4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace/trace-root.h"
34 #ifdef CONFIG_USER_ONLY
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "exec/gdbstub.h"
41 #include "hw/cpu/cluster.h"
42 #include "hw/boards.h"
45 #define MAX_PACKET_LENGTH 4096
47 #include "qemu/sockets.h"
48 #include "sysemu/hw_accel.h"
49 #include "sysemu/kvm.h"
50 #include "sysemu/runstate.h"
51 #include "semihosting/semihost.h"
52 #include "exec/exec-all.h"
53 #include "sysemu/replay.h"
55 #ifdef CONFIG_USER_ONLY
56 #define GDB_ATTACHED "0"
58 #define GDB_ATTACHED "1"
61 #ifndef CONFIG_USER_ONLY
62 static int phy_memory_mode;
65 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
66 uint8_t *buf, int len, bool is_write)
70 #ifndef CONFIG_USER_ONLY
71 if (phy_memory_mode) {
73 cpu_physical_memory_write(addr, buf, len);
75 cpu_physical_memory_read(addr, buf, len);
81 cc = CPU_GET_CLASS(cpu);
82 if (cc->memory_rw_debug) {
83 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
85 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
88 /* Return the GDB index for a given vCPU state.
90 * For user mode this is simply the thread id. In system mode GDB
91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
93 static inline int cpu_gdb_index(CPUState *cpu)
95 #if defined(CONFIG_USER_ONLY)
96 TaskState *ts = (TaskState *) cpu->opaque;
99 return cpu->cpu_index + 1;
109 GDB_SIGNAL_ALRM = 14,
111 GDB_SIGNAL_XCPU = 24,
112 GDB_SIGNAL_UNKNOWN = 143
115 #ifdef CONFIG_USER_ONLY
117 /* Map target signal numbers to GDB protocol signal numbers and vice
118 * versa. For user emulation's currently supported systems, we can
119 * assume most signals are defined.
122 static int gdb_signal_table[] = {
282 /* In system mode we only need SIGINT and SIGTRAP; other signals
283 are not yet supported. */
290 static int gdb_signal_table[] = {
300 #ifdef CONFIG_USER_ONLY
301 static int target_signal_to_gdb (int sig)
304 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
305 if (gdb_signal_table[i] == sig)
307 return GDB_SIGNAL_UNKNOWN;
311 static int gdb_signal_to_target (int sig)
313 if (sig < ARRAY_SIZE (gdb_signal_table))
314 return gdb_signal_table[sig];
319 typedef struct GDBRegisterState {
322 gdb_get_reg_cb get_reg;
323 gdb_set_reg_cb set_reg;
325 struct GDBRegisterState *next;
328 typedef struct GDBProcess {
332 char target_xml[1024];
344 typedef struct GDBState {
345 bool init; /* have we been initialised? */
346 CPUState *c_cpu; /* current CPU for step/continue ops */
347 CPUState *g_cpu; /* current CPU for other ops */
348 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
349 enum RSState state; /* parsing state */
350 char line_buf[MAX_PACKET_LENGTH];
352 int line_sum; /* running checksum */
353 int line_csum; /* checksum at the end of the packet */
354 GByteArray *last_packet;
356 #ifdef CONFIG_USER_ONLY
365 GDBProcess *processes;
367 char syscall_buf[256];
368 gdb_syscall_complete_cb current_syscall_cb;
373 /* By default use no IRQs and no timers while single stepping so as to
374 * make single stepping like an ICE HW step.
376 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
378 /* Retrieves flags for single step mode. */
379 static int get_sstep_flags(void)
382 * In replay mode all events written into the log should be replayed.
383 * That is why NOIRQ flag is removed in this mode.
385 if (replay_mode != REPLAY_MODE_NONE) {
392 static GDBState gdbserver_state;
394 static void init_gdbserver_state(void)
396 g_assert(!gdbserver_state.init);
397 memset(&gdbserver_state, 0, sizeof(GDBState));
398 gdbserver_state.init = true;
399 gdbserver_state.str_buf = g_string_new(NULL);
400 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
401 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
404 #ifndef CONFIG_USER_ONLY
405 static void reset_gdbserver_state(void)
407 g_free(gdbserver_state.processes);
408 gdbserver_state.processes = NULL;
409 gdbserver_state.process_num = 0;
415 #ifdef CONFIG_USER_ONLY
417 static int get_char(void)
423 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0);
425 if (errno == ECONNRESET)
426 gdbserver_state.fd = -1;
429 } else if (ret == 0) {
430 close(gdbserver_state.fd);
431 gdbserver_state.fd = -1;
447 /* Decide if either remote gdb syscalls or native file IO should be used. */
448 int use_gdb_syscalls(void)
450 SemihostingTarget target = semihosting_get_target();
451 if (target == SEMIHOSTING_TARGET_NATIVE) {
452 /* -semihosting-config target=native */
454 } else if (target == SEMIHOSTING_TARGET_GDB) {
455 /* -semihosting-config target=gdb */
459 /* -semihosting-config target=auto */
460 /* On the first call check if gdb is connected and remember. */
461 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
462 gdb_syscall_mode = gdbserver_state.init ?
463 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
465 return gdb_syscall_mode == GDB_SYS_ENABLED;
468 /* Resume execution. */
469 static inline void gdb_continue(void)
472 #ifdef CONFIG_USER_ONLY
473 gdbserver_state.running_state = 1;
474 trace_gdbstub_op_continue();
476 if (!runstate_needs_reset()) {
477 trace_gdbstub_op_continue();
484 * Resume execution, per CPU actions. For user-mode emulation it's
485 * equivalent to gdb_continue.
487 static int gdb_continue_partial(char *newstates)
491 #ifdef CONFIG_USER_ONLY
493 * This is not exactly accurate, but it's an improvement compared to the
494 * previous situation, where only one CPU would be single-stepped.
