4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace/trace-root.h"
34 #include "exec/gdbstub.h"
35 #ifdef CONFIG_USER_ONLY
38 #include "monitor/monitor.h"
39 #include "chardev/char.h"
40 #include "chardev/char-fe.h"
41 #include "hw/cpu/cluster.h"
42 #include "hw/boards.h"
45 #define MAX_PACKET_LENGTH 4096
47 #include "qemu/sockets.h"
48 #include "sysemu/hw_accel.h"
49 #include "sysemu/kvm.h"
50 #include "sysemu/runstate.h"
51 #include "semihosting/semihost.h"
52 #include "exec/exec-all.h"
53 #include "sysemu/replay.h"
55 #ifdef CONFIG_USER_ONLY
56 #define GDB_ATTACHED "0"
58 #define GDB_ATTACHED "1"
61 #ifndef CONFIG_USER_ONLY
62 static int phy_memory_mode;
65 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
66 uint8_t *buf, int len, bool is_write)
70 #ifndef CONFIG_USER_ONLY
71 if (phy_memory_mode) {
73 cpu_physical_memory_write(addr, buf, len);
75 cpu_physical_memory_read(addr, buf, len);
81 cc = CPU_GET_CLASS(cpu);
82 if (cc->memory_rw_debug) {
83 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
85 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
88 /* Return the GDB index for a given vCPU state.
90 * For user mode this is simply the thread id. In system mode GDB
91 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
93 static inline int cpu_gdb_index(CPUState *cpu)
95 #if defined(CONFIG_USER_ONLY)
96 TaskState *ts = (TaskState *) cpu->opaque;
99 return cpu->cpu_index + 1;
109 GDB_SIGNAL_ALRM = 14,
111 GDB_SIGNAL_XCPU = 24,
112 GDB_SIGNAL_UNKNOWN = 143
115 #ifdef CONFIG_USER_ONLY
117 /* Map target signal numbers to GDB protocol signal numbers and vice
118 * versa. For user emulation's currently supported systems, we can
119 * assume most signals are defined.
122 static int gdb_signal_table[] = {
282 /* In system mode we only need SIGINT and SIGTRAP; other signals
283 are not yet supported. */
290 static int gdb_signal_table[] = {
300 #ifdef CONFIG_USER_ONLY
301 static int target_signal_to_gdb (int sig)
304 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
305 if (gdb_signal_table[i] == sig)
307 return GDB_SIGNAL_UNKNOWN;
311 static int gdb_signal_to_target (int sig)
313 if (sig < ARRAY_SIZE (gdb_signal_table))
314 return gdb_signal_table[sig];
319 typedef struct GDBRegisterState {
322 gdb_get_reg_cb get_reg;
323 gdb_set_reg_cb set_reg;
325 struct GDBRegisterState *next;
328 typedef struct GDBProcess {
332 char target_xml[1024];
344 typedef struct GDBState {
345 bool init; /* have we been initialised? */
346 CPUState *c_cpu; /* current CPU for step/continue ops */
347 CPUState *g_cpu; /* current CPU for other ops */
348 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
349 enum RSState state; /* parsing state */
350 char line_buf[MAX_PACKET_LENGTH];
352 int line_sum; /* running checksum */
353 int line_csum; /* checksum at the end of the packet */
354 GByteArray *last_packet;
356 #ifdef CONFIG_USER_ONLY
365 GDBProcess *processes;
367 char syscall_buf[256];
368 gdb_syscall_complete_cb current_syscall_cb;
373 /* By default use no IRQs and no timers while single stepping so as to
374 * make single stepping like an ICE HW step.
376 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
378 /* Retrieves flags for single step mode. */
379 static int get_sstep_flags(void)
382 * In replay mode all events written into the log should be replayed.
383 * That is why NOIRQ flag is removed in this mode.
385 if (replay_mode != REPLAY_MODE_NONE) {
392 static GDBState gdbserver_state;
394 static void init_gdbserver_state(void)
396 g_assert(!gdbserver_state.init);
397 memset(&gdbserver_state, 0, sizeof(GDBState));
398 gdbserver_state.init = true;
399 gdbserver_state.str_buf = g_string_new(NULL);
400 gdbserver_state.mem_buf = g_byte_array_sized_new(MAX_PACKET_LENGTH);
401 gdbserver_state.last_packet = g_byte_array_sized_new(MAX_PACKET_LENGTH + 4);
404 #ifndef CONFIG_USER_ONLY
405 static void reset_gdbserver_state(void)
407 g_free(gdbserver_state.processes);
408 gdbserver_state.processes = NULL;
409 gdbserver_state.process_num = 0;
415 #ifdef CONFIG_USER_ONLY
417 static int get_char(void)
423 ret = qemu_recv(gdbserver_state.fd, &ch, 1, 0);
425 if (errno == ECONNRESET)
426 gdbserver_state.fd = -1;
429 } else if (ret == 0) {
430 close(gdbserver_state.fd);
431 gdbserver_state.fd = -1;
447 /* Decide if either remote gdb syscalls or native file IO should be used. */
448 int use_gdb_syscalls(void)
450 SemihostingTarget target = semihosting_get_target();
451 if (target == SEMIHOSTING_TARGET_NATIVE) {
452 /* -semihosting-config target=native */
454 } else if (target == SEMIHOSTING_TARGET_GDB) {
455 /* -semihosting-config target=gdb */
459 /* -semihosting-config target=auto */
460 /* On the first call check if gdb is connected and remember. */
461 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
462 gdb_syscall_mode = gdbserver_state.init ?
463 GDB_SYS_ENABLED : GDB_SYS_DISABLED;
465 return gdb_syscall_mode == GDB_SYS_ENABLED;
468 static bool stub_can_reverse(void)
470 #ifdef CONFIG_USER_ONLY
473 return replay_mode == REPLAY_MODE_PLAY;
477 /* Resume execution. */
478 static inline void gdb_continue(void)
481 #ifdef CONFIG_USER_ONLY
482 gdbserver_state.running_state = 1;
483 trace_gdbstub_op_continue();
485 if (!runstate_needs_reset()) {
486 trace_gdbstub_op_continue();
493 * Resume execution, per CPU actions. For user-mode emulation it's
494 * equivalent to gdb_continue.
496 static int gdb_continue_partial(char *newstates)
500 #ifdef CONFIG_USER_ONLY
502 * This is not exactly accurate, but it's an improvement compared to the
503 * previous situation, where only one CPU would be single-stepped.
