Merge remote-tracking branch 'remotes/armbru/tags/pull-qapi-2021-02-18' into staging
[qemu.git] / gdbstub.c
blob759bb00bcf0cf48706d938ffa2deef382e23b8d7
1 /*
2 * gdb server stub
4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace/trace-root.h"
34 #ifdef CONFIG_USER_ONLY
35 #include "qemu.h"
36 #else
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "sysemu/sysemu.h"
41 #include "exec/gdbstub.h"
42 #include "hw/cpu/cluster.h"
43 #include "hw/boards.h"
44 #endif
46 #define MAX_PACKET_LENGTH 4096
48 #include "qemu/sockets.h"
49 #include "sysemu/hw_accel.h"
50 #include "sysemu/kvm.h"
51 #include "sysemu/runstate.h"
52 #include "hw/semihosting/semihost.h"
53 #include "exec/exec-all.h"
54 #include "sysemu/replay.h"
56 #ifdef CONFIG_USER_ONLY
57 #define GDB_ATTACHED "0"
58 #else
59 #define GDB_ATTACHED "1"
60 #endif
62 #ifndef CONFIG_USER_ONLY
63 static int phy_memory_mode;
64 #endif
66 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
67 uint8_t *buf, int len, bool is_write)
69 CPUClass *cc;
71 #ifndef CONFIG_USER_ONLY
72 if (phy_memory_mode) {
73 if (is_write) {
74 cpu_physical_memory_write(addr, buf, len);
75 } else {
76 cpu_physical_memory_read(addr, buf, len);
78 return 0;
80 #endif
82 cc = CPU_GET_CLASS(cpu);
83 if (cc->memory_rw_debug) {
84 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
86 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
89 /* Return the GDB index for a given vCPU state.
91 * For user mode this is simply the thread id. In system mode GDB
92 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
94 static inline int cpu_gdb_index(CPUState *cpu)
96 #if defined(CONFIG_USER_ONLY)
97 TaskState *ts = (TaskState *) cpu->opaque;
98 return ts->ts_tid;
99 #else
100 return cpu->cpu_index + 1;
101 #endif
104 enum {
105 GDB_SIGNAL_0 = 0,
106 GDB_SIGNAL_INT = 2,
107 GDB_SIGNAL_QUIT = 3,
108 GDB_SIGNAL_TRAP = 5,
109 GDB_SIGNAL_ABRT = 6,
110 GDB_SIGNAL_ALRM = 14,
111 GDB_SIGNAL_IO = 23,
112 GDB_SIGNAL_XCPU = 24,
113 GDB_SIGNAL_UNKNOWN = 143
116 #ifdef CONFIG_USER_ONLY
118 /* Map target signal numbers to GDB protocol signal numbers and vice
119 * versa. For user emulation's currently supported systems, we can
120 * assume most signals are defined.
123 static int gdb_signal_table[] = {
125 TARGET_SIGHUP,
126 TARGET_SIGINT,
127 TARGET_SIGQUIT,
128 TARGET_SIGILL,
129 TARGET_SIGTRAP,
130 TARGET_SIGABRT,
131 -1, /* SIGEMT */
132 TARGET_SIGFPE,
133 TARGET_SIGKILL,
134 TARGET_SIGBUS,
135 TARGET_SIGSEGV,
136 TARGET_SIGSYS,
137 TARGET_SIGPIPE,
138 TARGET_SIGALRM,
139 TARGET_SIGTERM,
140 TARGET_SIGURG,
141 TARGET_SIGSTOP,
142 TARGET_SIGTSTP,
143 TARGET_SIGCONT,
144 TARGET_SIGCHLD,
145 TARGET_SIGTTIN,
146 TARGET_SIGTTOU,
147 TARGET_SIGIO,
148 TARGET_SIGXCPU,
149 TARGET_SIGXFSZ,
150 TARGET_SIGVTALRM,
151 TARGET_SIGPROF,
152 TARGET_SIGWINCH,
153 -1, /* SIGLOST */
154 TARGET_SIGUSR1,
155 TARGET_SIGUSR2,
156 #ifdef TARGET_SIGPWR
157 TARGET_SIGPWR,
158 #else
160 #endif
161 -1, /* SIGPOLL */
173 #ifdef __SIGRTMIN
174 __SIGRTMIN + 1,
175 __SIGRTMIN + 2,
176 __SIGRTMIN + 3,
177 __SIGRTMIN + 4,
178 __SIGRTMIN + 5,
179 __SIGRTMIN + 6,
180 __SIGRTMIN + 7,
181 __SIGRTMIN + 8,
182 __SIGRTMIN + 9,
183 __SIGRTMIN + 10,
184 __SIGRTMIN + 11,
185 __SIGRTMIN + 12,
186 __SIGRTMIN + 13,
187 __SIGRTMIN + 14,
188 __SIGRTMIN + 15,
189 __SIGRTMIN + 16,
190 __SIGRTMIN + 17,
191 __SIGRTMIN + 18,
192 __SIGRTMIN + 19,
193 __SIGRTMIN + 20,
194 __SIGRTMIN + 21,
195 __SIGRTMIN + 22,
196 __SIGRTMIN + 23,
197 __SIGRTMIN + 24,
198 __SIGRTMIN + 25,
199 __SIGRTMIN + 26,
200 __SIGRTMIN + 27,
201 __SIGRTMIN + 28,
202 __SIGRTMIN + 29,
203 __SIGRTMIN + 30,
204 __SIGRTMIN + 31,
205 -1, /* SIGCANCEL */
206 __SIGRTMIN,
207 __SIGRTMIN + 32,
208 __SIGRTMIN + 33,
209 __SIGRTMIN + 34,
210 __SIGRTMIN + 35,
211 __SIGRTMIN + 36,
212 __SIGRTMIN + 37,
213 __SIGRTMIN + 38,
214 __SIGRTMIN + 39,
215 __SIGRTMIN + 40,
216 __SIGRTMIN + 41,
217 __SIGRTMIN + 42,
218 __SIGRTMIN + 43,
219 __SIGRTMIN + 44,
220 __SIGRTMIN + 45,
221 __SIGRTMIN + 46,
222 __SIGRTMIN + 47,
223 __SIGRTMIN + 48,
224 __SIGRTMIN + 49,
225 __SIGRTMIN + 50,
226 __SIGRTMIN + 51,
227 __SIGRTMIN + 52,
228 __SIGRTMIN + 53,
229 __SIGRTMIN + 54,
230 __SIGRTMIN + 55,
231 __SIGRTMIN + 56,
232 __SIGRTMIN + 57,
233 __SIGRTMIN + 58,
234 __SIGRTMIN + 59,
235 __SIGRTMIN + 60,
236 __SIGRTMIN + 61,
237 __SIGRTMIN + 62,
238 __SIGRTMIN + 63,
239 __SIGRTMIN + 64,
240 __SIGRTMIN + 65,
241 __SIGRTMIN + 66,
242 __SIGRTMIN + 67,
243 __SIGRTMIN + 68,
244 __SIGRTMIN + 69,
245 __SIGRTMIN + 70,
246 __SIGRTMIN + 71,
247 __SIGRTMIN + 72,
248 __SIGRTMIN + 73,
249 __SIGRTMIN + 74,
250 __SIGRTMIN + 75,
251 __SIGRTMIN + 76,
252 __SIGRTMIN + 77,
253 __SIGRTMIN + 78,
254 __SIGRTMIN + 79,
255 __SIGRTMIN + 80,
256 __SIGRTMIN + 81,
257 __SIGRTMIN + 82,
258 __SIGRTMIN + 83,
259 __SIGRTMIN + 84,
260 __SIGRTMIN + 85,
261 __SIGRTMIN + 86,
262 __SIGRTMIN + 87,
263 __SIGRTMIN + 88,
264 __SIGRTMIN + 89,
265 __SIGRTMIN + 90,
266 __SIGRTMIN + 91,
267 __SIGRTMIN + 92,
268 __SIGRTMIN + 93,
269 __SIGRTMIN + 94,
270 __SIGRTMIN + 95,
271 -1, /* SIGINFO */
272 -1, /* UNKNOWN */
273 -1, /* DEFAULT */
280 #endif
282 #else
283 /* In system mode we only need SIGINT and SIGTRAP; other signals
284 are not yet supported. */
286 enum {
287 TARGET_SIGINT = 2,
288 TARGET_SIGTRAP = 5
291 static int gdb_signal_table[] = {
294 TARGET_SIGINT,
297 TARGET_SIGTRAP
299 #endif
301 #ifdef CONFIG_USER_ONLY
302 static int target_signal_to_gdb (int sig)
304 int i;
305 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
306 if (gdb_signal_table[i] == sig)
307 return i;
308 return GDB_SIGNAL_UNKNOWN;
310 #endif
312 static int gdb_signal_to_target (int sig)
314 if (sig < ARRAY_SIZE (gdb_signal_table))
315 return gdb_signal_table[sig];
316 else
317 return -1;
320 typedef struct GDBRegisterState {
321 int base_reg;
322 int num_regs;
323 gdb_get_reg_cb get_reg;
324 gdb_set_reg_cb set_reg;
325 const char *xml;
326 struct GDBRegisterState *next;
327 } GDBRegisterState;
329 typedef struct GDBProcess {
330 uint32_t pid;
331 bool attached;
333 char target_xml[1024];
334 } GDBProcess;
336 enum RSState {
337 RS_INACTIVE,
338 RS_IDLE,
339 RS_GETLINE,
340 RS_GETLINE_ESC,
341 RS_GETLINE_RLE,
342 RS_CHKSUM1,
343 RS_CHKSUM2,
345 typedef struct GDBState {
346 bool init; /* have we been initialised? */
347 CPUState *c_cpu; /* current CPU for step/continue ops */
348 CPUState *g_cpu; /* current CPU for other ops */
349 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
350 enum RSState state; /* parsing state */
351 char line_buf[MAX_PACKET_LENGTH];
352 int line_buf_index;
353 int line_sum; /* running checksum */
354 int line_csum; /* checksum at the end of the packet */
355 GByteArray *last_packet;
356 int signal;
357 #ifdef CONFIG_USER_ONLY
358 int fd;
359 char *socket_path;
360 int running_state;
361 #else
362 CharBackend chr;
363 Chardev *mon_chr;
364 #endif
365 bool multiprocess;
366 GDBProcess *processes;
367 int process_num;
368 char syscall_buf[256];
369 gdb_syscall_complete_cb current_syscall_cb;
370 GString *str_buf;
371 GByteArray *mem_buf;
372 } GDBState;
374 /* By default use no IRQs and no timers while single stepping so as to
375 * make single stepping like an ICE HW step.
377 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
379 /* Retrieves flags for single step mode. */
380 static int get_sstep_flags(void)
383 * In replay mode all events written into the log should be replayed.
384 * That is why NOIRQ flag is removed in this mode.
