4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace/trace-root.h"
34 #include "exec/gdbstub.h"
35 #ifdef CONFIG_USER_ONLY
38 #include "monitor/monitor.h"
39 #include "chardev/char.h"
40 #include "chardev/char-fe.h"
41 #include "hw/cpu/cluster.h"
42 #include "hw/boards.h"
45 #define MAX_PACKET_LENGTH 4096
47 #include "qemu/sockets.h"
48 #include "sysemu/hw_accel.h"
49 #include "sysemu/kvm.h"
50 #include "sysemu/runstate.h"
51 #include "semihosting/semihost.h"
52 #include "exec/exec-all.h"
53 #include "sysemu/replay.h"
55 #ifdef CONFIG_USER_ONLY
56 #define GDB_ATTACHED "0"
58 #define GDB_ATTACHED "1"
61 #ifndef CONFIG_USER_ONLY
62 static int phy_memory_mode
;
65 static inline int target_memory_rw_debug(CPUState
*cpu
, target_ulong addr
,
66 uint8_t *buf
, int len
, bool is_write
)
70 #ifndef CONFIG_USER_ONLY
71 if (phy_memory_mode
) {
73 cpu_physical_memory_write(addr
, buf
, len
);
75 cpu_physical_memory_read(addr
, buf
, len
);
81 cc
= CPU_GET_CLASS(cpu
);
82 if (cc
->memory_rw_debug
) {
83 return cc
->memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
85 return cpu_memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
88 /* Return the GDB index for a given vCPU state.
90 * For user mode this is simply the thread id. In system mode GDB
91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
93 static inline int cpu_gdb_index(CPUState
*cpu
)
95 #if defined(CONFIG_USER_ONLY)
96 TaskState
*ts
= (TaskState
*) cpu
->opaque
;
97 return ts
? ts
->ts_tid
: -1;
99 return cpu
->cpu_index
+ 1;
109 GDB_SIGNAL_ALRM
= 14,
111 GDB_SIGNAL_XCPU
= 24,
112 GDB_SIGNAL_UNKNOWN
= 143
115 #ifdef CONFIG_USER_ONLY
117 /* Map target signal numbers to GDB protocol signal numbers and vice
118 * versa. For user emulation's currently supported systems, we can
119 * assume most signals are defined.
122 static int gdb_signal_table
[] = {
282 /* In system mode we only need SIGINT and SIGTRAP; other signals
283 are not yet supported. */
290 static int gdb_signal_table
[] = {
300 #ifdef CONFIG_USER_ONLY
301 static int target_signal_to_gdb (int sig
)
304 for (i
= 0; i
< ARRAY_SIZE (gdb_signal_table
); i
++)
305 if (gdb_signal_table
[i
] == sig
)
307 return GDB_SIGNAL_UNKNOWN
;
311 static int gdb_signal_to_target (int sig
)
313 if (sig
< ARRAY_SIZE (gdb_signal_table
))
314 return gdb_signal_table
[sig
];
319 typedef struct GDBRegisterState
{
322 gdb_get_reg_cb get_reg
;
323 gdb_set_reg_cb set_reg
;
325 struct GDBRegisterState
*next
;
328 typedef struct GDBProcess
{
332 char target_xml
[1024];
344 typedef struct GDBState
{
345 bool init
; /* have we been initialised? */
346 CPUState
*c_cpu
; /* current CPU for step/continue ops */
347 CPUState
*g_cpu
; /* current CPU for other ops */
348 CPUState
*query_cpu
; /* for q{f|s}ThreadInfo */
349 enum RSState state
; /* parsing state */
350 char line_buf
[MAX_PACKET_LENGTH
];
352 int line_sum
; /* running checksum */
353 int line_csum
; /* checksum at the end of the packet */
354 GByteArray
*last_packet
;
356 #ifdef CONFIG_USER_ONLY
365 GDBProcess
*processes
;
367 char syscall_buf
[256];
368 gdb_syscall_complete_cb current_syscall_cb
;
372 int supported_sstep_flags
;
375 static GDBState gdbserver_state
;
377 static void init_gdbserver_state(void)
379 g_assert(!gdbserver_state
.init
);
380 memset(&gdbserver_state
, 0, sizeof(GDBState
));
381 gdbserver_state
.init
= true;
382 gdbserver_state
.str_buf
= g_string_new(NULL
);
383 gdbserver_state
.mem_buf
= g_byte_array_sized_new(MAX_PACKET_LENGTH
);
384 gdbserver_state
.last_packet
= g_byte_array_sized_new(MAX_PACKET_LENGTH
+ 4);
387 * In replay mode all events will come from the log and can't be
388 * suppressed otherwise we would break determinism. However as those
389 * events are tied to the number of executed instructions we won't see
390 * them occurring every time we single step.
392 if (replay_mode
!= REPLAY_MODE_NONE
) {
393 gdbserver_state
.supported_sstep_flags
= SSTEP_ENABLE
;
394 } else if (kvm_enabled()) {
395 gdbserver_state
.supported_sstep_flags
= kvm_get_supported_sstep_flags();
397 gdbserver_state
.supported_sstep_flags
=
398 SSTEP_ENABLE
| SSTEP_NOIRQ
| SSTEP_NOTIMER
;
402 * By default use no IRQs and no timers while single stepping so as to
403 * make single stepping like an ICE HW step.
405 gdbserver_state
.sstep_flags
= SSTEP_ENABLE
| SSTEP_NOIRQ
| SSTEP_NOTIMER
;
406 gdbserver_state
.sstep_flags
&= gdbserver_state
.supported_sstep_flags
;
410 #ifndef CONFIG_USER_ONLY
411 static void reset_gdbserver_state(void)
413 g_free(gdbserver_state
.processes
);
414 gdbserver_state
.processes
= NULL
;
415 gdbserver_state
.process_num
= 0;
421 #ifdef CONFIG_USER_ONLY
423 static int get_char(void)
429 ret
= recv(gdbserver_state
.fd
, &ch
, 1, 0);
431 if (errno
== ECONNRESET
)
432 gdbserver_state
.fd
= -1;
435 } else if (ret
== 0) {
436 close(gdbserver_state
.fd
);
437 gdbserver_state
.fd
= -1;
453 /* Decide if either remote gdb syscalls or native file IO should be used. */
454 int use_gdb_syscalls(void)
456 SemihostingTarget target
= semihosting_get_target();
457 if (target
== SEMIHOSTING_TARGET_NATIVE
) {
458 /* -semihosting-config target=native */
460 } else if (target
== SEMIHOSTING_TARGET_GDB
) {
461 /* -semihosting-config target=gdb */
465 /* -semihosting-config target=auto */
466 /* On the first call check if gdb is connected and remember. */
467 if (gdb_syscall_mode
== GDB_SYS_UNKNOWN
) {
468 gdb_syscall_mode
= gdbserver_state
.init
?
469 GDB_SYS_ENABLED
: GDB_SYS_DISABLED
;
471 return gdb_syscall_mode
== GDB_SYS_ENABLED
;
474 static bool stub_can_reverse(void)
476 #ifdef CONFIG_USER_ONLY
479 return replay_mode
== REPLAY_MODE_PLAY
;
483 /* Resume execution. */
484 static inline void gdb_continue(void)
487 #ifdef CONFIG_USER_ONLY
488 gdbserver_state
.running_state
= 1;
489 trace_gdbstub_op_continue();
491 if (!runstate_needs_reset()) {
492 trace_gdbstub_op_continue();
499 * Resume execution, per CPU actions. For user-mode emulation it's
500 * equivalent to gdb_continue.
502 static int gdb_continue_partial(char *newstates
)
506 #ifdef CONFIG_USER_ONLY
508 * This is not exactly accurate, but it's an improvement compared to the
509 * previous situation, where only one CPU would be single-stepped.
