4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace/trace-root.h"
34 #ifdef CONFIG_USER_ONLY
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "sysemu/sysemu.h"
41 #include "exec/gdbstub.h"
42 #include "hw/cpu/cluster.h"
43 #include "hw/boards.h"
46 #define MAX_PACKET_LENGTH 4096
48 #include "qemu/sockets.h"
49 #include "sysemu/hw_accel.h"
50 #include "sysemu/kvm.h"
51 #include "sysemu/runstate.h"
52 #include "hw/semihosting/semihost.h"
53 #include "exec/exec-all.h"
54 #include "sysemu/replay.h"
56 #ifdef CONFIG_USER_ONLY
57 #define GDB_ATTACHED "0"
59 #define GDB_ATTACHED "1"
62 #ifndef CONFIG_USER_ONLY
63 static int phy_memory_mode;
66 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
67 uint8_t *buf, int len, bool is_write)
71 #ifndef CONFIG_USER_ONLY
72 if (phy_memory_mode) {
74 cpu_physical_memory_write(addr, buf, len);
76 cpu_physical_memory_read(addr, buf, len);
82 cc = CPU_GET_CLASS(cpu);
83 if (cc->memory_rw_debug) {
84 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
86 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
89 /* Return the GDB index for a given vCPU state.
91 * For user mode this is simply the thread id. In system mode GDB
92 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
94 static inline int cpu_gdb_index(CPUState *cpu)
96 #if defined(CONFIG_USER_ONLY)
97 TaskState *ts = (TaskState *) cpu->opaque;
100 return cpu->cpu_index + 1;
110 GDB_SIGNAL_ALRM = 14,
112 GDB_SIGNAL_XCPU = 24,
113 GDB_SIGNAL_UNKNOWN = 143
116 #ifdef CONFIG_USER_ONLY
118 /* Map target signal numbers to GDB protocol signal numbers and vice
119 * versa. For user emulation's currently supported systems, we can
120 * assume most signals are defined.
123 static int gdb_signal_table[] = {
283 /* In system mode we only need SIGINT and SIGTRAP; other signals
284 are not yet supported. */
291 static int gdb_signal_table[] = {
301 #ifdef CONFIG_USER_ONLY
302 static int target_signal_to_gdb (int sig)
305 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
306 if (gdb_signal_table[i] == sig)
308 return GDB_SIGNAL_UNKNOWN;
312 static int gdb_signal_to_target (int sig)
314 if (sig < ARRAY_SIZE (gdb_signal_table))
315 return gdb_signal_table[sig];
320 typedef struct GDBRegisterState {
323 gdb_get_reg_cb get_reg;
324 gdb_set_reg_cb set_reg;
326 struct GDBRegisterState *next;
329 typedef struct GDBProcess {
333 char target_xml[1024];
345 typedef struct GDBState {
346 bool init; /* have we been initialised? */
347 CPUState *c_cpu; /* current CPU for step/continue ops */
348 CPUState *g_cpu; /* current CPU for other ops */
349 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
350 enum RSState state; /* parsing state */
351 char line_buf[MAX_PACKET_LENGTH];
353 int line_sum; /* running checksum */
354 int line_csum; /* checksum at the end of the packet */
355 GByteArray *last_packet;
357 #ifdef CONFIG_USER_ONLY
366 GDBProcess *processes;
368 char syscall_buf[256];
369 gdb_syscall_complete_cb current_syscall_cb;
374 /* By default use no IRQs and no timers while single stepping so as to
375 * make single stepping like an ICE HW step.
377 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
379 /* Retrieves flags for single step mode. */
380 static int get_sstep_flags(void)
383 * In replay mode all events written into the log should be replayed.
384 * That is why NOIRQ flag is removed in this mode.
386 if (replay_mode != REPLAY_MODE_NONE) {
393 static GDBState gdbserver_state;
395 static void init_gdbserver_state(void)
397 g_assert(!gdbserver_state.init);
398 memset(&gdbserver_state, 0, sizeof(GDBState));
399 gdbserver_state.init = true;
400 gdbserver_state.str_buf = g_string_new(NULL);
401 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
402 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
405 #ifndef CONFIG_USER_ONLY
406 static void reset_gdbserver_state(void)
408 g_free(gdbserver_state.processes);
409 gdbserver_state.processes = NULL;
410 gdbserver_state.process_num = 0;
416 #ifdef CONFIG_USER_ONLY
418 static int get_char(void)
424 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0);
426 if (errno == ECONNRESET)
427 gdbserver_state.fd = -1;
430 } else if (ret == 0) {
431 close(gdbserver_state.fd);
432 gdbserver_state.fd = -1;
448 /* Decide if either remote gdb syscalls or native file IO should be used. */
449 int use_gdb_syscalls(void)
451 SemihostingTarget target = semihosting_get_target();
452 if (target == SEMIHOSTING_TARGET_NATIVE) {
453 /* -semihosting-config target=native */
455 } else if (target == SEMIHOSTING_TARGET_GDB) {
456 /* -semihosting-config target=gdb */
460 /* -semihosting-config target=auto */
461 /* On the first call check if gdb is connected and remember. */
462 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
463 gdb_syscall_mode = gdbserver_state.init ?
464 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
466 return gdb_syscall_mode == GDB_SYS_ENABLED;
469 /* Resume execution. */
470 static inline void gdb_continue(void)
473 #ifdef CONFIG_USER_ONLY
474 gdbserver_state.running_state = 1;
475 trace_gdbstub_op_continue();
477 if (!runstate_needs_reset()) {
478 trace_gdbstub_op_continue();
485 * Resume execution, per CPU actions. For user-mode emulation it's
486 * equivalent to gdb_continue.
488 static int gdb_continue_partial(char *newstates)
492 #ifdef CONFIG_USER_ONLY
494 * This is not exactly accurate, but it's an improvement compared to the
495 * previous situation, where only one CPU would be single-stepped.