386 if (replay_mode != REPLAY_MODE_NONE) {
387 return SSTEP_ENABLE;
388 } else {
389 return sstep_flags;
393 static GDBState gdbserver_state;
395 static void init_gdbserver_state(void)
397 g_assert(!gdbserver_state.init);
398 memset(&gdbserver_state, 0, sizeof(GDBState));
399 gdbserver_state.init = true;
400 gdbserver_state.str_buf = g_string_new(NULL);
401 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
402 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
405 #ifndef CONFIG_USER_ONLY
406 static void reset_gdbserver_state(void)
408 g_free(gdbserver_state.processes);
409 gdbserver_state.processes = NULL;
410 gdbserver_state.process_num = 0;
412 #endif
414 bool gdb_has_xml;
416 #ifdef CONFIG_USER_ONLY
418 static int get_char(void)
420 uint8_t ch;
421 int ret;
423 for(;;) {
424 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0);
425 if (ret < 0) {
426 if (errno == ECONNRESET)
427 gdbserver_state.fd = -1;
428 if (errno != EINTR)
429 return -1;
430 } else if (ret == 0) {
431 close(gdbserver_state.fd);
432 gdbserver_state.fd = -1;
433 return -1;
434 } else {
435 break;
438 return ch;
440 #endif
442 static enum {
443 GDB_SYS_UNKNOWN,
444 GDB_SYS_ENABLED,
445 GDB_SYS_DISABLED,
446 } gdb_syscall_mode;
448 /* Decide if either remote gdb syscalls or native file IO should be used. */
449 int use_gdb_syscalls(void)
451 SemihostingTarget target = semihosting_get_target();
452 if (target == SEMIHOSTING_TARGET_NATIVE) {
453 /* -semihosting-config target=native */
454 return false;
455 } else if (target == SEMIHOSTING_TARGET_GDB) {
456 /* -semihosting-config target=gdb */
457 return true;
460 /* -semihosting-config target=auto */
461 /* On the first call check if gdb is connected and remember. */
462 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
463 gdb_syscall_mode = gdbserver_state.init ?
464 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
466 return gdb_syscall_mode == GDB_SYS_ENABLED;
469 /* Resume execution. */
470 static inline void gdb_continue(void)
473 #ifdef CONFIG_USER_ONLY
474 gdbserver_state.running_state = 1;
475 trace_gdbstub_op_continue();
476 #else
477 if (!runstate_needs_reset()) {
478 trace_gdbstub_op_continue();
479 vm_start();
481 #endif
485 * Resume execution, per CPU actions. For user-mode emulation it's
486 * equivalent to gdb_continue.
488 static int gdb_continue_partial(char *newstates)
490 CPUState *cpu;
491 int res = 0;
492 #ifdef CONFIG_USER_ONLY
494 * This is not exactly accurate, but it's an improvement compared to the
495 * previous situation, where only one CPU would be single-stepped.
497 CPU_FOREACH(cpu) {
498 if (newstates[cpu->cpu_index] == 's') {
499 trace_gdbstub_op_stepping(cpu->cpu_index);
500 cpu_single_step(cpu, sstep_flags);
503 gdbserver_state.running_state = 1;
504 #else
505 int flag = 0;
507 if (!runstate_needs_reset()) {
508 if (vm_prepare_start()) {
509 return 0;
512 CPU_FOREACH(cpu) {
513 switch (newstates[cpu->cpu_index]) {
514 case 0:
515 case 1:
516 break; /* nothing to do here */
517 case 's':
518 trace_gdbstub_op_stepping(cpu->cpu_index);
519 cpu_single_step(cpu, get_sstep_flags());
520 cpu_resume(cpu);
521 flag = 1;
522 break;
523 case 'c':
524 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
525 cpu_resume(cpu);
526 flag = 1;
527 break;
528 default:
529 res = -1;
530 break;
534 if (flag) {
535 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
537 #endif
538 return res;
541 static void put_buffer(const uint8_t *buf, int len)
543 #ifdef CONFIG_USER_ONLY
544 int ret;
546 while (len > 0) {
547 ret = send(gdbserver_state.fd, buf, len, 0);
548 if (ret < 0) {
549 if (errno != EINTR)
550 return;
551 } else {
552 buf += ret;
553 len -= ret;
556 #else
557 /* XXX this blocks entire thread. Rewrite to use
558 * qemu_chr_fe_write and background I/O callbacks */
559 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
560 #endif
563 static inline int fromhex(int v)
565 if (v >= '0' && v <= '9')
566 return v - '0';
567 else if (v >= 'A' && v <= 'F')
568 return v - 'A' + 10;
569 else if (v >= 'a' && v <= 'f')
570 return v - 'a' + 10;
571 else
572 return 0;
575 static inline int tohex(int v)
577 if (v < 10)
578 return v + '0';
579 else
580 return v - 10 + 'a';
583 /* writes 2*len+1 bytes in buf */
584 static void memtohex(GString *buf, const uint8_t *mem, int len)
586 int i, c;
587 for(i = 0; i < len; i++) {
588 c = mem[i];
589 g_string_append_c(buf, tohex(c >> 4));
590 g_string_append_c(buf, tohex(c & 0xf));
592 g_string_append_c(buf, '\0');
595 static void hextomem(GByteArray *mem, const char *buf, int len)
597 int i;
599 for(i = 0; i < len; i++) {
600 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
601 g_byte_array_append(mem, &byte, 1);
602 buf += 2;
606 static void hexdump(const char *buf, int len,
607 void (*trace_fn)(size_t ofs, char const *text))
609 char line_buffer[3 * 16 + 4 + 16 + 1];
611 size_t i;
612 for (i = 0; i < len || (i & 0xF); ++i) {
613 size_t byte_ofs = i & 15;
615 if (byte_ofs == 0) {
616 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
617 line_buffer[3 * 16 + 4 + 16] = 0;
620 size_t col_group = (i >> 2) & 3;
621 size_t hex_col = byte_ofs * 3 + col_group;
622 size_t txt_col = 3 * 16 + 4 + byte_ofs;
624 if (i < len) {
625 char value = buf[i];
627 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
628 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
629 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
630 ? value
631 : '.';
634 if (byte_ofs == 0xF)
635 trace_fn(i & -16, line_buffer);
639 /* return -1 if error, 0 if OK */
640 static int put_packet_binary(const char *buf, int len, bool dump)
642 int csum, i;
643 uint8_t footer[3];
645 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
646 hexdump(buf, len, trace_gdbstub_io_binaryreply);
649 for(;;) {
650 g_byte_array_set_size(gdbserver_state.last_packet, 0);
651 g_byte_array_append(gdbserver_state.last_packet,
652 (const uint8_t *) "$", 1);
653 g_byte_array_append(gdbserver_state.last_packet,
654 (const uint8_t *) buf, len);
655 csum = 0;
656 for(i = 0; i < len; i++) {
657 csum += buf[i];
659 footer[0] = '#';
660 footer[1] = tohex((csum >> 4) & 0xf);
661 footer[2] = tohex((csum) & 0xf);
662 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
664 put_buffer(gdbserver_state.last_packet->data,
665 gdbserver_state.last_packet->len);
667 #ifdef CONFIG_USER_ONLY
668 i = get_char();
669 if (i < 0)
670 return -1;
671 if (i == '+')
672 break;
673 #else
674 break;
675 #endif
677 return 0;
680 /* return -1 if error, 0 if OK */
681 static int put_packet(const char *buf)
683 trace_gdbstub_io_reply(buf);
685 return put_packet_binary(buf, strlen(buf), false);
688 static void put_strbuf(void)
690 put_packet(gdbserver_state.str_buf->str);
693 /* Encode data using the encoding for 'x' packets. */
694 static void memtox(GString *buf, const char *mem, int len)
696 char c;
698 while (len--) {
699 c = *(mem++);
700 switch (c) {
701 case '#': case '$': case '*': case '}':
702 g_string_append_c(buf, '}');
703 g_string_append_c(buf, c ^ 0x20);
704 break;
705 default:
706 g_string_append_c(buf, c);
707 break;
712 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
714 /* TODO: In user mode, we should use the task state PID */
715 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
716 /* Return the default process' PID */
717 int index = gdbserver_state.process_num - 1;
718 return gdbserver_state.processes[index].pid;
720 return cpu->cluster_index + 1;
723 static GDBProcess *gdb_get_process(uint32_t pid)
725 int i;
727 if (!pid) {
728 /* 0 means any process, we take the first one */
729 return &gdbserver_state.processes[0];
732 for (i = 0; i < gdbserver_state.process_num; i++) {
733 if (gdbserver_state.processes[i].pid == pid) {
734 return &gdbserver_state.processes[i];
738 return NULL;
741 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
743 return gdb_get_process(gdb_get_cpu_pid(cpu));
746 static CPUState *find_cpu(uint32_t thread_id)
748 CPUState *cpu;
750 CPU_FOREACH(cpu) {
751 if (cpu_gdb_index(cpu) == thread_id) {
752 return cpu;
756 return NULL;
759 static CPUState *get_first_cpu_in_process(GDBProcess *process)
761 CPUState *cpu;
763 CPU_FOREACH(cpu) {
764 if (gdb_get_cpu_pid(cpu) == process->pid) {
765 return cpu;
769 return NULL;
772 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
774 uint32_t pid = gdb_get_cpu_pid(cpu);
775 cpu = CPU_NEXT(cpu);
777 while (cpu) {
778 if (gdb_get_cpu_pid(cpu) == pid) {
779 break;
782 cpu = CPU_NEXT(cpu);
785 return cpu;
788 /* Return the cpu following @cpu, while ignoring unattached processes. */
789 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
791 cpu = CPU_NEXT(cpu);
793 while (cpu) {
794 if (gdb_get_cpu_process(cpu)->attached) {
795 break;
798 cpu = CPU_NEXT(cpu);
801 return cpu;
804 /* Return the first attached cpu */
805 static CPUState *gdb_first_attached_cpu(void)
807 CPUState *cpu = first_cpu;
808 GDBProcess *process = gdb_get_cpu_process(cpu);
810 if (!process->attached) {
811 return gdb_next_attached_cpu(cpu);
814 return cpu;
817 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
819 GDBProcess *process;
820 CPUState *cpu;
822 if (!pid && !tid) {
823 /* 0 means any process/thread, we take the first attached one */
824 return gdb_first_attached_cpu();
825 } else if (pid && !tid) {
826 /* any thread in a specific process */
827 process = gdb_get_process(pid);
829 if (process == NULL) {
830 return NULL;
833 if (!process->attached) {
834 return NULL;