506 if (newstates[cpu->cpu_index] == 's') {
507 trace_gdbstub_op_stepping(cpu->cpu_index);
508 cpu_single_step(cpu, sstep_flags);
511 gdbserver_state.running_state = 1;
515 if (!runstate_needs_reset()) {
516 if (vm_prepare_start()) {
521 switch (newstates[cpu->cpu_index]) {
524 break; /* nothing to do here */
526 trace_gdbstub_op_stepping(cpu->cpu_index);
527 cpu_single_step(cpu, get_sstep_flags());
532 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
543 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
549 static void put_buffer(const uint8_t *buf, int len)
551 #ifdef CONFIG_USER_ONLY
555 ret = send(gdbserver_state.fd, buf, len, 0);
565 /* XXX this blocks entire thread. Rewrite to use
566 * qemu_chr_fe_write and background I/O callbacks */
567 qemu_chr_fe_write_all(&gdbserver_state.chr, buf, len);
571 static inline int fromhex(int v)
573 if (v >= '0' && v <= '9')
575 else if (v >= 'A' && v <= 'F')
577 else if (v >= 'a' && v <= 'f')
583 static inline int tohex(int v)
591 /* writes 2*len+1 bytes in buf */
592 static void memtohex(GString *buf, const uint8_t *mem, int len)
595 for(i = 0; i < len; i++) {
597 g_string_append_c(buf, tohex(c >> 4));
598 g_string_append_c(buf, tohex(c & 0xf));
600 g_string_append_c(buf, '\0');
603 static void hextomem(GByteArray *mem, const char *buf, int len)
607 for(i = 0; i < len; i++) {
608 guint8 byte = fromhex(buf[0]) << 4 | fromhex(buf[1]);
609 g_byte_array_append(mem, &byte, 1);
614 static void hexdump(const char *buf, int len,
615 void (*trace_fn)(size_t ofs, char const *text))
617 char line_buffer[3 * 16 + 4 + 16 + 1];
620 for (i = 0; i < len || (i & 0xF); ++i) {
621 size_t byte_ofs = i & 15;
624 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
625 line_buffer[3 * 16 + 4 + 16] = 0;
628 size_t col_group = (i >> 2) & 3;
629 size_t hex_col = byte_ofs * 3 + col_group;
630 size_t txt_col = 3 * 16 + 4 + byte_ofs;
635 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
636 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
637 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
643 trace_fn(i & -16, line_buffer);
647 /* return -1 if error, 0 if OK */
648 static int put_packet_binary(const char *buf, int len, bool dump)
653 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
654 hexdump(buf, len, trace_gdbstub_io_binaryreply);
658 g_byte_array_set_size(gdbserver_state.last_packet, 0);
659 g_byte_array_append(gdbserver_state.last_packet,
660 (const uint8_t *) "$", 1);
661 g_byte_array_append(gdbserver_state.last_packet,
662 (const uint8_t *) buf, len);
664 for(i = 0; i < len; i++) {
668 footer[1] = tohex((csum >> 4) & 0xf);
669 footer[2] = tohex((csum) & 0xf);
670 g_byte_array_append(gdbserver_state.last_packet, footer, 3);
672 put_buffer(gdbserver_state.last_packet->data,
673 gdbserver_state.last_packet->len);
675 #ifdef CONFIG_USER_ONLY
688 /* return -1 if error, 0 if OK */
689 static int put_packet(const char *buf)
691 trace_gdbstub_io_reply(buf);
693 return put_packet_binary(buf, strlen(buf), false);
696 static void put_strbuf(void)
698 put_packet(gdbserver_state.str_buf->str);
701 /* Encode data using the encoding for 'x' packets. */
702 static void memtox(GString *buf, const char *mem, int len)
709 case '#': case '$': case '*': case '}':
710 g_string_append_c(buf, '}');
711 g_string_append_c(buf, c ^ 0x20);
714 g_string_append_c(buf, c);
720 static uint32_t gdb_get_cpu_pid(CPUState *cpu)
722 /* TODO: In user mode, we should use the task state PID */
723 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
724 /* Return the default process' PID */
725 int index = gdbserver_state.process_num - 1;
726 return gdbserver_state.processes[index].pid;
728 return cpu->cluster_index + 1;
731 static GDBProcess *gdb_get_process(uint32_t pid)
736 /* 0 means any process, we take the first one */
737 return &gdbserver_state.processes[0];
740 for (i = 0; i < gdbserver_state.process_num; i++) {
741 if (gdbserver_state.processes[i].pid == pid) {
742 return &gdbserver_state.processes[i];
749 static GDBProcess *gdb_get_cpu_process(CPUState *cpu)
751 return gdb_get_process(gdb_get_cpu_pid(cpu));
754 static CPUState *find_cpu(uint32_t thread_id)
759 if (cpu_gdb_index(cpu) == thread_id) {
767 static CPUState *get_first_cpu_in_process(GDBProcess *process)
772 if (gdb_get_cpu_pid(cpu) == process->pid) {
780 static CPUState *gdb_next_cpu_in_process(CPUState *cpu)
782 uint32_t pid = gdb_get_cpu_pid(cpu);
786 if (gdb_get_cpu_pid(cpu) == pid) {
796 /* Return the cpu following @cpu, while ignoring unattached processes. */
797 static CPUState *gdb_next_attached_cpu(CPUState *cpu)
802 if (gdb_get_cpu_process(cpu)->attached) {
812 /* Return the first attached cpu */
813 static CPUState *gdb_first_attached_cpu(void)
815 CPUState *cpu = first_cpu;
816 GDBProcess *process = gdb_get_cpu_process(cpu);
818 if (!process->attached) {
819 return gdb_next_attached_cpu(cpu);
825 static CPUState *gdb_get_cpu(uint32_t pid, uint32_t tid)
831 /* 0 means any process/thread, we take the first attached one */
832 return gdb_first_attached_cpu();
833 } else if (pid && !tid) {
834 /* any thread in a specific process */
835 process = gdb_get_process(pid);
837 if (process == NULL) {
841 if (!process->attached) {
845 return get_first_cpu_in_process(process);
847 /* a specific thread */
854 process = gdb_get_cpu_process(cpu);
856 if (pid && process->pid != pid) {
860 if (!process->attached) {
868 static const char *get_feature_xml(const char *p, const char **newp,
874 CPUState *cpu = get_first_cpu_in_process(process);
875 CPUClass *cc = CPU_GET_CLASS(cpu);
878 while (p[len] && p[len] != ':')
883 if (strncmp(p, "target.xml", len) == 0) {
884 char *buf = process->target_xml;
885 const size_t buf_sz = sizeof(process->target_xml);
887 /* Generate the XML description for this CPU. */
892 "<?xml version=\"1.0\"?>"
893 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
895 if (cc->gdb_arch_name) {
896 gchar *arch = cc->gdb_arch_name(cpu);
897 pstrcat(buf, buf_sz, "<architecture>");
898 pstrcat(buf, buf_sz, arch);
899 pstrcat(buf, buf_sz, "</architecture>");
902 pstrcat(buf, buf_sz, "<xi:include href=\"");
903 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
904 pstrcat(buf, buf_sz, "\"/>");
905 for (r = cpu->gdb_regs; r; r = r->next) {
906 pstrcat(buf, buf_sz, "<xi:include href=\"");
907 pstrcat(buf, buf_sz, r->xml);
908 pstrcat(buf, buf_sz, "\"/>");
910 pstrcat(buf, buf_sz, "</target>");
914 if (cc->gdb_get_dynamic_xml) {
915 char *xmlname = g_strndup(p, len);
916 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
924 name = xml_builtin[i][0];
925 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
928 return name ? xml_builtin[i][1] : NULL;
931 static int gdb_read_register(CPUState *cpu, GByteArray *buf, int reg)
933 CPUClass *cc = CPU_GET_CLASS(cpu);
934 CPUArchState *env = cpu->env_ptr;
937 if (reg < cc->gdb_num_core_regs) {
938 return cc->gdb_read_register(cpu, buf, reg);
941 for (r = cpu->gdb_regs; r; r = r->next) {
942 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
943 return r->get_reg(env, buf, reg - r->base_reg);
949 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
951 CPUClass *cc = CPU_GET_CLASS(cpu);
952 CPUArchState *env = cpu->env_ptr;
955 if (reg < cc->gdb_num_core_regs) {
956 return cc->gdb_write_register(cpu, mem_buf, reg);
959 for (r = cpu->gdb_regs; r; r = r->next) {
960 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
961 return r->set_reg(env, mem_buf, reg - r->base_reg);
967 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
968 specifies the first register number and these registers are included in
969 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
970 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
973 void gdb_register_coprocessor(CPUState *cpu,
974 gdb_get_reg_cb get_reg, gdb_set_reg_cb set_reg,
975 int num_regs, const char *xml, int g_pos)
978 GDBRegisterState **p;
982 /* Check for duplicates. */
983 if (strcmp((*p)->xml, xml) == 0)
988 s = g_new0(GDBRegisterState, 1);
989 s->base_reg = cpu->gdb_num_regs;
990 s->num_regs = num_regs;
991 s->get_reg = get_reg;
992 s->set_reg = set_reg;
995 /* Add to end of list. */
996 cpu->gdb_num_regs += num_regs;
999 if (g_pos != s->base_reg) {
1000 error_report("Error: Bad gdb register numbering for '%s', "
1001 "expected %d got %d", xml, g_pos, s->base_reg);
1003 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
1008 #ifndef CONFIG_USER_ONLY
1009 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1010 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
1012 static const int xlat[] = {
1013 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1014 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1015 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1018 CPUClass *cc = CPU_GET_CLASS(cpu);
1019 int cputype = xlat[gdbtype];
1021 if (cc->gdb_stop_before_watchpoint) {
1022 cputype |= BP_STOP_BEFORE_ACCESS;
1028 static int gdb_breakpoint_insert(int type, target_ulong addr, target_ulong len)
1033 if (kvm_enabled()) {
1034 return kvm_insert_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1038 case GDB_BREAKPOINT_SW:
1039 case GDB_BREAKPOINT_HW:
1041 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
1047 #ifndef CONFIG_USER_ONLY
1048 case GDB_WATCHPOINT_WRITE:
1049 case GDB_WATCHPOINT_READ:
1050 case GDB_WATCHPOINT_ACCESS:
1052 err = cpu_watchpoint_insert(cpu, addr, len,
1053 xlat_gdb_type(cpu, type), NULL);
1065 static int gdb_breakpoint_remove(int type, target_ulong addr, target_ulong len)
1070 if (kvm_enabled()) {
1071 return kvm_remove_breakpoint(gdbserver_state.c_cpu, addr, len, type);
1075 case GDB_BREAKPOINT_SW:
1076 case GDB_BREAKPOINT_HW:
1078 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1084 #ifndef CONFIG_USER_ONLY
1085 case GDB_WATCHPOINT_WRITE:
1086 case GDB_WATCHPOINT_READ:
1087 case GDB_WATCHPOINT_ACCESS:
1089 err = cpu_watchpoint_remove(cpu, addr, len,
1090 xlat_gdb_type(cpu, type));
1101 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1103 cpu_breakpoint_remove_all(cpu, BP_GDB);
1104 #ifndef CONFIG_USER_ONLY
1105 cpu_watchpoint_remove_all(cpu, BP_GDB);
1109 static void gdb_process_breakpoint_remove_all(GDBProcess *p)
1111 CPUState *cpu = get_first_cpu_in_process(p);
1114 gdb_cpu_breakpoint_remove_all(cpu);
1115 cpu = gdb_next_cpu_in_process(cpu);
1119 static void gdb_breakpoint_remove_all(void)
1123 if (kvm_enabled()) {
1124 kvm_remove_all_breakpoints(gdbserver_state.c_cpu);
1129 gdb_cpu_breakpoint_remove_all(cpu);
1133 static void gdb_set_cpu_pc(target_ulong pc)
1135 CPUState *cpu = gdbserver_state.c_cpu;
1137 cpu_synchronize_state(cpu);
1138 cpu_set_pc(cpu, pc);
1141 static void gdb_append_thread_id(CPUState *cpu, GString *buf)
1143 if (gdbserver_state.multiprocess) {
1144 g_string_append_printf(buf, "p%02x.%02x",
1145 gdb_get_cpu_pid(cpu), cpu_gdb_index(cpu));
1147 g_string_append_printf(buf, "%02x", cpu_gdb_index(cpu));
1151 typedef enum GDBThreadIdKind {
1153 GDB_ALL_THREADS, /* One process, all threads */
1158 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1159 uint32_t *pid, uint32_t *tid)
1166 ret = qemu_strtoul(buf, &buf, 16, &p);
1169 return GDB_READ_THREAD_ERR;
1178 ret = qemu_strtoul(buf, &buf, 16, &t);
1181 return GDB_READ_THREAD_ERR;
1187 return GDB_ALL_PROCESSES;
1195 return GDB_ALL_THREADS;
1202 return GDB_ONE_THREAD;
1206 * gdb_handle_vcont - Parses and handles a vCont packet.