498 if (newstates[cpu->cpu_index] == 's') {
499 trace_gdbstub_op_stepping(cpu->cpu_index);
500 cpu_single_step(cpu, sstep_flags);
503 gdbserver_state.running_state = 1;
507 if (!runstate_needs_reset()) {
508 if (vm_prepare_start()) {
513 switch (newstates[cpu->cpu_index]) {
516 break; /* nothing to do here */
518 trace_gdbstub_op_stepping(cpu->cpu_index);
519 cpu_single_step(cpu, get_sstep_flags());
524 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
535 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
541 static void put_buffer(const uint8_t *buf, int len)
543 #ifdef CONFIG_USER_ONLY
547 ret = send(gdbserver_state.fd, buf, len, 0);
557 /* XXX this blocks entire thread. Rewrite to use
558 * qemu_chr_fe_write and background I/O callbacks */
559 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
563 static inline int fromhex(int v)
565 if (v >= '0' && v <= '9')
567 else if (v >= 'A' && v <= 'F')
569 else if (v >= 'a' && v <= 'f')
575 static inline int tohex(int v)
583 /* writes 2*len+1 bytes in buf */
584 static void memtohex(GString *buf, const uint8_t *mem, int len)
587 for(i = 0; i < len; i++) {
589 g_string_append_c(buf, tohex(c >> 4));
590 g_string_append_c(buf, tohex(c & 0xf));
592 g_string_append_c(buf, '\0');
595 static void hextomem(GByteArray *mem, const char *buf, int len)
599 for(i = 0; i < len; i++) {
600 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
601 g_byte_array_append(mem, &byte, 1);
606 static void hexdump(const char *buf, int len,
607 void (*trace_fn)(size_t ofs, char const *text))
609 char line_buffer[3 * 16 + 4 + 16 + 1];
612 for (i = 0; i < len || (i & 0xF); ++i) {
613 size_t byte_ofs = i & 15;
616 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
617 line_buffer[3 * 16 + 4 + 16] = 0;
620 size_t col_group = (i >> 2) & 3;
621 size_t hex_col = byte_ofs * 3 + col_group;
622 size_t txt_col = 3 * 16 + 4 + byte_ofs;
627 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
628 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
629 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
635 trace_fn(i & -16, line_buffer);
639 /* return -1 if error, 0 if OK */
640 static int put_packet_binary(const char *buf, int len, bool dump)
645 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
646 hexdump(buf, len, trace_gdbstub_io_binaryreply);
650 g_byte_array_set_size(gdbserver_state.last_packet, 0);
651 g_byte_array_append(gdbserver_state.last_packet,
652 (const uint8_t *) "$", 1);
653 g_byte_array_append(gdbserver_state.last_packet,
654 (const uint8_t *) buf, len);
656 for(i = 0; i < len; i++) {
660 footer[1] = tohex((csum >> 4) & 0xf);
661 footer[2] = tohex((csum) & 0xf);
662 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
664 put_buffer(gdbserver_state.last_packet->data,
665 gdbserver_state.last_packet->len);
667 #ifdef CONFIG_USER_ONLY
680 /* return -1 if error, 0 if OK */
681 static int put_packet(const char *buf)
683 trace_gdbstub_io_reply(buf);
685 return put_packet_binary(buf, strlen(buf), false);
688 static void put_strbuf(void)
690 put_packet(gdbserver_state.str_buf->str);
693 /* Encode data using the encoding for 'x' packets. */
694 static void memtox(GString *buf, const char *mem, int len)
701 case '#': case '$': case '*': case '}':
702 g_string_append_c(buf, '}');
703 g_string_append_c(buf, c ^ 0x20);
706 g_string_append_c(buf, c);
712 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
714 /* TODO: In user mode, we should use the task state PID */
715 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
716 /* Return the default process' PID */
717 int index = gdbserver_state.process_num - 1;
718 return gdbserver_state.processes[index].pid;
720 return cpu->cluster_index + 1;
723 static GDBProcess *gdb_get_process(uint32_t pid)
728 /* 0 means any process, we take the first one */
729 return &gdbserver_state.processes[0];
732 for (i = 0; i < gdbserver_state.process_num; i++) {
733 if (gdbserver_state.processes[i].pid == pid) {
734 return &gdbserver_state.processes[i];
741 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
743 return gdb_get_process(gdb_get_cpu_pid(cpu));
746 static CPUState *find_cpu(uint32_t thread_id)
751 if (cpu_gdb_index(cpu) == thread_id) {
759 static CPUState *get_first_cpu_in_process(GDBProcess *process)
764 if (gdb_get_cpu_pid(cpu) == process->pid) {
772 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
774 uint32_t pid = gdb_get_cpu_pid(cpu);
778 if (gdb_get_cpu_pid(cpu) == pid) {
788 /* Return the cpu following @cpu, while ignoring unattached processes. */
789 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
794 if (gdb_get_cpu_process(cpu)->attached) {
804 /* Return the first attached cpu */
805 static CPUState *gdb_first_attached_cpu(void)
807 CPUState *cpu = first_cpu;
808 GDBProcess *process = gdb_get_cpu_process(cpu);
810 if (!process->attached) {
811 return gdb_next_attached_cpu(cpu);
817 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
823 /* 0 means any process/thread, we take the first attached one */
824 return gdb_first_attached_cpu();
825 } else if (pid && !tid) {
826 /* any thread in a specific process */
827 process = gdb_get_process(pid);
829 if (process == NULL) {
833 if (!process->attached) {
837 return get_first_cpu_in_process(process);
839 /* a specific thread */
846 process = gdb_get_cpu_process(cpu);
848 if (pid && process->pid != pid) {
852 if (!process->attached) {
860 static const char *get_feature_xml(const char *p, const char **newp,
866 CPUState *cpu = get_first_cpu_in_process(process);
867 CPUClass *cc = CPU_GET_CLASS(cpu);
870 while (p[len] && p[len] != ':')
875 if (strncmp(p, "target.xml", len) == 0) {
876 char *buf = process->target_xml;
877 const size_t buf_sz = sizeof(process->target_xml);
879 /* Generate the XML description for this CPU. */
884 "<?xml version=\"1.0\"?>"
885 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
887 if (cc->gdb_arch_name) {
888 gchar *arch = cc->gdb_arch_name(cpu);
889 pstrcat(buf, buf_sz, "<architecture>");
890 pstrcat(buf, buf_sz, arch);
891 pstrcat(buf, buf_sz, "</architecture>");
894 pstrcat(buf, buf_sz, "<xi:include href=\"");
895 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
896 pstrcat(buf, buf_sz, "\"/>");
897 for (r = cpu->gdb_regs; r; r = r->next) {
898 pstrcat(buf, buf_sz, "<xi:include href=\"");
899 pstrcat(buf, buf_sz, r->xml);
900 pstrcat(buf, buf_sz, "\"/>");
902 pstrcat(buf, buf_sz, "</target>");
906 if (cc->gdb_get_dynamic_xml) {
907 char *xmlname = g_strndup(p, len);
908 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
916 name = xml_builtin[i][0];
917 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
920 return name ? xml_builtin[i][1] : NULL;
923 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
925 CPUClass *cc = CPU_GET_CLASS(cpu);
926 CPUArchState *env = cpu->env_ptr;
929 if (reg < cc->gdb_num_core_regs) {
930 return cc->gdb_read_register(cpu, buf, reg);
933 for (r = cpu->gdb_regs; r; r = r->next) {
934 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
935 return r->get_reg(env, buf, reg - r->base_reg);
941 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
943 CPUClass *cc = CPU_GET_CLASS(cpu);
944 CPUArchState *env = cpu->env_ptr;
947 if (reg < cc->gdb_num_core_regs) {
948 return cc->gdb_write_register(cpu, mem_buf, reg);
951 for (r = cpu->gdb_regs; r; r = r->next) {
952 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
953 return r->set_reg(env, mem_buf, reg - r->base_reg);
959 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
960 specifies the first register number and these registers are included in
961 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
962 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
965 void gdb_register_coprocessor(CPUState *cpu,
966 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
967 int num_regs, const char *xml, int g_pos)
970 GDBRegisterState **p;
974 /* Check for duplicates. */
975 if (strcmp((*p)->xml, xml) == 0)
980 s = g_new0(GDBRegisterState, 1);
981 s->base_reg = cpu->gdb_num_regs;
982 s->num_regs = num_regs;
983 s->get_reg = get_reg;
984 s->set_reg = set_reg;
987 /* Add to end of list. */
988 cpu->gdb_num_regs += num_regs;
991 if (g_pos != s->base_reg) {
992 error_report("Error: Bad gdb register numbering for '%s', "
993 "expected %d got %d", xml, g_pos, s->base_reg);
995 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
1000 #ifndef CONFIG_USER_ONLY
1001 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1002 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1004 static const int xlat[] = {
1005 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1006 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1007 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1010 CPUClass *cc = CPU_GET_CLASS(cpu);
1011 int cputype = xlat[gdbtype];
1013 if (cc->gdb_stop_before_watchpoint) {
1014 cputype |= BP_STOP_BEFORE_ACCESS;
1020 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1025 if (kvm_enabled()) {
1026 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1030 case GDB_BREAKPOINT_SW:
1031 case GDB_BREAKPOINT_HW:
1033 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1039 #ifndef CONFIG_USER_ONLY
1040 case GDB_WATCHPOINT_WRITE:
1041 case GDB_WATCHPOINT_READ:
1042 case GDB_WATCHPOINT_ACCESS:
1044 err = cpu_watchpoint_insert(cpu, addr, len,
1045 xlat_gdb_type(cpu, type), NULL);
1057 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1062 if (kvm_enabled()) {
1063 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1067 case GDB_BREAKPOINT_SW:
1068 case GDB_BREAKPOINT_HW:
1070 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1076 #ifndef CONFIG_USER_ONLY
1077 case GDB_WATCHPOINT_WRITE:
1078 case GDB_WATCHPOINT_READ:
1079 case GDB_WATCHPOINT_ACCESS:
1081 err = cpu_watchpoint_remove(cpu, addr, len,
1082 xlat_gdb_type(cpu, type));
1093 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1095 cpu_breakpoint_remove_all(cpu, BP_GDB);
1096 #ifndef CONFIG_USER_ONLY
1097 cpu_watchpoint_remove_all(cpu, BP_GDB);
1101 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1103 CPUState *cpu = get_first_cpu_in_process(p);
1106 gdb_cpu_breakpoint_remove_all(cpu);
1107 cpu = gdb_next_cpu_in_process(cpu);
1111 static void gdb_breakpoint_remove_all(void)
1115 if (kvm_enabled()) {
1116 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1121 gdb_cpu_breakpoint_remove_all(cpu);
1125 static void gdb_set_cpu_pc(target_ulong pc)
1127 CPUState *cpu = gdbserver_state.c_cpu;
1129 cpu_synchronize_state(cpu);
1130 cpu_set_pc(cpu, pc);
1133 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1135 if (gdbserver_state.multiprocess) {
1136 g_string_append_printf(buf, "p%02x.%02x",
1137 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1139 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1143 typedef enum GDBThreadIdKind {
1145 GDB_ALL_THREADS, /* One process, all threads */
1150 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1151 uint32_t *pid, uint32_t *tid)
1158 ret = qemu_strtoul(buf, &buf, 16, &p);
1161 return GDB_READ_THREAD_ERR;
1170 ret = qemu_strtoul(buf, &buf, 16, &t);
1173 return GDB_READ_THREAD_ERR;
1179 return GDB_ALL_PROCESSES;
1187 return GDB_ALL_THREADS;
1194 return GDB_ONE_THREAD;
1198 * gdb_handle_vcont - Parses and handles a vCont packet.