837 return get_first_cpu_in_process(process);
838 } else {
839 /* a specific thread */
840 cpu = find_cpu(tid);
842 if (cpu == NULL) {
843 return NULL;
846 process = gdb_get_cpu_process(cpu);
848 if (pid && process->pid != pid) {
849 return NULL;
852 if (!process->attached) {
853 return NULL;
856 return cpu;
860 static const char *get_feature_xml(const char *p, const char **newp,
861 GDBProcess *process)
863 size_t len;
864 int i;
865 const char *name;
866 CPUState *cpu = get_first_cpu_in_process(process);
867 CPUClass *cc = CPU_GET_CLASS(cpu);
869 len = 0;
870 while (p[len] && p[len] != ':')
871 len++;
872 *newp = p + len;
874 name = NULL;
875 if (strncmp(p, "target.xml", len) == 0) {
876 char *buf = process->target_xml;
877 const size_t buf_sz = sizeof(process->target_xml);
879 /* Generate the XML description for this CPU. */
880 if (!buf[0]) {
881 GDBRegisterState *r;
883 pstrcat(buf, buf_sz,
884 "<?xml version=\"1.0\"?>"
885 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
886 "<target>");
887 if (cc->gdb_arch_name) {
888 gchar *arch = cc->gdb_arch_name(cpu);
889 pstrcat(buf, buf_sz, "<architecture>");
890 pstrcat(buf, buf_sz, arch);
891 pstrcat(buf, buf_sz, "</architecture>");
892 g_free(arch);
894 pstrcat(buf, buf_sz, "<xi:include href=\"");
895 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
896 pstrcat(buf, buf_sz, "\"/>");
897 for (r = cpu->gdb_regs; r; r = r->next) {
898 pstrcat(buf, buf_sz, "<xi:include href=\"");
899 pstrcat(buf, buf_sz, r->xml);
900 pstrcat(buf, buf_sz, "\"/>");
902 pstrcat(buf, buf_sz, "</target>");
904 return buf;
906 if (cc->gdb_get_dynamic_xml) {
907 char *xmlname = g_strndup(p, len);
908 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
910 g_free(xmlname);
911 if (xml) {
912 return xml;
915 for (i = 0; ; i++) {
916 name = xml_builtin[i][0];
917 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
918 break;
920 return name ? xml_builtin[i][1] : NULL;
923 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
925 CPUClass *cc = CPU_GET_CLASS(cpu);
926 CPUArchState *env = cpu->env_ptr;
927 GDBRegisterState *r;
929 if (reg < cc->gdb_num_core_regs) {
930 return cc->gdb_read_register(cpu, buf, reg);
933 for (r = cpu->gdb_regs; r; r = r->next) {
934 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
935 return r->get_reg(env, buf, reg - r->base_reg);
938 return 0;
941 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
943 CPUClass *cc = CPU_GET_CLASS(cpu);
944 CPUArchState *env = cpu->env_ptr;
945 GDBRegisterState *r;
947 if (reg < cc->gdb_num_core_regs) {
948 return cc->gdb_write_register(cpu, mem_buf, reg);
951 for (r = cpu->gdb_regs; r; r = r->next) {
952 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
953 return r->set_reg(env, mem_buf, reg - r->base_reg);
956 return 0;
959 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
960 specifies the first register number and these registers are included in
961 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
962 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
965 void gdb_register_coprocessor(CPUState *cpu,
966 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
967 int num_regs, const char *xml, int g_pos)
969 GDBRegisterState *s;
970 GDBRegisterState **p;
972 p = &cpu->gdb_regs;
973 while (*p) {
974 /* Check for duplicates. */
975 if (strcmp((*p)->xml, xml) == 0)
976 return;
977 p = &(*p)->next;
980 s = g_new0(GDBRegisterState, 1);
981 s->base_reg = cpu->gdb_num_regs;
982 s->num_regs = num_regs;
983 s->get_reg = get_reg;
984 s->set_reg = set_reg;
985 s->xml = xml;
987 /* Add to end of list. */
988 cpu->gdb_num_regs += num_regs;
989 *p = s;
990 if (g_pos) {
991 if (g_pos != s->base_reg) {
992 error_report("Error: Bad gdb register numbering for '%s', "
993 "expected %d got %d", xml, g_pos, s->base_reg);
994 } else {
995 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
1000 #ifndef CONFIG_USER_ONLY
1001 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1002 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1004 static const int xlat[] = {
1005 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1006 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1007 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1010 CPUClass *cc = CPU_GET_CLASS(cpu);
1011 int cputype = xlat[gdbtype];
1013 if (cc->gdb_stop_before_watchpoint) {
1014 cputype |= BP_STOP_BEFORE_ACCESS;
1016 return cputype;
1018 #endif
1020 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1022 CPUState *cpu;
1023 int err = 0;
1025 if (kvm_enabled()) {
1026 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1029 switch (type) {
1030 case GDB_BREAKPOINT_SW:
1031 case GDB_BREAKPOINT_HW:
1032 CPU_FOREACH(cpu) {
1033 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1034 if (err) {
1035 break;
1038 return err;
1039 #ifndef CONFIG_USER_ONLY
1040 case GDB_WATCHPOINT_WRITE:
1041 case GDB_WATCHPOINT_READ:
1042 case GDB_WATCHPOINT_ACCESS:
1043 CPU_FOREACH(cpu) {
1044 err = cpu_watchpoint_insert(cpu, addr, len,
1045 xlat_gdb_type(cpu, type), NULL);
1046 if (err) {
1047 break;
1050 return err;
1051 #endif
1052 default:
1053 return -ENOSYS;
1057 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1059 CPUState *cpu;
1060 int err = 0;
1062 if (kvm_enabled()) {
1063 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1066 switch (type) {
1067 case GDB_BREAKPOINT_SW:
1068 case GDB_BREAKPOINT_HW:
1069 CPU_FOREACH(cpu) {
1070 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1071 if (err) {
1072 break;
1075 return err;
1076 #ifndef CONFIG_USER_ONLY
1077 case GDB_WATCHPOINT_WRITE:
1078 case GDB_WATCHPOINT_READ:
1079 case GDB_WATCHPOINT_ACCESS:
1080 CPU_FOREACH(cpu) {
1081 err = cpu_watchpoint_remove(cpu, addr, len,
1082 xlat_gdb_type(cpu, type));
1083 if (err)
1084 break;
1086 return err;
1087 #endif
1088 default:
1089 return -ENOSYS;
1093 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1095 cpu_breakpoint_remove_all(cpu, BP_GDB);
1096 #ifndef CONFIG_USER_ONLY
1097 cpu_watchpoint_remove_all(cpu, BP_GDB);
1098 #endif
1101 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1103 CPUState *cpu = get_first_cpu_in_process(p);
1105 while (cpu) {
1106 gdb_cpu_breakpoint_remove_all(cpu);
1107 cpu = gdb_next_cpu_in_process(cpu);
1111 static void gdb_breakpoint_remove_all(void)
1113 CPUState *cpu;
1115 if (kvm_enabled()) {
1116 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1117 return;
1120 CPU_FOREACH(cpu) {
1121 gdb_cpu_breakpoint_remove_all(cpu);
1125 static void gdb_set_cpu_pc(target_ulong pc)
1127 CPUState *cpu = gdbserver_state.c_cpu;
1129 cpu_synchronize_state(cpu);
1130 cpu_set_pc(cpu, pc);
1133 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1135 if (gdbserver_state.multiprocess) {
1136 g_string_append_printf(buf, "p%02x.%02x",
1137 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1138 } else {
1139 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1143 typedef enum GDBThreadIdKind {
1144 GDB_ONE_THREAD = 0,
1145 GDB_ALL_THREADS, /* One process, all threads */
1146 GDB_ALL_PROCESSES,
1147 GDB_READ_THREAD_ERR
1148 } GDBThreadIdKind;
1150 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1151 uint32_t *pid, uint32_t *tid)
1153 unsigned long p, t;
1154 int ret;
1156 if (*buf == 'p') {
1157 buf++;
1158 ret = qemu_strtoul(buf, &buf, 16, &p);
1160 if (ret) {
1161 return GDB_READ_THREAD_ERR;
1164 /* Skip '.' */
1165 buf++;
1166 } else {
1167 p = 1;
1170 ret = qemu_strtoul(buf, &buf, 16, &t);
1172 if (ret) {
1173 return GDB_READ_THREAD_ERR;
1176 *end_buf = buf;
1178 if (p == -1) {
1179 return GDB_ALL_PROCESSES;
1182 if (pid) {
1183 *pid = p;
1186 if (t == -1) {
1187 return GDB_ALL_THREADS;
1190 if (tid) {
1191 *tid = t;
1194 return GDB_ONE_THREAD;
1198 * gdb_handle_vcont - Parses and handles a vCont packet.
1199 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1200 * a format error, 0 on success.
1202 static int gdb_handle_vcont(const char *p)
1204 int res, signal = 0;
1205 char cur_action;
1206 char *newstates;
1207 unsigned long tmp;
1208 uint32_t pid, tid;
1209 GDBProcess *process;
1210 CPUState *cpu;
1211 GDBThreadIdKind kind;
1212 #ifdef CONFIG_USER_ONLY
1213 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1215 CPU_FOREACH(cpu) {
1216 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1218 #else
1219 MachineState *ms = MACHINE(qdev_get_machine());
1220 unsigned int max_cpus = ms->smp.max_cpus;
1221 #endif
1222 /* uninitialised CPUs stay 0 */
1223 newstates = g_new0(char, max_cpus);
1225 /* mark valid CPUs with 1 */
1226 CPU_FOREACH(cpu) {
1227 newstates[cpu->cpu_index] = 1;
1231 * res keeps track of what error we are returning, with -ENOTSUP meaning
1232 * that the command is unknown or unsupported, thus returning an empty
1233 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1234 * or incorrect parameters passed.
1236 res = 0;
1237 while (*p) {
1238 if (*p++ != ';') {
1239 res = -ENOTSUP;
1240 goto out;
1243 cur_action = *p++;
1244 if (cur_action == 'C' || cur_action == 'S') {
1245 cur_action = qemu_tolower(cur_action);
1246 res = qemu_strtoul(p, &p, 16, &tmp);
1247 if (res) {
1248 goto out;
1250 signal = gdb_signal_to_target(tmp);
1251 } else if (cur_action != 'c' && cur_action != 's') {
1252 /* unknown/invalid/unsupported command */
1253 res = -ENOTSUP;
1254 goto out;
1257 if (*p == '\0' || *p == ';') {
1259 * No thread specifier, action is on "all threads". The
1260 * specification is unclear regarding the process to act on. We
1261 * choose all processes.
