4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qapi/error.h"
28 #include "qemu/error-report.h"
29 #include "qemu/ctype.h"
30 #include "qemu/cutils.h"
31 #include "qemu/module.h"
32 #include "trace/trace-root.h"
33 #include "exec/gdbstub.h"
34 #ifdef CONFIG_USER_ONLY
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "hw/cpu/cluster.h"
41 #include "hw/boards.h"
44 #define MAX_PACKET_LENGTH 4096
46 #include "qemu/sockets.h"
47 #include "sysemu/hw_accel.h"
48 #include "sysemu/kvm.h"
49 #include "sysemu/runstate.h"
50 #include "semihosting/semihost.h"
51 #include "exec/exec-all.h"
52 #include "sysemu/replay.h"
54 #ifdef CONFIG_USER_ONLY
55 #define GDB_ATTACHED "0"
57 #define GDB_ATTACHED "1"
60 #ifndef CONFIG_USER_ONLY
61 static int phy_memory_mode
;
64 static inline int target_memory_rw_debug(CPUState
*cpu
, target_ulong addr
,
65 uint8_t *buf
, int len
, bool is_write
)
69 #ifndef CONFIG_USER_ONLY
70 if (phy_memory_mode
) {
72 cpu_physical_memory_write(addr
, buf
, len
);
74 cpu_physical_memory_read(addr
, buf
, len
);
80 cc
= CPU_GET_CLASS(cpu
);
81 if (cc
->memory_rw_debug
) {
82 return cc
->memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
84 return cpu_memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
87 /* Return the GDB index for a given vCPU state.
89 * For user mode this is simply the thread id. In system mode GDB
90 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
92 static inline int cpu_gdb_index(CPUState
*cpu
)
94 #if defined(CONFIG_USER_ONLY)
95 TaskState
*ts
= (TaskState
*) cpu
->opaque
;
96 return ts
? ts
->ts_tid
: -1;
98 return cpu
->cpu_index
+ 1;
108 GDB_SIGNAL_ALRM
= 14,
110 GDB_SIGNAL_XCPU
= 24,
111 GDB_SIGNAL_UNKNOWN
= 143
114 #ifdef CONFIG_USER_ONLY
116 /* Map target signal numbers to GDB protocol signal numbers and vice
117 * versa. For user emulation's currently supported systems, we can
118 * assume most signals are defined.
121 static int gdb_signal_table
[] = {
281 /* In system mode we only need SIGINT and SIGTRAP; other signals
282 are not yet supported. */
289 static int gdb_signal_table
[] = {
299 #ifdef CONFIG_USER_ONLY
300 static int target_signal_to_gdb (int sig
)
303 for (i
= 0; i
< ARRAY_SIZE (gdb_signal_table
); i
++)
304 if (gdb_signal_table
[i
] == sig
)
306 return GDB_SIGNAL_UNKNOWN
;
310 static int gdb_signal_to_target (int sig
)
312 if (sig
< ARRAY_SIZE (gdb_signal_table
))
313 return gdb_signal_table
[sig
];
318 typedef struct GDBRegisterState
{
321 gdb_get_reg_cb get_reg
;
322 gdb_set_reg_cb set_reg
;
324 struct GDBRegisterState
*next
;
327 typedef struct GDBProcess
{
331 char target_xml
[1024];
343 typedef struct GDBState
{
344 bool init
; /* have we been initialised? */
345 CPUState
*c_cpu
; /* current CPU for step/continue ops */
346 CPUState
*g_cpu
; /* current CPU for other ops */
347 CPUState
*query_cpu
; /* for q{f|s}ThreadInfo */
348 enum RSState state
; /* parsing state */
349 char line_buf
[MAX_PACKET_LENGTH
];
351 int line_sum
; /* running checksum */
352 int line_csum
; /* checksum at the end of the packet */
353 GByteArray
*last_packet
;
355 #ifdef CONFIG_USER_ONLY
364 GDBProcess
*processes
;
366 char syscall_buf
[256];
367 gdb_syscall_complete_cb current_syscall_cb
;
371 int supported_sstep_flags
;
374 static GDBState gdbserver_state
;
376 static void init_gdbserver_state(void)
378 g_assert(!gdbserver_state
.init
);
379 memset(&gdbserver_state
, 0, sizeof(GDBState
));
380 gdbserver_state
.init
= true;
381 gdbserver_state
.str_buf
= g_string_new(NULL
);
382 gdbserver_state
.mem_buf
= g_byte_array_sized_new(MAX_PACKET_LENGTH
);
383 gdbserver_state
.last_packet
= g_byte_array_sized_new(MAX_PACKET_LENGTH
+ 4);
386 * In replay mode all events will come from the log and can't be
387 * suppressed otherwise we would break determinism. However as those
388 * events are tied to the number of executed instructions we won't see
389 * them occurring every time we single step.
391 if (replay_mode
!= REPLAY_MODE_NONE
) {
392 gdbserver_state
.supported_sstep_flags
= SSTEP_ENABLE
;
393 } else if (kvm_enabled()) {
394 gdbserver_state
.supported_sstep_flags
= kvm_get_supported_sstep_flags();
396 gdbserver_state
.supported_sstep_flags
=
397 SSTEP_ENABLE
| SSTEP_NOIRQ
| SSTEP_NOTIMER
;
401 * By default use no IRQs and no timers while single stepping so as to
402 * make single stepping like an ICE HW step.
404 gdbserver_state
.sstep_flags
= SSTEP_ENABLE
| SSTEP_NOIRQ
| SSTEP_NOTIMER
;
405 gdbserver_state
.sstep_flags
&= gdbserver_state
.supported_sstep_flags
;
409 #ifndef CONFIG_USER_ONLY
410 static void reset_gdbserver_state(void)
412 g_free(gdbserver_state
.processes
);
413 gdbserver_state
.processes
= NULL
;
414 gdbserver_state
.process_num
= 0;
420 #ifdef CONFIG_USER_ONLY
422 static int get_char(void)
428 ret
= recv(gdbserver_state
.fd
, &ch
, 1, 0);
430 if (errno
== ECONNRESET
)
431 gdbserver_state
.fd
= -1;
434 } else if (ret
== 0) {
435 close(gdbserver_state
.fd
);
436 gdbserver_state
.fd
= -1;
447 * Return true if there is a GDB currently connected to the stub
448 * and attached to a CPU
450 static bool gdb_attached(void)
452 return gdbserver_state
.init
&& gdbserver_state
.c_cpu
;
461 /* Decide if either remote gdb syscalls or native file IO should be used. */
462 int use_gdb_syscalls(void)
464 SemihostingTarget target
= semihosting_get_target();
465 if (target
== SEMIHOSTING_TARGET_NATIVE
) {
466 /* -semihosting-config target=native */
468 } else if (target
== SEMIHOSTING_TARGET_GDB
) {
469 /* -semihosting-config target=gdb */
473 /* -semihosting-config target=auto */
474 /* On the first call check if gdb is connected and remember. */
475 if (gdb_syscall_mode
== GDB_SYS_UNKNOWN
) {
476 gdb_syscall_mode
= gdb_attached() ? GDB_SYS_ENABLED
: GDB_SYS_DISABLED
;
478 return gdb_syscall_mode
== GDB_SYS_ENABLED
;
481 static bool stub_can_reverse(void)
483 #ifdef CONFIG_USER_ONLY
486 return replay_mode
== REPLAY_MODE_PLAY
;
490 /* Resume execution. */
491 static inline void gdb_continue(void)
494 #ifdef CONFIG_USER_ONLY
495 gdbserver_state
.running_state
= 1;
496 trace_gdbstub_op_continue();
498 if (!runstate_needs_reset()) {
499 trace_gdbstub_op_continue();
506 * Resume execution, per CPU actions. For user-mode emulation it's
507 * equivalent to gdb_continue.
509 static int gdb_continue_partial(char *newstates
)
513 #ifdef CONFIG_USER_ONLY
515 * This is not exactly accurate, but it's an improvement compared to the
516 * previous situation, where only one CPU would be single-stepped.
