4 * This implements a subset of the remote protocol as described in:
6 * https://sourceware.org/gdb/onlinedocs/gdb/Remote-Protocol.html
8 * Copyright (c) 2003-2005 Fabrice Bellard
10 * This library is free software; you can redistribute it and/or
11 * modify it under the terms of the GNU Lesser General Public
12 * License as published by the Free Software Foundation; either
13 * version 2 of the License, or (at your option) any later version.
15 * This library is distributed in the hope that it will be useful,
16 * but WITHOUT ANY WARRANTY; without even the implied warranty of
17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
18 * Lesser General Public License for more details.
20 * You should have received a copy of the GNU Lesser General Public
21 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
23 * SPDX-License-Identifier: LGPL-2.0+
26 #include "qemu/osdep.h"
27 #include "qemu-common.h"
28 #include "qapi/error.h"
29 #include "qemu/error-report.h"
30 #include "qemu/ctype.h"
31 #include "qemu/cutils.h"
32 #include "qemu/module.h"
33 #include "trace/trace-root.h"
34 #ifdef CONFIG_USER_ONLY
37 #include "monitor/monitor.h"
38 #include "chardev/char.h"
39 #include "chardev/char-fe.h"
40 #include "sysemu/sysemu.h"
41 #include "exec/gdbstub.h"
42 #include "hw/cpu/cluster.h"
43 #include "hw/boards.h"
46 #define MAX_PACKET_LENGTH 4096
48 #include "qemu/sockets.h"
49 #include "sysemu/hw_accel.h"
50 #include "sysemu/kvm.h"
51 #include "sysemu/runstate.h"
52 #include "hw/semihosting/semihost.h"
53 #include "exec/exec-all.h"
54 #include "sysemu/replay.h"
56 #ifdef CONFIG_USER_ONLY
57 #define GDB_ATTACHED "0"
59 #define GDB_ATTACHED "1"
62 #ifndef CONFIG_USER_ONLY
63 static int phy_memory_mode
;
66 static inline int target_memory_rw_debug(CPUState
*cpu
, target_ulong addr
,
67 uint8_t *buf
, int len
, bool is_write
)
71 #ifndef CONFIG_USER_ONLY
72 if (phy_memory_mode
) {
74 cpu_physical_memory_write(addr
, buf
, len
);
76 cpu_physical_memory_read(addr
, buf
, len
);
82 cc
= CPU_GET_CLASS(cpu
);
83 if (cc
->memory_rw_debug
) {
84 return cc
->memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
86 return cpu_memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
89 /* Return the GDB index for a given vCPU state.
91 * For user mode this is simply the thread id. In system mode GDB
92 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
94 static inline int cpu_gdb_index(CPUState
*cpu
)
96 #if defined(CONFIG_USER_ONLY)
97 TaskState
*ts
= (TaskState
*) cpu
->opaque
;
100 return cpu
->cpu_index
+ 1;
110 GDB_SIGNAL_ALRM
= 14,
112 GDB_SIGNAL_XCPU
= 24,
113 GDB_SIGNAL_UNKNOWN
= 143
116 #ifdef CONFIG_USER_ONLY
118 /* Map target signal numbers to GDB protocol signal numbers and vice
119 * versa. For user emulation's currently supported systems, we can
120 * assume most signals are defined.
123 static int gdb_signal_table
[] = {
283 /* In system mode we only need SIGINT and SIGTRAP; other signals
284 are not yet supported. */
291 static int gdb_signal_table
[] = {
301 #ifdef CONFIG_USER_ONLY
302 static int target_signal_to_gdb (int sig
)
305 for (i
= 0; i
< ARRAY_SIZE (gdb_signal_table
); i
++)
306 if (gdb_signal_table
[i
] == sig
)
308 return GDB_SIGNAL_UNKNOWN
;
312 static int gdb_signal_to_target (int sig
)
314 if (sig
< ARRAY_SIZE (gdb_signal_table
))
315 return gdb_signal_table
[sig
];
320 typedef struct GDBRegisterState
{
323 gdb_get_reg_cb get_reg
;
324 gdb_set_reg_cb set_reg
;
326 struct GDBRegisterState
*next
;
329 typedef struct GDBProcess
{
333 char target_xml
[1024];
345 typedef struct GDBState
{
346 bool init
; /* have we been initialised? */
347 CPUState
*c_cpu
; /* current CPU for step/continue ops */
348 CPUState
*g_cpu
; /* current CPU for other ops */
349 CPUState
*query_cpu
; /* for q{f|s}ThreadInfo */
350 enum RSState state
; /* parsing state */
351 char line_buf
[MAX_PACKET_LENGTH
];
353 int line_sum
; /* running checksum */
354 int line_csum
; /* checksum at the end of the packet */
355 GByteArray
*last_packet
;
357 #ifdef CONFIG_USER_ONLY
366 GDBProcess
*processes
;
368 char syscall_buf
[256];
369 gdb_syscall_complete_cb current_syscall_cb
;
374 /* By default use no IRQs and no timers while single stepping so as to
375 * make single stepping like an ICE HW step.
377 static int sstep_flags
= SSTEP_ENABLE
|SSTEP_NOIRQ
|SSTEP_NOTIMER
;
379 /* Retrieves flags for single step mode. */
380 static int get_sstep_flags(void)
383 * In replay mode all events written into the log should be replayed.
384 * That is why NOIRQ flag is removed in this mode.
386 if (replay_mode
!= REPLAY_MODE_NONE
) {
393 static GDBState gdbserver_state
;
395 static void init_gdbserver_state(void)
397 g_assert(!gdbserver_state
.init
);
398 memset(&gdbserver_state
, 0, sizeof(GDBState
));
399 gdbserver_state
.init
= true;
400 gdbserver_state
.str_buf
= g_string_new(NULL
);
401 gdbserver_state
.mem_buf
= g_byte_array_sized_new(MAX_PACKET_LENGTH
);
402 gdbserver_state
.last_packet
= g_byte_array_sized_new(MAX_PACKET_LENGTH
+ 4);
405 #ifndef CONFIG_USER_ONLY
406 static void reset_gdbserver_state(void)
408 g_free(gdbserver_state
.processes
);
409 gdbserver_state
.processes
= NULL
;
410 gdbserver_state
.process_num
= 0;
416 #ifdef CONFIG_USER_ONLY
418 static int get_char(void)
424 ret
= qemu_recv(gdbserver_state
.fd
, &ch
, 1, 0);
426 if (errno
== ECONNRESET
)
427 gdbserver_state
.fd
= -1;
430 } else if (ret
== 0) {
431 close(gdbserver_state
.fd
);
432 gdbserver_state
.fd
= -1;
448 /* Decide if either remote gdb syscalls or native file IO should be used. */
449 int use_gdb_syscalls(void)
451 SemihostingTarget target
= semihosting_get_target();
452 if (target
== SEMIHOSTING_TARGET_NATIVE
) {
453 /* -semihosting-config target=native */
455 } else if (target
== SEMIHOSTING_TARGET_GDB
) {
456 /* -semihosting-config target=gdb */
460 /* -semihosting-config target=auto */
461 /* On the first call check if gdb is connected and remember. */
462 if (gdb_syscall_mode
== GDB_SYS_UNKNOWN
) {
463 gdb_syscall_mode
= gdbserver_state
.init
?
464 GDB_SYS_ENABLED
: GDB_SYS_DISABLED
;
466 return gdb_syscall_mode
== GDB_SYS_ENABLED
;
469 /* Resume execution. */
470 static inline void gdb_continue(void)
473 #ifdef CONFIG_USER_ONLY
474 gdbserver_state
.running_state
= 1;
475 trace_gdbstub_op_continue();
477 if (!runstate_needs_reset()) {
478 trace_gdbstub_op_continue();
485 * Resume execution, per CPU actions. For user-mode emulation it's
486 * equivalent to gdb_continue.
488 static int gdb_continue_partial(char *newstates
)
492 #ifdef CONFIG_USER_ONLY
494 * This is not exactly accurate, but it's an improvement compared to the
495 * previous situation, where only one CPU would be single-stepped.