1263 kind = GDB_ALL_PROCESSES;
1264 } else if (*p++ == ':') {
1265 kind = read_thread_id(p, &p, &pid, &tid);
1266 } else {
1267 res = -ENOTSUP;
1268 goto out;
1271 switch (kind) {
1272 case GDB_READ_THREAD_ERR:
1273 res = -EINVAL;
1274 goto out;
1276 case GDB_ALL_PROCESSES:
1277 cpu = gdb_first_attached_cpu();
1278 while (cpu) {
1279 if (newstates[cpu->cpu_index] == 1) {
1280 newstates[cpu->cpu_index] = cur_action;
1283 cpu = gdb_next_attached_cpu(cpu);
1285 break;
1287 case GDB_ALL_THREADS:
1288 process = gdb_get_process(pid);
1290 if (!process->attached) {
1291 res = -EINVAL;
1292 goto out;
1295 cpu = get_first_cpu_in_process(process);
1296 while (cpu) {
1297 if (newstates[cpu->cpu_index] == 1) {
1298 newstates[cpu->cpu_index] = cur_action;
1301 cpu = gdb_next_cpu_in_process(cpu);
1303 break;
1305 case GDB_ONE_THREAD:
1306 cpu = gdb_get_cpu(pid, tid);
1308 /* invalid CPU/thread specified */
1309 if (!cpu) {
1310 res = -EINVAL;
1311 goto out;
1314 /* only use if no previous match occourred */
1315 if (newstates[cpu->cpu_index] == 1) {
1316 newstates[cpu->cpu_index] = cur_action;
1318 break;
1321 gdbserver_state.signal = signal;
1322 gdb_continue_partial(newstates);
1324 out:
1325 g_free(newstates);
1327 return res;
1330 typedef union GdbCmdVariant {
1331 const char *data;
1332 uint8_t opcode;
1333 unsigned long val_ul;
1334 unsigned long long val_ull;
1335 struct {
1336 GDBThreadIdKind kind;
1337 uint32_t pid;
1338 uint32_t tid;
1339 } thread_id;
1340 } GdbCmdVariant;
1342 static const char *cmd_next_param(const char *param, const char delimiter)
1344 static const char all_delimiters[] = ",;:=";
1345 char curr_delimiters[2] = {0};
1346 const char *delimiters;
1348 if (delimiter == '?') {
1349 delimiters = all_delimiters;
1350 } else if (delimiter == '0') {
1351 return strchr(param, '\0');
1352 } else if (delimiter == '.' && *param) {
1353 return param + 1;
1354 } else {
1355 curr_delimiters[0] = delimiter;
1356 delimiters = curr_delimiters;
1359 param += strcspn(param, delimiters);
1360 if (*param) {
1361 param++;
1363 return param;
1366 static int cmd_parse_params(const char *data, const char *schema,
1367 GdbCmdVariant *params, int *num_params)
1369 int curr_param;
1370 const char *curr_schema, *curr_data;
1372 *num_params = 0;
1374 if (!schema) {
1375 return 0;
1378 curr_schema = schema;
1379 curr_param = 0;
1380 curr_data = data;
1381 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1382 switch (curr_schema[0]) {
1383 case 'l':
1384 if (qemu_strtoul(curr_data, &curr_data, 16,
1385 &params[curr_param].val_ul)) {
1386 return -EINVAL;
1388 curr_param++;
1389 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1390 break;
1391 case 'L':
1392 if (qemu_strtou64(curr_data, &curr_data, 16,
1393 (uint64_t *)&params[curr_param].val_ull)) {
1394 return -EINVAL;
1396 curr_param++;
1397 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1398 break;
1399 case 's':
1400 params[curr_param].data = curr_data;
1401 curr_param++;
1402 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1403 break;
1404 case 'o':
1405 params[curr_param].opcode = *(uint8_t *)curr_data;
1406 curr_param++;
1407 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1408 break;
1409 case 't':
1410 params[curr_param].thread_id.kind =
1411 read_thread_id(curr_data, &curr_data,
1412 &params[curr_param].thread_id.pid,
1413 &params[curr_param].thread_id.tid);
1414 curr_param++;
1415 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1416 break;
1417 case '?':
1418 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1419 break;
1420 default:
1421 return -EINVAL;
1423 curr_schema += 2;
1426 *num_params = curr_param;
1427 return 0;
1430 typedef struct GdbCmdContext {
1431 GdbCmdVariant *params;
1432 int num_params;
1433 } GdbCmdContext;
1435 typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
1438 * cmd_startswith -> cmd is compared using startswith
1441 * schema definitions:
1442 * Each schema parameter entry consists of 2 chars,
1443 * the first char represents the parameter type handling
1444 * the second char represents the delimiter for the next parameter
1446 * Currently supported schema types:
1447 * 'l' -> unsigned long (stored in .val_ul)
1448 * 'L' -> unsigned long long (stored in .val_ull)
1449 * 's' -> string (stored in .data)
1450 * 'o' -> single char (stored in .opcode)
1451 * 't' -> thread id (stored in .thread_id)
1452 * '?' -> skip according to delimiter
1454 * Currently supported delimiters:
1455 * '?' -> Stop at any delimiter (",;:=\0")
1456 * '0' -> Stop at "\0"
1457 * '.' -> Skip 1 char unless reached "\0"
1458 * Any other value is treated as the delimiter value itself
1460 typedef struct GdbCmdParseEntry {
1461 GdbCmdHandler handler;
1462 const char *cmd;
1463 bool cmd_startswith;
1464 const char *schema;
1465 } GdbCmdParseEntry;
1467 static inline int startswith(const char *string, const char *pattern)
1469 return !strncmp(string, pattern, strlen(pattern));
1472 static int process_string_cmd(void *user_ctx, const char *data,
1473 const GdbCmdParseEntry *cmds, int num_cmds)
1475 int i, schema_len, max_num_params = 0;
1476 GdbCmdContext gdb_ctx;
1478 if (!cmds) {
1479 return -1;
1482 for (i = 0; i < num_cmds; i++) {
1483 const GdbCmdParseEntry *cmd = &cmds[i];
1484 g_assert(cmd->handler && cmd->cmd);
1486 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1487 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1488 continue;
1491 if (cmd->schema) {
1492 schema_len = strlen(cmd->schema);
1493 if (schema_len % 2) {
1494 return -2;
1497 max_num_params = schema_len / 2;
1500 gdb_ctx.params =
1501 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params);
1502 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params);
1504 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema,
1505 gdb_ctx.params, &gdb_ctx.num_params)) {
1506 return -1;
1509 cmd->handler(&gdb_ctx, user_ctx);
1510 return 0;
1513 return -1;
1516 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1518 if (!data) {
1519 return;
1522 g_string_set_size(gdbserver_state.str_buf, 0);
1523 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1525 /* In case there was an error during the command parsing we must
1526 * send a NULL packet to indicate the command is not supported */
1527 if (process_string_cmd(NULL, data, cmd, 1)) {
1528 put_packet("");
1532 static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
1534 GDBProcess *process;
1535 uint32_t pid = 1;
1537 if (gdbserver_state.multiprocess) {
1538 if (!gdb_ctx->num_params) {
1539 put_packet("E22");
1540 return;
1543 pid = gdb_ctx->params[0].val_ul;
1546 process = gdb_get_process(pid);
1547 gdb_process_breakpoint_remove_all(process);
1548 process->attached = false;
1550 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1551 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1554 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1555 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1558 if (!gdbserver_state.c_cpu) {
1559 /* No more process attached */
1560 gdb_syscall_mode = GDB_SYS_DISABLED;
1561 gdb_continue();
1563 put_packet("OK");
1566 static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
1568 CPUState *cpu;
1570 if (!gdb_ctx->num_params) {
1571 put_packet("E22");
1572 return;
1575 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
1576 put_packet("E22");
1577 return;
1580 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
1581 gdb_ctx->params[0].thread_id.tid);
1582 if (!cpu) {
1583 put_packet("E22");
1584 return;
1587 put_packet("OK");
1590 static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
1592 if (gdb_ctx->num_params) {
1593 gdb_set_cpu_pc(gdb_ctx->params[0].val_ull);
1596 gdbserver_state.signal = 0;
1597 gdb_continue();
1600 static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
1602 unsigned long signal = 0;
1605 * Note: C sig;[addr] is currently unsupported and we simply
1606 * omit the addr parameter
1608 if (gdb_ctx->num_params) {
1609 signal = gdb_ctx->params[0].val_ul;
1612 gdbserver_state.signal = gdb_signal_to_target(signal);
1613 if (gdbserver_state.signal == -1) {
1614 gdbserver_state.signal = 0;
1616 gdb_continue();
1619 static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
1621 CPUState *cpu;
1623 if (gdb_ctx->num_params != 2) {
1624 put_packet("E22");
1625 return;
1628 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
1629 put_packet("E22");
1630 return;
1633 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
1634 put_packet("OK");
1635 return;
1638 cpu = gdb_get_cpu(gdb_ctx->params[1].thread_id.pid,
1639 gdb_ctx->params[1].thread_id.tid);
1640 if (!cpu) {
1641 put_packet("E22");
1642 return;
1646 * Note: This command is deprecated and modern gdb's will be using the
1647 * vCont command instead.
1649 switch (gdb_ctx->params[0].opcode) {
1650 case 'c':
1651 gdbserver_state.c_cpu = cpu;
1652 put_packet("OK");
1653 break;
1654 case 'g':
1655 gdbserver_state.g_cpu = cpu;
1656 put_packet("OK");
1657 break;
1658 default:
1659 put_packet("E22");
1660 break;
1664 static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1666 int res;
1668 if (gdb_ctx->num_params != 3) {
1669 put_packet("E22");
1670 return;
1673 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul,
1674 gdb_ctx->params[1].val_ull,
1675 gdb_ctx->params[2].val_ull);
1676 if (res >= 0) {
1677 put_packet("OK");
1678 return;
1679 } else if (res == -ENOSYS) {
1680 put_packet("");
1681 return;
1684 put_packet("E22");
1687 static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1689 int res;
1691 if (gdb_ctx->num_params != 3) {
1692 put_packet("E22");
1693 return;
1696 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul,
1697 gdb_ctx->params[1].val_ull,
1698 gdb_ctx->params[2].val_ull);
1699 if (res >= 0) {
1700 put_packet("OK");
1701 return;
1702 } else if (res == -ENOSYS) {
1703 put_packet("");
1704 return;
1707 put_packet("E22");
1711 * handle_set/get_reg
1713 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1714 * This works, but can be very slow. Anything new enough to understand
1715 * XML also knows how to use this properly. However to use this we
1716 * need to define a local XML file as well as be talking to a
1717 * reasonably modern gdb. Responding with an empty packet will cause
1718 * the remote gdb to fallback to older methods.
