4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace-root.h"
34 #ifdef CONFIG_USER_ONLY
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "sysemu/sysemu.h"
41 #include "exec/gdbstub.h"
42 #include "hw/cpu/cluster.h"
43 #include "hw/boards.h"
46 #define MAX_PACKET_LENGTH 4096
48 #include "qemu/sockets.h"
49 #include "sysemu/hw_accel.h"
50 #include "sysemu/kvm.h"
51 #include "sysemu/runstate.h"
52 #include "hw/semihosting/semihost.h"
53 #include "exec/exec-all.h"
55 #ifdef CONFIG_USER_ONLY
56 #define GDB_ATTACHED "0"
58 #define GDB_ATTACHED "1"
61 #ifndef CONFIG_USER_ONLY
62 static int phy_memory_mode
;
65 static inline int target_memory_rw_debug(CPUState
*cpu
, target_ulong addr
,
66 uint8_t *buf
, int len
, bool is_write
)
70 #ifndef CONFIG_USER_ONLY
71 if (phy_memory_mode
) {
73 cpu_physical_memory_write(addr
, buf
, len
);
75 cpu_physical_memory_read(addr
, buf
, len
);
81 cc
= CPU_GET_CLASS(cpu
);
82 if (cc
->memory_rw_debug
) {
83 return cc
->memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
85 return cpu_memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
88 /* Return the GDB index for a given vCPU state.
90 * For user mode this is simply the thread id. In system mode GDB
91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
93 static inline int cpu_gdb_index(CPUState
*cpu
)
95 #if defined(CONFIG_USER_ONLY)
96 TaskState
*ts
= (TaskState
*) cpu
->opaque
;
99 return cpu
->cpu_index
+ 1;
109 GDB_SIGNAL_ALRM
= 14,
111 GDB_SIGNAL_XCPU
= 24,
112 GDB_SIGNAL_UNKNOWN
= 143
115 #ifdef CONFIG_USER_ONLY
117 /* Map target signal numbers to GDB protocol signal numbers and vice
118 * versa. For user emulation's currently supported systems, we can
119 * assume most signals are defined.
122 static int gdb_signal_table
[] = {
282 /* In system mode we only need SIGINT and SIGTRAP; other signals
283 are not yet supported. */
290 static int gdb_signal_table
[] = {
300 #ifdef CONFIG_USER_ONLY
301 static int target_signal_to_gdb (int sig
)
304 for (i
= 0; i
< ARRAY_SIZE (gdb_signal_table
); i
++)
305 if (gdb_signal_table
[i
] == sig
)
307 return GDB_SIGNAL_UNKNOWN
;
311 static int gdb_signal_to_target (int sig
)
313 if (sig
< ARRAY_SIZE (gdb_signal_table
))
314 return gdb_signal_table
[sig
];
319 typedef struct GDBRegisterState
{
322 gdb_get_reg_cb get_reg
;
323 gdb_set_reg_cb set_reg
;
325 struct GDBRegisterState
*next
;
328 typedef struct GDBProcess
{
332 char target_xml
[1024];
344 typedef struct GDBState
{
345 bool init
; /* have we been initialised? */
346 CPUState
*c_cpu
; /* current CPU for step/continue ops */
347 CPUState
*g_cpu
; /* current CPU for other ops */
348 CPUState
*query_cpu
; /* for q{f|s}ThreadInfo */
349 enum RSState state
; /* parsing state */
350 char line_buf
[MAX_PACKET_LENGTH
];
352 int line_sum
; /* running checksum */
353 int line_csum
; /* checksum at the end of the packet */
354 GByteArray
*last_packet
;
356 #ifdef CONFIG_USER_ONLY
365 GDBProcess
*processes
;
367 char syscall_buf
[256];
368 gdb_syscall_complete_cb current_syscall_cb
;
373 /* By default use no IRQs and no timers while single stepping so as to
374 * make single stepping like an ICE HW step.
376 static int sstep_flags
= SSTEP_ENABLE
|SSTEP_NOIRQ
|SSTEP_NOTIMER
;
378 static GDBState gdbserver_state
;
380 static void init_gdbserver_state(void)
382 g_assert(!gdbserver_state
.init
);
383 memset(&gdbserver_state
, 0, sizeof(GDBState
));
384 gdbserver_state
.init
= true;
385 gdbserver_state
.str_buf
= g_string_new(NULL
);
386 gdbserver_state
.mem_buf
= g_byte_array_sized_new(MAX_PACKET_LENGTH
);
387 gdbserver_state
.last_packet
= g_byte_array_sized_new(MAX_PACKET_LENGTH
+ 4);
390 #ifndef CONFIG_USER_ONLY
391 static void reset_gdbserver_state(void)
393 g_free(gdbserver_state
.processes
);
394 gdbserver_state
.processes
= NULL
;
395 gdbserver_state
.process_num
= 0;
401 #ifdef CONFIG_USER_ONLY
403 static int get_char(void)
409 ret
= qemu_recv(gdbserver_state
.fd
, &ch
, 1, 0);
411 if (errno
== ECONNRESET
)
412 gdbserver_state
.fd
= -1;
415 } else if (ret
== 0) {
416 close(gdbserver_state
.fd
);
417 gdbserver_state
.fd
= -1;
433 /* Decide if either remote gdb syscalls or native file IO should be used. */
434 int use_gdb_syscalls(void)
436 SemihostingTarget target
= semihosting_get_target();
437 if (target
== SEMIHOSTING_TARGET_NATIVE
) {
438 /* -semihosting-config target=native */
440 } else if (target
== SEMIHOSTING_TARGET_GDB
) {
441 /* -semihosting-config target=gdb */
445 /* -semihosting-config target=auto */
446 /* On the first call check if gdb is connected and remember. */
447 if (gdb_syscall_mode
== GDB_SYS_UNKNOWN
) {
448 gdb_syscall_mode
= gdbserver_state
.init
?
449 GDB_SYS_ENABLED
: GDB_SYS_DISABLED
;
451 return gdb_syscall_mode
== GDB_SYS_ENABLED
;
454 /* Resume execution. */
455 static inline void gdb_continue(void)
458 #ifdef CONFIG_USER_ONLY
459 gdbserver_state
.running_state
= 1;
460 trace_gdbstub_op_continue();
462 if (!runstate_needs_reset()) {
463 trace_gdbstub_op_continue();
470 * Resume execution, per CPU actions. For user-mode emulation it's
471 * equivalent to gdb_continue.
473 static int gdb_continue_partial(char *newstates
)
477 #ifdef CONFIG_USER_ONLY
479 * This is not exactly accurate, but it's an improvement compared to the
480 * previous situation, where only one CPU would be single-stepped.
483 if (newstates
[cpu
->cpu_index
] == 's') {
484 trace_gdbstub_op_stepping(cpu
->cpu_index
);
485 cpu_single_step(cpu
, sstep_flags
);
488 gdbserver_state
.running_state
= 1;
492 if (!runstate_needs_reset()) {
493 if (vm_prepare_start()) {
498 switch (newstates
[cpu
->cpu_index
]) {
501 break; /* nothing to do here */
503 trace_gdbstub_op_stepping(cpu
->cpu_index
);
504 cpu_single_step(cpu
, sstep_flags
);
509 trace_gdbstub_op_continue_cpu(cpu
->cpu_index
);
520 qemu_clock_enable(QEMU_CLOCK_VIRTUAL
, true);
526 static void put_buffer(const uint8_t *buf
, int len
)
528 #ifdef CONFIG_USER_ONLY
532 ret
= send(gdbserver_state
.fd
, buf
, len
, 0);
542 /* XXX this blocks entire thread. Rewrite to use
543 * qemu_chr_fe_write and background I/O callbacks */
544 qemu_chr_fe_write_all(&gdbserver_state
.chr
, buf
, len
);
548 static inline int fromhex(int v
)
550 if (v
>= '0' && v
<= '9')
552 else if (v
>= 'A' && v
<= 'F')
554 else if (v
>= 'a' && v
<= 'f')
560 static inline int tohex(int v
)
568 /* writes 2*len+1 bytes in buf */
569 static void memtohex(GString
*buf
, const uint8_t *mem
, int len
)
572 for(i
= 0; i
< len
; i
++) {
574 g_string_append_c(buf
, tohex(c
>> 4));
575 g_string_append_c(buf
, tohex(c
& 0xf));
577 g_string_append_c(buf
, '\0');
580 static void hextomem(GByteArray
*mem
, const char *buf
, int len
)
584 for(i
= 0; i
< len
; i
++) {
585 guint8 byte
= fromhex(buf
[0]) << 4 | fromhex(buf
[1]);
586 g_byte_array_append(mem
, &byte
, 1);
591 static void hexdump(const char *buf
, int len
,
592 void (*trace_fn
)(size_t ofs
, char const *text
))
594 char line_buffer
[3 * 16 + 4 + 16 + 1];
597 for (i
= 0; i
< len
|| (i
& 0xF); ++i
) {
598 size_t byte_ofs
= i
& 15;
601 memset(line_buffer
, ' ', 3 * 16 + 4 + 16);
602 line_buffer
[3 * 16 + 4 + 16] = 0;
605 size_t col_group
= (i
>> 2) & 3;
606 size_t hex_col
= byte_ofs
* 3 + col_group
;
607 size_t txt_col
= 3 * 16 + 4 + byte_ofs
;
612 line_buffer
[hex_col
+ 0] = tohex((value
>> 4) & 0xF);
613 line_buffer
[hex_col
+ 1] = tohex((value
>> 0) & 0xF);
614 line_buffer
[txt_col
+ 0] = (value
>= ' ' && value
< 127)
620 trace_fn(i
& -16, line_buffer
);
624 /* return -1 if error, 0 if OK */
625 static int put_packet_binary(const char *buf
, int len
, bool dump
)
630 if (dump
&& trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY
)) {
631 hexdump(buf
, len
, trace_gdbstub_io_binaryreply
);
635 g_byte_array_set_size(gdbserver_state
.last_packet
, 0);
636 g_byte_array_append(gdbserver_state
.last_packet
,
637 (const uint8_t *) "$", 1);
638 g_byte_array_append(gdbserver_state
.last_packet
,
639 (const uint8_t *) buf
, len
);
641 for(i
= 0; i
< len
; i
++) {
645 footer
[1] = tohex((csum
>> 4) & 0xf);
646 footer
[2] = tohex((csum
) & 0xf);
647 g_byte_array_append(gdbserver_state
.last_packet
, footer
, 3);
649 put_buffer(gdbserver_state
.last_packet
->data
,
650 gdbserver_state
.last_packet
->len
);
652 #ifdef CONFIG_USER_ONLY
665 /* return -1 if error, 0 if OK */
666 static int put_packet(const char *buf
)
668 trace_gdbstub_io_reply(buf
);
670 return put_packet_binary(buf
, strlen(buf
), false);
673 static void put_strbuf(void)
675 put_packet(gdbserver_state
.str_buf
->str
);
678 /* Encode data using the encoding for 'x' packets. */
679 static void memtox(GString
*buf
, const char *mem
