4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qapi/error.h"
28 #include "qemu/error-report.h"
29 #include "qemu/ctype.h"
30 #include "qemu/cutils.h"
31 #include "qemu/module.h"
32 #include "trace/trace-root.h"
33 #include "exec/gdbstub.h"
34 #ifdef CONFIG_USER_ONLY
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "hw/cpu/cluster.h"
41 #include "hw/boards.h"
44 #define MAX_PACKET_LENGTH 4096
46 #include "qemu/sockets.h"
47 #include "sysemu/hw_accel.h"
48 #include "sysemu/kvm.h"
49 #include "sysemu/runstate.h"
50 #include "semihosting/semihost.h"
51 #include "exec/exec-all.h"
52 #include "sysemu/replay.h"
54 #ifdef CONFIG_USER_ONLY
55 #define GDB_ATTACHED "0"
57 #define GDB_ATTACHED "1"
60 #ifndef CONFIG_USER_ONLY
61 static int phy_memory_mode;
64 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
65 uint8_t *buf, int len, bool is_write)
69 #ifndef CONFIG_USER_ONLY
70 if (phy_memory_mode) {
72 cpu_physical_memory_write(addr, buf, len);
74 cpu_physical_memory_read(addr, buf, len);
80 cc = CPU_GET_CLASS(cpu);
81 if (cc->memory_rw_debug) {
82 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
84 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
87 /* Return the GDB index for a given vCPU state.
89 * For user mode this is simply the thread id. In system mode GDB
90 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
92 static inline int cpu_gdb_index(CPUState *cpu)
94 #if defined(CONFIG_USER_ONLY)
95 TaskState *ts = (TaskState *) cpu->opaque;
96 return ts ? ts->ts_tid : -1;
98 return cpu->cpu_index + 1;
108 GDB_SIGNAL_ALRM = 14,
110 GDB_SIGNAL_XCPU = 24,
111 GDB_SIGNAL_UNKNOWN = 143
114 #ifdef CONFIG_USER_ONLY
116 /* Map target signal numbers to GDB protocol signal numbers and vice
117 * versa. For user emulation's currently supported systems, we can
118 * assume most signals are defined.
121 static int gdb_signal_table[] = {
281 /* In system mode we only need SIGINT and SIGTRAP; other signals
282 are not yet supported. */
289 static int gdb_signal_table[] = {
299 #ifdef CONFIG_USER_ONLY
300 static int target_signal_to_gdb (int sig)
303 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
304 if (gdb_signal_table[i] == sig)
306 return GDB_SIGNAL_UNKNOWN;
310 static int gdb_signal_to_target (int sig)
312 if (sig < ARRAY_SIZE (gdb_signal_table))
313 return gdb_signal_table[sig];
318 typedef struct GDBRegisterState {
321 gdb_get_reg_cb get_reg;
322 gdb_set_reg_cb set_reg;
324 struct GDBRegisterState *next;
327 typedef struct GDBProcess {
331 char target_xml[1024];
343 typedef struct GDBState {
344 bool init; /* have we been initialised? */
345 CPUState *c_cpu; /* current CPU for step/continue ops */
346 CPUState *g_cpu; /* current CPU for other ops */
347 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
348 enum RSState state; /* parsing state */
349 char line_buf[MAX_PACKET_LENGTH];
351 int line_sum; /* running checksum */
352 int line_csum; /* checksum at the end of the packet */
353 GByteArray *last_packet;
355 #ifdef CONFIG_USER_ONLY
364 GDBProcess *processes;
366 char syscall_buf[256];
367 gdb_syscall_complete_cb current_syscall_cb;
371 int supported_sstep_flags;
374 static GDBState gdbserver_state;
376 static void init_gdbserver_state(void)
378 g_assert(!gdbserver_state.init);
379 memset(&gdbserver_state, 0, sizeof(GDBState));
380 gdbserver_state.init = true;
381 gdbserver_state.str_buf = g_string_new(NULL);
382 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
383 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
386 * In replay mode all events will come from the log and can't be
387 * suppressed otherwise we would break determinism. However as those
388 * events are tied to the number of executed instructions we won't see
389 * them occurring every time we single step.
391 if (replay_mode != REPLAY_MODE_NONE) {
392 gdbserver_state.supported_sstep_flags = SSTEP_ENABLE;
393 } else if (kvm_enabled()) {
394 gdbserver_state.supported_sstep_flags = kvm_get_supported_sstep_flags();
396 gdbserver_state.supported_sstep_flags =
397 SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
401 * By default use no IRQs and no timers while single stepping so as to
402 * make single stepping like an ICE HW step.
404 gdbserver_state.sstep_flags = SSTEP_ENABLE | SSTEP_NOIRQ | SSTEP_NOTIMER;
405 gdbserver_state.sstep_flags &= gdbserver_state.supported_sstep_flags;
409 #ifndef CONFIG_USER_ONLY
410 static void reset_gdbserver_state(void)
412 g_free(gdbserver_state.processes);
413 gdbserver_state.processes = NULL;
414 gdbserver_state.process_num = 0;
420 #ifdef CONFIG_USER_ONLY
422 static int get_char(void)
428 ret = recv(gdbserver_state.fd, &ch, 1, 0);
430 if (errno == ECONNRESET)
431 gdbserver_state.fd = -1;
434 } else if (ret == 0) {
435 close(gdbserver_state.fd);
436 gdbserver_state.fd = -1;
452 /* Decide if either remote gdb syscalls or native file IO should be used. */
453 int use_gdb_syscalls(void)
455 SemihostingTarget target = semihosting_get_target();
456 if (target == SEMIHOSTING_TARGET_NATIVE) {
457 /* -semihosting-config target=native */
459 } else if (target == SEMIHOSTING_TARGET_GDB) {
460 /* -semihosting-config target=gdb */
464 /* -semihosting-config target=auto */
465 /* On the first call check if gdb is connected and remember. */
466 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
467 gdb_syscall_mode = gdbserver_state.init ?
468 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
470 return gdb_syscall_mode == GDB_SYS_ENABLED;
473 static bool stub_can_reverse(void)
475 #ifdef CONFIG_USER_ONLY
478 return replay_mode == REPLAY_MODE_PLAY;
482 /* Resume execution. */
483 static inline void gdb_continue(void)
486 #ifdef CONFIG_USER_ONLY
487 gdbserver_state.running_state = 1;
488 trace_gdbstub_op_continue();
490 if (!runstate_needs_reset()) {
491 trace_gdbstub_op_continue();
498 * Resume execution, per CPU actions. For user-mode emulation it's
499 * equivalent to gdb_continue.
501 static int gdb_continue_partial(char *newstates)
505 #ifdef CONFIG_USER_ONLY
507 * This is not exactly accurate, but it's an improvement compared to the
508 * previous situation, where only one CPU would be single-stepped.
