4141:     int len;
 4142: 
 4143:     p = list;
 4144:     for(;;) {
 4145:         pstart = p;
 4146:         p = strchr(p, '|');
 4147:         if (!p)
 4148:             p = pstart + strlen(pstart);
 4149:         len = p - pstart;
 4150:         if (len > sizeof(cmd) - 2)
 4151:             len = sizeof(cmd) - 2;
 4152:         memcpy(cmd, pstart, len);
 4153:         cmd[len] = '\0';
 4154:         if (name[0] == '\0' || !strncmp(name, cmd, strlen(name))) {
 4155:             readline_add_completion(cur_mon->rs, cmd);
 4156:         }
 4157:         if (*p == '\0')
 4158:             break;
 4159:         p++;
 4160:     }
 4161: }
 4162: 
 4163: static void file_completion(const char *input)
 4164: {
 4165:     DIR *ffs;
 4166:     struct dirent *d;
 4167:     char path[1024];
 4168:     char file[1024], file_prefix[1024];
 4169:     int input_path_len;
 4170:     const char *p;
 4171: 
 4172:     p = strrchr(input, '/');
 4173:     if (!p) {
 4174:         input_path_len = 0;
 4175:         pstrcpy(file_prefix, sizeof(file_prefix), input);
 4176:         pstrcpy(path, sizeof(path), ".");
 4177:     } else {
 4178:         input_path_len = p - input + 1;
 4179:         memcpy(path, input, input_path_len);
 4180:         if (input_path_len > sizeof(path) - 1)
 4181:             input_path_len = sizeof(path) - 1;
 4182:         path[input_path_len] = '\0';
 4183:         pstrcpy(file_prefix, sizeof(file_prefix), p + 1);
 4184:     }
 4185: #ifdef DEBUG_COMPLETION
 4186:     monitor_printf(cur_mon, "input='%s' path='%s' prefix='%s'\n",
 4187:                    input, path, file_prefix);
 4188: #endif
 4189:     ffs = opendir(path);
 4190:     if (!ffs)
 4191:         return;
 4192:     for(;;) {
 4193:         struct stat sb;
 4194:         d = readdir(ffs);
 4195:         if (!d)
 4196:             break;
 4197: 
 4198:         if (strcmp(d->d_name, ".") == 0 || strcmp(d->d_name, "..") == 0) {
 4199:             continue;
 4200:         }
 4201: 
 4202:         if (strstart(d->d_name, file_prefix, NULL)) {
 4203:             memcpy(file, input, input_path_len);
 4204:             if (input_path_len < sizeof(file))
 4205:                 pstrcpy(file + input_path_len, sizeof(file) - input_path_len,
 4206:                         d->d_name);
 4207:             /* stat the file to find out if it's a directory.
 4208:              * In that case add a slash to speed up typing long paths
 4209:              */
 4210:             if (stat(file, &sb) == 0 && S_ISDIR(sb.st_mode)) {
 4211:                 pstrcat(file, sizeof(file), "/");
 4212:             }
 4213:             readline_add_completion(cur_mon->rs, file);
 4214:         }
 4215:     }
 4216:     closedir(ffs);
 4217: }
 4218: 
 4219: static void block_completion_it(void *opaque, BlockDriverState *bs)
 4220: {
 4221:     const char *name = bdrv_get_device_name(bs);
 4222:     const char *input = opaque;
 4223: 
 4224:     if (input[0] == '\0' ||
