4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/error-report.h"
22 #include "qemu/cutils.h"
23 #include "trace-root.h"
24 #ifdef CONFIG_USER_ONLY
27 #include "monitor/monitor.h"
28 #include "chardev/char.h"
29 #include "chardev/char-fe.h"
30 #include "sysemu/sysemu.h"
31 #include "exec/gdbstub.h"
32 #include "hw/cpu/cluster.h"
35 #define MAX_PACKET_LENGTH 4096
37 #include "qemu/sockets.h"
38 #include "sysemu/hw_accel.h"
39 #include "sysemu/kvm.h"
40 #include "exec/semihost.h"
41 #include "exec/exec-all.h"
43 #ifdef CONFIG_USER_ONLY
44 #define GDB_ATTACHED "0"
46 #define GDB_ATTACHED "1"
49 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
50 uint8_t *buf, int len, bool is_write)
52 CPUClass *cc = CPU_GET_CLASS(cpu);
54 if (cc->memory_rw_debug) {
55 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
57 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
60 /* Return the GDB index for a given vCPU state.
62 * For user mode this is simply the thread id. In system mode GDB
63 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
65 static inline int cpu_gdb_index(CPUState *cpu)
67 #if defined(CONFIG_USER_ONLY)
68 TaskState *ts = (TaskState *) cpu->opaque;
71 return cpu->cpu_index + 1;
84 GDB_SIGNAL_UNKNOWN = 143
87 #ifdef CONFIG_USER_ONLY
89 /* Map target signal numbers to GDB protocol signal numbers and vice
90 * versa. For user emulation's currently supported systems, we can
91 * assume most signals are defined.
94 static int gdb_signal_table[] = {
254 /* In system mode we only need SIGINT and SIGTRAP; other signals
255 are not yet supported. */
262 static int gdb_signal_table[] = {
272 #ifdef CONFIG_USER_ONLY
273 static int target_signal_to_gdb (int sig)
276 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
277 if (gdb_signal_table[i] == sig)
279 return GDB_SIGNAL_UNKNOWN;
283 static int gdb_signal_to_target (int sig)
285 if (sig < ARRAY_SIZE (gdb_signal_table))
286 return gdb_signal_table[sig];
291 typedef struct GDBRegisterState {
297 struct GDBRegisterState *next;
300 typedef struct GDBProcess {
304 char target_xml[1024];
316 typedef struct GDBState {
317 CPUState *c_cpu; /* current CPU for step/continue ops */
318 CPUState *g_cpu; /* current CPU for other ops */
319 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
320 enum RSState state; /* parsing state */
321 char line_buf[MAX_PACKET_LENGTH];
323 int line_sum; /* running checksum */
324 int line_csum; /* checksum at the end of the packet */
325 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
328 #ifdef CONFIG_USER_ONLY
336 GDBProcess *processes;
338 char syscall_buf[256];
339 gdb_syscall_complete_cb current_syscall_cb;
342 /* By default use no IRQs and no timers while single stepping so as to
343 * make single stepping like an ICE HW step.
345 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
347 static GDBState *gdbserver_state;
351 #ifdef CONFIG_USER_ONLY
352 /* XXX: This is not thread safe. Do we care? */
353 static int gdbserver_fd = -1;
355 static int get_char(GDBState *s)
361 ret = qemu_recv(s->fd, &ch, 1, 0);
363 if (errno == ECONNRESET)
367 } else if (ret == 0) {
385 /* Decide if either remote gdb syscalls or native file IO should be used. */
386 int use_gdb_syscalls(void)
388 SemihostingTarget target = semihosting_get_target();
389 if (target == SEMIHOSTING_TARGET_NATIVE) {
390 /* -semihosting-config target=native */
392 } else if (target == SEMIHOSTING_TARGET_GDB) {
393 /* -semihosting-config target=gdb */
397 /* -semihosting-config target=auto */
398 /* On the first call check if gdb is connected and remember. */
399 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
400 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
403 return gdb_syscall_mode == GDB_SYS_ENABLED;
406 /* Resume execution. */
407 static inline void gdb_continue(GDBState *s)
410 #ifdef CONFIG_USER_ONLY
411 s->running_state = 1;
412 trace_gdbstub_op_continue();
414 if (!runstate_needs_reset()) {
415 trace_gdbstub_op_continue();
422 * Resume execution, per CPU actions. For user-mode emulation it's
423 * equivalent to gdb_continue.