1207 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1208 * a format error, 0 on success.
1210 static int gdb_handle_vcont(const char *p)
1212 int res, signal = 0;
1217 GDBProcess *process;
1219 GDBThreadIdKind kind;
1220 #ifdef CONFIG_USER_ONLY
1221 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1224 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1227 MachineState *ms = MACHINE(qdev_get_machine());
1228 unsigned int max_cpus = ms->smp.max_cpus;
1230 /* uninitialised CPUs stay 0 */
1231 newstates = g_new0(char, max_cpus);
1233 /* mark valid CPUs with 1 */
1235 newstates[cpu->cpu_index] = 1;
1239 * res keeps track of what error we are returning, with -ENOTSUP meaning
1240 * that the command is unknown or unsupported, thus returning an empty
1241 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1242 * or incorrect parameters passed.
1252 if (cur_action == 'C' || cur_action == 'S') {
1253 cur_action = qemu_tolower(cur_action);
1254 res = qemu_strtoul(p, &p, 16, &tmp);
1258 signal = gdb_signal_to_target(tmp);
1259 } else if (cur_action != 'c' && cur_action != 's') {
1260 /* unknown/invalid/unsupported command */
1265 if (*p == '\0' || *p == ';') {
1267 * No thread specifier, action is on "all threads". The
1268 * specification is unclear regarding the process to act on. We
1269 * choose all processes.
1271 kind = GDB_ALL_PROCESSES;
1272 } else if (*p++ == ':') {
1273 kind = read_thread_id(p, &p, &pid, &tid);
1280 case GDB_READ_THREAD_ERR:
1284 case GDB_ALL_PROCESSES:
1285 cpu = gdb_first_attached_cpu();
1287 if (newstates[cpu->cpu_index] == 1) {
1288 newstates[cpu->cpu_index] = cur_action;
1291 cpu = gdb_next_attached_cpu(cpu);
1295 case GDB_ALL_THREADS:
1296 process = gdb_get_process(pid);
1298 if (!process->attached) {
1303 cpu = get_first_cpu_in_process(process);
1305 if (newstates[cpu->cpu_index] == 1) {
1306 newstates[cpu->cpu_index] = cur_action;
1309 cpu = gdb_next_cpu_in_process(cpu);
1313 case GDB_ONE_THREAD:
1314 cpu = gdb_get_cpu(pid, tid);
1316 /* invalid CPU/thread specified */
1322 /* only use if no previous match occourred */
1323 if (newstates[cpu->cpu_index] == 1) {
1324 newstates[cpu->cpu_index] = cur_action;
1329 gdbserver_state.signal = signal;
1330 gdb_continue_partial(newstates);
1338 typedef union GdbCmdVariant {
1341 unsigned long val_ul;
1342 unsigned long long val_ull;
1344 GDBThreadIdKind kind;
1350 #define get_param(p, i) (&g_array_index(p, GdbCmdVariant, i))
1352 static const char *cmd_next_param(const char *param, const char delimiter)
1354 static const char all_delimiters[] = ",;:=";
1355 char curr_delimiters[2] = {0};
1356 const char *delimiters;
1358 if (delimiter == '?') {
1359 delimiters = all_delimiters;
1360 } else if (delimiter == '0') {
1361 return strchr(param, '\0');
1362 } else if (delimiter == '.' && *param) {
1365 curr_delimiters[0] = delimiter;
1366 delimiters = curr_delimiters;
1369 param += strcspn(param, delimiters);
1376 static int cmd_parse_params(const char *data, const char *schema,
1379 const char *curr_schema, *curr_data;
1382 g_assert(params->len == 0);
1384 curr_schema = schema;
1386 while (curr_schema[0] && curr_schema[1] && *curr_data) {
1387 GdbCmdVariant this_param;
1389 switch (curr_schema[0]) {
1391 if (qemu_strtoul(curr_data, &curr_data, 16,
1392 &this_param.val_ul)) {
1395 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1396 g_array_append_val(params, this_param);
1399 if (qemu_strtou64(curr_data, &curr_data, 16,
1400 (uint64_t *)&this_param.val_ull)) {
1403 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1404 g_array_append_val(params, this_param);
1407 this_param.data = curr_data;
1408 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1409 g_array_append_val(params, this_param);
1412 this_param.opcode = *(uint8_t *)curr_data;
1413 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1414 g_array_append_val(params, this_param);
1417 this_param.thread_id.kind =
1418 read_thread_id(curr_data, &curr_data,
1419 &this_param.thread_id.pid,
1420 &this_param.thread_id.tid);
1421 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1422 g_array_append_val(params, this_param);
1425 curr_data = cmd_next_param(curr_data, curr_schema[1]);
1436 typedef void (*GdbCmdHandler)(GArray *params, void *user_ctx);
1439 * cmd_startswith -> cmd is compared using startswith
1442 * schema definitions:
1443 * Each schema parameter entry consists of 2 chars,
1444 * the first char represents the parameter type handling
1445 * the second char represents the delimiter for the next parameter
1447 * Currently supported schema types:
1448 * 'l' -> unsigned long (stored in .val_ul)
1449 * 'L' -> unsigned long long (stored in .val_ull)
1450 * 's' -> string (stored in .data)
1451 * 'o' -> single char (stored in .opcode)
1452 * 't' -> thread id (stored in .thread_id)
1453 * '?' -> skip according to delimiter
1455 * Currently supported delimiters:
1456 * '?' -> Stop at any delimiter (",;:=\0")
1457 * '0' -> Stop at "\0"
1458 * '.' -> Skip 1 char unless reached "\0"
1459 * Any other value is treated as the delimiter value itself
1461 typedef struct GdbCmdParseEntry {
1462 GdbCmdHandler handler;
1464 bool cmd_startswith;
1468 static inline int startswith(const char *string, const char *pattern)
1470 return !strncmp(string, pattern, strlen(pattern));
1473 static int process_string_cmd(void *user_ctx, const char *data,
1474 const GdbCmdParseEntry *cmds, int num_cmds)
1477 g_autoptr(GArray) params = g_array_new(false, true, sizeof(GdbCmdVariant));
1483 for (i = 0; i < num_cmds; i++) {
1484 const GdbCmdParseEntry *cmd = &cmds[i];
1485 g_assert(cmd->handler && cmd->cmd);
1487 if ((cmd->cmd_startswith && !startswith(data, cmd->cmd)) ||
1488 (!cmd->cmd_startswith && strcmp(cmd->cmd, data))) {
1493 if (cmd_parse_params(&data[strlen(cmd->cmd)],
1494 cmd->schema, params)) {
1499 cmd->handler(params, user_ctx);
1506 static void run_cmd_parser(const char *data, const GdbCmdParseEntry *cmd)
1512 g_string_set_size(gdbserver_state.str_buf, 0);
1513 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1515 /* In case there was an error during the command parsing we must
1516 * send a NULL packet to indicate the command is not supported */
1517 if (process_string_cmd(NULL, data, cmd, 1)) {
1522 static void handle_detach(GArray *params, void *user_ctx)
1524 GDBProcess *process;
1527 if (gdbserver_state.multiprocess) {
1533 pid = get_param(params, 0)->val_ul;
1536 process = gdb_get_process(pid);
1537 gdb_process_breakpoint_remove_all(process);
1538 process->attached = false;
1540 if (pid == gdb_get_cpu_pid(gdbserver_state.c_cpu)) {
1541 gdbserver_state.c_cpu = gdb_first_attached_cpu();
1544 if (pid == gdb_get_cpu_pid(gdbserver_state.g_cpu)) {
1545 gdbserver_state.g_cpu = gdb_first_attached_cpu();
1548 if (!gdbserver_state.c_cpu) {
1549 /* No more process attached */
1550 gdb_syscall_mode = GDB_SYS_DISABLED;
1556 static void handle_thread_alive(GArray *params, void *user_ctx)
1565 if (get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
1570 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
1571 get_param(params, 0)->thread_id.tid);
1580 static void handle_continue(GArray *params, void *user_ctx)
1583 gdb_set_cpu_pc(get_param(params, 0)->val_ull);
1586 gdbserver_state.signal = 0;
1590 static void handle_cont_with_sig(GArray *params, void *user_ctx)
1592 unsigned long signal = 0;
1595 * Note: C sig;[addr] is currently unsupported and we simply
1596 * omit the addr parameter
1599 signal = get_param(params, 0)->val_ul;
1602 gdbserver_state.signal = gdb_signal_to_target(signal);
1603 if (gdbserver_state.signal == -1) {
1604 gdbserver_state.signal = 0;
1609 static void handle_set_thread(GArray *params, void *user_ctx)
1613 if (params->len != 2) {
1618 if (get_param(params, 1)->thread_id.kind == GDB_READ_THREAD_ERR) {
1623 if (get_param(params, 1)->thread_id.kind != GDB_ONE_THREAD) {
1628 cpu = gdb_get_cpu(get_param(params, 1)->thread_id.pid,
1629 get_param(params, 1)->thread_id.tid);
1636 * Note: This command is deprecated and modern gdb's will be using the
1637 * vCont command instead.