497 if (newstates[cpu->cpu_index] == 's') {
498 trace_gdbstub_op_stepping(cpu->cpu_index);
499 cpu_single_step(cpu, sstep_flags);
502 gdbserver_state.running_state = 1;
506 if (!runstate_needs_reset()) {
507 if (vm_prepare_start()) {
512 switch (newstates[cpu->cpu_index]) {
515 break; /* nothing to do here */
517 trace_gdbstub_op_stepping(cpu->cpu_index);
518 cpu_single_step(cpu, get_sstep_flags());
523 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
534 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
540 static void put_buffer(const uint8_t *buf, int len)
542 #ifdef CONFIG_USER_ONLY
546 ret = send(gdbserver_state.fd, buf, len, 0);
556 /* XXX this blocks entire thread. Rewrite to use
557 * qemu_chr_fe_write and background I/O callbacks */
558 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
562 static inline int fromhex(int v)
564 if (v >= '0' && v <= '9')
566 else if (v >= 'A' && v <= 'F')
568 else if (v >= 'a' && v <= 'f')
574 static inline int tohex(int v)
582 /* writes 2*len+1 bytes in buf */
583 static void memtohex(GString *buf, const uint8_t *mem, int len)
586 for(i = 0; i < len; i++) {
588 g_string_append_c(buf, tohex(c >> 4));
589 g_string_append_c(buf, tohex(c & 0xf));
591 g_string_append_c(buf, '\0');
594 static void hextomem(GByteArray *mem, const char *buf, int len)
598 for(i = 0; i < len; i++) {
599 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
600 g_byte_array_append(mem, &byte, 1);
605 static void hexdump(const char *buf, int len,
606 void (*trace_fn)(size_t ofs, char const *text))
608 char line_buffer[3 * 16 + 4 + 16 + 1];
611 for (i = 0; i < len || (i & 0xF); ++i) {
612 size_t byte_ofs = i & 15;
615 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
616 line_buffer[3 * 16 + 4 + 16] = 0;
619 size_t col_group = (i >> 2) & 3;
620 size_t hex_col = byte_ofs * 3 + col_group;
621 size_t txt_col = 3 * 16 + 4 + byte_ofs;
626 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
627 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
628 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
634 trace_fn(i & -16, line_buffer);
638 /* return -1 if error, 0 if OK */
639 static int put_packet_binary(const char *buf, int len, bool dump)
644 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
645 hexdump(buf, len, trace_gdbstub_io_binaryreply);
649 g_byte_array_set_size(gdbserver_state.last_packet, 0);
650 g_byte_array_append(gdbserver_state.last_packet,
651 (const uint8_t *) "$", 1);
652 g_byte_array_append(gdbserver_state.last_packet,
653 (const uint8_t *) buf, len);
655 for(i = 0; i < len; i++) {
659 footer[1] = tohex((csum >> 4) & 0xf);
660 footer[2] = tohex((csum) & 0xf);
661 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
663 put_buffer(gdbserver_state.last_packet->data,
664 gdbserver_state.last_packet->len);
666 #ifdef CONFIG_USER_ONLY
679 /* return -1 if error, 0 if OK */
680 static int put_packet(const char *buf)
682 trace_gdbstub_io_reply(buf);
684 return put_packet_binary(buf, strlen(buf), false);
687 static void put_strbuf(void)
689 put_packet(gdbserver_state.str_buf->str);
692 /* Encode data using the encoding for 'x' packets. */
693 static void memtox(GString *buf, const char *mem, int len)
700 case '#': case '$': case '*': case '}':
701 g_string_append_c(buf, '}');
702 g_string_append_c(buf, c ^ 0x20);
705 g_string_append_c(buf, c);
711 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
713 /* TODO: In user mode, we should use the task state PID */
714 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
715 /* Return the default process' PID */
716 int index = gdbserver_state.process_num - 1;
717 return gdbserver_state.processes[index].pid;
719 return cpu->cluster_index + 1;
722 static GDBProcess *gdb_get_process(uint32_t pid)
727 /* 0 means any process, we take the first one */
728 return &gdbserver_state.processes[0];
731 for (i = 0; i < gdbserver_state.process_num; i++) {
732 if (gdbserver_state.processes[i].pid == pid) {
733 return &gdbserver_state.processes[i];
740 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
742 return gdb_get_process(gdb_get_cpu_pid(cpu));
745 static CPUState *find_cpu(uint32_t thread_id)
750 if (cpu_gdb_index(cpu) == thread_id) {
758 static CPUState *get_first_cpu_in_process(GDBProcess *process)
763 if (gdb_get_cpu_pid(cpu) == process->pid) {
771 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
773 uint32_t pid = gdb_get_cpu_pid(cpu);
777 if (gdb_get_cpu_pid(cpu) == pid) {
787 /* Return the cpu following @cpu, while ignoring unattached processes. */
788 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
793 if (gdb_get_cpu_process(cpu)->attached) {
803 /* Return the first attached cpu */
804 static CPUState *gdb_first_attached_cpu(void)
806 CPUState *cpu = first_cpu;
807 GDBProcess *process = gdb_get_cpu_process(cpu);
809 if (!process->attached) {
810 return gdb_next_attached_cpu(cpu);
816 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
822 /* 0 means any process/thread, we take the first attached one */
823 return gdb_first_attached_cpu();
824 } else if (pid && !tid) {
825 /* any thread in a specific process */
826 process = gdb_get_process(pid);
828 if (process == NULL) {
832 if (!process->attached) {
836 return get_first_cpu_in_process(process);
838 /* a specific thread */
845 process = gdb_get_cpu_process(cpu);
847 if (pid && process->pid != pid) {
851 if (!process->attached) {
859 static const char *get_feature_xml(const char *p, const char **newp,
865 CPUState *cpu = get_first_cpu_in_process(process);
866 CPUClass *cc = CPU_GET_CLASS(cpu);
869 while (p[len] && p[len] != ':')
874 if (strncmp(p, "target.xml", len) == 0) {
875 char *buf = process->target_xml;
876 const size_t buf_sz = sizeof(process->target_xml);
878 /* Generate the XML description for this CPU. */
883 "<?xml version=\"1.0\"?>"
884 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
886 if (cc->gdb_arch_name) {
887 gchar *arch = cc->gdb_arch_name(cpu);
888 pstrcat(buf, buf_sz, "<architecture>");
889 pstrcat(buf, buf_sz, arch);
890 pstrcat(buf, buf_sz, "</architecture>");
893 pstrcat(buf, buf_sz, "<xi:include href=\"");
894 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
895 pstrcat(buf, buf_sz, "\"/>");
896 for (r = cpu->gdb_regs; r; r = r->next) {
897 pstrcat(buf, buf_sz, "<xi:include href=\"");
898 pstrcat(buf, buf_sz, r->xml);
899 pstrcat(buf, buf_sz, "\"/>");
901 pstrcat(buf, buf_sz, "</target>");
905 if (cc->gdb_get_dynamic_xml) {
906 char *xmlname = g_strndup(p, len);
907 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
915 name = xml_builtin[i][0];
916 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
919 return name ? xml_builtin[i][1] : NULL;
922 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
924 CPUClass *cc = CPU_GET_CLASS(cpu);
925 CPUArchState *env = cpu->env_ptr;
928 if (reg < cc->gdb_num_core_regs) {
929 return cc->gdb_read_register(cpu, buf, reg);
932 for (r = cpu->gdb_regs; r; r = r->next) {
933 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
934 return r->get_reg(env, buf, reg - r->base_reg);
940 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
942 CPUClass *cc = CPU_GET_CLASS(cpu);
943 CPUArchState *env = cpu->env_ptr;
946 if (reg < cc->gdb_num_core_regs) {
947 return cc->gdb_write_register(cpu, mem_buf, reg);
950 for (r = cpu->gdb_regs; r; r = r->next) {
951 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
952 return r->set_reg(env, mem_buf, reg - r->base_reg);
958 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
959 specifies the first register number and these registers are included in
960 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
961 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
964 void gdb_register_coprocessor(CPUState *cpu,
965 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
966 int num_regs, const char *xml, int g_pos)
969 GDBRegisterState **p;
973 /* Check for duplicates. */
974 if (strcmp((*p)->xml, xml) == 0)
979 s = g_new0(GDBRegisterState, 1);
980 s->base_reg = cpu->gdb_num_regs;
981 s->num_regs = num_regs;
982 s->get_reg = get_reg;
983 s->set_reg = set_reg;
986 /* Add to end of list. */
987 cpu->gdb_num_regs += num_regs;
990 if (g_pos != s->base_reg) {
991 error_report("Error: Bad gdb register numbering for '%s', "
992 "expected %d got %d", xml, g_pos, s->base_reg);
994 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
999 #ifndef CONFIG_USER_ONLY
1000 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1001 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1003 static const int xlat[] = {
1004 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1005 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1006 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1009 CPUClass *cc = CPU_GET_CLASS(cpu);
1010 int cputype = xlat[gdbtype];
1012 if (cc->gdb_stop_before_watchpoint) {
1013 cputype |= BP_STOP_BEFORE_ACCESS;
1019 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1024 if (kvm_enabled()) {
1025 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1029 case GDB_BREAKPOINT_SW:
1030 case GDB_BREAKPOINT_HW:
1032 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1038 #ifndef CONFIG_USER_ONLY
1039 case GDB_WATCHPOINT_WRITE:
1040 case GDB_WATCHPOINT_READ:
1041 case GDB_WATCHPOINT_ACCESS:
1043 err = cpu_watchpoint_insert(cpu, addr, len,
1044 xlat_gdb_type(cpu, type), NULL);
1056 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1061 if (kvm_enabled()) {
1062 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1066 case GDB_BREAKPOINT_SW:
1067 case GDB_BREAKPOINT_HW:
1069 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1075 #ifndef CONFIG_USER_ONLY
1076 case GDB_WATCHPOINT_WRITE:
1077 case GDB_WATCHPOINT_READ:
1078 case GDB_WATCHPOINT_ACCESS:
1080 err = cpu_watchpoint_remove(cpu, addr, len,
1081 xlat_gdb_type(cpu, type));
1092 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1094 cpu_breakpoint_remove_all(cpu, BP_GDB);
1095 #ifndef CONFIG_USER_ONLY
1096 cpu_watchpoint_remove_all(cpu, BP_GDB);
1100 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1102 CPUState *cpu = get_first_cpu_in_process(p);
1105 gdb_cpu_breakpoint_remove_all(cpu);
1106 cpu = gdb_next_cpu_in_process(cpu);
1110 static void gdb_breakpoint_remove_all(void)
1114 if (kvm_enabled()) {
1115 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1120 gdb_cpu_breakpoint_remove_all(cpu);
1124 static void gdb_set_cpu_pc(target_ulong pc)
1126 CPUState *cpu = gdbserver_state.c_cpu;
1128 cpu_synchronize_state(cpu);
1129 cpu_set_pc(cpu, pc);
1132 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1134 if (gdbserver_state.multiprocess) {
1135 g_string_append_printf(buf, "p%02x.%02x",
1136 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1138 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1142 typedef enum GDBThreadIdKind {
1144 GDB_ALL_THREADS, /* One process, all threads */
1149 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1150 uint32_t *pid, uint32_t *tid)
1157 ret = qemu_strtoul(buf, &buf, 16, &p);
1160 return GDB_READ_THREAD_ERR;
1169 ret = qemu_strtoul(buf, &buf, 16, &t);
1172 return GDB_READ_THREAD_ERR;
1178 return GDB_ALL_PROCESSES;
1186 return GDB_ALL_THREADS;
1193 return GDB_ONE_THREAD;
1197 * gdb_handle_vcont - Parses and handles a vCont packet.