512 if (newstates
[cpu
->cpu_index
] == 's') {
513 trace_gdbstub_op_stepping(cpu
->cpu_index
);
514 cpu_single_step(cpu
, gdbserver_state
.sstep_flags
);
517 gdbserver_state
.running_state
= 1;
521 if (!runstate_needs_reset()) {
522 if (vm_prepare_start()) {
527 switch (newstates
[cpu
->cpu_index
]) {
530 break; /* nothing to do here */
532 trace_gdbstub_op_stepping(cpu
->cpu_index
);
533 cpu_single_step(cpu
, gdbserver_state
.sstep_flags
);
538 trace_gdbstub_op_continue_cpu(cpu
->cpu_index
);
549 qemu_clock_enable(QEMU_CLOCK_VIRTUAL
, true);
555 static void put_buffer(const uint8_t *buf
, int len
)
557 #ifdef CONFIG_USER_ONLY
561 ret
= send(gdbserver_state
.fd
, buf
, len
, 0);
571 /* XXX this blocks entire thread. Rewrite to use
572 * qemu_chr_fe_write and background I/O callbacks */
573 qemu_chr_fe_write_all(&gdbserver_state
.chr
, buf
, len
);
577 static inline int fromhex(int v
)
579 if (v
>= '0' && v
<= '9')
581 else if (v
>= 'A' && v
<= 'F')
583 else if (v
>= 'a' && v
<= 'f')
589 static inline int tohex(int v
)
597 /* writes 2*len+1 bytes in buf */
598 static void memtohex(GString
*buf
, const uint8_t *mem
, int len
)
601 for(i
= 0; i
< len
; i
++) {
603 g_string_append_c(buf
, tohex(c
>> 4));
604 g_string_append_c(buf
, tohex(c
& 0xf));
606 g_string_append_c(buf
, '\0');
609 static void hextomem(GByteArray
*mem
, const char *buf
, int len
)
613 for(i
= 0; i
< len
; i
++) {
614 guint8 byte
= fromhex(buf
[0]) << 4 | fromhex(buf
[1]);
615 g_byte_array_append(mem
, &byte
, 1);
620 static void hexdump(const char *buf
, int len
,
621 void (*trace_fn
)(size_t ofs
, char const *text
))
623 char line_buffer
[3 * 16 + 4 + 16 + 1];
626 for (i
= 0; i
< len
|| (i
& 0xF); ++i
) {
627 size_t byte_ofs
= i
& 15;
630 memset(line_buffer
, ' ', 3 * 16 + 4 + 16);
631 line_buffer
[3 * 16 + 4 + 16] = 0;
634 size_t col_group
= (i
>> 2) & 3;
635 size_t hex_col
= byte_ofs
* 3 + col_group
;
636 size_t txt_col
= 3 * 16 + 4 + byte_ofs
;
641 line_buffer
[hex_col
+ 0] = tohex((value
>> 4) & 0xF);
642 line_buffer
[hex_col
+ 1] = tohex((value
>> 0) & 0xF);
643 line_buffer
[txt_col
+ 0] = (value
>= ' ' && value
< 127)
649 trace_fn(i
& -16, line_buffer
);
653 /* return -1 if error, 0 if OK */
654 static int put_packet_binary(const char *buf
, int len
, bool dump
)
659 if (dump
&& trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY
)) {
660 hexdump(buf
, len
, trace_gdbstub_io_binaryreply
);
664 g_byte_array_set_size(gdbserver_state
.last_packet
, 0);
665 g_byte_array_append(gdbserver_state
.last_packet
,
666 (const uint8_t *) "$", 1);
667 g_byte_array_append(gdbserver_state
.last_packet
,
668 (const uint8_t *) buf
, len
);
670 for(i
= 0; i
< len
; i
++) {
674 footer
[1] = tohex((csum
>> 4) & 0xf);
675 footer
[2] = tohex((csum
) & 0xf);
676 g_byte_array_append(gdbserver_state
.last_packet
, footer
, 3);
678 put_buffer(gdbserver_state
.last_packet
->data
,
679 gdbserver_state
.last_packet
->len
);
681 #ifdef CONFIG_USER_ONLY
694 /* return -1 if error, 0 if OK */
695 static int put_packet(const char *buf
)
697 trace_gdbstub_io_reply(buf
);
699 return put_packet_binary(buf
, strlen(buf
), false);
702 static void put_strbuf(void)
704 put_packet(gdbserver_state
.str_buf
->str
);
707 /* Encode data using the encoding for 'x' packets. */
708 static void memtox(GString
*buf
, const char *mem
, int len
)
715 case '#': case '$': case '*': case '}':
716 g_string_append_c(buf
, '}');
717 g_string_append_c(buf
, c
^ 0x20);
720 g_string_append_c(buf
, c
);
726 static uint32_t gdb_get_cpu_pid(CPUState
*cpu
)
728 /* TODO: In user mode, we should use the task state PID */
729 if (cpu
->cluster_index
== UNASSIGNED_CLUSTER_INDEX
) {
730 /* Return the default process' PID */
731 int index
= gdbserver_state
.process_num
- 1;
732 return gdbserver_state
.processes
[index
].pid
;
734 return cpu
->cluster_index
+ 1;
737 static GDBProcess
*gdb_get_process(uint32_t pid
)
742 /* 0 means any process, we take the first one */
743 return &gdbserver_state
.processes
[0];
746 for (i
= 0; i
< gdbserver_state
.process_num
; i
++) {
747 if (gdbserver_state
.processes
[i
].pid
== pid
) {
748 return &gdbserver_state
.processes
[i
];
755 static GDBProcess
*gdb_get_cpu_process(CPUState
*cpu
)
757 return gdb_get_process(gdb_get_cpu_pid(cpu
));
760 static CPUState
*find_cpu(uint32_t thread_id
)
765 if (cpu_gdb_index(cpu
) == thread_id
) {
773 static CPUState
*get_first_cpu_in_process(GDBProcess
*process
)
778 if (gdb_get_cpu_pid(cpu
) == process
->pid
) {
786 static CPUState
*gdb_next_cpu_in_process(CPUState
*cpu
)
788 uint32_t pid
= gdb_get_cpu_pid(cpu
);
792 if (gdb_get_cpu_pid(cpu
) == pid
) {
802 /* Return the cpu following @cpu, while ignoring unattached processes. */
803 static CPUState
*gdb_next_attached_cpu(CPUState
*cpu
)
808 if (gdb_get_cpu_process(cpu
)->attached
) {
818 /* Return the first attached cpu */
819 static CPUState
*gdb_first_attached_cpu(void)
821 CPUState
*cpu
= first_cpu
;
822 GDBProcess
*process
= gdb_get_cpu_process(cpu
);
824 if (!process
->attached
) {
825 return gdb_next_attached_cpu(cpu
);
831 static CPUState
*gdb_get_cpu(uint32_t pid
, uint32_t tid
)
837 /* 0 means any process/thread, we take the first attached one */
838 return gdb_first_attached_cpu();
839 } else if (pid
&& !tid
) {
840 /* any thread in a specific process */
841 process
= gdb_get_process(pid
);
843 if (process
== NULL
) {
847 if (!process
->attached
) {
851 return get_first_cpu_in_process(process
);
853 /* a specific thread */
860 process
= gdb_get_cpu_process(cpu
);
862 if (pid
&& process
->pid
!= pid
) {
866 if (!process
->attached
) {
874 static const char *get_feature_xml(const char *p
, const char **newp
,
880 CPUState
*cpu
= get_first_cpu_in_process(process
);
881 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
884 while (p
[len
] && p
[len
] != ':')
889 if (strncmp(p
, "target.xml", len
) == 0) {
890 char *buf
= process
->target_xml
;
891 const size_t buf_sz
= sizeof(process
->target_xml
);
893 /* Generate the XML description for this CPU. */
898 "<?xml version=\"1.0\"?>"
899 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
901 if (cc
->gdb_arch_name
) {
902 gchar
*arch
= cc
->gdb_arch_name(cpu
);
903 pstrcat(buf
, buf_sz
, "<architecture>");
904 pstrcat(buf
, buf_sz
, arch
);
905 pstrcat(buf
, buf_sz
, "</architecture>");
908 pstrcat(buf
, buf_sz
, "<xi:include href=\"");
909 pstrcat(buf
, buf_sz
, cc
->gdb_core_xml_file
);
910 pstrcat(buf
, buf_sz
, "\"/>");
911 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
912 pstrcat(buf
, buf_sz
, "<xi:include href=\"");
913 pstrcat(buf
, buf_sz
, r
->xml
);
914 pstrcat(buf
, buf_sz
, "\"/>");
916 pstrcat(buf
, buf_sz
, "</target>");
920 if (cc
->gdb_get_dynamic_xml
) {
921 char *xmlname
= g_strndup(p
, len
);
922 const char *xml
= cc
->gdb_get_dynamic_xml(cpu
, xmlname
);
930 name
= xml_builtin
[i
][0];
931 if (!name
|| (strncmp(name
, p
, len
) == 0 && strlen(name
) == len
))
934 return name
? xml_builtin
[i
][1] : NULL
;
937 static int gdb_read_register(CPUState
*cpu
, GByteArray
*buf
, int reg
)
939 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
940 CPUArchState
*env
= cpu
->env_ptr
;
943 if (reg
< cc
->gdb_num_core_regs
) {
944 return cc
->gdb_read_register(cpu
, buf
, reg
);
947 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
948 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
949 return r
->get_reg(env
, buf
, reg
- r
->base_reg
);
955 static int gdb_write_register(CPUState
*cpu
, uint8_t *mem_buf
, int reg
)
957 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
958 CPUArchState
*env
= cpu
->env_ptr
;
961 if (reg
< cc
->gdb_num_core_regs
) {
962 return cc
->gdb_write_register(cpu
, mem_buf
, reg
);
965 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
966 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
967 return r
->set_reg(env
, mem_buf
, reg
- r
->base_reg
);
973 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
974 specifies the first register number and these registers are included in
975 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
976 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
979 void gdb_register_coprocessor(CPUState
*cpu
,
980 gdb_get_reg_cb get_reg
, gdb_set_reg_cb set_reg
,
981 int num_regs
, const char *xml
, int g_pos
)
984 GDBRegisterState
**p
;
988 /* Check for duplicates. */
989 if (strcmp((*p
)->xml
, xml
) == 0)
994 s
= g_new0(GDBRegisterState
, 1);
995 s
->base_reg
= cpu
->gdb_num_regs
;
996 s
->num_regs
= num_regs
;
997 s
->get_reg
= get_reg
;
998 s
->set_reg
= set_reg
;
1001 /* Add to end of list. */
1002 cpu
->gdb_num_regs
+= num_regs
;
1005 if (g_pos
!= s
->base_reg
) {
1006 error_report("Error: Bad gdb register numbering for '%s', "
1007 "expected %d got %d", xml
, g_pos
, s
->base_reg
);
1009 cpu
->gdb_num_g_regs
= cpu
->gdb_num_regs
;
1014 #ifndef CONFIG_USER_ONLY
1015 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1016 static inline int xlat_gdb_type(CPUState
*cpu
, int gdbtype
)
1018 static const int xlat
[] = {
1019 [GDB_WATCHPOINT_WRITE
] = BP_GDB
| BP_MEM_WRITE
,
1020 [GDB_WATCHPOINT_READ
] = BP_GDB
| BP_MEM_READ
,
1021 [GDB_WATCHPOINT_ACCESS
] = BP_GDB
| BP_MEM_ACCESS
,
1024 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
1025 int cputype
= xlat
[gdbtype
];
1027 if (cc
->gdb_stop_before_watchpoint
) {
1028 cputype
|= BP_STOP_BEFORE_ACCESS
;
1034 static int gdb_breakpoint_insert(int type
, target_ulong addr
, target_ulong len
)
1039 if (kvm_enabled()) {
1040 return kvm_insert_breakpoint(gdbserver_state
.c_cpu
, addr
, len
, type
);
1044 case GDB_BREAKPOINT_SW
:
1045 case GDB_BREAKPOINT_HW
:
1047 err
= cpu_breakpoint_insert(cpu
, addr
, BP_GDB
, NULL
);
1053 #ifndef CONFIG_USER_ONLY
1054 case GDB_WATCHPOINT_WRITE
:
1055 case GDB_WATCHPOINT_READ
:
1056 case GDB_WATCHPOINT_ACCESS
:
1058 err
= cpu_watchpoint_insert(cpu
, addr
, len
,
1059 xlat_gdb_type(cpu
, type
), NULL
);
1071 static int gdb_breakpoint_remove(int type
, target_ulong addr
, target_ulong len
)
1076 if (kvm_enabled()) {
1077 return kvm_remove_breakpoint(gdbserver_state
.c_cpu
, addr
, len
, type
);
1081 case GDB_BREAKPOINT_SW
:
1082 case GDB_BREAKPOINT_HW
:
1084 err
= cpu_breakpoint_remove(cpu
, addr
, BP_GDB
);
1090 #ifndef CONFIG_USER_ONLY
1091 case GDB_WATCHPOINT_WRITE
:
1092 case GDB_WATCHPOINT_READ
:
1093 case GDB_WATCHPOINT_ACCESS
:
1095 err
= cpu_watchpoint_remove(cpu
, addr
, len
,
1096 xlat_gdb_type(cpu
, type
));
1107 static inline void gdb_cpu_breakpoint_remove_all(CPUState
*cpu
)
1109 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
1110 #ifndef CONFIG_USER_ONLY
1111 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
1115 static void gdb_process_breakpoint_remove_all(GDBProcess
*p
)
1117 CPUState
*cpu
= get_first_cpu_in_process(p
);
1120 gdb_cpu_breakpoint_remove_all(cpu
);
1121 cpu
= gdb_next_cpu_in_process(cpu
);
1125 static void gdb_breakpoint_remove_all(void)
1129 if (kvm_enabled()) {
1130 kvm_remove_all_breakpoints(gdbserver_state
.c_cpu
);
1135 gdb_cpu_breakpoint_remove_all(cpu
);
1139 static void gdb_set_cpu_pc(target_ulong pc
)
1141 CPUState
*cpu
= gdbserver_state
.c_cpu
;
1143 cpu_synchronize_state(cpu
);
1144 cpu_set_pc(cpu
, pc
);
1147 static void gdb_append_thread_id(CPUState
*cpu
, GString
*buf
)
1149 if (gdbserver_state
.multiprocess
) {
1150 g_string_append_printf(buf
, "p%02x.%02x",
1151 gdb_get_cpu_pid(cpu
), cpu_gdb_index(cpu
));
1153 g_string_append_printf(buf
, "%02x", cpu_gdb_index(cpu
));
1157 typedef enum GDBThreadIdKind
{
1159 GDB_ALL_THREADS
, /* One process, all threads */
1164 static GDBThreadIdKind
read_thread_id(const char *buf
, const char **end_buf
,
1165 uint32_t *pid
, uint32_t *tid
)
1172 ret
= qemu_strtoul(buf
, &buf
, 16, &p
);
1175 return GDB_READ_THREAD_ERR
;
1184 ret
= qemu_strtoul(buf
, &buf
, 16, &t
);
1187 return GDB_READ_THREAD_ERR
;
1193 return GDB_ALL_PROCESSES
;
1201 return GDB_ALL_THREADS
;
1208 return GDB_ONE_THREAD
;
1212 * gdb_handle_vcont - Parses and handles a vCont packet.