511 if (newstates[cpu->cpu_index] == 's') {
512 trace_gdbstub_op_stepping(cpu->cpu_index);
513 cpu_single_step(cpu, gdbserver_state.sstep_flags);
516 gdbserver_state.running_state = 1;
520 if (!runstate_needs_reset()) {
521 bool step_requested = false;
523 if (newstates[cpu->cpu_index] == 's') {
524 step_requested = true;
529 if (vm_prepare_start(step_requested)) {
534 switch (newstates[cpu->cpu_index]) {
537 break; /* nothing to do here */
539 trace_gdbstub_op_stepping(cpu->cpu_index);
540 cpu_single_step(cpu, gdbserver_state.sstep_flags);
545 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
556 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
562 static void put_buffer(const uint8_t *buf, int len)
564 #ifdef CONFIG_USER_ONLY
568 ret = send(gdbserver_state.fd, buf, len, 0);
578 /* XXX this blocks entire thread. Rewrite to use
579 * qemu_chr_fe_write and background I/O callbacks */
580 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
584 static inline int fromhex(int v)
586 if (v >= '0' && v <= '9')
588 else if (v >= 'A' && v <= 'F')
590 else if (v >= 'a' && v <= 'f')
596 static inline int tohex(int v)
604 /* writes 2*len+1 bytes in buf */
605 static void memtohex(GString *buf, const uint8_t *mem, int len)
608 for(i = 0; i < len; i++) {
610 g_string_append_c(buf, tohex(c >> 4));
611 g_string_append_c(buf, tohex(c & 0xf));
613 g_string_append_c(buf, '\0');
616 static void hextomem(GByteArray *mem, const char *buf, int len)
620 for(i = 0; i < len; i++) {
621 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
622 g_byte_array_append(mem, &byte, 1);
627 static void hexdump(const char *buf, int len,
628 void (*trace_fn)(size_t ofs, char const *text))
630 char line_buffer[3 * 16 + 4 + 16 + 1];
633 for (i = 0; i < len || (i & 0xF); ++i) {
634 size_t byte_ofs = i & 15;
637 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
638 line_buffer[3 * 16 + 4 + 16] = 0;
641 size_t col_group = (i >> 2) & 3;
642 size_t hex_col = byte_ofs * 3 + col_group;
643 size_t txt_col = 3 * 16 + 4 + byte_ofs;
648 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
649 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
650 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
656 trace_fn(i & -16, line_buffer);
660 /* return -1 if error, 0 if OK */
661 static int put_packet_binary(const char *buf, int len, bool dump)
666 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
667 hexdump(buf, len, trace_gdbstub_io_binaryreply);
671 g_byte_array_set_size(gdbserver_state.last_packet, 0);
672 g_byte_array_append(gdbserver_state.last_packet,
673 (const uint8_t *) "$", 1);
674 g_byte_array_append(gdbserver_state.last_packet,
675 (const uint8_t *) buf, len);
677 for(i = 0; i < len; i++) {
681 footer[1] = tohex((csum >> 4) & 0xf);
682 footer[2] = tohex((csum) & 0xf);
683 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
685 put_buffer(gdbserver_state.last_packet->data,
686 gdbserver_state.last_packet->len);
688 #ifdef CONFIG_USER_ONLY
701 /* return -1 if error, 0 if OK */
702 static int put_packet(const char *buf)
704 trace_gdbstub_io_reply(buf);
706 return put_packet_binary(buf, strlen(buf), false);
709 static void put_strbuf(void)
711 put_packet(gdbserver_state.str_buf->str);
714 /* Encode data using the encoding for 'x' packets. */
715 static void memtox(GString *buf, const char *mem, int len)
722 case '#': case '$': case '*': case '}':
723 g_string_append_c(buf, '}');
724 g_string_append_c(buf, c ^ 0x20);
727 g_string_append_c(buf, c);
733 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
735 /* TODO: In user mode, we should use the task state PID */
736 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
737 /* Return the default process' PID */
738 int index = gdbserver_state.process_num - 1;
739 return gdbserver_state.processes[index].pid;
741 return cpu->cluster_index + 1;
744 static GDBProcess *gdb_get_process(uint32_t pid)
749 /* 0 means any process, we take the first one */
750 return &gdbserver_state.processes[0];
753 for (i = 0; i < gdbserver_state.process_num; i++) {
754 if (gdbserver_state.processes[i].pid == pid) {
755 return &gdbserver_state.processes[i];
762 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
764 return gdb_get_process(gdb_get_cpu_pid(cpu));
767 static CPUState *find_cpu(uint32_t thread_id)
772 if (cpu_gdb_index(cpu) == thread_id) {
780 static CPUState *get_first_cpu_in_process(GDBProcess *process)
785 if (gdb_get_cpu_pid(cpu) == process->pid) {
793 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
795 uint32_t pid = gdb_get_cpu_pid(cpu);
799 if (gdb_get_cpu_pid(cpu) == pid) {
809 /* Return the cpu following @cpu, while ignoring unattached processes. */
810 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
815 if (gdb_get_cpu_process(cpu)->attached) {
825 /* Return the first attached cpu */
826 static CPUState *gdb_first_attached_cpu(void)
828 CPUState *cpu = first_cpu;
829 GDBProcess *process = gdb_get_cpu_process(cpu);
831 if (!process->attached) {
832 return gdb_next_attached_cpu(cpu);
838 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
844 /* 0 means any process/thread, we take the first attached one */
845 return gdb_first_attached_cpu();
846 } else if (pid && !tid) {
847 /* any thread in a specific process */
848 process = gdb_get_process(pid);
850 if (process == NULL) {
854 if (!process->attached) {
858 return get_first_cpu_in_process(process);
860 /* a specific thread */
867 process = gdb_get_cpu_process(cpu);
869 if (pid && process->pid != pid) {
873 if (!process->attached) {
881 static const char *get_feature_xml(const char *p, const char **newp,
887 CPUState *cpu = get_first_cpu_in_process(process);
888 CPUClass *cc = CPU_GET_CLASS(cpu);
891 while (p[len] && p[len] != ':')
896 if (strncmp(p, "target.xml", len) == 0) {
897 char *buf = process->target_xml;
898 const size_t buf_sz = sizeof(process->target_xml);
900 /* Generate the XML description for this CPU. */
905 "<?xml version=\"1.0\"?>"
906 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
908 if (cc->gdb_arch_name) {
909 gchar *arch = cc->gdb_arch_name(cpu);
910 pstrcat(buf, buf_sz, "<architecture>");
911 pstrcat(buf, buf_sz, arch);
912 pstrcat(buf, buf_sz, "</architecture>");
915 pstrcat(buf, buf_sz, "<xi:include href=\"");
916 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
917 pstrcat(buf, buf_sz, "\"/>");
918 for (r = cpu->gdb_regs; r; r = r->next) {
919 pstrcat(buf, buf_sz, "<xi:include href=\"");
920 pstrcat(buf, buf_sz, r->xml);
921 pstrcat(buf, buf_sz, "\"/>");
923 pstrcat(buf, buf_sz, "</target>");
927 if (cc->gdb_get_dynamic_xml) {
928 char *xmlname = g_strndup(p, len);
929 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
937 name = xml_builtin[i][0];
938 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
941 return name ? xml_builtin[i][1] : NULL;
944 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
946 CPUClass *cc = CPU_GET_CLASS(cpu);
947 CPUArchState *env = cpu->env_ptr;
950 if (reg < cc->gdb_num_core_regs) {
951 return cc->gdb_read_register(cpu, buf, reg);
954 for (r = cpu->gdb_regs; r; r = r->next) {
955 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
956 return r->get_reg(env, buf, reg - r->base_reg);
962 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
964 CPUClass *cc = CPU_GET_CLASS(cpu);
965 CPUArchState *env = cpu->env_ptr;
968 if (reg < cc->gdb_num_core_regs) {
969 return cc->gdb_write_register(cpu, mem_buf, reg);
972 for (r = cpu->gdb_regs; r; r = r->next) {
973 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
974 return r->set_reg(env, mem_buf, reg - r->base_reg);
980 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
981 specifies the first register number and these registers are included in
982 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
983 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
986 void gdb_register_coprocessor(CPUState *cpu,
987 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
988 int num_regs, const char *xml, int g_pos)
991 GDBRegisterState **p;
995 /* Check for duplicates. */
996 if (strcmp((*p)->xml, xml) == 0)
1001 s = g_new0(GDBRegisterState, 1);
1002 s->base_reg = cpu->gdb_num_regs;
1003 s->num_regs = num_regs;
1004 s->get_reg = get_reg;
1005 s->set_reg = set_reg;
1008 /* Add to end of list. */
1009 cpu->gdb_num_regs += num_regs;
1012 if (g_pos != s->base_reg) {
1013 error_report("Error: Bad gdb register numbering for '%s', "
1014 "expected %d got %d", xml, g_pos, s->base_reg);
1016 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
1021 #ifndef CONFIG_USER_ONLY
1022 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1023 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1025 static const int xlat[] = {
1026 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1027 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1028 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1031 CPUClass *cc = CPU_GET_CLASS(cpu);
1032 int cputype = xlat[gdbtype];
1034 if (cc->gdb_stop_before_watchpoint) {
1035 cputype |= BP_STOP_BEFORE_ACCESS;
1041 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1046 if (kvm_enabled()) {
1047 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1051 case GDB_BREAKPOINT_SW:
1052 case GDB_BREAKPOINT_HW:
1054 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1060 #ifndef CONFIG_USER_ONLY
1061 case GDB_WATCHPOINT_WRITE:
1062 case GDB_WATCHPOINT_READ:
1063 case GDB_WATCHPOINT_ACCESS:
1065 err = cpu_watchpoint_insert(cpu, addr, len,
1066 xlat_gdb_type(cpu, type), NULL);
1078 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1083 if (kvm_enabled()) {
1084 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1088 case GDB_BREAKPOINT_SW:
1089 case GDB_BREAKPOINT_HW:
1091 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1097 #ifndef CONFIG_USER_ONLY
1098 case GDB_WATCHPOINT_WRITE:
1099 case GDB_WATCHPOINT_READ:
1100 case GDB_WATCHPOINT_ACCESS:
1102 err = cpu_watchpoint_remove(cpu, addr, len,
1103 xlat_gdb_type(cpu, type));
1114 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1116 cpu_breakpoint_remove_all(cpu, BP_GDB);
1117 #ifndef CONFIG_USER_ONLY
1118 cpu_watchpoint_remove_all(cpu, BP_GDB);
1122 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1124 CPUState *cpu = get_first_cpu_in_process(p);
1127 gdb_cpu_breakpoint_remove_all(cpu);
1128 cpu = gdb_next_cpu_in_process(cpu);
1132 static void gdb_breakpoint_remove_all(void)
1136 if (kvm_enabled()) {
1137 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1142 gdb_cpu_breakpoint_remove_all(cpu);
1146 static void gdb_set_cpu_pc(target_ulong pc)
1148 CPUState *cpu = gdbserver_state.c_cpu;
1150 cpu_synchronize_state(cpu);
1151 cpu_set_pc(cpu, pc);
1154 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1156 if (gdbserver_state.multiprocess) {
1157 g_string_append_printf(buf, "p%02x.%02x",
1158 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1160 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1164 typedef enum GDBThreadIdKind {
1166 GDB_ALL_THREADS, /* One process, all threads */
1171 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1172 uint32_t *pid, uint32_t *tid)
1179 ret = qemu_strtoul(buf, &buf, 16, &p);
1182 return GDB_READ_THREAD_ERR;
1191 ret = qemu_strtoul(buf, &buf, 16, &t);
1194 return GDB_READ_THREAD_ERR;
1200 return GDB_ALL_PROCESSES;
1208 return GDB_ALL_THREADS;
1215 return GDB_ONE_THREAD;
1219 * gdb_handle_vcont - Parses and handles a vCont packet.