1199 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1200 * a format error, 0 on success.
1202 static int gdb_handle_vcont(const char *p)
1204 int res, signal = 0;
1209 GDBProcess *process;
1211 GDBThreadIdKind kind;
1212 #ifdef CONFIG_USER_ONLY
1213 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1216 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1219 MachineState *ms = MACHINE(qdev_get_machine());
1220 unsigned int max_cpus = ms->smp.max_cpus;
1222 /* uninitialised CPUs stay 0 */
1223 newstates = g_new0(char, max_cpus);
1225 /* mark valid CPUs with 1 */
1227 newstates[cpu->cpu_index] = 1;
1231 * res keeps track of what error we are returning, with -ENOTSUP meaning
1232 * that the command is unknown or unsupported, thus returning an empty
1233 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1234 * or incorrect parameters passed.
1244 if (cur_action == 'C' || cur_action == 'S') {
1245 cur_action = qemu_tolower(cur_action);
1246 res = qemu_strtoul(p, &p, 16, &tmp);
1250 signal = gdb_signal_to_target(tmp);
1251 } else if (cur_action != 'c' && cur_action != 's') {
1252 /* unknown/invalid/unsupported command */
1257 if (*p == '\0' || *p == ';') {
1259 * No thread specifier, action is on "all threads". The
1260 * specification is unclear regarding the process to act on. We
1261 * choose all processes.
1263 kind = GDB_ALL_PROCESSES;
1264 } else if (*p++ == ':') {
1265 kind = read_thread_id(p, &p, &pid, &tid);
1272 case GDB_READ_THREAD_ERR:
1276 case GDB_ALL_PROCESSES:
1277 cpu = gdb_first_attached_cpu();
1279 if (newstates[cpu->cpu_index] == 1) {
1280 newstates[cpu->cpu_index] = cur_action;
1283 cpu = gdb_next_attached_cpu(cpu);
1287 case GDB_ALL_THREADS:
1288 process = gdb_get_process(pid);
1290 if (!process->attached) {
1295 cpu = get_first_cpu_in_process(process);
1297 if (newstates[cpu->cpu_index] == 1) {
1298 newstates[cpu->cpu_index] = cur_action;
1301 cpu = gdb_next_cpu_in_process(cpu);
1305 case GDB_ONE_THREAD:
1306 cpu = gdb_get_cpu(pid, tid);
1308 /* invalid CPU/thread specified */
1314 /* only use if no previous match occourred */
1315 if (newstates[cpu->cpu_index] == 1) {
1316 newstates[cpu->cpu_index] = cur_action;
1321 gdbserver_state.signal = signal;
1322 gdb_continue_partial(newstates);
1330 typedef union GdbCmdVariant {
1333 unsigned long val_ul;
1334 unsigned long long val_ull;
1336 GDBThreadIdKind kind;
1342 static const char *cmd_next_param(const char *param, const char delimiter)
1344 static const char all_delimiters[] = ",;:=";
1345 char curr_delimiters[2] = {0};
1346 const char *delimiters;
1348 if (delimiter == '?') {
1349 delimiters = all_delimiters;
1350 } else if (delimiter == '0') {
1351 return strchr(param, '\0');
1352 } else if (delimiter == '.' && *param) {
1355 curr_delimiters[0] = delimiter;
1356 delimiters = curr_delimiters;
1359 param += strcspn(param, delimiters);
1366 static int cmd_parse_params(const char *data, const char *schema,
1367 GdbCmdVariant *params, int *num_params)
1370 const char *curr_schema, *curr_data;
1378 curr_schema = schema;
1381 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1382 switch (curr_schema[0]) {
1384 if (qemu_strtoul(curr_data, &curr_data, 16,
1385 ¶ms[curr_param].val_ul)) {
1389 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1392 if (qemu_strtou64(curr_data, &curr_data, 16,
1393 (uint64_t *)¶ms[curr_param].val_ull)) {
1397 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1400 params[curr_param].data = curr_data;
1402 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1405 params[curr_param].opcode = *(uint8_t *)curr_data;
1407 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1410 params[curr_param].thread_id.kind =
1411 read_thread_id(curr_data, &curr_data,
1412 ¶ms[curr_param].thread_id.pid,
1413 ¶ms[curr_param].thread_id.tid);
1415 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1418 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1426 *num_params = curr_param;
1430 typedef struct GdbCmdContext {
1431 GdbCmdVariant *params;
1435 typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
1438 * cmd_startswith -> cmd is compared using startswith
1441 * schema definitions:
1442 * Each schema parameter entry consists of 2 chars,
1443 * the first char represents the parameter type handling
1444 * the second char represents the delimiter for the next parameter
1446 * Currently supported schema types:
1447 * 'l' -> unsigned long (stored in .val_ul)
1448 * 'L' -> unsigned long long (stored in .val_ull)
1449 * 's' -> string (stored in .data)
1450 * 'o' -> single char (stored in .opcode)
1451 * 't' -> thread id (stored in .thread_id)
1452 * '?' -> skip according to delimiter
1454 * Currently supported delimiters:
1455 * '?' -> Stop at any delimiter (",;:=\0")
1456 * '0' -> Stop at "\0"
1457 * '.' -> Skip 1 char unless reached "\0"
1458 * Any other value is treated as the delimiter value itself
1460 typedef struct GdbCmdParseEntry {
1461 GdbCmdHandler handler;
1463 bool cmd_startswith;
1467 static inline int startswith(const char *string, const char *pattern)
1469 return !strncmp(string, pattern, strlen(pattern));
1472 static int process_string_cmd(void *user_ctx, const char *data,
1473 const GdbCmdParseEntry *cmds, int num_cmds)
1475 int i, schema_len, max_num_params = 0;
1476 GdbCmdContext gdb_ctx;
1482 for (i = 0; i < num_cmds; i++) {
1483 const GdbCmdParseEntry *cmd = &cmds[i];
1484 g_assert(cmd->handler && cmd->cmd);
1486 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1487 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1492 schema_len = strlen(cmd->schema);
1493 if (schema_len % 2) {
1497 max_num_params = schema_len / 2;
1501 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params);
1502 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params);
1504 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema,
1505 gdb_ctx.params, &gdb_ctx.num_params)) {
1509 cmd->handler(&gdb_ctx, user_ctx);
1516 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1522 g_string_set_size(gdbserver_state.str_buf, 0);
1523 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1525 /* In case there was an error during the command parsing we must
1526 * send a NULL packet to indicate the command is not supported */
1527 if (process_string_cmd(NULL, data, cmd, 1)) {
1532 static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
1534 GDBProcess *process;
1537 if (gdbserver_state.multiprocess) {
1538 if (!gdb_ctx->num_params) {
1543 pid = gdb_ctx->params[0].val_ul;
1546 process = gdb_get_process(pid);
1547 gdb_process_breakpoint_remove_all(process);
1548 process->attached = false;
1550 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1551 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1554 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1555 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1558 if (!gdbserver_state.c_cpu) {
1559 /* No more process attached */
1560 gdb_syscall_mode = GDB_SYS_DISABLED;
1566 static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
1570 if (!gdb_ctx->num_params) {
1575 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
1580 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
1581 gdb_ctx->params[0].thread_id.tid);
1590 static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
1592 if (gdb_ctx->num_params) {
1593 gdb_set_cpu_pc(gdb_ctx->params[0].val_ull);
1596 gdbserver_state.signal = 0;
1600 static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
1602 unsigned long signal = 0;
1605 * Note: C sig;[addr] is currently unsupported and we simply
1606 * omit the addr parameter
1608 if (gdb_ctx->num_params) {
1609 signal = gdb_ctx->params[0].val_ul;
1612 gdbserver_state.signal = gdb_signal_to_target(signal);
1613 if (gdbserver_state.signal == -1) {
1614 gdbserver_state.signal = 0;
1619 static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
1623 if (gdb_ctx->num_params != 2) {