1198 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1199 * a format error, 0 on success.
1201 static int gdb_handle_vcont(const char *p)
1203 int res, signal = 0;
1208 GDBProcess *process;
1210 GDBThreadIdKind kind;
1211 #ifdef CONFIG_USER_ONLY
1212 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1215 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1218 MachineState *ms = MACHINE(qdev_get_machine());
1219 unsigned int max_cpus = ms->smp.max_cpus;
1221 /* uninitialised CPUs stay 0 */
1222 newstates = g_new0(char, max_cpus);
1224 /* mark valid CPUs with 1 */
1226 newstates[cpu->cpu_index] = 1;
1230 * res keeps track of what error we are returning, with -ENOTSUP meaning
1231 * that the command is unknown or unsupported, thus returning an empty
1232 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1233 * or incorrect parameters passed.
1243 if (cur_action == 'C' || cur_action == 'S') {
1244 cur_action = qemu_tolower(cur_action);
1245 res = qemu_strtoul(p, &p, 16, &tmp);
1249 signal = gdb_signal_to_target(tmp);
1250 } else if (cur_action != 'c' && cur_action != 's') {
1251 /* unknown/invalid/unsupported command */
1256 if (*p == '\0' || *p == ';') {
1258 * No thread specifier, action is on "all threads". The
1259 * specification is unclear regarding the process to act on. We
1260 * choose all processes.
1262 kind = GDB_ALL_PROCESSES;
1263 } else if (*p++ == ':') {
1264 kind = read_thread_id(p, &p, &pid, &tid);
1271 case GDB_READ_THREAD_ERR:
1275 case GDB_ALL_PROCESSES:
1276 cpu = gdb_first_attached_cpu();
1278 if (newstates[cpu->cpu_index] == 1) {
1279 newstates[cpu->cpu_index] = cur_action;
1282 cpu = gdb_next_attached_cpu(cpu);
1286 case GDB_ALL_THREADS:
1287 process = gdb_get_process(pid);
1289 if (!process->attached) {
1294 cpu = get_first_cpu_in_process(process);
1296 if (newstates[cpu->cpu_index] == 1) {
1297 newstates[cpu->cpu_index] = cur_action;
1300 cpu = gdb_next_cpu_in_process(cpu);
1304 case GDB_ONE_THREAD:
1305 cpu = gdb_get_cpu(pid, tid);
1307 /* invalid CPU/thread specified */
1313 /* only use if no previous match occourred */
1314 if (newstates[cpu->cpu_index] == 1) {
1315 newstates[cpu->cpu_index] = cur_action;
1320 gdbserver_state.signal = signal;
1321 gdb_continue_partial(newstates);
1329 typedef union GdbCmdVariant {
1332 unsigned long val_ul;
1333 unsigned long long val_ull;
1335 GDBThreadIdKind kind;
1341 static const char *cmd_next_param(const char *param, const char delimiter)
1343 static const char all_delimiters[] = ",;:=";
1344 char curr_delimiters[2] = {0};
1345 const char *delimiters;
1347 if (delimiter == '?') {
1348 delimiters = all_delimiters;
1349 } else if (delimiter == '0') {
1350 return strchr(param, '\0');
1351 } else if (delimiter == '.' && *param) {
1354 curr_delimiters[0] = delimiter;
1355 delimiters = curr_delimiters;
1358 param += strcspn(param, delimiters);
1365 static int cmd_parse_params(const char *data, const char *schema,
1366 GdbCmdVariant *params, int *num_params)
1369 const char *curr_schema, *curr_data;
1377 curr_schema = schema;
1380 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1381 switch (curr_schema[0]) {
1383 if (qemu_strtoul(curr_data, &curr_data, 16,
1384 ¶ms[curr_param].val_ul)) {
1388 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1391 if (qemu_strtou64(curr_data, &curr_data, 16,
1392 (uint64_t *)¶ms[curr_param].val_ull)) {
1396 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1399 params[curr_param].data = curr_data;
1401 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1404 params[curr_param].opcode = *(uint8_t *)curr_data;
1406 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1409 params[curr_param].thread_id.kind =
1410 read_thread_id(curr_data, &curr_data,
1411 ¶ms[curr_param].thread_id.pid,
1412 ¶ms[curr_param].thread_id.tid);
1414 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1417 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1425 *num_params = curr_param;
1429 typedef struct GdbCmdContext {
1430 GdbCmdVariant *params;
1434 typedef void (*GdbCmdHandler)(GdbCmdContext *gdb_ctx, void *user_ctx);
1437 * cmd_startswith -> cmd is compared using startswith
1440 * schema definitions:
1441 * Each schema parameter entry consists of 2 chars,
1442 * the first char represents the parameter type handling
1443 * the second char represents the delimiter for the next parameter
1445 * Currently supported schema types:
1446 * 'l' -> unsigned long (stored in .val_ul)
1447 * 'L' -> unsigned long long (stored in .val_ull)
1448 * 's' -> string (stored in .data)
1449 * 'o' -> single char (stored in .opcode)
1450 * 't' -> thread id (stored in .thread_id)
1451 * '?' -> skip according to delimiter
1453 * Currently supported delimiters:
1454 * '?' -> Stop at any delimiter (",;:=\0")
1455 * '0' -> Stop at "\0"
1456 * '.' -> Skip 1 char unless reached "\0"
1457 * Any other value is treated as the delimiter value itself
1459 typedef struct GdbCmdParseEntry {
1460 GdbCmdHandler handler;
1462 bool cmd_startswith;
1466 static inline int startswith(const char *string, const char *pattern)
1468 return !strncmp(string, pattern, strlen(pattern));
1471 static int process_string_cmd(void *user_ctx, const char *data,
1472 const GdbCmdParseEntry *cmds, int num_cmds)
1474 int i, schema_len, max_num_params = 0;
1475 GdbCmdContext gdb_ctx;
1481 for (i = 0; i < num_cmds; i++) {
1482 const GdbCmdParseEntry *cmd = &cmds[i];
1483 g_assert(cmd->handler && cmd->cmd);
1485 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1486 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1491 schema_len = strlen(cmd->schema);
1492 if (schema_len % 2) {
1496 max_num_params = schema_len / 2;
1500 (GdbCmdVariant *)alloca(sizeof(*gdb_ctx.params) * max_num_params);
1501 memset(gdb_ctx.params, 0, sizeof(*gdb_ctx.params) * max_num_params);
1503 if (cmd_parse_params(&data[strlen(cmd->cmd)], cmd->schema,
1504 gdb_ctx.params, &gdb_ctx.num_params)) {
1508 cmd->handler(&gdb_ctx, user_ctx);
1515 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1521 g_string_set_size(gdbserver_state.str_buf, 0);
1522 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1524 /* In case there was an error during the command parsing we must
1525 * send a NULL packet to indicate the command is not supported */
1526 if (process_string_cmd(NULL, data, cmd, 1)) {
1531 static void handle_detach(GdbCmdContext *gdb_ctx, void *user_ctx)
1533 GDBProcess *process;
1536 if (gdbserver_state.multiprocess) {
1537 if (!gdb_ctx->num_params) {
1542 pid = gdb_ctx->params[0].val_ul;
1545 process = gdb_get_process(pid);
1546 gdb_process_breakpoint_remove_all(process);
1547 process->attached = false;
1549 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1550 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1553 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1554 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1557 if (!gdbserver_state.c_cpu) {
1558 /* No more process attached */
1559 gdb_syscall_mode = GDB_SYS_DISABLED;
1565 static void handle_thread_alive(GdbCmdContext *gdb_ctx, void *user_ctx)
1569 if (!gdb_ctx->num_params) {
1574 if (gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
1579 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
1580 gdb_ctx->params[0].thread_id.tid);
1589 static void handle_continue(GdbCmdContext *gdb_ctx, void *user_ctx)
1591 if (gdb_ctx->num_params) {
1592 gdb_set_cpu_pc(gdb_ctx->params[0].val_ull);
1595 gdbserver_state.signal = 0;
1599 static void handle_cont_with_sig(GdbCmdContext *gdb_ctx, void *user_ctx)
1601 unsigned long signal = 0;
1604 * Note: C sig;[addr] is currently unsupported and we simply
1605 * omit the addr parameter
1607 if (gdb_ctx->num_params) {
1608 signal = gdb_ctx->params[0].val_ul;
1611 gdbserver_state.signal = gdb_signal_to_target(signal);
1612 if (gdbserver_state.signal == -1) {
1613 gdbserver_state.signal = 0;
1618 static void handle_set_thread(GdbCmdContext *gdb_ctx, void *user_ctx)
1622 if (gdb_ctx->num_params != 2) {
1627 if (gdb_ctx->params[1].thread_id.kind == GDB_READ_THREAD_ERR) {
1632 if (gdb_ctx->params[1].thread_id.kind != GDB_ONE_THREAD) {
1637 cpu = gdb_get_cpu(gdb_ctx->params[1].thread_id.pid,
1638 gdb_ctx->params[1].thread_id.tid);
1645 * Note: This command is deprecated and modern gdb's will be using the
1646 * vCont command instead.