1220 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1221 * a format error, 0 on success.
1223 static int gdb_handle_vcont(const char *p)
1225 int res, signal = 0;
1230 GDBProcess *process;
1232 GDBThreadIdKind kind;
1233 #ifdef CONFIG_USER_ONLY
1234 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1237 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1240 MachineState *ms = MACHINE(qdev_get_machine());
1241 unsigned int max_cpus = ms->smp.max_cpus;
1243 /* uninitialised CPUs stay 0 */
1244 newstates = g_new0(char, max_cpus);
1246 /* mark valid CPUs with 1 */
1248 newstates[cpu->cpu_index] = 1;
1252 * res keeps track of what error we are returning, with -ENOTSUP meaning
1253 * that the command is unknown or unsupported, thus returning an empty
1254 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1255 * or incorrect parameters passed.
1265 if (cur_action == 'C' || cur_action == 'S') {
1266 cur_action = qemu_tolower(cur_action);
1267 res = qemu_strtoul(p, &p, 16, &tmp);
1271 signal = gdb_signal_to_target(tmp);
1272 } else if (cur_action != 'c' && cur_action != 's') {
1273 /* unknown/invalid/unsupported command */
1278 if (*p == '\0' || *p == ';') {
1280 * No thread specifier, action is on "all threads". The
1281 * specification is unclear regarding the process to act on. We
1282 * choose all processes.
1284 kind = GDB_ALL_PROCESSES;
1285 } else if (*p++ == ':') {
1286 kind = read_thread_id(p, &p, &pid, &tid);
1293 case GDB_READ_THREAD_ERR:
1297 case GDB_ALL_PROCESSES:
1298 cpu = gdb_first_attached_cpu();
1300 if (newstates[cpu->cpu_index] == 1) {
1301 newstates[cpu->cpu_index] = cur_action;
1304 cpu = gdb_next_attached_cpu(cpu);
1308 case GDB_ALL_THREADS:
1309 process = gdb_get_process(pid);
1311 if (!process->attached) {
1316 cpu = get_first_cpu_in_process(process);
1318 if (newstates[cpu->cpu_index] == 1) {
1319 newstates[cpu->cpu_index] = cur_action;
1322 cpu = gdb_next_cpu_in_process(cpu);
1326 case GDB_ONE_THREAD:
1327 cpu = gdb_get_cpu(pid, tid);
1329 /* invalid CPU/thread specified */
1335 /* only use if no previous match occourred */
1336 if (newstates[cpu->cpu_index] == 1) {
1337 newstates[cpu->cpu_index] = cur_action;
1342 gdbserver_state.signal = signal;
1343 gdb_continue_partial(newstates);
1351 typedef union GdbCmdVariant {
1354 unsigned long val_ul;
1355 unsigned long long val_ull;
1357 GDBThreadIdKind kind;
1363 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i))
1365 static const char *cmd_next_param(const char *param, const char delimiter)
1367 static const char all_delimiters[] = ",;:=";
1368 char curr_delimiters[2] = {0};
1369 const char *delimiters;
1371 if (delimiter == '?') {
1372 delimiters = all_delimiters;
1373 } else if (delimiter == '0') {
1374 return strchr(param, '\0');
1375 } else if (delimiter == '.' && *param) {
1378 curr_delimiters[0] = delimiter;
1379 delimiters = curr_delimiters;
1382 param += strcspn(param, delimiters);
1389 static int cmd_parse_params(const char *data, const char *schema,
1392 const char *curr_schema, *curr_data;
1395 g_assert(params->len == 0);
1397 curr_schema = schema;
1399 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1400 GdbCmdVariant this_param;
1402 switch (curr_schema[0]) {
1404 if (qemu_strtoul(curr_data, &curr_data, 16,
1405 &this_param.val_ul)) {
1408 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1409 g_array_append_val(params, this_param);
1412 if (qemu_strtou64(curr_data, &curr_data, 16,
1413 (uint64_t *)&this_param.val_ull)) {
1416 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1417 g_array_append_val(params, this_param);
1420 this_param.data = curr_data;
1421 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1422 g_array_append_val(params, this_param);
1425 this_param.opcode = *(uint8_t *)curr_data;
1426 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1427 g_array_append_val(params, this_param);
1430 this_param.thread_id.kind =
1431 read_thread_id(curr_data, &curr_data,
1432 &this_param.thread_id.pid,
1433 &this_param.thread_id.tid);
1434 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1435 g_array_append_val(params, this_param);
1438 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1449 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx);
1452 * cmd_startswith -> cmd is compared using startswith
1455 * schema definitions:
1456 * Each schema parameter entry consists of 2 chars,
1457 * the first char represents the parameter type handling
1458 * the second char represents the delimiter for the next parameter
1460 * Currently supported schema types:
1461 * 'l' -> unsigned long (stored in .val_ul)
1462 * 'L' -> unsigned long long (stored in .val_ull)
1463 * 's' -> string (stored in .data)
1464 * 'o' -> single char (stored in .opcode)
1465 * 't' -> thread id (stored in .thread_id)
1466 * '?' -> skip according to delimiter
1468 * Currently supported delimiters:
1469 * '?' -> Stop at any delimiter (",;:=\0")
1470 * '0' -> Stop at "\0"
1471 * '.' -> Skip 1 char unless reached "\0"
1472 * Any other value is treated as the delimiter value itself
1474 typedef struct GdbCmdParseEntry {
1475 GdbCmdHandler handler;
1477 bool cmd_startswith;
1481 static inline int startswith(const char *string, const char *pattern)
1483 return !strncmp(string, pattern, strlen(pattern));
1486 static int process_string_cmd(void *user_ctx, const char *data,
1487 const GdbCmdParseEntry *cmds, int num_cmds)
1490 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant));
1496 for (i = 0; i < num_cmds; i++) {
1497 const GdbCmdParseEntry *cmd = &cmds[i];
1498 g_assert(cmd->handler && cmd->cmd);
1500 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1501 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1506 if (cmd_parse_params(&data[strlen(cmd->cmd)],
1507 cmd->schema, params)) {
1512 cmd->handler(params, user_ctx);
1519 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1525 g_string_set_size(gdbserver_state.str_buf, 0);
1526 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1528 /* In case there was an error during the command parsing we must
1529 * send a NULL packet to indicate the command is not supported */
1530 if (process_string_cmd(NULL, data, cmd, 1)) {
1535 static void handle_detach(GArray *params, void *user_ctx)
1537 GDBProcess *process;
1540 if (gdbserver_state.multiprocess) {
1546 pid = get_param(params, 0)->val_ul;
1549 process = gdb_get_process(pid);
1550 gdb_process_breakpoint_remove_all(process);
1551 process->attached = false;
1553 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1554 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1557 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1558 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1561 if (!gdbserver_state.c_cpu) {
1562 /* No more process attached */
1563 gdb_syscall_mode = GDB_SYS_DISABLED;
1569 static void handle_thread_alive(GArray *params, void *user_ctx)
1578 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
1583 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
1584 get_param(params, 0)->thread_id.tid);
1593 static void handle_continue(GArray *params, void *user_ctx)
1596 gdb_set_cpu_pc(get_param(params, 0)->val_ull);
1599 gdbserver_state.signal = 0;
1603 static void handle_cont_with_sig(GArray *params, void *user_ctx)
1605 unsigned long signal = 0;
1608 * Note: C sig;[addr] is currently unsupported and we simply
1609 * omit the addr parameter
1612 signal = get_param(params, 0)->val_ul;
1615 gdbserver_state.signal = gdb_signal_to_target(signal);
1616 if (gdbserver_state.signal == -1) {
1617 gdbserver_state.signal = 0;
1622 static void handle_set_thread(GArray *params, void *user_ctx)
1626 if (params->len != 2) {
1631 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) {
1636 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) {
1641 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid,
1642 get_param(params, 1)->thread_id.tid);
1649 * Note: This command is deprecated and modern gdb's will be using the
1650 * vCont command instead.