1628 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
1633 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
1638 cpu = gdb_get_cpu(gdb_ctx->params[1].thread_id.pid,
1639 gdb_ctx->params[1].thread_id.tid);
1646 * Note: This command is deprecated and modern gdb's will be using the
1647 * vCont command instead.
1649 switch (gdb_ctx->params[0].opcode) {
1651 gdbserver_state.c_cpu = cpu;
1655 gdbserver_state.g_cpu = cpu;
1664 static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1668 if (gdb_ctx->num_params != 3) {
1673 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul,
1674 gdb_ctx->params[1].val_ull,
1675 gdb_ctx->params[2].val_ull);
1679 } else if (res == -ENOSYS) {
1687 static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1691 if (gdb_ctx->num_params != 3) {
1696 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul,
1697 gdb_ctx->params[1].val_ull,
1698 gdb_ctx->params[2].val_ull);
1702 } else if (res == -ENOSYS) {
1711 * handle_set/get_reg
1713 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1714 * This works, but can be very slow. Anything new enough to understand
1715 * XML also knows how to use this properly. However to use this we
1716 * need to define a local XML file as well as be talking to a
1717 * reasonably modern gdb. Responding with an empty packet will cause
1718 * the remote gdb to fallback to older methods.
1721 static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1730 if (gdb_ctx->num_params != 2) {
1735 reg_size = strlen(gdb_ctx->params[1].data) / 2;
1736 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[1].data, reg_size);
1737 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1738 gdb_ctx->params[0].val_ull);
1742 static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1751 if (!gdb_ctx->num_params) {
1756 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1757 gdbserver_state.mem_buf,
1758 gdb_ctx->params[0].val_ull);
1763 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1766 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1770 static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1772 if (gdb_ctx->num_params != 3) {
1777 /* hextomem() reads 2*len bytes */
1778 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
1783 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[2].data,
1784 gdb_ctx->params[1].val_ull);
1785 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1786 gdbserver_state.mem_buf->data,
1787 gdbserver_state.mem_buf->len, true)) {
1795 static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1797 if (gdb_ctx->num_params != 2) {
1802 /* memtohex() doubles the required space */
1803 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
1808 g_byte_array_set_size(gdbserver_state.mem_buf, gdb_ctx->params[1].val_ull);
1810 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1811 gdbserver_state.mem_buf->data,
1812 gdbserver_state.mem_buf->len, false)) {
1817 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1818 gdbserver_state.mem_buf->len);
1822 static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1824 target_ulong addr, len;
1828 if (!gdb_ctx->num_params) {
1832 cpu_synchronize_state(gdbserver_state.g_cpu);
1833 len = strlen(gdb_ctx->params[0].data) / 2;
1834 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
1835 registers = gdbserver_state.mem_buf->data;
1836 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1838 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1840 registers += reg_size;
1845 static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1847 target_ulong addr, len;
1849 cpu_synchronize_state(gdbserver_state.g_cpu);
1850 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1852 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1853 len += gdb_read_register(gdbserver_state.g_cpu,
1854 gdbserver_state.mem_buf,
1857 g_assert(len == gdbserver_state.mem_buf->len);
1859 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1863 static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
1865 if (gdb_ctx->num_params >= 1 && gdbserver_state.current_syscall_cb) {
1866 target_ulong ret, err;
1868 ret = (target_ulong)gdb_ctx->params[0].val_ull;
1869 if (gdb_ctx->num_params >= 2) {
1870 err = (target_ulong)gdb_ctx->params[1].val_ull;
1874 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1875 gdbserver_state.current_syscall_cb = NULL;
1878 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') {
1886 static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
1888 if (gdb_ctx->num_params) {
1889 gdb_set_cpu_pc((target_ulong)gdb_ctx->params[0].val_ull);
1892 cpu_single_step(gdbserver_state.c_cpu, get_sstep_flags());
1896 static void handle_backward(GdbCmdContext *gdb_ctx, void *user_ctx)
1898 if (replay_mode != REPLAY_MODE_PLAY) {
1901 if (gdb_ctx->num_params == 1) {
1902 switch (gdb_ctx->params[0].opcode) {
1904 if (replay_reverse_step()) {
1911 if (replay_reverse_continue()) {
1920 /* Default invalid command */
1924 static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
1926 put_packet("vCont;c;C;s;S");
1929 static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
1933 if (!gdb_ctx->num_params) {
1937 res = gdb_handle_vcont(gdb_ctx->params[0].data);
1938 if ((res == -EINVAL) || (res == -ERANGE)) {
1945 static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
1947 GDBProcess *process;
1950 g_string_assign(gdbserver_state.str_buf, "E22");
1951 if (!gdb_ctx->num_params) {
1955 process = gdb_get_process(gdb_ctx->params[0].val_ul);
1960 cpu = get_first_cpu_in_process(process);
1965 process->attached = true;
1966 gdbserver_state.g_cpu = cpu;
1967 gdbserver_state.c_cpu = cpu;
1969 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1970 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1971 g_string_append_c(gdbserver_state.str_buf, ';');
1976 static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
1978 /* Kill the target */
1980 error_report("QEMU: Terminated via GDBstub");
1985 static GdbCmdParseEntry gdb_v_commands_table[] = {
1986 /* Order is important if has same prefix */
1988 .handler = handle_v_cont_query,
1993 .handler = handle_v_cont,
1995 .cmd_startswith = 1,
1999 .handler = handle_v_attach,
2001 .cmd_startswith = 1,
2005 .handler = handle_v_kill,
2011 static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
2013 if (!gdb_ctx->num_params) {
2017 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2018 gdb_v_commands_table,
2019 ARRAY_SIZE(gdb_v_commands_table))) {
2024 static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
2026 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2027 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER);
2031 static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
2033 if (!gdb_ctx->num_params) {
2037 sstep_flags = gdb_ctx->params[0].val_ul;
2041 static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
2043 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags);
2047 static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
2050 GDBProcess *process;
2053 * "Current thread" remains vague in the spec, so always return
2054 * the first thread of the current process (gdb returns the
2057 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2058 cpu = get_first_cpu_in_process(process);
2059 g_string_assign(gdbserver_state.str_buf, "QC");
2060 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2064 static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2066 if (!gdbserver_state.query_cpu) {
2071 g_string_assign(gdbserver_state.str_buf, "m");
2072 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2074 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2077 static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2079 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2080 handle_query_threads(gdb_ctx, user_ctx);
2083 static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
2085 g_autoptr(GString) rs = g_string_new(NULL);
2088 if (!gdb_ctx->num_params ||