1721 static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1723 int reg_size;
1725 if (!gdb_has_xml) {
1726 put_packet("");
1727 return;
1730 if (gdb_ctx->num_params != 2) {
1731 put_packet("E22");
1732 return;
1735 reg_size = strlen(gdb_ctx->params[1].data) / 2;
1736 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[1].data, reg_size);
1737 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1738 gdb_ctx->params[0].val_ull);
1739 put_packet("OK");
1742 static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1744 int reg_size;
1746 if (!gdb_has_xml) {
1747 put_packet("");
1748 return;
1751 if (!gdb_ctx->num_params) {
1752 put_packet("E14");
1753 return;
1756 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1757 gdbserver_state.mem_buf,
1758 gdb_ctx->params[0].val_ull);
1759 if (!reg_size) {
1760 put_packet("E14");
1761 return;
1762 } else {
1763 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1766 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1767 put_strbuf();
1770 static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1772 if (gdb_ctx->num_params != 3) {
1773 put_packet("E22");
1774 return;
1777 /* hextomem() reads 2*len bytes */
1778 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
1779 put_packet("E22");
1780 return;
1783 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[2].data,
1784 gdb_ctx->params[1].val_ull);
1785 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1786 gdbserver_state.mem_buf->data,
1787 gdbserver_state.mem_buf->len, true)) {
1788 put_packet("E14");
1789 return;
1792 put_packet("OK");
1795 static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1797 if (gdb_ctx->num_params != 2) {
1798 put_packet("E22");
1799 return;
1802 /* memtohex() doubles the required space */
1803 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
1804 put_packet("E22");
1805 return;
1808 g_byte_array_set_size(gdbserver_state.mem_buf, gdb_ctx->params[1].val_ull);
1810 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1811 gdbserver_state.mem_buf->data,
1812 gdbserver_state.mem_buf->len, false)) {
1813 put_packet("E14");
1814 return;
1817 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1818 gdbserver_state.mem_buf->len);
1819 put_strbuf();
1822 static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1824 target_ulong addr, len;
1825 uint8_t *registers;
1826 int reg_size;
1828 if (!gdb_ctx->num_params) {
1829 return;
1832 cpu_synchronize_state(gdbserver_state.g_cpu);
1833 len = strlen(gdb_ctx->params[0].data) / 2;
1834 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
1835 registers = gdbserver_state.mem_buf->data;
1836 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1837 addr++) {
1838 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1839 len -= reg_size;
1840 registers += reg_size;
1842 put_packet("OK");
1845 static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1847 target_ulong addr, len;
1849 cpu_synchronize_state(gdbserver_state.g_cpu);
1850 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1851 len = 0;
1852 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1853 len += gdb_read_register(gdbserver_state.g_cpu,
1854 gdbserver_state.mem_buf,
1855 addr);
1857 g_assert(len == gdbserver_state.mem_buf->len);
1859 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1860 put_strbuf();
1863 static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
1865 if (gdb_ctx->num_params >= 1 && gdbserver_state.current_syscall_cb) {
1866 target_ulong ret, err;
1868 ret = (target_ulong)gdb_ctx->params[0].val_ull;
1869 if (gdb_ctx->num_params >= 2) {
1870 err = (target_ulong)gdb_ctx->params[1].val_ull;
1871 } else {
1872 err = 0;
1874 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1875 gdbserver_state.current_syscall_cb = NULL;
1878 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') {
1879 put_packet("T02");
1880 return;
1883 gdb_continue();
1886 static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
1888 if (gdb_ctx->num_params) {
1889 gdb_set_cpu_pc((target_ulong)gdb_ctx->params[0].val_ull);
1892 cpu_single_step(gdbserver_state.c_cpu, get_sstep_flags());
1893 gdb_continue();
1896 static void handle_backward(GdbCmdContext *gdb_ctx, void *user_ctx)
1898 if (replay_mode != REPLAY_MODE_PLAY) {
1899 put_packet("E22");
1901 if (gdb_ctx->num_params == 1) {
1902 switch (gdb_ctx->params[0].opcode) {
1903 case 's':
1904 if (replay_reverse_step()) {
1905 gdb_continue();
1906 } else {
1907 put_packet("E14");
1909 return;
1910 case 'c':
1911 if (replay_reverse_continue()) {
1912 gdb_continue();
1913 } else {
1914 put_packet("E14");
1916 return;
1920 /* Default invalid command */
1921 put_packet("");
1924 static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
1926 put_packet("vCont;c;C;s;S");
1929 static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
1931 int res;
1933 if (!gdb_ctx->num_params) {
1934 return;
1937 res = gdb_handle_vcont(gdb_ctx->params[0].data);
1938 if ((res == -EINVAL) || (res == -ERANGE)) {
1939 put_packet("E22");
1940 } else if (res) {
1941 put_packet("");
1945 static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
1947 GDBProcess *process;
1948 CPUState *cpu;
1950 g_string_assign(gdbserver_state.str_buf, "E22");
1951 if (!gdb_ctx->num_params) {
1952 goto cleanup;
1955 process = gdb_get_process(gdb_ctx->params[0].val_ul);
1956 if (!process) {
1957 goto cleanup;
1960 cpu = get_first_cpu_in_process(process);
1961 if (!cpu) {
1962 goto cleanup;
1965 process->attached = true;
1966 gdbserver_state.g_cpu = cpu;
1967 gdbserver_state.c_cpu = cpu;
1969 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1970 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1971 g_string_append_c(gdbserver_state.str_buf, ';');
1972 cleanup:
1973 put_strbuf();
1976 static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
1978 /* Kill the target */
1979 put_packet("OK");
1980 error_report("QEMU: Terminated via GDBstub");
1981 gdb_exit(0);
1982 exit(0);
1985 static GdbCmdParseEntry gdb_v_commands_table[] = {
1986 /* Order is important if has same prefix */
1988 .handler = handle_v_cont_query,
1989 .cmd = "Cont?",
1990 .cmd_startswith = 1
1993 .handler = handle_v_cont,
1994 .cmd = "Cont",
1995 .cmd_startswith = 1,
1996 .schema = "s0"
1999 .handler = handle_v_attach,
2000 .cmd = "Attach;",
2001 .cmd_startswith = 1,
2002 .schema = "l0"
2005 .handler = handle_v_kill,
2006 .cmd = "Kill;",
2007 .cmd_startswith = 1
2011 static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
2013 if (!gdb_ctx->num_params) {
2014 return;
2017 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2018 gdb_v_commands_table,
2019 ARRAY_SIZE(gdb_v_commands_table))) {
2020 put_packet("");
2024 static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
2026 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2027 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER);
2028 put_strbuf();
2031 static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
2033 if (!gdb_ctx->num_params) {
2034 return;
2037 sstep_flags = gdb_ctx->params[0].val_ul;
2038 put_packet("OK");
2041 static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
2043 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags);
2044 put_strbuf();
2047 static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
2049 CPUState *cpu;
2050 GDBProcess *process;
2053 * "Current thread" remains vague in the spec, so always return
2054 * the first thread of the current process (gdb returns the
2055 * first thread).
2057 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2058 cpu = get_first_cpu_in_process(process);
2059 g_string_assign(gdbserver_state.str_buf, "QC");
2060 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2061 put_strbuf();
2064 static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2066 if (!gdbserver_state.query_cpu) {
2067 put_packet("l");
2068 return;
2071 g_string_assign(gdbserver_state.str_buf, "m");
2072 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2073 put_strbuf();
2074 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2077 static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2079 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2080 handle_query_threads(gdb_ctx, user_ctx);
2083 static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
2085 g_autoptr(GString) rs = g_string_new(NULL);
2086 CPUState *cpu;
2088 if (!gdb_ctx->num_params ||
2089 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
2090 put_packet("E22");
2091 return;
2094 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
2095 gdb_ctx->params[0].thread_id.tid);
2096 if (!cpu) {
2097 return;
2100 cpu_synchronize_state(cpu);
2102 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2103 /* Print the CPU model and name in multiprocess mode */
2104 ObjectClass *oc = object_get_class(OBJECT(cpu));
2105 const char *cpu_model = object_class_get_name(oc);
2106 const char *cpu_name =
2107 object_get_canonical_path_component(OBJECT(cpu));
2108 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2109 cpu->halted ? "halted " : "running");
2110 } else {
2111 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2112 cpu->halted ? "halted " : "running");
2114 trace_gdbstub_op_extra_info(rs->str);
2115 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2116 put_strbuf();
2119 #ifdef CONFIG_USER_ONLY
2120 static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
2122 TaskState *ts;
2124 ts = gdbserver_state.c_cpu->opaque;
2125 g_string_printf(gdbserver_state.str_buf,
2126 "Text=" TARGET_ABI_FMT_lx
2127 ";Data=" TARGET_ABI_FMT_lx
2128 ";Bss=" TARGET_ABI_FMT_lx,
2129 ts->info->code_offset,
2130 ts->info->data_offset,
2131 ts->info->data_offset);
2132 put_strbuf();
2134 #else
2135 static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
2137 const guint8 zero = 0;
2138 int len;
2140 if (!gdb_ctx->num_params) {
2141 put_packet("E22");
2142 return;
2145 len = strlen(gdb_ctx->params[0].data);
2146 if (len % 2) {
2147 put_packet("E01");
2148 return;
2151 g_assert(gdbserver_state.mem_buf->len == 0);
2152 len = len / 2;
2153 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
2154 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2155 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2156 gdbserver_state.mem_buf->len);
2157 put_packet("OK");
2159 #endif
2161 static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2163 CPUClass *cc;
2165 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2166 cc = CPU_GET_CLASS(first_cpu);
2167 if (cc->gdb_core_xml_file) {
2168 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2171 if (replay_mode == REPLAY_MODE_PLAY) {
2172 g_string_append(gdbserver_state.str_buf,
2173 ";ReverseStep+;ReverseContinue+");
2176 #ifdef CONFIG_USER_ONLY
2177 if (gdbserver_state.c_cpu->opaque) {
2178 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2180 #endif
2182 if (gdb_ctx->num_params &&
2183 strstr(gdb_ctx->params[0].data, "multiprocess+")) {
2184 gdbserver_state.multiprocess = true;
2187 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2188 put_strbuf();
2191 static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx)
2193 GDBProcess *process;
2194 CPUClass *cc;
2195 unsigned long len, total_len, addr;
2196 const char *xml;
2197 const char *p;
2199 if (gdb_ctx->num_params < 3) {
2200 put_packet("E22");
2201 return;
2204 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2205 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2206 if (!cc->gdb_core_xml_file) {
2207 put_packet("");