 4225:         !strncmp(name, (char *)input, strlen(input))) {
 4226:         readline_add_completion(cur_mon->rs, name);
 4227:     }
 4228: }
 4229: 
 4230: /* NOTE: this parser is an approximate form of the real command parser */
 4231: static void parse_cmdline(const char *cmdline,
 4232:                          int *pnb_args, char **args)
 4233: {
 4234:     const char *p;
 4235:     int nb_args, ret;
 4236:     char buf[1024];
 4237: 
 4238:     p = cmdline;
 4239:     nb_args = 0;
 4240:     for(;;) {
 4241:         while (qemu_isspace(*p))
 4242:             p++;
 4243:         if (*p == '\0')
 4244:             break;
 4245:         if (nb_args >= MAX_ARGS)
 4246:             break;
 4247:         ret = get_str(buf, sizeof(buf), &p);
 4248:         args[nb_args] = g_strdup(buf);
 4249:         nb_args++;
 4250:         if (ret < 0)
 4251:             break;
 4252:     }
 4253:     *pnb_args = nb_args;
 4254: }
 4255: 
 4256: static const char *next_arg_type(const char *typestr)
 4257: {
 4258:     const char *p = strchr(typestr, ':');
 4259:     return (p != NULL ? ++p : typestr);
 4260: }
 4261: 
 4262: static void monitor_find_completion(const char *cmdline)
 4263: {
 4264:     const char *cmdname;
 4265:     char *args[MAX_ARGS];
 4266:     int nb_args, i, len;
 4267:     const char *ptype, *str;
 4268:     const mon_cmd_t *cmd;
 4269:     const KeyDef *key;
 4270: 
 4271:     parse_cmdline(cmdline, &nb_args, args);
 4272: #ifdef DEBUG_COMPLETION
 4273:     for(i = 0; i < nb_args; i++) {
 4274:         monitor_printf(cur_mon, "arg%d = '%s'\n", i, (char *)args[i]);
 4275:     }
 4276: #endif
 4277: 
 4278:     /* if the line ends with a space, it means we want to complete the
 4279:        next arg */
 4280:     len = strlen(cmdline);
 4281:     if (len > 0 && qemu_isspace(cmdline[len - 1])) {
 4282:         if (nb_args >= MAX_ARGS) {
 4283:             goto cleanup;
 4284:         }
 4285:         args[nb_args++] = g_strdup("");
 4286:     }
 4287:     if (nb_args <= 1) {
 4288:         /* command completion */
 4289:         if (nb_args == 0)
 4290:             cmdname = "";
 4291:         else
 4292:             cmdname = args[0];
 4293:         readline_set_completion_index(cur_mon->rs, strlen(cmdname));
 4294:         for(cmd = mon_cmds; cmd->name != NULL; cmd++) {
 4295:             cmd_completion(cmdname, cmd->name);
 4296:         }
 4297:     } else {
 4298:         /* find the command */
 4299:         for (cmd = mon_cmds; cmd->name != NULL; cmd++) {
 4300:             if (compare_cmd(args[0], cmd->name)) {
 4301:                 break;
 4302:             }
 4303:         }
 4304:         if (!cmd->name) {
 4305:             goto cleanup;
 4306:         }
 4307: 
 4308:         ptype = next_arg_type(cmd->args_type);
 4309:         for(i = 0; i < nb_args - 2; i++) {
 4310:             if (*ptype != '\0') {
 4311:                 ptype = next_arg_type(ptype);
 4312:                 while (*ptype == '?')