1639 switch (get_param(params, 0)->opcode) {
1641 gdbserver_state.c_cpu = cpu;
1645 gdbserver_state.g_cpu = cpu;
1654 static void handle_insert_bp(GArray *params, void *user_ctx)
1658 if (params->len != 3) {
1663 res = gdb_breakpoint_insert(get_param(params, 0)->val_ul,
1664 get_param(params, 1)->val_ull,
1665 get_param(params, 2)->val_ull);
1669 } else if (res == -ENOSYS) {
1677 static void handle_remove_bp(GArray *params, void *user_ctx)
1681 if (params->len != 3) {
1686 res = gdb_breakpoint_remove(get_param(params, 0)->val_ul,
1687 get_param(params, 1)->val_ull,
1688 get_param(params, 2)->val_ull);
1692 } else if (res == -ENOSYS) {
1701 * handle_set/get_reg
1703 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1704 * This works, but can be very slow. Anything new enough to understand
1705 * XML also knows how to use this properly. However to use this we
1706 * need to define a local XML file as well as be talking to a
1707 * reasonably modern gdb. Responding with an empty packet will cause
1708 * the remote gdb to fallback to older methods.
1711 static void handle_set_reg(GArray *params, void *user_ctx)
1720 if (params->len != 2) {
1725 reg_size = strlen(get_param(params, 1)->data) / 2;
1726 hextomem(gdbserver_state.mem_buf, get_param(params, 1)->data, reg_size);
1727 gdb_write_register(gdbserver_state.g_cpu, gdbserver_state.mem_buf->data,
1728 get_param(params, 0)->val_ull);
1732 static void handle_get_reg(GArray *params, void *user_ctx)
1746 reg_size = gdb_read_register(gdbserver_state.g_cpu,
1747 gdbserver_state.mem_buf,
1748 get_param(params, 0)->val_ull);
1753 g_byte_array_set_size(gdbserver_state.mem_buf, reg_size);
1756 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, reg_size);
1760 static void handle_write_mem(GArray *params, void *user_ctx)
1762 if (params->len != 3) {
1767 /* hextomem() reads 2*len bytes */
1768 if (get_param(params, 1)->val_ull >
1769 strlen(get_param(params, 2)->data) / 2) {
1774 hextomem(gdbserver_state.mem_buf, get_param(params, 2)->data,
1775 get_param(params, 1)->val_ull);
1776 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1777 get_param(params, 0)->val_ull,
1778 gdbserver_state.mem_buf->data,
1779 gdbserver_state.mem_buf->len, true)) {
1787 static void handle_read_mem(GArray *params, void *user_ctx)
1789 if (params->len != 2) {
1794 /* memtohex() doubles the required space */
1795 if (get_param(params, 1)->val_ull > MAX_PACKET_LENGTH / 2) {
1800 g_byte_array_set_size(gdbserver_state.mem_buf,
1801 get_param(params, 1)->val_ull);
1803 if (target_memory_rw_debug(gdbserver_state.g_cpu,
1804 get_param(params, 0)->val_ull,
1805 gdbserver_state.mem_buf->data,
1806 gdbserver_state.mem_buf->len, false)) {
1811 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data,
1812 gdbserver_state.mem_buf->len);
1816 static void handle_write_all_regs(GArray *params, void *user_ctx)
1818 target_ulong addr, len;
1826 cpu_synchronize_state(gdbserver_state.g_cpu);
1827 len = strlen(get_param(params, 0)->data) / 2;
1828 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
1829 registers = gdbserver_state.mem_buf->data;
1830 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs && len > 0;
1832 reg_size = gdb_write_register(gdbserver_state.g_cpu, registers, addr);
1834 registers += reg_size;
1839 static void handle_read_all_regs(GArray *params, void *user_ctx)
1841 target_ulong addr, len;
1843 cpu_synchronize_state(gdbserver_state.g_cpu);
1844 g_byte_array_set_size(gdbserver_state.mem_buf, 0);
1846 for (addr = 0; addr < gdbserver_state.g_cpu->gdb_num_g_regs; addr++) {
1847 len += gdb_read_register(gdbserver_state.g_cpu,
1848 gdbserver_state.mem_buf,
1851 g_assert(len == gdbserver_state.mem_buf->len);
1853 memtohex(gdbserver_state.str_buf, gdbserver_state.mem_buf->data, len);
1857 static void handle_file_io(GArray *params, void *user_ctx)
1859 if (params->len >= 1 && gdbserver_state.current_syscall_cb) {
1860 target_ulong ret, err;
1862 ret = (target_ulong)get_param(params, 0)->val_ull;
1863 if (params->len >= 2) {
1864 err = (target_ulong)get_param(params, 1)->val_ull;
1868 gdbserver_state.current_syscall_cb(gdbserver_state.c_cpu, ret, err);
1869 gdbserver_state.current_syscall_cb = NULL;
1872 if (params->len >= 3 && get_param(params, 2)->opcode == (uint8_t)'C') {
1880 static void handle_step(GArray *params, void *user_ctx)
1883 gdb_set_cpu_pc((target_ulong)get_param(params, 0)->val_ull);
1886 cpu_single_step(gdbserver_state.c_cpu, get_sstep_flags());
1890 static void handle_backward(GArray *params, void *user_ctx)
1892 if (!stub_can_reverse()) {
1895 if (params->len == 1) {
1896 switch (get_param(params, 0)->opcode) {
1898 if (replay_reverse_step()) {
1905 if (replay_reverse_continue()) {
1914 /* Default invalid command */
1918 static void handle_v_cont_query(GArray *params, void *user_ctx)
1920 put_packet("vCont;c;C;s;S");
1923 static void handle_v_cont(GArray *params, void *user_ctx)
1931 res = gdb_handle_vcont(get_param(params, 0)->data);
1932 if ((res == -EINVAL) || (res == -ERANGE)) {
1939 static void handle_v_attach(GArray *params, void *user_ctx)
1941 GDBProcess *process;
1944 g_string_assign(gdbserver_state.str_buf, "E22");
1949 process = gdb_get_process(get_param(params, 0)->val_ul);
1954 cpu = get_first_cpu_in_process(process);
1959 process->attached = true;
1960 gdbserver_state.g_cpu = cpu;
1961 gdbserver_state.c_cpu = cpu;
1963 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
1964 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
1965 g_string_append_c(gdbserver_state.str_buf, ';');
1970 static void handle_v_kill(GArray *params, void *user_ctx)
1972 /* Kill the target */
1974 error_report("QEMU: Terminated via GDBstub");
1979 static const GdbCmdParseEntry gdb_v_commands_table[] = {
1980 /* Order is important if has same prefix */
1982 .handler = handle_v_cont_query,
1987 .handler = handle_v_cont,
1989 .cmd_startswith = 1,
1993 .handler = handle_v_attach,
1995 .cmd_startswith = 1,
1999 .handler = handle_v_kill,
2005 static void handle_v_commands(GArray *params, void *user_ctx)
2011 if (process_string_cmd(NULL, get_param(params, 0)->data,
2012 gdb_v_commands_table,
2013 ARRAY_SIZE(gdb_v_commands_table))) {
2018 static void handle_query_qemu_sstepbits(GArray *params, void *user_ctx)
2020 g_string_printf(gdbserver_state.str_buf, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2021 SSTEP_ENABLE, SSTEP_NOIRQ, SSTEP_NOTIMER);
2025 static void handle_set_qemu_sstep(GArray *params, void *user_ctx)
2031 sstep_flags = get_param(params, 0)->val_ul;
2035 static void handle_query_qemu_sstep(GArray *params, void *user_ctx)
2037 g_string_printf(gdbserver_state.str_buf, "0x%x", sstep_flags);
2041 static void handle_query_curr_tid(GArray *params, void *user_ctx)
2044 GDBProcess *process;
2047 * "Current thread" remains vague in the spec, so always return
2048 * the first thread of the current process (gdb returns the
2051 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2052 cpu = get_first_cpu_in_process(process);
2053 g_string_assign(gdbserver_state.str_buf, "QC");
2054 gdb_append_thread_id(cpu, gdbserver_state.str_buf);
2058 static void handle_query_threads(GArray *params, void *user_ctx)
2060 if (!gdbserver_state.query_cpu) {
2065 g_string_assign(gdbserver_state.str_buf, "m");
2066 gdb_append_thread_id(gdbserver_state.query_cpu, gdbserver_state.str_buf);
2068 gdbserver_state.query_cpu = gdb_next_attached_cpu(gdbserver_state.query_cpu);
2071 static void handle_query_first_threads(GArray *params, void *user_ctx)
2073 gdbserver_state.query_cpu = gdb_first_attached_cpu();
2074 handle_query_threads(params, user_ctx);
2077 static void handle_query_thread_extra(GArray *params, void *user_ctx)
2079 g_autoptr(GString) rs = g_string_new(NULL);
2083 get_param(params, 0)->thread_id.kind == GDB_READ_THREAD_ERR) {
2088 cpu = gdb_get_cpu(get_param(params, 0)->thread_id.pid,
2089 get_param(params, 0)->thread_id.tid);