1213 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1214 * a format error, 0 on success.
1216 static int gdb_handle_vcont(const char *p
)
1218 int res
, signal
= 0;
1223 GDBProcess
*process
;
1225 GDBThreadIdKind kind
;
1226 #ifdef CONFIG_USER_ONLY
1227 int max_cpus
= 1; /* global variable max_cpus exists only in system mode */
1230 max_cpus
= max_cpus
<= cpu
->cpu_index
? cpu
->cpu_index
+ 1 : max_cpus
;
1233 MachineState
*ms
= MACHINE(qdev_get_machine());
1234 unsigned int max_cpus
= ms
->smp
.max_cpus
;
1236 /* uninitialised CPUs stay 0 */
1237 newstates
= g_new0(char, max_cpus
);
1239 /* mark valid CPUs with 1 */
1241 newstates
[cpu
->cpu_index
] = 1;
1245 * res keeps track of what error we are returning, with -ENOTSUP meaning
1246 * that the command is unknown or unsupported, thus returning an empty
1247 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1248 * or incorrect parameters passed.
1258 if (cur_action
== 'C' || cur_action
== 'S') {
1259 cur_action
= qemu_tolower(cur_action
);
1260 res
= qemu_strtoul(p
, &p
, 16, &tmp
);
1264 signal
= gdb_signal_to_target(tmp
);
1265 } else if (cur_action
!= 'c' && cur_action
!= 's') {
1266 /* unknown/invalid/unsupported command */
1271 if (*p
== '\0' || *p
== ';') {
1273 * No thread specifier, action is on "all threads". The
1274 * specification is unclear regarding the process to act on. We
1275 * choose all processes.
1277 kind
= GDB_ALL_PROCESSES
;
1278 } else if (*p
++ == ':') {
1279 kind
= read_thread_id(p
, &p
, &pid
, &tid
);
1286 case GDB_READ_THREAD_ERR
:
1290 case GDB_ALL_PROCESSES
:
1291 cpu
= gdb_first_attached_cpu();
1293 if (newstates
[cpu
->cpu_index
] == 1) {
1294 newstates
[cpu
->cpu_index
] = cur_action
;
1297 cpu
= gdb_next_attached_cpu(cpu
);
1301 case GDB_ALL_THREADS
:
1302 process
= gdb_get_process(pid
);
1304 if (!process
->attached
) {
1309 cpu
= get_first_cpu_in_process(process
);
1311 if (newstates
[cpu
->cpu_index
] == 1) {
1312 newstates
[cpu
->cpu_index
] = cur_action
;
1315 cpu
= gdb_next_cpu_in_process(cpu
);
1319 case GDB_ONE_THREAD
:
1320 cpu
= gdb_get_cpu(pid
, tid
);
1322 /* invalid CPU/thread specified */
1328 /* only use if no previous match occourred */
1329 if (newstates
[cpu
->cpu_index
] == 1) {
1330 newstates
[cpu
->cpu_index
] = cur_action
;
1335 gdbserver_state
.signal
= signal
;
1336 gdb_continue_partial(newstates
);
1344 typedef union GdbCmdVariant
{
1347 unsigned long val_ul
;
1348 unsigned long long val_ull
;
1350 GDBThreadIdKind kind
;
1356 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i))
1358 static const char *cmd_next_param(const char *param
, const char delimiter
)
1360 static const char all_delimiters
[] = ",;:=";
1361 char curr_delimiters
[2] = {0};
1362 const char *delimiters
;
1364 if (delimiter
== '?') {
1365 delimiters
= all_delimiters
;
1366 } else if (delimiter
== '0') {
1367 return strchr(param
, '\0');
1368 } else if (delimiter
== '.' && *param
) {
1371 curr_delimiters
[0] = delimiter
;
1372 delimiters
= curr_delimiters
;
1375 param
+= strcspn(param
, delimiters
);
1382 static int cmd_parse_params(const char *data
, const char *schema
,
1385 const char *curr_schema
, *curr_data
;
1388 g_assert(params
->len
== 0);
1390 curr_schema
= schema
;
1392 while (curr_schema
[0] && curr_schema
[1] && *curr_data
) {
1393 GdbCmdVariant this_param
;
1395 switch (curr_schema
[0]) {
1397 if (qemu_strtoul(curr_data
, &curr_data
, 16,
1398 &this_param
.val_ul
)) {
1401 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1402 g_array_append_val(params
, this_param
);
1405 if (qemu_strtou64(curr_data
, &curr_data
, 16,
1406 (uint64_t *)&this_param
.val_ull
)) {
1409 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1410 g_array_append_val(params
, this_param
);
1413 this_param
.data
= curr_data
;
1414 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1415 g_array_append_val(params
, this_param
);
1418 this_param
.opcode
= *(uint8_t *)curr_data
;
1419 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1420 g_array_append_val(params
, this_param
);
1423 this_param
.thread_id
.kind
=
1424 read_thread_id(curr_data
, &curr_data
,
1425 &this_param
.thread_id
.pid
,
1426 &this_param
.thread_id
.tid
);
1427 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1428 g_array_append_val(params
, this_param
);
1431 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1442 typedef void (*GdbCmdHandler
)(GArray
*params
, void *user_ctx
);
1445 * cmd_startswith -> cmd is compared using startswith
1448 * schema definitions:
1449 * Each schema parameter entry consists of 2 chars,
1450 * the first char represents the parameter type handling
1451 * the second char represents the delimiter for the next parameter
1453 * Currently supported schema types:
1454 * 'l' -> unsigned long (stored in .val_ul)
1455 * 'L' -> unsigned long long (stored in .val_ull)
1456 * 's' -> string (stored in .data)
1457 * 'o' -> single char (stored in .opcode)
1458 * 't' -> thread id (stored in .thread_id)
1459 * '?' -> skip according to delimiter
1461 * Currently supported delimiters:
1462 * '?' -> Stop at any delimiter (",;:=\0")
1463 * '0' -> Stop at "\0"
1464 * '.' -> Skip 1 char unless reached "\0"
1465 * Any other value is treated as the delimiter value itself
1467 typedef struct GdbCmdParseEntry
{
1468 GdbCmdHandler handler
;
1470 bool cmd_startswith
;
1474 static inline int startswith(const char *string
, const char *pattern
)
1476 return !strncmp(string
, pattern
, strlen(pattern
));
1479 static int process_string_cmd(void *user_ctx
, const char *data
,
1480 const GdbCmdParseEntry
*cmds
, int num_cmds
)
1483 g_autoptr(GArray
) params
= g_array_new(false, true, sizeof(GdbCmdVariant
));
1489 for (i
= 0; i
< num_cmds
; i
++) {
1490 const GdbCmdParseEntry
*cmd
= &cmds
[i
];
1491 g_assert(cmd
->handler
&& cmd
->cmd
);
1493 if ((cmd
->cmd_startswith
&& !startswith(data
, cmd
->cmd
)) ||
1494 (!cmd
->cmd_startswith
&& strcmp(cmd
->cmd
, data
))) {
1499 if (cmd_parse_params(&data
[strlen(cmd
->cmd
)],
1500 cmd
->schema
, params
)) {
1505 cmd
->handler(params
, user_ctx
);
1512 static void run_cmd_parser(const char *data
, const GdbCmdParseEntry
*cmd
)
1518 g_string_set_size(gdbserver_state
.str_buf
, 0);
1519 g_byte_array_set_size(gdbserver_state
.mem_buf
, 0);
1521 /* In case there was an error during the command parsing we must
1522 * send a NULL packet to indicate the command is not supported */
1523 if (process_string_cmd(NULL
, data
, cmd
, 1)) {
1528 static void handle_detach(GArray
*params
, void *user_ctx
)
1530 GDBProcess
*process
;
1533 if (gdbserver_state
.multiprocess
) {
1539 pid
= get_param(params
, 0)->val_ul
;
1542 process
= gdb_get_process(pid
);
1543 gdb_process_breakpoint_remove_all(process
);
1544 process
->attached
= false;
1546 if (pid
== gdb_get_cpu_pid(gdbserver_state
.c_cpu
)) {
1547 gdbserver_state
.c_cpu
= gdb_first_attached_cpu();
1550 if (pid
== gdb_get_cpu_pid(gdbserver_state
.g_cpu
)) {
1551 gdbserver_state
.g_cpu
= gdb_first_attached_cpu();
1554 if (!gdbserver_state
.c_cpu
) {
1555 /* No more process attached */
1556 gdb_syscall_mode
= GDB_SYS_DISABLED
;
1562 static void handle_thread_alive(GArray
*params
, void *user_ctx
)
1571 if (get_param(params
, 0)->thread_id
.kind
== GDB_READ_THREAD_ERR
) {
1576 cpu
= gdb_get_cpu(get_param(params
, 0)->thread_id
.pid
,
1577 get_param(params
, 0)->thread_id
.tid
);
1586 static void handle_continue(GArray
*params
, void *user_ctx
)
1589 gdb_set_cpu_pc(get_param(params
, 0)->val_ull
);
1592 gdbserver_state
.signal
= 0;
1596 static void handle_cont_with_sig(GArray
*params
, void *user_ctx
)
1598 unsigned long signal
= 0;
1601 * Note: C sig;[addr] is currently unsupported and we simply
1602 * omit the addr parameter
1605 signal
= get_param(params
, 0)->val_ul
;
1608 gdbserver_state
.signal
= gdb_signal_to_target(signal
);
1609 if (gdbserver_state
.signal
== -1) {
1610 gdbserver_state
.signal
= 0;
1615 static void handle_set_thread(GArray
*params
, void *user_ctx
)
1619 if (params
->len
!= 2) {
1624 if (get_param(params
, 1)->thread_id
.kind
== GDB_READ_THREAD_ERR
) {
1629 if (get_param(params
, 1)->thread_id
.kind
!= GDB_ONE_THREAD
) {
1634 cpu
= gdb_get_cpu(get_param(params
, 1)->thread_id
.pid
,
1635 get_param(params
, 1)->thread_id
.tid
);
1642 * Note: This command is deprecated and modern gdb's will be using the
1643 * vCont command instead.
