4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace-root.h"
34 #ifdef CONFIG_USER_ONLY
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "sysemu/sysemu.h"
41 #include "exec/gdbstub.h"
42 #include "hw/cpu/cluster.h"
43 #include "hw/boards.h"
46 #define MAX_PACKET_LENGTH 4096
48 #include "qemu/sockets.h"
49 #include "sysemu/hw_accel.h"
50 #include "sysemu/kvm.h"
51 #include "hw/semihosting/semihost.h"
52 #include "exec/exec-all.h"
54 #ifdef CONFIG_USER_ONLY
55 #define GDB_ATTACHED "0"
57 #define GDB_ATTACHED "1"
60 #ifndef CONFIG_USER_ONLY
61 static int phy_memory_mode;
64 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
65 uint8_t *buf, int len, bool is_write)
69 #ifndef CONFIG_USER_ONLY
70 if (phy_memory_mode) {
72 cpu_physical_memory_write(addr, buf, len);
74 cpu_physical_memory_read(addr, buf, len);
80 cc = CPU_GET_CLASS(cpu);
81 if (cc->memory_rw_debug) {
82 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
84 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
87 /* Return the GDB index for a given vCPU state.
89 * For user mode this is simply the thread id. In system mode GDB
90 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
92 static inline int cpu_gdb_index(CPUState *cpu)
94 #if defined(CONFIG_USER_ONLY)
95 TaskState *ts = (TaskState *) cpu->opaque;
98 return cpu->cpu_index + 1;
108 GDB_SIGNAL_ALRM = 14,
110 GDB_SIGNAL_XCPU = 24,
111 GDB_SIGNAL_UNKNOWN = 143
114 #ifdef CONFIG_USER_ONLY
116 /* Map target signal numbers to GDB protocol signal numbers and vice
117 * versa. For user emulation's currently supported systems, we can
118 * assume most signals are defined.
121 static int gdb_signal_table[] = {
281 /* In system mode we only need SIGINT and SIGTRAP; other signals
282 are not yet supported. */
289 static int gdb_signal_table[] = {
299 #ifdef CONFIG_USER_ONLY
300 static int target_signal_to_gdb (int sig)
303 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
304 if (gdb_signal_table[i] == sig)
306 return GDB_SIGNAL_UNKNOWN;
310 static int gdb_signal_to_target (int sig)
312 if (sig < ARRAY_SIZE (gdb_signal_table))
313 return gdb_signal_table[sig];
318 typedef struct GDBRegisterState {
324 struct GDBRegisterState *next;
327 typedef struct GDBProcess {
331 char target_xml[1024];
343 typedef struct GDBState {
344 CPUState *c_cpu; /* current CPU for step/continue ops */
345 CPUState *g_cpu; /* current CPU for other ops */
346 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
347 enum RSState state; /* parsing state */
348 char line_buf[MAX_PACKET_LENGTH];
350 int line_sum; /* running checksum */
351 int line_csum; /* checksum at the end of the packet */
352 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
355 #ifdef CONFIG_USER_ONLY
363 GDBProcess *processes;
365 char syscall_buf[256];
366 gdb_syscall_complete_cb current_syscall_cb;
369 /* By default use no IRQs and no timers while single stepping so as to
370 * make single stepping like an ICE HW step.
372 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
374 static GDBState *gdbserver_state;
378 #ifdef CONFIG_USER_ONLY
379 /* XXX: This is not thread safe. Do we care? */
380 static int gdbserver_fd = -1;
382 static int get_char(GDBState *s)
388 ret = qemu_recv(s->fd, &ch, 1, 0);
390 if (errno == ECONNRESET)
394 } else if (ret == 0) {
412 /* Decide if either remote gdb syscalls or native file IO should be used. */
413 int use_gdb_syscalls(void)
415 SemihostingTarget target = semihosting_get_target();
416 if (target == SEMIHOSTING_TARGET_NATIVE) {
417 /* -semihosting-config target=native */
419 } else if (target == SEMIHOSTING_TARGET_GDB) {
420 /* -semihosting-config target=gdb */
424 /* -semihosting-config target=auto */
425 /* On the first call check if gdb is connected and remember. */
426 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
427 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
430 return gdb_syscall_mode == GDB_SYS_ENABLED;
433 /* Resume execution. */
434 static inline void gdb_continue(GDBState *s)
437 #ifdef CONFIG_USER_ONLY
438 s->running_state = 1;
439 trace_gdbstub_op_continue();
441 if (!runstate_needs_reset()) {
442 trace_gdbstub_op_continue();
449 * Resume execution, per CPU actions. For user-mode emulation it's
450 * equivalent to gdb_continue.
452 static int gdb_continue_partial(GDBState *s, char *newstates)
456 #ifdef CONFIG_USER_ONLY
458 * This is not exactly accurate, but it's an improvement compared to the
459 * previous situation, where only one CPU would be single-stepped.
462 if (newstates[cpu->cpu_index] == 's') {
463 trace_gdbstub_op_stepping(cpu->cpu_index);
464 cpu_single_step(cpu, sstep_flags);
467 s->running_state = 1;
471 if (!runstate_needs_reset()) {
472 if (vm_prepare_start()) {
477 switch (newstates[cpu->cpu_index]) {
480 break; /* nothing to do here */
482 trace_gdbstub_op_stepping(cpu->cpu_index);
483 cpu_single_step(cpu, sstep_flags);
488 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
499 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
505 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
507 #ifdef CONFIG_USER_ONLY
511 ret = send(s->fd, buf, len, 0);
521 /* XXX this blocks entire thread. Rewrite to use
522 * qemu_chr_fe_write and background I/O callbacks */
523 qemu_chr_fe_write_all(&s->chr, buf, len);
527 static inline int fromhex(int v)
529 if (v >= '0' && v <= '9')
531 else if (v >= 'A' && v <= 'F')
533 else if (v >= 'a' && v <= 'f')
539 static inline int tohex(int v)
547 /* writes 2*len+1 bytes in buf */
548 static void memtohex(char *buf, const uint8_t *mem, int len)
553 for(i = 0; i < len; i++) {
555 *q++ = tohex(c >> 4);
556 *q++ = tohex(c & 0xf);
561 static void hextomem(uint8_t *mem, const char *buf, int len)
565 for(i = 0; i < len; i++) {
566 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
571 static void hexdump(const char *buf, int len,
572 void (*trace_fn)(size_t ofs, char const *text))
574 char line_buffer[3 * 16 + 4 + 16 + 1];
577 for (i = 0; i < len || (i & 0xF); ++i) {
578 size_t byte_ofs = i & 15;
581 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
582 line_buffer[3 * 16 + 4 + 16] = 0;
585 size_t col_group = (i >> 2) & 3;
586 size_t hex_col = byte_ofs * 3 + col_group;
587 size_t txt_col = 3 * 16 + 4 + byte_ofs;
592 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
593 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
594 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
600 trace_fn(i & -16, line_buffer);
604 /* return -1 if error, 0 if OK */
605 static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
610 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
611 hexdump(buf, len, trace_gdbstub_io_binaryreply);
620 for(i = 0; i < len; i++) {
624 *(p++) = tohex((csum >> 4) & 0xf);
625 *(p++) = tohex((csum) & 0xf);
627 s->last_packet_len = p - s->last_packet;
628 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
630 #ifdef CONFIG_USER_ONLY
643 /* return -1 if error, 0 if OK */
644 static int put_packet(GDBState *s, const char *buf)
646 trace_gdbstub_io_reply(buf);
648 return put_packet_binary(s, buf, strlen(buf), false);
651 /* Encode data using the encoding for 'x' packets. */
652 static int memtox(char *buf, const char *mem, int len)
660 case '#': case '$': case '*': case '}':
672 static uint32_t gdb_get_cpu_pid(const GDBState *s, CPUState *cpu)
674 /* TODO: In user mode, we should use the task state PID */
675 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
676 /* Return the default process' PID */
677 return s->processes[s->process_num - 1].pid;
679 return cpu->cluster_index + 1;
682 static GDBProcess *gdb_get_process(const GDBState *s, uint32_t pid)