, int len
)
686 case '#': case '$': case '*': case '}':
687 g_string_append_c(buf
, '}');
688 g_string_append_c(buf
, c
^ 0x20);
691 g_string_append_c(buf
, c
);
697 static uint32_t gdb_get_cpu_pid(CPUState
*cpu
)
699 /* TODO: In user mode, we should use the task state PID */
700 if (cpu
->cluster_index
== UNASSIGNED_CLUSTER_INDEX
) {
701 /* Return the default process' PID */
702 int index
= gdbserver_state
.process_num
- 1;
703 return gdbserver_state
.processes
[index
].pid
;
705 return cpu
->cluster_index
+ 1;
708 static GDBProcess
*gdb_get_process(uint32_t pid
)
713 /* 0 means any process, we take the first one */
714 return &gdbserver_state
.processes
[0];
717 for (i
= 0; i
< gdbserver_state
.process_num
; i
++) {
718 if (gdbserver_state
.processes
[i
].pid
== pid
) {
719 return &gdbserver_state
.processes
[i
];
726 static GDBProcess
*gdb_get_cpu_process(CPUState
*cpu
)
728 return gdb_get_process(gdb_get_cpu_pid(cpu
));
731 static CPUState
*find_cpu(uint32_t thread_id
)
736 if (cpu_gdb_index(cpu
) == thread_id
) {
744 static CPUState
*get_first_cpu_in_process(GDBProcess
*process
)
749 if (gdb_get_cpu_pid(cpu
) == process
->pid
) {
757 static CPUState
*gdb_next_cpu_in_process(CPUState
*cpu
)
759 uint32_t pid
= gdb_get_cpu_pid(cpu
);
763 if (gdb_get_cpu_pid(cpu
) == pid
) {
773 /* Return the cpu following @cpu, while ignoring unattached processes. */
774 static CPUState
*gdb_next_attached_cpu(CPUState
*cpu
)
779 if (gdb_get_cpu_process(cpu
)->attached
) {
789 /* Return the first attached cpu */
790 static CPUState
*gdb_first_attached_cpu(void)
792 CPUState
*cpu
= first_cpu
;
793 GDBProcess
*process
= gdb_get_cpu_process(cpu
);
795 if (!process
->attached
) {
796 return gdb_next_attached_cpu(cpu
);
802 static CPUState
*gdb_get_cpu(uint32_t pid
, uint32_t tid
)
808 /* 0 means any process/thread, we take the first attached one */
809 return gdb_first_attached_cpu();
810 } else if (pid
&& !tid
) {
811 /* any thread in a specific process */
812 process
= gdb_get_process(pid
);
814 if (process
== NULL
) {
818 if (!process
->attached
) {
822 return get_first_cpu_in_process(process
);
824 /* a specific thread */
831 process
= gdb_get_cpu_process(cpu
);
833 if (pid
&& process
->pid
!= pid
) {
837 if (!process
->attached
) {
845 static const char *get_feature_xml(const char *p
, const char **newp
,
851 CPUState
*cpu
= get_first_cpu_in_process(process
);
852 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
855 while (p
[len
] && p
[len
] != ':')
860 if (strncmp(p
, "target.xml", len
) == 0) {
861 char *buf
= process
->target_xml
;
862 const size_t buf_sz
= sizeof(process
->target_xml
);
864 /* Generate the XML description for this CPU. */
869 "<?xml version=\"1.0\"?>"
870 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
872 if (cc
->gdb_arch_name
) {
873 gchar
*arch
= cc
->gdb_arch_name(cpu
);
874 pstrcat(buf
, buf_sz
, "<architecture>");
875 pstrcat(buf
, buf_sz
, arch
);
876 pstrcat(buf
, buf_sz
, "</architecture>");
879 pstrcat(buf
, buf_sz
, "<xi:include href=\"");
880 pstrcat(buf
, buf_sz
, cc
->gdb_core_xml_file
);
881 pstrcat(buf
, buf_sz
, "\"/>");
882 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
883 pstrcat(buf
, buf_sz
, "<xi:include href=\"");
884 pstrcat(buf
, buf_sz
, r
->xml
);
885 pstrcat(buf
, buf_sz
, "\"/>");
887 pstrcat(buf
, buf_sz
, "</target>");
891 if (cc
->gdb_get_dynamic_xml
) {
892 char *xmlname
= g_strndup(p
, len
);
893 const char *xml
= cc
->gdb_get_dynamic_xml(cpu
, xmlname
);
901 name
= xml_builtin
[i
][0];
902 if (!name
|| (strncmp(name
, p
, len
) == 0 && strlen(name
) == len
))
905 return name
? xml_builtin
[i
][1] : NULL
;
908 static int gdb_read_register(CPUState
*cpu
, GByteArray
*buf
, int reg
)
910 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
911 CPUArchState
*env
= cpu
->env_ptr
;
914 if (reg
< cc
->gdb_num_core_regs
) {
915 return cc
->gdb_read_register(cpu
, buf
, reg
);
918 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
919 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
920 return r
->get_reg(env
, buf
, reg
- r
->base_reg
);
926 static int gdb_write_register(CPUState
*cpu
, uint8_t *mem_buf
, int reg
)
928 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
929 CPUArchState
*env
= cpu
->env_ptr
;
932 if (reg
< cc
->gdb_num_core_regs
) {
933 return cc
->gdb_write_register(cpu
, mem_buf
, reg
);
936 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
937 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
938 return r
->set_reg(env
, mem_buf
, reg
- r
->base_reg
);
944 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
945 specifies the first register number and these registers are included in
946 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
947 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
950 void gdb_register_coprocessor(CPUState
*cpu
,
951 gdb_get_reg_cb get_reg
, gdb_set_reg_cb set_reg
,
952 int num_regs
, const char *xml
, int g_pos
)
955 GDBRegisterState
**p
;
959 /* Check for duplicates. */
960 if (strcmp((*p
)->xml
, xml
) == 0)
965 s
= g_new0(GDBRegisterState
, 1);
966 s
->base_reg
= cpu
->gdb_num_regs
;
967 s
->num_regs
= num_regs
;
968 s
->get_reg
= get_reg
;
969 s
->set_reg
= set_reg
;
972 /* Add to end of list. */
973 cpu
->gdb_num_regs
+= num_regs
;
976 if (g_pos
!= s
->base_reg
) {
977 error_report("Error: Bad gdb register numbering for '%s', "
978 "expected %d got %d", xml
, g_pos
, s
->base_reg
);
980 cpu
->gdb_num_g_regs
= cpu
->gdb_num_regs
;
985 #ifndef CONFIG_USER_ONLY
986 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
987 static inline int xlat_gdb_type(CPUState
*cpu
, int gdbtype
)
989 static const int xlat
[] = {
990 [GDB_WATCHPOINT_WRITE
] = BP_GDB
| BP_MEM_WRITE
,
991 [GDB_WATCHPOINT_READ
] = BP_GDB
| BP_MEM_READ
,
992 [GDB_WATCHPOINT_ACCESS
] = BP_GDB
| BP_MEM_ACCESS
,
995 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
996 int cputype
= xlat
[gdbtype
];
998 if (cc
->gdb_stop_before_watchpoint
) {
999 cputype
|= BP_STOP_BEFORE_ACCESS
;
1005 static int gdb_breakpoint_insert(int type
, target_ulong addr
, target_ulong len
)
1010 if (kvm_enabled()) {
1011 return kvm_insert_breakpoint(gdbserver_state
.c_cpu
, addr
, len
, type
);
1015 case GDB_BREAKPOINT_SW
:
1016 case GDB_BREAKPOINT_HW
:
1018 err
= cpu_breakpoint_insert(cpu
, addr
, BP_GDB
, NULL
);
1024 #ifndef CONFIG_USER_ONLY
1025 case GDB_WATCHPOINT_WRITE
:
1026 case GDB_WATCHPOINT_READ
:
1027 case GDB_WATCHPOINT_ACCESS
:
1029 err
= cpu_watchpoint_insert(cpu
, addr
, len
,
1030 xlat_gdb_type(cpu
, type
), NULL
);
1042 static int gdb_breakpoint_remove(int type
, target_ulong addr
, target_ulong len
)
1047 if (kvm_enabled()) {
1048 return kvm_remove_breakpoint(gdbserver_state
.c_cpu
, addr
, len
, type
);
1052 case GDB_BREAKPOINT_SW
:
1053 case GDB_BREAKPOINT_HW
:
1055 err
= cpu_breakpoint_remove(cpu
, addr
, BP_GDB
);
1061 #ifndef CONFIG_USER_ONLY
1062 case GDB_WATCHPOINT_WRITE
:
1063 case GDB_WATCHPOINT_READ
:
1064 case GDB_WATCHPOINT_ACCESS
:
1066 err
= cpu_watchpoint_remove(cpu
, addr
, len
,
1067 xlat_gdb_type(cpu
, type
));
1078 static inline void gdb_cpu_breakpoint_remove_all(CPUState
*cpu
)
1080 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
1081 #ifndef CONFIG_USER_ONLY
1082 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
1086 static void gdb_process_breakpoint_remove_all(GDBProcess
*p
)
1088 CPUState
*cpu
= get_first_cpu_in_process(p
);
1091 gdb_cpu_breakpoint_remove_all(cpu
);
1092 cpu
= gdb_next_cpu_in_process(cpu
);
1096 static void gdb_breakpoint_remove_all(void)
1100 if (kvm_enabled()) {
1101 kvm_remove_all_breakpoints(gdbserver_state
.c_cpu
);
1106 gdb_cpu_breakpoint_remove_all(cpu
);
1110 static void gdb_set_cpu_pc(target_ulong pc
)
1112 CPUState
*cpu
= gdbserver_state
.c_cpu
;
1114 cpu_synchronize_state(cpu
);
1115 cpu_set_pc(cpu
, pc
);
1118 static void gdb_append_thread_id(CPUState
*cpu
, GString
*buf
)
1120 if (gdbserver_state
.multiprocess
) {
1121 g_string_append_printf(buf
, "p%02x.%02x",
1122 gdb_get_cpu_pid(cpu
), cpu_gdb_index(cpu
));
1124 g_string_append_printf(buf
, "%02x", cpu_gdb_index(cpu
));
1128 typedef enum GDBThreadIdKind
{
1130 GDB_ALL_THREADS
, /* One process, all threads */
1135 static GDBThreadIdKind
read_thread_id(const char *buf
, const char **end_buf
,
1136 uint32_t *pid
, uint32_t *tid
)
1143 ret
= qemu_strtoul(buf
, &buf
, 16, &p
);
1146 return GDB_READ_THREAD_ERR
;
1155 ret
= qemu_strtoul(buf
, &buf
, 16, &t
);
1158 return GDB_READ_THREAD_ERR
;
1164 return GDB_ALL_PROCESSES
;
1172 return GDB_ALL_THREADS
;
1179 return GDB_ONE_THREAD
;
1183 * gdb_handle_vcont - Parses and handles a vCont packet.