2089 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
2094 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
2095 gdb_ctx->params[0].thread_id.tid);
2100 cpu_synchronize_state(cpu);
2102 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2103 /* Print the CPU model and name in multiprocess mode */
2104 ObjectClass *oc = object_get_class(OBJECT(cpu));
2105 const char *cpu_model = object_class_get_name(oc);
2106 const char *cpu_name =
2107 object_get_canonical_path_component(OBJECT(cpu));
2108 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2109 cpu->halted ? "halted " : "running");
2111 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2112 cpu->halted ? "halted " : "running");
2114 trace_gdbstub_op_extra_info(rs->str);
2115 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2119 #ifdef CONFIG_USER_ONLY
2120 static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
2124 ts = gdbserver_state.c_cpu->opaque;
2125 g_string_printf(gdbserver_state.str_buf,
2126 "Text=" TARGET_ABI_FMT_lx
2127 ";Data=" TARGET_ABI_FMT_lx
2128 ";Bss=" TARGET_ABI_FMT_lx,
2129 ts->info->code_offset,
2130 ts->info->data_offset,
2131 ts->info->data_offset);
2135 static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
2137 const guint8 zero = 0;
2140 if (!gdb_ctx->num_params) {
2145 len = strlen(gdb_ctx->params[0].data);
2151 g_assert(gdbserver_state.mem_buf->len == 0);
2153 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
2154 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2155 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2156 gdbserver_state.mem_buf->len);
2161 static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2165 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2166 cc = CPU_GET_CLASS(first_cpu);
2167 if (cc->gdb_core_xml_file) {
2168 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2171 if (replay_mode == REPLAY_MODE_PLAY) {
2172 g_string_append(gdbserver_state.str_buf,
2173 ";ReverseStep+;ReverseContinue+");
2176 #ifdef CONFIG_USER_ONLY
2177 if (gdbserver_state.c_cpu->opaque) {
2178 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2182 if (gdb_ctx->num_params &&
2183 strstr(gdb_ctx->params[0].data, "multiprocess+")) {
2184 gdbserver_state.multiprocess = true;
2187 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2191 static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx)
2193 GDBProcess *process;
2195 unsigned long len, total_len, addr;
2199 if (gdb_ctx->num_params < 3) {
2204 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2205 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2206 if (!cc->gdb_core_xml_file) {
2212 p = gdb_ctx->params[0].data;
2213 xml = get_feature_xml(p, &p, process);
2219 addr = gdb_ctx->params[1].val_ul;
2220 len = gdb_ctx->params[2].val_ul;
2221 total_len = strlen(xml);
2222 if (addr > total_len) {
2227 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2228 len = (MAX_PACKET_LENGTH - 5) / 2;
2231 if (len < total_len - addr) {
2232 g_string_assign(gdbserver_state.str_buf, "m");
2233 memtox(gdbserver_state.str_buf, xml + addr, len);
2235 g_string_assign(gdbserver_state.str_buf, "l");
2236 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2239 put_packet_binary(gdbserver_state.str_buf->str,
2240 gdbserver_state.str_buf->len, true);
2243 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2244 static void handle_query_xfer_auxv(GdbCmdContext *gdb_ctx, void *user_ctx)
2247 unsigned long offset, len, saved_auxv, auxv_len;
2249 if (gdb_ctx->num_params < 2) {
2254 offset = gdb_ctx->params[0].val_ul;
2255 len = gdb_ctx->params[1].val_ul;
2256 ts = gdbserver_state.c_cpu->opaque;
2257 saved_auxv = ts->info->saved_auxv;
2258 auxv_len = ts->info->auxv_len;
2260 if (offset >= auxv_len) {
2265 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2266 len = (MAX_PACKET_LENGTH - 5) / 2;
2269 if (len < auxv_len - offset) {
2270 g_string_assign(gdbserver_state.str_buf, "m");
2272 g_string_assign(gdbserver_state.str_buf, "l");
2273 len = auxv_len - offset;
2276 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2277 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2278 gdbserver_state.mem_buf->data, len, false)) {
2283 memtox(gdbserver_state.str_buf,
2284 (const char *)gdbserver_state.mem_buf->data, len);
2285 put_packet_binary(gdbserver_state.str_buf->str,
2286 gdbserver_state.str_buf->len, true);
2290 static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx)
2292 put_packet(GDB_ATTACHED);
2295 static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2297 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2298 #ifndef CONFIG_USER_ONLY
2299 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2304 #ifndef CONFIG_USER_ONLY
2305 static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx,
2308 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2312 static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx)
2314 if (!gdb_ctx->num_params) {
2319 if (!gdb_ctx->params[0].val_ul) {
2320 phy_memory_mode = 0;
2322 phy_memory_mode = 1;
2328 static GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2329 /* Order is important if has same prefix */
2331 .handler = handle_query_qemu_sstepbits,
2332 .cmd = "qemu.sstepbits",
2335 .handler = handle_query_qemu_sstep,
2336 .cmd = "qemu.sstep",
2339 .handler = handle_set_qemu_sstep,
2340 .cmd = "qemu.sstep=",
2341 .cmd_startswith = 1,
2346 static GdbCmdParseEntry gdb_gen_query_table[] = {
2348 .handler = handle_query_curr_tid,
2352 .handler = handle_query_threads,
2353 .cmd = "sThreadInfo",
2356 .handler = handle_query_first_threads,
2357 .cmd = "fThreadInfo",
2360 .handler = handle_query_thread_extra,
2361 .cmd = "ThreadExtraInfo,",
2362 .cmd_startswith = 1,
2365 #ifdef CONFIG_USER_ONLY
2367 .handler = handle_query_offsets,
2372 .handler = handle_query_rcmd,
2374 .cmd_startswith = 1,
2379 .handler = handle_query_supported,
2380 .cmd = "Supported:",
2381 .cmd_startswith = 1,
2385 .handler = handle_query_supported,
2390 .handler = handle_query_xfer_features,
2391 .cmd = "Xfer:features:read:",
2392 .cmd_startswith = 1,
2395 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2397 .handler = handle_query_xfer_auxv,
2398 .cmd = "Xfer:auxv:read::",
2399 .cmd_startswith = 1,
2404 .handler = handle_query_attached,
2409 .handler = handle_query_attached,
2413 .handler = handle_query_qemu_supported,
2414 .cmd = "qemu.Supported",
2416 #ifndef CONFIG_USER_ONLY
2418 .handler = handle_query_qemu_phy_mem_mode,
2419 .cmd = "qemu.PhyMemMode",
2424 static GdbCmdParseEntry gdb_gen_set_table[] = {
2425 /* Order is important if has same prefix */
2427 .handler = handle_set_qemu_sstep,
2428 .cmd = "qemu.sstep:",
2429 .cmd_startswith = 1,
2432 #ifndef CONFIG_USER_ONLY
2434 .handler = handle_set_qemu_phy_mem_mode,
2435 .cmd = "qemu.PhyMemMode:",
2436 .cmd_startswith = 1,
2442 static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx)
2444 if (!gdb_ctx->num_params) {
2448 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2449 gdb_gen_query_set_common_table,
2450 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2454 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2455 gdb_gen_query_table,
2456 ARRAY_SIZE(gdb_gen_query_table))) {
2461 static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
2463 if (!gdb_ctx->num_params) {
2467 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2468 gdb_gen_query_set_common_table,
2469 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2473 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2475 ARRAY_SIZE(gdb_gen_set_table))) {
2480 static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
2482 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2483 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2484 g_string_append_c(gdbserver_state.str_buf, ';');
2487 * Remove all the breakpoints when this query is issued,
2488 * because gdb is doing an initial connect and the state
2489 * should be cleaned up.