 4313:                     ptype = next_arg_type(ptype);
 4314:             }
 4315:         }
 4316:         str = args[nb_args - 1];
 4317:         if (*ptype == '-' && ptype[1] != '\0') {
 4318:             ptype = next_arg_type(ptype);
 4319:         }
 4320:         switch(*ptype) {
 4321:         case 'F':
 4322:             /* file completion */
 4323:             readline_set_completion_index(cur_mon->rs, strlen(str));
 4324:             file_completion(str);
 4325:             break;
 4326:         case 'B':
 4327:             /* block device name completion */
 4328:             readline_set_completion_index(cur_mon->rs, strlen(str));
 4329:             bdrv_iterate(block_completion_it, (void *)str);
 4330:             break;
 4331:         case 's':
 4332:             /* XXX: more generic ? */
 4333:             if (!strcmp(cmd->name, "info")) {
 4334:                 readline_set_completion_index(cur_mon->rs, strlen(str));
 4335:                 for(cmd = info_cmds; cmd->name != NULL; cmd++) {
 4336:                     cmd_completion(str, cmd->name);
 4337:                 }
 4338:             } else if (!strcmp(cmd->name, "sendkey")) {
 4339:                 char *sep = strrchr(str, '-');
 4340:                 if (sep)
 4341:                     str = sep + 1;
 4342:                 readline_set_completion_index(cur_mon->rs, strlen(str));
 4343:                 for(key = key_defs; key->name != NULL; key++) {
 4344:                     cmd_completion(str, key->name);
 4345:                 }
 4346:             } else if (!strcmp(cmd->name, "help|?")) {
 4347:                 readline_set_completion_index(cur_mon->rs, strlen(str));
 4348:                 for (cmd = mon_cmds; cmd->name != NULL; cmd++) {
 4349:                     cmd_completion(str, cmd->name);
 4350:                 }
 4351:             }
 4352:             break;
 4353:         default:
 4354:             break;
 4355:         }
 4356:     }
 4357: 
 4358: cleanup:
 4359:     for (i = 0; i < nb_args; i++) {
 4360:         g_free(args[i]);
 4361:     }
 4362: }
 4363: 
 4364: static int monitor_can_read(void *opaque)
 4365: {
 4366:     Monitor *mon = opaque;
 4367: 
 4368:     return (mon->suspend_cnt == 0) ? 1 : 0;
 4369: }
 4370: 
 4371: static int invalid_qmp_mode(const Monitor *mon, const char *cmd_name)
 4372: {
 4373:     int is_cap = compare_cmd(cmd_name, "qmp_capabilities");
 4374:     return (qmp_cmd_mode(mon) ? is_cap : !is_cap);
 4375: }
 4376: 
 4377: /*
 4378:  * Argument validation rules:
 4379:  *
 4380:  * 1. The argument must exist in cmd_args qdict
 4381:  * 2. The argument type must be the expected one
 4382:  *
 4383:  * Special case: If the argument doesn't exist in cmd_args and
 4384:  *               the QMP_ACCEPT_UNKNOWNS flag is set, then the
 4385:  *               checking is skipped for it.
 4386:  */
 4387: static int check_client_args_type(const QDict *client_args,
 4388:                                   const QDict *cmd_args, int flags)
 4389: {
 4390:     const QDictEntry *ent;
 4391: 
 4392:     for (ent = qdict_first(client_args); ent;ent = qdict_next(client_args,ent)){
 4393:         QObject *obj;
 4394:         QString *arg_type;
 4395:         const QObject *client_arg = qdict_entry_value(ent);
 4396:         const char *client_arg_name = qdict_entry_key(ent);
 4397: 
 4398:         obj = qdict_get(cmd_args, client_arg_name);
 4399:         if (!obj) {
 4400:             if (flags & QMP_ACCEPT_UNKNOWNS) {
 4401:                 /* handler accepts unknowns */
 4402:                 continue;
 4403:             }
 4404:             /* client arg doesn't exist */
 4405:             qerror_report(QERR_INVALID_PARAMETER, client_arg_name);
 4406:             return -1;
 4407:         }
 4408: 
 4409:         arg_type = qobject_to_qstring(obj);
 4410:         assert(arg_type != NULL);
 4411: 
 4412:         /* check if argument's type is correct */
 4413:         switch (qstring_get_str(arg_type)[0]) {
 4414:         case 'F':
 4415:         case 'B':
 4416:         case 's':
 4417:             if (qobject_type(client_arg) != QTYPE_QSTRING) {
 4418:                 qerror_report(QERR_INVALID_PARAMETER_TYPE, client_arg_name,
 4419:                               "string");
 4420:                 return -1;
 4421:             }
 4422:         break;
 4423:         case 'i':
 4424:         case 'l':
 4425:         case 'M':
 4426:         case 'o':
 4427:             if (qobject_type(client_arg) != QTYPE_QINT) {
 4428:                 qerror_report(QERR_INVALID_PARAMETER_TYPE, client_arg_name,
 4429:                               "int");
 4430:                 return -1; 
 4431:             }
 4432:             break;
 4433:         case 'T':
 4434:             if (qobject_type(client_arg) != QTYPE_QINT &&
 4435:                 qobject_type(client_arg) != QTYPE_QFLOAT) {
 4436:                 qerror_report(QERR_INVALID_PARAMETER_TYPE, client_arg_name,
 4437:                               "number");
 4438:                return -1; 
 4439:             }
 4440:             break;
 4441:         case 'b':
 4442:         case '-':
 4443:             if (qobject_type(client_arg) != QTYPE_QBOOL) {
 4444:                 qerror_report(QERR_INVALID_PARAMETER_TYPE, client_arg_name,
 4445:                               "bool");
 4446:                return -1; 
 4447:             }
 4448:             break;
 4449:         case 'O':
 4450:             assert(flags & QMP_ACCEPT_UNKNOWNS);
 4451:             break;
 4452:         case '/':
 4453:         case '.':
 4454:             /*
 4455:              * These types are not supported by QMP and thus are not
 4456:              * handled here. Fall through.