687 /* 0 means any process, we take the first one */
688 return &s->processes[0];
691 for (i = 0; i < s->process_num; i++) {
692 if (s->processes[i].pid == pid) {
693 return &s->processes[i];
700 static GDBProcess *gdb_get_cpu_process(const GDBState *s, CPUState *cpu)
702 return gdb_get_process(s, gdb_get_cpu_pid(s, cpu));
705 static CPUState *find_cpu(uint32_t thread_id)
710 if (cpu_gdb_index(cpu) == thread_id) {
718 static CPUState *get_first_cpu_in_process(const GDBState *s,
724 if (gdb_get_cpu_pid(s, cpu) == process->pid) {
732 static CPUState *gdb_next_cpu_in_process(const GDBState *s, CPUState *cpu)
734 uint32_t pid = gdb_get_cpu_pid(s, cpu);
738 if (gdb_get_cpu_pid(s, cpu) == pid) {
748 /* Return the cpu following @cpu, while ignoring unattached processes. */
749 static CPUState *gdb_next_attached_cpu(const GDBState *s, CPUState *cpu)
754 if (gdb_get_cpu_process(s, cpu)->attached) {
764 /* Return the first attached cpu */
765 static CPUState *gdb_first_attached_cpu(const GDBState *s)
767 CPUState *cpu = first_cpu;
768 GDBProcess *process = gdb_get_cpu_process(s, cpu);
770 if (!process->attached) {
771 return gdb_next_attached_cpu(s, cpu);
777 static CPUState *gdb_get_cpu(const GDBState *s, uint32_t pid, uint32_t tid)
783 /* 0 means any process/thread, we take the first attached one */
784 return gdb_first_attached_cpu(s);
785 } else if (pid && !tid) {
786 /* any thread in a specific process */
787 process = gdb_get_process(s, pid);
789 if (process == NULL) {
793 if (!process->attached) {
797 return get_first_cpu_in_process(s, process);
799 /* a specific thread */
806 process = gdb_get_cpu_process(s, cpu);
808 if (pid && process->pid != pid) {
812 if (!process->attached) {
820 static const char *get_feature_xml(const GDBState *s, const char *p,
821 const char **newp, GDBProcess *process)
826 CPUState *cpu = get_first_cpu_in_process(s, process);
827 CPUClass *cc = CPU_GET_CLASS(cpu);
830 while (p[len] && p[len] != ':')
835 if (strncmp(p, "target.xml", len) == 0) {
836 char *buf = process->target_xml;
837 const size_t buf_sz = sizeof(process->target_xml);
839 /* Generate the XML description for this CPU. */
844 "<?xml version=\"1.0\"?>"
845 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
847 if (cc->gdb_arch_name) {
848 gchar *arch = cc->gdb_arch_name(cpu);
849 pstrcat(buf, buf_sz, "<architecture>");
850 pstrcat(buf, buf_sz, arch);
851 pstrcat(buf, buf_sz, "</architecture>");
854 pstrcat(buf, buf_sz, "<xi:include href=\"");
855 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
856 pstrcat(buf, buf_sz, "\"/>");
857 for (r = cpu->gdb_regs; r; r = r->next) {
858 pstrcat(buf, buf_sz, "<xi:include href=\"");
859 pstrcat(buf, buf_sz, r->xml);
860 pstrcat(buf, buf_sz, "\"/>");
862 pstrcat(buf, buf_sz, "</target>");
866 if (cc->gdb_get_dynamic_xml) {
867 char *xmlname = g_strndup(p, len);
868 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
876 name = xml_builtin[i][0];
877 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
880 return name ? xml_builtin[i][1] : NULL;
883 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
885 CPUClass *cc = CPU_GET_CLASS(cpu);
886 CPUArchState *env = cpu->env_ptr;
889 if (reg < cc->gdb_num_core_regs) {
890 return cc->gdb_read_register(cpu, mem_buf, reg);
893 for (r = cpu->gdb_regs; r; r = r->next) {
894 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
895 return r->get_reg(env, mem_buf, reg - r->base_reg);
901 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
903 CPUClass *cc = CPU_GET_CLASS(cpu);
904 CPUArchState *env = cpu->env_ptr;
907 if (reg < cc->gdb_num_core_regs) {
908 return cc->gdb_write_register(cpu, mem_buf, reg);
911 for (r = cpu->gdb_regs; r; r = r->next) {
912 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
913 return r->set_reg(env, mem_buf, reg - r->base_reg);
919 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
920 specifies the first register number and these registers are included in
921 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
922 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
925 void gdb_register_coprocessor(CPUState *cpu,
926 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
927 int num_regs, const char *xml, int g_pos)
930 GDBRegisterState **p;
934 /* Check for duplicates. */
935 if (strcmp((*p)->xml, xml) == 0)
940 s = g_new0(GDBRegisterState, 1);
941 s->base_reg = cpu->gdb_num_regs;
942 s->num_regs = num_regs;
943 s->get_reg = get_reg;
944 s->set_reg = set_reg;
947 /* Add to end of list. */
948 cpu->gdb_num_regs += num_regs;
951 if (g_pos != s->base_reg) {
952 error_report("Error: Bad gdb register numbering for '%s', "
953 "expected %d got %d", xml, g_pos, s->base_reg);
955 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
960 #ifndef CONFIG_USER_ONLY
961 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
962 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
964 static const int xlat[] = {
965 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
966 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
967 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
970 CPUClass *cc = CPU_GET_CLASS(cpu);
971 int cputype = xlat[gdbtype];
973 if (cc->gdb_stop_before_watchpoint) {
974 cputype |= BP_STOP_BEFORE_ACCESS;
980 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
986 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
990 case GDB_BREAKPOINT_SW:
991 case GDB_BREAKPOINT_HW:
993 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
999 #ifndef CONFIG_USER_ONLY
1000 case GDB_WATCHPOINT_WRITE:
1001 case GDB_WATCHPOINT_READ:
1002 case GDB_WATCHPOINT_ACCESS:
1004 err = cpu_watchpoint_insert(cpu, addr, len,
1005 xlat_gdb_type(cpu, type), NULL);
1017 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1022 if (kvm_enabled()) {
1023 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1027 case GDB_BREAKPOINT_SW:
1028 case GDB_BREAKPOINT_HW:
1030 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1036 #ifndef CONFIG_USER_ONLY
1037 case GDB_WATCHPOINT_WRITE:
1038 case GDB_WATCHPOINT_READ:
1039 case GDB_WATCHPOINT_ACCESS:
1041 err = cpu_watchpoint_remove(cpu, addr, len,
1042 xlat_gdb_type(cpu, type));
1053 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1055 cpu_breakpoint_remove_all(cpu, BP_GDB);
1056 #ifndef CONFIG_USER_ONLY
1057 cpu_watchpoint_remove_all(cpu, BP_GDB);
1061 static void gdb_process_breakpoint_remove_all(const GDBState *s, GDBProcess *p)
1063 CPUState *cpu = get_first_cpu_in_process(s, p);
1066 gdb_cpu_breakpoint_remove_all(cpu);
1067 cpu = gdb_next_cpu_in_process(s, cpu);
1071 static void gdb_breakpoint_remove_all(void)
1075 if (kvm_enabled()) {
1076 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1081 gdb_cpu_breakpoint_remove_all(cpu);
1085 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1087 CPUState *cpu = s->c_cpu;
1089 cpu_synchronize_state(cpu);
1090 cpu_set_pc(cpu, pc);
1093 static char *gdb_fmt_thread_id(const GDBState *s, CPUState *cpu,
1094 char *buf, size_t buf_size)
1096 if (s->multiprocess) {
1097 snprintf(buf, buf_size, "p%02x.%02x",
1098 gdb_get_cpu_pid(s, cpu), cpu_gdb_index(cpu));
1100 snprintf(buf, buf_size, "%02x", cpu_gdb_index(cpu));
1106 typedef enum GDBThreadIdKind {
1108 GDB_ALL_THREADS, /* One process, all threads */
1113 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1114 uint32_t *pid, uint32_t *tid)
1121 ret = qemu_strtoul(buf, &buf, 16, &p);
1124 return GDB_READ_THREAD_ERR;
1133 ret = qemu_strtoul(buf, &buf, 16, &t);
1136 return GDB_READ_THREAD_ERR;
1142 return GDB_ALL_PROCESSES;
1150 return GDB_ALL_THREADS;
1157 return GDB_ONE_THREAD;
1161 * gdb_handle_vcont - Parses and handles a vCont packet.