1184 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1185 * a format error, 0 on success.
1187 static int gdb_handle_vcont(const char *p
)
1189 int res
, signal
= 0;
1194 GDBProcess
*process
;
1196 GDBThreadIdKind kind
;
1197 #ifdef CONFIG_USER_ONLY
1198 int max_cpus
= 1; /* global variable max_cpus exists only in system mode */
1201 max_cpus
= max_cpus
<= cpu
->cpu_index
? cpu
->cpu_index
+ 1 : max_cpus
;
1204 MachineState
*ms
= MACHINE(qdev_get_machine());
1205 unsigned int max_cpus
= ms
->smp
.max_cpus
;
1207 /* uninitialised CPUs stay 0 */
1208 newstates
= g_new0(char, max_cpus
);
1210 /* mark valid CPUs with 1 */
1212 newstates
[cpu
->cpu_index
] = 1;
1216 * res keeps track of what error we are returning, with -ENOTSUP meaning
1217 * that the command is unknown or unsupported, thus returning an empty
1218 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1219 * or incorrect parameters passed.
1229 if (cur_action
== 'C' || cur_action
== 'S') {
1230 cur_action
= qemu_tolower(cur_action
);
1231 res
= qemu_strtoul(p
+ 1, &p
, 16, &tmp
);
1235 signal
= gdb_signal_to_target(tmp
);
1236 } else if (cur_action
!= 'c' && cur_action
!= 's') {
1237 /* unknown/invalid/unsupported command */
1242 if (*p
== '\0' || *p
== ';') {
1244 * No thread specifier, action is on "all threads". The
1245 * specification is unclear regarding the process to act on. We
1246 * choose all processes.
1248 kind
= GDB_ALL_PROCESSES
;
1249 } else if (*p
++ == ':') {
1250 kind
= read_thread_id(p
, &p
, &pid
, &tid
);
1257 case GDB_READ_THREAD_ERR
:
1261 case GDB_ALL_PROCESSES
:
1262 cpu
= gdb_first_attached_cpu();
1264 if (newstates
[cpu
->cpu_index
] == 1) {
1265 newstates
[cpu
->cpu_index
] = cur_action
;
1268 cpu
= gdb_next_attached_cpu(cpu
);
1272 case GDB_ALL_THREADS
:
1273 process
= gdb_get_process(pid
);
1275 if (!process
->attached
) {
1280 cpu
= get_first_cpu_in_process(process
);
1282 if (newstates
[cpu
->cpu_index
] == 1) {
1283 newstates
[cpu
->cpu_index
] = cur_action
;
1286 cpu
= gdb_next_cpu_in_process(cpu
);
1290 case GDB_ONE_THREAD
:
1291 cpu
= gdb_get_cpu(pid
, tid
);
1293 /* invalid CPU/thread specified */
1299 /* only use if no previous match occourred */
1300 if (newstates
[cpu
->cpu_index
] == 1) {
1301 newstates
[cpu
->cpu_index
] = cur_action
;
1306 gdbserver_state
.signal
= signal
;
1307 gdb_continue_partial(newstates
);
1315 typedef union GdbCmdVariant
{
1318 unsigned long val_ul
;
1319 unsigned long long val_ull
;
1321 GDBThreadIdKind kind
;
1327 static const char *cmd_next_param(const char *param
, const char delimiter
)
1329 static const char all_delimiters
[] = ",;:=";
1330 char curr_delimiters
[2] = {0};
1331 const char *delimiters
;
1333 if (delimiter
== '?') {
1334 delimiters
= all_delimiters
;
1335 } else if (delimiter
== '0') {
1336 return strchr(param
, '\0');
1337 } else if (delimiter
== '.' && *param
) {
1340 curr_delimiters
[0] = delimiter
;
1341 delimiters
= curr_delimiters
;
1344 param
+= strcspn(param
, delimiters
);
1351 static int cmd_parse_params(const char *data
, const char *schema
,
1352 GdbCmdVariant
*params
, int *num_params
)
1355 const char *curr_schema
, *curr_data
;
1363 curr_schema
= schema
;
1366 while (curr_schema
[0] && curr_schema
[1] && *curr_data
) {
1367 switch (curr_schema
[0]) {
1369 if (qemu_strtoul(curr_data
, &curr_data
, 16,
1370 ¶ms
[curr_param
].val_ul
)) {
1374 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1377 if (qemu_strtou64(curr_data
, &curr_data
, 16,
1378 (uint64_t *)¶ms
[curr_param
].val_ull
)) {
1382 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1385 params
[curr_param
].data
= curr_data
;
1387 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1390 params
[curr_param
].opcode
= *(uint8_t *)curr_data
;
1392 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1395 params
[curr_param
].thread_id
.kind
=
1396 read_thread_id(curr_data
, &curr_data
,
1397 ¶ms
[curr_param
].thread_id
.pid
,
1398 ¶ms
[curr_param
].thread_id
.tid
);
1400 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1403 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1411 *num_params
= curr_param
;
1415 typedef struct GdbCmdContext
{
1416 GdbCmdVariant
*params
;
1420 typedef void (*GdbCmdHandler
)(GdbCmdContext
*gdb_ctx
, void *user_ctx
);
1423 * cmd_startswith -> cmd is compared using startswith
1426 * schema definitions:
1427 * Each schema parameter entry consists of 2 chars,
1428 * the first char represents the parameter type handling
1429 * the second char represents the delimiter for the next parameter
1431 * Currently supported schema types:
1432 * 'l' -> unsigned long (stored in .val_ul)
1433 * 'L' -> unsigned long long (stored in .val_ull)
1434 * 's' -> string (stored in .data)
1435 * 'o' -> single char (stored in .opcode)
1436 * 't' -> thread id (stored in .thread_id)
1437 * '?' -> skip according to delimiter
1439 * Currently supported delimiters:
1440 * '?' -> Stop at any delimiter (",;:=\0")
1441 * '0' -> Stop at "\0"
1442 * '.' -> Skip 1 char unless reached "\0"
1443 * Any other value is treated as the delimiter value itself
1445 typedef struct GdbCmdParseEntry
{
1446 GdbCmdHandler handler
;
1448 bool cmd_startswith
;
1452 static inline int startswith(const char *string
, const char *pattern
)
1454 return !strncmp(string
, pattern
, strlen(pattern
));
1457 static int process_string_cmd(void *user_ctx
, const char *data
,
1458 const GdbCmdParseEntry
*cmds
, int num_cmds
)
1460 int i
, schema_len
, max_num_params
= 0;
1461 GdbCmdContext gdb_ctx
;
1467 for (i
= 0; i
< num_cmds
; i
++) {
1468 const GdbCmdParseEntry
*cmd
= &cmds
[i
];
1469 g_assert(cmd
->handler
&& cmd
->cmd
);
1471 if ((cmd
->cmd_startswith
&& !startswith(data
, cmd
->cmd
)) ||
1472 (!cmd
->cmd_startswith
&& strcmp(cmd
->cmd
, data
))) {
1477 schema_len
= strlen(cmd
->schema
);
1478 if (schema_len
% 2) {
1482 max_num_params
= schema_len
/ 2;
1486 (GdbCmdVariant
*)alloca(sizeof(*gdb_ctx
.params
) * max_num_params
);
1487 memset(gdb_ctx
.params
, 0, sizeof(*gdb_ctx
.params
) * max_num_params
);
1489 if (cmd_parse_params(&data
[strlen(cmd
->cmd
)], cmd
->schema
,
1490 gdb_ctx
.params
, &gdb_ctx
.num_params
)) {
1494 cmd
->handler(&gdb_ctx
, user_ctx
);
1501 static void run_cmd_parser(const char *data
, const GdbCmdParseEntry
*cmd
)
1507 g_string_set_size(gdbserver_state
.str_buf
, 0);
1508 g_byte_array_set_size(gdbserver_state
.mem_buf
, 0);
1510 /* In case there was an error during the command parsing we must
1511 * send a NULL packet to indicate the command is not supported */
1512 if (process_string_cmd(NULL
, data
, cmd
, 1)) {
1517 static void handle_detach(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1519 GDBProcess
*process
;
1522 if (gdbserver_state
.multiprocess
) {
1523 if (!gdb_ctx
->num_params
) {
1528 pid
= gdb_ctx
->params
[0].val_ul
;
1531 process
= gdb_get_process(pid
);
1532 gdb_process_breakpoint_remove_all(process
);
1533 process
->attached
= false;
1535 if (pid
== gdb_get_cpu_pid(gdbserver_state
.c_cpu
)) {
1536 gdbserver_state
.c_cpu
= gdb_first_attached_cpu();
1539 if (pid
== gdb_get_cpu_pid(gdbserver_state
.g_cpu
)) {
1540 gdbserver_state
.g_cpu
= gdb_first_attached_cpu();
1543 if (!gdbserver_state
.c_cpu
) {
1544 /* No more process attached */
1545 gdb_syscall_mode
= GDB_SYS_DISABLED
;
1551 static void handle_thread_alive(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1555 if (!gdb_ctx
->num_params
) {
1560 if (gdb_ctx
->params
[0].thread_id
.kind
== GDB_READ_THREAD_ERR
) {
1565 cpu
= gdb_get_cpu(gdb_ctx
->params
[0].thread_id
.pid
,
1566 gdb_ctx
->params
[0].thread_id
.tid
);
1575 static void handle_continue(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1577 if (gdb_ctx
->num_params
) {
1578 gdb_set_cpu_pc(gdb_ctx
->params
[0].val_ull
);
1581 gdbserver_state
.signal
= 0;
1585 static void handle_cont_with_sig(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1587 unsigned long signal
= 0;
1590 * Note: C sig;[addr] is currently unsupported and we simply
1591 * omit the addr parameter
1593 if (gdb_ctx
->num_params
) {
1594 signal
= gdb_ctx
->params
[0].val_ul