2208 return;
2211 gdb_has_xml = true;
2212 p = gdb_ctx->params[0].data;
2213 xml = get_feature_xml(p, &p, process);
2214 if (!xml) {
2215 put_packet("E00");
2216 return;
2219 addr = gdb_ctx->params[1].val_ul;
2220 len = gdb_ctx->params[2].val_ul;
2221 total_len = strlen(xml);
2222 if (addr > total_len) {
2223 put_packet("E00");
2224 return;
2227 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2228 len = (MAX_PACKET_LENGTH - 5) / 2;
2231 if (len < total_len - addr) {
2232 g_string_assign(gdbserver_state.str_buf, "m");
2233 memtox(gdbserver_state.str_buf, xml + addr, len);
2234 } else {
2235 g_string_assign(gdbserver_state.str_buf, "l");
2236 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2239 put_packet_binary(gdbserver_state.str_buf->str,
2240 gdbserver_state.str_buf->len, true);
2243 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2244 static void handle_query_xfer_auxv(GdbCmdContext *gdb_ctx, void *user_ctx)
2246 TaskState *ts;
2247 unsigned long offset, len, saved_auxv, auxv_len;
2249 if (gdb_ctx->num_params < 2) {
2250 put_packet("E22");
2251 return;
2254 offset = gdb_ctx->params[0].val_ul;
2255 len = gdb_ctx->params[1].val_ul;
2256 ts = gdbserver_state.c_cpu->opaque;
2257 saved_auxv = ts->info->saved_auxv;
2258 auxv_len = ts->info->auxv_len;
2260 if (offset >= auxv_len) {
2261 put_packet("E00");
2262 return;
2265 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2266 len = (MAX_PACKET_LENGTH - 5) / 2;
2269 if (len < auxv_len - offset) {
2270 g_string_assign(gdbserver_state.str_buf, "m");
2271 } else {
2272 g_string_assign(gdbserver_state.str_buf, "l");
2273 len = auxv_len - offset;
2276 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2277 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2278 gdbserver_state.mem_buf->data, len, false)) {
2279 put_packet("E14");
2280 return;
2283 memtox(gdbserver_state.str_buf,
2284 (const char *)gdbserver_state.mem_buf->data, len);
2285 put_packet_binary(gdbserver_state.str_buf->str,
2286 gdbserver_state.str_buf->len, true);
2288 #endif
2290 static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx)
2292 put_packet(GDB_ATTACHED);
2295 static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2297 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2298 #ifndef CONFIG_USER_ONLY
2299 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2300 #endif
2301 put_strbuf();
2304 #ifndef CONFIG_USER_ONLY
2305 static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx,
2306 void *user_ctx)
2308 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2309 put_strbuf();
2312 static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx)
2314 if (!gdb_ctx->num_params) {
2315 put_packet("E22");
2316 return;
2319 if (!gdb_ctx->params[0].val_ul) {
2320 phy_memory_mode = 0;
2321 } else {
2322 phy_memory_mode = 1;
2324 put_packet("OK");
2326 #endif
2328 static GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2329 /* Order is important if has same prefix */
2331 .handler = handle_query_qemu_sstepbits,
2332 .cmd = "qemu.sstepbits",
2335 .handler = handle_query_qemu_sstep,
2336 .cmd = "qemu.sstep",
2339 .handler = handle_set_qemu_sstep,
2340 .cmd = "qemu.sstep=",
2341 .cmd_startswith = 1,
2342 .schema = "l0"
2346 static GdbCmdParseEntry gdb_gen_query_table[] = {
2348 .handler = handle_query_curr_tid,
2349 .cmd = "C",
2352 .handler = handle_query_threads,
2353 .cmd = "sThreadInfo",
2356 .handler = handle_query_first_threads,
2357 .cmd = "fThreadInfo",
2360 .handler = handle_query_thread_extra,
2361 .cmd = "ThreadExtraInfo,",
2362 .cmd_startswith = 1,
2363 .schema = "t0"
2365 #ifdef CONFIG_USER_ONLY
2367 .handler = handle_query_offsets,
2368 .cmd = "Offsets",
2370 #else
2372 .handler = handle_query_rcmd,
2373 .cmd = "Rcmd,",
2374 .cmd_startswith = 1,
2375 .schema = "s0"
2377 #endif
2379 .handler = handle_query_supported,
2380 .cmd = "Supported:",
2381 .cmd_startswith = 1,
2382 .schema = "s0"
2385 .handler = handle_query_supported,
2386 .cmd = "Supported",
2387 .schema = "s0"
2390 .handler = handle_query_xfer_features,
2391 .cmd = "Xfer:features:read:",
2392 .cmd_startswith = 1,
2393 .schema = "s:l,l0"
2395 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2397 .handler = handle_query_xfer_auxv,
2398 .cmd = "Xfer:auxv:read::",
2399 .cmd_startswith = 1,
2400 .schema = "l,l0"
2402 #endif
2404 .handler = handle_query_attached,
2405 .cmd = "Attached:",
2406 .cmd_startswith = 1
2409 .handler = handle_query_attached,
2410 .cmd = "Attached",
2413 .handler = handle_query_qemu_supported,
2414 .cmd = "qemu.Supported",
2416 #ifndef CONFIG_USER_ONLY
2418 .handler = handle_query_qemu_phy_mem_mode,
2419 .cmd = "qemu.PhyMemMode",
2421 #endif
2424 static GdbCmdParseEntry gdb_gen_set_table[] = {
2425 /* Order is important if has same prefix */
2427 .handler = handle_set_qemu_sstep,
2428 .cmd = "qemu.sstep:",
2429 .cmd_startswith = 1,
2430 .schema = "l0"
2432 #ifndef CONFIG_USER_ONLY
2434 .handler = handle_set_qemu_phy_mem_mode,
2435 .cmd = "qemu.PhyMemMode:",
2436 .cmd_startswith = 1,
2437 .schema = "l0"
2439 #endif
2442 static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx)
2444 if (!gdb_ctx->num_params) {
2445 return;
2448 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2449 gdb_gen_query_set_common_table,
2450 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2451 return;
2454 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2455 gdb_gen_query_table,
2456 ARRAY_SIZE(gdb_gen_query_table))) {
2457 put_packet("");
2461 static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
2463 if (!gdb_ctx->num_params) {
2464 return;
2467 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2468 gdb_gen_query_set_common_table,
2469 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2470 return;
2473 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2474 gdb_gen_set_table,
2475 ARRAY_SIZE(gdb_gen_set_table))) {
2476 put_packet("");
2480 static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
2482 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2483 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2484 g_string_append_c(gdbserver_state.str_buf, ';');
2485 put_strbuf();
2487 * Remove all the breakpoints when this query is issued,
2488 * because gdb is doing an initial connect and the state
2489 * should be cleaned up.
2491 gdb_breakpoint_remove_all();
2494 static int gdb_handle_packet(const char *line_buf)
2496 const GdbCmdParseEntry *cmd_parser = NULL;
2498 trace_gdbstub_io_command(line_buf);
2500 switch (line_buf[0]) {
2501 case '!':
2502 put_packet("OK");
2503 break;
2504 case '?':
2506 static const GdbCmdParseEntry target_halted_cmd_desc = {
2507 .handler = handle_target_halt,
2508 .cmd = "?",
2509 .cmd_startswith = 1
2511 cmd_parser = &target_halted_cmd_desc;
2513 break;
2514 case 'c':
2516 static const GdbCmdParseEntry continue_cmd_desc = {
2517 .handler = handle_continue,
2518 .cmd = "c",
2519 .cmd_startswith = 1,
2520 .schema = "L0"
2522 cmd_parser = &continue_cmd_desc;
2524 break;
2525 case 'C':
2527 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2528 .handler = handle_cont_with_sig,
2529 .cmd = "C",
2530 .cmd_startswith = 1,
2531 .schema = "l0"
2533 cmd_parser = &cont_with_sig_cmd_desc;
2535 break;
2536 case 'v':
2538 static const GdbCmdParseEntry v_cmd_desc = {
2539 .handler = handle_v_commands,
2540 .cmd = "v",
2541 .cmd_startswith = 1,
2542 .schema = "s0"
2544 cmd_parser = &v_cmd_desc;
2546 break;
2547 case 'k':
2548 /* Kill the target */
2549 error_report("QEMU: Terminated via GDBstub");
2550 gdb_exit(0);
2551 exit(0);
2552 case 'D':
2554 static const GdbCmdParseEntry detach_cmd_desc = {
2555 .handler = handle_detach,
2556 .cmd = "D",
2557 .cmd_startswith = 1,
2558 .schema = "?.l0"
2560 cmd_parser = &detach_cmd_desc;
2562 break;
2563 case 's':
2565 static const GdbCmdParseEntry step_cmd_desc = {
2566 .handler = handle_step,
2567 .cmd = "s",
2568 .cmd_startswith = 1,
2569 .schema = "L0"
2571 cmd_parser = &step_cmd_desc;
2573 break;
2574 case 'b':
2576 static const GdbCmdParseEntry backward_cmd_desc = {
2577 .handler = handle_backward,
2578 .cmd = "b",
2579 .cmd_startswith = 1,
2580 .schema = "o0"
2582 cmd_parser = &backward_cmd_desc;
2584 break;
2585 case 'F':
2587 static const GdbCmdParseEntry file_io_cmd_desc = {
2588 .handler = handle_file_io,
2589 .cmd = "F",
2590 .cmd_startswith = 1,
2591 .schema = "L,L,o0"
2593 cmd_parser = &file_io_cmd_desc;
2595 break;
2596 case 'g':
2598 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2599 .handler = handle_read_all_regs,
2600 .cmd = "g",
2601 .cmd_startswith = 1
2603 cmd_parser = &read_all_regs_cmd_desc;
2605 break;
2606 case 'G':
2608 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2609 .handler = handle_write_all_regs,
2610 .cmd = "G",
2611 .cmd_startswith = 1,
2612 .schema = "s0"
2614 cmd_parser = &write_all_regs_cmd_desc;
2616 break;
2617 case 'm':
2619 static const GdbCmdParseEntry read_mem_cmd_desc = {
2620 .handler = handle_read_mem,
2621 .cmd = "m",
2622 .cmd_startswith = 1,
2623 .schema = "L,L0"
2625 cmd_parser = &read_mem_cmd_desc;
2627 break;
2628 case 'M':
2630 static const GdbCmdParseEntry write_mem_cmd_desc = {
2631 .handler = handle_write_mem,
2632 .cmd = "M",
2633 .cmd_startswith = 1,
2634 .schema = "L,L:s0"
2636 cmd_parser = &write_mem_cmd_desc;
2638 break;
2639 case 'p':
2641 static const GdbCmdParseEntry get_reg_cmd_desc = {
2642 .handler = handle_get_reg,
2643 .cmd = "p",
2644 .cmd_startswith = 1,
2645 .schema = "L0"
2647 cmd_parser = &get_reg_cmd_desc;
2649 break;
2650 case 'P':
2652 static const GdbCmdParseEntry set_reg_cmd_desc = {
2653 .handler = handle_set_reg,
2654 .cmd = "P",
2655 .cmd_startswith = 1,
2656 .schema = "L?s0"
2658 cmd_parser = &set_reg_cmd_desc;
2660 break;
2661 case 'Z':
2663 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2664 .handler = handle_insert_bp,
2665 .cmd = "Z",
2666 .cmd_startswith = 1,
2667 .schema = "l?L?L0"
2669 cmd_parser = &insert_bp_cmd_desc;
2671 break;
2672 case 'z':
2674 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2675 .handler = handle_remove_bp,
2676 .cmd = "z",
2677 .cmd_startswith = 1,
2678 .schema = "l?L?L0"
2680 cmd_parser = &remove_bp_cmd_desc;
2682 break;
2683 case 'H':
2685 static const GdbCmdParseEntry set_thread_cmd_desc = {
2686 .handler = handle_set_thread,
2687 .cmd = "H",
2688 .cmd_startswith = 1,
2689 .schema = "o.t0"
2691 cmd_parser = &set_thread_cmd_desc;
2693 break;
2694 case 'T':
2696 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2697 .handler = handle_thread_alive,
2698 .cmd = "T",
2699 .cmd_startswith = 1,
2700 .schema = "t0"
2702 cmd_parser = &thread_alive_cmd_desc;
2704 break;
2705 case 'q':
2707 static const GdbCmdParseEntry gen_query_cmd_desc = {
2708 .handler = handle_gen_query,
2709 .cmd = "q",
2710 .cmd_startswith = 1,
2711 .schema = "s0"
2713 cmd_parser = &gen_query_cmd_desc;
2715 break;
2716 case 'Q':
2718 static const GdbCmdParseEntry gen_set_cmd_desc = {
2719 .handler = handle_gen_set,
2720 .cmd = "Q",
2721 .cmd_startswith = 1,
2722 .schema = "s0"
2724 cmd_parser = &gen_set_cmd_desc;
2726 break;
2727 default:
2728 /* put empty packet */
2729 put_packet("");
2730 break;
2733 if (cmd_parser) {
2734 run_cmd_parser(line_buf, cmd_parser);
2737 return RS_IDLE;
2740 void gdb_set_stop_cpu(CPUState *cpu)
2742 GDBProcess *p = gdb_get_cpu_process(cpu);
2744 if (!p->attached) {
2746 * Having a stop CPU corresponding to a process that is not attached
2747 * confuses GDB. So we ignore the request.