1162 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1163 * a format error, 0 on success.
1165 static int gdb_handle_vcont(GDBState *s, const char *p)
1167 int res, signal = 0;
1172 GDBProcess *process;
1174 GDBThreadIdKind kind;
1175 #ifdef CONFIG_USER_ONLY
1176 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1179 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1182 MachineState *ms = MACHINE(qdev_get_machine());
1183 unsigned int max_cpus = ms->smp.max_cpus;
1185 /* uninitialised CPUs stay 0 */
1186 newstates = g_new0(char, max_cpus);
1188 /* mark valid CPUs with 1 */
1190 newstates[cpu->cpu_index] = 1;
1194 * res keeps track of what error we are returning, with -ENOTSUP meaning
1195 * that the command is unknown or unsupported, thus returning an empty
1196 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1197 * or incorrect parameters passed.
1207 if (cur_action == 'C' || cur_action == 'S') {
1208 cur_action = qemu_tolower(cur_action);
1209 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1213 signal = gdb_signal_to_target(tmp);
1214 } else if (cur_action != 'c' && cur_action != 's') {
1215 /* unknown/invalid/unsupported command */
1220 if (*p == '\0' || *p == ';') {
1222 * No thread specifier, action is on "all threads". The
1223 * specification is unclear regarding the process to act on. We
1224 * choose all processes.
1226 kind = GDB_ALL_PROCESSES;
1227 } else if (*p++ == ':') {
1228 kind = read_thread_id(p, &p, &pid, &tid);
1235 case GDB_READ_THREAD_ERR:
1239 case GDB_ALL_PROCESSES:
1240 cpu = gdb_first_attached_cpu(s);
1242 if (newstates[cpu->cpu_index] == 1) {
1243 newstates[cpu->cpu_index] = cur_action;
1246 cpu = gdb_next_attached_cpu(s, cpu);
1250 case GDB_ALL_THREADS:
1251 process = gdb_get_process(s, pid);
1253 if (!process->attached) {
1258 cpu = get_first_cpu_in_process(s, process);
1260 if (newstates[cpu->cpu_index] == 1) {
1261 newstates[cpu->cpu_index] = cur_action;
1264 cpu = gdb_next_cpu_in_process(s, cpu);
1268 case GDB_ONE_THREAD:
1269 cpu = gdb_get_cpu(s, pid, tid);
1271 /* invalid CPU/thread specified */
1277 /* only use if no previous match occourred */
1278 if (newstates[cpu->cpu_index] == 1) {
1279 newstates[cpu->cpu_index] = cur_action;
1285 gdb_continue_partial(s, newstates);
1293 typedef union GdbCmdVariant {
1296 unsigned long val_ul;
1297 unsigned long long val_ull;
1299 GDBThreadIdKind kind;
1305 static const char *cmd_next_param(const char *param, const char delimiter)
1307 static const char all_delimiters[] = ",;:=";
1308 char curr_delimiters[2] = {0};
1309 const char *delimiters;
1311 if (delimiter == '?') {
1312 delimiters = all_delimiters;
1313 } else if (delimiter == '0') {
1314 return strchr(param, '\0');
1315 } else if (delimiter == '.' && *param) {
1318 curr_delimiters[0] = delimiter;
1319 delimiters = curr_delimiters;
1322 param += strcspn(param, delimiters);
1329 static int cmd_parse_params(const char *data, const char *schema,
1330 GdbCmdVariant *params, int *num_params)
1333 const char *curr_schema, *curr_data;
1341 curr_schema = schema;
1344 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1345 switch (curr_schema[0]) {
1347 if (qemu_strtoul(curr_data, &curr_data, 16,
1348 ¶ms[curr_param].val_ul)) {
1352 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1355 if (qemu_strtou64(curr_data, &curr_data, 16,
1356 (uint64_t *)¶ms[curr_param].val_ull)) {
1360 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1363 params[curr_param].data = curr_data;
1365 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1368 params[curr_param].opcode = *(uint8_t *)curr_data;
1370 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1373 params[curr_param].thread_id.kind =
1374 read_thread_id(curr_data, &curr_data,
1375 ¶ms[curr_param].thread_id.pid,
1376 ¶ms[curr_param].thread_id.tid);
1378 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1381 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1389 *num_params = curr_param;
1393 typedef struct GdbCmdContext {
1395 GdbCmdVariant *params;
1397 uint8_t mem_buf[MAX_PACKET_LENGTH];
1398 char str_buf[MAX_PACKET_LENGTH + 1];
1401 typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
1404 * cmd_startswith -> cmd is compared using startswith
1407 * schema definitions:
1408 * Each schema parameter entry consists of 2 chars,
1409 * the first char represents the parameter type handling
1410 * the second char represents the delimiter for the next parameter
1412 * Currently supported schema types:
1413 * 'l' -> unsigned long (stored in .val_ul)
1414 * 'L' -> unsigned long long (stored in .val_ull)
1415 * 's' -> string (stored in .data)
1416 * 'o' -> single char (stored in .opcode)
1417 * 't' -> thread id (stored in .thread_id)
1418 * '?' -> skip according to delimiter
1420 * Currently supported delimiters:
1421 * '?' -> Stop at any delimiter (",;:=\0")
1422 * '0' -> Stop at "\0"
1423 * '.' -> Skip 1 char unless reached "\0"
1424 * Any other value is treated as the delimiter value itself
1426 typedef struct GdbCmdParseEntry {
1427 GdbCmdHandler handler;
1429 bool cmd_startswith;
1433 static inline int startswith(const char *string, const char *pattern)
1435 return !strncmp(string, pattern, strlen(pattern));
1438 static int process_string_cmd(GDBState *s, void *user_ctx, const char *data,
1439 const GdbCmdParseEntry *cmds, int num_cmds)
1441 int i, schema_len, max_num_params = 0;
1442 GdbCmdContext gdb_ctx;
1448 for (i = 0; i < num_cmds; i++) {
1449 const GdbCmdParseEntry *cmd = &cmds[i];
1450 g_assert(cmd->handler && cmd->cmd);
1452 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1453 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1458 schema_len = strlen(cmd->schema);
1459 if (schema_len % 2) {
1463 max_num_params = schema_len / 2;
1467 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params);
1468 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params);
1470 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema,
1471 gdb_ctx.params, &gdb_ctx.num_params)) {
1476 cmd->handler(&gdb_ctx, user_ctx);
1483 static void run_cmd_parser(GDBState *s, const char *data,
1484 const GdbCmdParseEntry *cmd)
1490 /* In case there was an error during the command parsing we must
1491 * send a NULL packet to indicate the command is not supported */
1492 if (process_string_cmd(s, NULL, data, cmd, 1)) {
1497 static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
1499 GDBProcess *process;
1500 GDBState *s = gdb_ctx->s;
1503 if (s->multiprocess) {
1504 if (!gdb_ctx->num_params) {
1505 put_packet(s, "E22");
1509 pid = gdb_ctx->params[0].val_ul;
1512 process = gdb_get_process(s, pid);
1513 gdb_process_breakpoint_remove_all(s, process);
1514 process->attached = false;
1516 if (pid == gdb_get_cpu_pid(s, s->c_cpu)) {
1517 s->c_cpu = gdb_first_attached_cpu(s);
1520 if (pid == gdb_get_cpu_pid(s, s->g_cpu)) {
1521 s->g_cpu = gdb_first_attached_cpu(s);
1525 /* No more process attached */
1526 gdb_syscall_mode = GDB_SYS_DISABLED;
1529 put_packet(s, "OK");
1532 static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
1536 if (!gdb_ctx->num_params) {
1537 put_packet(gdb_ctx->s, "E22");
1541 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
1542 put_packet(gdb_ctx->s, "E22");
1546 cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[0].thread_id.pid,
1547 gdb_ctx->params[0].thread_id.tid);
1549 put_packet(gdb_ctx->s, "E22");
1553 put_packet(gdb_ctx->s, "OK");
1556 static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
1558 if (gdb_ctx->num_params) {
1559 gdb_set_cpu_pc(gdb_ctx->s, gdb_ctx->params[0].val_ull);
1562 gdb_ctx->s->signal = 0;
1563 gdb_continue(gdb_ctx->s);
1566 static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
1568 unsigned long signal = 0;
1571 * Note: C sig;[addr] is currently unsupported and we simply
1572 * omit the addr parameter
1574 if (gdb_ctx->num_params) {
1575 signal = gdb_ctx->params[0].val_ul;
1578 gdb_ctx->s->signal = gdb_signal_to_target(signal);
1579 if (gdb_ctx->s->signal == -1) {
1580 gdb_ctx->s->signal = 0;
1582 gdb_continue(gdb_ctx->s);
1585 static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
1589 if (gdb_ctx->num_params != 2) {
1590 put_packet(gdb_ctx->s, "E22");
1594 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
1595 put_packet(gdb_ctx->s, "E22");
1599 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
1600 put_packet(gdb_ctx->s, "OK");
1604 cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[1].thread_id.pid,
1605 gdb_ctx->params[1].thread_id.tid);
1607 put_packet(gdb_ctx->s, "E22");
1612 * Note: This command is deprecated and modern gdb's will be using the
1613 * vCont command instead.