1648 switch (gdb_ctx->params[0].opcode) {
1650 gdbserver_state.c_cpu = cpu;
1654 gdbserver_state.g_cpu = cpu;
1663 static void handle_insert_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1667 if (gdb_ctx->num_params != 3) {
1672 res = gdb_breakpoint_insert(gdb_ctx->params[0].val_ul,
1673 gdb_ctx->params[1].val_ull,
1674 gdb_ctx->params[2].val_ull);
1678 } else if (res == -ENOSYS) {
1686 static void handle_remove_bp(GdbCmdContext *gdb_ctx, void *user_ctx)
1690 if (gdb_ctx->num_params != 3) {
1695 res = gdb_breakpoint_remove(gdb_ctx->params[0].val_ul,
1696 gdb_ctx->params[1].val_ull,
1697 gdb_ctx->params[2].val_ull);
1701 } else if (res == -ENOSYS) {
1710 * handle_set/get_reg
1712 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1713 * This works, but can be very slow. Anything new enough to understand
1714 * XML also knows how to use this properly. However to use this we
1715 * need to define a local XML file as well as be talking to a
1716 * reasonably modern gdb. Responding with an empty packet will cause
1717 * the remote gdb to fallback to older methods.
1720 static void handle_set_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1729 if (gdb_ctx->num_params != 2) {
1734 reg_size = strlen(gdb_ctx->params[1].data) / 2;
1735 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[1].data, reg_size);
1736 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1737 gdb_ctx->params[0].val_ull);
1741 static void handle_get_reg(GdbCmdContext *gdb_ctx, void *user_ctx)
1750 if (!gdb_ctx->num_params) {
1755 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1756 gdbserver_state.mem_buf,
1757 gdb_ctx->params[0].val_ull);
1762 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1765 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1769 static void handle_write_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1771 if (gdb_ctx->num_params != 3) {
1776 /* hextomem() reads 2*len bytes */
1777 if (gdb_ctx->params[1].val_ull > strlen(gdb_ctx->params[2].data) / 2) {
1782 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[2].data,
1783 gdb_ctx->params[1].val_ull);
1784 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1785 gdbserver_state.mem_buf->data,
1786 gdbserver_state.mem_buf->len, true)) {
1794 static void handle_read_mem(GdbCmdContext *gdb_ctx, void *user_ctx)
1796 if (gdb_ctx->num_params != 2) {
1801 /* memtohex() doubles the required space */
1802 if (gdb_ctx->params[1].val_ull > MAX_PACKET_LENGTH / 2) {
1807 g_byte_array_set_size(gdbserver_state.mem_buf, gdb_ctx->params[1].val_ull);
1809 if (target_memory_rw_debug(gdbserver_state.g_cpu, gdb_ctx->params[0].val_ull,
1810 gdbserver_state.mem_buf->data,
1811 gdbserver_state.mem_buf->len, false)) {
1816 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1817 gdbserver_state.mem_buf->len);
1821 static void handle_write_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1823 target_ulong addr, len;
1827 if (!gdb_ctx->num_params) {
1831 cpu_synchronize_state(gdbserver_state.g_cpu);
1832 len = strlen(gdb_ctx->params[0].data) / 2;
1833 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
1834 registers = gdbserver_state.mem_buf->data;
1835 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1837 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1839 registers += reg_size;
1844 static void handle_read_all_regs(GdbCmdContext *gdb_ctx, void *user_ctx)
1846 target_ulong addr, len;
1848 cpu_synchronize_state(gdbserver_state.g_cpu);
1849 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1851 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1852 len += gdb_read_register(gdbserver_state.g_cpu,
1853 gdbserver_state.mem_buf,
1856 g_assert(len == gdbserver_state.mem_buf->len);
1858 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1862 static void handle_file_io(GdbCmdContext *gdb_ctx, void *user_ctx)
1864 if (gdb_ctx->num_params >= 1 && gdbserver_state.current_syscall_cb) {
1865 target_ulong ret, err;
1867 ret = (target_ulong)gdb_ctx->params[0].val_ull;
1868 if (gdb_ctx->num_params >= 2) {
1869 err = (target_ulong)gdb_ctx->params[1].val_ull;
1873 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1874 gdbserver_state.current_syscall_cb = NULL;
1877 if (gdb_ctx->num_params >= 3 && gdb_ctx->params[2].opcode == (uint8_t)'C') {
1885 static void handle_step(GdbCmdContext *gdb_ctx, void *user_ctx)
1887 if (gdb_ctx->num_params) {
1888 gdb_set_cpu_pc((target_ulong)gdb_ctx->params[0].val_ull);
1891 cpu_single_step(gdbserver_state.c_cpu, get_sstep_flags());
1895 static void handle_backward(GdbCmdContext *gdb_ctx, void *user_ctx)
1897 if (replay_mode != REPLAY_MODE_PLAY) {
1900 if (gdb_ctx->num_params == 1) {
1901 switch (gdb_ctx->params[0].opcode) {
1903 if (replay_reverse_step()) {
1910 if (replay_reverse_continue()) {
1919 /* Default invalid command */
1923 static void handle_v_cont_query(GdbCmdContext *gdb_ctx, void *user_ctx)
1925 put_packet("vCont;c;C;s;S");
1928 static void handle_v_cont(GdbCmdContext *gdb_ctx, void *user_ctx)
1932 if (!gdb_ctx->num_params) {
1936 res = gdb_handle_vcont(gdb_ctx->params[0].data);
1937 if ((res == -EINVAL) || (res == -ERANGE)) {
1944 static void handle_v_attach(GdbCmdContext *gdb_ctx, void *user_ctx)
1946 GDBProcess *process;
1949 g_string_assign(gdbserver_state.str_buf, "E22");
1950 if (!gdb_ctx->num_params) {
1954 process = gdb_get_process(gdb_ctx->params[0].val_ul);
1959 cpu = get_first_cpu_in_process(process);
1964 process->attached = true;
1965 gdbserver_state.g_cpu = cpu;
1966 gdbserver_state.c_cpu = cpu;
1968 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1969 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1970 g_string_append_c(gdbserver_state.str_buf, ';');
1975 static void handle_v_kill(GdbCmdContext *gdb_ctx, void *user_ctx)
1977 /* Kill the target */
1979 error_report("QEMU: Terminated via GDBstub");
1984 static GdbCmdParseEntry gdb_v_commands_table[] = {
1985 /* Order is important if has same prefix */
1987 .handler = handle_v_cont_query,
1992 .handler = handle_v_cont,
1994 .cmd_startswith = 1,
1998 .handler = handle_v_attach,
2000 .cmd_startswith = 1,
2004 .handler = handle_v_kill,
2010 static void handle_v_commands(GdbCmdContext *gdb_ctx, void *user_ctx)
2012 if (!gdb_ctx->num_params) {
2016 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2017 gdb_v_commands_table,
2018 ARRAY_SIZE(gdb_v_commands_table))) {
2023 static void handle_query_qemu_sstepbits(GdbCmdContext *gdb_ctx, void *user_ctx)
2025 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2026 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER);
2030 static void handle_set_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
2032 if (!gdb_ctx->num_params) {
2036 sstep_flags = gdb_ctx->params[0].val_ul;
2040 static void handle_query_qemu_sstep(GdbCmdContext *gdb_ctx, void *user_ctx)
2042 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags);
2046 static void handle_query_curr_tid(GdbCmdContext *gdb_ctx, void *user_ctx)
2049 GDBProcess *process;
2052 * "Current thread" remains vague in the spec, so always return
2053 * the first thread of the current process (gdb returns the
2056 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2057 cpu = get_first_cpu_in_process(process);
2058 g_string_assign(gdbserver_state.str_buf, "QC");
2059 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2063 static void handle_query_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2065 if (!gdbserver_state.query_cpu) {
2070 g_string_assign(gdbserver_state.str_buf, "m");
2071 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2073 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2076 static void handle_query_first_threads(GdbCmdContext *gdb_ctx, void *user_ctx)
2078 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2079 handle_query_threads(gdb_ctx, user_ctx);
2082 static void handle_query_thread_extra(GdbCmdContext *gdb_ctx, void *user_ctx)
2084 g_autoptr(GString) rs = g_string_new(NULL);
2087 if (!gdb_ctx->num_params ||
2088 gdb_ctx->params[0].thread_id.kind == GDB_READ_THREAD_ERR) {