2094 cpu_synchronize_state(cpu);
2096 if (gdbserver_state.multiprocess && (gdbserver_state.process_num > 1)) {
2097 /* Print the CPU model and name in multiprocess mode */
2098 ObjectClass *oc = object_get_class(OBJECT(cpu));
2099 const char *cpu_model = object_class_get_name(oc);
2100 const char *cpu_name =
2101 object_get_canonical_path_component(OBJECT(cpu));
2102 g_string_printf(rs, "%s %s [%s]", cpu_model, cpu_name,
2103 cpu->halted ? "halted " : "running");
2105 g_string_printf(rs, "CPU#%d [%s]", cpu->cpu_index,
2106 cpu->halted ? "halted " : "running");
2108 trace_gdbstub_op_extra_info(rs->str);
2109 memtohex(gdbserver_state.str_buf, (uint8_t *)rs->str, rs->len);
2113 #ifdef CONFIG_USER_ONLY
2114 static void handle_query_offsets(GArray *params, void *user_ctx)
2118 ts = gdbserver_state.c_cpu->opaque;
2119 g_string_printf(gdbserver_state.str_buf,
2120 "Text=" TARGET_ABI_FMT_lx
2121 ";Data=" TARGET_ABI_FMT_lx
2122 ";Bss=" TARGET_ABI_FMT_lx,
2123 ts->info->code_offset,
2124 ts->info->data_offset,
2125 ts->info->data_offset);
2129 static void handle_query_rcmd(GArray *params, void *user_ctx)
2131 const guint8 zero = 0;
2139 len = strlen(get_param(params, 0)->data);
2145 g_assert(gdbserver_state.mem_buf->len == 0);
2147 hextomem(gdbserver_state.mem_buf, get_param(params, 0)->data, len);
2148 g_byte_array_append(gdbserver_state.mem_buf, &zero, 1);
2149 qemu_chr_be_write(gdbserver_state.mon_chr, gdbserver_state.mem_buf->data,
2150 gdbserver_state.mem_buf->len);
2155 static void handle_query_supported(GArray *params, void *user_ctx)
2159 g_string_printf(gdbserver_state.str_buf, "PacketSize=%x", MAX_PACKET_LENGTH);
2160 cc = CPU_GET_CLASS(first_cpu);
2161 if (cc->gdb_core_xml_file) {
2162 g_string_append(gdbserver_state.str_buf, ";qXfer:features:read+");
2165 if (stub_can_reverse()) {
2166 g_string_append(gdbserver_state.str_buf,
2167 ";ReverseStep+;ReverseContinue+");
2170 #ifdef CONFIG_USER_ONLY
2171 if (gdbserver_state.c_cpu->opaque) {
2172 g_string_append(gdbserver_state.str_buf, ";qXfer:auxv:read+");
2177 strstr(get_param(params, 0)->data, "multiprocess+")) {
2178 gdbserver_state.multiprocess = true;
2181 g_string_append(gdbserver_state.str_buf, ";vContSupported+;multiprocess+");
2185 static void handle_query_xfer_features(GArray *params, void *user_ctx)
2187 GDBProcess *process;
2189 unsigned long len, total_len, addr;
2193 if (params->len < 3) {
2198 process = gdb_get_cpu_process(gdbserver_state.g_cpu);
2199 cc = CPU_GET_CLASS(gdbserver_state.g_cpu);
2200 if (!cc->gdb_core_xml_file) {
2206 p = get_param(params, 0)->data;
2207 xml = get_feature_xml(p, &p, process);
2213 addr = get_param(params, 1)->val_ul;
2214 len = get_param(params, 2)->val_ul;
2215 total_len = strlen(xml);
2216 if (addr > total_len) {
2221 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2222 len = (MAX_PACKET_LENGTH - 5) / 2;
2225 if (len < total_len - addr) {
2226 g_string_assign(gdbserver_state.str_buf, "m");
2227 memtox(gdbserver_state.str_buf, xml + addr, len);
2229 g_string_assign(gdbserver_state.str_buf, "l");
2230 memtox(gdbserver_state.str_buf, xml + addr, total_len - addr);
2233 put_packet_binary(gdbserver_state.str_buf->str,
2234 gdbserver_state.str_buf->len, true);
2237 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2238 static void handle_query_xfer_auxv(GArray *params, void *user_ctx)
2241 unsigned long offset, len, saved_auxv, auxv_len;
2243 if (params->len < 2) {
2248 offset = get_param(params, 0)->val_ul;
2249 len = get_param(params, 1)->val_ul;
2250 ts = gdbserver_state.c_cpu->opaque;
2251 saved_auxv = ts->info->saved_auxv;
2252 auxv_len = ts->info->auxv_len;
2254 if (offset >= auxv_len) {
2259 if (len > (MAX_PACKET_LENGTH - 5) / 2) {
2260 len = (MAX_PACKET_LENGTH - 5) / 2;
2263 if (len < auxv_len - offset) {
2264 g_string_assign(gdbserver_state.str_buf, "m");
2266 g_string_assign(gdbserver_state.str_buf, "l");
2267 len = auxv_len - offset;
2270 g_byte_array_set_size(gdbserver_state.mem_buf, len);
2271 if (target_memory_rw_debug(gdbserver_state.g_cpu, saved_auxv + offset,
2272 gdbserver_state.mem_buf->data, len, false)) {
2277 memtox(gdbserver_state.str_buf,
2278 (const char *)gdbserver_state.mem_buf->data, len);
2279 put_packet_binary(gdbserver_state.str_buf->str,
2280 gdbserver_state.str_buf->len, true);
2284 static void handle_query_attached(GArray *params, void *user_ctx)
2286 put_packet(GDB_ATTACHED);
2289 static void handle_query_qemu_supported(GArray *params, void *user_ctx)
2291 g_string_printf(gdbserver_state.str_buf, "sstepbits;sstep");
2292 #ifndef CONFIG_USER_ONLY
2293 g_string_append(gdbserver_state.str_buf, ";PhyMemMode");
2298 #ifndef CONFIG_USER_ONLY
2299 static void handle_query_qemu_phy_mem_mode(GArray *params,
2302 g_string_printf(gdbserver_state.str_buf, "%d", phy_memory_mode);
2306 static void handle_set_qemu_phy_mem_mode(GArray *params, void *user_ctx)
2313 if (!get_param(params, 0)->val_ul) {
2314 phy_memory_mode = 0;
2316 phy_memory_mode = 1;
2322 static const GdbCmdParseEntry gdb_gen_query_set_common_table[] = {
2323 /* Order is important if has same prefix */
2325 .handler = handle_query_qemu_sstepbits,
2326 .cmd = "qemu.sstepbits",
2329 .handler = handle_query_qemu_sstep,
2330 .cmd = "qemu.sstep",
2333 .handler = handle_set_qemu_sstep,
2334 .cmd = "qemu.sstep=",
2335 .cmd_startswith = 1,
2340 static const GdbCmdParseEntry gdb_gen_query_table[] = {
2342 .handler = handle_query_curr_tid,
2346 .handler = handle_query_threads,
2347 .cmd = "sThreadInfo",
2350 .handler = handle_query_first_threads,
2351 .cmd = "fThreadInfo",
2354 .handler = handle_query_thread_extra,
2355 .cmd = "ThreadExtraInfo,",
2356 .cmd_startswith = 1,
2359 #ifdef CONFIG_USER_ONLY
2361 .handler = handle_query_offsets,
2366 .handler = handle_query_rcmd,
2368 .cmd_startswith = 1,
2373 .handler = handle_query_supported,
2374 .cmd = "Supported:",
2375 .cmd_startswith = 1,
2379 .handler = handle_query_supported,
2384 .handler = handle_query_xfer_features,
2385 .cmd = "Xfer:features:read:",
2386 .cmd_startswith = 1,
2389 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2391 .handler = handle_query_xfer_auxv,
2392 .cmd = "Xfer:auxv:read::",
2393 .cmd_startswith = 1,
2398 .handler = handle_query_attached,
2403 .handler = handle_query_attached,
2407 .handler = handle_query_qemu_supported,
2408 .cmd = "qemu.Supported",
2410 #ifndef CONFIG_USER_ONLY
2412 .handler = handle_query_qemu_phy_mem_mode,
2413 .cmd = "qemu.PhyMemMode",
2418 static const GdbCmdParseEntry gdb_gen_set_table[] = {
2419 /* Order is important if has same prefix */
2421 .handler = handle_set_qemu_sstep,
2422 .cmd = "qemu.sstep:",
2423 .cmd_startswith = 1,
2426 #ifndef CONFIG_USER_ONLY
2428 .handler = handle_set_qemu_phy_mem_mode,
2429 .cmd = "qemu.PhyMemMode:",
2430 .cmd_startswith = 1,
2436 static void handle_gen_query(GArray *params, void *user_ctx)
2442 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2443 gdb_gen_query_set_common_table,
2444 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2448 if (process_string_cmd(NULL, get_param(params, 0)->data,
2449 gdb_gen_query_table,
2450 ARRAY_SIZE(gdb_gen_query_table))) {
2455 static void handle_gen_set(GArray *params, void *user_ctx)
2461 if (!process_string_cmd(NULL, get_param(params, 0)->data,
2462 gdb_gen_query_set_common_table,
2463 ARRAY_SIZE(gdb_gen_query_set_common_table))) {
2467 if (process_string_cmd(NULL, get_param(params, 0)->data,
2469 ARRAY_SIZE(gdb_gen_set_table))) {
2474 static void handle_target_halt(GArray *params, void *user_ctx)
2476 g_string_printf(gdbserver_state.str_buf, "T%02xthread:", GDB_SIGNAL_TRAP);
2477 gdb_append_thread_id(gdbserver_state.c_cpu, gdbserver_state.str_buf);
2478 g_string_append_c(gdbserver_state.str_buf, ';');
2481 * Remove all the breakpoints when this query is issued,
2482 * because gdb is doing an initial connect and the state
2483 * should be cleaned up.