;
1597 gdbserver_state
.signal
= gdb_signal_to_target(signal
);
1598 if (gdbserver_state
.signal
== -1) {
1599 gdbserver_state
.signal
= 0;
1604 static void handle_set_thread(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1608 if (gdb_ctx
->num_params
!= 2) {
1613 if (gdb_ctx
->params
[1].thread_id
.kind
== GDB_READ_THREAD_ERR
) {
1618 if (gdb_ctx
->params
[1].thread_id
.kind
!= GDB_ONE_THREAD
) {
1623 cpu
= gdb_get_cpu(gdb_ctx
->params
[1].thread_id
.pid
,
1624 gdb_ctx
->params
[1].thread_id
.tid
);
1631 * Note: This command is deprecated and modern gdb's will be using the
1632 * vCont command instead.
1634 switch (gdb_ctx
->params
[0].opcode
) {
1636 gdbserver_state
.c_cpu
= cpu
;
1640 gdbserver_state
.g_cpu
= cpu
;
1649 static void handle_insert_bp(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1653 if (gdb_ctx
->num_params
!= 3) {
1658 res
= gdb_breakpoint_insert(gdb_ctx
->params
[0].val_ul
,
1659 gdb_ctx
->params
[1].val_ull
,
1660 gdb_ctx
->params
[2].val_ull
);
1664 } else if (res
== -ENOSYS
) {
1672 static void handle_remove_bp(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1676 if (gdb_ctx
->num_params
!= 3) {
1681 res
= gdb_breakpoint_remove(gdb_ctx
->params
[0].val_ul
,
1682 gdb_ctx
->params
[1].val_ull
,
1683 gdb_ctx
->params
[2].val_ull
);
1687 } else if (res
== -ENOSYS
) {
1696 * handle_set/get_reg
1698 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1699 * This works, but can be very slow. Anything new enough to understand
1700 * XML also knows how to use this properly. However to use this we
1701 * need to define a local XML file as well as be talking to a
1702 * reasonably modern gdb. Responding with an empty packet will cause
1703 * the remote gdb to fallback to older methods.
1706 static void handle_set_reg(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1715 if (gdb_ctx
->num_params
!= 2) {
1720 reg_size
= strlen(gdb_ctx
->params
[1].data
) / 2;
1721 hextomem(gdbserver_state
.mem_buf
, gdb_ctx
->params
[1].data
, reg_size
);
1722 gdb_write_register(gdbserver_state
.g_cpu
, gdbserver_state
.mem_buf
->data
,
1723 gdb_ctx
->params
[0].val_ull
);
1727 static void handle_get_reg(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1736 if (!gdb_ctx
->num_params
) {
1741 reg_size
= gdb_read_register(gdbserver_state
.g_cpu
,
1742 gdbserver_state
.mem_buf
,
1743 gdb_ctx
->params
[0].val_ull
);
1748 g_byte_array_set_size(gdbserver_state
.mem_buf
, reg_size
);
1751 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
, reg_size
);
1755 static void handle_write_mem(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1757 if (gdb_ctx
->num_params
!= 3) {
1762 /* hextomem() reads 2*len bytes */
1763 if (gdb_ctx
->params
[1].val_ull
> strlen(gdb_ctx
->params
[2].data
) / 2) {
1768 hextomem(gdbserver_state
.mem_buf
, gdb_ctx
->params
[2].data
,
1769 gdb_ctx
->params
[1].val_ull
);
1770 if (target_memory_rw_debug(gdbserver_state
.g_cpu
, gdb_ctx
->params
[0].val_ull
,
1771 gdbserver_state
.mem_buf
->data
,
1772 gdbserver_state
.mem_buf
->len
, true)) {
1780 static void handle_read_mem(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1782 if (gdb_ctx
->num_params
!= 2) {
1787 /* memtohex() doubles the required space */
1788 if (gdb_ctx
->params
[1].val_ull
> MAX_PACKET_LENGTH
/ 2) {
1793 g_byte_array_set_size(gdbserver_state
.mem_buf
, gdb_ctx
->params
[1].val_ull
);
1795 if (target_memory_rw_debug(gdbserver_state
.g_cpu
, gdb_ctx
->params
[0].val_ull
,
1796 gdbserver_state
.mem_buf
->data
,
1797 gdbserver_state
.mem_buf
->len
, false)) {
1802 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
,
1803 gdbserver_state
.mem_buf
->len
);
1807 static void handle_write_all_regs(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1809 target_ulong addr
, len
;
1813 if (!gdb_ctx
->num_params
) {
1817 cpu_synchronize_state(gdbserver_state
.g_cpu
);
1818 len
= strlen(gdb_ctx
->params
[0].data
) / 2;
1819 hextomem(gdbserver_state
.mem_buf
, gdb_ctx
->params
[0].data
, len
);
1820 registers
= gdbserver_state
.mem_buf
->data
;
1821 for (addr
= 0; addr
< gdbserver_state
.g_cpu
->gdb_num_g_regs
&& len
> 0;
1823 reg_size
= gdb_write_register(gdbserver_state
.g_cpu
, registers
, addr
);
1825 registers
+= reg_size
;
1830 static void handle_read_all_regs(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1832 target_ulong addr
, len
;
1834 cpu_synchronize_state(gdbserver_state
.g_cpu
);
1835 g_byte_array_set_size(gdbserver_state
.mem_buf
, 0);
1837 for (addr
= 0; addr
< gdbserver_state
.g_cpu
->gdb_num_g_regs
; addr
++) {
1838 len
+= gdb_read_register(gdbserver_state
.g_cpu
,
1839 gdbserver_state
.mem_buf
,
1842 g_assert(len
== gdbserver_state
.mem_buf
->len
);
1844 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
, len
);
1848 static void handle_file_io(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1850 if (gdb_ctx
->num_params
>= 1 && gdbserver_state
.current_syscall_cb
) {
1851 target_ulong ret
, err
;
1853 ret
= (target_ulong
)gdb_ctx
->params
[0].val_ull
;
1854 if (gdb_ctx
->num_params
>= 2) {
1855 err
= (target_ulong
)gdb_ctx
->params
[1].val_ull
;
1859 gdbserver_state
.current_syscall_cb(gdbserver_state
.c_cpu
, ret
, err
);
1860 gdbserver_state
.current_syscall_cb
= NULL
;
1863 if (gdb_ctx
->num_params
>= 3 && gdb_ctx
->params
[2].opcode
== (uint8_t)'C') {
1871 static void handle_step(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1873 if (gdb_ctx
->num_params
) {
1874 gdb_set_cpu_pc((target_ulong
)gdb_ctx
->params
[0].val_ull
);
1877 cpu_single_step(gdbserver_state
.c_cpu
, sstep_flags
);
1881 static void handle_v_cont_query(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1883 put_packet("vCont;c;C;s;S");
1886 static void handle_v_cont(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1890 if (!gdb_ctx
->num_params
) {
1894 res
= gdb_handle_vcont(gdb_ctx
->params
[0].data
);
1895 if ((res
== -EINVAL
) || (res
== -ERANGE
)) {
1902 static void handle_v_attach(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1904 GDBProcess
*process
;
1907 g_string_assign(gdbserver_state
.str_buf
, "E22");
1908 if (!gdb_ctx
->num_params
) {
1912 process
= gdb_get_process(gdb_ctx
->params
[0].val_ul
);
1917 cpu
= get_first_cpu_in_process(process
);
1922 process
->attached
= true;
1923 gdbserver_state
.g_cpu
= cpu
;
1924 gdbserver_state
.c_cpu
= cpu
;
1926 g_string_printf(gdbserver_state
.str_buf
, "T%02xthread:", GDB_SIGNAL_TRAP
);
1927 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
1928 g_string_append_c(gdbserver_state
.str_buf
, ';');
1933 static void handle_v_kill(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1935 /* Kill the target */
1937 error_report("QEMU: Terminated via GDBstub");
1941 static GdbCmdParseEntry gdb_v_commands_table
[] = {
1942 /* Order is important if has same prefix */
1944 .handler
= handle_v_cont_query
,
1949 .handler
= handle_v_cont
,
1951 .cmd_startswith
= 1,
1955 .handler
= handle_v_attach
,
1957 .cmd_startswith
= 1,
1961 .handler
= handle_v_kill
,
1967 static void handle_v_commands(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1969 if (!gdb_ctx
->num_params
) {
1973 if (process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
1974 gdb_v_commands_table
,
1975 ARRAY_SIZE(gdb_v_commands_table
))) {
1980 static void handle_query_qemu_sstepbits(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1982 g_string_printf(gdbserver_state
.str_buf
, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1983 SSTEP_ENABLE
, SSTEP_NOIRQ
, SSTEP_NOTIMER
);
1987 static void handle_set_qemu_sstep(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1989 if (!gdb_ctx
->num_params
) {
1993 sstep_flags
= gdb_ctx
->params
[0].val_ul
;
1997 static void handle_query_qemu_sstep(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1999 g_string_printf(gdbserver_state
.str_buf
, "0x%x", sstep_flags
);
2003 static void handle_query_curr_tid(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2006 GDBProcess
*process
;
2009 * "Current thread" remains vague in the spec, so always return
2010 * the first thread of the current process (gdb returns the