425 static int gdb_continue_partial(GDBState *s, char *newstates)
429 #ifdef CONFIG_USER_ONLY
431 * This is not exactly accurate, but it's an improvement compared to the
432 * previous situation, where only one CPU would be single-stepped.
435 if (newstates[cpu->cpu_index] == 's') {
436 trace_gdbstub_op_stepping(cpu->cpu_index);
437 cpu_single_step(cpu, sstep_flags);
440 s->running_state = 1;
444 if (!runstate_needs_reset()) {
445 if (vm_prepare_start()) {
450 switch (newstates[cpu->cpu_index]) {
453 break; /* nothing to do here */
455 trace_gdbstub_op_stepping(cpu->cpu_index);
456 cpu_single_step(cpu, sstep_flags);
461 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
472 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
478 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
480 #ifdef CONFIG_USER_ONLY
484 ret = send(s->fd, buf, len, 0);
494 /* XXX this blocks entire thread. Rewrite to use
495 * qemu_chr_fe_write and background I/O callbacks */
496 qemu_chr_fe_write_all(&s->chr, buf, len);
500 static inline int fromhex(int v)
502 if (v >= '0' && v <= '9')
504 else if (v >= 'A' && v <= 'F')
506 else if (v >= 'a' && v <= 'f')
512 static inline int tohex(int v)
520 /* writes 2*len+1 bytes in buf */
521 static void memtohex(char *buf, const uint8_t *mem, int len)
526 for(i = 0; i < len; i++) {
528 *q++ = tohex(c >> 4);
529 *q++ = tohex(c & 0xf);
534 static void hextomem(uint8_t *mem, const char *buf, int len)
538 for(i = 0; i < len; i++) {
539 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
544 static void hexdump(const char *buf, int len,
545 void (*trace_fn)(size_t ofs, char const *text))
547 char line_buffer[3 * 16 + 4 + 16 + 1];
550 for (i = 0; i < len || (i & 0xF); ++i) {
551 size_t byte_ofs = i & 15;
554 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
555 line_buffer[3 * 16 + 4 + 16] = 0;
558 size_t col_group = (i >> 2) & 3;
559 size_t hex_col = byte_ofs * 3 + col_group;
560 size_t txt_col = 3 * 16 + 4 + byte_ofs;
565 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
566 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
567 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
573 trace_fn(i & -16, line_buffer);
577 /* return -1 if error, 0 if OK */
578 static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
583 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
584 hexdump(buf, len, trace_gdbstub_io_binaryreply);
593 for(i = 0; i < len; i++) {
597 *(p++) = tohex((csum >> 4) & 0xf);
598 *(p++) = tohex((csum) & 0xf);
600 s->last_packet_len = p - s->last_packet;
601 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
603 #ifdef CONFIG_USER_ONLY
616 /* return -1 if error, 0 if OK */
617 static int put_packet(GDBState *s, const char *buf)
619 trace_gdbstub_io_reply(buf);
621 return put_packet_binary(s, buf, strlen(buf), false);
624 /* Encode data using the encoding for 'x' packets. */
625 static int memtox(char *buf, const char *mem, int len)
633 case '#': case '$': case '*': case '}':
645 static uint32_t gdb_get_cpu_pid(const GDBState *s, CPUState *cpu)
647 /* TODO: In user mode, we should use the task state PID */
648 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
649 /* Return the default process' PID */
650 return s->processes[s->process_num - 1].pid;
652 return cpu->cluster_index + 1;
655 static GDBProcess *gdb_get_process(const GDBState *s, uint32_t pid)
660 /* 0 means any process, we take the first one */
661 return &s->processes[0];
664 for (i = 0; i < s->process_num; i++) {
665 if (s->processes[i].pid == pid) {
666 return &s->processes[i];
673 static GDBProcess *gdb_get_cpu_process(const GDBState *s, CPUState *cpu)
675 return gdb_get_process(s, gdb_get_cpu_pid(s, cpu));
678 static CPUState *find_cpu(uint32_t thread_id)