 4457:              */
 4458:         default:
 4459:             abort();
 4460:         }
 4461:     }
 4462: 
 4463:     return 0;
 4464: }
 4465: 
 4466: /*
 4467:  * - Check if the client has passed all mandatory args
 4468:  * - Set special flags for argument validation
 4469:  */
 4470: static int check_mandatory_args(const QDict *cmd_args,
 4471:                                 const QDict *client_args, int *flags)
 4472: {
 4473:     const QDictEntry *ent;
 4474: 
 4475:     for (ent = qdict_first(cmd_args); ent; ent = qdict_next(cmd_args, ent)) {
 4476:         const char *cmd_arg_name = qdict_entry_key(ent);
 4477:         QString *type = qobject_to_qstring(qdict_entry_value(ent));
 4478:         assert(type != NULL);
 4479: 
 4480:         if (qstring_get_str(type)[0] == 'O') {
 4481:             assert((*flags & QMP_ACCEPT_UNKNOWNS) == 0);
 4482:             *flags |= QMP_ACCEPT_UNKNOWNS;
 4483:         } else if (qstring_get_str(type)[0] != '-' &&
 4484:                    qstring_get_str(type)[1] != '?' &&
 4485:                    !qdict_haskey(client_args, cmd_arg_name)) {
 4486:             qerror_report(QERR_MISSING_PARAMETER, cmd_arg_name);
 4487:             return -1;
 4488:         }
 4489:     }
 4490: 
 4491:     return 0;
 4492: }
 4493: 
 4494: static QDict *qdict_from_args_type(const char *args_type)
 4495: {
 4496:     int i;
 4497:     QDict *qdict;
 4498:     QString *key, *type, *cur_qs;
 4499: 
 4500:     assert(args_type != NULL);
 4501: 
 4502:     qdict = qdict_new();
 4503: 
 4504:     if (args_type == NULL || args_type[0] == '\0') {
 4505:         /* no args, empty qdict */
 4506:         goto out;
 4507:     }
 4508: 
 4509:     key = qstring_new();
 4510:     type = qstring_new();
 4511: 
 4512:     cur_qs = key;
 4513: 
 4514:     for (i = 0;; i++) {
 4515:         switch (args_type[i]) {
 4516:             case ',':
 4517:             case '\0':
 4518:                 qdict_put(qdict, qstring_get_str(key), type);
 4519:                 QDECREF(key);
 4520:                 if (args_type[i] == '\0') {
 4521:                     goto out;
 4522:                 }
 4523:                 type = qstring_new(); /* qdict has ref */
 4524:                 cur_qs = key = qstring_new();
 4525:                 break;
 4526:             case ':':
 4527:                 cur_qs = type;
 4528:                 break;
 4529:             default:
 4530:                 qstring_append_chr(cur_qs, args_type[i]);
 4531:                 break;
 4532:         }
 4533:     }
 4534: 
 4535: out:
 4536:     return qdict;
 4537: }
 4538: 
 4539: /*
 4540:  * Client argument checking rules:
 4541:  *
 4542:  * 1. Client must provide all mandatory arguments
 4543:  * 2. Each argument provided by the client must be expected
 4544:  * 3. Each argument provided by the client must have the type expected
 4545:  *    by the command
 4546:  */
 4547: static int qmp_check_client_args(const mon_cmd_t *cmd, QDict *client_args)
 4548: {
 4549:     int flags, err;
 4550:     QDict *cmd_args;
 4551: 
 4552:     cmd_args = qdict_from_args_type(cmd->args_type);
 4553: 