1615 switch (gdb_ctx->params[0].opcode) {
1617 gdb_ctx->s->c_cpu = cpu;
1618 put_packet(gdb_ctx->s, "OK");
1621 gdb_ctx->s->g_cpu = cpu;
1622 put_packet(gdb_ctx->s, "OK");
1625 put_packet(gdb_ctx->s, "E22");
1630 static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1634 if (gdb_ctx->num_params != 3) {
1635 put_packet(gdb_ctx->s, "E22");
1639 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul,
1640 gdb_ctx->params[1].val_ull,
1641 gdb_ctx->params[2].val_ull);
1643 put_packet(gdb_ctx->s, "OK");
1645 } else if (res == -ENOSYS) {
1646 put_packet(gdb_ctx->s, "");
1650 put_packet(gdb_ctx->s, "E22");
1653 static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1657 if (gdb_ctx->num_params != 3) {
1658 put_packet(gdb_ctx->s, "E22");
1662 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul,
1663 gdb_ctx->params[1].val_ull,
1664 gdb_ctx->params[2].val_ull);
1666 put_packet(gdb_ctx->s, "OK");
1668 } else if (res == -ENOSYS) {
1669 put_packet(gdb_ctx->s, "");
1673 put_packet(gdb_ctx->s, "E22");
1677 * handle_set/get_reg
1679 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1680 * This works, but can be very slow. Anything new enough to understand
1681 * XML also knows how to use this properly. However to use this we
1682 * need to define a local XML file as well as be talking to a
1683 * reasonably modern gdb. Responding with an empty packet will cause
1684 * the remote gdb to fallback to older methods.
1687 static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1692 put_packet(gdb_ctx->s, "");
1696 if (gdb_ctx->num_params != 2) {
1697 put_packet(gdb_ctx->s, "E22");
1701 reg_size = strlen(gdb_ctx->params[1].data) / 2;
1702 hextomem(gdb_ctx->mem_buf, gdb_ctx->params[1].data, reg_size);
1703 gdb_write_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf,
1704 gdb_ctx->params[0].val_ull);
1705 put_packet(gdb_ctx->s, "OK");
1708 static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1713 put_packet(gdb_ctx->s, "");
1717 if (!gdb_ctx->num_params) {
1718 put_packet(gdb_ctx->s, "E14");
1722 reg_size = gdb_read_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf,
1723 gdb_ctx->params[0].val_ull);
1725 put_packet(gdb_ctx->s, "E14");
1729 memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, reg_size);
1730 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1733 static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1735 if (gdb_ctx->num_params != 3) {
1736 put_packet(gdb_ctx->s, "E22");
1740 /* hextomem() reads 2*len bytes */
1741 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
1742 put_packet(gdb_ctx->s, "E22");
1746 hextomem(gdb_ctx->mem_buf, gdb_ctx->params[2].data,
1747 gdb_ctx->params[1].val_ull);
1748 if (target_memory_rw_debug(gdb_ctx->s->g_cpu, gdb_ctx->params[0].val_ull,
1750 gdb_ctx->params[1].val_ull, true)) {
1751 put_packet(gdb_ctx->s, "E14");
1755 put_packet(gdb_ctx->s, "OK");
1758 static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1760 if (gdb_ctx->num_params != 2) {
1761 put_packet(gdb_ctx->s, "E22");
1765 /* memtohex() doubles the required space */
1766 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
1767 put_packet(gdb_ctx->s, "E22");
1771 if (target_memory_rw_debug(gdb_ctx->s->g_cpu, gdb_ctx->params[0].val_ull,
1773 gdb_ctx->params[1].val_ull, false)) {
1774 put_packet(gdb_ctx->s, "E14");
1778 memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, gdb_ctx->params[1].val_ull);
1779 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1782 static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1784 target_ulong addr, len;
1788 if (!gdb_ctx->num_params) {
1792 cpu_synchronize_state(gdb_ctx->s->g_cpu);
1793 registers = gdb_ctx->mem_buf;
1794 len = strlen(gdb_ctx->params[0].data) / 2;
1795 hextomem(registers, gdb_ctx->params[0].data, len);
1796 for (addr = 0; addr < gdb_ctx->s->g_cpu->gdb_num_g_regs && len > 0;
1798 reg_size = gdb_write_register(gdb_ctx->s->g_cpu, registers, addr);
1800 registers += reg_size;
1802 put_packet(gdb_ctx->s, "OK");
1805 static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1807 target_ulong addr, len;
1809 cpu_synchronize_state(gdb_ctx->s->g_cpu);
1811 for (addr = 0; addr < gdb_ctx->s->g_cpu->gdb_num_g_regs; addr++) {
1812 len += gdb_read_register(gdb_ctx->s->g_cpu, gdb_ctx->mem_buf + len,
1816 memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, len);
1817 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1820 static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
1822 if (gdb_ctx->num_params >= 2 && gdb_ctx->s->current_syscall_cb) {
1823 target_ulong ret, err;
1825 ret = (target_ulong)gdb_ctx->params[0].val_ull;
1826 err = (target_ulong)gdb_ctx->params[1].val_ull;
1827 gdb_ctx->s->current_syscall_cb(gdb_ctx->s->c_cpu, ret, err);
1828 gdb_ctx->s->current_syscall_cb = NULL;
1831 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') {
1832 put_packet(gdb_ctx->s, "T02");
1836 gdb_continue(gdb_ctx->s);
1839 static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
1841 if (gdb_ctx->num_params) {
1842 gdb_set_cpu_pc(gdb_ctx->s, (target_ulong)gdb_ctx->params[0].val_ull);
1845 cpu_single_step(gdb_ctx->s->c_cpu, sstep_flags);
1846 gdb_continue(gdb_ctx->s);
1849 static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
1851 put_packet(gdb_ctx->s, "vCont;c;C;s;S");
1854 static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
1858 if (!gdb_ctx->num_params) {
1862 res = gdb_handle_vcont(gdb_ctx->s, gdb_ctx->params[0].data);
1863 if ((res == -EINVAL) || (res == -ERANGE)) {
1864 put_packet(gdb_ctx->s, "E22");
1866 put_packet(gdb_ctx->s, "");
1870 static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
1872 GDBProcess *process;
1876 pstrcpy(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "E22");
1877 if (!gdb_ctx->num_params) {
1881 process = gdb_get_process(gdb_ctx->s, gdb_ctx->params[0].val_ul);
1886 cpu = get_first_cpu_in_process(gdb_ctx->s, process);
1891 process->attached = true;
1892 gdb_ctx->s->g_cpu = cpu;
1893 gdb_ctx->s->c_cpu = cpu;
1895 gdb_fmt_thread_id(gdb_ctx->s, cpu, thread_id, sizeof(thread_id));
1896 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "T%02xthread:%s;",
1897 GDB_SIGNAL_TRAP, thread_id);
1899 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1902 static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
1904 /* Kill the target */
1905 put_packet(gdb_ctx->s, "OK");
1906 error_report("QEMU: Terminated via GDBstub");
1910 static GdbCmdParseEntry gdb_v_commands_table[] = {
1911 /* Order is important if has same prefix */
1913 .handler = handle_v_cont_query,
1918 .handler = handle_v_cont,
1920 .cmd_startswith = 1,
1924 .handler = handle_v_attach,