2093 cpu = gdb_get_cpu(gdb_ctx->params[0].thread_id.pid,
2094 gdb_ctx->params[0].thread_id.tid);
2099 cpu_synchronize_state(cpu);
2101 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2102 /* Print the CPU model and name in multiprocess mode */
2103 ObjectClass *oc = object_get_class(OBJECT(cpu));
2104 const char *cpu_model = object_class_get_name(oc);
2105 const char *cpu_name =
2106 object_get_canonical_path_component(OBJECT(cpu));
2107 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2108 cpu->halted ? "halted " : "running");
2110 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2111 cpu->halted ? "halted " : "running");
2113 trace_gdbstub_op_extra_info(rs->str);
2114 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2118 #ifdef CONFIG_USER_ONLY
2119 static void handle_query_offsets(GdbCmdContext *gdb_ctx, void *user_ctx)
2123 ts = gdbserver_state.c_cpu->opaque;
2124 g_string_printf(gdbserver_state.str_buf,
2125 "Text=" TARGET_ABI_FMT_lx
2126 ";Data=" TARGET_ABI_FMT_lx
2127 ";Bss=" TARGET_ABI_FMT_lx,
2128 ts->info->code_offset,
2129 ts->info->data_offset,
2130 ts->info->data_offset);
2134 static void handle_query_rcmd(GdbCmdContext *gdb_ctx, void *user_ctx)
2136 const guint8 zero = 0;
2139 if (!gdb_ctx->num_params) {
2144 len = strlen(gdb_ctx->params[0].data);
2150 g_assert(gdbserver_state.mem_buf->len == 0);
2152 hextomem(gdbserver_state.mem_buf, gdb_ctx->params[0].data, len);
2153 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2154 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2155 gdbserver_state.mem_buf->len);
2160 static void handle_query_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2164 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2165 cc = CPU_GET_CLASS(first_cpu);
2166 if (cc->gdb_core_xml_file) {
2167 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2170 if (replay_mode == REPLAY_MODE_PLAY) {
2171 g_string_append(gdbserver_state.str_buf,
2172 ";ReverseStep+;ReverseContinue+");
2175 #ifdef CONFIG_USER_ONLY
2176 if (gdbserver_state.c_cpu->opaque) {
2177 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2181 if (gdb_ctx->num_params &&
2182 strstr(gdb_ctx->params[0].data, "multiprocess+")) {
2183 gdbserver_state.multiprocess = true;
2186 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2190 static void handle_query_xfer_features(GdbCmdContext *gdb_ctx, void *user_ctx)
2192 GDBProcess *process;
2194 unsigned long len, total_len, addr;
2198 if (gdb_ctx->num_params < 3) {
2203 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2204 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2205 if (!cc->gdb_core_xml_file) {
2211 p = gdb_ctx->params[0].data;
2212 xml = get_feature_xml(p, &p, process);
2218 addr = gdb_ctx->params[1].val_ul;
2219 len = gdb_ctx->params[2].val_ul;
2220 total_len = strlen(xml);
2221 if (addr > total_len) {
2226 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2227 len = (MAX_PACKET_LENGTH - 5) / 2;
2230 if (len < total_len - addr) {
2231 g_string_assign(gdbserver_state.str_buf, "m");
2232 memtox(gdbserver_state.str_buf, xml + addr, len);
2234 g_string_assign(gdbserver_state.str_buf, "l");
2235 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2238 put_packet_binary(gdbserver_state.str_buf->str,
2239 gdbserver_state.str_buf->len, true);
2242 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2243 static void handle_query_xfer_auxv(GdbCmdContext *gdb_ctx, void *user_ctx)
2246 unsigned long offset, len, saved_auxv, auxv_len;
2248 if (gdb_ctx->num_params < 2) {
2253 offset = gdb_ctx->params[0].val_ul;
2254 len = gdb_ctx->params[1].val_ul;
2255 ts = gdbserver_state.c_cpu->opaque;
2256 saved_auxv = ts->info->saved_auxv;
2257 auxv_len = ts->info->auxv_len;
2259 if (offset >= auxv_len) {
2264 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2265 len = (MAX_PACKET_LENGTH - 5) / 2;
2268 if (len < auxv_len - offset) {
2269 g_string_assign(gdbserver_state.str_buf, "m");
2271 g_string_assign(gdbserver_state.str_buf, "l");
2272 len = auxv_len - offset;
2275 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2276 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2277 gdbserver_state.mem_buf->data, len, false)) {
2282 memtox(gdbserver_state.str_buf,
2283 (const char *)gdbserver_state.mem_buf->data, len);
2284 put_packet_binary(gdbserver_state.str_buf->str,
2285 gdbserver_state.str_buf->len, true);
2289 static void handle_query_attached(GdbCmdContext *gdb_ctx, void *user_ctx)
2291 put_packet(GDB_ATTACHED);
2294 static void handle_query_qemu_supported(GdbCmdContext *gdb_ctx, void *user_ctx)
2296 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2297 #ifndef CONFIG_USER_ONLY
2298 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2303 #ifndef CONFIG_USER_ONLY
2304 static void handle_query_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx,
2307 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2311 static void handle_set_qemu_phy_mem_mode(GdbCmdContext *gdb_ctx, void *user_ctx)
2313 if (!gdb_ctx->num_params) {
2318 if (!gdb_ctx->params[0].val_ul) {
2319 phy_memory_mode = 0;
2321 phy_memory_mode = 1;
2327 static GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2328 /* Order is important if has same prefix */
2330 .handler = handle_query_qemu_sstepbits,
2331 .cmd = "qemu.sstepbits",
2334 .handler = handle_query_qemu_sstep,
2335 .cmd = "qemu.sstep",
2338 .handler = handle_set_qemu_sstep,
2339 .cmd = "qemu.sstep=",
2340 .cmd_startswith = 1,
2345 static GdbCmdParseEntry gdb_gen_query_table[] = {
2347 .handler = handle_query_curr_tid,
2351 .handler = handle_query_threads,
2352 .cmd = "sThreadInfo",
2355 .handler = handle_query_first_threads,
2356 .cmd = "fThreadInfo",
2359 .handler = handle_query_thread_extra,
2360 .cmd = "ThreadExtraInfo,",
2361 .cmd_startswith = 1,
2364 #ifdef CONFIG_USER_ONLY
2366 .handler = handle_query_offsets,
2371 .handler = handle_query_rcmd,
2373 .cmd_startswith = 1,
2378 .handler = handle_query_supported,
2379 .cmd = "Supported:",
2380 .cmd_startswith = 1,
2384 .handler = handle_query_supported,
2389 .handler = handle_query_xfer_features,
2390 .cmd = "Xfer:features:read:",
2391 .cmd_startswith = 1,
2394 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2396 .handler = handle_query_xfer_auxv,
2397 .cmd = "Xfer:auxv:read::",
2398 .cmd_startswith = 1,
2403 .handler = handle_query_attached,
2408 .handler = handle_query_attached,
2412 .handler = handle_query_qemu_supported,
2413 .cmd = "qemu.Supported",
2415 #ifndef CONFIG_USER_ONLY
2417 .handler = handle_query_qemu_phy_mem_mode,
2418 .cmd = "qemu.PhyMemMode",
2423 static GdbCmdParseEntry gdb_gen_set_table[] = {
2424 /* Order is important if has same prefix */
2426 .handler = handle_set_qemu_sstep,
2427 .cmd = "qemu.sstep:",
2428 .cmd_startswith = 1,
2431 #ifndef CONFIG_USER_ONLY
2433 .handler = handle_set_qemu_phy_mem_mode,
2434 .cmd = "qemu.PhyMemMode:",
2435 .cmd_startswith = 1,
2441 static void handle_gen_query(GdbCmdContext *gdb_ctx, void *user_ctx)
2443 if (!gdb_ctx->num_params) {
2447 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2448 gdb_gen_query_set_common_table,
2449 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2453 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2454 gdb_gen_query_table,
2455 ARRAY_SIZE(gdb_gen_query_table))) {
2460 static void handle_gen_set(GdbCmdContext *gdb_ctx, void *user_ctx)
2462 if (!gdb_ctx->num_params) {
2466 if (!process_string_cmd(NULL, gdb_ctx->params[0].data,
2467 gdb_gen_query_set_common_table,
2468 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2472 if (process_string_cmd(NULL, gdb_ctx->params[0].data,
2474 ARRAY_SIZE(gdb_gen_set_table))) {
2479 static void handle_target_halt(GdbCmdContext *gdb_ctx, void *user_ctx)
2481 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2482 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2483 g_string_append_c(gdbserver_state.str_buf, ';');
2486 * Remove all the breakpoints when this query is issued,
2487 * because gdb is doing an initial connect and the state
2488 * should be cleaned up.