683 if (cpu_gdb_index(cpu) == thread_id) {
691 static CPUState *get_first_cpu_in_process(const GDBState *s,
697 if (gdb_get_cpu_pid(s, cpu) == process->pid) {
705 static CPUState *gdb_next_cpu_in_process(const GDBState *s, CPUState *cpu)
707 uint32_t pid = gdb_get_cpu_pid(s, cpu);
711 if (gdb_get_cpu_pid(s, cpu) == pid) {
721 /* Return the cpu following @cpu, while ignoring unattached processes. */
722 static CPUState *gdb_next_attached_cpu(const GDBState *s, CPUState *cpu)
727 if (gdb_get_cpu_process(s, cpu)->attached) {
737 /* Return the first attached cpu */
738 static CPUState *gdb_first_attached_cpu(const GDBState *s)
740 CPUState *cpu = first_cpu;
741 GDBProcess *process = gdb_get_cpu_process(s, cpu);
743 if (!process->attached) {
744 return gdb_next_attached_cpu(s, cpu);
750 static CPUState *gdb_get_cpu(const GDBState *s, uint32_t pid, uint32_t tid)
756 /* 0 means any process/thread, we take the first attached one */
757 return gdb_first_attached_cpu(s);
758 } else if (pid && !tid) {
759 /* any thread in a specific process */
760 process = gdb_get_process(s, pid);
762 if (process == NULL) {
766 if (!process->attached) {
770 return get_first_cpu_in_process(s, process);
772 /* a specific thread */
779 process = gdb_get_cpu_process(s, cpu);
781 if (pid && process->pid != pid) {
785 if (!process->attached) {
793 static const char *get_feature_xml(const GDBState *s, const char *p,
794 const char **newp, GDBProcess *process)
799 CPUState *cpu = get_first_cpu_in_process(s, process);
800 CPUClass *cc = CPU_GET_CLASS(cpu);
803 while (p[len] && p[len] != ':')
808 if (strncmp(p, "target.xml", len) == 0) {
809 char *buf = process->target_xml;
810 const size_t buf_sz = sizeof(process->target_xml);
812 /* Generate the XML description for this CPU. */
817 "<?xml version=\"1.0\"?>"
818 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
820 if (cc->gdb_arch_name) {
821 gchar *arch = cc->gdb_arch_name(cpu);
822 pstrcat(buf, buf_sz, "<architecture>");
823 pstrcat(buf, buf_sz, arch);
824 pstrcat(buf, buf_sz, "</architecture>");
827 pstrcat(buf, buf_sz, "<xi:include href=\"");
828 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
829 pstrcat(buf, buf_sz, "\"/>");
830 for (r = cpu->gdb_regs; r; r = r->next) {
831 pstrcat(buf, buf_sz, "<xi:include href=\"");
832 pstrcat(buf, buf_sz, r->xml);
833 pstrcat(buf, buf_sz, "\"/>");
835 pstrcat(buf, buf_sz, "</target>");
839 if (cc->gdb_get_dynamic_xml) {
840 char *xmlname = g_strndup(p, len);
841 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
849 name = xml_builtin[i][0];
850 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
853 return name ? xml_builtin[i][1] : NULL;
856 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
858 CPUClass *cc = CPU_GET_CLASS(cpu);
859 CPUArchState *env = cpu->env_ptr;
862 if (reg < cc->gdb_num_core_regs) {
863 return cc->gdb_read_register(cpu, mem_buf, reg);
866 for (r = cpu->gdb_regs; r; r = r->next) {
867 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
868 return r->get_reg(env, mem_buf, reg - r->base_reg);
874 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
876 CPUClass *cc = CPU_GET_CLASS(cpu);
877 CPUArchState *env = cpu->env_ptr;
880 if (reg < cc->gdb_num_core_regs) {
881 return cc->gdb_write_register(cpu, mem_buf, reg);
884 for (r = cpu->gdb_regs; r; r = r->next) {
885 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
886 return r->set_reg(env, mem_buf, reg - r->base_reg);
892 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
893 specifies the first register number and these registers are included in
894 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
895 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
898 void gdb_register_coprocessor(CPUState *cpu,