519 if (newstates
[cpu
->cpu_index
] == 's') {
520 trace_gdbstub_op_stepping(cpu
->cpu_index
);
521 cpu_single_step(cpu
, gdbserver_state
.sstep_flags
);
524 gdbserver_state
.running_state
= 1;
528 if (!runstate_needs_reset()) {
529 bool step_requested
= false;
531 if (newstates
[cpu
->cpu_index
] == 's') {
532 step_requested
= true;
537 if (vm_prepare_start(step_requested
)) {
542 switch (newstates
[cpu
->cpu_index
]) {
545 break; /* nothing to do here */
547 trace_gdbstub_op_stepping(cpu
->cpu_index
);
548 cpu_single_step(cpu
, gdbserver_state
.sstep_flags
);
553 trace_gdbstub_op_continue_cpu(cpu
->cpu_index
);
564 qemu_clock_enable(QEMU_CLOCK_VIRTUAL
, true);
570 static void put_buffer(const uint8_t *buf
, int len
)
572 #ifdef CONFIG_USER_ONLY
576 ret
= send(gdbserver_state
.fd
, buf
, len
, 0);
586 /* XXX this blocks entire thread. Rewrite to use
587 * qemu_chr_fe_write and background I/O callbacks */
588 qemu_chr_fe_write_all(&gdbserver_state
.chr
, buf
, len
);
592 static inline int fromhex(int v
)
594 if (v
>= '0' && v
<= '9')
596 else if (v
>= 'A' && v
<= 'F')
598 else if (v
>= 'a' && v
<= 'f')
604 static inline int tohex(int v
)
612 /* writes 2*len+1 bytes in buf */
613 static void memtohex(GString
*buf
, const uint8_t *mem
, int len
)
616 for(i
= 0; i
< len
; i
++) {
618 g_string_append_c(buf
, tohex(c
>> 4));
619 g_string_append_c(buf
, tohex(c
& 0xf));
621 g_string_append_c(buf
, '\0');
624 static void hextomem(GByteArray
*mem
, const char *buf
, int len
)
628 for(i
= 0; i
< len
; i
++) {
629 guint8 byte
= fromhex(buf
[0]) << 4 | fromhex(buf
[1]);
630 g_byte_array_append(mem
, &byte
, 1);
635 static void hexdump(const char *buf
, int len
,
636 void (*trace_fn
)(size_t ofs
, char const *text
))
638 char line_buffer
[3 * 16 + 4 + 16 + 1];
641 for (i
= 0; i
< len
|| (i
& 0xF); ++i
) {
642 size_t byte_ofs
= i
& 15;
645 memset(line_buffer
, ' ', 3 * 16 + 4 + 16);
646 line_buffer
[3 * 16 + 4 + 16] = 0;
649 size_t col_group
= (i
>> 2) & 3;
650 size_t hex_col
= byte_ofs
* 3 + col_group
;
651 size_t txt_col
= 3 * 16 + 4 + byte_ofs
;
656 line_buffer
[hex_col
+ 0] = tohex((value
>> 4) & 0xF);
657 line_buffer
[hex_col
+ 1] = tohex((value
>> 0) & 0xF);
658 line_buffer
[txt_col
+ 0] = (value
>= ' ' && value
< 127)
664 trace_fn(i
& -16, line_buffer
);
668 /* return -1 if error, 0 if OK */
669 static int put_packet_binary(const char *buf
, int len
, bool dump
)
674 if (dump
&& trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY
)) {
675 hexdump(buf
, len
, trace_gdbstub_io_binaryreply
);
679 g_byte_array_set_size(gdbserver_state
.last_packet
, 0);
680 g_byte_array_append(gdbserver_state
.last_packet
,
681 (const uint8_t *) "$", 1);
682 g_byte_array_append(gdbserver_state
.last_packet
,
683 (const uint8_t *) buf
, len
);
685 for(i
= 0; i
< len
; i
++) {
689 footer
[1] = tohex((csum
>> 4) & 0xf);
690 footer
[2] = tohex((csum
) & 0xf);
691 g_byte_array_append(gdbserver_state
.last_packet
, footer
, 3);
693 put_buffer(gdbserver_state
.last_packet
->data
,
694 gdbserver_state
.last_packet
->len
);
696 #ifdef CONFIG_USER_ONLY
709 /* return -1 if error, 0 if OK */
710 static int put_packet(const char *buf
)
712 trace_gdbstub_io_reply(buf
);
714 return put_packet_binary(buf
, strlen(buf
), false);
717 static void put_strbuf(void)
719 put_packet(gdbserver_state
.str_buf
->str
);
722 /* Encode data using the encoding for 'x' packets. */
723 static void memtox(GString
*buf
, const char *mem
, int len
)
730 case '#': case '$': case '*': case '}':
731 g_string_append_c(buf
, '}');
732 g_string_append_c(buf
, c
^ 0x20);
735 g_string_append_c(buf
, c
);
741 static uint32_t gdb_get_cpu_pid(CPUState
*cpu
)
743 /* TODO: In user mode, we should use the task state PID */
744 if (cpu
->cluster_index
== UNASSIGNED_CLUSTER_INDEX
) {
745 /* Return the default process' PID */
746 int index
= gdbserver_state
.process_num
- 1;
747 return gdbserver_state
.processes
[index
].pid
;
749 return cpu
->cluster_index
+ 1;
752 static GDBProcess
*gdb_get_process(uint32_t pid
)
757 /* 0 means any process, we take the first one */
758 return &gdbserver_state
.processes
[0];
761 for (i
= 0; i
< gdbserver_state
.process_num
; i
++) {
762 if (gdbserver_state
.processes
[i
].pid
== pid
) {
763 return &gdbserver_state
.processes
[i
];
770 static GDBProcess
*gdb_get_cpu_process(CPUState
*cpu
)
772 return gdb_get_process(gdb_get_cpu_pid(cpu
));
775 static CPUState
*find_cpu(uint32_t thread_id
)
780 if (cpu_gdb_index(cpu
) == thread_id
) {
788 static CPUState
*get_first_cpu_in_process(GDBProcess
*process
)
793 if (gdb_get_cpu_pid(cpu
) == process
->pid
) {
801 static CPUState
*gdb_next_cpu_in_process(CPUState
*cpu
)
803 uint32_t pid
= gdb_get_cpu_pid(cpu
);
807 if (gdb_get_cpu_pid(cpu
) == pid
) {
817 /* Return the cpu following @cpu, while ignoring unattached processes. */
818 static CPUState
*gdb_next_attached_cpu(CPUState
*cpu
)
823 if (gdb_get_cpu_process(cpu
)->attached
) {
833 /* Return the first attached cpu */
834 static CPUState
*gdb_first_attached_cpu(void)
836 CPUState
*cpu
= first_cpu
;
837 GDBProcess
*process
= gdb_get_cpu_process(cpu
);
839 if (!process
->attached
) {
840 return gdb_next_attached_cpu(cpu
);
846 static CPUState
*gdb_get_cpu(uint32_t pid
, uint32_t tid
)
852 /* 0 means any process/thread, we take the first attached one */
853 return gdb_first_attached_cpu();
854 } else if (pid
&& !tid
) {
855 /* any thread in a specific process */
856 process
= gdb_get_process(pid
);
858 if (process
== NULL
) {
862 if (!process
->attached
) {
866 return get_first_cpu_in_process(process
);
868 /* a specific thread */
875 process
= gdb_get_cpu_process(cpu
);
877 if (pid
&& process
->pid
!= pid
) {
881 if (!process
->attached
) {
889 static const char *get_feature_xml(const char *p
, const char **newp
,
895 CPUState
*cpu
= get_first_cpu_in_process(process
);
896 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
899 while (p
[len
] && p
[len
] != ':')
904 if (strncmp(p
, "target.xml", len
) == 0) {
905 char *buf
= process
->target_xml
;
906 const size_t buf_sz
= sizeof(process
->target_xml
);
908 /* Generate the XML description for this CPU. */
913 "<?xml version=\"1.0\"?>"
914 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
916 if (cc
->gdb_arch_name
) {
917 gchar
*arch
= cc
->gdb_arch_name(cpu
);
918 pstrcat(buf
, buf_sz
, "<architecture>");
919 pstrcat(buf
, buf_sz
, arch
);
920 pstrcat(buf
, buf_sz
, "</architecture>");
923 pstrcat(buf
, buf_sz
, "<xi:include href=\"");
924 pstrcat(buf
, buf_sz
, cc
->gdb_core_xml_file
);
925 pstrcat(buf
, buf_sz
, "\"/>");
926 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
927 pstrcat(buf
, buf_sz
, "<xi:include href=\"");
928 pstrcat(buf
, buf_sz
, r
->xml
);
929 pstrcat(buf
, buf_sz
, "\"/>");
931 pstrcat(buf
, buf_sz
, "</target>");
935 if (cc
->gdb_get_dynamic_xml
) {
936 char *xmlname
= g_strndup(p
, len
);
937 const char *xml
= cc
->gdb_get_dynamic_xml(cpu
, xmlname
);
945 name
= xml_builtin
[i
][0];
946 if (!name
|| (strncmp(name
, p
, len
) == 0 && strlen(name
) == len
))
949 return name
? xml_builtin
[i
][1] : NULL
;
952 static int gdb_read_register(CPUState
*cpu
, GByteArray
*buf
, int reg
)
954 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
955 CPUArchState
*env
= cpu
->env_ptr
;
958 if (reg
< cc
->gdb_num_core_regs
) {
959 return cc
->gdb_read_register(cpu
, buf
, reg
);
962 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
963 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
964 return r
->get_reg(env
, buf
, reg
- r
->base_reg
);
970 static int gdb_write_register(CPUState
*cpu
, uint8_t *mem_buf
, int reg
)
972 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
973 CPUArchState
*env
= cpu
->env_ptr
;
976 if (reg
< cc
->gdb_num_core_regs
) {
977 return cc
->gdb_write_register(cpu
, mem_buf
, reg
);
980 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
981 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
982 return r
->set_reg(env
, mem_buf
, reg
- r
->base_reg
);
988 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
989 specifies the first register number and these registers are included in
990 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
991 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
994 void gdb_register_coprocessor(CPUState
*cpu
,
995 gdb_get_reg_cb get_reg
, gdb_set_reg_cb set_reg
,
996 int num_regs
, const char *xml
, int g_pos
)
999 GDBRegisterState
**p
;
1003 /* Check for duplicates. */
1004 if (strcmp((*p
)->xml
, xml
) == 0)
1009 s
= g_new0(GDBRegisterState
, 1);
1010 s
->base_reg
= cpu
->gdb_num_regs
;
1011 s
->num_regs
= num_regs
;
1012 s
->get_reg
= get_reg
;
1013 s
->set_reg
= set_reg
;
1016 /* Add to end of list. */
1017 cpu
->gdb_num_regs
+= num_regs
;
1020 if (g_pos
!= s
->base_reg
) {
1021 error_report("Error: Bad gdb register numbering for '%s', "
1022 "expected %d got %d", xml
, g_pos
, s
->base_reg
);
1024 cpu
->gdb_num_g_regs
= cpu
->gdb_num_regs
;
1029 #ifndef CONFIG_USER_ONLY
1030 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1031 static inline int xlat_gdb_type(CPUState
*cpu
, int gdbtype
)
1033 static const int xlat
[] = {
1034 [GDB_WATCHPOINT_WRITE
] = BP_GDB
| BP_MEM_WRITE
,
1035 [GDB_WATCHPOINT_READ
] = BP_GDB
| BP_MEM_READ
,
1036 [GDB_WATCHPOINT_ACCESS
] = BP_GDB
| BP_MEM_ACCESS
,
1039 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
1040 int cputype
= xlat
[gdbtype
];
1042 if (cc
->gdb_stop_before_watchpoint
) {
1043 cputype
|= BP_STOP_BEFORE_ACCESS
;
1049 static int gdb_breakpoint_insert(int type
, target_ulong addr
, target_ulong len
)
1054 if (kvm_enabled()) {
1055 return kvm_insert_breakpoint(gdbserver_state
.c_cpu
, addr
, len
, type
);
1059 case GDB_BREAKPOINT_SW
:
1060 case GDB_BREAKPOINT_HW
:
1062 err
= cpu_breakpoint_insert(cpu
, addr
, BP_GDB
, NULL
);
1068 #ifndef CONFIG_USER_ONLY
1069 case GDB_WATCHPOINT_WRITE
:
1070 case GDB_WATCHPOINT_READ
:
1071 case GDB_WATCHPOINT_ACCESS
:
1073 err
= cpu_watchpoint_insert(cpu
, addr
, len
,
1074 xlat_gdb_type(cpu
, type
), NULL
);
1086 static int gdb_breakpoint_remove(int type
, target_ulong addr
, target_ulong len
)
1091 if (kvm_enabled()) {
1092 return kvm_remove_breakpoint(gdbserver_state
.c_cpu
, addr
, len
, type
);
1096 case GDB_BREAKPOINT_SW
:
1097 case GDB_BREAKPOINT_HW
:
1099 err
= cpu_breakpoint_remove(cpu
, addr
, BP_GDB
);
1105 #ifndef CONFIG_USER_ONLY
1106 case GDB_WATCHPOINT_WRITE
:
1107 case GDB_WATCHPOINT_READ
:
1108 case GDB_WATCHPOINT_ACCESS
:
1110 err
= cpu_watchpoint_remove(cpu
, addr
, len
,
1111 xlat_gdb_type(cpu
, type
));
1122 static inline void gdb_cpu_breakpoint_remove_all(CPUState
*cpu
)
1124 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
1125 #ifndef CONFIG_USER_ONLY
1126 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
1130 static void gdb_process_breakpoint_remove_all(GDBProcess
*p
)
1132 CPUState
*cpu
= get_first_cpu_in_process(p
);
1135 gdb_cpu_breakpoint_remove_all(cpu
);
1136 cpu
= gdb_next_cpu_in_process(cpu
);
1140 static void gdb_breakpoint_remove_all(void)
1144 if (kvm_enabled()) {
1145 kvm_remove_all_breakpoints(gdbserver_state
.c_cpu
);
1150 gdb_cpu_breakpoint_remove_all(cpu
);
1154 static void gdb_set_cpu_pc(target_ulong pc
)
1156 CPUState
*cpu
= gdbserver_state
.c_cpu
;
1158 cpu_synchronize_state(cpu
);
1159 cpu_set_pc(cpu
, pc
);
1162 static void gdb_append_thread_id(CPUState
*cpu
, GString
*buf
)
1164 if (gdbserver_state
.multiprocess
) {
1165 g_string_append_printf(buf
, "p%02x.%02x",
1166 gdb_get_cpu_pid(cpu
), cpu_gdb_index(cpu
));
1168 g_string_append_printf(buf
, "%02x", cpu_gdb_index(cpu
));
1172 typedef enum GDBThreadIdKind
{
1174 GDB_ALL_THREADS
, /* One process, all threads */
1179 static GDBThreadIdKind
read_thread_id(const char *buf
, const char **end_buf
,
1180 uint32_t *pid
, uint32_t *tid
)
1187 ret
= qemu_strtoul(buf
, &buf
, 16, &p
);
1190 return GDB_READ_THREAD_ERR
;
1199 ret
= qemu_strtoul(buf
, &buf
, 16, &t
);
1202 return GDB_READ_THREAD_ERR
;
1208 return GDB_ALL_PROCESSES
;
1216 return GDB_ALL_THREADS
;
1223 return GDB_ONE_THREAD
;
1227 * gdb_handle_vcont - Parses and handles a vCont packet.