498 if (newstates
[cpu
->cpu_index
] == 's') {
499 trace_gdbstub_op_stepping(cpu
->cpu_index
);
500 cpu_single_step(cpu
, sstep_flags
);
503 gdbserver_state
.running_state
= 1;
507 if (!runstate_needs_reset()) {
508 if (vm_prepare_start()) {
513 switch (newstates
[cpu
->cpu_index
]) {
516 break; /* nothing to do here */
518 trace_gdbstub_op_stepping(cpu
->cpu_index
);
519 cpu_single_step(cpu
, get_sstep_flags());
524 trace_gdbstub_op_continue_cpu(cpu
->cpu_index
);
535 qemu_clock_enable(QEMU_CLOCK_VIRTUAL
, true);
541 static void put_buffer(const uint8_t *buf
, int len
)
543 #ifdef CONFIG_USER_ONLY
547 ret
= send(gdbserver_state
.fd
, buf
, len
, 0);
557 /* XXX this blocks entire thread. Rewrite to use
558 * qemu_chr_fe_write and background I/O callbacks */
559 qemu_chr_fe_write_all(&gdbserver_state
.chr
, buf
, len
);
563 static inline int fromhex(int v
)
565 if (v
>= '0' && v
<= '9')
567 else if (v
>= 'A' && v
<= 'F')
569 else if (v
>= 'a' && v
<= 'f')
575 static inline int tohex(int v
)
583 /* writes 2*len+1 bytes in buf */
584 static void memtohex(GString
*buf
, const uint8_t *mem
, int len
)
587 for(i
= 0; i
< len
; i
++) {
589 g_string_append_c(buf
, tohex(c
>> 4));
590 g_string_append_c(buf
, tohex(c
& 0xf));
592 g_string_append_c(buf
, '\0');
595 static void hextomem(GByteArray
*mem
, const char *buf
, int len
)
599 for(i
= 0; i
< len
; i
++) {
600 guint8 byte
= fromhex(buf
[0]) << 4 | fromhex(buf
[1]);
601 g_byte_array_append(mem
, &byte
, 1);
606 static void hexdump(const char *buf
, int len
,
607 void (*trace_fn
)(size_t ofs
, char const *text
))
609 char line_buffer
[3 * 16 + 4 + 16 + 1];
612 for (i
= 0; i
< len
|| (i
& 0xF); ++i
) {
613 size_t byte_ofs
= i
& 15;
616 memset(line_buffer
, ' ', 3 * 16 + 4 + 16);
617 line_buffer
[3 * 16 + 4 + 16] = 0;
620 size_t col_group
= (i
>> 2) & 3;
621 size_t hex_col
= byte_ofs
* 3 + col_group
;
622 size_t txt_col
= 3 * 16 + 4 + byte_ofs
;
627 line_buffer
[hex_col
+ 0] = tohex((value
>> 4) & 0xF);
628 line_buffer
[hex_col
+ 1] = tohex((value
>> 0) & 0xF);
629 line_buffer
[txt_col
+ 0] = (value
>= ' ' && value
< 127)
635 trace_fn(i
& -16, line_buffer
);
639 /* return -1 if error, 0 if OK */
640 static int put_packet_binary(const char *buf
, int len
, bool dump
)
645 if (dump
&& trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY
)) {
646 hexdump(buf
, len
, trace_gdbstub_io_binaryreply
);
650 g_byte_array_set_size(gdbserver_state
.last_packet
, 0);
651 g_byte_array_append(gdbserver_state
.last_packet
,
652 (const uint8_t *) "$", 1);
653 g_byte_array_append(gdbserver_state
.last_packet
,
654 (const uint8_t *) buf
, len
);
656 for(i
= 0; i
< len
; i
++) {
660 footer
[1] = tohex((csum
>> 4) & 0xf);
661 footer
[2] = tohex((csum
) & 0xf);
662 g_byte_array_append(gdbserver_state
.last_packet
, footer
, 3);
664 put_buffer(gdbserver_state
.last_packet
->data
,
665 gdbserver_state
.last_packet
->len
);
667 #ifdef CONFIG_USER_ONLY
680 /* return -1 if error, 0 if OK */
681 static int put_packet(const char *buf
)
683 trace_gdbstub_io_reply(buf
);
685 return put_packet_binary(buf
, strlen(buf
), false);
688 static void put_strbuf(void)
690 put_packet(gdbserver_state
.str_buf
->str
);
693 /* Encode data using the encoding for 'x' packets. */
694 static void memtox(GString
*buf
, const char *mem
, int len
)
701 case '#': case '$': case '*': case '}':
702 g_string_append_c(buf
, '}');
703 g_string_append_c(buf
, c
^ 0x20);
706 g_string_append_c(buf
, c
);
712 static uint32_t gdb_get_cpu_pid(CPUState
*cpu
)
714 /* TODO: In user mode, we should use the task state PID */
715 if (cpu
->cluster_index
== UNASSIGNED_CLUSTER_INDEX
) {
716 /* Return the default process' PID */
717 int index
= gdbserver_state
.process_num
- 1;
718 return gdbserver_state
.processes
[index
].pid
;
720 return cpu
->cluster_index
+ 1;
723 static GDBProcess
*gdb_get_process(uint32_t pid
)
728 /* 0 means any process, we take the first one */
729 return &gdbserver_state
.processes
[0];
732 for (i
= 0; i
< gdbserver_state
.process_num
; i
++) {
733 if (gdbserver_state
.processes
[i
].pid
== pid
) {
734 return &gdbserver_state
.processes
[i
];
741 static GDBProcess
*gdb_get_cpu_process(CPUState
*cpu
)
743 return gdb_get_process(gdb_get_cpu_pid(cpu
));
746 static CPUState
*find_cpu(uint32_t thread_id
)
751 if (cpu_gdb_index(cpu
) == thread_id
) {
759 static CPUState
*get_first_cpu_in_process(GDBProcess
*process
)
764 if (gdb_get_cpu_pid(cpu
) == process
->pid
) {
772 static CPUState
*gdb_next_cpu_in_process(CPUState
*cpu
)
774 uint32_t pid
= gdb_get_cpu_pid(cpu
);
778 if (gdb_get_cpu_pid(cpu
) == pid
) {
788 /* Return the cpu following @cpu, while ignoring unattached processes. */
789 static CPUState
*gdb_next_attached_cpu(CPUState
*cpu
)
794 if (gdb_get_cpu_process(cpu
)->attached
) {
804 /* Return the first attached cpu */
805 static CPUState
*gdb_first_attached_cpu(void)
807 CPUState
*cpu
= first_cpu
;
808 GDBProcess
*process
= gdb_get_cpu_process(cpu
);
810 if (!process
->attached
) {
811 return gdb_next_attached_cpu(cpu
);
817 static CPUState
*gdb_get_cpu(uint32_t pid
, uint32_t tid
)
823 /* 0 means any process/thread, we take the first attached one */
824 return gdb_first_attached_cpu();
825 } else if (pid
&& !tid
) {
826 /* any thread in a specific process */
827 process
= gdb_get_process(pid
);
829 if (process
== NULL
) {
833 if (!process
->attached
) {
837 return get_first_cpu_in_process(process
);
839 /* a specific thread */
846 process
= gdb_get_cpu_process(cpu
);
848 if (pid
&& process
->pid
!= pid
) {
852 if (!process
->attached
) {
860 static const char *get_feature_xml(const char *p
, const char **newp
,
866 CPUState
*cpu
= get_first_cpu_in_process(process
);
867 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
870 while (p
[len
] && p
[len
] != ':')
875 if (strncmp(p
, "target.xml", len
) == 0) {
876 char *buf
= process
->target_xml
;
877 const size_t buf_sz
= sizeof(process
->target_xml
);
879 /* Generate the XML description for this CPU. */
884 "<?xml version=\"1.0\"?>"
885 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
887 if (cc
->gdb_arch_name
) {
888 gchar
*arch
= cc
->gdb_arch_name(cpu
);
889 pstrcat(buf
, buf_sz
, "<architecture>");
890 pstrcat(buf
, buf_sz
, arch
);
891 pstrcat(buf
, buf_sz
, "</architecture>");
894 pstrcat(buf
, buf_sz
, "<xi:include href=\"");
895 pstrcat(buf
, buf_sz
, cc
->gdb_core_xml_file
);
896 pstrcat(buf
, buf_sz
, "\"/>");
897 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
898 pstrcat(buf
, buf_sz
, "<xi:include href=\"");
899 pstrcat(buf
, buf_sz
, r
->xml
);
900 pstrcat(buf
, buf_sz
, "\"/>");
902 pstrcat(buf
, buf_sz
, "</target>");
906 if (cc
->gdb_get_dynamic_xml
) {
907 char *xmlname
= g_strndup(p
, len
);
908 const char *xml
= cc
->gdb_get_dynamic_xml(cpu
, xmlname
);
916 name
= xml_builtin
[i
][0];
917 if (!name
|| (strncmp(name
, p
, len
) == 0 && strlen(name
) == len
))
920 return name
? xml_builtin
[i
][1] : NULL
;
923 static int gdb_read_register(CPUState
*cpu
, GByteArray
*buf
, int reg
)
925 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
926 CPUArchState
*env
= cpu
->env_ptr
;
929 if (reg
< cc
->gdb_num_core_regs
) {
930 return cc
->gdb_read_register(cpu
, buf
, reg
);
933 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
934 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
935 return r
->get_reg(env
, buf
, reg
- r
->base_reg
);
941 static int gdb_write_register(CPUState
*cpu
, uint8_t *mem_buf
, int reg
)
943 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
944 CPUArchState
*env
= cpu
->env_ptr
;
947 if (reg
< cc
->gdb_num_core_regs
) {
948 return cc
->gdb_write_register(cpu
, mem_buf
, reg
);
951 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
952 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
953 return r
->set_reg(env
, mem_buf
, reg
- r
->base_reg
);
959 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
960 specifies the first register number and these registers are included in
961 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
962 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
965 void gdb_register_coprocessor(CPUState
*cpu
,
966 gdb_get_reg_cb get_reg
, gdb_set_reg_cb set_reg
,
967 int num_regs
, const char *xml
, int g_pos
)
970 GDBRegisterState
**p
;
974 /* Check for duplicates. */
975 if (strcmp((*p
)->xml
, xml
) == 0)
980 s
= g_new0(GDBRegisterState
, 1);
981 s
->base_reg
= cpu
->gdb_num_regs
;
982 s
->num_regs
= num_regs
;
983 s
->get_reg
= get_reg
;
984 s
->set_reg
= set_reg
;
987 /* Add to end of list. */
988 cpu
->gdb_num_regs
+= num_regs
;
991 if (g_pos
!= s
->base_reg
) {
992 error_report("Error: Bad gdb register numbering for '%s', "
993 "expected %d got %d", xml
, g_pos
, s
->base_reg
);
995 cpu
->gdb_num_g_regs
= cpu
->gdb_num_regs
;
1000 #ifndef CONFIG_USER_ONLY
1001 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
1002 static inline int xlat_gdb_type(CPUState
*cpu
, int gdbtype
)
1004 static const int xlat
[] = {
1005 [GDB_WATCHPOINT_WRITE
] = BP_GDB
| BP_MEM_WRITE
,
1006 [GDB_WATCHPOINT_READ
] = BP_GDB
| BP_MEM_READ
,
1007 [GDB_WATCHPOINT_ACCESS
] = BP_GDB
| BP_MEM_ACCESS
,
1010 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
1011 int cputype
= xlat
[gdbtype
];
1013 if (cc
->gdb_stop_before_watchpoint
) {
1014 cputype
|= BP_STOP_BEFORE_ACCESS
;
1020 static int gdb_breakpoint_insert(int type
, target_ulong addr
, target_ulong len
)
1025 if (kvm_enabled()) {
1026 return kvm_insert_breakpoint(gdbserver_state
.c_cpu
, addr
, len
, type
);
1030 case GDB_BREAKPOINT_SW
:
1031 case GDB_BREAKPOINT_HW
:
1033 err
= cpu_breakpoint_insert(cpu
, addr
, BP_GDB
, NULL
);
1039 #ifndef CONFIG_USER_ONLY
1040 case GDB_WATCHPOINT_WRITE
:
1041 case GDB_WATCHPOINT_READ
:
1042 case GDB_WATCHPOINT_ACCESS
:
1044 err
= cpu_watchpoint_insert(cpu
, addr
, len
,
1045 xlat_gdb_type(cpu
, type
), NULL
);
1057 static int gdb_breakpoint_remove(int type
, target_ulong addr
, target_ulong len
)
1062 if (kvm_enabled()) {
1063 return kvm_remove_breakpoint(gdbserver_state
.c_cpu
, addr
, len
, type
);
1067 case GDB_BREAKPOINT_SW
:
1068 case GDB_BREAKPOINT_HW
:
1070 err
= cpu_breakpoint_remove(cpu
, addr
, BP_GDB
);
1076 #ifndef CONFIG_USER_ONLY
1077 case GDB_WATCHPOINT_WRITE
:
1078 case GDB_WATCHPOINT_READ
:
1079 case GDB_WATCHPOINT_ACCESS
:
1081 err
= cpu_watchpoint_remove(cpu
, addr
, len
,
1082 xlat_gdb_type(cpu
, type
));
1093 static inline void gdb_cpu_breakpoint_remove_all(CPUState
*cpu
)
1095 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
1096 #ifndef CONFIG_USER_ONLY
1097 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
1101 static void gdb_process_breakpoint_remove_all(GDBProcess
*p
)
1103 CPUState
*cpu
= get_first_cpu_in_process(p
);
1106 gdb_cpu_breakpoint_remove_all(cpu
);
1107 cpu
= gdb_next_cpu_in_process(cpu
);
1111 static void gdb_breakpoint_remove_all(void)
1115 if (kvm_enabled()) {
1116 kvm_remove_all_breakpoints(gdbserver_state
.c_cpu
);
1121 gdb_cpu_breakpoint_remove_all(cpu
);
1125 static void gdb_set_cpu_pc(target_ulong pc
)
1127 CPUState
*cpu
= gdbserver_state
.c_cpu
;
1129 cpu_synchronize_state(cpu
);
1130 cpu_set_pc(cpu
, pc
);
1133 static void gdb_append_thread_id(CPUState
*cpu
, GString
*buf
)
1135 if (gdbserver_state
.multiprocess
) {
1136 g_string_append_printf(buf
, "p%02x.%02x",
1137 gdb_get_cpu_pid(cpu
), cpu_gdb_index(cpu
));
1139 g_string_append_printf(buf
, "%02x", cpu_gdb_index(cpu
));
1143 typedef enum GDBThreadIdKind
{
1145 GDB_ALL_THREADS
, /* One process, all threads */
1150 static GDBThreadIdKind
read_thread_id(const char *buf
, const char **end_buf
,
1151 uint32_t *pid
, uint32_t *tid
)
1158 ret
= qemu_strtoul(buf
, &buf
, 16, &p
);
1161 return GDB_READ_THREAD_ERR
;
1170 ret
= qemu_strtoul(buf
, &buf
, 16, &t
);
1173 return GDB_READ_THREAD_ERR
;
1179 return GDB_ALL_PROCESSES
;
1187 return GDB_ALL_THREADS
;
1194 return GDB_ONE_THREAD
;
1198 * gdb_handle_vcont - Parses and handles a vCont packet.