899 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
900 int num_regs, const char *xml, int g_pos)
903 GDBRegisterState **p;
907 /* Check for duplicates. */
908 if (strcmp((*p)->xml, xml) == 0)
913 s = g_new0(GDBRegisterState, 1);
914 s->base_reg = cpu->gdb_num_regs;
915 s->num_regs = num_regs;
916 s->get_reg = get_reg;
917 s->set_reg = set_reg;
920 /* Add to end of list. */
921 cpu->gdb_num_regs += num_regs;
924 if (g_pos != s->base_reg) {
925 error_report("Error: Bad gdb register numbering for '%s', "
926 "expected %d got %d", xml, g_pos, s->base_reg);
928 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
933 #ifndef CONFIG_USER_ONLY
934 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
935 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
937 static const int xlat[] = {
938 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
939 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
940 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
943 CPUClass *cc = CPU_GET_CLASS(cpu);
944 int cputype = xlat[gdbtype];
946 if (cc->gdb_stop_before_watchpoint) {
947 cputype |= BP_STOP_BEFORE_ACCESS;
953 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
959 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
963 case GDB_BREAKPOINT_SW:
964 case GDB_BREAKPOINT_HW:
966 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
972 #ifndef CONFIG_USER_ONLY
973 case GDB_WATCHPOINT_WRITE:
974 case GDB_WATCHPOINT_READ:
975 case GDB_WATCHPOINT_ACCESS:
977 err = cpu_watchpoint_insert(cpu, addr, len,
978 xlat_gdb_type(cpu, type), NULL);
990 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
996 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1000 case GDB_BREAKPOINT_SW:
1001 case GDB_BREAKPOINT_HW:
1003 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1009 #ifndef CONFIG_USER_ONLY
1010 case GDB_WATCHPOINT_WRITE:
1011 case GDB_WATCHPOINT_READ:
1012 case GDB_WATCHPOINT_ACCESS:
1014 err = cpu_watchpoint_remove(cpu, addr, len,
1015 xlat_gdb_type(cpu, type));
1026 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1028 cpu_breakpoint_remove_all(cpu, BP_GDB);
1029 #ifndef CONFIG_USER_ONLY
1030 cpu_watchpoint_remove_all(cpu, BP_GDB);
1034 static void gdb_process_breakpoint_remove_all(const GDBState *s, GDBProcess *p)
1036 CPUState *cpu = get_first_cpu_in_process(s, p);
1039 gdb_cpu_breakpoint_remove_all(cpu);
1040 cpu = gdb_next_cpu_in_process(s, cpu);
1044 static void gdb_breakpoint_remove_all(void)
1048 if (kvm_enabled()) {
1049 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1054 gdb_cpu_breakpoint_remove_all(cpu);
1058 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1060 CPUState *cpu = s->c_cpu;
1062 cpu_synchronize_state(cpu);
1063 cpu_set_pc(cpu, pc);
1066 static char *gdb_fmt_thread_id(const GDBState *s, CPUState *cpu,
1067 char *buf, size_t buf_size)
1069 if (s->multiprocess) {
1070 snprintf(buf, buf_size, "p%02x.%02x",
1071 gdb_get_cpu_pid(s, cpu), cpu_gdb_index(cpu));
1073 snprintf(buf, buf_size, "%02x", cpu_gdb_index(cpu));
1079 typedef enum GDBThreadIdKind {
1081 GDB_ALL_THREADS, /* One process, all threads */
1086 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1087 uint32_t *pid, uint32_t *tid)
1094 ret = qemu_strtoul(buf, &buf, 16, &p);
1097 return GDB_READ_THREAD_ERR;
1106 ret = qemu_strtoul(buf, &buf, 16, &t);
1109 return GDB_READ_THREAD_ERR;
1115 return GDB_ALL_PROCESSES;
1123 return GDB_ALL_THREADS;
1130 return GDB_ONE_THREAD;
1133 static int is_query_packet(const char *p, const char *query, char separator)
1135 unsigned int query_len = strlen(query);
1137 return strncmp(p, query, query_len) == 0 &&
1138 (p[query_len] == '\0' || p[query_len] == separator);
1142 * gdb_handle_vcont - Parses and handles a vCont packet.