1228 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1229 * a format error, 0 on success.
1231 static int gdb_handle_vcont(const char *p
)
1233 int res
, signal
= 0;
1238 GDBProcess
*process
;
1240 GDBThreadIdKind kind
;
1241 #ifdef CONFIG_USER_ONLY
1242 int max_cpus
= 1; /* global variable max_cpus exists only in system mode */
1245 max_cpus
= max_cpus
<= cpu
->cpu_index
? cpu
->cpu_index
+ 1 : max_cpus
;
1248 MachineState
*ms
= MACHINE(qdev_get_machine());
1249 unsigned int max_cpus
= ms
->smp
.max_cpus
;
1251 /* uninitialised CPUs stay 0 */
1252 newstates
= g_new0(char, max_cpus
);
1254 /* mark valid CPUs with 1 */
1256 newstates
[cpu
->cpu_index
] = 1;
1260 * res keeps track of what error we are returning, with -ENOTSUP meaning
1261 * that the command is unknown or unsupported, thus returning an empty
1262 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1263 * or incorrect parameters passed.
1273 if (cur_action
== 'C' || cur_action
== 'S') {
1274 cur_action
= qemu_tolower(cur_action
);
1275 res
= qemu_strtoul(p
, &p
, 16, &tmp
);
1279 signal
= gdb_signal_to_target(tmp
);
1280 } else if (cur_action
!= 'c' && cur_action
!= 's') {
1281 /* unknown/invalid/unsupported command */
1286 if (*p
== '\0' || *p
== ';') {
1288 * No thread specifier, action is on "all threads". The
1289 * specification is unclear regarding the process to act on. We
1290 * choose all processes.
1292 kind
= GDB_ALL_PROCESSES
;
1293 } else if (*p
++ == ':') {
1294 kind
= read_thread_id(p
, &p
, &pid
, &tid
);
1301 case GDB_READ_THREAD_ERR
:
1305 case GDB_ALL_PROCESSES
:
1306 cpu
= gdb_first_attached_cpu();
1308 if (newstates
[cpu
->cpu_index
] == 1) {
1309 newstates
[cpu
->cpu_index
] = cur_action
;
1312 cpu
= gdb_next_attached_cpu(cpu
);
1316 case GDB_ALL_THREADS
:
1317 process
= gdb_get_process(pid
);
1319 if (!process
->attached
) {
1324 cpu
= get_first_cpu_in_process(process
);
1326 if (newstates
[cpu
->cpu_index
] == 1) {
1327 newstates
[cpu
->cpu_index
] = cur_action
;
1330 cpu
= gdb_next_cpu_in_process(cpu
);
1334 case GDB_ONE_THREAD
:
1335 cpu
= gdb_get_cpu(pid
, tid
);
1337 /* invalid CPU/thread specified */
1343 /* only use if no previous match occourred */
1344 if (newstates
[cpu
->cpu_index
] == 1) {
1345 newstates
[cpu
->cpu_index
] = cur_action
;
1350 gdbserver_state
.signal
= signal
;
1351 gdb_continue_partial(newstates
);
1359 typedef union GdbCmdVariant
{
1362 unsigned long val_ul
;
1363 unsigned long long val_ull
;
1365 GDBThreadIdKind kind
;
1371 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i))
1373 static const char *cmd_next_param(const char *param
, const char delimiter
)
1375 static const char all_delimiters
[] = ",;:=";
1376 char curr_delimiters
[2] = {0};
1377 const char *delimiters
;
1379 if (delimiter
== '?') {
1380 delimiters
= all_delimiters
;
1381 } else if (delimiter
== '0') {
1382 return strchr(param
, '\0');
1383 } else if (delimiter
== '.' && *param
) {
1386 curr_delimiters
[0] = delimiter
;
1387 delimiters
= curr_delimiters
;
1390 param
+= strcspn(param
, delimiters
);
1397 static int cmd_parse_params(const char *data
, const char *schema
,
1400 const char *curr_schema
, *curr_data
;
1403 g_assert(params
->len
== 0);
1405 curr_schema
= schema
;
1407 while (curr_schema
[0] && curr_schema
[1] && *curr_data
) {
1408 GdbCmdVariant this_param
;
1410 switch (curr_schema
[0]) {
1412 if (qemu_strtoul(curr_data
, &curr_data
, 16,
1413 &this_param
.val_ul
)) {
1416 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1417 g_array_append_val(params
, this_param
);
1420 if (qemu_strtou64(curr_data
, &curr_data
, 16,
1421 (uint64_t *)&this_param
.val_ull
)) {
1424 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1425 g_array_append_val(params
, this_param
);
1428 this_param
.data
= curr_data
;
1429 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1430 g_array_append_val(params
, this_param
);
1433 this_param
.opcode
= *(uint8_t *)curr_data
;
1434 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1435 g_array_append_val(params
, this_param
);
1438 this_param
.thread_id
.kind
=
1439 read_thread_id(curr_data
, &curr_data
,
1440 &this_param
.thread_id
.pid
,
1441 &this_param
.thread_id
.tid
);
1442 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1443 g_array_append_val(params
, this_param
);
1446 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1457 typedef void (*GdbCmdHandler
)(GArray
*params
, void *user_ctx
);
1460 * cmd_startswith -> cmd is compared using startswith
1463 * schema definitions:
1464 * Each schema parameter entry consists of 2 chars,
1465 * the first char represents the parameter type handling
1466 * the second char represents the delimiter for the next parameter
1468 * Currently supported schema types:
1469 * 'l' -> unsigned long (stored in .val_ul)
1470 * 'L' -> unsigned long long (stored in .val_ull)
1471 * 's' -> string (stored in .data)
1472 * 'o' -> single char (stored in .opcode)
1473 * 't' -> thread id (stored in .thread_id)
1474 * '?' -> skip according to delimiter
1476 * Currently supported delimiters:
1477 * '?' -> Stop at any delimiter (",;:=\0")
1478 * '0' -> Stop at "\0"
1479 * '.' -> Skip 1 char unless reached "\0"
1480 * Any other value is treated as the delimiter value itself
1482 typedef struct GdbCmdParseEntry
{
1483 GdbCmdHandler handler
;
1485 bool cmd_startswith
;
1489 static inline int startswith(const char *string
, const char *pattern
)
1491 return !strncmp(string
, pattern
, strlen(pattern
));
1494 static int process_string_cmd(void *user_ctx
, const char *data
,
1495 const GdbCmdParseEntry
*cmds
, int num_cmds
)
1498 g_autoptr(GArray
) params
= g_array_new(false, true, sizeof(GdbCmdVariant
));
1504 for (i
= 0; i
< num_cmds
; i
++) {
1505 const GdbCmdParseEntry
*cmd
= &cmds
[i
];
1506 g_assert(cmd
->handler
&& cmd
->cmd
);
1508 if ((cmd
->cmd_startswith
&& !startswith(data
, cmd
->cmd
)) ||
1509 (!cmd
->cmd_startswith
&& strcmp(cmd
->cmd
, data
))) {
1514 if (cmd_parse_params(&data
[strlen(cmd
->cmd
)],
1515 cmd
->schema
, params
)) {
1520 cmd
->handler(params
, user_ctx
);
1527 static void run_cmd_parser(const char *data
, const GdbCmdParseEntry
*cmd
)
1533 g_string_set_size(gdbserver_state
.str_buf
, 0);
1534 g_byte_array_set_size(gdbserver_state
.mem_buf
, 0);
1536 /* In case there was an error during the command parsing we must
1537 * send a NULL packet to indicate the command is not supported */
1538 if (process_string_cmd(NULL
, data
, cmd
, 1)) {
1543 static void handle_detach(GArray
*params
, void *user_ctx
)
1545 GDBProcess
*process
;
1548 if (gdbserver_state
.multiprocess
) {
1554 pid
= get_param(params
, 0)->val_ul
;
1557 process
= gdb_get_process(pid
);
1558 gdb_process_breakpoint_remove_all(process
);
1559 process
->attached
= false;
1561 if (pid
== gdb_get_cpu_pid(gdbserver_state
.c_cpu
)) {
1562 gdbserver_state
.c_cpu
= gdb_first_attached_cpu();
1565 if (pid
== gdb_get_cpu_pid(gdbserver_state
.g_cpu
)) {
1566 gdbserver_state
.g_cpu
= gdb_first_attached_cpu();
1569 if (!gdbserver_state
.c_cpu
) {
1570 /* No more process attached */
1571 gdb_syscall_mode
= GDB_SYS_DISABLED
;
1577 static void handle_thread_alive(GArray
*params
, void *user_ctx
)
1586 if (get_param(params
, 0)->thread_id
.kind
== GDB_READ_THREAD_ERR
) {
1591 cpu
= gdb_get_cpu(get_param(params
, 0)->thread_id
.pid
,
1592 get_param(params
, 0)->thread_id
.tid
);
1601 static void handle_continue(GArray
*params
, void *user_ctx
)
1604 gdb_set_cpu_pc(get_param(params
, 0)->val_ull
);
1607 gdbserver_state
.signal
= 0;
1611 static void handle_cont_with_sig(GArray
*params
, void *user_ctx
)
1613 unsigned long signal
= 0;
1616 * Note: C sig;[addr] is currently unsupported and we simply
1617 * omit the addr parameter
1620 signal
= get_param(params
, 0)->val_ul
;
1623 gdbserver_state
.signal
= gdb_signal_to_target(signal
);
1624 if (gdbserver_state
.signal
== -1) {
1625 gdbserver_state
.signal
= 0;
1630 static void handle_set_thread(GArray
*params
, void *user_ctx
)
1634 if (params
->len
!= 2) {
1639 if (get_param(params
, 1)->thread_id
.kind
== GDB_READ_THREAD_ERR
) {
1644 if (get_param(params
, 1)->thread_id
.kind
!= GDB_ONE_THREAD
) {
1649 cpu
= gdb_get_cpu(get_param(params
, 1)->thread_id
.pid
,
1650 get_param(params
, 1)->thread_id
.tid
);
1657 * Note: This command is deprecated and modern gdb's will be using the
1658 * vCont command instead.