2491 gdb_breakpoint_remove_all();
2494 static int gdb_handle_packet(const char *line_buf)
2496 const GdbCmdParseEntry *cmd_parser = NULL;
2498 trace_gdbstub_io_command(line_buf);
2500 switch (line_buf[0]) {
2506 static const GdbCmdParseEntry target_halted_cmd_desc = {
2507 .handler = handle_target_halt,
2511 cmd_parser = &target_halted_cmd_desc;
2516 static const GdbCmdParseEntry continue_cmd_desc = {
2517 .handler = handle_continue,
2519 .cmd_startswith = 1,
2522 cmd_parser = &continue_cmd_desc;
2527 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2528 .handler = handle_cont_with_sig,
2530 .cmd_startswith = 1,
2533 cmd_parser = &cont_with_sig_cmd_desc;
2538 static const GdbCmdParseEntry v_cmd_desc = {
2539 .handler = handle_v_commands,
2541 .cmd_startswith = 1,
2544 cmd_parser = &v_cmd_desc;
2548 /* Kill the target */
2549 error_report("QEMU: Terminated via GDBstub");
2554 static const GdbCmdParseEntry detach_cmd_desc = {
2555 .handler = handle_detach,
2557 .cmd_startswith = 1,
2560 cmd_parser = &detach_cmd_desc;
2565 static const GdbCmdParseEntry step_cmd_desc = {
2566 .handler = handle_step,
2568 .cmd_startswith = 1,
2571 cmd_parser = &step_cmd_desc;
2576 static const GdbCmdParseEntry backward_cmd_desc = {
2577 .handler = handle_backward,
2579 .cmd_startswith = 1,
2582 cmd_parser = &backward_cmd_desc;
2587 static const GdbCmdParseEntry file_io_cmd_desc = {
2588 .handler = handle_file_io,
2590 .cmd_startswith = 1,
2593 cmd_parser = &file_io_cmd_desc;
2598 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2599 .handler = handle_read_all_regs,
2603 cmd_parser = &read_all_regs_cmd_desc;
2608 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2609 .handler = handle_write_all_regs,
2611 .cmd_startswith = 1,
2614 cmd_parser = &write_all_regs_cmd_desc;
2619 static const GdbCmdParseEntry read_mem_cmd_desc = {
2620 .handler = handle_read_mem,
2622 .cmd_startswith = 1,
2625 cmd_parser = &read_mem_cmd_desc;
2630 static const GdbCmdParseEntry write_mem_cmd_desc = {
2631 .handler = handle_write_mem,
2633 .cmd_startswith = 1,
2636 cmd_parser = &write_mem_cmd_desc;
2641 static const GdbCmdParseEntry get_reg_cmd_desc = {
2642 .handler = handle_get_reg,
2644 .cmd_startswith = 1,
2647 cmd_parser = &get_reg_cmd_desc;
2652 static const GdbCmdParseEntry set_reg_cmd_desc = {
2653 .handler = handle_set_reg,
2655 .cmd_startswith = 1,
2658 cmd_parser = &set_reg_cmd_desc;
2663 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2664 .handler = handle_insert_bp,
2666 .cmd_startswith = 1,
2669 cmd_parser = &insert_bp_cmd_desc;
2674 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2675 .handler = handle_remove_bp,
2677 .cmd_startswith = 1,
2680 cmd_parser = &remove_bp_cmd_desc;
2685 static const GdbCmdParseEntry set_thread_cmd_desc = {
2686 .handler = handle_set_thread,
2688 .cmd_startswith = 1,
2691 cmd_parser = &set_thread_cmd_desc;
2696 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2697 .handler = handle_thread_alive,
2699 .cmd_startswith = 1,
2702 cmd_parser = &thread_alive_cmd_desc;
2707 static const GdbCmdParseEntry gen_query_cmd_desc = {
2708 .handler = handle_gen_query,
2710 .cmd_startswith = 1,
2713 cmd_parser = &gen_query_cmd_desc;
2718 static const GdbCmdParseEntry gen_set_cmd_desc = {
2719 .handler = handle_gen_set,
2721 .cmd_startswith = 1,
2724 cmd_parser = &gen_set_cmd_desc;
2728 /* put empty packet */
2734 run_cmd_parser(line_buf, cmd_parser);
2740 void gdb_set_stop_cpu(CPUState *cpu)
2742 GDBProcess *p = gdb_get_cpu_process(cpu);
2746 * Having a stop CPU corresponding to a process that is not attached
2747 * confuses GDB. So we ignore the request.
2752 gdbserver_state.c_cpu = cpu;
2753 gdbserver_state.g_cpu = cpu;
2756 #ifndef CONFIG_USER_ONLY
2757 static void gdb_vm_state_change(void *opaque, int running, RunState state)
2759 CPUState *cpu = gdbserver_state.c_cpu;
2760 g_autoptr(GString) buf = g_string_new(NULL);
2761 g_autoptr(GString) tid = g_string_new(NULL);
2765 if (running || gdbserver_state.state == RS_INACTIVE) {
2768 /* Is there a GDB syscall waiting to be sent? */
2769 if (gdbserver_state.current_syscall_cb) {
2770 put_packet(gdbserver_state.syscall_buf);
2775 /* No process attached */
2779 gdb_append_thread_id(cpu, tid);
2782 case RUN_STATE_DEBUG:
2783 if (cpu->watchpoint_hit) {
2784 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2795 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2796 (target_ulong)cpu->watchpoint_hit->vaddr);
2797 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2798 GDB_SIGNAL_TRAP, tid->str, type,
2799 (target_ulong)cpu->watchpoint_hit->vaddr);
2800 cpu->watchpoint_hit = NULL;
2803 trace_gdbstub_hit_break();
2806 ret = GDB_SIGNAL_TRAP;
2808 case RUN_STATE_PAUSED:
2809 trace_gdbstub_hit_paused();
2810 ret = GDB_SIGNAL_INT;
2812 case RUN_STATE_SHUTDOWN:
2813 trace_gdbstub_hit_shutdown();
2814 ret = GDB_SIGNAL_QUIT;
2816 case RUN_STATE_IO_ERROR:
2817 trace_gdbstub_hit_io_error();
2818 ret = GDB_SIGNAL_IO;
2820 case RUN_STATE_WATCHDOG:
2821 trace_gdbstub_hit_watchdog();
2822 ret = GDB_SIGNAL_ALRM;
2824 case RUN_STATE_INTERNAL_ERROR:
2825 trace_gdbstub_hit_internal_error();
2826 ret = GDB_SIGNAL_ABRT;
2828 case RUN_STATE_SAVE_VM:
2829 case RUN_STATE_RESTORE_VM:
2831 case RUN_STATE_FINISH_MIGRATE:
2832 ret = GDB_SIGNAL_XCPU;
2835 trace_gdbstub_hit_unknown(state);
2836 ret = GDB_SIGNAL_UNKNOWN;
2839 gdb_set_stop_cpu(cpu);
2840 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2843 put_packet(buf->str);
2845 /* disable single step if it was enabled */
2846 cpu_single_step(cpu, 0);
2850 /* Send a gdb syscall request.