1645 switch (get_param(params
, 0)->opcode
) {
1647 gdbserver_state
.c_cpu
= cpu
;
1651 gdbserver_state
.g_cpu
= cpu
;
1660 static void handle_insert_bp(GArray
*params
, void *user_ctx
)
1664 if (params
->len
!= 3) {
1669 res
= gdb_breakpoint_insert(get_param(params
, 0)->val_ul
,
1670 get_param(params
, 1)->val_ull
,
1671 get_param(params
, 2)->val_ull
);
1675 } else if (res
== -ENOSYS
) {
1683 static void handle_remove_bp(GArray
*params
, void *user_ctx
)
1687 if (params
->len
!= 3) {
1692 res
= gdb_breakpoint_remove(get_param(params
, 0)->val_ul
,
1693 get_param(params
, 1)->val_ull
,
1694 get_param(params
, 2)->val_ull
);
1698 } else if (res
== -ENOSYS
) {
1707 * handle_set/get_reg
1709 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1710 * This works, but can be very slow. Anything new enough to understand
1711 * XML also knows how to use this properly. However to use this we
1712 * need to define a local XML file as well as be talking to a
1713 * reasonably modern gdb. Responding with an empty packet will cause
1714 * the remote gdb to fallback to older methods.
1717 static void handle_set_reg(GArray
*params
, void *user_ctx
)
1726 if (params
->len
!= 2) {
1731 reg_size
= strlen(get_param(params
, 1)->data
) / 2;
1732 hextomem(gdbserver_state
.mem_buf
, get_param(params
, 1)->data
, reg_size
);
1733 gdb_write_register(gdbserver_state
.g_cpu
, gdbserver_state
.mem_buf
->data
,
1734 get_param(params
, 0)->val_ull
);
1738 static void handle_get_reg(GArray
*params
, void *user_ctx
)
1752 reg_size
= gdb_read_register(gdbserver_state
.g_cpu
,
1753 gdbserver_state
.mem_buf
,
1754 get_param(params
, 0)->val_ull
);
1759 g_byte_array_set_size(gdbserver_state
.mem_buf
, reg_size
);
1762 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
, reg_size
);
1766 static void handle_write_mem(GArray
*params
, void *user_ctx
)
1768 if (params
->len
!= 3) {
1773 /* hextomem() reads 2*len bytes */
1774 if (get_param(params
, 1)->val_ull
>
1775 strlen(get_param(params
, 2)->data
) / 2) {
1780 hextomem(gdbserver_state
.mem_buf
, get_param(params
, 2)->data
,
1781 get_param(params
, 1)->val_ull
);
1782 if (target_memory_rw_debug(gdbserver_state
.g_cpu
,
1783 get_param(params
, 0)->val_ull
,
1784 gdbserver_state
.mem_buf
->data
,
1785 gdbserver_state
.mem_buf
->len
, true)) {
1793 static void handle_read_mem(GArray
*params
, void *user_ctx
)
1795 if (params
->len
!= 2) {
1800 /* memtohex() doubles the required space */
1801 if (get_param(params
, 1)->val_ull
> MAX_PACKET_LENGTH
/ 2) {
1806 g_byte_array_set_size(gdbserver_state
.mem_buf
,
1807 get_param(params
, 1)->val_ull
);
1809 if (target_memory_rw_debug(gdbserver_state
.g_cpu
,
1810 get_param(params
, 0)->val_ull
,
1811 gdbserver_state
.mem_buf
->data
,
1812 gdbserver_state
.mem_buf
->len
, false)) {
1817 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
,
1818 gdbserver_state
.mem_buf
->len
);
1822 static void handle_write_all_regs(GArray
*params
, void *user_ctx
)
1824 target_ulong addr
, len
;
1832 cpu_synchronize_state(gdbserver_state
.g_cpu
);
1833 len
= strlen(get_param(params
, 0)->data
) / 2;
1834 hextomem(gdbserver_state
.mem_buf
, get_param(params
, 0)->data
, len
);
1835 registers
= gdbserver_state
.mem_buf
->data
;
1836 for (addr
= 0; addr
< gdbserver_state
.g_cpu
->gdb_num_g_regs
&& len
> 0;
1838 reg_size
= gdb_write_register(gdbserver_state
.g_cpu
, registers
, addr
);
1840 registers
+= reg_size
;
1845 static void handle_read_all_regs(GArray
*params
, void *user_ctx
)
1847 target_ulong addr
, len
;
1849 cpu_synchronize_state(gdbserver_state
.g_cpu
);
1850 g_byte_array_set_size(gdbserver_state
.mem_buf
, 0);
1852 for (addr
= 0; addr
< gdbserver_state
.g_cpu
->gdb_num_g_regs
; addr
++) {
1853 len
+= gdb_read_register(gdbserver_state
.g_cpu
,
1854 gdbserver_state
.mem_buf
,
1857 g_assert(len
== gdbserver_state
.mem_buf
->len
);
1859 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
, len
);
1863 static void handle_file_io(GArray
*params
, void *user_ctx
)
1865 if (params
->len
>= 1 && gdbserver_state
.current_syscall_cb
) {
1866 target_ulong ret
, err
;
1868 ret
= (target_ulong
)get_param(params
, 0)->val_ull
;
1869 if (params
->len
>= 2) {
1870 err
= (target_ulong
)get_param(params
, 1)->val_ull
;
1874 gdbserver_state
.current_syscall_cb(gdbserver_state
.c_cpu
, ret
, err
);
1875 gdbserver_state
.current_syscall_cb
= NULL
;
1878 if (params
->len
>= 3 && get_param(params
, 2)->opcode
== (uint8_t)'C') {
1886 static void handle_step(GArray
*params
, void *user_ctx
)
1889 gdb_set_cpu_pc((target_ulong
)get_param(params
, 0)->val_ull
);
1892 cpu_single_step(gdbserver_state
.c_cpu
, gdbserver_state
.sstep_flags
);
1896 static void handle_backward(GArray
*params
, void *user_ctx
)
1898 if (!stub_can_reverse()) {
1901 if (params
->len
== 1) {
1902 switch (get_param(params
, 0)->opcode
) {
1904 if (replay_reverse_step()) {
1911 if (replay_reverse_continue()) {
1920 /* Default invalid command */
1924 static void handle_v_cont_query(GArray
*params
, void *user_ctx
)
1926 put_packet("vCont;c;C;s;S");
1929 static void handle_v_cont(GArray
*params
, void *user_ctx
)
1937 res
= gdb_handle_vcont(get_param(params
, 0)->data
);
1938 if ((res
== -EINVAL
) || (res
== -ERANGE
)) {
1945 static void handle_v_attach(GArray
*params
, void *user_ctx
)
1947 GDBProcess
*process
;
1950 g_string_assign(gdbserver_state
.str_buf
, "E22");
1955 process
= gdb_get_process(get_param(params
, 0)->val_ul
);
1960 cpu
= get_first_cpu_in_process(process
);
1965 process
->attached
= true;
1966 gdbserver_state
.g_cpu
= cpu
;
1967 gdbserver_state
.c_cpu
= cpu
;
1969 g_string_printf(gdbserver_state
.str_buf
, "T%02xthread:", GDB_SIGNAL_TRAP
);
1970 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
1971 g_string_append_c(gdbserver_state
.str_buf
, ';');
1976 static void handle_v_kill(GArray
*params
, void *user_ctx
)
1978 /* Kill the target */
1980 error_report("QEMU: Terminated via GDBstub");
1985 static const GdbCmdParseEntry gdb_v_commands_table
[] = {
1986 /* Order is important if has same prefix */
1988 .handler
= handle_v_cont_query
,
1993 .handler
= handle_v_cont
,
1995 .cmd_startswith
= 1,
1999 .handler
= handle_v_attach
,
2001 .cmd_startswith
= 1,
2005 .handler
= handle_v_kill
,
2011 static void handle_v_commands(GArray
*params
, void *user_ctx
)
2017 if (process_string_cmd(NULL
, get_param(params
, 0)->data
,
2018 gdb_v_commands_table
,
2019 ARRAY_SIZE(gdb_v_commands_table
))) {
2024 static void handle_query_qemu_sstepbits(GArray
*params
, void *user_ctx
)
2026 g_string_printf(gdbserver_state
.str_buf
, "ENABLE=%x", SSTEP_ENABLE
);
2028 if (gdbserver_state
.supported_sstep_flags
& SSTEP_NOIRQ
) {
2029 g_string_append_printf(gdbserver_state
.str_buf
, ",NOIRQ=%x",
2033 if (gdbserver_state
.supported_sstep_flags
& SSTEP_NOTIMER
) {
2034 g_string_append_printf(gdbserver_state
.str_buf
, ",NOTIMER=%x",
2041 static void handle_set_qemu_sstep(GArray
*params
, void *user_ctx
)
2043 int new_sstep_flags
;
2049 new_sstep_flags
= get_param(params
, 0)->val_ul
;
2051 if (new_sstep_flags
& ~gdbserver_state
.supported_sstep_flags
) {
2056 gdbserver_state
.sstep_flags
= new_sstep_flags
;
2060 static void handle_query_qemu_sstep(GArray
*params
, void *user_ctx
)
2062 g_string_printf(gdbserver_state
.str_buf
, "0x%x",
2063 gdbserver_state
.sstep_flags
);
2067 static void handle_query_curr_tid(GArray
*params
, void *user_ctx
)
2070 GDBProcess
*process
;
2073 * "Current thread" remains vague in the spec, so always return
2074 * the first thread of the current process (gdb returns the
2077 process
= gdb_get_cpu_process(gdbserver_state
.g_cpu
);
2078 cpu
= get_first_cpu_in_process(process
);
2079 g_string_assign(gdbserver_state
.str_buf
, "QC");
2080 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
2084 static void handle_query_threads(GArray
*params
, void *user_ctx
)
2086 if (!gdbserver_state
.query_cpu
) {
2091 g_string_assign(gdbserver_state
.str_buf
, "m");
2092 gdb_append_thread_id(gdbserver_state
.query_cpu
, gdbserver_state
.str_buf
);
2094 gdbserver_state
.query_cpu
= gdb_next_attached_cpu(gdbserver_state
.query_cpu
);
2097 static void handle_query_first_threads(GArray
*params
, void *user_ctx
)
2099 gdbserver_state
.query_cpu
= gdb_first_attached_cpu();
2100 handle_query_threads(params
, user_ctx
);
2103 static void handle_query_thread_extra(GArray
*params
, void *user_ctx
)