2013 process
= gdb_get_cpu_process(gdbserver_state
.g_cpu
);
2014 cpu
= get_first_cpu_in_process(process
);
2015 g_string_assign(gdbserver_state
.str_buf
, "QC");
2016 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
2020 static void handle_query_threads(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2022 if (!gdbserver_state
.query_cpu
) {
2027 g_string_assign(gdbserver_state
.str_buf
, "m");
2028 gdb_append_thread_id(gdbserver_state
.query_cpu
, gdbserver_state
.str_buf
);
2030 gdbserver_state
.query_cpu
= gdb_next_attached_cpu(gdbserver_state
.query_cpu
);
2033 static void handle_query_first_threads(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2035 gdbserver_state
.query_cpu
= gdb_first_attached_cpu();
2036 handle_query_threads(gdb_ctx
, user_ctx
);
2039 static void handle_query_thread_extra(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2041 g_autoptr(GString
) rs
= g_string_new(NULL
);
2044 if (!gdb_ctx
->num_params
||
2045 gdb_ctx
->params
[0].thread_id
.kind
== GDB_READ_THREAD_ERR
) {
2050 cpu
= gdb_get_cpu(gdb_ctx
->params
[0].thread_id
.pid
,
2051 gdb_ctx
->params
[0].thread_id
.tid
);
2056 cpu_synchronize_state(cpu
);
2058 if (gdbserver_state
.multiprocess
&& (gdbserver_state
.process_num
> 1)) {
2059 /* Print the CPU model and name in multiprocess mode */
2060 ObjectClass
*oc
= object_get_class(OBJECT(cpu
));
2061 const char *cpu_model
= object_class_get_name(oc
);
2062 const char *cpu_name
=
2063 object_get_canonical_path_component(OBJECT(cpu
));
2064 g_string_printf(rs
, "%s %s [%s]", cpu_model
, cpu_name
,
2065 cpu
->halted
? "halted " : "running");
2067 g_string_printf(rs
, "CPU#%d [%s]", cpu
->cpu_index
,
2068 cpu
->halted
? "halted " : "running");
2070 trace_gdbstub_op_extra_info(rs
->str
);
2071 memtohex(gdbserver_state
.str_buf
, (uint8_t *)rs
->str
, rs
->len
);
2075 #ifdef CONFIG_USER_ONLY
2076 static void handle_query_offsets(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2080 ts
= gdbserver_state
.c_cpu
->opaque
;
2081 g_string_printf(gdbserver_state
.str_buf
,
2082 "Text=" TARGET_ABI_FMT_lx
2083 ";Data=" TARGET_ABI_FMT_lx
2084 ";Bss=" TARGET_ABI_FMT_lx
,
2085 ts
->info
->code_offset
,
2086 ts
->info
->data_offset
,
2087 ts
->info
->data_offset
);
2091 static void handle_query_rcmd(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2093 const guint8 zero
= 0;
2096 if (!gdb_ctx
->num_params
) {
2101 len
= strlen(gdb_ctx
->params
[0].data
);
2107 g_assert(gdbserver_state
.mem_buf
->len
== 0);
2109 hextomem(gdbserver_state
.mem_buf
, gdb_ctx
->params
[0].data
, len
);
2110 g_byte_array_append(gdbserver_state
.mem_buf
, &zero
, 1);
2111 qemu_chr_be_write(gdbserver_state
.mon_chr
, gdbserver_state
.mem_buf
->data
,
2112 gdbserver_state
.mem_buf
->len
);
2117 static void handle_query_supported(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2121 g_string_printf(gdbserver_state
.str_buf
, "PacketSize=%x", MAX_PACKET_LENGTH
);
2122 cc
= CPU_GET_CLASS(first_cpu
);
2123 if (cc
->gdb_core_xml_file
) {
2124 g_string_append(gdbserver_state
.str_buf
, ";qXfer:features:read+");
2127 if (gdb_ctx
->num_params
&&
2128 strstr(gdb_ctx
->params
[0].data
, "multiprocess+")) {
2129 gdbserver_state
.multiprocess
= true;
2132 g_string_append(gdbserver_state
.str_buf
, ";vContSupported+;multiprocess+");
2136 static void handle_query_xfer_features(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2138 GDBProcess
*process
;
2140 unsigned long len
, total_len
, addr
;
2144 if (gdb_ctx
->num_params
< 3) {
2149 process
= gdb_get_cpu_process(gdbserver_state
.g_cpu
);
2150 cc
= CPU_GET_CLASS(gdbserver_state
.g_cpu
);
2151 if (!cc
->gdb_core_xml_file
) {
2157 p
= gdb_ctx
->params
[0].data
;
2158 xml
= get_feature_xml(p
, &p
, process
);
2164 addr
= gdb_ctx
->params
[1].val_ul
;
2165 len
= gdb_ctx
->params
[2].val_ul
;
2166 total_len
= strlen(xml
);
2167 if (addr
> total_len
) {
2172 if (len
> (MAX_PACKET_LENGTH
- 5) / 2) {
2173 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2176 if (len
< total_len
- addr
) {
2177 g_string_assign(gdbserver_state
.str_buf
, "m");
2178 memtox(gdbserver_state
.str_buf
, xml
+ addr
, len
);
2180 g_string_assign(gdbserver_state
.str_buf
, "l");
2181 memtox(gdbserver_state
.str_buf
, xml
+ addr
, total_len
- addr
);
2184 put_packet_binary(gdbserver_state
.str_buf
->str
,
2185 gdbserver_state
.str_buf
->len
, true);
2188 static void handle_query_attached(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2190 put_packet(GDB_ATTACHED
);
2193 static void handle_query_qemu_supported(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2195 g_string_printf(gdbserver_state
.str_buf
, "sstepbits;sstep");
2196 #ifndef CONFIG_USER_ONLY
2197 g_string_append(gdbserver_state
.str_buf
, ";PhyMemMode");
2202 #ifndef CONFIG_USER_ONLY
2203 static void handle_query_qemu_phy_mem_mode(GdbCmdContext
*gdb_ctx
,
2206 g_string_printf(gdbserver_state
.str_buf
, "%d", phy_memory_mode
);
2210 static void handle_set_qemu_phy_mem_mode(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2212 if (!gdb_ctx
->num_params
) {
2217 if (!gdb_ctx
->params
[0].val_ul
) {
2218 phy_memory_mode
= 0;
2220 phy_memory_mode
= 1;
2226 static GdbCmdParseEntry gdb_gen_query_set_common_table
[] = {
2227 /* Order is important if has same prefix */
2229 .handler
= handle_query_qemu_sstepbits
,
2230 .cmd
= "qemu.sstepbits",
2233 .handler
= handle_query_qemu_sstep
,
2234 .cmd
= "qemu.sstep",
2237 .handler
= handle_set_qemu_sstep
,
2238 .cmd
= "qemu.sstep=",
2239 .cmd_startswith
= 1,
2244 static GdbCmdParseEntry gdb_gen_query_table
[] = {
2246 .handler
= handle_query_curr_tid
,
2250 .handler
= handle_query_threads
,
2251 .cmd
= "sThreadInfo",
2254 .handler
= handle_query_first_threads
,
2255 .cmd
= "fThreadInfo",
2258 .handler
= handle_query_thread_extra
,
2259 .cmd
= "ThreadExtraInfo,",
2260 .cmd_startswith
= 1,
2263 #ifdef CONFIG_USER_ONLY
2265 .handler
= handle_query_offsets
,
2270 .handler
= handle_query_rcmd
,
2272 .cmd_startswith
= 1,
2277 .handler
= handle_query_supported
,
2278 .cmd
= "Supported:",
2279 .cmd_startswith
= 1,
2283 .handler
= handle_query_supported
,
2288 .handler
= handle_query_xfer_features
,
2289 .cmd
= "Xfer:features:read:",
2290 .cmd_startswith
= 1,
2294 .handler
= handle_query_attached
,
2299 .handler
= handle_query_attached
,
2303 .handler
= handle_query_qemu_supported
,
2304 .cmd
= "qemu.Supported",
2306 #ifndef CONFIG_USER_ONLY
2308 .handler
= handle_query_qemu_phy_mem_mode
,
2309 .cmd
= "qemu.PhyMemMode",
2314 static GdbCmdParseEntry gdb_gen_set_table
[] = {
2315 /* Order is important if has same prefix */
2317 .handler
= handle_set_qemu_sstep
,
2318 .cmd
= "qemu.sstep:",
2319 .cmd_startswith
= 1,
2322 #ifndef CONFIG_USER_ONLY
2324 .handler
= handle_set_qemu_phy_mem_mode
,
2325 .cmd
= "qemu.PhyMemMode:",
2326 .cmd_startswith
= 1,
2332 static void handle_gen_query(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2334 if (!gdb_ctx
->num_params
) {
2338 if (!process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2339 gdb_gen_query_set_common_table
,
2340 ARRAY_SIZE(gdb_gen_query_set_common_table
))) {
2344 if (process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2345 gdb_gen_query_table
,
2346 ARRAY_SIZE(gdb_gen_query_table
))) {
2351 static void handle_gen_set(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2353 if (!gdb_ctx
->num_params
) {
2357 if (!process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2358 gdb_gen_query_set_common_table
,
2359 ARRAY_SIZE(gdb_gen_query_set_common_table
))) {
2363 if (process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2365 ARRAY_SIZE(gdb_gen_set_table
))) {
2370 static void handle_target_halt(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2372 g_string_printf(gdbserver_state
.str_buf
, "T%02xthread:", GDB_SIGNAL_TRAP
);
2373 gdb_append_thread_id(gdbserver_state
.c_cpu
, gdbserver_state
.str_buf
);
2374 g_string_append_c(gdbserver_state
.str_buf
, ';');
2377 * Remove all the breakpoints when this query is issued,
2378 * because gdb is doing an initial connect and the state
2379 * should be cleaned up.