2851 This accepts limited printf-style format specifiers, specifically:
2852 %x - target_ulong argument printed in hex.
2853 %lx - 64-bit argument printed in hex.
2854 %s - string pointer (target_ulong) and length (int) pair. */
2855 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2862 if (!gdbserver_state.init) {
2866 gdbserver_state.current_syscall_cb = cb;
2867 #ifndef CONFIG_USER_ONLY
2868 vm_stop(RUN_STATE_DEBUG);
2870 p = &gdbserver_state.syscall_buf[0];
2871 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2878 addr = va_arg(va, target_ulong);
2879 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2882 if (*(fmt++) != 'x')
2884 i64 = va_arg(va, uint64_t);
2885 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2888 addr = va_arg(va, target_ulong);
2889 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2890 addr, va_arg(va, int));
2894 error_report("gdbstub: Bad syscall format string '%s'",
2903 #ifdef CONFIG_USER_ONLY
2904 put_packet(gdbserver_state.syscall_buf);
2905 /* Return control to gdb for it to process the syscall request.
2906 * Since the protocol requires that gdb hands control back to us
2907 * using a "here are the results" F packet, we don't need to check
2908 * gdb_handlesig's return value (which is the signal to deliver if
2909 * execution was resumed via a continue packet).
2911 gdb_handlesig(gdbserver_state.c_cpu, 0);
2913 /* In this case wait to send the syscall packet until notification that
2914 the CPU has stopped. This must be done because if the packet is sent
2915 now the reply from the syscall request could be received while the CPU
2916 is still in the running state, which can cause packets to be dropped
2917 and state transition 'T' packets to be sent while the syscall is still
2919 qemu_cpu_kick(gdbserver_state.c_cpu);
2923 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2928 gdb_do_syscallv(cb, fmt, va);
2932 static void gdb_read_byte(uint8_t ch)
2936 #ifndef CONFIG_USER_ONLY
2937 if (gdbserver_state.last_packet->len) {
2938 /* Waiting for a response to the last packet. If we see the start
2939 of a new command then abandon the previous response. */
2941 trace_gdbstub_err_got_nack();
2942 put_buffer(gdbserver_state.last_packet->data,
2943 gdbserver_state.last_packet->len);
2944 } else if (ch == '+') {
2945 trace_gdbstub_io_got_ack();
2947 trace_gdbstub_io_got_unexpected(ch);
2950 if (ch == '+' || ch == '$') {
2951 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2956 if (runstate_is_running()) {
2957 /* when the CPU is running, we cannot do anything except stop
2958 it when receiving a char */
2959 vm_stop(RUN_STATE_PAUSED);
2963 switch(gdbserver_state.state) {
2966 /* start of command packet */
2967 gdbserver_state.line_buf_index = 0;
2968 gdbserver_state.line_sum = 0;
2969 gdbserver_state.state = RS_GETLINE;
2971 trace_gdbstub_err_garbage(ch);
2976 /* start escape sequence */
2977 gdbserver_state.state = RS_GETLINE_ESC;
2978 gdbserver_state.line_sum += ch;
2979 } else if (ch == '*') {
2980 /* start run length encoding sequence */
2981 gdbserver_state.state = RS_GETLINE_RLE;
2982 gdbserver_state.line_sum += ch;
2983 } else if (ch == '#') {
2984 /* end of command, start of checksum*/
2985 gdbserver_state.state = RS_CHKSUM1;
2986 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2987 trace_gdbstub_err_overrun();
2988 gdbserver_state.state = RS_IDLE;
2990 /* unescaped command character */
2991 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2992 gdbserver_state.line_sum += ch;
2995 case RS_GETLINE_ESC:
2997 /* unexpected end of command in escape sequence */
2998 gdbserver_state.state = RS_CHKSUM1;
2999 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3000 /* command buffer overrun */
3001 trace_gdbstub_err_overrun();
3002 gdbserver_state.state = RS_IDLE;
3004 /* parse escaped character and leave escape state */
3005 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
3006 gdbserver_state.line_sum += ch;
3007 gdbserver_state.state = RS_GETLINE;
3010 case RS_GETLINE_RLE:
3012 * Run-length encoding is explained in "Debugging with GDB /
3013 * Appendix E GDB Remote Serial Protocol / Overview".
3015 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
3016 /* invalid RLE count encoding */
3017 trace_gdbstub_err_invalid_repeat(ch);
3018 gdbserver_state.state = RS_GETLINE;
3020 /* decode repeat length */
3021 int repeat = ch - ' ' + 3;
3022 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
3023 /* that many repeats would overrun the command buffer */
3024 trace_gdbstub_err_overrun();
3025 gdbserver_state.state = RS_IDLE;
3026 } else if (gdbserver_state.line_buf_index < 1) {
3027 /* got a repeat but we have nothing to repeat */
3028 trace_gdbstub_err_invalid_rle();
3029 gdbserver_state.state = RS_GETLINE;
3031 /* repeat the last character */
3032 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
3033 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
3034 gdbserver_state.line_buf_index += repeat;
3035 gdbserver_state.line_sum += ch;
3036 gdbserver_state.state = RS_GETLINE;
3041 /* get high hex digit of checksum */
3042 if (!isxdigit(ch)) {
3043 trace_gdbstub_err_checksum_invalid(ch);
3044 gdbserver_state.state = RS_GETLINE;
3047 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
3048 gdbserver_state.line_csum = fromhex(ch) << 4;
3049 gdbserver_state.state = RS_CHKSUM2;
3052 /* get low hex digit of checksum */
3053 if (!isxdigit(ch)) {
3054 trace_gdbstub_err_checksum_invalid(ch);
3055 gdbserver_state.state = RS_GETLINE;
3058 gdbserver_state.line_csum |= fromhex(ch);
3060 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3061 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3062 /* send NAK reply */
3064 put_buffer(&reply, 1);
3065 gdbserver_state.state = RS_IDLE;
3067 /* send ACK reply */
3069 put_buffer(&reply, 1);
3070 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3079 /* Tell the remote gdb that the process has exited. */
3080 void gdb_exit(int code)
3084 if (!gdbserver_state.init) {
3087 #ifdef CONFIG_USER_ONLY
3088 if (gdbserver_state.socket_path) {
3089 unlink(gdbserver_state.socket_path);
3091 if (gdbserver_state.fd < 0) {
3096 trace_gdbstub_op_exiting((uint8_t)code);
3098 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3101 #ifndef CONFIG_USER_ONLY
3102 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3107 * Create the process that will contain all the "orphan" CPUs (that are not
3108 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3109 * be attachable and thus will be invisible to the user.