2485 gdb_breakpoint_remove_all();
2488 static int gdb_handle_packet(const char *line_buf)
2490 const GdbCmdParseEntry *cmd_parser = NULL;
2492 trace_gdbstub_io_command(line_buf);
2494 switch (line_buf[0]) {
2500 static const GdbCmdParseEntry target_halted_cmd_desc = {
2501 .handler = handle_target_halt,
2505 cmd_parser = &target_halted_cmd_desc;
2510 static const GdbCmdParseEntry continue_cmd_desc = {
2511 .handler = handle_continue,
2513 .cmd_startswith = 1,
2516 cmd_parser = &continue_cmd_desc;
2521 static const GdbCmdParseEntry cont_with_sig_cmd_desc = {
2522 .handler = handle_cont_with_sig,
2524 .cmd_startswith = 1,
2527 cmd_parser = &cont_with_sig_cmd_desc;
2532 static const GdbCmdParseEntry v_cmd_desc = {
2533 .handler = handle_v_commands,
2535 .cmd_startswith = 1,
2538 cmd_parser = &v_cmd_desc;
2542 /* Kill the target */
2543 error_report("QEMU: Terminated via GDBstub");
2548 static const GdbCmdParseEntry detach_cmd_desc = {
2549 .handler = handle_detach,
2551 .cmd_startswith = 1,
2554 cmd_parser = &detach_cmd_desc;
2559 static const GdbCmdParseEntry step_cmd_desc = {
2560 .handler = handle_step,
2562 .cmd_startswith = 1,
2565 cmd_parser = &step_cmd_desc;
2570 static const GdbCmdParseEntry backward_cmd_desc = {
2571 .handler = handle_backward,
2573 .cmd_startswith = 1,
2576 cmd_parser = &backward_cmd_desc;
2581 static const GdbCmdParseEntry file_io_cmd_desc = {
2582 .handler = handle_file_io,
2584 .cmd_startswith = 1,
2587 cmd_parser = &file_io_cmd_desc;
2592 static const GdbCmdParseEntry read_all_regs_cmd_desc = {
2593 .handler = handle_read_all_regs,
2597 cmd_parser = &read_all_regs_cmd_desc;
2602 static const GdbCmdParseEntry write_all_regs_cmd_desc = {
2603 .handler = handle_write_all_regs,
2605 .cmd_startswith = 1,
2608 cmd_parser = &write_all_regs_cmd_desc;
2613 static const GdbCmdParseEntry read_mem_cmd_desc = {
2614 .handler = handle_read_mem,
2616 .cmd_startswith = 1,
2619 cmd_parser = &read_mem_cmd_desc;
2624 static const GdbCmdParseEntry write_mem_cmd_desc = {
2625 .handler = handle_write_mem,
2627 .cmd_startswith = 1,
2630 cmd_parser = &write_mem_cmd_desc;
2635 static const GdbCmdParseEntry get_reg_cmd_desc = {
2636 .handler = handle_get_reg,
2638 .cmd_startswith = 1,
2641 cmd_parser = &get_reg_cmd_desc;
2646 static const GdbCmdParseEntry set_reg_cmd_desc = {
2647 .handler = handle_set_reg,
2649 .cmd_startswith = 1,
2652 cmd_parser = &set_reg_cmd_desc;
2657 static const GdbCmdParseEntry insert_bp_cmd_desc = {
2658 .handler = handle_insert_bp,
2660 .cmd_startswith = 1,
2663 cmd_parser = &insert_bp_cmd_desc;
2668 static const GdbCmdParseEntry remove_bp_cmd_desc = {
2669 .handler = handle_remove_bp,
2671 .cmd_startswith = 1,
2674 cmd_parser = &remove_bp_cmd_desc;
2679 static const GdbCmdParseEntry set_thread_cmd_desc = {
2680 .handler = handle_set_thread,
2682 .cmd_startswith = 1,
2685 cmd_parser = &set_thread_cmd_desc;
2690 static const GdbCmdParseEntry thread_alive_cmd_desc = {
2691 .handler = handle_thread_alive,
2693 .cmd_startswith = 1,
2696 cmd_parser = &thread_alive_cmd_desc;
2701 static const GdbCmdParseEntry gen_query_cmd_desc = {
2702 .handler = handle_gen_query,
2704 .cmd_startswith = 1,
2707 cmd_parser = &gen_query_cmd_desc;
2712 static const GdbCmdParseEntry gen_set_cmd_desc = {
2713 .handler = handle_gen_set,
2715 .cmd_startswith = 1,
2718 cmd_parser = &gen_set_cmd_desc;
2722 /* put empty packet */
2728 run_cmd_parser(line_buf, cmd_parser);
2734 void gdb_set_stop_cpu(CPUState *cpu)
2736 GDBProcess *p = gdb_get_cpu_process(cpu);
2740 * Having a stop CPU corresponding to a process that is not attached
2741 * confuses GDB. So we ignore the request.
2746 gdbserver_state.c_cpu = cpu;
2747 gdbserver_state.g_cpu = cpu;
2750 #ifndef CONFIG_USER_ONLY
2751 static void gdb_vm_state_change(void *opaque, bool running, RunState state)
2753 CPUState *cpu = gdbserver_state.c_cpu;
2754 g_autoptr(GString) buf = g_string_new(NULL);
2755 g_autoptr(GString) tid = g_string_new(NULL);
2759 if (running || gdbserver_state.state == RS_INACTIVE) {
2762 /* Is there a GDB syscall waiting to be sent? */
2763 if (gdbserver_state.current_syscall_cb) {
2764 put_packet(gdbserver_state.syscall_buf);
2769 /* No process attached */
2773 gdb_append_thread_id(cpu, tid);
2776 case RUN_STATE_DEBUG:
2777 if (cpu->watchpoint_hit) {
2778 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
2789 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
2790 (target_ulong)cpu->watchpoint_hit->vaddr);
2791 g_string_printf(buf, "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
2792 GDB_SIGNAL_TRAP, tid->str, type,
2793 (target_ulong)cpu->watchpoint_hit->vaddr);
2794 cpu->watchpoint_hit = NULL;
2797 trace_gdbstub_hit_break();
2800 ret = GDB_SIGNAL_TRAP;
2802 case RUN_STATE_PAUSED:
2803 trace_gdbstub_hit_paused();
2804 ret = GDB_SIGNAL_INT;
2806 case RUN_STATE_SHUTDOWN:
2807 trace_gdbstub_hit_shutdown();
2808 ret = GDB_SIGNAL_QUIT;
2810 case RUN_STATE_IO_ERROR:
2811 trace_gdbstub_hit_io_error();
2812 ret = GDB_SIGNAL_IO;
2814 case RUN_STATE_WATCHDOG:
2815 trace_gdbstub_hit_watchdog();
2816 ret = GDB_SIGNAL_ALRM;
2818 case RUN_STATE_INTERNAL_ERROR:
2819 trace_gdbstub_hit_internal_error();
2820 ret = GDB_SIGNAL_ABRT;
2822 case RUN_STATE_SAVE_VM:
2823 case RUN_STATE_RESTORE_VM:
2825 case RUN_STATE_FINISH_MIGRATE:
2826 ret = GDB_SIGNAL_XCPU;
2829 trace_gdbstub_hit_unknown(state);
2830 ret = GDB_SIGNAL_UNKNOWN;
2833 gdb_set_stop_cpu(cpu);
2834 g_string_printf(buf, "T%02xthread:%s;", ret, tid->str);
2837 put_packet(buf->str);
2839 /* disable single step if it was enabled */
2840 cpu_single_step(cpu, 0);
2844 /* Send a gdb syscall request.