1652 switch (get_param(params, 0)->opcode) {
1654 gdbserver_state.c_cpu = cpu;
1658 gdbserver_state.g_cpu = cpu;
1667 static void handle_insert_bp(GArray *params, void *user_ctx)
1671 if (params->len != 3) {
1676 res = gdb_breakpoint_insert(get_param(params, 0)->val_ul,
1677 get_param(params, 1)->val_ull,
1678 get_param(params, 2)->val_ull);
1682 } else if (res == -ENOSYS) {
1690 static void handle_remove_bp(GArray *params, void *user_ctx)
1694 if (params->len != 3) {
1699 res = gdb_breakpoint_remove(get_param(params, 0)->val_ul,
1700 get_param(params, 1)->val_ull,
1701 get_param(params, 2)->val_ull);
1705 } else if (res == -ENOSYS) {
1714 * handle_set/get_reg
1716 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1717 * This works, but can be very slow. Anything new enough to understand
1718 * XML also knows how to use this properly. However to use this we
1719 * need to define a local XML file as well as be talking to a
1720 * reasonably modern gdb. Responding with an empty packet will cause
1721 * the remote gdb to fallback to older methods.
1724 static void handle_set_reg(GArray *params, void *user_ctx)
1733 if (params->len != 2) {
1738 reg_size = strlen(get_param(params, 1)->data) / 2;
1739 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size);
1740 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1741 get_param(params, 0)->val_ull);
1745 static void handle_get_reg(GArray *params, void *user_ctx)
1759 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1760 gdbserver_state.mem_buf,
1761 get_param(params, 0)->val_ull);
1766 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1769 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1773 static void handle_write_mem(GArray *params, void *user_ctx)
1775 if (params->len != 3) {
1780 /* hextomem() reads 2*len bytes */
1781 if (get_param(params, 1)->val_ull >
1782 strlen(get_param(params, 2)->data) / 2) {
1787 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data,
1788 get_param(params, 1)->val_ull);
1789 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1790 get_param(params, 0)->val_ull,
1791 gdbserver_state.mem_buf->data,
1792 gdbserver_state.mem_buf->len, true)) {
1800 static void handle_read_mem(GArray *params, void *user_ctx)
1802 if (params->len != 2) {
1807 /* memtohex() doubles the required space */
1808 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) {
1813 g_byte_array_set_size(gdbserver_state.mem_buf,
1814 get_param(params, 1)->val_ull);
1816 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1817 get_param(params, 0)->val_ull,
1818 gdbserver_state.mem_buf->data,
1819 gdbserver_state.mem_buf->len, false)) {
1824 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1825 gdbserver_state.mem_buf->len);
1829 static void handle_write_all_regs(GArray *params, void *user_ctx)
1831 target_ulong addr, len;
1839 cpu_synchronize_state(gdbserver_state.g_cpu);
1840 len = strlen(get_param(params, 0)->data) / 2;
1841 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
1842 registers = gdbserver_state.mem_buf->data;
1843 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1845 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1847 registers += reg_size;
1852 static void handle_read_all_regs(GArray *params, void *user_ctx)
1854 target_ulong addr, len;
1856 cpu_synchronize_state(gdbserver_state.g_cpu);
1857 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1859 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1860 len += gdb_read_register(gdbserver_state.g_cpu,
1861 gdbserver_state.mem_buf,
1864 g_assert(len == gdbserver_state.mem_buf->len);
1866 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1870 static void handle_file_io(GArray *params, void *user_ctx)
1872 if (params->len >= 1 && gdbserver_state.current_syscall_cb) {
1873 target_ulong ret, err;
1875 ret = (target_ulong)get_param(params, 0)->val_ull;
1876 if (params->len >= 2) {
1877 err = (target_ulong)get_param(params, 1)->val_ull;
1881 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1882 gdbserver_state.current_syscall_cb = NULL;
1885 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') {
1893 static void handle_step(GArray *params, void *user_ctx)
1896 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull);
1899 cpu_single_step(gdbserver_state.c_cpu, gdbserver_state.sstep_flags);
1903 static void handle_backward(GArray *params, void *user_ctx)
1905 if (!stub_can_reverse()) {
1908 if (params->len == 1) {
1909 switch (get_param(params, 0)->opcode) {
1911 if (replay_reverse_step()) {
1918 if (replay_reverse_continue()) {
1927 /* Default invalid command */
1931 static void handle_v_cont_query(GArray *params, void *user_ctx)
1933 put_packet("vCont;c;C;s;S");
1936 static void handle_v_cont(GArray *params, void *user_ctx)
1944 res = gdb_handle_vcont(get_param(params, 0)->data);
1945 if ((res == -EINVAL) || (res == -ERANGE)) {
1952 static void handle_v_attach(GArray *params, void *user_ctx)
1954 GDBProcess *process;
1957 g_string_assign(gdbserver_state.str_buf, "E22");
1962 process = gdb_get_process(get_param(params, 0)->val_ul);
1967 cpu = get_first_cpu_in_process(process);
1972 process->attached = true;
1973 gdbserver_state.g_cpu = cpu;
1974 gdbserver_state.c_cpu = cpu;
1976 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1977 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1978 g_string_append_c(gdbserver_state.str_buf, ';');
1983 static void handle_v_kill(GArray *params, void *user_ctx)
1985 /* Kill the target */
1987 error_report("QEMU: Terminated via GDBstub");
1992 static const GdbCmdParseEntry gdb_v_commands_table[] = {
1993 /* Order is important if has same prefix */
1995 .handler = handle_v_cont_query,
2000 .handler = handle_v_cont,
2002 .cmd_startswith = 1,
2006 .handler = handle_v_attach,
2008 .cmd_startswith = 1,
2012 .handler = handle_v_kill,
2018 static void handle_v_commands(GArray *params, void *user_ctx)
2024 if (process_string_cmd(NULL, get_param(params, 0)->data,
2025 gdb_v_commands_table,
2026 ARRAY_SIZE(gdb_v_commands_table))) {
2031 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx)
2033 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x", SSTEP_ENABLE);
2035 if (gdbserver_state.supported_sstep_flags & SSTEP_NOIRQ) {
2036 g_string_append_printf(gdbserver_state.str_buf, ",NOIRQ=%x",
2040 if (gdbserver_state.supported_sstep_flags & SSTEP_NOTIMER) {
2041 g_string_append_printf(gdbserver_state.str_buf, ",NOTIMER=%x",
2048 static void handle_set_qemu_sstep(GArray *params, void *user_ctx)
2050 int new_sstep_flags;
2056 new_sstep_flags = get_param(params, 0)->val_ul;
2058 if (new_sstep_flags & ~gdbserver_state.supported_sstep_flags) {
2063 gdbserver_state.sstep_flags = new_sstep_flags;
2067 static void handle_query_qemu_sstep(GArray *params, void *user_ctx)
2069 g_string_printf(gdbserver_state.str_buf, "0x%x",
2070 gdbserver_state.sstep_flags);
2074 static void handle_query_curr_tid(GArray *params, void *user_ctx)
2077 GDBProcess *process;
2080 * "Current thread" remains vague in the spec, so always return
2081 * the first thread of the current process (gdb returns the
2084 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2085 cpu = get_first_cpu_in_process(process);
2086 g_string_assign(gdbserver_state.str_buf, "QC");
2087 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2091 static void handle_query_threads(GArray *params, void *user_ctx)
2093 if (!gdbserver_state.query_cpu) {
2098 g_string_assign(gdbserver_state.str_buf, "m");
2099 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2101 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2104 static void handle_query_first_threads(GArray *params, void *user_ctx)
2106 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2107 handle_query_threads(params, user_ctx);
2110 static void handle_query_thread_extra(GArray *params, void *user_ctx)