 4554:     flags = 0;
 4555:     err = check_mandatory_args(cmd_args, client_args, &flags);
 4556:     if (err) {
 4557:         goto out;
 4558:     }
 4559: 
 4560:     err = check_client_args_type(client_args, cmd_args, flags);
 4561: 
 4562: out:
 4563:     QDECREF(cmd_args);
 4564:     return err;
 4565: }
 4566: 
 4567: /*
 4568:  * Input object checking rules
 4569:  *
 4570:  * 1. Input object must be a dict
 4571:  * 2. The "execute" key must exist
 4572:  * 3. The "execute" key must be a string
 4573:  * 4. If the "arguments" key exists, it must be a dict
 4574:  * 5. If the "id" key exists, it can be anything (ie. json-value)
 4575:  * 6. Any argument not listed above is considered invalid
 4576:  */
 4577: static QDict *qmp_check_input_obj(QObject *input_obj)
 4578: {
 4579:     const QDictEntry *ent;
 4580:     int has_exec_key = 0;
 4581:     QDict *input_dict;
 4582: 
 4583:     if (qobject_type(input_obj) != QTYPE_QDICT) {
 4584:         qerror_report(QERR_QMP_BAD_INPUT_OBJECT, "object");
 4585:         return NULL;
 4586:     }
 4587: 
 4588:     input_dict = qobject_to_qdict(input_obj);
 4589: 
 4590:     for (ent = qdict_first(input_dict); ent; ent = qdict_next(input_dict, ent)){
 4591:         const char *arg_name = qdict_entry_key(ent);
 4592:         const QObject *arg_obj = qdict_entry_value(ent);
 4593: 
 4594:         if (!strcmp(arg_name, "execute")) {
 4595:             if (qobject_type(arg_obj) != QTYPE_QSTRING) {
 4596:                 qerror_report(QERR_QMP_BAD_INPUT_OBJECT_MEMBER, "execute",
 4597:                               "string");
 4598:                 return NULL;
 4599:             }
 4600:             has_exec_key = 1;
 4601:         } else if (!strcmp(arg_name, "arguments")) {
 4602:             if (qobject_type(arg_obj) != QTYPE_QDICT) {
 4603:                 qerror_report(QERR_QMP_BAD_INPUT_OBJECT_MEMBER, "arguments",
 4604:                               "object");
 4605:                 return NULL;
 4606:             }
 4607:         } else if (!strcmp(arg_name, "id")) {
 4608:             /* FIXME: check duplicated IDs for async commands */
 4609:         } else {
 4610:             qerror_report(QERR_QMP_EXTRA_MEMBER, arg_name);
 4611:             return NULL;
 4612:         }
 4613:     }
 4614: 
 4615:     if (!has_exec_key) {
 4616:         qerror_report(QERR_QMP_BAD_INPUT_OBJECT, "execute");
 4617:         return NULL;
 4618:     }
 4619: 
 4620:     return input_dict;
 4621: }
 4622: 
 4623: static void qmp_call_cmd(Monitor *mon, const mon_cmd_t *cmd,
 4624:                          const QDict *params)
 4625: {
 4626:     int ret;
 4627:     QObject *data = NULL;
 4628: 
 4629:     mon_print_count_init(mon);
 4630: 
 4631:     ret = cmd->mhandler.cmd_new(mon, params, &data);
 4632:     handler_audit(mon, cmd, ret);
 4633:     monitor_protocol_emitter(mon, data);
 4634:     qobject_decref(data);
 4635: }
 4636: 
 4637: static void handle_qmp_command(JSONMessageParser *parser, QList *tokens)
 4638: {
 4639:     int err;
 4640:     QObject *obj;
 4641:     QDict *input, *args;
 4642:     const mon_cmd_t *cmd;