1199 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1200 * a format error, 0 on success.
1202 static int gdb_handle_vcont(const char *p
)
1204 int res
, signal
= 0;
1209 GDBProcess
*process
;
1211 GDBThreadIdKind kind
;
1212 #ifdef CONFIG_USER_ONLY
1213 int max_cpus
= 1; /* global variable max_cpus exists only in system mode */
1216 max_cpus
= max_cpus
<= cpu
->cpu_index
? cpu
->cpu_index
+ 1 : max_cpus
;
1219 MachineState
*ms
= MACHINE(qdev_get_machine());
1220 unsigned int max_cpus
= ms
->smp
.max_cpus
;
1222 /* uninitialised CPUs stay 0 */
1223 newstates
= g_new0(char, max_cpus
);
1225 /* mark valid CPUs with 1 */
1227 newstates
[cpu
->cpu_index
] = 1;
1231 * res keeps track of what error we are returning, with -ENOTSUP meaning
1232 * that the command is unknown or unsupported, thus returning an empty
1233 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1234 * or incorrect parameters passed.
1244 if (cur_action
== 'C' || cur_action
== 'S') {
1245 cur_action
= qemu_tolower(cur_action
);
1246 res
= qemu_strtoul(p
, &p
, 16, &tmp
);
1250 signal
= gdb_signal_to_target(tmp
);
1251 } else if (cur_action
!= 'c' && cur_action
!= 's') {
1252 /* unknown/invalid/unsupported command */
1257 if (*p
== '\0' || *p
== ';') {
1259 * No thread specifier, action is on "all threads". The
1260 * specification is unclear regarding the process to act on. We
1261 * choose all processes.
1263 kind
= GDB_ALL_PROCESSES
;
1264 } else if (*p
++ == ':') {
1265 kind
= read_thread_id(p
, &p
, &pid
, &tid
);
1272 case GDB_READ_THREAD_ERR
:
1276 case GDB_ALL_PROCESSES
:
1277 cpu
= gdb_first_attached_cpu();
1279 if (newstates
[cpu
->cpu_index
] == 1) {
1280 newstates
[cpu
->cpu_index
] = cur_action
;
1283 cpu
= gdb_next_attached_cpu(cpu
);
1287 case GDB_ALL_THREADS
:
1288 process
= gdb_get_process(pid
);
1290 if (!process
->attached
) {
1295 cpu
= get_first_cpu_in_process(process
);
1297 if (newstates
[cpu
->cpu_index
] == 1) {
1298 newstates
[cpu
->cpu_index
] = cur_action
;
1301 cpu
= gdb_next_cpu_in_process(cpu
);
1305 case GDB_ONE_THREAD
:
1306 cpu
= gdb_get_cpu(pid
, tid
);
1308 /* invalid CPU/thread specified */
1314 /* only use if no previous match occourred */
1315 if (newstates
[cpu
->cpu_index
] == 1) {
1316 newstates
[cpu
->cpu_index
] = cur_action
;
1321 gdbserver_state
.signal
= signal
;
1322 gdb_continue_partial(newstates
);
1330 typedef union GdbCmdVariant
{
1333 unsigned long val_ul
;
1334 unsigned long long val_ull
;
1336 GDBThreadIdKind kind
;
1342 static const char *cmd_next_param(const char *param
, const char delimiter
)
1344 static const char all_delimiters
[] = ",;:=";
1345 char curr_delimiters
[2] = {0};
1346 const char *delimiters
;
1348 if (delimiter
== '?') {
1349 delimiters
= all_delimiters
;
1350 } else if (delimiter
== '0') {
1351 return strchr(param
, '\0');
1352 } else if (delimiter
== '.' && *param
) {
1355 curr_delimiters
[0] = delimiter
;
1356 delimiters
= curr_delimiters
;
1359 param
+= strcspn(param
, delimiters
);
1366 static int cmd_parse_params(const char *data
, const char *schema
,
1367 GdbCmdVariant
*params
, int *num_params
)
1370 const char *curr_schema
, *curr_data
;
1378 curr_schema
= schema
;
1381 while (curr_schema
[0] && curr_schema
[1] && *curr_data
) {
1382 switch (curr_schema
[0]) {
1384 if (qemu_strtoul(curr_data
, &curr_data
, 16,
1385 ¶ms
[curr_param
].val_ul
)) {
1389 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1392 if (qemu_strtou64(curr_data
, &curr_data
, 16,
1393 (uint64_t *)¶ms
[curr_param
].val_ull
)) {
1397 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1400 params
[curr_param
].data
= curr_data
;
1402 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1405 params
[curr_param
].opcode
= *(uint8_t *)curr_data
;
1407 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1410 params
[curr_param
].thread_id
.kind
=
1411 read_thread_id(curr_data
, &curr_data
,
1412 ¶ms
[curr_param
].thread_id
.pid
,
1413 ¶ms
[curr_param
].thread_id
.tid
);
1415 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1418 curr_data
= cmd_next_param(curr_data
, curr_schema
[1]);
1426 *num_params
= curr_param
;
1430 typedef struct GdbCmdContext
{
1431 GdbCmdVariant
*params
;
1435 typedef void (*GdbCmdHandler
)(GdbCmdContext
*gdb_ctx
, void *user_ctx
);
1438 * cmd_startswith -> cmd is compared using startswith
1441 * schema definitions:
1442 * Each schema parameter entry consists of 2 chars,
1443 * the first char represents the parameter type handling
1444 * the second char represents the delimiter for the next parameter
1446 * Currently supported schema types:
1447 * 'l' -> unsigned long (stored in .val_ul)
1448 * 'L' -> unsigned long long (stored in .val_ull)
1449 * 's' -> string (stored in .data)
1450 * 'o' -> single char (stored in .opcode)
1451 * 't' -> thread id (stored in .thread_id)
1452 * '?' -> skip according to delimiter
1454 * Currently supported delimiters:
1455 * '?' -> Stop at any delimiter (",;:=\0")
1456 * '0' -> Stop at "\0"
1457 * '.' -> Skip 1 char unless reached "\0"
1458 * Any other value is treated as the delimiter value itself
1460 typedef struct GdbCmdParseEntry
{
1461 GdbCmdHandler handler
;
1463 bool cmd_startswith
;
1467 static inline int startswith(const char *string
, const char *pattern
)
1469 return !strncmp(string
, pattern
, strlen(pattern
));
1472 static int process_string_cmd(void *user_ctx
, const char *data
,
1473 const GdbCmdParseEntry
*cmds
, int num_cmds
)
1475 int i
, schema_len
, max_num_params
= 0;
1476 GdbCmdContext gdb_ctx
;
1482 for (i
= 0; i
< num_cmds
; i
++) {
1483 const GdbCmdParseEntry
*cmd
= &cmds
[i
];
1484 g_assert(cmd
->handler
&& cmd
->cmd
);
1486 if ((cmd
->cmd_startswith
&& !startswith(data
, cmd
->cmd
)) ||
1487 (!cmd
->cmd_startswith
&& strcmp(cmd
->cmd
, data
))) {
1492 schema_len
= strlen(cmd
->schema
);
1493 if (schema_len
% 2) {
1497 max_num_params
= schema_len
/ 2;
1501 (GdbCmdVariant
*)alloca(sizeof(*gdb_ctx
.params
) * max_num_params
);
1502 memset(gdb_ctx
.params
, 0, sizeof(*gdb_ctx
.params
) * max_num_params
);
1504 if (cmd_parse_params(&data
[strlen(cmd
->cmd
)], cmd
->schema
,
1505 gdb_ctx
.params
, &gdb_ctx
.num_params
)) {
1509 cmd
->handler(&gdb_ctx
, user_ctx
);
1516 static void run_cmd_parser(const char *data
, const GdbCmdParseEntry
*cmd
)
1522 g_string_set_size(gdbserver_state
.str_buf
, 0);
1523 g_byte_array_set_size(gdbserver_state
.mem_buf
, 0);
1525 /* In case there was an error during the command parsing we must
1526 * send a NULL packet to indicate the command is not supported */
1527 if (process_string_cmd(NULL
, data
, cmd
, 1)) {
1532 static void handle_detach(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1534 GDBProcess
*process
;
1537 if (gdbserver_state
.multiprocess
) {
1538 if (!gdb_ctx
->num_params
) {
1543 pid
= gdb_ctx
->params
[0].val_ul
;
1546 process
= gdb_get_process(pid
);
1547 gdb_process_breakpoint_remove_all(process
);
1548 process
->attached
= false;
1550 if (pid
== gdb_get_cpu_pid(gdbserver_state
.c_cpu
)) {
1551 gdbserver_state
.c_cpu
= gdb_first_attached_cpu();
1554 if (pid
== gdb_get_cpu_pid(gdbserver_state
.g_cpu
)) {
1555 gdbserver_state
.g_cpu
= gdb_first_attached_cpu();
1558 if (!gdbserver_state
.c_cpu
) {
1559 /* No more process attached */
1560 gdb_syscall_mode
= GDB_SYS_DISABLED
;
1566 static void handle_thread_alive(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1570 if (!gdb_ctx
->num_params
) {
1575 if (gdb_ctx
->params
[0].thread_id
.kind
== GDB_READ_THREAD_ERR
) {
1580 cpu
= gdb_get_cpu(gdb_ctx
->params
[0].thread_id
.pid
,
1581 gdb_ctx
->params
[0].thread_id
.tid
);
1590 static void handle_continue(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1592 if (gdb_ctx
->num_params
) {
1593 gdb_set_cpu_pc(gdb_ctx
->params
[0].val_ull
);
1596 gdbserver_state
.signal
= 0;
1600 static void handle_cont_with_sig(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1602 unsigned long signal
= 0;
1605 * Note: C sig;[addr] is currently unsupported and we simply
1606 * omit the addr parameter
1608 if (gdb_ctx
->num_params
) {
1609 signal
= gdb_ctx
->params
[0].val_ul
;
1612 gdbserver_state
.signal
= gdb_signal_to_target(signal
);
1613 if (gdbserver_state
.signal
== -1) {
1614 gdbserver_state
.signal
= 0;
1619 static void handle_set_thread(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1623 if (gdb_ctx
->num_params
!= 2) {
1628 if (gdb_ctx
->params
[1].thread_id
.kind
== GDB_READ_THREAD_ERR
) {
1633 if (gdb_ctx
->params
[1].thread_id
.kind
!= GDB_ONE_THREAD
) {
1638 cpu
= gdb_get_cpu(gdb_ctx
->params
[1].thread_id
.pid
,
1639 gdb_ctx
->params
[1].thread_id
.tid
);
1646 * Note: This command is deprecated and modern gdb's will be using the
1647 * vCont command instead.