2105 g_autoptr(GString
) rs
= g_string_new(NULL
);
2109 get_param(params
, 0)->thread_id
.kind
== GDB_READ_THREAD_ERR
) {
2114 cpu
= gdb_get_cpu(get_param(params
, 0)->thread_id
.pid
,
2115 get_param(params
, 0)->thread_id
.tid
);
2120 cpu_synchronize_state(cpu
);
2122 if (gdbserver_state
.multiprocess
&& (gdbserver_state
.process_num
> 1)) {
2123 /* Print the CPU model and name in multiprocess mode */
2124 ObjectClass
*oc
= object_get_class(OBJECT(cpu
));
2125 const char *cpu_model
= object_class_get_name(oc
);
2126 const char *cpu_name
=
2127 object_get_canonical_path_component(OBJECT(cpu
));
2128 g_string_printf(rs
, "%s %s [%s]", cpu_model
, cpu_name
,
2129 cpu
->halted
? "halted " : "running");
2131 g_string_printf(rs
, "CPU#%d [%s]", cpu
->cpu_index
,
2132 cpu
->halted
? "halted " : "running");
2134 trace_gdbstub_op_extra_info(rs
->str
);
2135 memtohex(gdbserver_state
.str_buf
, (uint8_t *)rs
->str
, rs
->len
);
2139 #ifdef CONFIG_USER_ONLY
2140 static void handle_query_offsets(GArray
*params
, void *user_ctx
)
2144 ts
= gdbserver_state
.c_cpu
->opaque
;
2145 g_string_printf(gdbserver_state
.str_buf
,
2146 "Text=" TARGET_ABI_FMT_lx
2147 ";Data=" TARGET_ABI_FMT_lx
2148 ";Bss=" TARGET_ABI_FMT_lx
,
2149 ts
->info
->code_offset
,
2150 ts
->info
->data_offset
,
2151 ts
->info
->data_offset
);
2155 static void handle_query_rcmd(GArray
*params
, void *user_ctx
)
2157 const guint8 zero
= 0;
2165 len
= strlen(get_param(params
, 0)->data
);
2171 g_assert(gdbserver_state
.mem_buf
->len
== 0);
2173 hextomem(gdbserver_state
.mem_buf
, get_param(params
, 0)->data
, len
);
2174 g_byte_array_append(gdbserver_state
.mem_buf
, &zero
, 1);
2175 qemu_chr_be_write(gdbserver_state
.mon_chr
, gdbserver_state
.mem_buf
->data
,
2176 gdbserver_state
.mem_buf
->len
);
2181 static void handle_query_supported(GArray
*params
, void *user_ctx
)
2185 g_string_printf(gdbserver_state
.str_buf
, "PacketSize=%x", MAX_PACKET_LENGTH
);
2186 cc
= CPU_GET_CLASS(first_cpu
);
2187 if (cc
->gdb_core_xml_file
) {
2188 g_string_append(gdbserver_state
.str_buf
, ";qXfer:features:read+");
2191 if (stub_can_reverse()) {
2192 g_string_append(gdbserver_state
.str_buf
,
2193 ";ReverseStep+;ReverseContinue+");
2196 #ifdef CONFIG_USER_ONLY
2197 if (gdbserver_state
.c_cpu
->opaque
) {
2198 g_string_append(gdbserver_state
.str_buf
, ";qXfer:auxv:read+");
2203 strstr(get_param(params
, 0)->data
, "multiprocess+")) {
2204 gdbserver_state
.multiprocess
= true;
2207 g_string_append(gdbserver_state
.str_buf
, ";vContSupported+;multiprocess+");
2211 static void handle_query_xfer_features(GArray
*params
, void *user_ctx
)
2213 GDBProcess
*process
;
2215 unsigned long len
, total_len
, addr
;
2219 if (params
->len
< 3) {
2224 process
= gdb_get_cpu_process(gdbserver_state
.g_cpu
);
2225 cc
= CPU_GET_CLASS(gdbserver_state
.g_cpu
);
2226 if (!cc
->gdb_core_xml_file
) {
2232 p
= get_param(params
, 0)->data
;
2233 xml
= get_feature_xml(p
, &p
, process
);
2239 addr
= get_param(params
, 1)->val_ul
;
2240 len
= get_param(params
, 2)->val_ul
;
2241 total_len
= strlen(xml
);
2242 if (addr
> total_len
) {
2247 if (len
> (MAX_PACKET_LENGTH
- 5) / 2) {
2248 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2251 if (len
< total_len
- addr
) {
2252 g_string_assign(gdbserver_state
.str_buf
, "m");
2253 memtox(gdbserver_state
.str_buf
, xml
+ addr
, len
);
2255 g_string_assign(gdbserver_state
.str_buf
, "l");
2256 memtox(gdbserver_state
.str_buf
, xml
+ addr
, total_len
- addr
);
2259 put_packet_binary(gdbserver_state
.str_buf
->str
,
2260 gdbserver_state
.str_buf
->len
, true);
2263 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2264 static void handle_query_xfer_auxv(GArray
*params
, void *user_ctx
)
2267 unsigned long offset
, len
, saved_auxv
, auxv_len
;
2269 if (params
->len
< 2) {
2274 offset
= get_param(params
, 0)->val_ul
;
2275 len
= get_param(params
, 1)->val_ul
;
2276 ts
= gdbserver_state
.c_cpu
->opaque
;
2277 saved_auxv
= ts
->info
->saved_auxv
;
2278 auxv_len
= ts
->info
->auxv_len
;
2280 if (offset
>= auxv_len
) {
2285 if (len
> (MAX_PACKET_LENGTH
- 5) / 2) {
2286 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2289 if (len
< auxv_len
- offset
) {
2290 g_string_assign(gdbserver_state
.str_buf
, "m");
2292 g_string_assign(gdbserver_state
.str_buf
, "l");
2293 len
= auxv_len
- offset
;
2296 g_byte_array_set_size(gdbserver_state
.mem_buf
, len
);
2297 if (target_memory_rw_debug(gdbserver_state
.g_cpu
, saved_auxv
+ offset
,
2298 gdbserver_state
.mem_buf
->data
, len
, false)) {
2303 memtox(gdbserver_state
.str_buf
,
2304 (const char *)gdbserver_state
.mem_buf
->data
, len
);
2305 put_packet_binary(gdbserver_state
.str_buf
->str
,
2306 gdbserver_state
.str_buf
->len
, true);
2310 static void handle_query_attached(GArray
*params
, void *user_ctx
)
2312 put_packet(GDB_ATTACHED
);
2315 static void handle_query_qemu_supported(GArray
*params
, void *user_ctx
)
2317 g_string_printf(gdbserver_state
.str_buf
, "sstepbits;sstep");
2318 #ifndef CONFIG_USER_ONLY
2319 g_string_append(gdbserver_state
.str_buf
, ";PhyMemMode");
2324 #ifndef CONFIG_USER_ONLY
2325 static void handle_query_qemu_phy_mem_mode(GArray
*params
,
2328 g_string_printf(gdbserver_state
.str_buf
, "%d", phy_memory_mode
);
2332 static void handle_set_qemu_phy_mem_mode(GArray
*params
, void *user_ctx
)
2339 if (!get_param(params
, 0)->val_ul
) {
2340 phy_memory_mode
= 0;
2342 phy_memory_mode
= 1;
2348 static const GdbCmdParseEntry gdb_gen_query_set_common_table
[] = {
2349 /* Order is important if has same prefix */
2351 .handler
= handle_query_qemu_sstepbits
,
2352 .cmd
= "qemu.sstepbits",
2355 .handler
= handle_query_qemu_sstep
,
2356 .cmd
= "qemu.sstep",
2359 .handler
= handle_set_qemu_sstep
,
2360 .cmd
= "qemu.sstep=",
2361 .cmd_startswith
= 1,
2366 static const GdbCmdParseEntry gdb_gen_query_table
[] = {
2368 .handler
= handle_query_curr_tid
,
2372 .handler
= handle_query_threads
,
2373 .cmd
= "sThreadInfo",
2376 .handler
= handle_query_first_threads
,
2377 .cmd
= "fThreadInfo",
2380 .handler
= handle_query_thread_extra
,
2381 .cmd
= "ThreadExtraInfo,",
2382 .cmd_startswith
= 1,
2385 #ifdef CONFIG_USER_ONLY
2387 .handler
= handle_query_offsets
,
2392 .handler
= handle_query_rcmd
,
2394 .cmd_startswith
= 1,
2399 .handler
= handle_query_supported
,
2400 .cmd
= "Supported:",
2401 .cmd_startswith
= 1,
2405 .handler
= handle_query_supported
,
2410 .handler
= handle_query_xfer_features
,
2411 .cmd
= "Xfer:features:read:",
2412 .cmd_startswith
= 1,
2415 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2417 .handler
= handle_query_xfer_auxv
,
2418 .cmd
= "Xfer:auxv:read::",
2419 .cmd_startswith
= 1,
2424 .handler
= handle_query_attached
,
2429 .handler
= handle_query_attached
,
2433 .handler
= handle_query_qemu_supported
,
2434 .cmd
= "qemu.Supported",
2436 #ifndef CONFIG_USER_ONLY
2438 .handler
= handle_query_qemu_phy_mem_mode
,
2439 .cmd
= "qemu.PhyMemMode",
2444 static const GdbCmdParseEntry gdb_gen_set_table
[] = {
2445 /* Order is important if has same prefix */
2447 .handler
= handle_set_qemu_sstep
,
2448 .cmd
= "qemu.sstep:",
2449 .cmd_startswith
= 1,
2452 #ifndef CONFIG_USER_ONLY
2454 .handler
= handle_set_qemu_phy_mem_mode
,
2455 .cmd
= "qemu.PhyMemMode:",
2456 .cmd_startswith
= 1,
2462 static void handle_gen_query(GArray
*params
, void *user_ctx
)
2468 if (!process_string_cmd(NULL
, get_param(params
, 0)->data
,
2469 gdb_gen_query_set_common_table
,
2470 ARRAY_SIZE(gdb_gen_query_set_common_table
))) {
2474 if (process_string_cmd(NULL
, get_param(params
, 0)->data
,
2475 gdb_gen_query_table
,
2476 ARRAY_SIZE(gdb_gen_query_table
))) {
2481 static void handle_gen_set(GArray
*params
, void *user_ctx
)
2487 if (!process_string_cmd(NULL
, get_param(params
, 0)->data
,
2488 gdb_gen_query_set_common_table
,
2489 ARRAY_SIZE(gdb_gen_query_set_common_table
))) {
2493 if (process_string_cmd(NULL
, get_param(params
, 0)->data
,
2495 ARRAY_SIZE(gdb_gen_set_table
))) {
2500 static void handle_target_halt(GArray
*params
, void *user_ctx
)
2502 g_string_printf(gdbserver_state
.str_buf
, "T%02xthread:", GDB_SIGNAL_TRAP
);
2503 gdb_append_thread_id(gdbserver_state
.c_cpu
, gdbserver_state
.str_buf
);
2504 g_string_append_c(gdbserver_state
.str_buf
, ';');
2507 * Remove all the breakpoints when this query is issued,
2508 * because gdb is doing an initial connect and the state
2509 * should be cleaned up.