2112 g_autoptr(GString) rs = g_string_new(NULL);
2116 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
2121 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
2122 get_param(params, 0)->thread_id.tid);
2127 cpu_synchronize_state(cpu);
2129 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2130 /* Print the CPU model and name in multiprocess mode */
2131 ObjectClass *oc = object_get_class(OBJECT(cpu));
2132 const char *cpu_model = object_class_get_name(oc);
2133 const char *cpu_name =
2134 object_get_canonical_path_component(OBJECT(cpu));
2135 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2136 cpu->halted ? "halted " : "running");
2138 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2139 cpu->halted ? "halted " : "running");
2141 trace_gdbstub_op_extra_info(rs->str);
2142 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2146 #ifdef CONFIG_USER_ONLY
2147 static void handle_query_offsets(GArray *params, void *user_ctx)
2151 ts = gdbserver_state.c_cpu->opaque;
2152 g_string_printf(gdbserver_state.str_buf,
2153 "Text=" TARGET_ABI_FMT_lx
2154 ";Data=" TARGET_ABI_FMT_lx
2155 ";Bss=" TARGET_ABI_FMT_lx,
2156 ts->info->code_offset,
2157 ts->info->data_offset,
2158 ts->info->data_offset);
2162 static void handle_query_rcmd(GArray *params, void *user_ctx)
2164 const guint8 zero = 0;
2172 len = strlen(get_param(params, 0)->data);
2178 g_assert(gdbserver_state.mem_buf->len == 0);
2180 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
2181 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2182 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2183 gdbserver_state.mem_buf->len);
2188 static void handle_query_supported(GArray *params, void *user_ctx)
2192 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2193 cc = CPU_GET_CLASS(first_cpu);
2194 if (cc->gdb_core_xml_file) {
2195 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2198 if (stub_can_reverse()) {
2199 g_string_append(gdbserver_state.str_buf,
2200 ";ReverseStep+;ReverseContinue+");
2203 #ifdef CONFIG_USER_ONLY
2204 if (gdbserver_state.c_cpu->opaque) {
2205 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2210 strstr(get_param(params, 0)->data, "multiprocess+")) {
2211 gdbserver_state.multiprocess = true;
2214 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2218 static void handle_query_xfer_features(GArray *params, void *user_ctx)
2220 GDBProcess *process;
2222 unsigned long len, total_len, addr;
2226 if (params->len < 3) {
2231 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2232 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2233 if (!cc->gdb_core_xml_file) {
2239 p = get_param(params, 0)->data;
2240 xml = get_feature_xml(p, &p, process);
2246 addr = get_param(params, 1)->val_ul;
2247 len = get_param(params, 2)->val_ul;
2248 total_len = strlen(xml);
2249 if (addr > total_len) {
2254 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2255 len = (MAX_PACKET_LENGTH - 5) / 2;
2258 if (len < total_len - addr) {
2259 g_string_assign(gdbserver_state.str_buf, "m");
2260 memtox(gdbserver_state.str_buf, xml + addr, len);
2262 g_string_assign(gdbserver_state.str_buf, "l");
2263 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2266 put_packet_binary(gdbserver_state.str_buf->str,
2267 gdbserver_state.str_buf->len, true);
2270 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2271 static void handle_query_xfer_auxv(GArray *params, void *user_ctx)
2274 unsigned long offset, len, saved_auxv, auxv_len;
2276 if (params->len < 2) {
2281 offset = get_param(params, 0)->val_ul;
2282 len = get_param(params, 1)->val_ul;
2283 ts = gdbserver_state.c_cpu->opaque;
2284 saved_auxv = ts->info->saved_auxv;
2285 auxv_len = ts->info->auxv_len;
2287 if (offset >= auxv_len) {
2292 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2293 len = (MAX_PACKET_LENGTH - 5) / 2;
2296 if (len < auxv_len - offset) {
2297 g_string_assign(gdbserver_state.str_buf, "m");
2299 g_string_assign(gdbserver_state.str_buf, "l");
2300 len = auxv_len - offset;
2303 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2304 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2305 gdbserver_state.mem_buf->data, len, false)) {
2310 memtox(gdbserver_state.str_buf,
2311 (const char *)gdbserver_state.mem_buf->data, len);
2312 put_packet_binary(gdbserver_state.str_buf->str,
2313 gdbserver_state.str_buf->len, true);
2317 static void handle_query_attached(GArray *params, void *user_ctx)
2319 put_packet(GDB_ATTACHED);
2322 static void handle_query_qemu_supported(GArray *params, void *user_ctx)
2324 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2325 #ifndef CONFIG_USER_ONLY
2326 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2331 #ifndef CONFIG_USER_ONLY
2332 static void handle_query_qemu_phy_mem_mode(GArray *params,
2335 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2339 static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx)
2346 if (!get_param(params, 0)->val_ul) {
2347 phy_memory_mode = 0;
2349 phy_memory_mode = 1;
2355 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2356 /* Order is important if has same prefix */
2358 .handler = handle_query_qemu_sstepbits,
2359 .cmd = "qemu.sstepbits",
2362 .handler = handle_query_qemu_sstep,
2363 .cmd = "qemu.sstep",
2366 .handler = handle_set_qemu_sstep,
2367 .cmd = "qemu.sstep=",
2368 .cmd_startswith = 1,
2373 static const GdbCmdParseEntry gdb_gen_query_table[] = {
2375 .handler = handle_query_curr_tid,
2379 .handler = handle_query_threads,
2380 .cmd = "sThreadInfo",
2383 .handler = handle_query_first_threads,
2384 .cmd = "fThreadInfo",
2387 .handler = handle_query_thread_extra,
2388 .cmd = "ThreadExtraInfo,",
2389 .cmd_startswith = 1,
2392 #ifdef CONFIG_USER_ONLY
2394 .handler = handle_query_offsets,
2399 .handler = handle_query_rcmd,
2401 .cmd_startswith = 1,
2406 .handler = handle_query_supported,
2407 .cmd = "Supported:",
2408 .cmd_startswith = 1,
2412 .handler = handle_query_supported,
2417 .handler = handle_query_xfer_features,
2418 .cmd = "Xfer:features:read:",
2419 .cmd_startswith = 1,
2422 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2424 .handler = handle_query_xfer_auxv,
2425 .cmd = "Xfer:auxv:read::",
2426 .cmd_startswith = 1,
2431 .handler = handle_query_attached,
2436 .handler = handle_query_attached,
2440 .handler = handle_query_qemu_supported,
2441 .cmd = "qemu.Supported",
2443 #ifndef CONFIG_USER_ONLY
2445 .handler = handle_query_qemu_phy_mem_mode,
2446 .cmd = "qemu.PhyMemMode",
2451 static const GdbCmdParseEntry gdb_gen_set_table[] = {
2452 /* Order is important if has same prefix */
2454 .handler = handle_set_qemu_sstep,
2455 .cmd = "qemu.sstep:",
2456 .cmd_startswith = 1,
2459 #ifndef CONFIG_USER_ONLY
2461 .handler = handle_set_qemu_phy_mem_mode,
2462 .cmd = "qemu.PhyMemMode:",
2463 .cmd_startswith = 1,
2469 static void handle_gen_query(GArray *params, void *user_ctx)
2475 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2476 gdb_gen_query_set_common_table,
2477 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2481 if (process_string_cmd(NULL, get_param(params, 0)->data,
2482 gdb_gen_query_table,
2483 ARRAY_SIZE(gdb_gen_query_table))) {
2488 static void handle_gen_set(GArray *params, void *user_ctx)
2494 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2495 gdb_gen_query_set_common_table,
2496 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2500 if (process_string_cmd(NULL, get_param(params, 0)->data,
2502 ARRAY_SIZE(gdb_gen_set_table))) {
2507 static void handle_target_halt(GArray *params, void *user_ctx)
2509 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2510 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2511 g_string_append_c(gdbserver_state.str_buf, ';');
2514 * Remove all the breakpoints when this query is issued,
2515 * because gdb is doing an initial connect and the state
2516 * should be cleaned up.