1649 switch (gdb_ctx
->params
[0].opcode
) {
1651 gdbserver_state
.c_cpu
= cpu
;
1655 gdbserver_state
.g_cpu
= cpu
;
1664 static void handle_insert_bp(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1668 if (gdb_ctx
->num_params
!= 3) {
1673 res
= gdb_breakpoint_insert(gdb_ctx
->params
[0].val_ul
,
1674 gdb_ctx
->params
[1].val_ull
,
1675 gdb_ctx
->params
[2].val_ull
);
1679 } else if (res
== -ENOSYS
) {
1687 static void handle_remove_bp(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1691 if (gdb_ctx
->num_params
!= 3) {
1696 res
= gdb_breakpoint_remove(gdb_ctx
->params
[0].val_ul
,
1697 gdb_ctx
->params
[1].val_ull
,
1698 gdb_ctx
->params
[2].val_ull
);
1702 } else if (res
== -ENOSYS
) {
1711 * handle_set/get_reg
1713 * Older gdb are really dumb, and don't use 'G/g' if 'P/p' is available.
1714 * This works, but can be very slow. Anything new enough to understand
1715 * XML also knows how to use this properly. However to use this we
1716 * need to define a local XML file as well as be talking to a
1717 * reasonably modern gdb. Responding with an empty packet will cause
1718 * the remote gdb to fallback to older methods.
1721 static void handle_set_reg(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1730 if (gdb_ctx
->num_params
!= 2) {
1735 reg_size
= strlen(gdb_ctx
->params
[1].data
) / 2;
1736 hextomem(gdbserver_state
.mem_buf
, gdb_ctx
->params
[1].data
, reg_size
);
1737 gdb_write_register(gdbserver_state
.g_cpu
, gdbserver_state
.mem_buf
->data
,
1738 gdb_ctx
->params
[0].val_ull
);
1742 static void handle_get_reg(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1751 if (!gdb_ctx
->num_params
) {
1756 reg_size
= gdb_read_register(gdbserver_state
.g_cpu
,
1757 gdbserver_state
.mem_buf
,
1758 gdb_ctx
->params
[0].val_ull
);
1763 g_byte_array_set_size(gdbserver_state
.mem_buf
, reg_size
);
1766 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
, reg_size
);
1770 static void handle_write_mem(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1772 if (gdb_ctx
->num_params
!= 3) {
1777 /* hextomem() reads 2*len bytes */
1778 if (gdb_ctx
->params
[1].val_ull
> strlen(gdb_ctx
->params
[2].data
) / 2) {
1783 hextomem(gdbserver_state
.mem_buf
, gdb_ctx
->params
[2].data
,
1784 gdb_ctx
->params
[1].val_ull
);
1785 if (target_memory_rw_debug(gdbserver_state
.g_cpu
, gdb_ctx
->params
[0].val_ull
,
1786 gdbserver_state
.mem_buf
->data
,
1787 gdbserver_state
.mem_buf
->len
, true)) {
1795 static void handle_read_mem(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1797 if (gdb_ctx
->num_params
!= 2) {
1802 /* memtohex() doubles the required space */
1803 if (gdb_ctx
->params
[1].val_ull
> MAX_PACKET_LENGTH
/ 2) {
1808 g_byte_array_set_size(gdbserver_state
.mem_buf
, gdb_ctx
->params
[1].val_ull
);
1810 if (target_memory_rw_debug(gdbserver_state
.g_cpu
, gdb_ctx
->params
[0].val_ull
,
1811 gdbserver_state
.mem_buf
->data
,
1812 gdbserver_state
.mem_buf
->len
, false)) {
1817 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
,
1818 gdbserver_state
.mem_buf
->len
);
1822 static void handle_write_all_regs(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1824 target_ulong addr
, len
;
1828 if (!gdb_ctx
->num_params
) {
1832 cpu_synchronize_state(gdbserver_state
.g_cpu
);
1833 len
= strlen(gdb_ctx
->params
[0].data
) / 2;
1834 hextomem(gdbserver_state
.mem_buf
, gdb_ctx
->params
[0].data
, len
);
1835 registers
= gdbserver_state
.mem_buf
->data
;
1836 for (addr
= 0; addr
< gdbserver_state
.g_cpu
->gdb_num_g_regs
&& len
> 0;
1838 reg_size
= gdb_write_register(gdbserver_state
.g_cpu
, registers
, addr
);
1840 registers
+= reg_size
;
1845 static void handle_read_all_regs(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1847 target_ulong addr
, len
;
1849 cpu_synchronize_state(gdbserver_state
.g_cpu
);
1850 g_byte_array_set_size(gdbserver_state
.mem_buf
, 0);
1852 for (addr
= 0; addr
< gdbserver_state
.g_cpu
->gdb_num_g_regs
; addr
++) {
1853 len
+= gdb_read_register(gdbserver_state
.g_cpu
,
1854 gdbserver_state
.mem_buf
,
1857 g_assert(len
== gdbserver_state
.mem_buf
->len
);
1859 memtohex(gdbserver_state
.str_buf
, gdbserver_state
.mem_buf
->data
, len
);
1863 static void handle_file_io(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1865 if (gdb_ctx
->num_params
>= 1 && gdbserver_state
.current_syscall_cb
) {
1866 target_ulong ret
, err
;
1868 ret
= (target_ulong
)gdb_ctx
->params
[0].val_ull
;
1869 if (gdb_ctx
->num_params
>= 2) {
1870 err
= (target_ulong
)gdb_ctx
->params
[1].val_ull
;
1874 gdbserver_state
.current_syscall_cb(gdbserver_state
.c_cpu
, ret
, err
);
1875 gdbserver_state
.current_syscall_cb
= NULL
;
1878 if (gdb_ctx
->num_params
>= 3 && gdb_ctx
->params
[2].opcode
== (uint8_t)'C') {
1886 static void handle_step(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1888 if (gdb_ctx
->num_params
) {
1889 gdb_set_cpu_pc((target_ulong
)gdb_ctx
->params
[0].val_ull
);
1892 cpu_single_step(gdbserver_state
.c_cpu
, get_sstep_flags());
1896 static void handle_backward(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1898 if (replay_mode
!= REPLAY_MODE_PLAY
) {
1901 if (gdb_ctx
->num_params
== 1) {
1902 switch (gdb_ctx
->params
[0].opcode
) {
1904 if (replay_reverse_step()) {
1911 if (replay_reverse_continue()) {
1920 /* Default invalid command */
1924 static void handle_v_cont_query(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1926 put_packet("vCont;c;C;s;S");
1929 static void handle_v_cont(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1933 if (!gdb_ctx
->num_params
) {
1937 res
= gdb_handle_vcont(gdb_ctx
->params
[0].data
);
1938 if ((res
== -EINVAL
) || (res
== -ERANGE
)) {
1945 static void handle_v_attach(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1947 GDBProcess
*process
;
1950 g_string_assign(gdbserver_state
.str_buf
, "E22");
1951 if (!gdb_ctx
->num_params
) {
1955 process
= gdb_get_process(gdb_ctx
->params
[0].val_ul
);
1960 cpu
= get_first_cpu_in_process(process
);
1965 process
->attached
= true;
1966 gdbserver_state
.g_cpu
= cpu
;
1967 gdbserver_state
.c_cpu
= cpu
;
1969 g_string_printf(gdbserver_state
.str_buf
, "T%02xthread:", GDB_SIGNAL_TRAP
);
1970 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
1971 g_string_append_c(gdbserver_state
.str_buf
, ';');
1976 static void handle_v_kill(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
1978 /* Kill the target */
1980 error_report("QEMU: Terminated via GDBstub");
1984 static GdbCmdParseEntry gdb_v_commands_table
[] = {
1985 /* Order is important if has same prefix */
1987 .handler
= handle_v_cont_query
,
1992 .handler
= handle_v_cont
,
1994 .cmd_startswith
= 1,
1998 .handler
= handle_v_attach
,
2000 .cmd_startswith
= 1,
2004 .handler
= handle_v_kill
,
2010 static void handle_v_commands(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2012 if (!gdb_ctx
->num_params
) {
2016 if (process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2017 gdb_v_commands_table
,
2018 ARRAY_SIZE(gdb_v_commands_table
))) {
2023 static void handle_query_qemu_sstepbits(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2025 g_string_printf(gdbserver_state
.str_buf
, "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2026 SSTEP_ENABLE
, SSTEP_NOIRQ
, SSTEP_NOTIMER
);
2030 static void handle_set_qemu_sstep(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2032 if (!gdb_ctx
->num_params
) {
2036 sstep_flags
= gdb_ctx
->params
[0].val_ul
;
2040 static void handle_query_qemu_sstep(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2042 g_string_printf(gdbserver_state
.str_buf
, "0x%x", sstep_flags
);
2046 static void handle_query_curr_tid(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2049 GDBProcess
*process
;
2052 * "Current thread" remains vague in the spec, so always return
2053 * the first thread of the current process (gdb returns the
2056 process
= gdb_get_cpu_process(gdbserver_state
.g_cpu
);
2057 cpu
= get_first_cpu_in_process(process
);
2058 g_string_assign(gdbserver_state
.str_buf
, "QC");
2059 gdb_append_thread_id(cpu
, gdbserver_state
.str_buf
);
2063 static void handle_query_threads(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2065 if (!gdbserver_state
.query_cpu
) {
2070 g_string_assign(gdbserver_state
.str_buf
, "m");
2071 gdb_append_thread_id(gdbserver_state
.query_cpu
, gdbserver_state
.str_buf
);
2073 gdbserver_state
.query_cpu
= gdb_next_attached_cpu(gdbserver_state
.query_cpu
);
2076 static void handle_query_first_threads(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2078 gdbserver_state
.query_cpu
= gdb_first_attached_cpu();
2079 handle_query_threads(gdb_ctx
, user_ctx
);
2082 static void handle_query_thread_extra(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2084 g_autoptr(GString