1926 .cmd_startswith = 1,
1930 .handler = handle_v_kill,
1936 static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
1938 if (!gdb_ctx->num_params) {
1942 if (process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
1943 gdb_v_commands_table,
1944 ARRAY_SIZE(gdb_v_commands_table))) {
1945 put_packet(gdb_ctx->s, "");
1949 static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
1951 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf),
1952 "ENABLE=%x,NOIRQ=%x,NOTIMER=%x", SSTEP_ENABLE,
1953 SSTEP_NOIRQ, SSTEP_NOTIMER);
1954 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1957 static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
1959 if (!gdb_ctx->num_params) {
1963 sstep_flags = gdb_ctx->params[0].val_ul;
1964 put_packet(gdb_ctx->s, "OK");
1967 static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
1969 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "0x%x", sstep_flags);
1970 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1973 static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
1976 GDBProcess *process;
1980 * "Current thread" remains vague in the spec, so always return
1981 * the first thread of the current process (gdb returns the
1984 process = gdb_get_cpu_process(gdb_ctx->s, gdb_ctx->s->g_cpu);
1985 cpu = get_first_cpu_in_process(gdb_ctx->s, process);
1986 gdb_fmt_thread_id(gdb_ctx->s, cpu, thread_id, sizeof(thread_id));
1987 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "QC%s", thread_id);
1988 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
1991 static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
1995 if (!gdb_ctx->s->query_cpu) {
1996 put_packet(gdb_ctx->s, "l");
2000 gdb_fmt_thread_id(gdb_ctx->s, gdb_ctx->s->query_cpu, thread_id,
2002 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "m%s", thread_id);
2003 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2004 gdb_ctx->s->query_cpu =
2005 gdb_next_attached_cpu(gdb_ctx->s, gdb_ctx->s->query_cpu);
2008 static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2010 gdb_ctx->s->query_cpu = gdb_first_attached_cpu(gdb_ctx->s);
2011 handle_query_threads(gdb_ctx, user_ctx);
2014 static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
2019 if (!gdb_ctx->num_params ||
2020 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
2021 put_packet(gdb_ctx->s, "E22");
2025 cpu = gdb_get_cpu(gdb_ctx->s, gdb_ctx->params[0].thread_id.pid,
2026 gdb_ctx->params[0].thread_id.tid);
2031 cpu_synchronize_state(cpu);
2033 if (gdb_ctx->s->multiprocess && (gdb_ctx->s->process_num > 1)) {
2034 /* Print the CPU model and name in multiprocess mode */
2035 ObjectClass *oc = object_get_class(OBJECT(cpu));
2036 const char *cpu_model = object_class_get_name(oc);
2037 char *cpu_name = object_get_canonical_path_component(OBJECT(cpu));
2038 len = snprintf((char *)gdb_ctx->mem_buf, sizeof(gdb_ctx->str_buf) / 2,
2039 "%s %s [%s]", cpu_model, cpu_name,
2040 cpu->halted ? "halted " : "running");
2043 /* memtohex() doubles the required space */
2044 len = snprintf((char *)gdb_ctx->mem_buf, sizeof(gdb_ctx->str_buf) / 2,
2045 "CPU#%d [%s]", cpu->cpu_index,
2046 cpu->halted ? "halted " : "running");
2048 trace_gdbstub_op_extra_info((char *)gdb_ctx->mem_buf);
2049 memtohex(gdb_ctx->str_buf, gdb_ctx->mem_buf, len);
2050 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2053 #ifdef CONFIG_USER_ONLY
2054 static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
2058 ts = gdb_ctx->s->c_cpu->opaque;
2059 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf),
2060 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
2061 ";Bss=" TARGET_ABI_FMT_lx,
2062 ts->info->code_offset,
2063 ts->info->data_offset,
2064 ts->info->data_offset);
2065 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2068 static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
2072 if (!gdb_ctx->num_params) {
2073 put_packet(gdb_ctx->s, "E22");
2077 len = strlen(gdb_ctx->params[0].data);
2079 put_packet(gdb_ctx->s, "E01");
2084 hextomem(gdb_ctx->mem_buf, gdb_ctx->params[0].data, len);
2085 gdb_ctx->mem_buf[len++] = 0;
2086 qemu_chr_be_write(gdb_ctx->s->mon_chr, gdb_ctx->mem_buf, len);
2087 put_packet(gdb_ctx->s, "OK");
2092 static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2096 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "PacketSize=%x",
2098 cc = CPU_GET_CLASS(first_cpu);
2099 if (cc->gdb_core_xml_file) {
2100 pstrcat(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf),
2101 ";qXfer:features:read+");
2104 if (gdb_ctx->num_params &&
2105 strstr(gdb_ctx->params[0].data, "multiprocess+")) {
2106 gdb_ctx->s->multiprocess = true;
2109 pstrcat(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), ";multiprocess+");
2110 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2113 static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx)
2115 GDBProcess *process;
2117 unsigned long len, total_len, addr;
2121 if (gdb_ctx->num_params < 3) {
2122 put_packet(gdb_ctx->s, "E22");
2126 process = gdb_get_cpu_process(gdb_ctx->s, gdb_ctx->s->g_cpu);
2127 cc = CPU_GET_CLASS(gdb_ctx->s->g_cpu);
2128 if (!cc->gdb_core_xml_file) {
2129 put_packet(gdb_ctx->s, "");
2134 p = gdb_ctx->params[0].data;
2135 xml = get_feature_xml(gdb_ctx->s, p, &p, process);
2137 put_packet(gdb_ctx->s, "E00");
2141 addr = gdb_ctx->params[1].val_ul;
2142 len = gdb_ctx->params[2].val_ul;
2143 total_len = strlen(xml);
2144 if (addr > total_len) {
2145 put_packet(gdb_ctx->s, "E00");
2149 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2150 len = (MAX_PACKET_LENGTH - 5) / 2;
2153 if (len < total_len - addr) {
2154 gdb_ctx->str_buf[0] = 'm';
2155 len = memtox(gdb_ctx->str_buf + 1, xml + addr, len);
2157 gdb_ctx->str_buf[0] = 'l';
2158 len = memtox(gdb_ctx->str_buf + 1, xml + addr, total_len - addr);
2161 put_packet_binary(gdb_ctx->s, gdb_ctx->str_buf, len + 1, true);
2164 static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx)
2166 put_packet(gdb_ctx->s, GDB_ATTACHED);
2169 static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2171 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "sstepbits;sstep");
2172 #ifndef CONFIG_USER_ONLY
2173 pstrcat(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), ";PhyMemMode");
2175 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2178 #ifndef CONFIG_USER_ONLY
2179 static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx,
2182 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "%d", phy_memory_mode);
2183 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2186 static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx)
2188 if (!gdb_ctx->num_params) {