2511 gdb_breakpoint_remove_all();
2514 static int gdb_handle_packet(const char *line_buf
)
2516 const GdbCmdParseEntry
*cmd_parser
= NULL
;
2518 trace_gdbstub_io_command(line_buf
);
2520 switch (line_buf
[0]) {
2526 static const GdbCmdParseEntry target_halted_cmd_desc
= {
2527 .handler
= handle_target_halt
,
2531 cmd_parser
= &target_halted_cmd_desc
;
2536 static const GdbCmdParseEntry continue_cmd_desc
= {
2537 .handler
= handle_continue
,
2539 .cmd_startswith
= 1,
2542 cmd_parser
= &continue_cmd_desc
;
2547 static const GdbCmdParseEntry cont_with_sig_cmd_desc
= {
2548 .handler
= handle_cont_with_sig
,
2550 .cmd_startswith
= 1,
2553 cmd_parser
= &cont_with_sig_cmd_desc
;
2558 static const GdbCmdParseEntry v_cmd_desc
= {
2559 .handler
= handle_v_commands
,
2561 .cmd_startswith
= 1,
2564 cmd_parser
= &v_cmd_desc
;
2568 /* Kill the target */
2569 error_report("QEMU: Terminated via GDBstub");
2574 static const GdbCmdParseEntry detach_cmd_desc
= {
2575 .handler
= handle_detach
,
2577 .cmd_startswith
= 1,
2580 cmd_parser
= &detach_cmd_desc
;
2585 static const GdbCmdParseEntry step_cmd_desc
= {
2586 .handler
= handle_step
,
2588 .cmd_startswith
= 1,
2591 cmd_parser
= &step_cmd_desc
;
2596 static const GdbCmdParseEntry backward_cmd_desc
= {
2597 .handler
= handle_backward
,
2599 .cmd_startswith
= 1,
2602 cmd_parser
= &backward_cmd_desc
;
2607 static const GdbCmdParseEntry file_io_cmd_desc
= {
2608 .handler
= handle_file_io
,
2610 .cmd_startswith
= 1,
2613 cmd_parser
= &file_io_cmd_desc
;
2618 static const GdbCmdParseEntry read_all_regs_cmd_desc
= {
2619 .handler
= handle_read_all_regs
,
2623 cmd_parser
= &read_all_regs_cmd_desc
;
2628 static const GdbCmdParseEntry write_all_regs_cmd_desc
= {
2629 .handler
= handle_write_all_regs
,
2631 .cmd_startswith
= 1,
2634 cmd_parser
= &write_all_regs_cmd_desc
;
2639 static const GdbCmdParseEntry read_mem_cmd_desc
= {
2640 .handler
= handle_read_mem
,
2642 .cmd_startswith
= 1,
2645 cmd_parser
= &read_mem_cmd_desc
;
2650 static const GdbCmdParseEntry write_mem_cmd_desc
= {
2651 .handler
= handle_write_mem
,
2653 .cmd_startswith
= 1,
2656 cmd_parser
= &write_mem_cmd_desc
;
2661 static const GdbCmdParseEntry get_reg_cmd_desc
= {
2662 .handler
= handle_get_reg
,
2664 .cmd_startswith
= 1,
2667 cmd_parser
= &get_reg_cmd_desc
;
2672 static const GdbCmdParseEntry set_reg_cmd_desc
= {
2673 .handler
= handle_set_reg
,
2675 .cmd_startswith
= 1,
2678 cmd_parser
= &set_reg_cmd_desc
;
2683 static const GdbCmdParseEntry insert_bp_cmd_desc
= {
2684 .handler
= handle_insert_bp
,
2686 .cmd_startswith
= 1,
2689 cmd_parser
= &insert_bp_cmd_desc
;
2694 static const GdbCmdParseEntry remove_bp_cmd_desc
= {
2695 .handler
= handle_remove_bp
,
2697 .cmd_startswith
= 1,
2700 cmd_parser
= &remove_bp_cmd_desc
;
2705 static const GdbCmdParseEntry set_thread_cmd_desc
= {
2706 .handler
= handle_set_thread
,
2708 .cmd_startswith
= 1,
2711 cmd_parser
= &set_thread_cmd_desc
;
2716 static const GdbCmdParseEntry thread_alive_cmd_desc
= {
2717 .handler
= handle_thread_alive
,
2719 .cmd_startswith
= 1,
2722 cmd_parser
= &thread_alive_cmd_desc
;
2727 static const GdbCmdParseEntry gen_query_cmd_desc
= {
2728 .handler
= handle_gen_query
,
2730 .cmd_startswith
= 1,
2733 cmd_parser
= &gen_query_cmd_desc
;
2738 static const GdbCmdParseEntry gen_set_cmd_desc
= {
2739 .handler
= handle_gen_set
,
2741 .cmd_startswith
= 1,
2744 cmd_parser
= &gen_set_cmd_desc
;
2748 /* put empty packet */
2754 run_cmd_parser(line_buf
, cmd_parser
);
2760 void gdb_set_stop_cpu(CPUState
*cpu
)
2762 GDBProcess
*p
= gdb_get_cpu_process(cpu
);
2766 * Having a stop CPU corresponding to a process that is not attached
2767 * confuses GDB. So we ignore the request.
2772 gdbserver_state
.c_cpu
= cpu
;
2773 gdbserver_state
.g_cpu
= cpu
;
2776 #ifndef CONFIG_USER_ONLY
2777 static void gdb_vm_state_change(void *opaque
, bool running
, RunState state
)
2779 CPUState
*cpu
= gdbserver_state
.c_cpu
;
2780 g_autoptr(GString
) buf
= g_string_new(NULL
);
2781 g_autoptr(GString
) tid
= g_string_new(NULL
);
2785 if (running
|| gdbserver_state
.state
== RS_INACTIVE
) {
2788 /* Is there a GDB syscall waiting to be sent? */
2789 if (gdbserver_state
.current_syscall_cb
) {
2790 put_packet(gdbserver_state
.syscall_buf
);
2795 /* No process attached */
2799 gdb_append_thread_id(cpu
, tid
);
2802 case RUN_STATE_DEBUG
:
2803 if (cpu
->watchpoint_hit
) {
2804 switch (cpu
->watchpoint_hit
->flags
& BP_MEM_ACCESS
) {
2815 trace_gdbstub_hit_watchpoint(type
, cpu_gdb_index(cpu
),
2816 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
2817 g_string_printf(buf
, "T%02xthread:%s;%swatch:" TARGET_FMT_lx
";",
2818 GDB_SIGNAL_TRAP
, tid
->str
, type
,
2819 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
2820 cpu
->watchpoint_hit
= NULL
;
2823 trace_gdbstub_hit_break();
2826 ret
= GDB_SIGNAL_TRAP
;
2828 case RUN_STATE_PAUSED
:
2829 trace_gdbstub_hit_paused();
2830 ret
= GDB_SIGNAL_INT
;
2832 case RUN_STATE_SHUTDOWN
:
2833 trace_gdbstub_hit_shutdown();
2834 ret
= GDB_SIGNAL_QUIT
;
2836 case RUN_STATE_IO_ERROR
:
2837 trace_gdbstub_hit_io_error();
2838 ret
= GDB_SIGNAL_IO
;
2840 case RUN_STATE_WATCHDOG
:
2841 trace_gdbstub_hit_watchdog();
2842 ret
= GDB_SIGNAL_ALRM
;
2844 case RUN_STATE_INTERNAL_ERROR
:
2845 trace_gdbstub_hit_internal_error();
2846 ret
= GDB_SIGNAL_ABRT
;
2848 case RUN_STATE_SAVE_VM
:
2849 case RUN_STATE_RESTORE_VM
:
2851 case RUN_STATE_FINISH_MIGRATE
:
2852 ret
= GDB_SIGNAL_XCPU
;
2855 trace_gdbstub_hit_unknown(state
);
2856 ret
= GDB_SIGNAL_UNKNOWN
;
2859 gdb_set_stop_cpu(cpu
);
2860 g_string_printf(buf
, "T%02xthread:%s;", ret
, tid
->str
);
2863 put_packet(buf
->str
);
2865 /* disable single step if it was enabled */
2866 cpu_single_step(cpu
, 0);
2870 /* Send a gdb syscall request.