) rs
= g_string_new(NULL
);
2087 if (!gdb_ctx
->num_params
||
2088 gdb_ctx
->params
[0].thread_id
.kind
== GDB_READ_THREAD_ERR
) {
2093 cpu
= gdb_get_cpu(gdb_ctx
->params
[0].thread_id
.pid
,
2094 gdb_ctx
->params
[0].thread_id
.tid
);
2099 cpu_synchronize_state(cpu
);
2101 if (gdbserver_state
.multiprocess
&& (gdbserver_state
.process_num
> 1)) {
2102 /* Print the CPU model and name in multiprocess mode */
2103 ObjectClass
*oc
= object_get_class(OBJECT(cpu
));
2104 const char *cpu_model
= object_class_get_name(oc
);
2105 const char *cpu_name
=
2106 object_get_canonical_path_component(OBJECT(cpu
));
2107 g_string_printf(rs
, "%s %s [%s]", cpu_model
, cpu_name
,
2108 cpu
->halted
? "halted " : "running");
2110 g_string_printf(rs
, "CPU#%d [%s]", cpu
->cpu_index
,
2111 cpu
->halted
? "halted " : "running");
2113 trace_gdbstub_op_extra_info(rs
->str
);
2114 memtohex(gdbserver_state
.str_buf
, (uint8_t *)rs
->str
, rs
->len
);
2118 #ifdef CONFIG_USER_ONLY
2119 static void handle_query_offsets(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2123 ts
= gdbserver_state
.c_cpu
->opaque
;
2124 g_string_printf(gdbserver_state
.str_buf
,
2125 "Text=" TARGET_ABI_FMT_lx
2126 ";Data=" TARGET_ABI_FMT_lx
2127 ";Bss=" TARGET_ABI_FMT_lx
,
2128 ts
->info
->code_offset
,
2129 ts
->info
->data_offset
,
2130 ts
->info
->data_offset
);
2134 static void handle_query_rcmd(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2136 const guint8 zero
= 0;
2139 if (!gdb_ctx
->num_params
) {
2144 len
= strlen(gdb_ctx
->params
[0].data
);
2150 g_assert(gdbserver_state
.mem_buf
->len
== 0);
2152 hextomem(gdbserver_state
.mem_buf
, gdb_ctx
->params
[0].data
, len
);
2153 g_byte_array_append(gdbserver_state
.mem_buf
, &zero
, 1);
2154 qemu_chr_be_write(gdbserver_state
.mon_chr
, gdbserver_state
.mem_buf
->data
,
2155 gdbserver_state
.mem_buf
->len
);
2160 static void handle_query_supported(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2164 g_string_printf(gdbserver_state
.str_buf
, "PacketSize=%x", MAX_PACKET_LENGTH
);
2165 cc
= CPU_GET_CLASS(first_cpu
);
2166 if (cc
->gdb_core_xml_file
) {
2167 g_string_append(gdbserver_state
.str_buf
, ";qXfer:features:read+");
2170 if (replay_mode
== REPLAY_MODE_PLAY
) {
2171 g_string_append(gdbserver_state
.str_buf
,
2172 ";ReverseStep+;ReverseContinue+");
2175 #ifdef CONFIG_USER_ONLY
2176 if (gdbserver_state
.c_cpu
->opaque
) {
2177 g_string_append(gdbserver_state
.str_buf
, ";qXfer:auxv:read+");
2181 if (gdb_ctx
->num_params
&&
2182 strstr(gdb_ctx
->params
[0].data
, "multiprocess+")) {
2183 gdbserver_state
.multiprocess
= true;
2186 g_string_append(gdbserver_state
.str_buf
, ";vContSupported+;multiprocess+");
2190 static void handle_query_xfer_features(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2192 GDBProcess
*process
;
2194 unsigned long len
, total_len
, addr
;
2198 if (gdb_ctx
->num_params
< 3) {
2203 process
= gdb_get_cpu_process(gdbserver_state
.g_cpu
);
2204 cc
= CPU_GET_CLASS(gdbserver_state
.g_cpu
);
2205 if (!cc
->gdb_core_xml_file
) {
2211 p
= gdb_ctx
->params
[0].data
;
2212 xml
= get_feature_xml(p
, &p
, process
);
2218 addr
= gdb_ctx
->params
[1].val_ul
;
2219 len
= gdb_ctx
->params
[2].val_ul
;
2220 total_len
= strlen(xml
);
2221 if (addr
> total_len
) {
2226 if (len
> (MAX_PACKET_LENGTH
- 5) / 2) {
2227 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2230 if (len
< total_len
- addr
) {
2231 g_string_assign(gdbserver_state
.str_buf
, "m");
2232 memtox(gdbserver_state
.str_buf
, xml
+ addr
, len
);
2234 g_string_assign(gdbserver_state
.str_buf
, "l");
2235 memtox(gdbserver_state
.str_buf
, xml
+ addr
, total_len
- addr
);
2238 put_packet_binary(gdbserver_state
.str_buf
->str
,
2239 gdbserver_state
.str_buf
->len
, true);
2242 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2243 static void handle_query_xfer_auxv(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2246 unsigned long offset
, len
, saved_auxv
, auxv_len
;
2249 if (gdb_ctx
->num_params
< 2) {
2254 offset
= gdb_ctx
->params
[0].val_ul
;
2255 len
= gdb_ctx
->params
[1].val_ul
;
2256 ts
= gdbserver_state
.c_cpu
->opaque
;
2257 saved_auxv
= ts
->info
->saved_auxv
;
2258 auxv_len
= ts
->info
->auxv_len
;
2259 mem
= (const char *)(saved_auxv
+ offset
);
2260 if (offset
> auxv_len
) {
2265 if (len
> (MAX_PACKET_LENGTH
- 5) / 2) {
2266 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2269 if (len
< auxv_len
- offset
) {
2270 g_string_assign(gdbserver_state
.str_buf
, "m");
2271 memtox(gdbserver_state
.str_buf
, mem
, len
);
2273 g_string_assign(gdbserver_state
.str_buf
, "l");
2274 memtox(gdbserver_state
.str_buf
, mem
, auxv_len
- offset
);
2277 put_packet_binary(gdbserver_state
.str_buf
->str
,
2278 gdbserver_state
.str_buf
->len
, true);
2282 static void handle_query_attached(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2284 put_packet(GDB_ATTACHED
);
2287 static void handle_query_qemu_supported(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2289 g_string_printf(gdbserver_state
.str_buf
, "sstepbits;sstep");
2290 #ifndef CONFIG_USER_ONLY
2291 g_string_append(gdbserver_state
.str_buf
, ";PhyMemMode");
2296 #ifndef CONFIG_USER_ONLY
2297 static void handle_query_qemu_phy_mem_mode(GdbCmdContext
*gdb_ctx
,
2300 g_string_printf(gdbserver_state
.str_buf
, "%d", phy_memory_mode
);
2304 static void handle_set_qemu_phy_mem_mode(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2306 if (!gdb_ctx
->num_params
) {
2311 if (!gdb_ctx
->params
[0].val_ul
) {
2312 phy_memory_mode
= 0;
2314 phy_memory_mode
= 1;
2320 static GdbCmdParseEntry gdb_gen_query_set_common_table
[] = {
2321 /* Order is important if has same prefix */
2323 .handler
= handle_query_qemu_sstepbits
,
2324 .cmd
= "qemu.sstepbits",
2327 .handler
= handle_query_qemu_sstep
,
2328 .cmd
= "qemu.sstep",
2331 .handler
= handle_set_qemu_sstep
,
2332 .cmd
= "qemu.sstep=",
2333 .cmd_startswith
= 1,
2338 static GdbCmdParseEntry gdb_gen_query_table
[] = {
2340 .handler
= handle_query_curr_tid
,
2344 .handler
= handle_query_threads
,
2345 .cmd
= "sThreadInfo",
2348 .handler
= handle_query_first_threads
,
2349 .cmd
= "fThreadInfo",
2352 .handler
= handle_query_thread_extra
,
2353 .cmd
= "ThreadExtraInfo,",
2354 .cmd_startswith
= 1,
2357 #ifdef CONFIG_USER_ONLY
2359 .handler
= handle_query_offsets
,
2364 .handler
= handle_query_rcmd
,
2366 .cmd_startswith
= 1,
2371 .handler
= handle_query_supported
,
2372 .cmd
= "Supported:",
2373 .cmd_startswith
= 1,
2377 .handler
= handle_query_supported
,
2382 .handler
= handle_query_xfer_features
,
2383 .cmd
= "Xfer:features:read:",
2384 .cmd_startswith
= 1,
2387 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_LINUX_USER)
2389 .handler
= handle_query_xfer_auxv
,
2390 .cmd
= "Xfer:auxv:read::",
2391 .cmd_startswith
= 1,
2396 .handler
= handle_query_attached
,
2401 .handler
= handle_query_attached
,
2405 .handler
= handle_query_qemu_supported
,
2406 .cmd
= "qemu.Supported",
2408 #ifndef CONFIG_USER_ONLY
2410 .handler
= handle_query_qemu_phy_mem_mode
,
2411 .cmd
= "qemu.PhyMemMode",
2416 static GdbCmdParseEntry gdb_gen_set_table
[] = {
2417 /* Order is important if has same prefix */
2419 .handler
= handle_set_qemu_sstep
,
2420 .cmd
= "qemu.sstep:",
2421 .cmd_startswith
= 1,
2424 #ifndef CONFIG_USER_ONLY
2426 .handler
= handle_set_qemu_phy_mem_mode
,
2427 .cmd
= "qemu.PhyMemMode:",
2428 .cmd_startswith
= 1,
2434 static void handle_gen_query(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2436 if (!gdb_ctx
->num_params
) {
2440 if (!process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2441 gdb_gen_query_set_common_table
,
2442 ARRAY_SIZE(gdb_gen_query_set_common_table
))) {
2446 if (process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2447 gdb_gen_query_table
,
2448 ARRAY_SIZE(gdb_gen_query_table
))) {
2453 static void handle_gen_set(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2455 if (!gdb_ctx
->num_params
) {
2459 if (!process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2460 gdb_gen_query_set_common_table
,
2461 ARRAY_SIZE(gdb_gen_query_set_common_table
))) {
2465 if (process_string_cmd(NULL
, gdb_ctx
->params
[0].data
,
2467 ARRAY_SIZE(gdb_gen_set_table
))) {
2472 static void handle_target_halt(GdbCmdContext
*gdb_ctx
, void *user_ctx
)
2474 g_string_printf(gdbserver_state
.str_buf
, "T%02xthread:", GDB_SIGNAL_TRAP
);
2475 gdb_append_thread_id(gdbserver_state
.c_cpu
, gdbserver_state
.str_buf
);
2476 g_string_append_c(gdbserver_state
.str_buf
, ';');
2479 * Remove all the breakpoints when this query is issued,
2480 * because gdb is doing an initial connect and the state
2481 * should be cleaned up.