1660 switch (get_param(params
, 0)->opcode
) {
1662 gdbserver_state
.c_cpu
= cpu
;
1666 gdbserver_state
.g_cpu
= cpu
;
1675 static void handle_insert_bp(GArray
*params
, void *user_ctx
)
1679 if (params
->len
!= 3) {
1684 res
= gdb_breakpoint_insert(get_param(params
, 0)->val_ul
,
1685 get_param(params
, 1)->val_ull
,
1686 get_param(params
, 2)->val_ull
);
1690 } else if (res
== -ENOSYS
) {
1698 static void handle_remove_bp(GArray
*params
, void *user_ctx
)
1702 if (params
->len
!= 3) {
1707 res
= gdb_breakpoint_remove(get_param(params
, 0)->val_ul
,
1708 get_param(params
, 1)->val_ull
,
1709 get_param(params
, 2)->val_ull
);
1713 } else if (res
== -ENOSYS
) {
1722 * handle_set/get_reg
1724 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1725 * This works, but can be very slow. Anything new enough to understand
1726 * XML also knows how to use this properly. However to use this we
1727 * need to define a local XML file as well as be talking to a
1728 * reasonably modern gdb. Responding with an empty packet will cause
1729 * the remote gdb to fallback to older methods.
1732 static void handle_set_reg(GArray
*params
, void *user_ctx
)
1741 if (params
->len
!= 2) {
1746 reg_size
= strlen(get_param(params
, 1)->data
) / 2;
1747 hextomem(gdbserver_state
.mem_buf
, get_param(params
, 1)->data
, reg_size
);
1748 gdb_write_register(gdbserver_state
.g_cpu
, gdbserver_state
.mem_buf
->data
,
1749 get_param(params
, 0)->val_ull
);
1753 static void handle_get_reg(GArray
*params
, void *user_ctx
)
1767 reg_size
= gdb_read_register(gdbserver_state
.g_cpu
,
1768 gdbserver_state
.mem_buf
,
1769 get_param(params
, 0)->val_ull
);
1774 g_byte_array_set_size(gdbserver_state
.mem_buf
, reg_size
);
1777 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
, reg_size
);
1781 static void handle_write_mem(GArray
*params
, void *user_ctx
)
1783 if (params
->len
!= 3) {
1788 /* hextomem() reads 2*len bytes */
1789 if (get_param(params
, 1)->val_ull
>
1790 strlen(get_param(params
, 2)->data
) / 2) {
1795 hextomem(gdbserver_state
.mem_buf
, get_param(params
, 2)->data
,
1796 get_param(params
, 1)->val_ull
);
1797 if (target_memory_rw_debug(gdbserver_state
.g_cpu
,
1798 get_param(params
, 0)->val_ull
,
1799 gdbserver_state
.mem_buf
->data
,
1800 gdbserver_state
.mem_buf
->len
, true)) {
1808 static void handle_read_mem(GArray
*params
, void *user_ctx
)
1810 if (params
->len
!= 2) {
1815 /* memtohex() doubles the required space */
1816 if (get_param(params
, 1)->val_ull
> MAX_PACKET_LENGTH
/ 2) {
1821 g_byte_array_set_size(gdbserver_state
.mem_buf
,
1822 get_param(params
, 1)->val_ull
);
1824 if (target_memory_rw_debug(gdbserver_state
.g_cpu
,
1825 get_param(params
, 0)->val_ull
,
1826 gdbserver_state
.mem_buf
->data
,
1827 gdbserver_state
.mem_buf
->len
, false)) {
1832 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
,
1833 gdbserver_state
.mem_buf
->len
);
1837 static void handle_write_all_regs(GArray
*params
, void *user_ctx
)
1839 target_ulong addr
, len
;
1847 cpu_synchronize_state(gdbserver_state
.g_cpu
);
1848 len
= strlen(get_param(params
, 0)->data
) / 2;
1849 hextomem(gdbserver_state
.mem_buf
, get_param(params
, 0)->data
, len
);
1850 registers
= gdbserver_state
.mem_buf
->data
;
1851 for (addr
= 0; addr
< gdbserver_state
.g_cpu
->gdb_num_g_regs
&& len
> 0;
1853 reg_size
= gdb_write_register(gdbserver_state
.g_cpu
, registers
, addr
);
1855 registers
+= reg_size
;
1860 static void handle_read_all_regs(GArray
*params
, void *user_ctx
)
1862 target_ulong addr
, len
;
1864 cpu_synchronize_state(gdbserver_state
.g_cpu
);
1865 g_byte_array_set_size(gdbserver_state
.mem_buf
, 0);
1867 for (addr
= 0; addr
< gdbserver_state
.g_cpu
->gdb_num_g_regs
; addr
++) {
1868 len
+= gdb_read_register(gdbserver_state
.g_cpu
,
1869 gdbserver_state
.mem_buf
,
1872 g_assert(len
== gdbserver_state
.mem_buf
->len
);
1874 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
, len
);
1878 static void handle_file_io(GArray
*params
, void *user_ctx
)
1880 if (params
->len
>= 1 && gdbserver_state
.current_syscall_cb
) {
1881 target_ulong ret
, err
;
1883 ret
= (target_ulong
)get_param(params
, 0)->val_ull
;
1884 if (params
->len
>= 2) {
1885 err
= (target_ulong
)get_param(params
, 1)->val_ull
;
1890 /* Convert GDB error numbers back to host error numbers. */
1891 #define E(X) case GDB_E##X: err = E##X; break
1920 gdbserver_state
.current_syscall_cb(gdbserver_state
.c_cpu
, ret
, err
);
1921 gdbserver_state
.current_syscall_cb
= NULL
;
1924 if (params
->len
>= 3 && get_param(params
, 2)->opcode
== (uint8_t)'C') {
1932 static void handle_step(GArray
*params
, void *user_ctx
)
1935 gdb_set_cpu_pc((target_ulong
)get_param(params
, 0)->val_ull
);
1938 cpu_single_step(gdbserver_state
.c_cpu
, gdbserver_state
.sstep_flags
);
1942 static void handle_backward(GArray
*params
, void *user_ctx
)
1944 if (!stub_can_reverse()) {
1947 if (params
->len
== 1) {
1948 switch (get_param(params
, 0)->opcode
) {
1950 if (replay_reverse_step()) {
1957 if (replay_reverse_continue()) {
1966 /* Default invalid command */
1970 static void handle_v_cont_query(GArray
*params
, void *user_ctx
)
1972 put_packet("vCont;c;C;s;S");
1975 static void handle_v_cont(GArray
*params
, void *user_ctx
)
1983 res
= gdb_handle_vcont(get_param(params
, 0)->data
);
1984 if ((res
== -EINVAL
) || (res
== -ERANGE
)) {
1991 static void handle_v_attach(GArray
*params
, void *user_ctx
)
1993 GDBProcess
*process
;
1996 g_string_assign(gdbserver_state
.str_buf
, "E22");
2001 process
= gdb_get_process(get_param(params
, 0)->val_ul
);
2006 cpu
= get_first_cpu_in_process(process
);
2011 process
->attached
= true;
2012 gdbserver_state
.g_cpu
= cpu
;
2013 gdbserver_state
.c_cpu
= cpu
;
2015 g_string_printf(gdbserver_state
.str_buf
, "T%02xthread:", GDB_SIGNAL_TRAP
);
2016 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
2017 g_string_append_c(gdbserver_state
.str_buf
, ';');
2022 static void handle_v_kill(GArray
*params
, void *user_ctx
)
2024 /* Kill the target */
2026 error_report("QEMU: Terminated via GDBstub");
2031 static const GdbCmdParseEntry gdb_v_commands_table
[] = {
2032 /* Order is important if has same prefix */
2034 .handler
= handle_v_cont_query
,
2039 .handler
= handle_v_cont
,
2041 .cmd_startswith
= 1,
2045 .handler
= handle_v_attach
,
2047 .cmd_startswith
= 1,
2051 .handler
= handle_v_kill
,
2057 static void handle_v_commands(GArray
*params
, void *user_ctx
)
2063 if (process_string_cmd(NULL
, get_param(params
, 0)->data
,
2064 gdb_v_commands_table
,
2065 ARRAY_SIZE(gdb_v_commands_table
))) {
2070 static void handle_query_qemu_sstepbits(GArray
*params
, void *user_ctx
)
2072 g_string_printf(gdbserver_state
.str_buf
, "ENABLE=%x", SSTEP_ENABLE
);
2074 if (gdbserver_state
.supported_sstep_flags
& SSTEP_NOIRQ
) {
2075 g_string_append_printf(gdbserver_state
.str_buf
, ",NOIRQ=%x",
2079 if (gdbserver_state
.supported_sstep_flags
& SSTEP_NOTIMER
) {
2080 g_string_append_printf(gdbserver_state
.str_buf
, ",NOTIMER=%x",
2087 static void handle_set_qemu_sstep(GArray
*params
, void *user_ctx
)
2089 int new_sstep_flags
;
2095 new_sstep_flags
= get_param(params
, 0)->val_ul
;
2097 if (new_sstep_flags
& ~gdbserver_state
.supported_sstep_flags
) {
2102 gdbserver_state
.sstep_flags
= new_sstep_flags
;
2106 static void handle_query_qemu_sstep(GArray
*params
, void *user_ctx
)
2108 g_string_printf(gdbserver_state
.str_buf
, "0x%x",
2109 gdbserver_state
.sstep_flags
);
2113 static void handle_query_curr_tid(GArray
*params
, void *user_ctx
)
2116 GDBProcess
*process
;
2119 * "Current thread" remains vague in the spec, so always return
2120 * the first thread of the current process (gdb returns the
2123 process
= gdb_get_cpu_process(gdbserver_state
.g_cpu
);
2124 cpu
= get_first_cpu_in_process(process
);
2125 g_string_assign(gdbserver_state
.str_buf
, "QC");
2126 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
2130 static void handle_query_threads(GArray
*params
, void *user_ctx
)
2132 if (!gdbserver_state
.query_cpu
) {
2137 g_string_assign(gdbserver_state
.str_buf
, "m");
2138 gdb_append_thread_id(gdbserver_state
.query_cpu
, gdbserver_state
.str_buf
);
2140 gdbserver_state
.query_cpu
= gdb_next_attached_cpu(gdbserver_state
.query_cpu
);
2143 static void handle_query_first_threads(GArray
*params
, void *user_ctx
)
2145 gdbserver_state
.query_cpu
= gdb_first_attached_cpu();
2146 handle_query_threads(params
, user_ctx
);