2845 This accepts limited printf-style format specifiers, specifically:
2846 %x - target_ulong argument printed in hex.
2847 %lx - 64-bit argument printed in hex.
2848 %s - string pointer (target_ulong) and length (int) pair. */
2849 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
2856 if (!gdbserver_state.init) {
2860 gdbserver_state.current_syscall_cb = cb;
2861 #ifndef CONFIG_USER_ONLY
2862 vm_stop(RUN_STATE_DEBUG);
2864 p = &gdbserver_state.syscall_buf[0];
2865 p_end = &gdbserver_state.syscall_buf[sizeof(gdbserver_state.syscall_buf)];
2872 addr = va_arg(va, target_ulong);
2873 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
2876 if (*(fmt++) != 'x')
2878 i64 = va_arg(va, uint64_t);
2879 p += snprintf(p, p_end - p, "%" PRIx64, i64);
2882 addr = va_arg(va, target_ulong);
2883 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
2884 addr, va_arg(va, int));
2888 error_report("gdbstub: Bad syscall format string '%s'",
2897 #ifdef CONFIG_USER_ONLY
2898 put_packet(gdbserver_state.syscall_buf);
2899 /* Return control to gdb for it to process the syscall request.
2900 * Since the protocol requires that gdb hands control back to us
2901 * using a "here are the results" F packet, we don't need to check
2902 * gdb_handlesig's return value (which is the signal to deliver if
2903 * execution was resumed via a continue packet).
2905 gdb_handlesig(gdbserver_state.c_cpu, 0);
2907 /* In this case wait to send the syscall packet until notification that
2908 the CPU has stopped. This must be done because if the packet is sent
2909 now the reply from the syscall request could be received while the CPU
2910 is still in the running state, which can cause packets to be dropped
2911 and state transition 'T' packets to be sent while the syscall is still
2913 qemu_cpu_kick(gdbserver_state.c_cpu);
2917 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2922 gdb_do_syscallv(cb, fmt, va);
2926 static void gdb_read_byte(uint8_t ch)
2930 #ifndef CONFIG_USER_ONLY
2931 if (gdbserver_state.last_packet->len) {
2932 /* Waiting for a response to the last packet. If we see the start
2933 of a new command then abandon the previous response. */
2935 trace_gdbstub_err_got_nack();
2936 put_buffer(gdbserver_state.last_packet->data,
2937 gdbserver_state.last_packet->len);
2938 } else if (ch == '+') {
2939 trace_gdbstub_io_got_ack();
2941 trace_gdbstub_io_got_unexpected(ch);
2944 if (ch == '+' || ch == '$') {
2945 g_byte_array_set_size(gdbserver_state.last_packet, 0);
2950 if (runstate_is_running()) {
2951 /* when the CPU is running, we cannot do anything except stop
2952 it when receiving a char */
2953 vm_stop(RUN_STATE_PAUSED);
2957 switch(gdbserver_state.state) {
2960 /* start of command packet */
2961 gdbserver_state.line_buf_index = 0;
2962 gdbserver_state.line_sum = 0;
2963 gdbserver_state.state = RS_GETLINE;
2965 trace_gdbstub_err_garbage(ch);
2970 /* start escape sequence */
2971 gdbserver_state.state = RS_GETLINE_ESC;
2972 gdbserver_state.line_sum += ch;
2973 } else if (ch == '*') {
2974 /* start run length encoding sequence */
2975 gdbserver_state.state = RS_GETLINE_RLE;
2976 gdbserver_state.line_sum += ch;
2977 } else if (ch == '#') {
2978 /* end of command, start of checksum*/
2979 gdbserver_state.state = RS_CHKSUM1;
2980 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2981 trace_gdbstub_err_overrun();
2982 gdbserver_state.state = RS_IDLE;
2984 /* unescaped command character */
2985 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch;
2986 gdbserver_state.line_sum += ch;
2989 case RS_GETLINE_ESC:
2991 /* unexpected end of command in escape sequence */
2992 gdbserver_state.state = RS_CHKSUM1;
2993 } else if (gdbserver_state.line_buf_index >= sizeof(gdbserver_state.line_buf) - 1) {
2994 /* command buffer overrun */
2995 trace_gdbstub_err_overrun();
2996 gdbserver_state.state = RS_IDLE;
2998 /* parse escaped character and leave escape state */
2999 gdbserver_state.line_buf[gdbserver_state.line_buf_index++] = ch ^ 0x20;
3000 gdbserver_state.line_sum += ch;
3001 gdbserver_state.state = RS_GETLINE;
3004 case RS_GETLINE_RLE:
3006 * Run-length encoding is explained in "Debugging with GDB /
3007 * Appendix E GDB Remote Serial Protocol / Overview".
3009 if (ch < ' ' || ch == '#' || ch == '$' || ch > 126) {
3010 /* invalid RLE count encoding */
3011 trace_gdbstub_err_invalid_repeat(ch);
3012 gdbserver_state.state = RS_GETLINE;
3014 /* decode repeat length */
3015 int repeat = ch - ' ' + 3;
3016 if (gdbserver_state.line_buf_index + repeat >= sizeof(gdbserver_state.line_buf) - 1) {
3017 /* that many repeats would overrun the command buffer */
3018 trace_gdbstub_err_overrun();
3019 gdbserver_state.state = RS_IDLE;
3020 } else if (gdbserver_state.line_buf_index < 1) {
3021 /* got a repeat but we have nothing to repeat */
3022 trace_gdbstub_err_invalid_rle();
3023 gdbserver_state.state = RS_GETLINE;
3025 /* repeat the last character */
3026 memset(gdbserver_state.line_buf + gdbserver_state.line_buf_index,
3027 gdbserver_state.line_buf[gdbserver_state.line_buf_index - 1], repeat);
3028 gdbserver_state.line_buf_index += repeat;
3029 gdbserver_state.line_sum += ch;
3030 gdbserver_state.state = RS_GETLINE;
3035 /* get high hex digit of checksum */
3036 if (!isxdigit(ch)) {
3037 trace_gdbstub_err_checksum_invalid(ch);
3038 gdbserver_state.state = RS_GETLINE;
3041 gdbserver_state.line_buf[gdbserver_state.line_buf_index] = '\0';
3042 gdbserver_state.line_csum = fromhex(ch) << 4;
3043 gdbserver_state.state = RS_CHKSUM2;
3046 /* get low hex digit of checksum */
3047 if (!isxdigit(ch)) {
3048 trace_gdbstub_err_checksum_invalid(ch);
3049 gdbserver_state.state = RS_GETLINE;
3052 gdbserver_state.line_csum |= fromhex(ch);
3054 if (gdbserver_state.line_csum != (gdbserver_state.line_sum & 0xff)) {
3055 trace_gdbstub_err_checksum_incorrect(gdbserver_state.line_sum, gdbserver_state.line_csum);
3056 /* send NAK reply */
3058 put_buffer(&reply, 1);
3059 gdbserver_state.state = RS_IDLE;
3061 /* send ACK reply */
3063 put_buffer(&reply, 1);
3064 gdbserver_state.state = gdb_handle_packet(gdbserver_state.line_buf);
3073 /* Tell the remote gdb that the process has exited. */
3074 void gdb_exit(int code)
3078 if (!gdbserver_state.init) {
3081 #ifdef CONFIG_USER_ONLY
3082 if (gdbserver_state.socket_path) {
3083 unlink(gdbserver_state.socket_path);
3085 if (gdbserver_state.fd < 0) {
3090 trace_gdbstub_op_exiting((uint8_t)code);
3092 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
3095 #ifndef CONFIG_USER_ONLY
3096 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3101 * Create the process that will contain all the "orphan" CPUs (that are not
3102 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3103 * be attachable and thus will be invisible to the user.