2490 gdb_breakpoint_remove_all();
2493 static int gdb_handle_packet(const char *line_buf)
2495 const GdbCmdParseEntry *cmd_parser = NULL;
2497 trace_gdbstub_io_command(line_buf);
2499 switch (line_buf[0]) {
2505 static const GdbCmdParseEntry target_halted_cmd_desc = {
2506 .handler = handle_target_halt,
2510 cmd_parser = &target_halted_cmd_desc;
2515 static const GdbCmdParseEntry continue_cmd_desc = {
2516 .handler = handle_continue,
2518 .cmd_startswith = 1,
2521 cmd_parser = &continue_cmd_desc;
2526 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2527 .handler = handle_cont_with_sig,
2529 .cmd_startswith = 1,
2532 cmd_parser = &cont_with_sig_cmd_desc;
2537 static const GdbCmdParseEntry v_cmd_desc = {
2538 .handler = handle_v_commands,
2540 .cmd_startswith = 1,
2543 cmd_parser = &v_cmd_desc;
2547 /* Kill the target */
2548 error_report("QEMU: Terminated via GDBstub");
2553 static const GdbCmdParseEntry detach_cmd_desc = {
2554 .handler = handle_detach,
2556 .cmd_startswith = 1,
2559 cmd_parser = &detach_cmd_desc;
2564 static const GdbCmdParseEntry step_cmd_desc = {
2565 .handler = handle_step,
2567 .cmd_startswith = 1,
2570 cmd_parser = &step_cmd_desc;
2575 static const GdbCmdParseEntry backward_cmd_desc = {
2576 .handler = handle_backward,
2578 .cmd_startswith = 1,
2581 cmd_parser = &backward_cmd_desc;
2586 static const GdbCmdParseEntry file_io_cmd_desc = {
2587 .handler = handle_file_io,
2589 .cmd_startswith = 1,
2592 cmd_parser = &file_io_cmd_desc;
2597 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2598 .handler = handle_read_all_regs,
2602 cmd_parser = &read_all_regs_cmd_desc;
2607 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2608 .handler = handle_write_all_regs,
2610 .cmd_startswith = 1,
2613 cmd_parser = &write_all_regs_cmd_desc;
2618 static const GdbCmdParseEntry read_mem_cmd_desc = {
2619 .handler = handle_read_mem,
2621 .cmd_startswith = 1,
2624 cmd_parser = &read_mem_cmd_desc;
2629 static const GdbCmdParseEntry write_mem_cmd_desc = {
2630 .handler = handle_write_mem,
2632 .cmd_startswith = 1,
2635 cmd_parser = &write_mem_cmd_desc;
2640 static const GdbCmdParseEntry get_reg_cmd_desc = {
2641 .handler = handle_get_reg,
2643 .cmd_startswith = 1,
2646 cmd_parser = &get_reg_cmd_desc;
2651 static const GdbCmdParseEntry set_reg_cmd_desc = {
2652 .handler = handle_set_reg,
2654 .cmd_startswith = 1,
2657 cmd_parser = &set_reg_cmd_desc;
2662 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2663 .handler = handle_insert_bp,
2665 .cmd_startswith = 1,
2668 cmd_parser = &insert_bp_cmd_desc;
2673 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2674 .handler = handle_remove_bp,
2676 .cmd_startswith = 1,
2679 cmd_parser = &remove_bp_cmd_desc;
2684 static const GdbCmdParseEntry set_thread_cmd_desc = {
2685 .handler = handle_set_thread,
2687 .cmd_startswith = 1,
2690 cmd_parser = &set_thread_cmd_desc;
2695 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2696 .handler = handle_thread_alive,
2698 .cmd_startswith = 1,
2701 cmd_parser = &thread_alive_cmd_desc;
2706 static const GdbCmdParseEntry gen_query_cmd_desc = {
2707 .handler = handle_gen_query,
2709 .cmd_startswith = 1,
2712 cmd_parser = &gen_query_cmd_desc;
2717 static const GdbCmdParseEntry gen_set_cmd_desc = {
2718 .handler = handle_gen_set,
2720 .cmd_startswith = 1,
2723 cmd_parser = &gen_set_cmd_desc;
2727 /* put empty packet */
2733 run_cmd_parser(line_buf, cmd_parser);
2739 void gdb_set_stop_cpu(CPUState *cpu)
2741 GDBProcess *p = gdb_get_cpu_process(cpu);
2745 * Having a stop CPU corresponding to a process that is not attached
2746 * confuses GDB. So we ignore the request.
2751 gdbserver_state.c_cpu = cpu;
2752 gdbserver_state.g_cpu = cpu;
2755 #ifndef CONFIG_USER_ONLY
2756 static void gdb_vm_state_change(void *opaque, bool running, RunState state)
2758 CPUState *cpu = gdbserver_state.c_cpu;
2759 g_autoptr(GString) buf = g_string_new(NULL);
2760 g_autoptr(GString) tid = g_string_new(NULL);
2764 if (running || gdbserver_state.state == RS_INACTIVE) {
2767 /* Is there a GDB syscall waiting to be sent? */
2768 if (gdbserver_state.current_syscall_cb) {
2769 put_packet(gdbserver_state.syscall_buf);
2774 /* No process attached */
2778 gdb_append_thread_id(cpu, tid);
2781 case RUN_STATE_DEBUG:
2782 if (cpu->watchpoint_hit) {
2783 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2794 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2795 (target_ulong)cpu->watchpoint_hit->vaddr);
2796 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2797 GDB_SIGNAL_TRAP, tid->str, type,
2798 (target_ulong)cpu->watchpoint_hit->vaddr);
2799 cpu->watchpoint_hit = NULL;
2802 trace_gdbstub_hit_break();
2805 ret = GDB_SIGNAL_TRAP;
2807 case RUN_STATE_PAUSED:
2808 trace_gdbstub_hit_paused();
2809 ret = GDB_SIGNAL_INT;
2811 case RUN_STATE_SHUTDOWN:
2812 trace_gdbstub_hit_shutdown();
2813 ret = GDB_SIGNAL_QUIT;
2815 case RUN_STATE_IO_ERROR:
2816 trace_gdbstub_hit_io_error();
2817 ret = GDB_SIGNAL_IO;
2819 case RUN_STATE_WATCHDOG:
2820 trace_gdbstub_hit_watchdog();
2821 ret = GDB_SIGNAL_ALRM;
2823 case RUN_STATE_INTERNAL_ERROR:
2824 trace_gdbstub_hit_internal_error();
2825 ret = GDB_SIGNAL_ABRT;
2827 case RUN_STATE_SAVE_VM:
2828 case RUN_STATE_RESTORE_VM:
2830 case RUN_STATE_FINISH_MIGRATE:
2831 ret = GDB_SIGNAL_XCPU;
2834 trace_gdbstub_hit_unknown(state);
2835 ret = GDB_SIGNAL_UNKNOWN;
2838 gdb_set_stop_cpu(cpu);
2839 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2842 put_packet(buf->str);
2844 /* disable single step if it was enabled */
2845 cpu_single_step(cpu, 0);
2849 /* Send a gdb syscall request.