2381 gdb_breakpoint_remove_all();
2384 static int gdb_handle_packet(const char *line_buf
)
2386 const GdbCmdParseEntry
*cmd_parser
= NULL
;
2388 trace_gdbstub_io_command(line_buf
);
2390 switch (line_buf
[0]) {
2396 static const GdbCmdParseEntry target_halted_cmd_desc
= {
2397 .handler
= handle_target_halt
,
2401 cmd_parser
= &target_halted_cmd_desc
;
2406 static const GdbCmdParseEntry continue_cmd_desc
= {
2407 .handler
= handle_continue
,
2409 .cmd_startswith
= 1,
2412 cmd_parser
= &continue_cmd_desc
;
2417 static const GdbCmdParseEntry cont_with_sig_cmd_desc
= {
2418 .handler
= handle_cont_with_sig
,
2420 .cmd_startswith
= 1,
2423 cmd_parser
= &cont_with_sig_cmd_desc
;
2428 static const GdbCmdParseEntry v_cmd_desc
= {
2429 .handler
= handle_v_commands
,
2431 .cmd_startswith
= 1,
2434 cmd_parser
= &v_cmd_desc
;
2438 /* Kill the target */
2439 error_report("QEMU: Terminated via GDBstub");
2443 static const GdbCmdParseEntry detach_cmd_desc
= {
2444 .handler
= handle_detach
,
2446 .cmd_startswith
= 1,
2449 cmd_parser
= &detach_cmd_desc
;
2454 static const GdbCmdParseEntry step_cmd_desc
= {
2455 .handler
= handle_step
,
2457 .cmd_startswith
= 1,
2460 cmd_parser
= &step_cmd_desc
;
2465 static const GdbCmdParseEntry file_io_cmd_desc
= {
2466 .handler
= handle_file_io
,
2468 .cmd_startswith
= 1,
2471 cmd_parser
= &file_io_cmd_desc
;
2476 static const GdbCmdParseEntry read_all_regs_cmd_desc
= {
2477 .handler
= handle_read_all_regs
,
2481 cmd_parser
= &read_all_regs_cmd_desc
;
2486 static const GdbCmdParseEntry write_all_regs_cmd_desc
= {
2487 .handler
= handle_write_all_regs
,
2489 .cmd_startswith
= 1,
2492 cmd_parser
= &write_all_regs_cmd_desc
;
2497 static const GdbCmdParseEntry read_mem_cmd_desc
= {
2498 .handler
= handle_read_mem
,
2500 .cmd_startswith
= 1,
2503 cmd_parser
= &read_mem_cmd_desc
;
2508 static const GdbCmdParseEntry write_mem_cmd_desc
= {
2509 .handler
= handle_write_mem
,
2511 .cmd_startswith
= 1,
2514 cmd_parser
= &write_mem_cmd_desc
;
2519 static const GdbCmdParseEntry get_reg_cmd_desc
= {
2520 .handler
= handle_get_reg
,
2522 .cmd_startswith
= 1,
2525 cmd_parser
= &get_reg_cmd_desc
;
2530 static const GdbCmdParseEntry set_reg_cmd_desc
= {
2531 .handler
= handle_set_reg
,
2533 .cmd_startswith
= 1,
2536 cmd_parser
= &set_reg_cmd_desc
;
2541 static const GdbCmdParseEntry insert_bp_cmd_desc
= {
2542 .handler
= handle_insert_bp
,
2544 .cmd_startswith
= 1,
2547 cmd_parser
= &insert_bp_cmd_desc
;
2552 static const GdbCmdParseEntry remove_bp_cmd_desc
= {
2553 .handler
= handle_remove_bp
,
2555 .cmd_startswith
= 1,
2558 cmd_parser
= &remove_bp_cmd_desc
;
2563 static const GdbCmdParseEntry set_thread_cmd_desc
= {
2564 .handler
= handle_set_thread
,
2566 .cmd_startswith
= 1,
2569 cmd_parser
= &set_thread_cmd_desc
;
2574 static const GdbCmdParseEntry thread_alive_cmd_desc
= {
2575 .handler
= handle_thread_alive
,
2577 .cmd_startswith
= 1,
2580 cmd_parser
= &thread_alive_cmd_desc
;
2585 static const GdbCmdParseEntry gen_query_cmd_desc
= {
2586 .handler
= handle_gen_query
,
2588 .cmd_startswith
= 1,
2591 cmd_parser
= &gen_query_cmd_desc
;
2596 static const GdbCmdParseEntry gen_set_cmd_desc
= {
2597 .handler
= handle_gen_set
,
2599 .cmd_startswith
= 1,
2602 cmd_parser
= &gen_set_cmd_desc
;
2606 /* put empty packet */
2612 run_cmd_parser(line_buf
, cmd_parser
);
2618 void gdb_set_stop_cpu(CPUState
*cpu
)
2620 GDBProcess
*p
= gdb_get_cpu_process(cpu
);
2624 * Having a stop CPU corresponding to a process that is not attached
2625 * confuses GDB. So we ignore the request.
2630 gdbserver_state
.c_cpu
= cpu
;
2631 gdbserver_state
.g_cpu
= cpu
;
2634 #ifndef CONFIG_USER_ONLY
2635 static void gdb_vm_state_change(void *opaque
, int running
, RunState state
)
2637 CPUState
*cpu
= gdbserver_state
.c_cpu
;
2638 g_autoptr(GString
) buf
= g_string_new(NULL
);
2639 g_autoptr(GString
) tid
= g_string_new(NULL
);
2643 if (running
|| gdbserver_state
.state
== RS_INACTIVE
) {
2646 /* Is there a GDB syscall waiting to be sent? */
2647 if (gdbserver_state
.current_syscall_cb
) {
2648 put_packet(gdbserver_state
.syscall_buf
);
2653 /* No process attached */
2657 gdb_append_thread_id(cpu
, tid
);
2660 case RUN_STATE_DEBUG
:
2661 if (cpu
->watchpoint_hit
) {
2662 switch (cpu
->watchpoint_hit
->flags
& BP_MEM_ACCESS
) {
2673 trace_gdbstub_hit_watchpoint(type
, cpu_gdb_index(cpu
),
2674 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
2675 g_string_printf(buf
, "T%02xthread:%s;%swatch:" TARGET_FMT_lx
";",
2676 GDB_SIGNAL_TRAP
, tid
->str
, type
,
2677 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
2678 cpu
->watchpoint_hit
= NULL
;
2681 trace_gdbstub_hit_break();
2684 ret
= GDB_SIGNAL_TRAP
;
2686 case RUN_STATE_PAUSED
:
2687 trace_gdbstub_hit_paused();
2688 ret
= GDB_SIGNAL_INT
;
2690 case RUN_STATE_SHUTDOWN
:
2691 trace_gdbstub_hit_shutdown();
2692 ret
= GDB_SIGNAL_QUIT
;
2694 case RUN_STATE_IO_ERROR
:
2695 trace_gdbstub_hit_io_error();
2696 ret
= GDB_SIGNAL_IO
;
2698 case RUN_STATE_WATCHDOG
:
2699 trace_gdbstub_hit_watchdog();
2700 ret
= GDB_SIGNAL_ALRM
;
2702 case RUN_STATE_INTERNAL_ERROR
:
2703 trace_gdbstub_hit_internal_error();
2704 ret
= GDB_SIGNAL_ABRT
;
2706 case RUN_STATE_SAVE_VM
:
2707 case RUN_STATE_RESTORE_VM
:
2709 case RUN_STATE_FINISH_MIGRATE
:
2710 ret
= GDB_SIGNAL_XCPU
;
2713 trace_gdbstub_hit_unknown(state
);
2714 ret
= GDB_SIGNAL_UNKNOWN
;
2717 gdb_set_stop_cpu(cpu
);
2718 g_string_printf(buf
, "T%02xthread:%s;", ret
, tid
->str
);
2721 put_packet(buf
->str
);
2723 /* disable single step if it was enabled */
2724 cpu_single_step(cpu
, 0);
2728 /* Send a gdb syscall request.
2729 This accepts limited printf-style format specifiers, specifically:
2730 %x - target_ulong argument printed in hex.
2731 %lx - 64-bit argument printed in hex.