3105 static void create_default_process(GDBState *s)
3107 GDBProcess *process;
3110 if (gdbserver_state.process_num) {
3111 max_pid = s->processes[s->process_num - 1].pid;
3114 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3115 process = &s->processes[s->process_num - 1];
3117 /* We need an available PID slot for this process */
3118 assert(max_pid < UINT32_MAX);
3120 process->pid = max_pid + 1;
3121 process->attached = false;
3122 process->target_xml[0] = '\0';
3125 #ifdef CONFIG_USER_ONLY
3127 gdb_handlesig(CPUState *cpu, int sig)
3132 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3136 /* disable single step if it was enabled */
3137 cpu_single_step(cpu, 0);
3141 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
3144 /* put_packet() might have detected that the peer terminated the
3146 if (gdbserver_state.fd < 0) {
3151 gdbserver_state.state = RS_IDLE;
3152 gdbserver_state.running_state = 0;
3153 while (gdbserver_state.running_state == 0) {
3154 n = read(gdbserver_state.fd, buf, 256);
3158 for (i = 0; i < n; i++) {
3159 gdb_read_byte(buf[i]);
3162 /* XXX: Connection closed. Should probably wait for another
3163 connection before continuing. */
3165 close(gdbserver_state.fd);
3167 gdbserver_state.fd = -1;
3171 sig = gdbserver_state.signal;
3172 gdbserver_state.signal = 0;
3176 /* Tell the remote gdb that the process has exited due to SIG. */
3177 void gdb_signalled(CPUArchState *env, int sig)
3181 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3185 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
3189 static void gdb_accept_init(int fd)
3191 init_gdbserver_state();
3192 create_default_process(&gdbserver_state);
3193 gdbserver_state.processes[0].attached = true;
3194 gdbserver_state.c_cpu = gdb_first_attached_cpu();
3195 gdbserver_state.g_cpu = gdbserver_state.c_cpu;
3196 gdbserver_state.fd = fd;
3197 gdb_has_xml = false;
3200 static bool gdb_accept_socket(int gdb_fd)
3205 fd = accept(gdb_fd, NULL, NULL);
3206 if (fd < 0 && errno != EINTR) {
3207 perror("accept socket");
3209 } else if (fd >= 0) {
3210 qemu_set_cloexec(fd);
3215 gdb_accept_init(fd);
3219 static int gdbserver_open_socket(const char *path)
3221 struct sockaddr_un sockaddr = {};
3224 fd = socket(AF_UNIX, SOCK_STREAM, 0);
3226 perror("create socket");
3230 sockaddr.sun_family = AF_UNIX;
3231 pstrcpy(sockaddr.sun_path, sizeof(sockaddr.sun_path) - 1, path);
3232 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3234 perror("bind socket");
3238 ret = listen(fd, 1);
3240 perror("listen socket");
3248 static bool gdb_accept_tcp(int gdb_fd)
3250 struct sockaddr_in sockaddr = {};
3255 len = sizeof(sockaddr);
3256 fd = accept(gdb_fd, (struct sockaddr *)&sockaddr, &len);
3257 if (fd < 0 && errno != EINTR) {
3260 } else if (fd >= 0) {
3261 qemu_set_cloexec(fd);
3266 /* set short latency */
3267 if (socket_set_nodelay(fd)) {
3268 perror("setsockopt");
3273 gdb_accept_init(fd);
3277 static int gdbserver_open_port(int port)
3279 struct sockaddr_in sockaddr;
3282 fd = socket(PF_INET, SOCK_STREAM, 0);
3287 qemu_set_cloexec(fd);
3289 socket_set_fast_reuse(fd);
3291 sockaddr.sin_family = AF_INET;
3292 sockaddr.sin_port = htons(port);
3293 sockaddr.sin_addr.s_addr = 0;
3294 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
3300 ret = listen(fd, 1);
3310 int gdbserver_start(const char *port_or_path)
3312 int port = g_ascii_strtoull(port_or_path, NULL, 10);
3316 gdb_fd = gdbserver_open_port(port);
3318 gdb_fd = gdbserver_open_socket(port_or_path);
3325 if (port > 0 && gdb_accept_tcp(gdb_fd)) {
3327 } else if (gdb_accept_socket(gdb_fd)) {
3328 gdbserver_state.socket_path = g_strdup(port_or_path);
3337 /* Disable gdb stub for child processes. */
3338 void gdbserver_fork(CPUState *cpu)
3340 if (!gdbserver_state.init || gdbserver_state.fd < 0) {
3343 close(gdbserver_state.fd);
3344 gdbserver_state.fd = -1;
3345 cpu_breakpoint_remove_all(cpu, BP_GDB);
3346 cpu_watchpoint_remove_all(cpu, BP_GDB);
3349 static int gdb_chr_can_receive(void *opaque)
3351 /* We can handle an arbitrarily large amount of data.
3352 Pick the maximum packet size, which is as good as anything. */
3353 return MAX_PACKET_LENGTH;
3356 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
3360 for (i = 0; i < size; i++) {
3361 gdb_read_byte(buf[i]);
3365 static void gdb_chr_event(void *opaque, QEMUChrEvent event)
3368 GDBState *s = (GDBState *) opaque;
3371 case CHR_EVENT_OPENED:
3372 /* Start with first process attached, others detached */
3373 for (i = 0; i < s->process_num; i++) {
3374 s->processes[i].attached = !i;
3377 s->c_cpu = gdb_first_attached_cpu();
3378 s->g_cpu = s->c_cpu;
3380 vm_stop(RUN_STATE_PAUSED);
3381 replay_gdb_attached();
3382 gdb_has_xml = false;
3389 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
3391 g_autoptr(GString) hex_buf = g_string_new("O");
3392 memtohex(hex_buf, buf, len);
3393 put_packet(hex_buf->str);
3398 static void gdb_sigterm_handler(int signal)
3400 if (runstate_is_running()) {
3401 vm_stop(RUN_STATE_PAUSED);
3406 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
3407 bool *be_opened, Error **errp)
3412 static void char_gdb_class_init(ObjectClass *oc, void *data)
3414 ChardevClass *cc = CHARDEV_CLASS(oc);
3416 cc->internal = true;
3417 cc->open = gdb_monitor_open;
3418 cc->chr_write = gdb_monitor_write;
3421 #define TYPE_CHARDEV_GDB "chardev-gdb"
3423 static const TypeInfo char_gdb_type_info = {
3424 .name = TYPE_CHARDEV_GDB,
3425 .parent = TYPE_CHARDEV,
3426 .class_init = char_gdb_class_init,
3429 static int find_cpu_clusters(Object *child, void *opaque)
3431 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
3432 GDBState *s = (GDBState *) opaque;
3433 CPUClusterState *cluster = CPU_CLUSTER(child);
3434 GDBProcess *process;
3436 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
3438 process = &s->processes[s->process_num - 1];
3441 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3442 * runtime, we enforce here that the machine does not use a cluster ID
3443 * that would lead to PID 0.
3445 assert(cluster->cluster_id != UINT32_MAX);
3446 process->pid = cluster->cluster_id + 1;
3447 process->attached = false;
3448 process->target_xml[0] = '\0';
3453 return object_child_foreach(child, find_cpu_clusters, opaque);
3456 static int pid_order(const void *a, const void *b)
3458 GDBProcess *pa = (GDBProcess *) a;
3459 GDBProcess *pb = (GDBProcess *) b;
3461 if (pa->pid < pb->pid) {
3463 } else if (pa->pid > pb->pid) {
3470 static void create_processes(GDBState *s)
3472 object_child_foreach(object_get_root(), find_cpu_clusters, s);
3474 if (gdbserver_state.processes) {
3476 qsort(gdbserver_state.processes, gdbserver_state.process_num, sizeof(gdbserver_state.processes[0]), pid_order);
3479 create_default_process(s);
3482 int gdbserver_start(const char *device)
3484 trace_gdbstub_op_start(device);
3486 char gdbstub_device_name[128];
3487 Chardev *chr = NULL;
3491 error_report("gdbstub: meaningless to attach gdb to a "
3492 "machine without any CPU.");
3498 if (strcmp(device, "none") != 0) {
3499 if (strstart(device, "tcp:", NULL)) {
3500 /* enforce required TCP attributes */
3501 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
3502 "%s,wait=off,nodelay=on,server=on", device);
3503 device = gdbstub_device_name;
3506 else if (strcmp(device, "stdio") == 0) {
3507 struct sigaction act;
3509 memset(&act, 0, sizeof(act));
3510 act.sa_handler = gdb_sigterm_handler;
3511 sigaction(SIGINT, &act, NULL);
3515 * FIXME: it's a bit weird to allow using a mux chardev here
3516 * and implicitly setup a monitor. We may want to break this.
3518 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
3523 if (!gdbserver_state.init) {
3524 init_gdbserver_state();
3526 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
3528 /* Initialize a monitor terminal for gdb */
3529 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
3530 NULL, NULL, &error_abort);
3531 monitor_init_hmp(mon_chr, false, &error_abort);
3533 qemu_chr_fe_deinit(&gdbserver_state.chr, true);
3534 mon_chr = gdbserver_state.mon_chr;
3535 reset_gdbserver_state();
3538 create_processes(&gdbserver_state);
3541 qemu_chr_fe_init(&gdbserver_state.chr, chr, &error_abort);
3542 qemu_chr_fe_set_handlers(&gdbserver_state.chr, gdb_chr_can_receive,
3543 gdb_chr_receive, gdb_chr_event,
3544 NULL, &gdbserver_state, NULL, true);
3546 gdbserver_state.state = chr ? RS_IDLE : RS_INACTIVE;
3547 gdbserver_state.mon_chr = mon_chr;
3548 gdbserver_state.current_syscall_cb = NULL;
3553 static void register_types(void)
3555 type_register_static(&char_gdb_type_info);
3558 type_init(register_types);
OSDN Git Service