2518 gdb_breakpoint_remove_all();
2521 static int gdb_handle_packet(const char *line_buf)
2523 const GdbCmdParseEntry *cmd_parser = NULL;
2525 trace_gdbstub_io_command(line_buf);
2527 switch (line_buf[0]) {
2533 static const GdbCmdParseEntry target_halted_cmd_desc = {
2534 .handler = handle_target_halt,
2538 cmd_parser = &target_halted_cmd_desc;
2543 static const GdbCmdParseEntry continue_cmd_desc = {
2544 .handler = handle_continue,
2546 .cmd_startswith = 1,
2549 cmd_parser = &continue_cmd_desc;
2554 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2555 .handler = handle_cont_with_sig,
2557 .cmd_startswith = 1,
2560 cmd_parser = &cont_with_sig_cmd_desc;
2565 static const GdbCmdParseEntry v_cmd_desc = {
2566 .handler = handle_v_commands,
2568 .cmd_startswith = 1,
2571 cmd_parser = &v_cmd_desc;
2575 /* Kill the target */
2576 error_report("QEMU: Terminated via GDBstub");
2581 static const GdbCmdParseEntry detach_cmd_desc = {
2582 .handler = handle_detach,
2584 .cmd_startswith = 1,
2587 cmd_parser = &detach_cmd_desc;
2592 static const GdbCmdParseEntry step_cmd_desc = {
2593 .handler = handle_step,
2595 .cmd_startswith = 1,
2598 cmd_parser = &step_cmd_desc;
2603 static const GdbCmdParseEntry backward_cmd_desc = {
2604 .handler = handle_backward,
2606 .cmd_startswith = 1,
2609 cmd_parser = &backward_cmd_desc;
2614 static const GdbCmdParseEntry file_io_cmd_desc = {
2615 .handler = handle_file_io,
2617 .cmd_startswith = 1,
2620 cmd_parser = &file_io_cmd_desc;
2625 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2626 .handler = handle_read_all_regs,
2630 cmd_parser = &read_all_regs_cmd_desc;
2635 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2636 .handler = handle_write_all_regs,
2638 .cmd_startswith = 1,
2641 cmd_parser = &write_all_regs_cmd_desc;
2646 static const GdbCmdParseEntry read_mem_cmd_desc = {
2647 .handler = handle_read_mem,
2649 .cmd_startswith = 1,
2652 cmd_parser = &read_mem_cmd_desc;
2657 static const GdbCmdParseEntry write_mem_cmd_desc = {
2658 .handler = handle_write_mem,
2660 .cmd_startswith = 1,
2663 cmd_parser = &write_mem_cmd_desc;
2668 static const GdbCmdParseEntry get_reg_cmd_desc = {
2669 .handler = handle_get_reg,
2671 .cmd_startswith = 1,
2674 cmd_parser = &get_reg_cmd_desc;
2679 static const GdbCmdParseEntry set_reg_cmd_desc = {
2680 .handler = handle_set_reg,
2682 .cmd_startswith = 1,
2685 cmd_parser = &set_reg_cmd_desc;
2690 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2691 .handler = handle_insert_bp,
2693 .cmd_startswith = 1,
2696 cmd_parser = &insert_bp_cmd_desc;
2701 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2702 .handler = handle_remove_bp,
2704 .cmd_startswith = 1,
2707 cmd_parser = &remove_bp_cmd_desc;
2712 static const GdbCmdParseEntry set_thread_cmd_desc = {
2713 .handler = handle_set_thread,
2715 .cmd_startswith = 1,
2718 cmd_parser = &set_thread_cmd_desc;
2723 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2724 .handler = handle_thread_alive,
2726 .cmd_startswith = 1,
2729 cmd_parser = &thread_alive_cmd_desc;
2734 static const GdbCmdParseEntry gen_query_cmd_desc = {
2735 .handler = handle_gen_query,
2737 .cmd_startswith = 1,
2740 cmd_parser = &gen_query_cmd_desc;
2745 static const GdbCmdParseEntry gen_set_cmd_desc = {
2746 .handler = handle_gen_set,
2748 .cmd_startswith = 1,
2751 cmd_parser = &gen_set_cmd_desc;
2755 /* put empty packet */
2761 run_cmd_parser(line_buf, cmd_parser);
2767 void gdb_set_stop_cpu(CPUState *cpu)
2769 GDBProcess *p = gdb_get_cpu_process(cpu);
2773 * Having a stop CPU corresponding to a process that is not attached
2774 * confuses GDB. So we ignore the request.
2779 gdbserver_state.c_cpu = cpu;
2780 gdbserver_state.g_cpu = cpu;
2783 #ifndef CONFIG_USER_ONLY
2784 static void gdb_vm_state_change(void *opaque, bool running, RunState state)
2786 CPUState *cpu = gdbserver_state.c_cpu;
2787 g_autoptr(GString) buf = g_string_new(NULL);
2788 g_autoptr(GString) tid = g_string_new(NULL);
2792 if (running || gdbserver_state.state == RS_INACTIVE) {
2795 /* Is there a GDB syscall waiting to be sent? */
2796 if (gdbserver_state.current_syscall_cb) {
2797 put_packet(gdbserver_state.syscall_buf);
2802 /* No process attached */
2806 gdb_append_thread_id(cpu, tid);
2809 case RUN_STATE_DEBUG:
2810 if (cpu->watchpoint_hit) {
2811 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2822 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2823 (target_ulong)cpu->watchpoint_hit->vaddr);
2824 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2825 GDB_SIGNAL_TRAP, tid->str, type,
2826 (target_ulong)cpu->watchpoint_hit->vaddr);
2827 cpu->watchpoint_hit = NULL;
2830 trace_gdbstub_hit_break();
2833 ret = GDB_SIGNAL_TRAP;
2835 case RUN_STATE_PAUSED:
2836 trace_gdbstub_hit_paused();
2837 ret = GDB_SIGNAL_INT;
2839 case RUN_STATE_SHUTDOWN:
2840 trace_gdbstub_hit_shutdown();
2841 ret = GDB_SIGNAL_QUIT;
2843 case RUN_STATE_IO_ERROR:
2844 trace_gdbstub_hit_io_error();
2845 ret = GDB_SIGNAL_IO;
2847 case RUN_STATE_WATCHDOG:
2848 trace_gdbstub_hit_watchdog();
2849 ret = GDB_SIGNAL_ALRM;
2851 case RUN_STATE_INTERNAL_ERROR:
2852 trace_gdbstub_hit_internal_error();
2853 ret = GDB_SIGNAL_ABRT;
2855 case RUN_STATE_SAVE_VM:
2856 case RUN_STATE_RESTORE_VM:
2858 case RUN_STATE_FINISH_MIGRATE:
2859 ret = GDB_SIGNAL_XCPU;
2862 trace_gdbstub_hit_unknown(state);
2863 ret = GDB_SIGNAL_UNKNOWN;
2866 gdb_set_stop_cpu(cpu);
2867 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2870 put_packet(buf->str);
2872 /* disable single step if it was enabled */
2873 cpu_single_step(cpu, 0);
2877 /* Send a gdb syscall request.