 4643:     const char *cmd_name;
 4644:     Monitor *mon = cur_mon;
 4645: 
 4646:     args = input = NULL;
 4647: 
 4648:     obj = json_parser_parse(tokens, NULL);
 4649:     if (!obj) {
 4650:         // FIXME: should be triggered in json_parser_parse()
 4651:         qerror_report(QERR_JSON_PARSING);
 4652:         goto err_out;
 4653:     }
 4654: 
 4655:     input = qmp_check_input_obj(obj);
 4656:     if (!input) {
 4657:         qobject_decref(obj);
 4658:         goto err_out;
 4659:     }
 4660: 
 4661:     mon->mc->id = qdict_get(input, "id");
 4662:     qobject_incref(mon->mc->id);
 4663: 
 4664:     cmd_name = qdict_get_str(input, "execute");
 4665:     trace_handle_qmp_command(mon, cmd_name);
 4666:     if (invalid_qmp_mode(mon, cmd_name)) {
 4667:         qerror_report(QERR_COMMAND_NOT_FOUND, cmd_name);
 4668:         goto err_out;
 4669:     }
 4670: 
 4671:     cmd = qmp_find_cmd(cmd_name);
 4672:     if (!cmd) {
 4673:         qerror_report(QERR_COMMAND_NOT_FOUND, cmd_name);
 4674:         goto err_out;
 4675:     }
 4676: 
 4677:     obj = qdict_get(input, "arguments");
 4678:     if (!obj) {
 4679:         args = qdict_new();
 4680:     } else {
 4681:         args = qobject_to_qdict(obj);
 4682:         QINCREF(args);
 4683:     }
 4684: 
 4685:     err = qmp_check_client_args(cmd, args);
 4686:     if (err < 0) {
 4687:         goto err_out;
 4688:     }
 4689: 
 4690:     if (handler_is_async(cmd)) {
 4691:         err = qmp_async_cmd_handler(mon, cmd, args);
 4692:         if (err) {
 4693:             /* emit the error response */
 4694:             goto err_out;
 4695:         }
 4696:     } else {
 4697:         qmp_call_cmd(mon, cmd, args);
 4698:     }
 4699: 
 4700:     goto out;
 4701: 
 4702: err_out:
 4703:     monitor_protocol_emitter(mon, NULL);
 4704: out:
 4705:     QDECREF(input);
 4706:     QDECREF(args);
 4707: }
 4708: 
 4709: /**
 4710:  * monitor_control_read(): Read and handle QMP input
 4711:  */
 4712: static void monitor_control_read(void *opaque, const uint8_t *buf, int size)
 4713: {
 4714:     Monitor *old_mon = cur_mon;
 4715: 
 4716:     cur_mon = opaque;
 4717: 
 4718:     json_message_parser_feed(&cur_mon->mc->parser, (const char *) buf, size);
 4719: 
 4720:     cur_mon = old_mon;
 4721: }
 4722: 
 4723: static void monitor_read(void *opaque, const uint8_t *buf, int size)
 4724: {
 4725:     Monitor *old_mon = cur_mon;
 4726:     int i;
 4727: 
 4728:     cur_mon = opaque;
 4729: 
 4730:     if (cur_mon->rs) {
 4731:         for (i = 0; i < size; i++)
 4732:             readline_handle_byte(cur_mon->rs, buf[i]);
 4733:     } else {
 4734:         if (size == 0 || buf[size - 1] != 0)
 4735:             monitor_printf(cur_mon, "corrupted command\n");
 4736:         else
 4737:             handle_user_command(cur_mon, (char *)buf);
 4738:     }
 4739: 
 4740:     cur_mon = old_mon;
 4741: }
 4742: 
 4743: static void monitor_command_cb(Monitor *mon, const char *cmdline, void *opaque)
 4744: {
 4745:     monitor_suspend(mon);
 4746:     handle_user_command(mon, cmdline);
 4747:     monitor_resume(mon);
 4748: }
 4749: 