2871 This accepts limited printf-style format specifiers, specifically:
2872 %x - target_ulong argument printed in hex.
2873 %lx - 64-bit argument printed in hex.
2874 %s - string pointer (target_ulong) and length (int) pair. */
2875 void gdb_do_syscallv(gdb_syscall_complete_cb cb
, const char *fmt
, va_list va
)
2882 if (!gdbserver_state
.init
) {
2886 gdbserver_state
.current_syscall_cb
= cb
;
2887 #ifndef CONFIG_USER_ONLY
2888 vm_stop(RUN_STATE_DEBUG
);
2890 p
= &gdbserver_state
.syscall_buf
[0];
2891 p_end
= &gdbserver_state
.syscall_buf
[sizeof(gdbserver_state
.syscall_buf
)];
2898 addr
= va_arg(va
, target_ulong
);
2899 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
, addr
);
2902 if (*(fmt
++) != 'x')
2904 i64
= va_arg(va
, uint64_t);
2905 p
+= snprintf(p
, p_end
- p
, "%" PRIx64
, i64
);
2908 addr
= va_arg(va
, target_ulong
);
2909 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
"/%x",
2910 addr
, va_arg(va
, int));
2914 error_report("gdbstub: Bad syscall format string '%s'",
2923 #ifdef CONFIG_USER_ONLY
2924 put_packet(gdbserver_state
.syscall_buf
);
2925 /* Return control to gdb for it to process the syscall request.
2926 * Since the protocol requires that gdb hands control back to us
2927 * using a "here are the results" F packet, we don't need to check
2928 * gdb_handlesig's return value (which is the signal to deliver if
2929 * execution was resumed via a continue packet).
2931 gdb_handlesig(gdbserver_state
.c_cpu
, 0);
2933 /* In this case wait to send the syscall packet until notification that
2934 the CPU has stopped. This must be done because if the packet is sent
2935 now the reply from the syscall request could be received while the CPU
2936 is still in the running state, which can cause packets to be dropped
2937 and state transition 'T' packets to be sent while the syscall is still
2939 qemu_cpu_kick(gdbserver_state
.c_cpu
);
2943 void gdb_do_syscall(gdb_syscall_complete_cb cb
, const char *fmt
, ...)
2948 gdb_do_syscallv(cb
, fmt
, va
);
2952 static void gdb_read_byte(uint8_t ch
)
2956 #ifndef CONFIG_USER_ONLY
2957 if (gdbserver_state
.last_packet
->len
) {
2958 /* Waiting for a response to the last packet. If we see the start
2959 of a new command then abandon the previous response. */
2961 trace_gdbstub_err_got_nack();
2962 put_buffer(gdbserver_state
.last_packet
->data
,
2963 gdbserver_state
.last_packet
->len
);
2964 } else if (ch
== '+') {
2965 trace_gdbstub_io_got_ack();
2967 trace_gdbstub_io_got_unexpected(ch
);
2970 if (ch
== '+' || ch
== '$') {
2971 g_byte_array_set_size(gdbserver_state
.last_packet
, 0);
2976 if (runstate_is_running()) {
2977 /* when the CPU is running, we cannot do anything except stop
2978 it when receiving a char */
2979 vm_stop(RUN_STATE_PAUSED
);
2983 switch(gdbserver_state
.state
) {
2986 /* start of command packet */
2987 gdbserver_state
.line_buf_index
= 0;
2988 gdbserver_state
.line_sum
= 0;
2989 gdbserver_state
.state
= RS_GETLINE
;
2991 trace_gdbstub_err_garbage(ch
);
2996 /* start escape sequence */
2997 gdbserver_state
.state
= RS_GETLINE_ESC
;
2998 gdbserver_state
.line_sum
+= ch
;
2999 } else if (ch
== '*') {
3000 /* start run length encoding sequence */
3001 gdbserver_state
.state
= RS_GETLINE_RLE
;
3002 gdbserver_state
.line_sum
+= ch
;
3003 } else if (ch
== '#') {
3004 /* end of command, start of checksum*/
3005 gdbserver_state
.state
= RS_CHKSUM1
;
3006 } else if (gdbserver_state
.line_buf_index
>= sizeof(gdbserver_state
.line_buf
) - 1) {
3007 trace_gdbstub_err_overrun();
3008 gdbserver_state
.state
= RS_IDLE
;
3010 /* unescaped command character */
3011 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
++] = ch
;
3012 gdbserver_state
.line_sum
+= ch
;
3015 case RS_GETLINE_ESC
:
3017 /* unexpected end of command in escape sequence */
3018 gdbserver_state
.state
= RS_CHKSUM1
;
3019 } else if (gdbserver_state
.line_buf_index
>= sizeof(gdbserver_state
.line_buf
) - 1) {
3020 /* command buffer overrun */
3021 trace_gdbstub_err_overrun();
3022 gdbserver_state
.state
= RS_IDLE
;
3024 /* parse escaped character and leave escape state */
3025 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
++] = ch
^ 0x20;
3026 gdbserver_state
.line_sum
+= ch
;
3027 gdbserver_state
.state
= RS_GETLINE
;
3030 case RS_GETLINE_RLE
:
3032 * Run-length encoding is explained in "Debugging with GDB /
3033 * Appendix E GDB Remote Serial Protocol / Overview".
3035 if (ch
< ' ' || ch
== '#' || ch
== '$' || ch
> 126) {
3036 /* invalid RLE count encoding */
3037 trace_gdbstub_err_invalid_repeat(ch
);
3038 gdbserver_state
.state
= RS_GETLINE
;
3040 /* decode repeat length */
3041 int repeat
= ch
- ' ' + 3;
3042 if (gdbserver_state
.line_buf_index
+ repeat
>= sizeof(gdbserver_state
.line_buf
) - 1) {
3043 /* that many repeats would overrun the command buffer */
3044 trace_gdbstub_err_overrun();
3045 gdbserver_state
.state
= RS_IDLE
;
3046 } else if (gdbserver_state
.line_buf_index
< 1) {
3047 /* got a repeat but we have nothing to repeat */
3048 trace_gdbstub_err_invalid_rle();
3049 gdbserver_state
.state
= RS_GETLINE
;
3051 /* repeat the last character */
3052 memset(gdbserver_state
.line_buf
+ gdbserver_state
.line_buf_index
,
3053 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
- 1], repeat
);
3054 gdbserver_state
.line_buf_index
+= repeat
;
3055 gdbserver_state
.line_sum
+= ch
;
3056 gdbserver_state
.state
= RS_GETLINE
;
3061 /* get high hex digit of checksum */
3062 if (!isxdigit(ch
)) {
3063 trace_gdbstub_err_checksum_invalid(ch
);
3064 gdbserver_state
.state
= RS_GETLINE
;
3067 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
] = '\0';
3068 gdbserver_state
.line_csum
= fromhex(ch
) << 4;
3069 gdbserver_state
.state
= RS_CHKSUM2
;
3072 /* get low hex digit of checksum */
3073 if (!isxdigit(ch
)) {
3074 trace_gdbstub_err_checksum_invalid(ch
);
3075 gdbserver_state
.state
= RS_GETLINE
;
3078 gdbserver_state
.line_csum
|= fromhex(ch
);
3080 if (gdbserver_state
.line_csum
!= (gdbserver_state
.line_sum
& 0xff)) {
3081 trace_gdbstub_err_checksum_incorrect(gdbserver_state
.line_sum
, gdbserver_state
.line_csum
);
3082 /* send NAK reply */
3084 put_buffer(&reply
, 1);
3085 gdbserver_state
.state
= RS_IDLE
;
3087 /* send ACK reply */
3089 put_buffer(&reply
, 1);
3090 gdbserver_state
.state
= gdb_handle_packet(gdbserver_state
.line_buf
);
3099 /* Tell the remote gdb that the process has exited. */
3100 void gdb_exit(int code
)
3104 if (!gdbserver_state
.init
) {
3107 #ifdef CONFIG_USER_ONLY
3108 if (gdbserver_state
.socket_path
) {
3109 unlink(gdbserver_state
.socket_path
);
3111 if (gdbserver_state
.fd
< 0) {
3116 trace_gdbstub_op_exiting((uint8_t)code
);
3118 snprintf(buf
, sizeof(buf
), "W%02x", (uint8_t)code
);
3121 #ifndef CONFIG_USER_ONLY
3122 qemu_chr_fe_deinit(&gdbserver_state
.chr
, true);
3127 * Create the process that will contain all the "orphan" CPUs (that are not
3128 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3129 * be attachable and thus will be invisible to the user.