2878 This accepts limited printf-style format specifiers, specifically:
2879 %x - target_ulong argument printed in hex.
2880 %lx - 64-bit argument printed in hex.
2881 %s - string pointer (target_ulong) and length (int) pair. */
2882 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2889 if (!gdbserver_state.init) {
2893 gdbserver_state.current_syscall_cb = cb;
2894 #ifndef CONFIG_USER_ONLY
2895 vm_stop(RUN_STATE_DEBUG);
2897 p = &gdbserver_state.syscall_buf[0];
2898 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2905 addr = va_arg(va, target_ulong);
2906 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2909 if (*(fmt++) != 'x')
2911 i64 = va_arg(va, uint64_t);
2912 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2915 addr = va_arg(va, target_ulong);
2916 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2917 addr, va_arg(va, int));
2921 error_report("gdbstub: Bad syscall format string '%s'",
2930 #ifdef CONFIG_USER_ONLY
2931 put_packet(gdbserver_state.syscall_buf);
2932 /* Return control to gdb for it to process the syscall request.
2933 * Since the protocol requires that gdb hands control back to us
2934 * using a "here are the results" F packet, we don't need to check
2935 * gdb_handlesig's return value (which is the signal to deliver if
2936 * execution was resumed via a continue packet).
2938 gdb_handlesig(gdbserver_state.c_cpu, 0);
2940 /* In this case wait to send the syscall packet until notification that
2941 the CPU has stopped. This must be done because if the packet is sent
2942 now the reply from the syscall request could be received while the CPU
2943 is still in the running state, which can cause packets to be dropped
2944 and state transition 'T' packets to be sent while the syscall is still
2946 qemu_cpu_kick(gdbserver_state.c_cpu);
2950 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2955 gdb_do_syscallv(cb, fmt, va);
2959 static void gdb_read_byte(uint8_t ch)
2963 #ifndef CONFIG_USER_ONLY
2964 if (gdbserver_state.last_packet->len) {
2965 /* Waiting for a response to the last packet. If we see the start
2966 of a new command then abandon the previous response. */
2968 trace_gdbstub_err_got_nack();
2969 put_buffer(gdbserver_state.last_packet->data,
2970 gdbserver_state.last_packet->len);
2971 } else if (ch == '+') {
2972 trace_gdbstub_io_got_ack();
2974 trace_gdbstub_io_got_unexpected(ch);
2977 if (ch == '+' || ch == '$') {
2978 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2983 if (runstate_is_running()) {
2984 /* when the CPU is running, we cannot do anything except stop
2985 it when receiving a char */
2986 vm_stop(RUN_STATE_PAUSED);
2990 switch(gdbserver_state.state) {
2993 /* start of command packet */
2994 gdbserver_state.line_buf_index = 0;
2995 gdbserver_state.line_sum = 0;
2996 gdbserver_state.state = RS_GETLINE;
2998 trace_gdbstub_err_garbage(ch);
3003 /* start escape sequence */
3004 gdbserver_state.state = RS_GETLINE_ESC;
3005 gdbserver_state.line_sum += ch;
3006 } else if (ch == '*') {
3007 /* start run length encoding sequence */
3008 gdbserver_state.state = RS_GETLINE_RLE;
3009 gdbserver_state.line_sum += ch;
3010 } else if (ch == '#') {
3011 /* end of command, start of checksum*/
3012 gdbserver_state.state = RS_CHKSUM1;
3013 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3014 trace_gdbstub_err_overrun();
3015 gdbserver_state.state = RS_IDLE;
3017 /* unescaped command character */
3018 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
3019 gdbserver_state.line_sum += ch;
3022 case RS_GETLINE_ESC:
3024 /* unexpected end of command in escape sequence */
3025 gdbserver_state.state = RS_CHKSUM1;
3026 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3027 /* command buffer overrun */
3028 trace_gdbstub_err_overrun();
3029 gdbserver_state.state = RS_IDLE;
3031 /* parse escaped character and leave escape state */
3032 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
3033 gdbserver_state.line_sum += ch;
3034 gdbserver_state.state = RS_GETLINE;
3037 case RS_GETLINE_RLE:
3039 * Run-length encoding is explained in "Debugging with GDB /
3040 * Appendix E GDB Remote Serial Protocol / Overview".
3042 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
3043 /* invalid RLE count encoding */
3044 trace_gdbstub_err_invalid_repeat(ch);
3045 gdbserver_state.state = RS_GETLINE;
3047 /* decode repeat length */
3048 int repeat = ch - ' ' + 3;
3049 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
3050 /* that many repeats would overrun the command buffer */
3051 trace_gdbstub_err_overrun();
3052 gdbserver_state.state = RS_IDLE;
3053 } else if (gdbserver_state.line_buf_index < 1) {
3054 /* got a repeat but we have nothing to repeat */
3055 trace_gdbstub_err_invalid_rle();
3056 gdbserver_state.state = RS_GETLINE;
3058 /* repeat the last character */
3059 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
3060 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
3061 gdbserver_state.line_buf_index += repeat;
3062 gdbserver_state.line_sum += ch;
3063 gdbserver_state.state = RS_GETLINE;
3068 /* get high hex digit of checksum */
3069 if (!isxdigit(ch)) {
3070 trace_gdbstub_err_checksum_invalid(ch);
3071 gdbserver_state.state = RS_GETLINE;
3074 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
3075 gdbserver_state.line_csum = fromhex(ch) << 4;
3076 gdbserver_state.state = RS_CHKSUM2;
3079 /* get low hex digit of checksum */
3080 if (!isxdigit(ch)) {
3081 trace_gdbstub_err_checksum_invalid(ch);
3082 gdbserver_state.state = RS_GETLINE;
3085 gdbserver_state.line_csum |= fromhex(ch);
3087 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3088 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3089 /* send NAK reply */
3091 put_buffer(&reply, 1);
3092 gdbserver_state.state = RS_IDLE;
3094 /* send ACK reply */
3096 put_buffer(&reply, 1);
3097 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3106 /* Tell the remote gdb that the process has exited. */
3107 void gdb_exit(int code)
3111 if (!gdbserver_state.init) {
3114 #ifdef CONFIG_USER_ONLY
3115 if (gdbserver_state.socket_path) {
3116 unlink(gdbserver_state.socket_path);
3118 if (gdbserver_state.fd < 0) {
3123 trace_gdbstub_op_exiting((uint8_t)code);
3125 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3128 #ifndef CONFIG_USER_ONLY
3129 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3134 * Create the process that will contain all the "orphan" CPUs (that are not
3135 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3136 * be attachable and thus will be invisible to the user.