1143 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1144 * a format error, 0 on success.
1146 static int gdb_handle_vcont(GDBState *s, const char *p)
1148 int res, signal = 0;
1153 GDBProcess *process;
1155 #ifdef CONFIG_USER_ONLY
1156 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1159 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1162 /* uninitialised CPUs stay 0 */
1163 newstates = g_new0(char, max_cpus);
1165 /* mark valid CPUs with 1 */
1167 newstates[cpu->cpu_index] = 1;
1171 * res keeps track of what error we are returning, with -ENOTSUP meaning
1172 * that the command is unknown or unsupported, thus returning an empty
1173 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1174 * or incorrect parameters passed.
1184 if (cur_action == 'C' || cur_action == 'S') {
1185 cur_action = qemu_tolower(cur_action);
1186 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1190 signal = gdb_signal_to_target(tmp);
1191 } else if (cur_action != 'c' && cur_action != 's') {
1192 /* unknown/invalid/unsupported command */
1202 switch (read_thread_id(p, &p, &pid, &tid)) {
1203 case GDB_READ_THREAD_ERR:
1207 case GDB_ALL_PROCESSES:
1208 cpu = gdb_first_attached_cpu(s);
1210 if (newstates[cpu->cpu_index] == 1) {
1211 newstates[cpu->cpu_index] = cur_action;
1214 cpu = gdb_next_attached_cpu(s, cpu);
1218 case GDB_ALL_THREADS:
1219 process = gdb_get_process(s, pid);
1221 if (!process->attached) {
1226 cpu = get_first_cpu_in_process(s, process);
1228 if (newstates[cpu->cpu_index] == 1) {
1229 newstates[cpu->cpu_index] = cur_action;
1232 cpu = gdb_next_cpu_in_process(s, cpu);
1236 case GDB_ONE_THREAD:
1237 cpu = gdb_get_cpu(s, pid, tid);
1239 /* invalid CPU/thread specified */
1245 /* only use if no previous match occourred */
1246 if (newstates[cpu->cpu_index] == 1) {
1247 newstates[cpu->cpu_index] = cur_action;
1253 gdb_continue_partial(s, newstates);
1261 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1264 GDBProcess *process;
1268 int ch, reg_size, type, res;
1269 uint8_t mem_buf[MAX_PACKET_LENGTH];
1270 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
1273 target_ulong addr, len;
1274 GDBThreadIdKind thread_kind;
1276 trace_gdbstub_io_command(line_buf);
1282 put_packet(s, "OK");
1285 /* TODO: Make this return the correct value for user-mode. */
1286 snprintf(buf, sizeof(buf), "T%02xthread:%s;", GDB_SIGNAL_TRAP,
1287 gdb_fmt_thread_id(s, s->c_cpu, thread_id, sizeof(thread_id)));
1289 /* Remove all the breakpoints when this query is issued,
1290 * because gdb is doing and initial connect and the state
1291 * should be cleaned up.