2483 gdb_breakpoint_remove_all();
2486 static int gdb_handle_packet(const char *line_buf
)
2488 const GdbCmdParseEntry
*cmd_parser
= NULL
;
2490 trace_gdbstub_io_command(line_buf
);
2492 switch (line_buf
[0]) {
2498 static const GdbCmdParseEntry target_halted_cmd_desc
= {
2499 .handler
= handle_target_halt
,
2503 cmd_parser
= &target_halted_cmd_desc
;
2508 static const GdbCmdParseEntry continue_cmd_desc
= {
2509 .handler
= handle_continue
,
2511 .cmd_startswith
= 1,
2514 cmd_parser
= &continue_cmd_desc
;
2519 static const GdbCmdParseEntry cont_with_sig_cmd_desc
= {
2520 .handler
= handle_cont_with_sig
,
2522 .cmd_startswith
= 1,
2525 cmd_parser
= &cont_with_sig_cmd_desc
;
2530 static const GdbCmdParseEntry v_cmd_desc
= {
2531 .handler
= handle_v_commands
,
2533 .cmd_startswith
= 1,
2536 cmd_parser
= &v_cmd_desc
;
2540 /* Kill the target */
2541 error_report("QEMU: Terminated via GDBstub");
2545 static const GdbCmdParseEntry detach_cmd_desc
= {
2546 .handler
= handle_detach
,
2548 .cmd_startswith
= 1,
2551 cmd_parser
= &detach_cmd_desc
;
2556 static const GdbCmdParseEntry step_cmd_desc
= {
2557 .handler
= handle_step
,
2559 .cmd_startswith
= 1,
2562 cmd_parser
= &step_cmd_desc
;
2567 static const GdbCmdParseEntry backward_cmd_desc
= {
2568 .handler
= handle_backward
,
2570 .cmd_startswith
= 1,
2573 cmd_parser
= &backward_cmd_desc
;
2578 static const GdbCmdParseEntry file_io_cmd_desc
= {
2579 .handler
= handle_file_io
,
2581 .cmd_startswith
= 1,
2584 cmd_parser
= &file_io_cmd_desc
;
2589 static const GdbCmdParseEntry read_all_regs_cmd_desc
= {
2590 .handler
= handle_read_all_regs
,
2594 cmd_parser
= &read_all_regs_cmd_desc
;
2599 static const GdbCmdParseEntry write_all_regs_cmd_desc
= {
2600 .handler
= handle_write_all_regs
,
2602 .cmd_startswith
= 1,
2605 cmd_parser
= &write_all_regs_cmd_desc
;
2610 static const GdbCmdParseEntry read_mem_cmd_desc
= {
2611 .handler
= handle_read_mem
,
2613 .cmd_startswith
= 1,
2616 cmd_parser
= &read_mem_cmd_desc
;
2621 static const GdbCmdParseEntry write_mem_cmd_desc
= {
2622 .handler
= handle_write_mem
,
2624 .cmd_startswith
= 1,
2627 cmd_parser
= &write_mem_cmd_desc
;
2632 static const GdbCmdParseEntry get_reg_cmd_desc
= {
2633 .handler
= handle_get_reg
,
2635 .cmd_startswith
= 1,
2638 cmd_parser
= &get_reg_cmd_desc
;
2643 static const GdbCmdParseEntry set_reg_cmd_desc
= {
2644 .handler
= handle_set_reg
,
2646 .cmd_startswith
= 1,
2649 cmd_parser
= &set_reg_cmd_desc
;
2654 static const GdbCmdParseEntry insert_bp_cmd_desc
= {
2655 .handler
= handle_insert_bp
,
2657 .cmd_startswith
= 1,
2660 cmd_parser
= &insert_bp_cmd_desc
;
2665 static const GdbCmdParseEntry remove_bp_cmd_desc
= {
2666 .handler
= handle_remove_bp
,
2668 .cmd_startswith
= 1,
2671 cmd_parser
= &remove_bp_cmd_desc
;
2676 static const GdbCmdParseEntry set_thread_cmd_desc
= {
2677 .handler
= handle_set_thread
,
2679 .cmd_startswith
= 1,
2682 cmd_parser
= &set_thread_cmd_desc
;
2687 static const GdbCmdParseEntry thread_alive_cmd_desc
= {
2688 .handler
= handle_thread_alive
,
2690 .cmd_startswith
= 1,
2693 cmd_parser
= &thread_alive_cmd_desc
;
2698 static const GdbCmdParseEntry gen_query_cmd_desc
= {
2699 .handler
= handle_gen_query
,
2701 .cmd_startswith
= 1,
2704 cmd_parser
= &gen_query_cmd_desc
;
2709 static const GdbCmdParseEntry gen_set_cmd_desc
= {
2710 .handler
= handle_gen_set
,
2712 .cmd_startswith
= 1,
2715 cmd_parser
= &gen_set_cmd_desc
;
2719 /* put empty packet */
2725 run_cmd_parser(line_buf
, cmd_parser
);
2731 void gdb_set_stop_cpu(CPUState
*cpu
)
2733 GDBProcess
*p
= gdb_get_cpu_process(cpu
);
2737 * Having a stop CPU corresponding to a process that is not attached
2738 * confuses GDB. So we ignore the request.
2743 gdbserver_state
.c_cpu
= cpu
;
2744 gdbserver_state
.g_cpu
= cpu
;
2747 #ifndef CONFIG_USER_ONLY
2748 static void gdb_vm_state_change(void *opaque
, int running
, RunState state
)
2750 CPUState
*cpu
= gdbserver_state
.c_cpu
;
2751 g_autoptr(GString
) buf
= g_string_new(NULL
);
2752 g_autoptr(GString
) tid
= g_string_new(NULL
);
2756 if (running
|| gdbserver_state
.state
== RS_INACTIVE
) {
2759 /* Is there a GDB syscall waiting to be sent? */
2760 if (gdbserver_state
.current_syscall_cb
) {
2761 put_packet(gdbserver_state
.syscall_buf
);
2766 /* No process attached */
2770 gdb_append_thread_id(cpu
, tid
);
2773 case RUN_STATE_DEBUG
:
2774 if (cpu
->watchpoint_hit
) {
2775 switch (cpu
->watchpoint_hit
->flags
& BP_MEM_ACCESS
) {
2786 trace_gdbstub_hit_watchpoint(type
, cpu_gdb_index(cpu
),
2787 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
2788 g_string_printf(buf
, "T%02xthread:%s;%swatch:" TARGET_FMT_lx
";",
2789 GDB_SIGNAL_TRAP
, tid
->str
, type
,
2790 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
2791 cpu
->watchpoint_hit
= NULL
;
2794 trace_gdbstub_hit_break();
2797 ret
= GDB_SIGNAL_TRAP
;
2799 case RUN_STATE_PAUSED
:
2800 trace_gdbstub_hit_paused();
2801 ret
= GDB_SIGNAL_INT
;
2803 case RUN_STATE_SHUTDOWN
:
2804 trace_gdbstub_hit_shutdown();
2805 ret
= GDB_SIGNAL_QUIT
;
2807 case RUN_STATE_IO_ERROR
:
2808 trace_gdbstub_hit_io_error();
2809 ret
= GDB_SIGNAL_IO
;
2811 case RUN_STATE_WATCHDOG
:
2812 trace_gdbstub_hit_watchdog();
2813 ret
= GDB_SIGNAL_ALRM
;
2815 case RUN_STATE_INTERNAL_ERROR
:
2816 trace_gdbstub_hit_internal_error();
2817 ret
= GDB_SIGNAL_ABRT
;
2819 case RUN_STATE_SAVE_VM
:
2820 case RUN_STATE_RESTORE_VM
:
2822 case RUN_STATE_FINISH_MIGRATE
:
2823 ret
= GDB_SIGNAL_XCPU
;
2826 trace_gdbstub_hit_unknown(state
);
2827 ret
= GDB_SIGNAL_UNKNOWN
;
2830 gdb_set_stop_cpu(cpu
);
2831 g_string_printf(buf
, "T%02xthread:%s;", ret
, tid
->str
);
2834 put_packet(buf
->str
);
2836 /* disable single step if it was enabled */
2837 cpu_single_step(cpu
, 0);
2841 /* Send a gdb syscall request.