2732 %s - string pointer (target_ulong) and length (int) pair. */
2733 void gdb_do_syscallv(gdb_syscall_complete_cb cb
, const char *fmt
, va_list va
)
2740 if (!gdbserver_state
.init
) {
2744 gdbserver_state
.current_syscall_cb
= cb
;
2745 #ifndef CONFIG_USER_ONLY
2746 vm_stop(RUN_STATE_DEBUG
);
2748 p
= &gdbserver_state
.syscall_buf
[0];
2749 p_end
= &gdbserver_state
.syscall_buf
[sizeof(gdbserver_state
.syscall_buf
)];
2756 addr
= va_arg(va
, target_ulong
);
2757 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
, addr
);
2760 if (*(fmt
++) != 'x')
2762 i64
= va_arg(va
, uint64_t);
2763 p
+= snprintf(p
, p_end
- p
, "%" PRIx64
, i64
);
2766 addr
= va_arg(va
, target_ulong
);
2767 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
"/%x",
2768 addr
, va_arg(va
, int));
2772 error_report("gdbstub: Bad syscall format string '%s'",
2781 #ifdef CONFIG_USER_ONLY
2782 put_packet(gdbserver_state
.syscall_buf
);
2783 /* Return control to gdb for it to process the syscall request.
2784 * Since the protocol requires that gdb hands control back to us
2785 * using a "here are the results" F packet, we don't need to check
2786 * gdb_handlesig's return value (which is the signal to deliver if
2787 * execution was resumed via a continue packet).
2789 gdb_handlesig(gdbserver_state
.c_cpu
, 0);
2791 /* In this case wait to send the syscall packet until notification that
2792 the CPU has stopped. This must be done because if the packet is sent
2793 now the reply from the syscall request could be received while the CPU
2794 is still in the running state, which can cause packets to be dropped
2795 and state transition 'T' packets to be sent while the syscall is still
2797 qemu_cpu_kick(gdbserver_state
.c_cpu
);
2801 void gdb_do_syscall(gdb_syscall_complete_cb cb
, const char *fmt
, ...)
2806 gdb_do_syscallv(cb
, fmt
, va
);
2810 static void gdb_read_byte(uint8_t ch
)
2814 #ifndef CONFIG_USER_ONLY
2815 if (gdbserver_state
.last_packet
->len
) {
2816 /* Waiting for a response to the last packet. If we see the start
2817 of a new command then abandon the previous response. */
2819 trace_gdbstub_err_got_nack();
2820 put_buffer(gdbserver_state
.last_packet
->data
,
2821 gdbserver_state
.last_packet
->len
);
2822 } else if (ch
== '+') {
2823 trace_gdbstub_io_got_ack();
2825 trace_gdbstub_io_got_unexpected(ch
);
2828 if (ch
== '+' || ch
== '$') {
2829 g_byte_array_set_size(gdbserver_state
.last_packet
, 0);
2834 if (runstate_is_running()) {
2835 /* when the CPU is running, we cannot do anything except stop
2836 it when receiving a char */
2837 vm_stop(RUN_STATE_PAUSED
);
2841 switch(gdbserver_state
.state
) {
2844 /* start of command packet */
2845 gdbserver_state
.line_buf_index
= 0;
2846 gdbserver_state
.line_sum
= 0;
2847 gdbserver_state
.state
= RS_GETLINE
;
2849 trace_gdbstub_err_garbage(ch
);
2854 /* start escape sequence */
2855 gdbserver_state
.state
= RS_GETLINE_ESC
;
2856 gdbserver_state
.line_sum
+= ch
;
2857 } else if (ch
== '*') {
2858 /* start run length encoding sequence */
2859 gdbserver_state
.state
= RS_GETLINE_RLE
;
2860 gdbserver_state
.line_sum
+= ch
;
2861 } else if (ch
== '#') {
2862 /* end of command, start of checksum*/
2863 gdbserver_state
.state
= RS_CHKSUM1
;
2864 } else if (gdbserver_state
.line_buf_index
>= sizeof(gdbserver_state
.line_buf
) - 1) {
2865 trace_gdbstub_err_overrun();
2866 gdbserver_state
.state
= RS_IDLE
;
2868 /* unescaped command character */
2869 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
++] = ch
;
2870 gdbserver_state
.line_sum
+= ch
;
2873 case RS_GETLINE_ESC
:
2875 /* unexpected end of command in escape sequence */
2876 gdbserver_state
.state
= RS_CHKSUM1
;
2877 } else if (gdbserver_state
.line_buf_index
>= sizeof(gdbserver_state
.line_buf
) - 1) {
2878 /* command buffer overrun */
2879 trace_gdbstub_err_overrun();
2880 gdbserver_state
.state
= RS_IDLE
;
2882 /* parse escaped character and leave escape state */
2883 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
++] = ch
^ 0x20;
2884 gdbserver_state
.line_sum
+= ch
;
2885 gdbserver_state
.state
= RS_GETLINE
;
2888 case RS_GETLINE_RLE
:
2890 * Run-length encoding is explained in "Debugging with GDB /
2891 * Appendix E GDB Remote Serial Protocol / Overview".
2893 if (ch
< ' ' || ch
== '#' || ch
== '$' || ch
> 126) {
2894 /* invalid RLE count encoding */
2895 trace_gdbstub_err_invalid_repeat(ch
);
2896 gdbserver_state
.state
= RS_GETLINE
;
2898 /* decode repeat length */
2899 int repeat
= ch
- ' ' + 3;
2900 if (gdbserver_state
.line_buf_index
+ repeat
>= sizeof(gdbserver_state
.line_buf
) - 1) {
2901 /* that many repeats would overrun the command buffer */
2902 trace_gdbstub_err_overrun();
2903 gdbserver_state
.state
= RS_IDLE
;
2904 } else if (gdbserver_state
.line_buf_index
< 1) {
2905 /* got a repeat but we have nothing to repeat */
2906 trace_gdbstub_err_invalid_rle();
2907 gdbserver_state
.state
= RS_GETLINE
;
2909 /* repeat the last character */
2910 memset(gdbserver_state
.line_buf
+ gdbserver_state
.line_buf_index
,
2911 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
- 1], repeat
);
2912 gdbserver_state
.line_buf_index
+= repeat
;
2913 gdbserver_state
.line_sum
+= ch
;
2914 gdbserver_state
.state
= RS_GETLINE
;
2919 /* get high hex digit of checksum */
2920 if (!isxdigit(ch
)) {
2921 trace_gdbstub_err_checksum_invalid(ch
);
2922 gdbserver_state
.state
= RS_GETLINE
;
2925 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
] = '\0';
2926 gdbserver_state
.line_csum
= fromhex(ch
) << 4;
2927 gdbserver_state
.state
= RS_CHKSUM2
;
2930 /* get low hex digit of checksum */
2931 if (!isxdigit(ch
)) {
2932 trace_gdbstub_err_checksum_invalid(ch
);
2933 gdbserver_state
.state
= RS_GETLINE
;
2936 gdbserver_state
.line_csum
|= fromhex(ch
);
2938 if (gdbserver_state
.line_csum
!= (gdbserver_state
.line_sum
& 0xff)) {
2939 trace_gdbstub_err_checksum_incorrect(gdbserver_state
.line_sum
, gdbserver_state
.line_csum
);
2940 /* send NAK reply */
2942 put_buffer(&reply
, 1);
2943 gdbserver_state
.state
= RS_IDLE
;
2945 /* send ACK reply */
2947 put_buffer(&reply
, 1);
2948 gdbserver_state
.state
= gdb_handle_packet(gdbserver_state
.line_buf
);
2957 /* Tell the remote gdb that the process has exited. */
2958 void gdb_exit(CPUArchState
*env
, int code
)
2962 if (!gdbserver_state
.init
) {
2965 #ifdef CONFIG_USER_ONLY
2966 if (gdbserver_state
.socket_path
) {
2967 unlink(gdbserver_state
.socket_path
);
2969 if (gdbserver_state
.fd
< 0) {
2974 trace_gdbstub_op_exiting((uint8_t)code
);
2976 snprintf(buf
, sizeof(buf
), "W%02x", (uint8_t)code
);
2979 #ifndef CONFIG_USER_ONLY
2980 qemu_chr_fe_deinit(&gdbserver_state
.chr
, true);
2985 * Create the process that will contain all the "orphan" CPUs (that are not
2986 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2987 * be attachable and thus will be invisible to the user.