3138 static void create_default_process(GDBState *s)
3140 GDBProcess *process;
3143 if (gdbserver_state.process_num) {
3144 max_pid = s->processes[s->process_num - 1].pid;
3147 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3148 process = &s->processes[s->process_num - 1];
3150 /* We need an available PID slot for this process */
3151 assert(max_pid < UINT32_MAX);
3153 process->pid = max_pid + 1;
3154 process->attached = false;
3155 process->target_xml[0] = '\0';
3158 #ifdef CONFIG_USER_ONLY
3160 gdb_handlesig(CPUState *cpu, int sig)
3165 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3169 /* disable single step if it was enabled */
3170 cpu_single_step(cpu, 0);
3174 gdb_set_stop_cpu(cpu);
3175 g_string_printf(gdbserver_state.str_buf,
3176 "T%02xthread:", target_signal_to_gdb(sig));
3177 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
3178 g_string_append_c(gdbserver_state.str_buf, ';');
3181 /* put_packet() might have detected that the peer terminated the
3183 if (gdbserver_state.fd < 0) {
3188 gdbserver_state.state = RS_IDLE;
3189 gdbserver_state.running_state = 0;
3190 while (gdbserver_state.running_state == 0) {
3191 n = read(gdbserver_state.fd, buf, 256);
3195 for (i = 0; i < n; i++) {
3196 gdb_read_byte(buf[i]);
3199 /* XXX: Connection closed. Should probably wait for another
3200 connection before continuing. */
3202 close(gdbserver_state.fd);
3204 gdbserver_state.fd = -1;
3208 sig = gdbserver_state.signal;
3209 gdbserver_state.signal = 0;
3213 /* Tell the remote gdb that the process has exited due to SIG. */
3214 void gdb_signalled(CPUArchState *env, int sig)
3218 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3222 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3226 static void gdb_accept_init(int fd)
3228 init_gdbserver_state();
3229 create_default_process(&gdbserver_state);
3230 gdbserver_state.processes[0].attached = true;
3231 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3232 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3233 gdbserver_state.fd = fd;
3234 gdb_has_xml = false;
3237 static bool gdb_accept_socket(int gdb_fd)
3242 fd = accept(gdb_fd, NULL, NULL);
3243 if (fd < 0 && errno != EINTR) {
3244 perror("accept socket");
3246 } else if (fd >= 0) {
3247 qemu_set_cloexec(fd);
3252 gdb_accept_init(fd);
3256 static int gdbserver_open_socket(const char *path)
3258 struct sockaddr_un sockaddr = {};
3261 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3263 perror("create socket");
3267 sockaddr.sun_family = AF_UNIX;
3268 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3269 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3271 perror("bind socket");
3275 ret = listen(fd, 1);
3277 perror("listen socket");
3285 static bool gdb_accept_tcp(int gdb_fd)
3287 struct sockaddr_in sockaddr = {};
3292 len = sizeof(sockaddr);
3293 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3294 if (fd < 0 && errno != EINTR) {
3297 } else if (fd >= 0) {
3298 qemu_set_cloexec(fd);
3303 /* set short latency */
3304 if (socket_set_nodelay(fd)) {
3305 perror("setsockopt");
3310 gdb_accept_init(fd);
3314 static int gdbserver_open_port(int port)
3316 struct sockaddr_in sockaddr;
3319 fd = socket(PF_INET, SOCK_STREAM, 0);
3324 qemu_set_cloexec(fd);
3326 socket_set_fast_reuse(fd);
3328 sockaddr.sin_family = AF_INET;
3329 sockaddr.sin_port = htons(port);
3330 sockaddr.sin_addr.s_addr = 0;
3331 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3337 ret = listen(fd, 1);
3347 int gdbserver_start(const char *port_or_path)
3349 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3353 gdb_fd = gdbserver_open_port(port);
3355 gdb_fd = gdbserver_open_socket(port_or_path);
3362 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3364 } else if (gdb_accept_socket(gdb_fd)) {
3365 gdbserver_state.socket_path = g_strdup(port_or_path);
3374 /* Disable gdb stub for child processes. */
3375 void gdbserver_fork(CPUState *cpu)
3377 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3380 close(gdbserver_state.fd);
3381 gdbserver_state.fd = -1;
3382 cpu_breakpoint_remove_all(cpu, BP_GDB);
3383 cpu_watchpoint_remove_all(cpu, BP_GDB);
3386 static int gdb_chr_can_receive(void *opaque)
3388 /* We can handle an arbitrarily large amount of data.
3389 Pick the maximum packet size, which is as good as anything. */
3390 return MAX_PACKET_LENGTH;
3393 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3397 for (i = 0; i < size; i++) {
3398 gdb_read_byte(buf[i]);
3402 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3405 GDBState *s = (GDBState *) opaque;
3408 case CHR_EVENT_OPENED:
3409 /* Start with first process attached, others detached */
3410 for (i = 0; i < s->process_num; i++) {
3411 s->processes[i].attached = !i;
3414 s->c_cpu = gdb_first_attached_cpu();
3415 s->g_cpu = s->c_cpu;
3417 vm_stop(RUN_STATE_PAUSED);
3418 replay_gdb_attached();
3419 gdb_has_xml = false;
3426 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3428 g_autoptr(GString) hex_buf = g_string_new("O");
3429 memtohex(hex_buf, buf, len);
3430 put_packet(hex_buf->str);
3435 static void gdb_sigterm_handler(int signal)
3437 if (runstate_is_running()) {
3438 vm_stop(RUN_STATE_PAUSED);
3443 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3444 bool *be_opened, Error **errp)
3449 static void char_gdb_class_init(ObjectClass *oc, void *data)
3451 ChardevClass *cc = CHARDEV_CLASS(oc);
3453 cc->internal = true;
3454 cc->open = gdb_monitor_open;
3455 cc->chr_write = gdb_monitor_write;
3458 #define TYPE_CHARDEV_GDB "chardev-gdb"
3460 static const TypeInfo char_gdb_type_info = {
3461 .name = TYPE_CHARDEV_GDB,
3462 .parent = TYPE_CHARDEV,
3463 .class_init = char_gdb_class_init,
3466 static int find_cpu_clusters(Object *child, void *opaque)
3468 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3469 GDBState *s = (GDBState *) opaque;
3470 CPUClusterState *cluster = CPU_CLUSTER(child);
3471 GDBProcess *process;
3473 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3475 process = &s->processes[s->process_num - 1];
3478 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3479 * runtime, we enforce here that the machine does not use a cluster ID
3480 * that would lead to PID 0.
3482 assert(cluster->cluster_id != UINT32_MAX);
3483 process->pid = cluster->cluster_id + 1;
3484 process->attached = false;
3485 process->target_xml[0] = '\0';
3490 return object_child_foreach(child, find_cpu_clusters, opaque);
3493 static int pid_order(const void *a, const void *b)
3495 GDBProcess *pa = (GDBProcess *) a;
3496 GDBProcess *pb = (GDBProcess *) b;
3498 if (pa->pid < pb->pid) {
3500 } else if (pa->pid > pb->pid) {
3507 static void create_processes(GDBState *s)
3509 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3511 if (gdbserver_state.processes) {
3513 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3516 create_default_process(s);
3519 int gdbserver_start(const char *device)
3521 trace_gdbstub_op_start(device);
3523 char gdbstub_device_name[128];
3524 Chardev *chr = NULL;
3528 error_report("gdbstub: meaningless to attach gdb to a "
3529 "machine without any CPU.");
3533 if (kvm_enabled() && !kvm_supports_guest_debug()) {
3534 error_report("gdbstub: KVM doesn't support guest debugging");
3540 if (strcmp(device, "none") != 0) {
3541 if (strstart(device, "tcp:", NULL)) {
3542 /* enforce required TCP attributes */
3543 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3544 "%s,wait=off,nodelay=on,server=on", device);
3545 device = gdbstub_device_name;
3548 else if (strcmp(device, "stdio") == 0) {
3549 struct sigaction act;
3551 memset(&act, 0, sizeof(act));
3552 act.sa_handler = gdb_sigterm_handler;
3553 sigaction(SIGINT, &act, NULL);
3557 * FIXME: it's a bit weird to allow using a mux chardev here
3558 * and implicitly setup a monitor. We may want to break this.
3560 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3565 if (!gdbserver_state.init) {
3566 init_gdbserver_state();
3568 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3570 /* Initialize a monitor terminal for gdb */
3571 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3572 NULL, NULL, &error_abort);
3573 monitor_init_hmp(mon_chr, false, &error_abort);
3575 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3576 mon_chr = gdbserver_state.mon_chr;
3577 reset_gdbserver_state();
3580 create_processes(&gdbserver_state);
3583 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3584 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3585 gdb_chr_receive, gdb_chr_event,
3586 NULL, &gdbserver_state, NULL, true);
3588 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3589 gdbserver_state.mon_chr = mon_chr;
3590 gdbserver_state.current_syscall_cb = NULL;
3595 static void register_types(void)
3597 type_register_static(&char_gdb_type_info);
3600 type_init(register_types);
projects / qemu.git / blob