2842 This accepts limited printf-style format specifiers, specifically:
2843 %x - target_ulong argument printed in hex.
2844 %lx - 64-bit argument printed in hex.
2845 %s - string pointer (target_ulong) and length (int) pair. */
2846 void gdb_do_syscallv(gdb_syscall_complete_cb cb
, const char *fmt
, va_list va
)
2853 if (!gdbserver_state
.init
) {
2857 gdbserver_state
.current_syscall_cb
= cb
;
2858 #ifndef CONFIG_USER_ONLY
2859 vm_stop(RUN_STATE_DEBUG
);
2861 p
= &gdbserver_state
.syscall_buf
[0];
2862 p_end
= &gdbserver_state
.syscall_buf
[sizeof(gdbserver_state
.syscall_buf
)];
2869 addr
= va_arg(va
, target_ulong
);
2870 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
, addr
);
2873 if (*(fmt
++) != 'x')
2875 i64
= va_arg(va
, uint64_t);
2876 p
+= snprintf(p
, p_end
- p
, "%" PRIx64
, i64
);
2879 addr
= va_arg(va
, target_ulong
);
2880 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
"/%x",
2881 addr
, va_arg(va
, int));
2885 error_report("gdbstub: Bad syscall format string '%s'",
2894 #ifdef CONFIG_USER_ONLY
2895 put_packet(gdbserver_state
.syscall_buf
);
2896 /* Return control to gdb for it to process the syscall request.
2897 * Since the protocol requires that gdb hands control back to us
2898 * using a "here are the results" F packet, we don't need to check
2899 * gdb_handlesig's return value (which is the signal to deliver if
2900 * execution was resumed via a continue packet).
2902 gdb_handlesig(gdbserver_state
.c_cpu
, 0);
2904 /* In this case wait to send the syscall packet until notification that
2905 the CPU has stopped. This must be done because if the packet is sent
2906 now the reply from the syscall request could be received while the CPU
2907 is still in the running state, which can cause packets to be dropped
2908 and state transition 'T' packets to be sent while the syscall is still
2910 qemu_cpu_kick(gdbserver_state
.c_cpu
);
2914 void gdb_do_syscall(gdb_syscall_complete_cb cb
, const char *fmt
, ...)
2919 gdb_do_syscallv(cb
, fmt
, va
);
2923 static void gdb_read_byte(uint8_t ch
)
2927 #ifndef CONFIG_USER_ONLY
2928 if (gdbserver_state
.last_packet
->len
) {
2929 /* Waiting for a response to the last packet. If we see the start
2930 of a new command then abandon the previous response. */
2932 trace_gdbstub_err_got_nack();
2933 put_buffer(gdbserver_state
.last_packet
->data
,
2934 gdbserver_state
.last_packet
->len
);
2935 } else if (ch
== '+') {
2936 trace_gdbstub_io_got_ack();
2938 trace_gdbstub_io_got_unexpected(ch
);
2941 if (ch
== '+' || ch
== '$') {
2942 g_byte_array_set_size(gdbserver_state
.last_packet
, 0);
2947 if (runstate_is_running()) {
2948 /* when the CPU is running, we cannot do anything except stop
2949 it when receiving a char */
2950 vm_stop(RUN_STATE_PAUSED
);
2954 switch(gdbserver_state
.state
) {
2957 /* start of command packet */
2958 gdbserver_state
.line_buf_index
= 0;
2959 gdbserver_state
.line_sum
= 0;
2960 gdbserver_state
.state
= RS_GETLINE
;
2962 trace_gdbstub_err_garbage(ch
);
2967 /* start escape sequence */
2968 gdbserver_state
.state
= RS_GETLINE_ESC
;
2969 gdbserver_state
.line_sum
+= ch
;
2970 } else if (ch
== '*') {
2971 /* start run length encoding sequence */
2972 gdbserver_state
.state
= RS_GETLINE_RLE
;
2973 gdbserver_state
.line_sum
+= ch
;
2974 } else if (ch
== '#') {
2975 /* end of command, start of checksum*/
2976 gdbserver_state
.state
= RS_CHKSUM1
;
2977 } else if (gdbserver_state
.line_buf_index
>= sizeof(gdbserver_state
.line_buf
) - 1) {
2978 trace_gdbstub_err_overrun();
2979 gdbserver_state
.state
= RS_IDLE
;
2981 /* unescaped command character */
2982 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
++] = ch
;
2983 gdbserver_state
.line_sum
+= ch
;
2986 case RS_GETLINE_ESC
:
2988 /* unexpected end of command in escape sequence */
2989 gdbserver_state
.state
= RS_CHKSUM1
;
2990 } else if (gdbserver_state
.line_buf_index
>= sizeof(gdbserver_state
.line_buf
) - 1) {
2991 /* command buffer overrun */
2992 trace_gdbstub_err_overrun();
2993 gdbserver_state
.state
= RS_IDLE
;
2995 /* parse escaped character and leave escape state */
2996 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
++] = ch
^ 0x20;
2997 gdbserver_state
.line_sum
+= ch
;
2998 gdbserver_state
.state
= RS_GETLINE
;
3001 case RS_GETLINE_RLE
:
3003 * Run-length encoding is explained in "Debugging with GDB /
3004 * Appendix E GDB Remote Serial Protocol / Overview".
3006 if (ch
< ' ' || ch
== '#' || ch
== '$' || ch
> 126) {
3007 /* invalid RLE count encoding */
3008 trace_gdbstub_err_invalid_repeat(ch
);
3009 gdbserver_state
.state
= RS_GETLINE
;
3011 /* decode repeat length */
3012 int repeat
= ch
- ' ' + 3;
3013 if (gdbserver_state
.line_buf_index
+ repeat
>= sizeof(gdbserver_state
.line_buf
) - 1) {
3014 /* that many repeats would overrun the command buffer */
3015 trace_gdbstub_err_overrun();
3016 gdbserver_state
.state
= RS_IDLE
;
3017 } else if (gdbserver_state
.line_buf_index
< 1) {
3018 /* got a repeat but we have nothing to repeat */
3019 trace_gdbstub_err_invalid_rle();
3020 gdbserver_state
.state
= RS_GETLINE
;
3022 /* repeat the last character */
3023 memset(gdbserver_state
.line_buf
+ gdbserver_state
.line_buf_index
,
3024 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
- 1], repeat
);
3025 gdbserver_state
.line_buf_index
+= repeat
;
3026 gdbserver_state
.line_sum
+= ch
;
3027 gdbserver_state
.state
= RS_GETLINE
;
3032 /* get high hex digit of checksum */
3033 if (!isxdigit(ch
)) {
3034 trace_gdbstub_err_checksum_invalid(ch
);
3035 gdbserver_state
.state
= RS_GETLINE
;
3038 gdbserver_state
.line_buf
[gdbserver_state
.line_buf_index
] = '\0';
3039 gdbserver_state
.line_csum
= fromhex(ch
) << 4;
3040 gdbserver_state
.state
= RS_CHKSUM2
;
3043 /* get low hex digit of checksum */
3044 if (!isxdigit(ch
)) {
3045 trace_gdbstub_err_checksum_invalid(ch
);
3046 gdbserver_state
.state
= RS_GETLINE
;
3049 gdbserver_state
.line_csum
|= fromhex(ch
);
3051 if (gdbserver_state
.line_csum
!= (gdbserver_state
.line_sum
& 0xff)) {
3052 trace_gdbstub_err_checksum_incorrect(gdbserver_state
.line_sum
, gdbserver_state
.line_csum
);
3053 /* send NAK reply */
3055 put_buffer(&reply
, 1);
3056 gdbserver_state
.state
= RS_IDLE
;
3058 /* send ACK reply */
3060 put_buffer(&reply
, 1);
3061 gdbserver_state
.state
= gdb_handle_packet(gdbserver_state
.line_buf
);
3070 /* Tell the remote gdb that the process has exited. */
3071 void gdb_exit(int code
)
3075 if (!gdbserver_state
.init
) {
3078 #ifdef CONFIG_USER_ONLY
3079 if (gdbserver_state
.socket_path
) {
3080 unlink(gdbserver_state
.socket_path
);
3082 if (gdbserver_state
.fd
< 0) {
3087 trace_gdbstub_op_exiting((uint8_t)code
);
3089 snprintf(buf
, sizeof(buf
), "W%02x", (uint8_t)code
);
3092 #ifndef CONFIG_USER_ONLY
3093 qemu_chr_fe_deinit(&gdbserver_state
.chr
, true);
3098 * Create the process that will contain all the "orphan" CPUs (that are not
3099 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
3100 * be attachable and thus will be invisible to the user.