2850 This accepts limited printf-style format specifiers, specifically:
2851 %x - target_ulong argument printed in hex.
2852 %lx - 64-bit argument printed in hex.
2853 %s - string pointer (target_ulong) and length (int) pair. */
2854 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2861 if (!gdbserver_state.init) {
2865 gdbserver_state.current_syscall_cb = cb;
2866 #ifndef CONFIG_USER_ONLY
2867 vm_stop(RUN_STATE_DEBUG);
2869 p = &gdbserver_state.syscall_buf[0];
2870 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2877 addr = va_arg(va, target_ulong);
2878 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2881 if (*(fmt++) != 'x')
2883 i64 = va_arg(va, uint64_t);
2884 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2887 addr = va_arg(va, target_ulong);
2888 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2889 addr, va_arg(va, int));
2893 error_report("gdbstub: Bad syscall format string '%s'",
2902 #ifdef CONFIG_USER_ONLY
2903 put_packet(gdbserver_state.syscall_buf);
2904 /* Return control to gdb for it to process the syscall request.
2905 * Since the protocol requires that gdb hands control back to us
2906 * using a "here are the results" F packet, we don't need to check
2907 * gdb_handlesig's return value (which is the signal to deliver if
2908 * execution was resumed via a continue packet).
2910 gdb_handlesig(gdbserver_state.c_cpu, 0);
2912 /* In this case wait to send the syscall packet until notification that
2913 the CPU has stopped. This must be done because if the packet is sent
2914 now the reply from the syscall request could be received while the CPU
2915 is still in the running state, which can cause packets to be dropped
2916 and state transition 'T' packets to be sent while the syscall is still
2918 qemu_cpu_kick(gdbserver_state.c_cpu);
2922 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2927 gdb_do_syscallv(cb, fmt, va);
2931 static void gdb_read_byte(uint8_t ch)
2935 #ifndef CONFIG_USER_ONLY
2936 if (gdbserver_state.last_packet->len) {
2937 /* Waiting for a response to the last packet. If we see the start
2938 of a new command then abandon the previous response. */
2940 trace_gdbstub_err_got_nack();
2941 put_buffer(gdbserver_state.last_packet->data,
2942 gdbserver_state.last_packet->len);
2943 } else if (ch == '+') {
2944 trace_gdbstub_io_got_ack();
2946 trace_gdbstub_io_got_unexpected(ch);
2949 if (ch == '+' || ch == '$') {
2950 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2955 if (runstate_is_running()) {
2956 /* when the CPU is running, we cannot do anything except stop
2957 it when receiving a char */
2958 vm_stop(RUN_STATE_PAUSED);
2962 switch(gdbserver_state.state) {
2965 /* start of command packet */
2966 gdbserver_state.line_buf_index = 0;
2967 gdbserver_state.line_sum = 0;
2968 gdbserver_state.state = RS_GETLINE;
2970 trace_gdbstub_err_garbage(ch);
2975 /* start escape sequence */
2976 gdbserver_state.state = RS_GETLINE_ESC;
2977 gdbserver_state.line_sum += ch;
2978 } else if (ch == '*') {
2979 /* start run length encoding sequence */
2980 gdbserver_state.state = RS_GETLINE_RLE;
2981 gdbserver_state.line_sum += ch;
2982 } else if (ch == '#') {
2983 /* end of command, start of checksum*/
2984 gdbserver_state.state = RS_CHKSUM1;
2985 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2986 trace_gdbstub_err_overrun();
2987 gdbserver_state.state = RS_IDLE;
2989 /* unescaped command character */
2990 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2991 gdbserver_state.line_sum += ch;
2994 case RS_GETLINE_ESC:
2996 /* unexpected end of command in escape sequence */
2997 gdbserver_state.state = RS_CHKSUM1;
2998 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2999 /* command buffer overrun */
3000 trace_gdbstub_err_overrun();
3001 gdbserver_state.state = RS_IDLE;
3003 /* parse escaped character and leave escape state */
3004 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
3005 gdbserver_state.line_sum += ch;
3006 gdbserver_state.state = RS_GETLINE;
3009 case RS_GETLINE_RLE:
3011 * Run-length encoding is explained in "Debugging with GDB /
3012 * Appendix E GDB Remote Serial Protocol / Overview".
3014 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
3015 /* invalid RLE count encoding */
3016 trace_gdbstub_err_invalid_repeat(ch);
3017 gdbserver_state.state = RS_GETLINE;
3019 /* decode repeat length */
3020 int repeat = ch - ' ' + 3;
3021 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
3022 /* that many repeats would overrun the command buffer */
3023 trace_gdbstub_err_overrun();
3024 gdbserver_state.state = RS_IDLE;
3025 } else if (gdbserver_state.line_buf_index < 1) {
3026 /* got a repeat but we have nothing to repeat */
3027 trace_gdbstub_err_invalid_rle();
3028 gdbserver_state.state = RS_GETLINE;
3030 /* repeat the last character */
3031 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
3032 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
3033 gdbserver_state.line_buf_index += repeat;
3034 gdbserver_state.line_sum += ch;
3035 gdbserver_state.state = RS_GETLINE;
3040 /* get high hex digit of checksum */
3041 if (!isxdigit(ch)) {
3042 trace_gdbstub_err_checksum_invalid(ch);
3043 gdbserver_state.state = RS_GETLINE;
3046 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
3047 gdbserver_state.line_csum = fromhex(ch) << 4;
3048 gdbserver_state.state = RS_CHKSUM2;
3051 /* get low hex digit of checksum */
3052 if (!isxdigit(ch)) {
3053 trace_gdbstub_err_checksum_invalid(ch);
3054 gdbserver_state.state = RS_GETLINE;
3057 gdbserver_state.line_csum |= fromhex(ch);
3059 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3060 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3061 /* send NAK reply */
3063 put_buffer(&reply, 1);
3064 gdbserver_state.state = RS_IDLE;
3066 /* send ACK reply */
3068 put_buffer(&reply, 1);
3069 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3078 /* Tell the remote gdb that the process has exited. */
3079 void gdb_exit(int code)
3083 if (!gdbserver_state.init) {
3086 #ifdef CONFIG_USER_ONLY
3087 if (gdbserver_state.socket_path) {
3088 unlink(gdbserver_state.socket_path);
3090 if (gdbserver_state.fd < 0) {
3095 trace_gdbstub_op_exiting((uint8_t)code);
3097 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3100 #ifndef CONFIG_USER_ONLY
3101 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3106 * Create the process that will contain all the "orphan" CPUs (that are not
3107 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3108 * be attachable and thus will be invisible to the user.