2749 return;
2752 gdbserver_state.c_cpu = cpu;
2753 gdbserver_state.g_cpu = cpu;
2756 #ifndef CONFIG_USER_ONLY
2757 static void gdb_vm_state_change(void *opaque, int running, RunState state)
2759 CPUState *cpu = gdbserver_state.c_cpu;
2760 g_autoptr(GString) buf = g_string_new(NULL);
2761 g_autoptr(GString) tid = g_string_new(NULL);
2762 const char *type;
2763 int ret;
2765 if (running || gdbserver_state.state == RS_INACTIVE) {
2766 return;
2768 /* Is there a GDB syscall waiting to be sent? */
2769 if (gdbserver_state.current_syscall_cb) {
2770 put_packet(gdbserver_state.syscall_buf);
2771 return;
2774 if (cpu == NULL) {
2775 /* No process attached */
2776 return;
2779 gdb_append_thread_id(cpu, tid);
2781 switch (state) {
2782 case RUN_STATE_DEBUG:
2783 if (cpu->watchpoint_hit) {
2784 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2785 case BP_MEM_READ:
2786 type = "r";
2787 break;
2788 case BP_MEM_ACCESS:
2789 type = "a";
2790 break;
2791 default:
2792 type = "";
2793 break;
2795 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2796 (target_ulong)cpu->watchpoint_hit->vaddr);
2797 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2798 GDB_SIGNAL_TRAP, tid->str, type,
2799 (target_ulong)cpu->watchpoint_hit->vaddr);
2800 cpu->watchpoint_hit = NULL;
2801 goto send_packet;
2802 } else {
2803 trace_gdbstub_hit_break();
2805 tb_flush(cpu);
2806 ret = GDB_SIGNAL_TRAP;
2807 break;
2808 case RUN_STATE_PAUSED:
2809 trace_gdbstub_hit_paused();
2810 ret = GDB_SIGNAL_INT;
2811 break;
2812 case RUN_STATE_SHUTDOWN:
2813 trace_gdbstub_hit_shutdown();
2814 ret = GDB_SIGNAL_QUIT;
2815 break;
2816 case RUN_STATE_IO_ERROR:
2817 trace_gdbstub_hit_io_error();
2818 ret = GDB_SIGNAL_IO;
2819 break;
2820 case RUN_STATE_WATCHDOG:
2821 trace_gdbstub_hit_watchdog();
2822 ret = GDB_SIGNAL_ALRM;
2823 break;
2824 case RUN_STATE_INTERNAL_ERROR:
2825 trace_gdbstub_hit_internal_error();
2826 ret = GDB_SIGNAL_ABRT;
2827 break;
2828 case RUN_STATE_SAVE_VM:
2829 case RUN_STATE_RESTORE_VM:
2830 return;
2831 case RUN_STATE_FINISH_MIGRATE:
2832 ret = GDB_SIGNAL_XCPU;
2833 break;
2834 default:
2835 trace_gdbstub_hit_unknown(state);
2836 ret = GDB_SIGNAL_UNKNOWN;
2837 break;
2839 gdb_set_stop_cpu(cpu);
2840 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2842 send_packet:
2843 put_packet(buf->str);
2845 /* disable single step if it was enabled */
2846 cpu_single_step(cpu, 0);
2848 #endif
2850 /* Send a gdb syscall request.
2851 This accepts limited printf-style format specifiers, specifically:
2852 %x - target_ulong argument printed in hex.
2853 %lx - 64-bit argument printed in hex.
2854 %s - string pointer (target_ulong) and length (int) pair. */
2855 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2857 char *p;
2858 char *p_end;
2859 target_ulong addr;
2860 uint64_t i64;
2862 if (!gdbserver_state.init) {
2863 return;
2866 gdbserver_state.current_syscall_cb = cb;
2867 #ifndef CONFIG_USER_ONLY
2868 vm_stop(RUN_STATE_DEBUG);
2869 #endif
2870 p = &gdbserver_state.syscall_buf[0];
2871 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2872 *(p++) = 'F';
2873 while (*fmt) {
2874 if (*fmt == '%') {
2875 fmt++;
2876 switch (*fmt++) {
2877 case 'x':
2878 addr = va_arg(va, target_ulong);
2879 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2880 break;
2881 case 'l':
2882 if (*(fmt++) != 'x')
2883 goto bad_format;
2884 i64 = va_arg(va, uint64_t);
2885 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2886 break;
2887 case 's':
2888 addr = va_arg(va, target_ulong);
2889 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2890 addr, va_arg(va, int));
2891 break;
2892 default:
2893 bad_format:
2894 error_report("gdbstub: Bad syscall format string '%s'",
2895 fmt - 1);
2896 break;
2898 } else {
2899 *(p++) = *(fmt++);
2902 *p = 0;
2903 #ifdef CONFIG_USER_ONLY
2904 put_packet(gdbserver_state.syscall_buf);
2905 /* Return control to gdb for it to process the syscall request.
2906 * Since the protocol requires that gdb hands control back to us
2907 * using a "here are the results" F packet, we don't need to check
2908 * gdb_handlesig's return value (which is the signal to deliver if
2909 * execution was resumed via a continue packet).
2911 gdb_handlesig(gdbserver_state.c_cpu, 0);
2912 #else
2913 /* In this case wait to send the syscall packet until notification that
2914 the CPU has stopped. This must be done because if the packet is sent
2915 now the reply from the syscall request could be received while the CPU
2916 is still in the running state, which can cause packets to be dropped
2917 and state transition 'T' packets to be sent while the syscall is still
2918 being processed. */
2919 qemu_cpu_kick(gdbserver_state.c_cpu);
2920 #endif
2923 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2925 va_list va;
2927 va_start(va, fmt);
2928 gdb_do_syscallv(cb, fmt, va);
2929 va_end(va);
2932 static void gdb_read_byte(uint8_t ch)
2934 uint8_t reply;
2936 #ifndef CONFIG_USER_ONLY
2937 if (gdbserver_state.last_packet->len) {
2938 /* Waiting for a response to the last packet. If we see the start
2939 of a new command then abandon the previous response. */
2940 if (ch == '-') {
2941 trace_gdbstub_err_got_nack();
2942 put_buffer(gdbserver_state.last_packet->data,
2943 gdbserver_state.last_packet->len);
2944 } else if (ch == '+') {
2945 trace_gdbstub_io_got_ack();
2946 } else {
2947 trace_gdbstub_io_got_unexpected(ch);
2950 if (ch == '+' || ch == '$') {
2951 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2953 if (ch != '$')
2954 return;
2956 if (runstate_is_running()) {
2957 /* when the CPU is running, we cannot do anything except stop
2958 it when receiving a char */
2959 vm_stop(RUN_STATE_PAUSED);
2960 } else
2961 #endif
2963 switch(gdbserver_state.state) {
2964 case RS_IDLE:
2965 if (ch == '$') {
2966 /* start of command packet */
2967 gdbserver_state.line_buf_index = 0;
2968 gdbserver_state.line_sum = 0;
2969 gdbserver_state.state = RS_GETLINE;
2970 } else {
2971 trace_gdbstub_err_garbage(ch);
2973 break;
2974 case RS_GETLINE:
2975 if (ch == '}') {
2976 /* start escape sequence */
2977 gdbserver_state.state = RS_GETLINE_ESC;
2978 gdbserver_state.line_sum += ch;
2979 } else if (ch == '*') {
2980 /* start run length encoding sequence */
2981 gdbserver_state.state = RS_GETLINE_RLE;
2982 gdbserver_state.line_sum += ch;
2983 } else if (ch == '#') {
2984 /* end of command, start of checksum*/
2985 gdbserver_state.state = RS_CHKSUM1;
2986 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2987 trace_gdbstub_err_overrun();
2988 gdbserver_state.state = RS_IDLE;
2989 } else {
2990 /* unescaped command character */
2991 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2992 gdbserver_state.line_sum += ch;
2994 break;
2995 case RS_GETLINE_ESC:
2996 if (ch == '#') {
2997 /* unexpected end of command in escape sequence */
2998 gdbserver_state.state = RS_CHKSUM1;
2999 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
3000 /* command buffer overrun */
3001 trace_gdbstub_err_overrun();
3002 gdbserver_state.state = RS_IDLE;
3003 } else {
3004 /* parse escaped character and leave escape state */
3005 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
3006 gdbserver_state.line_sum += ch;
3007 gdbserver_state.state = RS_GETLINE;
3009 break;
3010 case RS_GETLINE_RLE:
3012 * Run-length encoding is explained in "Debugging with GDB /
3013 * Appendix E GDB Remote Serial Protocol / Overview".
3015 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
3016 /* invalid RLE count encoding */
3017 trace_gdbstub_err_invalid_repeat(ch);
3018 gdbserver_state.state = RS_GETLINE;
3019 } else {
3020 /* decode repeat length */
3021 int repeat = ch - ' ' + 3;
3022 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
3023 /* that many repeats would overrun the command buffer */
3024 trace_gdbstub_err_overrun();
3025 gdbserver_state.state = RS_IDLE;
3026 } else if (gdbserver_state.line_buf_index < 1) {
3027 /* got a repeat but we have nothing to repeat */
3028 trace_gdbstub_err_invalid_rle();
3029 gdbserver_state.state = RS_GETLINE;
3030 } else {
3031 /* repeat the last character */
3032 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
3033 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
3034 gdbserver_state.line_buf_index += repeat;
3035 gdbserver_state.line_sum += ch;
3036 gdbserver_state.state = RS_GETLINE;
3039 break;
3040 case RS_CHKSUM1:
3041 /* get high hex digit of checksum */
3042 if (!isxdigit(ch)) {
3043 trace_gdbstub_err_checksum_invalid(ch);
3044 gdbserver_state.state = RS_GETLINE;
3045 break;
3047 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
3048 gdbserver_state.line_csum = fromhex(ch) << 4;
3049 gdbserver_state.state = RS_CHKSUM2;
3050 break;
3051 case RS_CHKSUM2:
3052 /* get low hex digit of checksum */
3053 if (!isxdigit(ch)) {
3054 trace_gdbstub_err_checksum_invalid(ch);
3055 gdbserver_state.state = RS_GETLINE;
3056 break;
3058 gdbserver_state.line_csum |= fromhex(ch);
3060 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3061 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3062 /* send NAK reply */
3063 reply = '-';
3064 put_buffer(&reply, 1);
3065 gdbserver_state.state = RS_IDLE;
3066 } else {
3067 /* send ACK reply */
3068 reply = '+';
3069 put_buffer(&reply, 1);
3070 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3072 break;
3073 default:
3074 abort();
3079 /* Tell the remote gdb that the process has exited. */
3080 void gdb_exit(int code)
3082 char buf[4];
3084 if (!gdbserver_state.init) {
3085 return;
3087 #ifdef CONFIG_USER_ONLY
3088 if (gdbserver_state.socket_path) {
3089 unlink(gdbserver_state.socket_path);
3091 if (gdbserver_state.fd < 0) {
3092 return;
3094 #endif
3096 trace_gdbstub_op_exiting((uint8_t)code);
3098 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3099 put_packet(buf);
3101 #ifndef CONFIG_USER_ONLY
3102 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3103 #endif
3107 * Create the process that will contain all the "orphan" CPUs (that are not
3108 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3109 * be attachable and thus will be invisible to the user.