3102 static void create_default_process(GDBState
*s
)
3104 GDBProcess
*process
;
3107 if (gdbserver_state
.process_num
) {
3108 max_pid
= s
->processes
[s
->process_num
- 1].pid
;
3111 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
3112 process
= &s
->processes
[s
->process_num
- 1];
3114 /* We need an available PID slot for this process */
3115 assert(max_pid
< UINT32_MAX
);
3117 process
->pid
= max_pid
+ 1;
3118 process
->attached
= false;
3119 process
->target_xml
[0] = '\0';
3122 #ifdef CONFIG_USER_ONLY
3124 gdb_handlesig(CPUState
*cpu
, int sig
)
3129 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3133 /* disable single step if it was enabled */
3134 cpu_single_step(cpu
, 0);
3138 snprintf(buf
, sizeof(buf
), "S%02x", target_signal_to_gdb(sig
));
3141 /* put_packet() might have detected that the peer terminated the
3143 if (gdbserver_state
.fd
< 0) {
3148 gdbserver_state
.state
= RS_IDLE
;
3149 gdbserver_state
.running_state
= 0;
3150 while (gdbserver_state
.running_state
== 0) {
3151 n
= read(gdbserver_state
.fd
, buf
, 256);
3155 for (i
= 0; i
< n
; i
++) {
3156 gdb_read_byte(buf
[i
]);
3159 /* XXX: Connection closed. Should probably wait for another
3160 connection before continuing. */
3162 close(gdbserver_state
.fd
);
3164 gdbserver_state
.fd
= -1;
3168 sig
= gdbserver_state
.signal
;
3169 gdbserver_state
.signal
= 0;
3173 /* Tell the remote gdb that the process has exited due to SIG. */
3174 void gdb_signalled(CPUArchState
*env
, int sig
)
3178 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3182 snprintf(buf
, sizeof(buf
), "X%02x", target_signal_to_gdb(sig
));
3186 static void gdb_accept_init(int fd
)
3188 init_gdbserver_state();
3189 create_default_process(&gdbserver_state
);
3190 gdbserver_state
.processes
[0].attached
= true;
3191 gdbserver_state
.c_cpu
= gdb_first_attached_cpu();
3192 gdbserver_state
.g_cpu
= gdbserver_state
.c_cpu
;
3193 gdbserver_state
.fd
= fd
;
3194 gdb_has_xml
= false;
3197 static bool gdb_accept_socket(int gdb_fd
)
3202 fd
= accept(gdb_fd
, NULL
, NULL
);
3203 if (fd
< 0 && errno
!= EINTR
) {
3204 perror("accept socket");
3206 } else if (fd
>= 0) {
3207 qemu_set_cloexec(fd
);
3212 gdb_accept_init(fd
);
3216 static int gdbserver_open_socket(const char *path
)
3218 struct sockaddr_un sockaddr
;
3221 fd
= socket(AF_UNIX
, SOCK_STREAM
, 0);
3223 perror("create socket");
3227 sockaddr
.sun_family
= AF_UNIX
;
3228 pstrcpy(sockaddr
.sun_path
, sizeof(sockaddr
.sun_path
) - 1, path
);
3229 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
3231 perror("bind socket");
3235 ret
= listen(fd
, 1);
3237 perror("listen socket");
3245 static bool gdb_accept_tcp(int gdb_fd
)
3247 struct sockaddr_in sockaddr
;
3252 len
= sizeof(sockaddr
);
3253 fd
= accept(gdb_fd
, (struct sockaddr
*)&sockaddr
, &len
);
3254 if (fd
< 0 && errno
!= EINTR
) {
3257 } else if (fd
>= 0) {
3258 qemu_set_cloexec(fd
);
3263 /* set short latency */
3264 if (socket_set_nodelay(fd
)) {
3265 perror("setsockopt");
3270 gdb_accept_init(fd
);
3274 static int gdbserver_open_port(int port
)
3276 struct sockaddr_in sockaddr
;
3279 fd
= socket(PF_INET
, SOCK_STREAM
, 0);
3284 qemu_set_cloexec(fd
);
3286 socket_set_fast_reuse(fd
);
3288 sockaddr
.sin_family
= AF_INET
;
3289 sockaddr
.sin_port
= htons(port
);
3290 sockaddr
.sin_addr
.s_addr
= 0;
3291 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
3297 ret
= listen(fd
, 1);
3307 int gdbserver_start(const char *port_or_path
)
3309 int port
= g_ascii_strtoull(port_or_path
, NULL
, 10);
3313 gdb_fd
= gdbserver_open_port(port
);
3315 gdb_fd
= gdbserver_open_socket(port_or_path
);
3322 if (port
> 0 && gdb_accept_tcp(gdb_fd
)) {
3324 } else if (gdb_accept_socket(gdb_fd
)) {
3325 gdbserver_state
.socket_path
= g_strdup(port_or_path
);
3334 /* Disable gdb stub for child processes. */
3335 void gdbserver_fork(CPUState
*cpu
)
3337 if (!gdbserver_state
.init
|| gdbserver_state
.fd
< 0) {
3340 close(gdbserver_state
.fd
);
3341 gdbserver_state
.fd
= -1;
3342 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
3343 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
3346 static int gdb_chr_can_receive(void *opaque
)
3348 /* We can handle an arbitrarily large amount of data.
3349 Pick the maximum packet size, which is as good as anything. */
3350 return MAX_PACKET_LENGTH
;
3353 static void gdb_chr_receive(void *opaque
, const uint8_t *buf
, int size
)
3357 for (i
= 0; i
< size
; i
++) {
3358 gdb_read_byte(buf
[i
]);
3362 static void gdb_chr_event(void *opaque
, QEMUChrEvent event
)
3365 GDBState
*s
= (GDBState
*) opaque
;
3368 case CHR_EVENT_OPENED
:
3369 /* Start with first process attached, others detached */
3370 for (i
= 0; i
< s
->process_num
; i
++) {
3371 s
->processes
[i
].attached
= !i
;
3374 s
->c_cpu
= gdb_first_attached_cpu();
3375 s
->g_cpu
= s
->c_cpu
;
3377 vm_stop(RUN_STATE_PAUSED
);
3378 replay_gdb_attached();
3379 gdb_has_xml
= false;
3386 static int gdb_monitor_write(Chardev
*chr
, const uint8_t *buf
, int len
)
3388 g_autoptr(GString
) hex_buf
= g_string_new("O");
3389 memtohex(hex_buf
, buf
, len
);
3390 put_packet(hex_buf
->str
);
3395 static void gdb_sigterm_handler(int signal
)
3397 if (runstate_is_running()) {
3398 vm_stop(RUN_STATE_PAUSED
);
3403 static void gdb_monitor_open(Chardev
*chr
, ChardevBackend
*backend
,
3404 bool *be_opened
, Error
**errp
)
3409 static void char_gdb_class_init(ObjectClass
*oc
, void *data
)
3411 ChardevClass
*cc
= CHARDEV_CLASS(oc
);
3413 cc
->internal
= true;
3414 cc
->open
= gdb_monitor_open
;
3415 cc
->chr_write
= gdb_monitor_write
;
3418 #define TYPE_CHARDEV_GDB "chardev-gdb"
3420 static const TypeInfo char_gdb_type_info
= {
3421 .name
= TYPE_CHARDEV_GDB
,
3422 .parent
= TYPE_CHARDEV
,
3423 .class_init
= char_gdb_class_init
,
3426 static int find_cpu_clusters(Object
*child
, void *opaque
)
3428 if (object_dynamic_cast(child
, TYPE_CPU_CLUSTER
)) {
3429 GDBState
*s
= (GDBState
*) opaque
;
3430 CPUClusterState
*cluster
= CPU_CLUSTER(child
);
3431 GDBProcess
*process
;
3433 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
3435 process
= &s
->processes
[s
->process_num
- 1];
3438 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
3439 * runtime, we enforce here that the machine does not use a cluster ID
3440 * that would lead to PID 0.
3442 assert(cluster
->cluster_id
!= UINT32_MAX
);
3443 process
->pid
= cluster
->cluster_id
+ 1;
3444 process
->attached
= false;
3445 process
->target_xml
[0] = '\0';
3450 return object_child_foreach(child
, find_cpu_clusters
, opaque
);
3453 static int pid_order(const void *a
, const void *b
)
3455 GDBProcess
*pa
= (GDBProcess
*) a
;
3456 GDBProcess
*pb
= (GDBProcess
*) b
;
3458 if (pa
->pid
< pb
->pid
) {
3460 } else if (pa
->pid
> pb
->pid
) {
3467 static void create_processes(GDBState
*s
)
3469 object_child_foreach(object_get_root(), find_cpu_clusters
, s
);
3471 if (gdbserver_state
.processes
) {
3473 qsort(gdbserver_state
.processes
, gdbserver_state
.process_num
, sizeof(gdbserver_state
.processes
[0]), pid_order
);
3476 create_default_process(s
);
3479 int gdbserver_start(const char *device
)
3481 trace_gdbstub_op_start(device
);
3483 char gdbstub_device_name
[128];
3484 Chardev
*chr
= NULL
;
3488 error_report("gdbstub: meaningless to attach gdb to a "
3489 "machine without any CPU.");
3495 if (strcmp(device
, "none") != 0) {
3496 if (strstart(device
, "tcp:", NULL
)) {
3497 /* enforce required TCP attributes */
3498 snprintf(gdbstub_device_name
, sizeof(gdbstub_device_name
),
3499 "%s,nowait,nodelay,server", device
);
3500 device
= gdbstub_device_name
;
3503 else if (strcmp(device
, "stdio") == 0) {
3504 struct sigaction act
;
3506 memset(&act
, 0, sizeof(act
));
3507 act
.sa_handler
= gdb_sigterm_handler
;
3508 sigaction(SIGINT
, &act
, NULL
);
3512 * FIXME: it's a bit weird to allow using a mux chardev here
3513 * and implicitly setup a monitor. We may want to break this.
3515 chr
= qemu_chr_new_noreplay("gdb", device
, true, NULL
);
3520 if (!gdbserver_state
.init
) {
3521 init_gdbserver_state();
3523 qemu_add_vm_change_state_handler(gdb_vm_state_change
, NULL
);
3525 /* Initialize a monitor terminal for gdb */
3526 mon_chr
= qemu_chardev_new(NULL
, TYPE_CHARDEV_GDB
,
3527 NULL
, NULL
, &error_abort
);
3528 monitor_init_hmp(mon_chr
, false, &error_abort
);
3530 qemu_chr_fe_deinit(&gdbserver_state
.chr
, true);
3531 mon_chr
= gdbserver_state
.mon_chr
;
3532 reset_gdbserver_state();
3535 create_processes(&gdbserver_state
);
3538 qemu_chr_fe_init(&gdbserver_state
.chr
, chr
, &error_abort
);
3539 qemu_chr_fe_set_handlers(&gdbserver_state
.chr
, gdb_chr_can_receive
,
3540 gdb_chr_receive
, gdb_chr_event
,
3541 NULL
, &gdbserver_state
, NULL
, true);
3543 gdbserver_state
.state
= chr
? RS_IDLE
: RS_INACTIVE
;
3544 gdbserver_state
.mon_chr
= mon_chr
;
3545 gdbserver_state
.current_syscall_cb
= NULL
;
3550 void gdbserver_cleanup(void)
3552 if (gdbserver_state
.init
) {
3557 static void register_types(void)
3559 type_register_static(&char_gdb_type_info
);
3562 type_init(register_types
);