2149 static void handle_query_thread_extra(GArray
*params
, void *user_ctx
)
2151 g_autoptr(GString
) rs
= g_string_new(NULL
);
2155 get_param(params
, 0)->thread_id
.kind
== GDB_READ_THREAD_ERR
) {
2160 cpu
= gdb_get_cpu(get_param(params
, 0)->thread_id
.pid
,
2161 get_param(params
, 0)->thread_id
.tid
);
2166 cpu_synchronize_state(cpu
);
2168 if (gdbserver_state
.multiprocess
&& (gdbserver_state
.process_num
> 1)) {
2169 /* Print the CPU model and name in multiprocess mode */
2170 ObjectClass
*oc
= object_get_class(OBJECT(cpu
));
2171 const char *cpu_model
= object_class_get_name(oc
);
2172 const char *cpu_name
=
2173 object_get_canonical_path_component(OBJECT(cpu
));
2174 g_string_printf(rs
, "%s %s [%s]", cpu_model
, cpu_name
,
2175 cpu
->halted
? "halted " : "running");
2177 g_string_printf(rs
, "CPU#%d [%s]", cpu
->cpu_index
,
2178 cpu
->halted
? "halted " : "running");
2180 trace_gdbstub_op_extra_info(rs
->str
);
2181 memtohex(gdbserver_state
.str_buf
, (uint8_t *)rs
->str
, rs
->len
);
2185 #ifdef CONFIG_USER_ONLY
2186 static void handle_query_offsets(GArray
*params
, void *user_ctx
)
2190 ts
= gdbserver_state
.c_cpu
->opaque
;
2191 g_string_printf(gdbserver_state
.str_buf
,
2192 "Text=" TARGET_ABI_FMT_lx
2193 ";Data=" TARGET_ABI_FMT_lx
2194 ";Bss=" TARGET_ABI_FMT_lx
,
2195 ts
->info
->code_offset
,
2196 ts
->info
->data_offset
,
2197 ts
->info
->data_offset
);
2201 static void handle_query_rcmd(GArray
*params
, void *user_ctx
)
2203 const guint8 zero
= 0;
2211 len
= strlen(get_param(params
, 0)->data
);
2217 g_assert(gdbserver_state
.mem_buf
->len
== 0);
2219 hextomem(gdbserver_state
.mem_buf
, get_param(params
, 0)->data
, len
);
2220 g_byte_array_append(gdbserver_state
.mem_buf
, &zero
, 1);
2221 qemu_chr_be_write(gdbserver_state
.mon_chr
, gdbserver_state
.mem_buf
->data
,
2222 gdbserver_state
.mem_buf
->len
);
2227 static void handle_query_supported(GArray
*params
, void *user_ctx
)
2231 g_string_printf(gdbserver_state
.str_buf
, "PacketSize=%x", MAX_PACKET_LENGTH
);
2232 cc
= CPU_GET_CLASS(first_cpu
);
2233 if (cc
->gdb_core_xml_file
) {
2234 g_string_append(gdbserver_state
.str_buf
, ";qXfer:features:read+");
2237 if (stub_can_reverse()) {
2238 g_string_append(gdbserver_state
.str_buf
,
2239 ";ReverseStep+;ReverseContinue+");
2242 #ifdef CONFIG_USER_ONLY
2243 if (gdbserver_state
.c_cpu
->opaque
) {
2244 g_string_append(gdbserver_state
.str_buf
, ";qXfer:auxv:read+");
2249 strstr(get_param(params
, 0)->data
, "multiprocess+")) {
2250 gdbserver_state
.multiprocess
= true;
2253 g_string_append(gdbserver_state
.str_buf
, ";vContSupported+;multiprocess+");
2257 static void handle_query_xfer_features(GArray
*params
, void *user_ctx
)
2259 GDBProcess
*process
;
2261 unsigned long len
, total_len
, addr
;
2265 if (params
->len
< 3) {
2270 process
= gdb_get_cpu_process(gdbserver_state
.g_cpu
);
2271 cc
= CPU_GET_CLASS(gdbserver_state
.g_cpu
);
2272 if (!cc
->gdb_core_xml_file
) {
2278 p
= get_param(params
, 0)->data
;
2279 xml
= get_feature_xml(p
, &p
, process
);
2285 addr
= get_param(params
, 1)->val_ul
;
2286 len
= get_param(params
, 2)->val_ul
;
2287 total_len
= strlen(xml
);
2288 if (addr
> total_len
) {
2293 if (len
> (MAX_PACKET_LENGTH
- 5) / 2) {
2294 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2297 if (len
< total_len
- addr
) {
2298 g_string_assign(gdbserver_state
.str_buf
, "m");
2299 memtox(gdbserver_state
.str_buf
, xml
+ addr
, len
);
2301 g_string_assign(gdbserver_state
.str_buf
, "l");
2302 memtox(gdbserver_state
.str_buf
, xml
+ addr
, total_len
- addr
);
2305 put_packet_binary(gdbserver_state
.str_buf
->str
,
2306 gdbserver_state
.str_buf
->len
, true);
2309 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2310 static void handle_query_xfer_auxv(GArray
*params
, void *user_ctx
)
2313 unsigned long offset
, len
, saved_auxv
, auxv_len
;
2315 if (params
->len
< 2) {
2320 offset
= get_param(params
, 0)->val_ul
;
2321 len
= get_param(params
, 1)->val_ul
;
2322 ts
= gdbserver_state
.c_cpu
->opaque
;
2323 saved_auxv
= ts
->info
->saved_auxv
;
2324 auxv_len
= ts
->info
->auxv_len
;
2326 if (offset
>= auxv_len
) {
2331 if (len
> (MAX_PACKET_LENGTH
- 5) / 2) {
2332 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2335 if (len
< auxv_len
- offset
) {
2336 g_string_assign(gdbserver_state
.str_buf
, "m");
2338 g_string_assign(gdbserver_state
.str_buf
, "l");
2339 len
= auxv_len
- offset
;
2342 g_byte_array_set_size(gdbserver_state
.mem_buf
, len
);
2343 if (target_memory_rw_debug(gdbserver_state
.g_cpu
, saved_auxv
+ offset
,
2344 gdbserver_state
.mem_buf
->data
, len
, false)) {
2349 memtox(gdbserver_state
.str_buf
,
2350 (const char *)gdbserver_state
.mem_buf
->data
, len
);
2351 put_packet_binary(gdbserver_state
.str_buf
->str
,
2352 gdbserver_state
.str_buf
->len
, true);
2356 static void handle_query_attached(GArray
*params
, void *user_ctx
)
2358 put_packet(GDB_ATTACHED
);
2361 static void handle_query_qemu_supported(GArray
*params
, void *user_ctx
)
2363 g_string_printf(gdbserver_state
.str_buf
, "sstepbits;sstep");
2364 #ifndef CONFIG_USER_ONLY
2365 g_string_append(gdbserver_state
.str_buf
, ";PhyMemMode");
2370 #ifndef CONFIG_USER_ONLY
2371 static void handle_query_qemu_phy_mem_mode(GArray
*params
,
2374 g_string_printf(gdbserver_state
.str_buf
, "%d", phy_memory_mode
);
2378 static void handle_set_qemu_phy_mem_mode(GArray
*params
, void *user_ctx
)
2385 if (!get_param(params
, 0)->val_ul
) {
2386 phy_memory_mode
= 0;
2388 phy_memory_mode
= 1;
2394 static const GdbCmdParseEntry gdb_gen_query_set_common_table
[] = {
2395 /* Order is important if has same prefix */
2397 .handler
= handle_query_qemu_sstepbits
,
2398 .cmd
= "qemu.sstepbits",
2401 .handler
= handle_query_qemu_sstep
,
2402 .cmd
= "qemu.sstep",
2405 .handler
= handle_set_qemu_sstep
,
2406 .cmd
= "qemu.sstep=",
2407 .cmd_startswith
= 1,
2412 static const GdbCmdParseEntry gdb_gen_query_table
[] = {
2414 .handler
= handle_query_curr_tid
,
2418 .handler
= handle_query_threads
,
2419 .cmd
= "sThreadInfo",
2422 .handler
= handle_query_first_threads
,
2423 .cmd
= "fThreadInfo",
2426 .handler
= handle_query_thread_extra
,
2427 .cmd
= "ThreadExtraInfo,",
2428 .cmd_startswith
= 1,
2431 #ifdef CONFIG_USER_ONLY
2433 .handler
= handle_query_offsets
,
2438 .handler
= handle_query_rcmd
,
2440 .cmd_startswith
= 1,
2445 .handler
= handle_query_supported
,
2446 .cmd
= "Supported:",
2447 .cmd_startswith
= 1,
2451 .handler
= handle_query_supported
,
2456 .handler
= handle_query_xfer_features
,
2457 .cmd
= "Xfer:features:read:",
2458 .cmd_startswith
= 1,
2461 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2463 .handler
= handle_query_xfer_auxv
,
2464 .cmd
= "Xfer:auxv:read::",
2465 .cmd_startswith
= 1,
2470 .handler
= handle_query_attached
,
2475 .handler
= handle_query_attached
,
2479 .handler
= handle_query_qemu_supported
,
2480 .cmd
= "qemu.Supported",
2482 #ifndef CONFIG_USER_ONLY
2484 .handler
= handle_query_qemu_phy_mem_mode
,
2485 .cmd
= "qemu.PhyMemMode",
2490 static const GdbCmdParseEntry gdb_gen_set_table
[] = {
2491 /* Order is important if has same prefix */
2493 .handler
= handle_set_qemu_sstep
,
2494 .cmd
= "qemu.sstep:",
2495 .cmd_startswith
= 1,
2498 #ifndef CONFIG_USER_ONLY
2500 .handler
= handle_set_qemu_phy_mem_mode
,
2501 .cmd
= "qemu.PhyMemMode:",
2502 .cmd_startswith
= 1,
2508 static void handle_gen_query(GArray
*params
, void *user_ctx
)
2514 if (!process_string_cmd(NULL
, get_param(params
, 0)->data
,
2515 gdb_gen_query_set_common_table
,
2516 ARRAY_SIZE(gdb_gen_query_set_common_table
))) {
2520 if (process_string_cmd(NULL
, get_param(params
, 0)->data
,
2521 gdb_gen_query_table
,
2522 ARRAY_SIZE(gdb_gen_query_table
))) {
2527 static void handle_gen_set(GArray
*params
, void *user_ctx
)
2533 if (!process_string_cmd(NULL
, get_param(params
, 0)->data
,
2534 gdb_gen_query_set_common_table
,
2535 ARRAY_SIZE(gdb_gen_query_set_common_table
))) {
2539 if (process_string_cmd(NULL
, get_param(params
, 0)->data
,
2541 ARRAY_SIZE(gdb_gen_set_table
))) {
2546 static void handle_target_halt(GArray
*params
, void *user_ctx
)
2548 g_string_printf(gdbserver_state
.str_buf
, "T%02xthread:", GDB_SIGNAL_TRAP
);
2549 gdb_append_thread_id(gdbserver_state
.c_cpu
, gdbserver_state
.str_buf
);
2550 g_string_append_c(gdbserver_state
.str_buf
, ';');
2553 * Remove all the breakpoints when this query is issued,
2554 * because gdb is doing an initial connect and the state
2555 * should be cleaned up.