3111 static void create_default_process(GDBState *s)
3113 GDBProcess *process;
3116 if (gdbserver_state.process_num) {
3117 max_pid = s->processes[s->process_num - 1].pid;
3120 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3121 process = &s->processes[s->process_num - 1];
3123 /* We need an available PID slot for this process */
3124 assert(max_pid < UINT32_MAX);
3126 process->pid = max_pid + 1;
3127 process->attached = false;
3128 process->target_xml[0] = '\0';
3131 #ifdef CONFIG_USER_ONLY
3133 gdb_handlesig(CPUState *cpu, int sig)
3138 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3142 /* disable single step if it was enabled */
3143 cpu_single_step(cpu, 0);
3147 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
3150 /* put_packet() might have detected that the peer terminated the
3152 if (gdbserver_state.fd < 0) {
3157 gdbserver_state.state = RS_IDLE;
3158 gdbserver_state.running_state = 0;
3159 while (gdbserver_state.running_state == 0) {
3160 n = read(gdbserver_state.fd, buf, 256);
3164 for (i = 0; i < n; i++) {
3165 gdb_read_byte(buf[i]);
3168 /* XXX: Connection closed. Should probably wait for another
3169 connection before continuing. */
3171 close(gdbserver_state.fd);
3173 gdbserver_state.fd = -1;
3177 sig = gdbserver_state.signal;
3178 gdbserver_state.signal = 0;
3182 /* Tell the remote gdb that the process has exited due to SIG. */
3183 void gdb_signalled(CPUArchState *env, int sig)
3187 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3191 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3195 static void gdb_accept_init(int fd)
3197 init_gdbserver_state();
3198 create_default_process(&gdbserver_state);
3199 gdbserver_state.processes[0].attached = true;
3200 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3201 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3202 gdbserver_state.fd = fd;
3203 gdb_has_xml = false;
3206 static bool gdb_accept_socket(int gdb_fd)
3211 fd = accept(gdb_fd, NULL, NULL);
3212 if (fd < 0 && errno != EINTR) {
3213 perror("accept socket");
3215 } else if (fd >= 0) {
3216 qemu_set_cloexec(fd);
3221 gdb_accept_init(fd);
3225 static int gdbserver_open_socket(const char *path)
3227 struct sockaddr_un sockaddr;
3230 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3232 perror("create socket");
3236 sockaddr.sun_family = AF_UNIX;
3237 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3238 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3240 perror("bind socket");
3244 ret = listen(fd, 1);
3246 perror("listen socket");
3254 static bool gdb_accept_tcp(int gdb_fd)
3256 struct sockaddr_in sockaddr;
3261 len = sizeof(sockaddr);
3262 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3263 if (fd < 0 && errno != EINTR) {
3266 } else if (fd >= 0) {
3267 qemu_set_cloexec(fd);
3272 /* set short latency */
3273 if (socket_set_nodelay(fd)) {
3274 perror("setsockopt");
3279 gdb_accept_init(fd);
3283 static int gdbserver_open_port(int port)
3285 struct sockaddr_in sockaddr;
3288 fd = socket(PF_INET, SOCK_STREAM, 0);
3293 qemu_set_cloexec(fd);
3295 socket_set_fast_reuse(fd);
3297 sockaddr.sin_family = AF_INET;
3298 sockaddr.sin_port = htons(port);
3299 sockaddr.sin_addr.s_addr = 0;
3300 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3306 ret = listen(fd, 1);
3316 int gdbserver_start(const char *port_or_path)
3318 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3322 gdb_fd = gdbserver_open_port(port);
3324 gdb_fd = gdbserver_open_socket(port_or_path);
3331 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3333 } else if (gdb_accept_socket(gdb_fd)) {
3334 gdbserver_state.socket_path = g_strdup(port_or_path);
3343 /* Disable gdb stub for child processes. */
3344 void gdbserver_fork(CPUState *cpu)
3346 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3349 close(gdbserver_state.fd);
3350 gdbserver_state.fd = -1;
3351 cpu_breakpoint_remove_all(cpu, BP_GDB);
3352 cpu_watchpoint_remove_all(cpu, BP_GDB);
3355 static int gdb_chr_can_receive(void *opaque)
3357 /* We can handle an arbitrarily large amount of data.
3358 Pick the maximum packet size, which is as good as anything. */
3359 return MAX_PACKET_LENGTH;
3362 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3366 for (i = 0; i < size; i++) {
3367 gdb_read_byte(buf[i]);
3371 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3374 GDBState *s = (GDBState *) opaque;
3377 case CHR_EVENT_OPENED:
3378 /* Start with first process attached, others detached */
3379 for (i = 0; i < s->process_num; i++) {
3380 s->processes[i].attached = !i;
3383 s->c_cpu = gdb_first_attached_cpu();
3384 s->g_cpu = s->c_cpu;
3386 vm_stop(RUN_STATE_PAUSED);
3387 replay_gdb_attached();
3388 gdb_has_xml = false;
3395 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3397 g_autoptr(GString) hex_buf = g_string_new("O");
3398 memtohex(hex_buf, buf, len);
3399 put_packet(hex_buf->str);
3404 static void gdb_sigterm_handler(int signal)
3406 if (runstate_is_running()) {
3407 vm_stop(RUN_STATE_PAUSED);
3412 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3413 bool *be_opened, Error **errp)
3418 static void char_gdb_class_init(ObjectClass *oc, void *data)
3420 ChardevClass *cc = CHARDEV_CLASS(oc);
3422 cc->internal = true;
3423 cc->open = gdb_monitor_open;
3424 cc->chr_write = gdb_monitor_write;
3427 #define TYPE_CHARDEV_GDB "chardev-gdb"
3429 static const TypeInfo char_gdb_type_info = {
3430 .name = TYPE_CHARDEV_GDB,
3431 .parent = TYPE_CHARDEV,
3432 .class_init = char_gdb_class_init,
3435 static int find_cpu_clusters(Object *child, void *opaque)
3437 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3438 GDBState *s = (GDBState *) opaque;
3439 CPUClusterState *cluster = CPU_CLUSTER(child);
3440 GDBProcess *process;
3442 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3444 process = &s->processes[s->process_num - 1];
3447 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3448 * runtime, we enforce here that the machine does not use a cluster ID
3449 * that would lead to PID 0.
3451 assert(cluster->cluster_id != UINT32_MAX);
3452 process->pid = cluster->cluster_id + 1;
3453 process->attached = false;
3454 process->target_xml[0] = '\0';
3459 return object_child_foreach(child, find_cpu_clusters, opaque);
3462 static int pid_order(const void *a, const void *b)
3464 GDBProcess *pa = (GDBProcess *) a;
3465 GDBProcess *pb = (GDBProcess *) b;
3467 if (pa->pid < pb->pid) {
3469 } else if (pa->pid > pb->pid) {
3476 static void create_processes(GDBState *s)
3478 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3480 if (gdbserver_state.processes) {
3482 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3485 create_default_process(s);
3488 int gdbserver_start(const char *device)
3490 trace_gdbstub_op_start(device);
3492 char gdbstub_device_name[128];
3493 Chardev *chr = NULL;
3497 error_report("gdbstub: meaningless to attach gdb to a "
3498 "machine without any CPU.");
3504 if (strcmp(device, "none") != 0) {
3505 if (strstart(device, "tcp:", NULL)) {
3506 /* enforce required TCP attributes */
3507 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3508 "%s,wait=off,nodelay=on,server=on", device);
3509 device = gdbstub_device_name;
3512 else if (strcmp(device, "stdio") == 0) {
3513 struct sigaction act;
3515 memset(&act, 0, sizeof(act));
3516 act.sa_handler = gdb_sigterm_handler;
3517 sigaction(SIGINT, &act, NULL);
3521 * FIXME: it's a bit weird to allow using a mux chardev here
3522 * and implicitly setup a monitor. We may want to break this.
3524 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3529 if (!gdbserver_state.init) {
3530 init_gdbserver_state();
3532 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3534 /* Initialize a monitor terminal for gdb */
3535 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3536 NULL, NULL, &error_abort);
3537 monitor_init_hmp(mon_chr, false, &error_abort);
3539 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3540 mon_chr = gdbserver_state.mon_chr;
3541 reset_gdbserver_state();
3544 create_processes(&gdbserver_state);
3547 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3548 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3549 gdb_chr_receive, gdb_chr_event,
3550 NULL, &gdbserver_state, NULL, true);
3552 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3553 gdbserver_state.mon_chr = mon_chr;
3554 gdbserver_state.current_syscall_cb = NULL;
3559 static void register_types(void)
3561 type_register_static(&char_gdb_type_info);
3564 type_init(register_types);
projects / qemu.git / blob