 4750: int monitor_suspend(Monitor *mon)
 4751: {
 4752:     if (!mon->rs)
 4753:         return -ENOTTY;
 4754:     mon->suspend_cnt++;
 4755:     return 0;
 4756: }
 4757: 
 4758: void monitor_resume(Monitor *mon)
 4759: {
 4760:     if (!mon->rs)
 4761:         return;
 4762:     if (--mon->suspend_cnt == 0)
 4763:         readline_show_prompt(mon->rs);
 4764: }
 4765: 
 4766: static QObject *get_qmp_greeting(void)
 4767: {
 4768:     QObject *ver = NULL;
 4769: 
 4770:     qmp_marshal_input_query_version(NULL, NULL, &ver);
 4771:     return qobject_from_jsonf("{'QMP':{'version': %p,'capabilities': []}}",ver);
 4772: }
 4773: 
 4774: /**
 4775:  * monitor_control_event(): Print QMP gretting
 4776:  */
 4777: static void monitor_control_event(void *opaque, int event)
 4778: {
 4779:     QObject *data;
 4780:     Monitor *mon = opaque;
 4781: 
 4782:     switch (event) {
 4783:     case CHR_EVENT_OPENED:
 4784:         mon->mc->command_mode = 0;
 4785:         json_message_parser_init(&mon->mc->parser, handle_qmp_command);
 4786:         data = get_qmp_greeting();
 4787:         monitor_json_emitter(mon, data);
 4788:         qobject_decref(data);
 4789:         break;
 4790:     case CHR_EVENT_CLOSED:
 4791:         json_message_parser_destroy(&mon->mc->parser);
 4792:         break;
 4793:     }
 4794: }
 4795: 
 4796: static void monitor_event(void *opaque, int event)
 4797: {
 4798:     Monitor *mon = opaque;
 4799: 
 4800:     switch (event) {
 4801:     case CHR_EVENT_MUX_IN:
 4802:         mon->mux_out = 0;
 4803:         if (mon->reset_seen) {
 4804:             readline_restart(mon->rs);
 4805:             monitor_resume(mon);
 4806:             monitor_flush(mon);
 4807:         } else {
 4808:             mon->suspend_cnt = 0;
 4809:         }
 4810:         break;
 4811: 
 4812:     case CHR_EVENT_MUX_OUT:
 4813:         if (mon->reset_seen) {
 4814:             if (mon->suspend_cnt == 0) {
 4815:                 monitor_printf(mon, "\n");
 4816:             }
 4817:             monitor_flush(mon);
 4818:             monitor_suspend(mon);
 4819:         } else {
 4820:             mon->suspend_cnt++;
 4821:         }
 4822:         mon->mux_out = 1;
 4823:         break;
 4824: 
 4825:     case CHR_EVENT_OPENED:
 4826:         monitor_printf(mon, "QEMU %s monitor - type 'help' for more "
 4827:                        "information\n", QEMU_VERSION);
 4828:         if (!mon->mux_out) {
 4829:             readline_show_prompt(mon->rs);
 4830:         }
 4831:         mon->reset_seen = 1;
 4832:         break;
 4833:     }
 4834: }
 4835: 
 4836: static int
 4837: compare_mon_cmd(const void *a, const void *b)
 4838: {
 4839:     return strcmp(((const mon_cmd_t *)a)->name,
 4840:             ((const mon_cmd_t *)b)->name);
 4841: }
 4842: 
 4843: static void sortcmdlist(void)
 4844: {
 4845:     int array_num;
 4846:     int elem_size = sizeof(mon_cmd_t);
 4847: 
 4848:     array_num = sizeof(mon_cmds)/elem_size-1;
 4849:     qsort((void *)mon_cmds, array_num, elem_size, compare_mon_cmd);
 4850: 
 4851:     array_num = sizeof(info_cmds)/elem_size-1;