1293 gdb_breakpoint_remove_all();
1297 addr = strtoull(p, (char **)&p, 16);
1298 gdb_set_cpu_pc(s, addr);
1304 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1305 if (s->signal == -1)
1310 if (strncmp(p, "Cont", 4) == 0) {
1313 put_packet(s, "vCont;c;C;s;S");
1317 res = gdb_handle_vcont(s, p);
1320 if ((res == -EINVAL) || (res == -ERANGE)) {
1321 put_packet(s, "E22");
1324 goto unknown_command;
1327 } else if (strncmp(p, "Attach;", 7) == 0) {
1332 if (qemu_strtoul(p, &p, 16, &pid)) {
1333 put_packet(s, "E22");
1337 process = gdb_get_process(s, pid);
1339 if (process == NULL) {
1340 put_packet(s, "E22");
1344 cpu = get_first_cpu_in_process(s, process);
1347 /* Refuse to attach an empty process */
1348 put_packet(s, "E22");
1352 process->attached = true;
1357 snprintf(buf, sizeof(buf), "T%02xthread:%s;", GDB_SIGNAL_TRAP,
1358 gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id)));
1362 } else if (strncmp(p, "Kill;", 5) == 0) {
1363 /* Kill the target */
1364 put_packet(s, "OK");
1365 error_report("QEMU: Terminated via GDBstub");
1368 goto unknown_command;
1371 /* Kill the target */
1372 error_report("QEMU: Terminated via GDBstub");
1378 if (s->multiprocess) {
1381 put_packet(s, "E22");
1385 if (qemu_strtoul(p + 1, &p, 16, &lpid)) {
1386 put_packet(s, "E22");
1393 process = gdb_get_process(s, pid);
1394 gdb_process_breakpoint_remove_all(s, process);
1395 process->attached = false;
1397 if (pid == gdb_get_cpu_pid(s, s->c_cpu)) {
1398 s->c_cpu = gdb_first_attached_cpu(s);
1401 if (pid == gdb_get_cpu_pid(s, s->g_cpu)) {
1402 s->g_cpu = gdb_first_attached_cpu(s);
1405 if (s->c_cpu == NULL) {
1406 /* No more process attached */
1407 gdb_syscall_mode = GDB_SYS_DISABLED;
1410 put_packet(s, "OK");
1414 addr = strtoull(p, (char **)&p, 16);
1415 gdb_set_cpu_pc(s, addr);
1417 cpu_single_step(s->c_cpu, sstep_flags);
1425 ret = strtoull(p, (char **)&p, 16);
1428 err = strtoull(p, (char **)&p, 16);
1435 if (s->current_syscall_cb) {
1436 s->current_syscall_cb(s->c_cpu, ret, err);
1437 s->current_syscall_cb = NULL;
1440 put_packet(s, "T02");
1447 cpu_synchronize_state(s->g_cpu);
1449 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
1450 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1453 memtohex(buf, mem_buf, len);
1457 cpu_synchronize_state(s->g_cpu);
1458 registers = mem_buf;
1459 len = strlen(p) / 2;
1460 hextomem((uint8_t *)registers, p, len);
1461 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
1462 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1464 registers += reg_size;
1466 put_packet(s, "OK");
1469 addr = strtoull(p, (char **)&p, 16);
1472 len = strtoull(p, NULL, 16);
1474 /* memtohex() doubles the required space */
1475 if (len > MAX_PACKET_LENGTH / 2) {
1476 put_packet (s, "E22");
1480 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
1481 put_packet (s, "E14");
1483 memtohex(buf, mem_buf, len);
1488 addr = strtoull(p, (char **)&p, 16);
1491 len = strtoull(p, (char **)&p, 16);
1495 /* hextomem() reads 2*len bytes */
1496 if (len > strlen(p) / 2) {
1497 put_packet (s, "E22");
1500 hextomem(mem_buf, p, len);
1501 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
1503 put_packet(s, "E14");
1505 put_packet(s, "OK");
1509 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1510 This works, but can be very slow. Anything new enough to
1511 understand XML also knows how to use this properly. */