2189 put_packet(gdb_ctx->s, "E22");
2193 if (!gdb_ctx->params[0].val_ul) {
2194 phy_memory_mode = 0;
2196 phy_memory_mode = 1;
2198 put_packet(gdb_ctx->s, "OK");
2202 static GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2203 /* Order is important if has same prefix */
2205 .handler = handle_query_qemu_sstepbits,
2206 .cmd = "qemu.sstepbits",
2209 .handler = handle_query_qemu_sstep,
2210 .cmd = "qemu.sstep",
2213 .handler = handle_set_qemu_sstep,
2214 .cmd = "qemu.sstep=",
2215 .cmd_startswith = 1,
2220 static GdbCmdParseEntry gdb_gen_query_table[] = {
2222 .handler = handle_query_curr_tid,
2226 .handler = handle_query_threads,
2227 .cmd = "sThreadInfo",
2230 .handler = handle_query_first_threads,
2231 .cmd = "fThreadInfo",
2234 .handler = handle_query_thread_extra,
2235 .cmd = "ThreadExtraInfo,",
2236 .cmd_startswith = 1,
2239 #ifdef CONFIG_USER_ONLY
2241 .handler = handle_query_offsets,
2246 .handler = handle_query_rcmd,
2248 .cmd_startswith = 1,
2253 .handler = handle_query_supported,
2254 .cmd = "Supported:",
2255 .cmd_startswith = 1,
2259 .handler = handle_query_supported,
2264 .handler = handle_query_xfer_features,
2265 .cmd = "Xfer:features:read:",
2266 .cmd_startswith = 1,
2270 .handler = handle_query_attached,
2275 .handler = handle_query_attached,
2279 .handler = handle_query_qemu_supported,
2280 .cmd = "qemu.Supported",
2282 #ifndef CONFIG_USER_ONLY
2284 .handler = handle_query_qemu_phy_mem_mode,
2285 .cmd = "qemu.PhyMemMode",
2290 static GdbCmdParseEntry gdb_gen_set_table[] = {
2291 /* Order is important if has same prefix */
2293 .handler = handle_set_qemu_sstep,
2294 .cmd = "qemu.sstep:",
2295 .cmd_startswith = 1,
2298 #ifndef CONFIG_USER_ONLY
2300 .handler = handle_set_qemu_phy_mem_mode,
2301 .cmd = "qemu.PhyMemMode:",
2302 .cmd_startswith = 1,
2308 static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx)
2310 if (!gdb_ctx->num_params) {
2314 if (!process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
2315 gdb_gen_query_set_common_table,
2316 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2320 if (process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
2321 gdb_gen_query_table,
2322 ARRAY_SIZE(gdb_gen_query_table))) {
2323 put_packet(gdb_ctx->s, "");
2327 static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
2329 if (!gdb_ctx->num_params) {
2333 if (!process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
2334 gdb_gen_query_set_common_table,
2335 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2339 if (process_string_cmd(gdb_ctx->s, NULL, gdb_ctx->params[0].data,
2341 ARRAY_SIZE(gdb_gen_set_table))) {
2342 put_packet(gdb_ctx->s, "");
2346 static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
2350 gdb_fmt_thread_id(gdb_ctx->s, gdb_ctx->s->c_cpu, thread_id,
2352 snprintf(gdb_ctx->str_buf, sizeof(gdb_ctx->str_buf), "T%02xthread:%s;",
2353 GDB_SIGNAL_TRAP, thread_id);
2354 put_packet(gdb_ctx->s, gdb_ctx->str_buf);
2356 * Remove all the breakpoints when this query is issued,
2357 * because gdb is doing an initial connect and the state
2358 * should be cleaned up.
2360 gdb_breakpoint_remove_all();
2363 static int gdb_handle_packet(GDBState *s, const char *line_buf)
2365 const GdbCmdParseEntry *cmd_parser = NULL;
2367 trace_gdbstub_io_command(line_buf);
2369 switch (line_buf[0]) {
2371 put_packet(s, "OK");
2375 static const GdbCmdParseEntry target_halted_cmd_desc = {
2376 .handler = handle_target_halt,
2380 cmd_parser = &target_halted_cmd_desc;
2385 static const GdbCmdParseEntry continue_cmd_desc = {
2386 .handler = handle_continue,
2388 .cmd_startswith = 1,
2391 cmd_parser = &continue_cmd_desc;
2396 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2397 .handler = handle_cont_with_sig,
2399 .cmd_startswith = 1,
2402 cmd_parser = &cont_with_sig_cmd_desc;
2407 static const GdbCmdParseEntry v_cmd_desc = {
2408 .handler = handle_v_commands,
2410 .cmd_startswith = 1,
2413 cmd_parser = &v_cmd_desc;
2417 /* Kill the target */
2418 error_report("QEMU: Terminated via GDBstub");
2422 static const GdbCmdParseEntry detach_cmd_desc = {
2423 .handler = handle_detach,
2425 .cmd_startswith = 1,
2428 cmd_parser = &detach_cmd_desc;
2433 static const GdbCmdParseEntry step_cmd_desc = {
2434 .handler = handle_step,
2436 .cmd_startswith = 1,
2439 cmd_parser = &step_cmd_desc;
2444 static const GdbCmdParseEntry file_io_cmd_desc = {
2445 .handler = handle_file_io,
2447 .cmd_startswith = 1,
2450 cmd_parser = &file_io_cmd_desc;
2455 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2456 .handler = handle_read_all_regs,
2460 cmd_parser = &read_all_regs_cmd_desc;
2465 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2466 .handler = handle_write_all_regs,
2468 .cmd_startswith = 1,
2471 cmd_parser = &write_all_regs_cmd_desc;
2476 static const GdbCmdParseEntry read_mem_cmd_desc = {
2477 .handler = handle_read_mem,
2479 .cmd_startswith = 1,
2482 cmd_parser = &read_mem_cmd_desc;
2487 static const GdbCmdParseEntry write_mem_cmd_desc = {
2488 .handler = handle_write_mem,
2490 .cmd_startswith = 1,
2493 cmd_parser = &write_mem_cmd_desc;
2498 static const GdbCmdParseEntry get_reg_cmd_desc = {
2499 .handler = handle_get_reg,
2501 .cmd_startswith = 1,
2504 cmd_parser = &get_reg_cmd_desc;
2509 static const GdbCmdParseEntry set_reg_cmd_desc = {
2510 .handler = handle_set_reg,
2512 .cmd_startswith = 1,
2515 cmd_parser = &set_reg_cmd_desc;
2520 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2521 .handler = handle_insert_bp,
2523 .cmd_startswith = 1,
2526 cmd_parser = &insert_bp_cmd_desc;
2531 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2532 .handler = handle_remove_bp,
2534 .cmd_startswith = 1,
2537 cmd_parser = &remove_bp_cmd_desc;
2542 static const GdbCmdParseEntry set_thread_cmd_desc = {
2543 .handler = handle_set_thread,
2545 .cmd_startswith = 1,
2548 cmd_parser = &set_thread_cmd_desc;
2553 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2554 .handler = handle_thread_alive,
2556 .cmd_startswith = 1,
2559 cmd_parser = &thread_alive_cmd_desc;
2564 static const GdbCmdParseEntry gen_query_cmd_desc = {
2565 .handler = handle_gen_query,
2567 .cmd_startswith = 1,
2570 cmd_parser = &gen_query_cmd_desc;
2575 static const GdbCmdParseEntry gen_set_cmd_desc = {
2576 .handler = handle_gen_set,
2578 .cmd_startswith = 1,
2581 cmd_parser = &gen_set_cmd_desc;
2585 /* put empty packet */
2590 run_cmd_parser(s, line_buf, cmd_parser);
2595 void gdb_set_stop_cpu(CPUState *cpu)
2597 GDBProcess *p = gdb_get_cpu_process(gdbserver_state, cpu);
2601 * Having a stop CPU corresponding to a process that is not attached
2602 * confuses GDB. So we ignore the request.