3111 static void create_default_process(GDBState *s)
3113 GDBProcess *process;
3114 int max_pid = 0;
3116 if (gdbserver_state.process_num) {
3117 max_pid = s->processes[s->process_num - 1].pid;
3120 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3121 process = &s->processes[s->process_num - 1];
3123 /* We need an available PID slot for this process */
3124 assert(max_pid < UINT32_MAX);
3126 process->pid = max_pid + 1;
3127 process->attached = false;
3128 process->target_xml[0] = '\0';
3131 #ifdef CONFIG_USER_ONLY
3133 gdb_handlesig(CPUState *cpu, int sig)
3135 char buf[256];
3136 int n;
3138 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3139 return sig;
3142 /* disable single step if it was enabled */
3143 cpu_single_step(cpu, 0);
3144 tb_flush(cpu);
3146 if (sig != 0) {
3147 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
3148 put_packet(buf);
3150 /* put_packet() might have detected that the peer terminated the
3151 connection. */
3152 if (gdbserver_state.fd < 0) {
3153 return sig;
3156 sig = 0;
3157 gdbserver_state.state = RS_IDLE;
3158 gdbserver_state.running_state = 0;
3159 while (gdbserver_state.running_state == 0) {
3160 n = read(gdbserver_state.fd, buf, 256);
3161 if (n > 0) {
3162 int i;
3164 for (i = 0; i < n; i++) {
3165 gdb_read_byte(buf[i]);
3167 } else {
3168 /* XXX: Connection closed. Should probably wait for another
3169 connection before continuing. */
3170 if (n == 0) {
3171 close(gdbserver_state.fd);
3173 gdbserver_state.fd = -1;
3174 return sig;
3177 sig = gdbserver_state.signal;
3178 gdbserver_state.signal = 0;
3179 return sig;
3182 /* Tell the remote gdb that the process has exited due to SIG. */
3183 void gdb_signalled(CPUArchState *env, int sig)
3185 char buf[4];
3187 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3188 return;
3191 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3192 put_packet(buf);
3195 static void gdb_accept_init(int fd)
3197 init_gdbserver_state();
3198 create_default_process(&gdbserver_state);
3199 gdbserver_state.processes[0].attached = true;
3200 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3201 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3202 gdbserver_state.fd = fd;
3203 gdb_has_xml = false;
3206 static bool gdb_accept_socket(int gdb_fd)
3208 int fd;
3210 for(;;) {
3211 fd = accept(gdb_fd, NULL, NULL);
3212 if (fd < 0 && errno != EINTR) {
3213 perror("accept socket");
3214 return false;
3215 } else if (fd >= 0) {
3216 qemu_set_cloexec(fd);
3217 break;
3221 gdb_accept_init(fd);
3222 return true;
3225 static int gdbserver_open_socket(const char *path)
3227 struct sockaddr_un sockaddr;
3228 int fd, ret;
3230 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3231 if (fd < 0) {
3232 perror("create socket");
3233 return -1;
3236 sockaddr.sun_family = AF_UNIX;
3237 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3238 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3239 if (ret < 0) {
3240 perror("bind socket");
3241 close(fd);
3242 return -1;
3244 ret = listen(fd, 1);
3245 if (ret < 0) {
3246 perror("listen socket");
3247 close(fd);
3248 return -1;
3251 return fd;
3254 static bool gdb_accept_tcp(int gdb_fd)
3256 struct sockaddr_in sockaddr;
3257 socklen_t len;
3258 int fd;
3260 for(;;) {
3261 len = sizeof(sockaddr);
3262 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3263 if (fd < 0 && errno != EINTR) {
3264 perror("accept");
3265 return false;
3266 } else if (fd >= 0) {
3267 qemu_set_cloexec(fd);
3268 break;
3272 /* set short latency */
3273 if (socket_set_nodelay(fd)) {
3274 perror("setsockopt");
3275 close(fd);
3276 return false;
3279 gdb_accept_init(fd);
3280 return true;
3283 static int gdbserver_open_port(int port)
3285 struct sockaddr_in sockaddr;
3286 int fd, ret;
3288 fd = socket(PF_INET, SOCK_STREAM, 0);
3289 if (fd < 0) {
3290 perror("socket");
3291 return -1;
3293 qemu_set_cloexec(fd);
3295 socket_set_fast_reuse(fd);
3297 sockaddr.sin_family = AF_INET;
3298 sockaddr.sin_port = htons(port);
3299 sockaddr.sin_addr.s_addr = 0;
3300 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3301 if (ret < 0) {
3302 perror("bind");
3303 close(fd);
3304 return -1;
3306 ret = listen(fd, 1);
3307 if (ret < 0) {
3308 perror("listen");
3309 close(fd);
3310 return -1;
3313 return fd;
3316 int gdbserver_start(const char *port_or_path)
3318 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3319 int gdb_fd;
3321 if (port > 0) {
3322 gdb_fd = gdbserver_open_port(port);
3323 } else {
3324 gdb_fd = gdbserver_open_socket(port_or_path);
3327 if (gdb_fd < 0) {
3328 return -1;
3331 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3332 return 0;
3333 } else if (gdb_accept_socket(gdb_fd)) {
3334 gdbserver_state.socket_path = g_strdup(port_or_path);
3335 return 0;
3338 /* gone wrong */
3339 close(gdb_fd);
3340 return -1;
3343 /* Disable gdb stub for child processes. */
3344 void gdbserver_fork(CPUState *cpu)
3346 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3347 return;
3349 close(gdbserver_state.fd);
3350 gdbserver_state.fd = -1;
3351 cpu_breakpoint_remove_all(cpu, BP_GDB);
3352 cpu_watchpoint_remove_all(cpu, BP_GDB);
3354 #else
3355 static int gdb_chr_can_receive(void *opaque)
3357 /* We can handle an arbitrarily large amount of data.
3358 Pick the maximum packet size, which is as good as anything. */
3359 return MAX_PACKET_LENGTH;
3362 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3364 int i;
3366 for (i = 0; i < size; i++) {
3367 gdb_read_byte(buf[i]);
3371 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3373 int i;
3374 GDBState *s = (GDBState *) opaque;
3376 switch (event) {
3377 case CHR_EVENT_OPENED:
3378 /* Start with first process attached, others detached */
3379 for (i = 0; i < s->process_num; i++) {
3380 s->processes[i].attached = !i;
3383 s->c_cpu = gdb_first_attached_cpu();
3384 s->g_cpu = s->c_cpu;
3386 vm_stop(RUN_STATE_PAUSED);
3387 replay_gdb_attached();
3388 gdb_has_xml = false;
3389 break;
3390 default:
3391 break;
3395 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3397 g_autoptr(GString) hex_buf = g_string_new("O");
3398 memtohex(hex_buf, buf, len);
3399 put_packet(hex_buf->str);
3400 return len;
3403 #ifndef _WIN32
3404 static void gdb_sigterm_handler(int signal)
3406 if (runstate_is_running()) {
3407 vm_stop(RUN_STATE_PAUSED);
3410 #endif
3412 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3413 bool *be_opened, Error **errp)
3415 *be_opened = false;
3418 static void char_gdb_class_init(ObjectClass *oc, void *data)
3420 ChardevClass *cc = CHARDEV_CLASS(oc);
3422 cc->internal = true;
3423 cc->open = gdb_monitor_open;
3424 cc->chr_write = gdb_monitor_write;
3427 #define TYPE_CHARDEV_GDB "chardev-gdb"
3429 static const TypeInfo char_gdb_type_info = {
3430 .name = TYPE_CHARDEV_GDB,
3431 .parent = TYPE_CHARDEV,
3432 .class_init = char_gdb_class_init,
3435 static int find_cpu_clusters(Object *child, void *opaque)
3437 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3438 GDBState *s = (GDBState *) opaque;
3439 CPUClusterState *cluster = CPU_CLUSTER(child);
3440 GDBProcess *process;
3442 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3444 process = &s->processes[s->process_num - 1];
3447 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3448 * runtime, we enforce here that the machine does not use a cluster ID
3449 * that would lead to PID 0.
3451 assert(cluster->cluster_id != UINT32_MAX);
3452 process->pid = cluster->cluster_id + 1;
3453 process->attached = false;
3454 process->target_xml[0] = '\0';
3456 return 0;
3459 return object_child_foreach(child, find_cpu_clusters, opaque);
3462 static int pid_order(const void *a, const void *b)
3464 GDBProcess *pa = (GDBProcess *) a;
3465 GDBProcess *pb = (GDBProcess *) b;
3467 if (pa->pid < pb->pid) {
3468 return -1;
3469 } else if (pa->pid > pb->pid) {
3470 return 1;
3471 } else {
3472 return 0;
3476 static void create_processes(GDBState *s)
3478 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3480 if (gdbserver_state.processes) {
3481 /* Sort by PID */
3482 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3485 create_default_process(s);
3488 int gdbserver_start(const char *device)
3490 trace_gdbstub_op_start(device);
3492 char gdbstub_device_name[128];
3493 Chardev *chr = NULL;
3494 Chardev *mon_chr;
3496 if (!first_cpu) {
3497 error_report("gdbstub: meaningless to attach gdb to a "
3498 "machine without any CPU.");
3499 return -1;
3502 if (!device)
3503 return -1;
3504 if (strcmp(device, "none") != 0) {
3505 if (strstart(device, "tcp:", NULL)) {
3506 /* enforce required TCP attributes */
3507 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3508 "%s,nowait,nodelay,server", device);
3509 device = gdbstub_device_name;
3511 #ifndef _WIN32
3512 else if (strcmp(device, "stdio") == 0) {
3513 struct sigaction act;
3515 memset(&act, 0, sizeof(act));
3516 act.sa_handler = gdb_sigterm_handler;
3517 sigaction(SIGINT, &act, NULL);
3519 #endif
3521 * FIXME: it's a bit weird to allow using a mux chardev here
3522 * and implicitly setup a monitor. We may want to break this.
3524 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3525 if (!chr)
3526 return -1;
3529 if (!gdbserver_state.init) {
3530 init_gdbserver_state();
3532 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3534 /* Initialize a monitor terminal for gdb */
3535 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3536 NULL, NULL, &error_abort);
3537 monitor_init_hmp(mon_chr, false, &error_abort);
3538 } else {
3539 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3540 mon_chr = gdbserver_state.mon_chr;
3541 reset_gdbserver_state();
3544 create_processes(&gdbserver_state);
3546 if (chr) {
3547 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3548 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3549 gdb_chr_receive, gdb_chr_event,
3550 NULL, &gdbserver_state, NULL, true);
3552 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3553 gdbserver_state.mon_chr = mon_chr;
3554 gdbserver_state.current_syscall_cb = NULL;
3556 return 0;
3559 static void register_types(void)
3561 type_register_static(&char_gdb_type_info);
3564 type_init(register_types);
3565 #endif