2557 gdb_breakpoint_remove_all();
2560 static int gdb_handle_packet(const char *line_buf
)
2562 const GdbCmdParseEntry
*cmd_parser
= NULL
;
2564 trace_gdbstub_io_command(line_buf
);
2566 switch (line_buf
[0]) {
2572 static const GdbCmdParseEntry target_halted_cmd_desc
= {
2573 .handler
= handle_target_halt
,
2577 cmd_parser
= &target_halted_cmd_desc
;
2582 static const GdbCmdParseEntry continue_cmd_desc
= {
2583 .handler
= handle_continue
,
2585 .cmd_startswith
= 1,
2588 cmd_parser
= &continue_cmd_desc
;
2593 static const GdbCmdParseEntry cont_with_sig_cmd_desc
= {
2594 .handler
= handle_cont_with_sig
,
2596 .cmd_startswith
= 1,
2599 cmd_parser
= &cont_with_sig_cmd_desc
;
2604 static const GdbCmdParseEntry v_cmd_desc
= {
2605 .handler
= handle_v_commands
,
2607 .cmd_startswith
= 1,
2610 cmd_parser
= &v_cmd_desc
;
2614 /* Kill the target */
2615 error_report("QEMU: Terminated via GDBstub");
2620 static const GdbCmdParseEntry detach_cmd_desc
= {
2621 .handler
= handle_detach
,
2623 .cmd_startswith
= 1,
2626 cmd_parser
= &detach_cmd_desc
;
2631 static const GdbCmdParseEntry step_cmd_desc
= {
2632 .handler
= handle_step
,
2634 .cmd_startswith
= 1,
2637 cmd_parser
= &step_cmd_desc
;
2642 static const GdbCmdParseEntry backward_cmd_desc
= {
2643 .handler
= handle_backward
,
2645 .cmd_startswith
= 1,
2648 cmd_parser
= &backward_cmd_desc
;
2653 static const GdbCmdParseEntry file_io_cmd_desc
= {
2654 .handler
= handle_file_io
,
2656 .cmd_startswith
= 1,
2659 cmd_parser
= &file_io_cmd_desc
;
2664 static const GdbCmdParseEntry read_all_regs_cmd_desc
= {
2665 .handler
= handle_read_all_regs
,
2669 cmd_parser
= &read_all_regs_cmd_desc
;
2674 static const GdbCmdParseEntry write_all_regs_cmd_desc
= {
2675 .handler
= handle_write_all_regs
,
2677 .cmd_startswith
= 1,
2680 cmd_parser
= &write_all_regs_cmd_desc
;
2685 static const GdbCmdParseEntry read_mem_cmd_desc
= {
2686 .handler
= handle_read_mem
,
2688 .cmd_startswith
= 1,
2691 cmd_parser
= &read_mem_cmd_desc
;
2696 static const GdbCmdParseEntry write_mem_cmd_desc
= {
2697 .handler
= handle_write_mem
,
2699 .cmd_startswith
= 1,
2702 cmd_parser
= &write_mem_cmd_desc
;
2707 static const GdbCmdParseEntry get_reg_cmd_desc
= {
2708 .handler
= handle_get_reg
,
2710 .cmd_startswith
= 1,
2713 cmd_parser
= &get_reg_cmd_desc
;
2718 static const GdbCmdParseEntry set_reg_cmd_desc
= {
2719 .handler
= handle_set_reg
,
2721 .cmd_startswith
= 1,
2724 cmd_parser
= &set_reg_cmd_desc
;
2729 static const GdbCmdParseEntry insert_bp_cmd_desc
= {
2730 .handler
= handle_insert_bp
,
2732 .cmd_startswith
= 1,
2735 cmd_parser
= &insert_bp_cmd_desc
;
2740 static const GdbCmdParseEntry remove_bp_cmd_desc
= {
2741 .handler
= handle_remove_bp
,
2743 .cmd_startswith
= 1,
2746 cmd_parser
= &remove_bp_cmd_desc
;
2751 static const GdbCmdParseEntry set_thread_cmd_desc
= {
2752 .handler
= handle_set_thread
,
2754 .cmd_startswith
= 1,
2757 cmd_parser
= &set_thread_cmd_desc
;
2762 static const GdbCmdParseEntry thread_alive_cmd_desc
= {
2763 .handler
= handle_thread_alive
,
2765 .cmd_startswith
= 1,
2768 cmd_parser
= &thread_alive_cmd_desc
;
2773 static const GdbCmdParseEntry gen_query_cmd_desc
= {
2774 .handler
= handle_gen_query
,
2776 .cmd_startswith
= 1,
2779 cmd_parser
= &gen_query_cmd_desc
;
2784 static const GdbCmdParseEntry gen_set_cmd_desc
= {
2785 .handler
= handle_gen_set
,
2787 .cmd_startswith
= 1,
2790 cmd_parser
= &gen_set_cmd_desc
;
2794 /* put empty packet */
2800 run_cmd_parser(line_buf
, cmd_parser
);
2806 void gdb_set_stop_cpu(CPUState
*cpu
)
2808 GDBProcess
*p
= gdb_get_cpu_process(cpu
);
2812 * Having a stop CPU corresponding to a process that is not attached
2813 * confuses GDB. So we ignore the request.
2818 gdbserver_state
.c_cpu
= cpu
;
2819 gdbserver_state
.g_cpu
= cpu
;
2822 #ifndef CONFIG_USER_ONLY
2823 static void gdb_vm_state_change(void *opaque
, bool running
, RunState state
)
2825 CPUState
*cpu
= gdbserver_state
.c_cpu
;
2826 g_autoptr(GString
) buf
= g_string_new(NULL
);
2827 g_autoptr(GString
) tid
= g_string_new(NULL
);
2831 if (running
|| gdbserver_state
.state
== RS_INACTIVE
) {
2834 /* Is there a GDB syscall waiting to be sent? */
2835 if (gdbserver_state
.current_syscall_cb
) {
2836 put_packet(gdbserver_state
.syscall_buf
);
2841 /* No process attached */
2845 gdb_append_thread_id(cpu
, tid
);
2848 case RUN_STATE_DEBUG
:
2849 if (cpu
->watchpoint_hit
) {
2850 switch (cpu
->watchpoint_hit
->flags
& BP_MEM_ACCESS
) {
2861 trace_gdbstub_hit_watchpoint(type
, cpu_gdb_index(cpu
),
2862 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
2863 g_string_printf(buf
, "T%02xthread:%s;%swatch:" TARGET_FMT_lx
";",
2864 GDB_SIGNAL_TRAP
, tid
->str
, type
,
2865 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
2866 cpu
->watchpoint_hit
= NULL
;
2869 trace_gdbstub_hit_break();
2872 ret
= GDB_SIGNAL_TRAP
;
2874 case RUN_STATE_PAUSED
:
2875 trace_gdbstub_hit_paused();
2876 ret
= GDB_SIGNAL_INT
;
2878 case RUN_STATE_SHUTDOWN
:
2879 trace_gdbstub_hit_shutdown();
2880 ret
= GDB_SIGNAL_QUIT
;
2882 case RUN_STATE_IO_ERROR
:
2883 trace_gdbstub_hit_io_error();
2884 ret
= GDB_SIGNAL_IO
;
2886 case RUN_STATE_WATCHDOG
:
2887 trace_gdbstub_hit_watchdog();
2888 ret
= GDB_SIGNAL_ALRM
;
2890 case RUN_STATE_INTERNAL_ERROR
:
2891 trace_gdbstub_hit_internal_error();
2892 ret
= GDB_SIGNAL_ABRT
;
2894 case RUN_STATE_SAVE_VM
:
2895 case RUN_STATE_RESTORE_VM
:
2897 case RUN_STATE_FINISH_MIGRATE
:
2898 ret
= GDB_SIGNAL_XCPU
;
2901 trace_gdbstub_hit_unknown(state
);
2902 ret
= GDB_SIGNAL_UNKNOWN
;
2905 gdb_set_stop_cpu(cpu
);
2906 g_string_printf(buf
, "T%02xthread:%s;", ret
, tid
->str
);
2909 put_packet(buf
->str
);
2911 /* disable single step if it was enabled */
2912 cpu_single_step(cpu
, 0);
2916 /* Send a gdb syscall request.