2607 gdbserver_state->c_cpu = cpu;
2608 gdbserver_state->g_cpu = cpu;
2611 #ifndef CONFIG_USER_ONLY
2612 static void gdb_vm_state_change(void *opaque, int running, RunState state)
2614 GDBState *s = gdbserver_state;
2615 CPUState *cpu = s->c_cpu;
2621 if (running || s->state == RS_INACTIVE) {
2624 /* Is there a GDB syscall waiting to be sent? */
2625 if (s->current_syscall_cb) {
2626 put_packet(s, s->syscall_buf);
2631 /* No process attached */
2635 gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id));
2638 case RUN_STATE_DEBUG:
2639 if (cpu->watchpoint_hit) {
2640 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2651 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2652 (target_ulong)cpu->watchpoint_hit->vaddr);
2653 snprintf(buf, sizeof(buf),
2654 "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2655 GDB_SIGNAL_TRAP, thread_id, type,
2656 (target_ulong)cpu->watchpoint_hit->vaddr);
2657 cpu->watchpoint_hit = NULL;
2660 trace_gdbstub_hit_break();
2663 ret = GDB_SIGNAL_TRAP;
2665 case RUN_STATE_PAUSED:
2666 trace_gdbstub_hit_paused();
2667 ret = GDB_SIGNAL_INT;
2669 case RUN_STATE_SHUTDOWN:
2670 trace_gdbstub_hit_shutdown();
2671 ret = GDB_SIGNAL_QUIT;
2673 case RUN_STATE_IO_ERROR:
2674 trace_gdbstub_hit_io_error();
2675 ret = GDB_SIGNAL_IO;
2677 case RUN_STATE_WATCHDOG:
2678 trace_gdbstub_hit_watchdog();
2679 ret = GDB_SIGNAL_ALRM;
2681 case RUN_STATE_INTERNAL_ERROR:
2682 trace_gdbstub_hit_internal_error();
2683 ret = GDB_SIGNAL_ABRT;
2685 case RUN_STATE_SAVE_VM:
2686 case RUN_STATE_RESTORE_VM:
2688 case RUN_STATE_FINISH_MIGRATE:
2689 ret = GDB_SIGNAL_XCPU;
2692 trace_gdbstub_hit_unknown(state);
2693 ret = GDB_SIGNAL_UNKNOWN;
2696 gdb_set_stop_cpu(cpu);
2697 snprintf(buf, sizeof(buf), "T%02xthread:%s;", ret, thread_id);
2702 /* disable single step if it was enabled */
2703 cpu_single_step(cpu, 0);
2707 /* Send a gdb syscall request.
2708 This accepts limited printf-style format specifiers, specifically:
2709 %x - target_ulong argument printed in hex.
2710 %lx - 64-bit argument printed in hex.
2711 %s - string pointer (target_ulong) and length (int) pair. */
2712 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2720 s = gdbserver_state;
2723 s->current_syscall_cb = cb;
2724 #ifndef CONFIG_USER_ONLY
2725 vm_stop(RUN_STATE_DEBUG);
2728 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
2735 addr = va_arg(va, target_ulong);
2736 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2739 if (*(fmt++) != 'x')
2741 i64 = va_arg(va, uint64_t);
2742 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2745 addr = va_arg(va, target_ulong);
2746 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2747 addr, va_arg(va, int));
2751 error_report("gdbstub: Bad syscall format string '%s'",
2760 #ifdef CONFIG_USER_ONLY
2761 put_packet(s, s->syscall_buf);
2762 /* Return control to gdb for it to process the syscall request.
2763 * Since the protocol requires that gdb hands control back to us
2764 * using a "here are the results" F packet, we don't need to check
2765 * gdb_handlesig's return value (which is the signal to deliver if
2766 * execution was resumed via a continue packet).
2768 gdb_handlesig(s->c_cpu, 0);
2770 /* In this case wait to send the syscall packet until notification that
2771 the CPU has stopped. This must be done because if the packet is sent
2772 now the reply from the syscall request could be received while the CPU
2773 is still in the running state, which can cause packets to be dropped
2774 and state transition 'T' packets to be sent while the syscall is still
2776 qemu_cpu_kick(s->c_cpu);
2780 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2785 gdb_do_syscallv(cb, fmt, va);
2789 static void gdb_read_byte(GDBState *s, uint8_t ch)
2793 #ifndef CONFIG_USER_ONLY
2794 if (s->last_packet_len) {
2795 /* Waiting for a response to the last packet. If we see the start
2796 of a new command then abandon the previous response. */
2798 trace_gdbstub_err_got_nack();
2799 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
2800 } else if (ch == '+') {
2801 trace_gdbstub_io_got_ack();
2803 trace_gdbstub_io_got_unexpected(ch);
2806 if (ch == '+' || ch == '$')
2807 s->last_packet_len = 0;
2811 if (runstate_is_running()) {
2812 /* when the CPU is running, we cannot do anything except stop
2813 it when receiving a char */
2814 vm_stop(RUN_STATE_PAUSED);
2821 /* start of command packet */
2822 s->line_buf_index = 0;
2824 s->state = RS_GETLINE;
2826 trace_gdbstub_err_garbage(ch);
2831 /* start escape sequence */
2832 s->state = RS_GETLINE_ESC;
2834 } else if (ch == '*') {
2835 /* start run length encoding sequence */
2836 s->state = RS_GETLINE_RLE;
2838 } else if (ch == '#') {
2839 /* end of command, start of checksum*/
2840 s->state = RS_CHKSUM1;
2841 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2842 trace_gdbstub_err_overrun();
2845 /* unescaped command character */
2846 s->line_buf[s->line_buf_index++] = ch;
2850 case RS_GETLINE_ESC:
2852 /* unexpected end of command in escape sequence */
2853 s->state = RS_CHKSUM1;
2854 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2855 /* command buffer overrun */
2856 trace_gdbstub_err_overrun();
2859 /* parse escaped character and leave escape state */
2860 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
2862 s->state = RS_GETLINE;
2865 case RS_GETLINE_RLE:
2867 * Run-length encoding is explained in "Debugging with GDB /
2868 * Appendix E GDB Remote Serial Protocol / Overview".
2870 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
2871 /* invalid RLE count encoding */
2872 trace_gdbstub_err_invalid_repeat(ch);
2873 s->state = RS_GETLINE;
2875 /* decode repeat length */
2876 int repeat = ch - ' ' + 3;
2877 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
2878 /* that many repeats would overrun the command buffer */
2879 trace_gdbstub_err_overrun();
2881 } else if (s->line_buf_index < 1) {
2882 /* got a repeat but we have nothing to repeat */
2883 trace_gdbstub_err_invalid_rle();
2884 s->state = RS_GETLINE;
2886 /* repeat the last character */
2887 memset(s->line_buf + s->line_buf_index,
2888 s->line_buf[s->line_buf_index - 1], repeat);
2889 s->line_buf_index += repeat;
2891 s->state = RS_GETLINE;
2896 /* get high hex digit of checksum */
2897 if (!isxdigit(ch)) {
2898 trace_gdbstub_err_checksum_invalid(ch);
2899 s->state = RS_GETLINE;
2902 s->line_buf[s->line_buf_index] = '\0';
2903 s->line_csum = fromhex(ch) << 4;
2904 s->state = RS_CHKSUM2;
2907 /* get low hex digit of checksum */
2908 if (!isxdigit(ch)) {
2909 trace_gdbstub_err_checksum_invalid(ch);
2910 s->state = RS_GETLINE;
2913 s->line_csum |= fromhex(ch);
2915 if (s->line_csum != (s->line_sum & 0xff)) {
2916 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
2917 /* send NAK reply */
2919 put_buffer(s, &reply, 1);
2922 /* send ACK reply */
2924 put_buffer(s, &reply, 1);
2925 s->state = gdb_handle_packet(s, s->line_buf);
2934 /* Tell the remote gdb that the process has exited. */
2935 void gdb_exit(CPUArchState *env, int code)
2940 s = gdbserver_state;
2944 #ifdef CONFIG_USER_ONLY
2945 if (gdbserver_fd < 0 || s->fd < 0) {
2950 trace_gdbstub_op_exiting((uint8_t)code);
2952 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2955 #ifndef CONFIG_USER_ONLY
2956 qemu_chr_fe_deinit(&s->chr, true);
2961 * Create the process that will contain all the "orphan" CPUs (that are not
2962 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2963 * be attachable and thus will be invisible to the user.