2989 static void create_default_process(GDBState
*s
)
2991 GDBProcess
*process
;
2994 if (gdbserver_state
.process_num
) {
2995 max_pid
= s
->processes
[s
->process_num
- 1].pid
;
2998 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
2999 process
= &s
->processes
[s
->process_num
- 1];
3001 /* We need an available PID slot for this process */
3002 assert(max_pid
< UINT32_MAX
);
3004 process
->pid
= max_pid
+ 1;
3005 process
->attached
= false;
3006 process
->target_xml
[0] = '\0';
3009 #ifdef CONFIG_USER_ONLY
3011 gdb_handlesig(CPUState
*cpu
, int sig
)
3016 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3020 /* disable single step if it was enabled */
3021 cpu_single_step(cpu
, 0);
3025 snprintf(buf
, sizeof(buf
), "S%02x", target_signal_to_gdb(sig
));
3028 /* put_packet() might have detected that the peer terminated the
3030 if (gdbserver_state
.fd
< 0) {
3035 gdbserver_state
.state
= RS_IDLE
;
3036 gdbserver_state
.running_state
= 0;
3037 while (gdbserver_state
.running_state
== 0) {
3038 n
= read(gdbserver_state
.fd
, buf
, 256);
3042 for (i
= 0; i
< n
; i
++) {
3043 gdb_read_byte(buf
[i
]);
3046 /* XXX: Connection closed. Should probably wait for another
3047 connection before continuing. */
3049 close(gdbserver_state
.fd
);
3051 gdbserver_state
.fd
= -1;
3055 sig
= gdbserver_state
.signal
;
3056 gdbserver_state
.signal
= 0;
3060 /* Tell the remote gdb that the process has exited due to SIG. */
3061 void gdb_signalled(CPUArchState
*env
, int sig
)
3065 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3069 snprintf(buf
, sizeof(buf
), "X%02x", target_signal_to_gdb(sig
));
3073 static void gdb_accept_init(int fd
)
3075 init_gdbserver_state();
3076 create_default_process(&gdbserver_state
);
3077 gdbserver_state
.processes
[0].attached
= true;
3078 gdbserver_state
.c_cpu
= gdb_first_attached_cpu();
3079 gdbserver_state
.g_cpu
= gdbserver_state
.c_cpu
;
3080 gdbserver_state
.fd
= fd
;
3081 gdb_has_xml
= false;
3084 static bool gdb_accept_socket(int gdb_fd
)
3089 fd
= accept(gdb_fd
, NULL
, NULL
);
3090 if (fd
< 0 && errno
!= EINTR
) {
3091 perror("accept socket");
3093 } else if (fd
>= 0) {
3094 qemu_set_cloexec(fd
);
3099 gdb_accept_init(fd
);
3103 static int gdbserver_open_socket(const char *path
)
3105 struct sockaddr_un sockaddr
;
3108 fd
= socket(AF_UNIX
, SOCK_STREAM
, 0);
3110 perror("create socket");
3114 sockaddr
.sun_family
= AF_UNIX
;
3115 pstrcpy(sockaddr
.sun_path
, sizeof(sockaddr
.sun_path
) - 1, path
);
3116 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
3118 perror("bind socket");
3122 ret
= listen(fd
, 1);
3124 perror("listen socket");
3132 static bool gdb_accept_tcp(int gdb_fd
)
3134 struct sockaddr_in sockaddr
;
3139 len
= sizeof(sockaddr
);
3140 fd
= accept(gdb_fd
, (struct sockaddr
*)&sockaddr
, &len
);
3141 if (fd
< 0 && errno
!= EINTR
) {
3144 } else if (fd
>= 0) {
3145 qemu_set_cloexec(fd
);
3150 /* set short latency */
3151 if (socket_set_nodelay(fd
)) {
3152 perror("setsockopt");
3157 gdb_accept_init(fd
);
3161 static int gdbserver_open_port(int port
)
3163 struct sockaddr_in sockaddr
;
3166 fd
= socket(PF_INET
, SOCK_STREAM
, 0);
3171 qemu_set_cloexec(fd
);
3173 socket_set_fast_reuse(fd
);
3175 sockaddr
.sin_family
= AF_INET
;
3176 sockaddr
.sin_port
= htons(port
);
3177 sockaddr
.sin_addr
.s_addr
= 0;
3178 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
3184 ret
= listen(fd
, 1);
3194 int gdbserver_start(const char *port_or_path
)
3196 int port
= g_ascii_strtoull(port_or_path
, NULL
, 10);
3200 gdb_fd
= gdbserver_open_port(port
);
3202 gdb_fd
= gdbserver_open_socket(port_or_path
);
3209 if (port
> 0 && gdb_accept_tcp(gdb_fd
)) {
3211 } else if (gdb_accept_socket(gdb_fd
)) {
3212 gdbserver_state
.socket_path
= g_strdup(port_or_path
);
3221 /* Disable gdb stub for child processes. */
3222 void gdbserver_fork(CPUState
*cpu
)
3224 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3227 close(gdbserver_state
.fd
);
3228 gdbserver_state
.fd
= -1;
3229 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
3230 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
3233 static int gdb_chr_can_receive(void *opaque
)
3235 /* We can handle an arbitrarily large amount of data.
3236 Pick the maximum packet size, which is as good as anything. */
3237 return MAX_PACKET_LENGTH
;
3240 static void gdb_chr_receive(void *opaque
, const uint8_t *buf
, int size
)
3244 for (i
= 0; i
< size
; i
++) {
3245 gdb_read_byte(buf
[i
]);
3249 static void gdb_chr_event(void *opaque
, QEMUChrEvent event
)
3252 GDBState
*s
= (GDBState
*) opaque
;
3255 case CHR_EVENT_OPENED
:
3256 /* Start with first process attached, others detached */
3257 for (i
= 0; i
< s
->process_num
; i
++) {
3258 s
->processes
[i
].attached
= !i
;
3261 s
->c_cpu
= gdb_first_attached_cpu();
3262 s
->g_cpu
= s
->c_cpu
;
3264 vm_stop(RUN_STATE_PAUSED
);
3265 gdb_has_xml
= false;
3272 static int gdb_monitor_write(Chardev
*chr
, const uint8_t *buf
, int len
)
3274 g_autoptr(GString
) hex_buf
= g_string_new("O");
3275 memtohex(hex_buf
, buf
, len
);
3276 put_packet(hex_buf
->str
);
3281 static void gdb_sigterm_handler(int signal
)
3283 if (runstate_is_running()) {
3284 vm_stop(RUN_STATE_PAUSED
);
3289 static void gdb_monitor_open(Chardev
*chr
, ChardevBackend
*backend
,
3290 bool *be_opened
, Error
**errp
)
3295 static void char_gdb_class_init(ObjectClass
*oc
, void *data
)
3297 ChardevClass
*cc
= CHARDEV_CLASS(oc
);
3299 cc
->internal
= true;
3300 cc
->open
= gdb_monitor_open
;
3301 cc
->chr_write
= gdb_monitor_write
;
3304 #define TYPE_CHARDEV_GDB "chardev-gdb"
3306 static const TypeInfo char_gdb_type_info
= {
3307 .name
= TYPE_CHARDEV_GDB
,
3308 .parent
= TYPE_CHARDEV
,
3309 .class_init
= char_gdb_class_init
,
3312 static int find_cpu_clusters(Object
*child
, void *opaque
)
3314 if (object_dynamic_cast(child
, TYPE_CPU_CLUSTER
)) {
3315 GDBState
*s
= (GDBState
*) opaque
;
3316 CPUClusterState
*cluster
= CPU_CLUSTER(child
);
3317 GDBProcess
*process
;
3319 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
3321 process
= &s
->processes
[s
->process_num
- 1];
3324 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3325 * runtime, we enforce here that the machine does not use a cluster ID
3326 * that would lead to PID 0.
3328 assert(cluster
->cluster_id
!= UINT32_MAX
);
3329 process
->pid
= cluster
->cluster_id
+ 1;
3330 process
->attached
= false;
3331 process
->target_xml
[0] = '\0';
3336 return object_child_foreach(child
, find_cpu_clusters
, opaque
);
3339 static int pid_order(const void *a
, const void *b
)
3341 GDBProcess
*pa
= (GDBProcess
*) a
;
3342 GDBProcess
*pb
= (GDBProcess
*) b
;
3344 if (pa
->pid
< pb
->pid
) {
3346 } else if (pa
->pid
> pb
->pid
) {
3353 static void create_processes(GDBState
*s
)
3355 object_child_foreach(object_get_root(), find_cpu_clusters
, s
);
3357 if (gdbserver_state
.processes
) {
3359 qsort(gdbserver_state
.processes
, gdbserver_state
.process_num
, sizeof(gdbserver_state
.processes
[0]), pid_order
);
3362 create_default_process(s
);
3365 int gdbserver_start(const char *device
)
3367 trace_gdbstub_op_start(device
);
3369 char gdbstub_device_name
[128];
3370 Chardev
*chr
= NULL
;
3374 error_report("gdbstub: meaningless to attach gdb to a "
3375 "machine without any CPU.");
3381 if (strcmp(device
, "none") != 0) {
3382 if (strstart(device
, "tcp:", NULL
)) {
3383 /* enforce required TCP attributes */
3384 snprintf(gdbstub_device_name
, sizeof(gdbstub_device_name
),
3385 "%s,nowait,nodelay,server", device
);
3386 device
= gdbstub_device_name
;
3389 else if (strcmp(device
, "stdio") == 0) {
3390 struct sigaction act
;
3392 memset(&act
, 0, sizeof(act
));
3393 act
.sa_handler
= gdb_sigterm_handler
;
3394 sigaction(SIGINT
, &act
, NULL
);
3398 * FIXME: it's a bit weird to allow using a mux chardev here
3399 * and implicitly setup a monitor. We may want to break this.
3401 chr
= qemu_chr_new_noreplay("gdb", device
, true, NULL
);
3406 if (!gdbserver_state
.init
) {
3407 init_gdbserver_state();
3409 qemu_add_vm_change_state_handler(gdb_vm_state_change
, NULL
);
3411 /* Initialize a monitor terminal for gdb */
3412 mon_chr
= qemu_chardev_new(NULL
, TYPE_CHARDEV_GDB
,
3413 NULL
, NULL
, &error_abort
);
3414 monitor_init_hmp(mon_chr
, false, &error_abort
);
3416 qemu_chr_fe_deinit(&gdbserver_state
.chr
, true);
3417 mon_chr
= gdbserver_state
.mon_chr
;
3418 reset_gdbserver_state();
3421 create_processes(&gdbserver_state
);
3424 qemu_chr_fe_init(&gdbserver_state
.chr
, chr
, &error_abort
);
3425 qemu_chr_fe_set_handlers(&gdbserver_state
.chr
, gdb_chr_can_receive
,
3426 gdb_chr_receive
, gdb_chr_event
,
3427 NULL
, &gdbserver_state
, NULL
, true);
3429 gdbserver_state
.state
= chr
? RS_IDLE
: RS_INACTIVE
;
3430 gdbserver_state
.mon_chr
= mon_chr
;
3431 gdbserver_state
.current_syscall_cb
= NULL
;
3436 void gdbserver_cleanup(void)
3438 if (gdbserver_state
.init
) {
3443 static void register_types(void)
3445 type_register_static(&char_gdb_type_info
);
3448 type_init(register_types
);