2917 This accepts limited printf-style format specifiers, specifically:
2918 %x - target_ulong argument printed in hex.
2919 %lx - 64-bit argument printed in hex.
2920 %s - string pointer (target_ulong) and length (int) pair. */
2921 void gdb_do_syscallv(gdb_syscall_complete_cb cb
, const char *fmt
, va_list va
)
2928 if (!gdb_attached()) {
2932 gdbserver_state
.current_syscall_cb
= cb
;
2933 #ifndef CONFIG_USER_ONLY
2934 vm_stop(RUN_STATE_DEBUG
);
2936 p
= &gdbserver_state
.syscall_buf
[0];
2937 p_end
= &gdbserver_state
.syscall_buf
[sizeof(gdbserver_state
.syscall_buf
)];
2944 addr
= va_arg(va
, target_ulong
);
2945 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
, addr
);
2948 if (*(fmt
++) != 'x')
2950 i64
= va_arg(va
, uint64_t);
2951 p
+= snprintf(p
, p_end
- p
, "%" PRIx64
, i64
);
2954 addr
= va_arg(va
, target_ulong
);
2955 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
"/%x",
2956 addr
, va_arg(va
, int));
2960 error_report("gdbstub: Bad syscall format string '%s'",
2969 #ifdef CONFIG_USER_ONLY
2970 put_packet(gdbserver_state
.syscall_buf
);
2971 /* Return control to gdb for it to process the syscall request.
2972 * Since the protocol requires that gdb hands control back to us
2973 * using a "here are the results" F packet, we don't need to check
2974 * gdb_handlesig's return value (which is the signal to deliver if
2975 * execution was resumed via a continue packet).
2977 gdb_handlesig(gdbserver_state
.c_cpu
, 0);
2979 /* In this case wait to send the syscall packet until notification that
2980 the CPU has stopped. This must be done because if the packet is sent
2981 now the reply from the syscall request could be received while the CPU
2982 is still in the running state, which can cause packets to be dropped
2983 and state transition 'T' packets to be sent while the syscall is still
2985 qemu_cpu_kick(gdbserver_state
.c_cpu
);
2989 void gdb_do_syscall(gdb_syscall_complete_cb cb
, const char *fmt
, ...)
2994 gdb_do_syscallv(cb
, fmt
, va
);
2998 static void gdb_read_byte(uint8_t ch
)
3002 #ifndef CONFIG_USER_ONLY
3003 if (gdbserver_state
.last_packet
->len
) {
3004 /* Waiting for a response to the last packet. If we see the start
3005 of a new command then abandon the previous response. */
3007 trace_gdbstub_err_got_nack();
3008 put_buffer(gdbserver_state
.last_packet
->data
,
3009 gdbserver_state
.last_packet
->len
);
3010 } else if (ch
== '+') {
3011 trace_gdbstub_io_got_ack();
3013 trace_gdbstub_io_got_unexpected(ch
);
3016 if (ch
== '+' || ch
== '$') {
3017 g_byte_array_set_size(gdbserver_state
.last_packet
, 0);
3022 if (runstate_is_running()) {
3023 /* when the CPU is running, we cannot do anything except stop
3024 it when receiving a char */
3025 vm_stop(RUN_STATE_PAUSED
);
3029 switch(gdbserver_state
.state
) {
3032 /* start of command packet */
3033 gdbserver_state
.line_buf_index
= 0;
3034 gdbserver_state
.line_sum
= 0;
3035 gdbserver_state
.state
= RS_GETLINE
;
3037 trace_gdbstub_err_garbage(ch
);
3042 /* start escape sequence */
3043 gdbserver_state
.state
= RS_GETLINE_ESC
;
3044 gdbserver_state
.line_sum
+= ch
;
3045 } else if (ch
== '*') {
3046 /* start run length encoding sequence */
3047 gdbserver_state
.state
= RS_GETLINE_RLE
;
3048 gdbserver_state
.line_sum
+= ch
;
3049 } else if (ch
== '#') {
3050 /* end of command, start of checksum*/
3051 gdbserver_state
.state
= RS_CHKSUM1
;
3052 } else if (gdbserver_state
.line_buf_index
>= sizeof(gdbserver_state
.line_buf
) - 1) {
3053 trace_gdbstub_err_overrun();
3054 gdbserver_state
.state
= RS_IDLE
;
3056 /* unescaped command character */
3057 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
++] = ch
;
3058 gdbserver_state
.line_sum
+= ch
;
3061 case RS_GETLINE_ESC
:
3063 /* unexpected end of command in escape sequence */
3064 gdbserver_state
.state
= RS_CHKSUM1
;
3065 } else if (gdbserver_state
.line_buf_index
>= sizeof(gdbserver_state
.line_buf
) - 1) {
3066 /* command buffer overrun */
3067 trace_gdbstub_err_overrun();
3068 gdbserver_state
.state
= RS_IDLE
;
3070 /* parse escaped character and leave escape state */
3071 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
++] = ch
^ 0x20;
3072 gdbserver_state
.line_sum
+= ch
;
3073 gdbserver_state
.state
= RS_GETLINE
;
3076 case RS_GETLINE_RLE
:
3078 * Run-length encoding is explained in "Debugging with GDB /
3079 * Appendix E GDB Remote Serial Protocol / Overview".
3081 if (ch
< ' ' || ch
== '#' || ch
== '$' || ch
> 126) {
3082 /* invalid RLE count encoding */
3083 trace_gdbstub_err_invalid_repeat(ch
);
3084 gdbserver_state
.state
= RS_GETLINE
;
3086 /* decode repeat length */
3087 int repeat
= ch
- ' ' + 3;
3088 if (gdbserver_state
.line_buf_index
+ repeat
>= sizeof(gdbserver_state
.line_buf
) - 1) {
3089 /* that many repeats would overrun the command buffer */
3090 trace_gdbstub_err_overrun();
3091 gdbserver_state
.state
= RS_IDLE
;
3092 } else if (gdbserver_state
.line_buf_index
< 1) {
3093 /* got a repeat but we have nothing to repeat */
3094 trace_gdbstub_err_invalid_rle();
3095 gdbserver_state
.state
= RS_GETLINE
;
3097 /* repeat the last character */
3098 memset(gdbserver_state
.line_buf
+ gdbserver_state
.line_buf_index
,
3099 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
- 1], repeat
);
3100 gdbserver_state
.line_buf_index
+= repeat
;
3101 gdbserver_state
.line_sum
+= ch
;
3102 gdbserver_state
.state
= RS_GETLINE
;
3107 /* get high hex digit of checksum */
3108 if (!isxdigit(ch
)) {
3109 trace_gdbstub_err_checksum_invalid(ch
);
3110 gdbserver_state
.state
= RS_GETLINE
;
3113 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
] = '\0';
3114 gdbserver_state
.line_csum
= fromhex(ch
) << 4;
3115 gdbserver_state
.state
= RS_CHKSUM2
;
3118 /* get low hex digit of checksum */
3119 if (!isxdigit(ch
)) {
3120 trace_gdbstub_err_checksum_invalid(ch
);
3121 gdbserver_state
.state
= RS_GETLINE
;
3124 gdbserver_state
.line_csum
|= fromhex(ch
);
3126 if (gdbserver_state
.line_csum
!= (gdbserver_state
.line_sum
& 0xff)) {
3127 trace_gdbstub_err_checksum_incorrect(gdbserver_state
.line_sum
, gdbserver_state
.line_csum
);
3128 /* send NAK reply */
3130 put_buffer(&reply
, 1);
3131 gdbserver_state
.state
= RS_IDLE
;
3133 /* send ACK reply */
3135 put_buffer(&reply
, 1);
3136 gdbserver_state
.state
= gdb_handle_packet(gdbserver_state
.line_buf
);
3145 /* Tell the remote gdb that the process has exited. */
3146 void gdb_exit(int code
)
3150 if (!gdbserver_state
.init
) {
3153 #ifdef CONFIG_USER_ONLY
3154 if (gdbserver_state
.socket_path
) {
3155 unlink(gdbserver_state
.socket_path
);
3157 if (gdbserver_state
.fd
< 0) {
3162 trace_gdbstub_op_exiting((uint8_t)code
);
3164 snprintf(buf
, sizeof(buf
), "W%02x", (uint8_t)code
);
3167 #ifndef CONFIG_USER_ONLY
3168 qemu_chr_fe_deinit(&gdbserver_state
.chr
, true);
3173 * Create the process that will contain all the "orphan" CPUs (that are not
3174 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3175 * be attachable and thus will be invisible to the user.