3110 static void create_default_process(GDBState *s)
3112 GDBProcess *process;
3115 if (gdbserver_state.process_num) {
3116 max_pid = s->processes[s->process_num - 1].pid;
3119 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3120 process = &s->processes[s->process_num - 1];
3122 /* We need an available PID slot for this process */
3123 assert(max_pid < UINT32_MAX);
3125 process->pid = max_pid + 1;
3126 process->attached = false;
3127 process->target_xml[0] = '\0';
3130 #ifdef CONFIG_USER_ONLY
3132 gdb_handlesig(CPUState *cpu, int sig)
3137 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3141 /* disable single step if it was enabled */
3142 cpu_single_step(cpu, 0);
3146 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
3149 /* put_packet() might have detected that the peer terminated the
3151 if (gdbserver_state.fd < 0) {
3156 gdbserver_state.state = RS_IDLE;
3157 gdbserver_state.running_state = 0;
3158 while (gdbserver_state.running_state == 0) {
3159 n = read(gdbserver_state.fd, buf, 256);
3163 for (i = 0; i < n; i++) {
3164 gdb_read_byte(buf[i]);
3167 /* XXX: Connection closed. Should probably wait for another
3168 connection before continuing. */
3170 close(gdbserver_state.fd);
3172 gdbserver_state.fd = -1;
3176 sig = gdbserver_state.signal;
3177 gdbserver_state.signal = 0;
3181 /* Tell the remote gdb that the process has exited due to SIG. */
3182 void gdb_signalled(CPUArchState *env, int sig)
3186 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3190 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3194 static void gdb_accept_init(int fd)
3196 init_gdbserver_state();
3197 create_default_process(&gdbserver_state);
3198 gdbserver_state.processes[0].attached = true;
3199 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3200 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3201 gdbserver_state.fd = fd;
3202 gdb_has_xml = false;
3205 static bool gdb_accept_socket(int gdb_fd)
3210 fd = accept(gdb_fd, NULL, NULL);
3211 if (fd < 0 && errno != EINTR) {
3212 perror("accept socket");
3214 } else if (fd >= 0) {
3215 qemu_set_cloexec(fd);
3220 gdb_accept_init(fd);
3224 static int gdbserver_open_socket(const char *path)
3226 struct sockaddr_un sockaddr;
3229 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3231 perror("create socket");
3235 sockaddr.sun_family = AF_UNIX;
3236 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3237 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3239 perror("bind socket");
3243 ret = listen(fd, 1);
3245 perror("listen socket");
3253 static bool gdb_accept_tcp(int gdb_fd)
3255 struct sockaddr_in sockaddr;
3260 len = sizeof(sockaddr);
3261 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3262 if (fd < 0 && errno != EINTR) {
3265 } else if (fd >= 0) {
3266 qemu_set_cloexec(fd);
3271 /* set short latency */
3272 if (socket_set_nodelay(fd)) {
3273 perror("setsockopt");
3278 gdb_accept_init(fd);
3282 static int gdbserver_open_port(int port)
3284 struct sockaddr_in sockaddr;
3287 fd = socket(PF_INET, SOCK_STREAM, 0);
3292 qemu_set_cloexec(fd);
3294 socket_set_fast_reuse(fd);
3296 sockaddr.sin_family = AF_INET;
3297 sockaddr.sin_port = htons(port);
3298 sockaddr.sin_addr.s_addr = 0;
3299 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3305 ret = listen(fd, 1);
3315 int gdbserver_start(const char *port_or_path)
3317 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3321 gdb_fd = gdbserver_open_port(port);
3323 gdb_fd = gdbserver_open_socket(port_or_path);
3330 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3332 } else if (gdb_accept_socket(gdb_fd)) {
3333 gdbserver_state.socket_path = g_strdup(port_or_path);
3342 /* Disable gdb stub for child processes. */
3343 void gdbserver_fork(CPUState *cpu)
3345 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3348 close(gdbserver_state.fd);
3349 gdbserver_state.fd = -1;
3350 cpu_breakpoint_remove_all(cpu, BP_GDB);
3351 cpu_watchpoint_remove_all(cpu, BP_GDB);
3354 static int gdb_chr_can_receive(void *opaque)
3356 /* We can handle an arbitrarily large amount of data.
3357 Pick the maximum packet size, which is as good as anything. */
3358 return MAX_PACKET_LENGTH;
3361 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3365 for (i = 0; i < size; i++) {
3366 gdb_read_byte(buf[i]);
3370 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3373 GDBState *s = (GDBState *) opaque;
3376 case CHR_EVENT_OPENED:
3377 /* Start with first process attached, others detached */
3378 for (i = 0; i < s->process_num; i++) {
3379 s->processes[i].attached = !i;
3382 s->c_cpu = gdb_first_attached_cpu();
3383 s->g_cpu = s->c_cpu;
3385 vm_stop(RUN_STATE_PAUSED);
3386 replay_gdb_attached();
3387 gdb_has_xml = false;
3394 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3396 g_autoptr(GString) hex_buf = g_string_new("O");
3397 memtohex(hex_buf, buf, len);
3398 put_packet(hex_buf->str);
3403 static void gdb_sigterm_handler(int signal)
3405 if (runstate_is_running()) {
3406 vm_stop(RUN_STATE_PAUSED);
3411 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3412 bool *be_opened, Error **errp)
3417 static void char_gdb_class_init(ObjectClass *oc, void *data)
3419 ChardevClass *cc = CHARDEV_CLASS(oc);
3421 cc->internal = true;
3422 cc->open = gdb_monitor_open;
3423 cc->chr_write = gdb_monitor_write;
3426 #define TYPE_CHARDEV_GDB "chardev-gdb"
3428 static const TypeInfo char_gdb_type_info = {
3429 .name = TYPE_CHARDEV_GDB,
3430 .parent = TYPE_CHARDEV,
3431 .class_init = char_gdb_class_init,
3434 static int find_cpu_clusters(Object *child, void *opaque)
3436 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3437 GDBState *s = (GDBState *) opaque;
3438 CPUClusterState *cluster = CPU_CLUSTER(child);
3439 GDBProcess *process;
3441 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3443 process = &s->processes[s->process_num - 1];
3446 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3447 * runtime, we enforce here that the machine does not use a cluster ID
3448 * that would lead to PID 0.
3450 assert(cluster->cluster_id != UINT32_MAX);
3451 process->pid = cluster->cluster_id + 1;
3452 process->attached = false;
3453 process->target_xml[0] = '\0';
3458 return object_child_foreach(child, find_cpu_clusters, opaque);
3461 static int pid_order(const void *a, const void *b)
3463 GDBProcess *pa = (GDBProcess *) a;
3464 GDBProcess *pb = (GDBProcess *) b;
3466 if (pa->pid < pb->pid) {
3468 } else if (pa->pid > pb->pid) {
3475 static void create_processes(GDBState *s)
3477 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3479 if (gdbserver_state.processes) {
3481 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3484 create_default_process(s);
3487 int gdbserver_start(const char *device)
3489 trace_gdbstub_op_start(device);
3491 char gdbstub_device_name[128];
3492 Chardev *chr = NULL;
3496 error_report("gdbstub: meaningless to attach gdb to a "
3497 "machine without any CPU.");
3503 if (strcmp(device, "none") != 0) {
3504 if (strstart(device, "tcp:", NULL)) {
3505 /* enforce required TCP attributes */
3506 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3507 "%s,wait=off,nodelay=on,server=on", device);
3508 device = gdbstub_device_name;
3511 else if (strcmp(device, "stdio") == 0) {
3512 struct sigaction act;
3514 memset(&act, 0, sizeof(act));
3515 act.sa_handler = gdb_sigterm_handler;
3516 sigaction(SIGINT, &act, NULL);
3520 * FIXME: it's a bit weird to allow using a mux chardev here
3521 * and implicitly setup a monitor. We may want to break this.
3523 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3528 if (!gdbserver_state.init) {
3529 init_gdbserver_state();
3531 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3533 /* Initialize a monitor terminal for gdb */
3534 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3535 NULL, NULL, &error_abort);
3536 monitor_init_hmp(mon_chr, false, &error_abort);
3538 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3539 mon_chr = gdbserver_state.mon_chr;
3540 reset_gdbserver_state();
3543 create_processes(&gdbserver_state);
3546 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3547 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3548 gdb_chr_receive, gdb_chr_event,
3549 NULL, &gdbserver_state, NULL, true);
3551 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3552 gdbserver_state.mon_chr = mon_chr;
3553 gdbserver_state.current_syscall_cb = NULL;
3558 static void register_types(void)
3560 type_register_static(&char_gdb_type_info);
3563 type_init(register_types);
OSDN Git Service