 4852:     qsort((void *)info_cmds, array_num, elem_size, compare_mon_cmd);
 4853: }
 4854: 
 4855: 
 4856: /*
 4857:  * Local variables:
 4858:  *  c-indent-level: 4
 4859:  *  c-basic-offset: 4
 4860:  *  tab-width: 8
 4861:  * End:
 4862:  */
 4863: 
 4864: void monitor_init(CharDriverState *chr, int flags)
 4865: {
 4866:     static int is_first_init = 1;
 4867:     Monitor *mon;
 4868: 
 4869:     if (is_first_init) {
 4870:         key_timer = qemu_new_timer_ns(vm_clock, release_keys, NULL);
 4871:         is_first_init = 0;
 4872:     }
 4873: 
 4874:     mon = g_malloc0(sizeof(*mon));
 4875: 
 4876:     mon->chr = chr;
 4877:     mon->flags = flags;
 4878:     if (flags & MONITOR_USE_READLINE) {
 4879:         mon->rs = readline_init(mon, monitor_find_completion);
 4880:         monitor_read_command(mon, 0);
 4881:     }
 4882: 
 4883:     if (monitor_ctrl_mode(mon)) {
 4884:         mon->mc = g_malloc0(sizeof(MonitorControl));
 4885:         /* Control mode requires special handlers */
 4886:         qemu_chr_add_handlers(chr, monitor_can_read, monitor_control_read,
 4887:                               monitor_control_event, mon);
 4888:         qemu_chr_fe_set_echo(chr, true);
 4889:     } else {
 4890:         qemu_chr_add_handlers(chr, monitor_can_read, monitor_read,
 4891:                               monitor_event, mon);
 4892:     }
 4893: 
 4894:     QLIST_INSERT_HEAD(&mon_list, mon, entry);
 4895:     if (!default_mon || (flags & MONITOR_IS_DEFAULT))
 4896:         default_mon = mon;
 4897: 
 4898:     sortcmdlist();
 4899: }
 4900: 
 4901: static void bdrv_password_cb(Monitor *mon, const char *password, void *opaque)
 4902: {
 4903:     BlockDriverState *bs = opaque;
 4904:     int ret = 0;
 4905: 
 4906:     if (bdrv_set_key(bs, password) != 0) {
 4907:         monitor_printf(mon, "invalid password\n");
 4908:         ret = -EPERM;
 4909:     }
 4910:     if (mon->password_completion_cb)
 4911:         mon->password_completion_cb(mon->password_opaque, ret);
 4912: 
 4913:     monitor_read_command(mon, 1);
 4914: }
 4915: 
 4916: int monitor_read_bdrv_key_start(Monitor *mon, BlockDriverState *bs,
 4917:                                 BlockDriverCompletionFunc *completion_cb,
 4918:                                 void *opaque)
 4919: {
 4920:     int err;
 4921: 
 4922:     if (!bdrv_key_required(bs)) {
 4923:         if (completion_cb)
 4924:             completion_cb(opaque, 0);
 4925:         return 0;
 4926:     }
 4927: 
 4928:     if (monitor_ctrl_mode(mon)) {
 4929:         qerror_report(QERR_DEVICE_ENCRYPTED, bdrv_get_device_name(bs));
 4930:         return -1;
 4931:     }
 4932: 
 4933:     monitor_printf(mon, "%s (%s) is encrypted.\n", bdrv_get_device_name(bs),
 4934:                    bdrv_get_encrypted_filename(bs));
 4935: 
 4936:     mon->password_completion_cb = completion_cb;
 4937:     mon->password_opaque = opaque;
 4938: 
 4939:     err = monitor_read_password(mon, bdrv_password_cb, bs);
 4940: 
 4941:     if (err && completion_cb)
 4942:         completion_cb(opaque, err);
 4943: 
 4944:     return err;
 4945: }

unix.superglobalmegacorp.com