3177 static void create_default_process(GDBState
*s
)
3179 GDBProcess
*process
;
3182 if (gdbserver_state
.process_num
) {
3183 max_pid
= s
->processes
[s
->process_num
- 1].pid
;
3186 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
3187 process
= &s
->processes
[s
->process_num
- 1];
3189 /* We need an available PID slot for this process */
3190 assert(max_pid
< UINT32_MAX
);
3192 process
->pid
= max_pid
+ 1;
3193 process
->attached
= false;
3194 process
->target_xml
[0] = '\0';
3197 #ifdef CONFIG_USER_ONLY
3199 gdb_handlesig(CPUState
*cpu
, int sig
)
3204 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3208 /* disable single step if it was enabled */
3209 cpu_single_step(cpu
, 0);
3213 gdb_set_stop_cpu(cpu
);
3214 g_string_printf(gdbserver_state
.str_buf
,
3215 "T%02xthread:", target_signal_to_gdb(sig
));
3216 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
3217 g_string_append_c(gdbserver_state
.str_buf
, ';');
3220 /* put_packet() might have detected that the peer terminated the
3222 if (gdbserver_state
.fd
< 0) {
3227 gdbserver_state
.state
= RS_IDLE
;
3228 gdbserver_state
.running_state
= 0;
3229 while (gdbserver_state
.running_state
== 0) {
3230 n
= read(gdbserver_state
.fd
, buf
, 256);
3234 for (i
= 0; i
< n
; i
++) {
3235 gdb_read_byte(buf
[i
]);
3238 /* XXX: Connection closed. Should probably wait for another
3239 connection before continuing. */
3241 close(gdbserver_state
.fd
);
3243 gdbserver_state
.fd
= -1;
3247 sig
= gdbserver_state
.signal
;
3248 gdbserver_state
.signal
= 0;
3252 /* Tell the remote gdb that the process has exited due to SIG. */
3253 void gdb_signalled(CPUArchState
*env
, int sig
)
3257 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3261 snprintf(buf
, sizeof(buf
), "X%02x", target_signal_to_gdb(sig
));
3265 static void gdb_accept_init(int fd
)
3267 init_gdbserver_state();
3268 create_default_process(&gdbserver_state
);
3269 gdbserver_state
.processes
[0].attached
= true;
3270 gdbserver_state
.c_cpu
= gdb_first_attached_cpu();
3271 gdbserver_state
.g_cpu
= gdbserver_state
.c_cpu
;
3272 gdbserver_state
.fd
= fd
;
3273 gdb_has_xml
= false;
3276 static bool gdb_accept_socket(int gdb_fd
)
3281 fd
= accept(gdb_fd
, NULL
, NULL
);
3282 if (fd
< 0 && errno
!= EINTR
) {
3283 perror("accept socket");
3285 } else if (fd
>= 0) {
3286 qemu_set_cloexec(fd
);
3291 gdb_accept_init(fd
);
3295 static int gdbserver_open_socket(const char *path
)
3297 struct sockaddr_un sockaddr
= {};
3300 fd
= socket(AF_UNIX
, SOCK_STREAM
, 0);
3302 perror("create socket");
3306 sockaddr
.sun_family
= AF_UNIX
;
3307 pstrcpy(sockaddr
.sun_path
, sizeof(sockaddr
.sun_path
) - 1, path
);
3308 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
3310 perror("bind socket");
3314 ret
= listen(fd
, 1);
3316 perror("listen socket");
3324 static bool gdb_accept_tcp(int gdb_fd
)
3326 struct sockaddr_in sockaddr
= {};
3331 len
= sizeof(sockaddr
);
3332 fd
= accept(gdb_fd
, (struct sockaddr
*)&sockaddr
, &len
);
3333 if (fd
< 0 && errno
!= EINTR
) {
3336 } else if (fd
>= 0) {
3337 qemu_set_cloexec(fd
);
3342 /* set short latency */
3343 if (socket_set_nodelay(fd
)) {
3344 perror("setsockopt");
3349 gdb_accept_init(fd
);
3353 static int gdbserver_open_port(int port
)
3355 struct sockaddr_in sockaddr
;
3358 fd
= socket(PF_INET
, SOCK_STREAM
, 0);
3363 qemu_set_cloexec(fd
);
3365 socket_set_fast_reuse(fd
);
3367 sockaddr
.sin_family
= AF_INET
;
3368 sockaddr
.sin_port
= htons(port
);
3369 sockaddr
.sin_addr
.s_addr
= 0;
3370 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
3376 ret
= listen(fd
, 1);
3386 int gdbserver_start(const char *port_or_path
)
3388 int port
= g_ascii_strtoull(port_or_path
, NULL
, 10);
3392 gdb_fd
= gdbserver_open_port(port
);
3394 gdb_fd
= gdbserver_open_socket(port_or_path
);
3401 if (port
> 0 && gdb_accept_tcp(gdb_fd
)) {
3403 } else if (gdb_accept_socket(gdb_fd
)) {
3404 gdbserver_state
.socket_path
= g_strdup(port_or_path
);
3413 /* Disable gdb stub for child processes. */
3414 void gdbserver_fork(CPUState
*cpu
)
3416 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3419 close(gdbserver_state
.fd
);
3420 gdbserver_state
.fd
= -1;
3421 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
3422 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
3425 static int gdb_chr_can_receive(void *opaque
)
3427 /* We can handle an arbitrarily large amount of data.
3428 Pick the maximum packet size, which is as good as anything. */
3429 return MAX_PACKET_LENGTH
;
3432 static void gdb_chr_receive(void *opaque
, const uint8_t *buf
, int size
)
3436 for (i
= 0; i
< size
; i
++) {
3437 gdb_read_byte(buf
[i
]);
3441 static void gdb_chr_event(void *opaque
, QEMUChrEvent event
)
3444 GDBState
*s
= (GDBState
*) opaque
;
3447 case CHR_EVENT_OPENED
:
3448 /* Start with first process attached, others detached */
3449 for (i
= 0; i
< s
->process_num
; i
++) {
3450 s
->processes
[i
].attached
= !i
;
3453 s
->c_cpu
= gdb_first_attached_cpu();
3454 s
->g_cpu
= s
->c_cpu
;
3456 vm_stop(RUN_STATE_PAUSED
);
3457 replay_gdb_attached();
3458 gdb_has_xml
= false;
3465 static int gdb_monitor_write(Chardev
*chr
, const uint8_t *buf
, int len
)
3467 g_autoptr(GString
) hex_buf
= g_string_new("O");
3468 memtohex(hex_buf
, buf
, len
);
3469 put_packet(hex_buf
->str
);
3474 static void gdb_sigterm_handler(int signal
)
3476 if (runstate_is_running()) {
3477 vm_stop(RUN_STATE_PAUSED
);
3482 static void gdb_monitor_open(Chardev
*chr
, ChardevBackend
*backend
,
3483 bool *be_opened
, Error
**errp
)
3488 static void char_gdb_class_init(ObjectClass
*oc
, void *data
)
3490 ChardevClass
*cc
= CHARDEV_CLASS(oc
);
3492 cc
->internal
= true;
3493 cc
->open
= gdb_monitor_open
;
3494 cc
->chr_write
= gdb_monitor_write
;
3497 #define TYPE_CHARDEV_GDB "chardev-gdb"
3499 static const TypeInfo char_gdb_type_info
= {
3500 .name
= TYPE_CHARDEV_GDB
,
3501 .parent
= TYPE_CHARDEV
,
3502 .class_init
= char_gdb_class_init
,
3505 static int find_cpu_clusters(Object
*child
, void *opaque
)
3507 if (object_dynamic_cast(child
, TYPE_CPU_CLUSTER
)) {
3508 GDBState
*s
= (GDBState
*) opaque
;
3509 CPUClusterState
*cluster
= CPU_CLUSTER(child
);
3510 GDBProcess
*process
;
3512 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
3514 process
= &s
->processes
[s
->process_num
- 1];
3517 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3518 * runtime, we enforce here that the machine does not use a cluster ID
3519 * that would lead to PID 0.
3521 assert(cluster
->cluster_id
!= UINT32_MAX
);
3522 process
->pid
= cluster
->cluster_id
+ 1;
3523 process
->attached
= false;
3524 process
->target_xml
[0] = '\0';
3529 return object_child_foreach(child
, find_cpu_clusters
, opaque
);
3532 static int pid_order(const void *a
, const void *b
)
3534 GDBProcess
*pa
= (GDBProcess
*) a
;
3535 GDBProcess
*pb
= (GDBProcess
*) b
;
3537 if (pa
->pid
< pb
->pid
) {
3539 } else if (pa
->pid
> pb
->pid
) {
3546 static void create_processes(GDBState
*s
)
3548 object_child_foreach(object_get_root(), find_cpu_clusters
, s
);
3550 if (gdbserver_state
.processes
) {
3552 qsort(gdbserver_state
.processes
, gdbserver_state
.process_num
, sizeof(gdbserver_state
.processes
[0]), pid_order
);
3555 create_default_process(s
);
3558 int gdbserver_start(const char *device
)
3560 trace_gdbstub_op_start(device
);
3562 char gdbstub_device_name
[128];
3563 Chardev
*chr
= NULL
;
3567 error_report("gdbstub: meaningless to attach gdb to a "
3568 "machine without any CPU.");
3572 if (kvm_enabled() && !kvm_supports_guest_debug()) {
3573 error_report("gdbstub: KVM doesn't support guest debugging");
3579 if (strcmp(device
, "none") != 0) {
3580 if (strstart(device
, "tcp:", NULL
)) {
3581 /* enforce required TCP attributes */
3582 snprintf(gdbstub_device_name
, sizeof(gdbstub_device_name
),
3583 "%s,wait=off,nodelay=on,server=on", device
);
3584 device
= gdbstub_device_name
;
3587 else if (strcmp(device
, "stdio") == 0) {
3588 struct sigaction act
;
3590 memset(&act
, 0, sizeof(act
));
3591 act
.sa_handler
= gdb_sigterm_handler
;
3592 sigaction(SIGINT
, &act
, NULL
);
3596 * FIXME: it's a bit weird to allow using a mux chardev here
3597 * and implicitly setup a monitor. We may want to break this.
3599 chr
= qemu_chr_new_noreplay("gdb", device
, true, NULL
);
3604 if (!gdbserver_state
.init
) {
3605 init_gdbserver_state();
3607 qemu_add_vm_change_state_handler(gdb_vm_state_change
, NULL
);
3609 /* Initialize a monitor terminal for gdb */
3610 mon_chr
= qemu_chardev_new(NULL
, TYPE_CHARDEV_GDB
,
3611 NULL
, NULL
, &error_abort
);
3612 monitor_init_hmp(mon_chr
, false, &error_abort
);
3614 qemu_chr_fe_deinit(&gdbserver_state
.chr
, true);
3615 mon_chr
= gdbserver_state
.mon_chr
;
3616 reset_gdbserver_state();
3619 create_processes(&gdbserver_state
);
3622 qemu_chr_fe_init(&gdbserver_state
.chr
, chr
, &error_abort
);
3623 qemu_chr_fe_set_handlers(&gdbserver_state
.chr
, gdb_chr_can_receive
,
3624 gdb_chr_receive
, gdb_chr_event
,
3625 NULL
, &gdbserver_state
, NULL
, true);
3627 gdbserver_state
.state
= chr
? RS_IDLE
: RS_INACTIVE
;
3628 gdbserver_state
.mon_chr
= mon_chr
;
3629 gdbserver_state
.current_syscall_cb
= NULL
;
3634 static void register_types(void)
3636 type_register_static(&char_gdb_type_info
);
3639 type_init(register_types
);