2965 static void create_default_process(GDBState *s)
2967 GDBProcess *process;
2970 if (s->process_num) {
2971 max_pid = s->processes[s->process_num - 1].pid;
2974 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2975 process = &s->processes[s->process_num - 1];
2977 /* We need an available PID slot for this process */
2978 assert(max_pid < UINT32_MAX);
2980 process->pid = max_pid + 1;
2981 process->attached = false;
2982 process->target_xml[0] = '\0';
2985 #ifdef CONFIG_USER_ONLY
2987 gdb_handlesig(CPUState *cpu, int sig)
2993 s = gdbserver_state;
2994 if (gdbserver_fd < 0 || s->fd < 0) {
2998 /* disable single step if it was enabled */
2999 cpu_single_step(cpu, 0);
3003 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
3006 /* put_packet() might have detected that the peer terminated the
3014 s->running_state = 0;
3015 while (s->running_state == 0) {
3016 n = read(s->fd, buf, 256);
3020 for (i = 0; i < n; i++) {
3021 gdb_read_byte(s, buf[i]);
3024 /* XXX: Connection closed. Should probably wait for another
3025 connection before continuing. */
3038 /* Tell the remote gdb that the process has exited due to SIG. */
3039 void gdb_signalled(CPUArchState *env, int sig)
3044 s = gdbserver_state;
3045 if (gdbserver_fd < 0 || s->fd < 0) {
3049 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3053 static bool gdb_accept(void)
3056 struct sockaddr_in sockaddr;
3061 len = sizeof(sockaddr);
3062 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
3063 if (fd < 0 && errno != EINTR) {
3066 } else if (fd >= 0) {
3067 qemu_set_cloexec(fd);
3072 /* set short latency */
3073 if (socket_set_nodelay(fd)) {
3074 perror("setsockopt");
3079 s = g_malloc0(sizeof(GDBState));
3080 create_default_process(s);
3081 s->processes[0].attached = true;
3082 s->c_cpu = gdb_first_attached_cpu(s);
3083 s->g_cpu = s->c_cpu;
3085 gdb_has_xml = false;
3087 gdbserver_state = s;
3091 static int gdbserver_open(int port)
3093 struct sockaddr_in sockaddr;
3096 fd = socket(PF_INET, SOCK_STREAM, 0);
3101 qemu_set_cloexec(fd);
3103 socket_set_fast_reuse(fd);
3105 sockaddr.sin_family = AF_INET;
3106 sockaddr.sin_port = htons(port);
3107 sockaddr.sin_addr.s_addr = 0;
3108 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3114 ret = listen(fd, 1);
3123 int gdbserver_start(int port)
3125 gdbserver_fd = gdbserver_open(port);
3126 if (gdbserver_fd < 0)
3128 /* accept connections */
3129 if (!gdb_accept()) {
3130 close(gdbserver_fd);
3137 /* Disable gdb stub for child processes. */
3138 void gdbserver_fork(CPUState *cpu)
3140 GDBState *s = gdbserver_state;
3142 if (gdbserver_fd < 0 || s->fd < 0) {
3147 cpu_breakpoint_remove_all(cpu, BP_GDB);
3148 cpu_watchpoint_remove_all(cpu, BP_GDB);
3151 static int gdb_chr_can_receive(void *opaque)
3153 /* We can handle an arbitrarily large amount of data.
3154 Pick the maximum packet size, which is as good as anything. */
3155 return MAX_PACKET_LENGTH;
3158 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3162 for (i = 0; i < size; i++) {
3163 gdb_read_byte(gdbserver_state, buf[i]);
3167 static void gdb_chr_event(void *opaque, int event)
3170 GDBState *s = (GDBState *) opaque;
3173 case CHR_EVENT_OPENED:
3174 /* Start with first process attached, others detached */
3175 for (i = 0; i < s->process_num; i++) {
3176 s->processes[i].attached = !i;
3179 s->c_cpu = gdb_first_attached_cpu(s);
3180 s->g_cpu = s->c_cpu;
3182 vm_stop(RUN_STATE_PAUSED);
3183 gdb_has_xml = false;
3190 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
3192 char buf[MAX_PACKET_LENGTH];
3195 if (len > (MAX_PACKET_LENGTH/2) - 1)
3196 len = (MAX_PACKET_LENGTH/2) - 1;
3197 memtohex(buf + 1, (uint8_t *)msg, len);
3201 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3203 const char *p = (const char *)buf;
3206 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
3208 if (len <= max_sz) {
3209 gdb_monitor_output(gdbserver_state, p, len);
3212 gdb_monitor_output(gdbserver_state, p, max_sz);
3220 static void gdb_sigterm_handler(int signal)
3222 if (runstate_is_running()) {
3223 vm_stop(RUN_STATE_PAUSED);
3228 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3229 bool *be_opened, Error **errp)
3234 static void char_gdb_class_init(ObjectClass *oc, void *data)
3236 ChardevClass *cc = CHARDEV_CLASS(oc);
3238 cc->internal = true;
3239 cc->open = gdb_monitor_open;
3240 cc->chr_write = gdb_monitor_write;
3243 #define TYPE_CHARDEV_GDB "chardev-gdb"
3245 static const TypeInfo char_gdb_type_info = {
3246 .name = TYPE_CHARDEV_GDB,
3247 .parent = TYPE_CHARDEV,
3248 .class_init = char_gdb_class_init,
3251 static int find_cpu_clusters(Object *child, void *opaque)
3253 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3254 GDBState *s = (GDBState *) opaque;
3255 CPUClusterState *cluster = CPU_CLUSTER(child);
3256 GDBProcess *process;
3258 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3260 process = &s->processes[s->process_num - 1];
3263 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3264 * runtime, we enforce here that the machine does not use a cluster ID
3265 * that would lead to PID 0.
3267 assert(cluster->cluster_id != UINT32_MAX);
3268 process->pid = cluster->cluster_id + 1;
3269 process->attached = false;
3270 process->target_xml[0] = '\0';
3275 return object_child_foreach(child, find_cpu_clusters, opaque);
3278 static int pid_order(const void *a, const void *b)
3280 GDBProcess *pa = (GDBProcess *) a;
3281 GDBProcess *pb = (GDBProcess *) b;
3283 if (pa->pid < pb->pid) {
3285 } else if (pa->pid > pb->pid) {
3292 static void create_processes(GDBState *s)
3294 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3298 qsort(s->processes, s->process_num, sizeof(s->processes[0]), pid_order);
3301 create_default_process(s);
3304 static void cleanup_processes(GDBState *s)
3306 g_free(s->processes);
3308 s->processes = NULL;
3311 int gdbserver_start(const char *device)
3313 trace_gdbstub_op_start(device);
3316 char gdbstub_device_name[128];
3317 Chardev *chr = NULL;
3321 error_report("gdbstub: meaningless to attach gdb to a "
3322 "machine without any CPU.");
3328 if (strcmp(device, "none") != 0) {
3329 if (strstart(device, "tcp:", NULL)) {
3330 /* enforce required TCP attributes */
3331 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3332 "%s,nowait,nodelay,server", device);
3333 device = gdbstub_device_name;
3336 else if (strcmp(device, "stdio") == 0) {
3337 struct sigaction act;
3339 memset(&act, 0, sizeof(act));
3340 act.sa_handler = gdb_sigterm_handler;
3341 sigaction(SIGINT, &act, NULL);
3345 * FIXME: it's a bit weird to allow using a mux chardev here
3346 * and implicitly setup a monitor. We may want to break this.
3348 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3353 s = gdbserver_state;
3355 s = g_malloc0(sizeof(GDBState));
3356 gdbserver_state = s;
3358 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3360 /* Initialize a monitor terminal for gdb */
3361 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3362 NULL, NULL, &error_abort);
3363 monitor_init_hmp(mon_chr, false);
3365 qemu_chr_fe_deinit(&s->chr, true);
3366 mon_chr = s->mon_chr;
3367 cleanup_processes(s);
3368 memset(s, 0, sizeof(GDBState));
3369 s->mon_chr = mon_chr;
3372 create_processes(s);
3375 qemu_chr_fe_init(&s->chr, chr, &error_abort);
3376 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
3377 gdb_chr_event, NULL, s, NULL, true);
3379 s->state = chr ? RS_IDLE : RS_INACTIVE;
3380 s->mon_chr = mon_chr;
3381 s->current_syscall_cb = NULL;
3386 void gdbserver_cleanup(void)
3388 if (gdbserver_state) {
3389 put_packet(gdbserver_state, "W00");
3393 static void register_types(void)
3395 type_register_static(&char_gdb_type_info);
3398 type_init(register_types);
projects / qemu.git / blob