3131 static void create_default_process(GDBState
*s
)
3133 GDBProcess
*process
;
3136 if (gdbserver_state
.process_num
) {
3137 max_pid
= s
->processes
[s
->process_num
- 1].pid
;
3140 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
3141 process
= &s
->processes
[s
->process_num
- 1];
3143 /* We need an available PID slot for this process */
3144 assert(max_pid
< UINT32_MAX
);
3146 process
->pid
= max_pid
+ 1;
3147 process
->attached
= false;
3148 process
->target_xml
[0] = '\0';
3151 #ifdef CONFIG_USER_ONLY
3153 gdb_handlesig(CPUState
*cpu
, int sig
)
3158 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3162 /* disable single step if it was enabled */
3163 cpu_single_step(cpu
, 0);
3167 gdb_set_stop_cpu(cpu
);
3168 g_string_printf(gdbserver_state
.str_buf
,
3169 "T%02xthread:", target_signal_to_gdb(sig
));
3170 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
3171 g_string_append_c(gdbserver_state
.str_buf
, ';');
3174 /* put_packet() might have detected that the peer terminated the
3176 if (gdbserver_state
.fd
< 0) {
3181 gdbserver_state
.state
= RS_IDLE
;
3182 gdbserver_state
.running_state
= 0;
3183 while (gdbserver_state
.running_state
== 0) {
3184 n
= read(gdbserver_state
.fd
, buf
, 256);
3188 for (i
= 0; i
< n
; i
++) {
3189 gdb_read_byte(buf
[i
]);
3192 /* XXX: Connection closed. Should probably wait for another
3193 connection before continuing. */
3195 close(gdbserver_state
.fd
);
3197 gdbserver_state
.fd
= -1;
3201 sig
= gdbserver_state
.signal
;
3202 gdbserver_state
.signal
= 0;
3206 /* Tell the remote gdb that the process has exited due to SIG. */
3207 void gdb_signalled(CPUArchState
*env
, int sig
)
3211 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3215 snprintf(buf
, sizeof(buf
), "X%02x", target_signal_to_gdb(sig
));
3219 static void gdb_accept_init(int fd
)
3221 init_gdbserver_state();
3222 create_default_process(&gdbserver_state
);
3223 gdbserver_state
.processes
[0].attached
= true;
3224 gdbserver_state
.c_cpu
= gdb_first_attached_cpu();
3225 gdbserver_state
.g_cpu
= gdbserver_state
.c_cpu
;
3226 gdbserver_state
.fd
= fd
;
3227 gdb_has_xml
= false;
3230 static bool gdb_accept_socket(int gdb_fd
)
3235 fd
= accept(gdb_fd
, NULL
, NULL
);
3236 if (fd
< 0 && errno
!= EINTR
) {
3237 perror("accept socket");
3239 } else if (fd
>= 0) {
3240 qemu_set_cloexec(fd
);
3245 gdb_accept_init(fd
);
3249 static int gdbserver_open_socket(const char *path
)
3251 struct sockaddr_un sockaddr
= {};
3254 fd
= socket(AF_UNIX
, SOCK_STREAM
, 0);
3256 perror("create socket");
3260 sockaddr
.sun_family
= AF_UNIX
;
3261 pstrcpy(sockaddr
.sun_path
, sizeof(sockaddr
.sun_path
) - 1, path
);
3262 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
3264 perror("bind socket");
3268 ret
= listen(fd
, 1);
3270 perror("listen socket");
3278 static bool gdb_accept_tcp(int gdb_fd
)
3280 struct sockaddr_in sockaddr
= {};
3285 len
= sizeof(sockaddr
);
3286 fd
= accept(gdb_fd
, (struct sockaddr
*)&sockaddr
, &len
);
3287 if (fd
< 0 && errno
!= EINTR
) {
3290 } else if (fd
>= 0) {
3291 qemu_set_cloexec(fd
);
3296 /* set short latency */
3297 if (socket_set_nodelay(fd
)) {
3298 perror("setsockopt");
3303 gdb_accept_init(fd
);
3307 static int gdbserver_open_port(int port
)
3309 struct sockaddr_in sockaddr
;
3312 fd
= socket(PF_INET
, SOCK_STREAM
, 0);
3317 qemu_set_cloexec(fd
);
3319 socket_set_fast_reuse(fd
);
3321 sockaddr
.sin_family
= AF_INET
;
3322 sockaddr
.sin_port
= htons(port
);
3323 sockaddr
.sin_addr
.s_addr
= 0;
3324 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
3330 ret
= listen(fd
, 1);
3340 int gdbserver_start(const char *port_or_path
)
3342 int port
= g_ascii_strtoull(port_or_path
, NULL
, 10);
3346 gdb_fd
= gdbserver_open_port(port
);
3348 gdb_fd
= gdbserver_open_socket(port_or_path
);
3355 if (port
> 0 && gdb_accept_tcp(gdb_fd
)) {
3357 } else if (gdb_accept_socket(gdb_fd
)) {
3358 gdbserver_state
.socket_path
= g_strdup(port_or_path
);
3367 /* Disable gdb stub for child processes. */
3368 void gdbserver_fork(CPUState
*cpu
)
3370 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3373 close(gdbserver_state
.fd
);
3374 gdbserver_state
.fd
= -1;
3375 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
3376 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
3379 static int gdb_chr_can_receive(void *opaque
)
3381 /* We can handle an arbitrarily large amount of data.
3382 Pick the maximum packet size, which is as good as anything. */
3383 return MAX_PACKET_LENGTH
;
3386 static void gdb_chr_receive(void *opaque
, const uint8_t *buf
, int size
)
3390 for (i
= 0; i
< size
; i
++) {
3391 gdb_read_byte(buf
[i
]);
3395 static void gdb_chr_event(void *opaque
, QEMUChrEvent event
)
3398 GDBState
*s
= (GDBState
*) opaque
;
3401 case CHR_EVENT_OPENED
:
3402 /* Start with first process attached, others detached */
3403 for (i
= 0; i
< s
->process_num
; i
++) {
3404 s
->processes
[i
].attached
= !i
;
3407 s
->c_cpu
= gdb_first_attached_cpu();
3408 s
->g_cpu
= s
->c_cpu
;
3410 vm_stop(RUN_STATE_PAUSED
);
3411 replay_gdb_attached();
3412 gdb_has_xml
= false;
3419 static int gdb_monitor_write(Chardev
*chr
, const uint8_t *buf
, int len
)
3421 g_autoptr(GString
) hex_buf
= g_string_new("O");
3422 memtohex(hex_buf
, buf
, len
);
3423 put_packet(hex_buf
->str
);
3428 static void gdb_sigterm_handler(int signal
)
3430 if (runstate_is_running()) {
3431 vm_stop(RUN_STATE_PAUSED
);
3436 static void gdb_monitor_open(Chardev
*chr
, ChardevBackend
*backend
,
3437 bool *be_opened
, Error
**errp
)
3442 static void char_gdb_class_init(ObjectClass
*oc
, void *data
)
3444 ChardevClass
*cc
= CHARDEV_CLASS(oc
);
3446 cc
->internal
= true;
3447 cc
->open
= gdb_monitor_open
;
3448 cc
->chr_write
= gdb_monitor_write
;
3451 #define TYPE_CHARDEV_GDB "chardev-gdb"
3453 static const TypeInfo char_gdb_type_info
= {
3454 .name
= TYPE_CHARDEV_GDB
,
3455 .parent
= TYPE_CHARDEV
,
3456 .class_init
= char_gdb_class_init
,
3459 static int find_cpu_clusters(Object
*child
, void *opaque
)
3461 if (object_dynamic_cast(child
, TYPE_CPU_CLUSTER
)) {
3462 GDBState
*s
= (GDBState
*) opaque
;
3463 CPUClusterState
*cluster
= CPU_CLUSTER(child
);
3464 GDBProcess
*process
;
3466 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
3468 process
= &s
->processes
[s
->process_num
- 1];
3471 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3472 * runtime, we enforce here that the machine does not use a cluster ID
3473 * that would lead to PID 0.
3475 assert(cluster
->cluster_id
!= UINT32_MAX
);
3476 process
->pid
= cluster
->cluster_id
+ 1;
3477 process
->attached
= false;
3478 process
->target_xml
[0] = '\0';
3483 return object_child_foreach(child
, find_cpu_clusters
, opaque
);
3486 static int pid_order(const void *a
, const void *b
)
3488 GDBProcess
*pa
= (GDBProcess
*) a
;
3489 GDBProcess
*pb
= (GDBProcess
*) b
;
3491 if (pa
->pid
< pb
->pid
) {
3493 } else if (pa
->pid
> pb
->pid
) {
3500 static void create_processes(GDBState
*s
)
3502 object_child_foreach(object_get_root(), find_cpu_clusters
, s
);
3504 if (gdbserver_state
.processes
) {
3506 qsort(gdbserver_state
.processes
, gdbserver_state
.process_num
, sizeof(gdbserver_state
.processes
[0]), pid_order
);
3509 create_default_process(s
);
3512 int gdbserver_start(const char *device
)
3514 trace_gdbstub_op_start(device
);
3516 char gdbstub_device_name
[128];
3517 Chardev
*chr
= NULL
;
3521 error_report("gdbstub: meaningless to attach gdb to a "
3522 "machine without any CPU.");
3526 if (kvm_enabled() && !kvm_supports_guest_debug()) {
3527 error_report("gdbstub: KVM doesn't support guest debugging");
3533 if (strcmp(device
, "none") != 0) {
3534 if (strstart(device
, "tcp:", NULL
)) {
3535 /* enforce required TCP attributes */
3536 snprintf(gdbstub_device_name
, sizeof(gdbstub_device_name
),
3537 "%s,wait=off,nodelay=on,server=on", device
);
3538 device
= gdbstub_device_name
;
3541 else if (strcmp(device
, "stdio") == 0) {
3542 struct sigaction act
;
3544 memset(&act
, 0, sizeof(act
));
3545 act
.sa_handler
= gdb_sigterm_handler
;
3546 sigaction(SIGINT
, &act
, NULL
);
3550 * FIXME: it's a bit weird to allow using a mux chardev here
3551 * and implicitly setup a monitor. We may want to break this.
3553 chr
= qemu_chr_new_noreplay("gdb", device
, true, NULL
);
3558 if (!gdbserver_state
.init
) {
3559 init_gdbserver_state();
3561 qemu_add_vm_change_state_handler(gdb_vm_state_change
, NULL
);
3563 /* Initialize a monitor terminal for gdb */
3564 mon_chr
= qemu_chardev_new(NULL
, TYPE_CHARDEV_GDB
,
3565 NULL
, NULL
, &error_abort
);
3566 monitor_init_hmp(mon_chr
, false, &error_abort
);
3568 qemu_chr_fe_deinit(&gdbserver_state
.chr
, true);
3569 mon_chr
= gdbserver_state
.mon_chr
;
3570 reset_gdbserver_state();
3573 create_processes(&gdbserver_state
);
3576 qemu_chr_fe_init(&gdbserver_state
.chr
, chr
, &error_abort
);
3577 qemu_chr_fe_set_handlers(&gdbserver_state
.chr
, gdb_chr_can_receive
,
3578 gdb_chr_receive
, gdb_chr_event
,
3579 NULL
, &gdbserver_state
, NULL
, true);
3581 gdbserver_state
.state
= chr
? RS_IDLE
: RS_INACTIVE
;
3582 gdbserver_state
.mon_chr
= mon_chr
;
3583 gdbserver_state
.current_syscall_cb
= NULL
;
3588 static void register_types(void)
3590 type_register_static(&char_gdb_type_info
);
3593 type_init(register_types
);