1513 goto unknown_command;
1514 addr = strtoull(p, (char **)&p, 16);
1515 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1517 memtohex(buf, mem_buf, reg_size);
1520 put_packet(s, "E14");
1525 goto unknown_command;
1526 addr = strtoull(p, (char **)&p, 16);
1529 reg_size = strlen(p) / 2;
1530 hextomem(mem_buf, p, reg_size);
1531 gdb_write_register(s->g_cpu, mem_buf, addr);
1532 put_packet(s, "OK");
1536 type = strtoul(p, (char **)&p, 16);
1539 addr = strtoull(p, (char **)&p, 16);
1542 len = strtoull(p, (char **)&p, 16);
1544 res = gdb_breakpoint_insert(addr, len, type);
1546 res = gdb_breakpoint_remove(addr, len, type);
1548 put_packet(s, "OK");
1549 else if (res == -ENOSYS)
1552 put_packet(s, "E22");
1557 thread_kind = read_thread_id(p, &p, &pid, &tid);
1558 if (thread_kind == GDB_READ_THREAD_ERR) {
1559 put_packet(s, "E22");
1563 if (thread_kind != GDB_ONE_THREAD) {
1564 put_packet(s, "OK");
1567 cpu = gdb_get_cpu(s, pid, tid);
1569 put_packet(s, "E22");
1575 put_packet(s, "OK");
1579 put_packet(s, "OK");
1582 put_packet(s, "E22");
1587 thread_kind = read_thread_id(p, &p, &pid, &tid);
1588 if (thread_kind == GDB_READ_THREAD_ERR) {
1589 put_packet(s, "E22");
1592 cpu = gdb_get_cpu(s, pid, tid);
1595 put_packet(s, "OK");
1597 put_packet(s, "E22");
1602 /* parse any 'q' packets here */
1603 if (!strcmp(p,"qemu.sstepbits")) {
1604 /* Query Breakpoint bit definitions */
1605 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1611 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1612 /* Display or change the sstep_flags */
1615 /* Display current setting */
1616 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1621 type = strtoul(p, (char **)&p, 16);
1623 put_packet(s, "OK");
1625 } else if (strcmp(p,"C") == 0) {
1627 * "Current thread" remains vague in the spec, so always return
1628 * the first thread of the current process (gdb returns the
1631 cpu = get_first_cpu_in_process(s, gdb_get_cpu_process(s, s->g_cpu));
1632 snprintf(buf, sizeof(buf), "QC%s",
1633 gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id)));
1636 } else if (strcmp(p,"fThreadInfo") == 0) {
1637 s->query_cpu = gdb_first_attached_cpu(s);
1638 goto report_cpuinfo;
1639 } else if (strcmp(p,"sThreadInfo") == 0) {
1642 snprintf(buf, sizeof(buf), "m%s",
1643 gdb_fmt_thread_id(s, s->query_cpu,
1644 thread_id, sizeof(thread_id)));
1646 s->query_cpu = gdb_next_attached_cpu(s, s->query_cpu);
1650 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1651 if (read_thread_id(p + 16, &p, &pid, &tid) == GDB_READ_THREAD_ERR) {
1652 put_packet(s, "E22");
1655 cpu = gdb_get_cpu(s, pid, tid);
1657 cpu_synchronize_state(cpu);
1659 if (s->multiprocess && (s->process_num > 1)) {
1660 /* Print the CPU model and name in multiprocess mode */
1661 ObjectClass *oc = object_get_class(OBJECT(cpu));
1662 const char *cpu_model = object_class_get_name(oc);
1664 object_get_canonical_path_component(OBJECT(cpu));
1665 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1666 "%s %s [%s]", cpu_model, cpu_name,
1667 cpu->halted ? "halted " : "running");
1670 /* memtohex() doubles the required space */
1671 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1672 "CPU#%d [%s]", cpu->cpu_index,
1673 cpu->halted ? "halted " : "running");
1675 trace_gdbstub_op_extra_info((char *)mem_buf);
1676 memtohex(buf, mem_buf, len);
1681 #ifdef CONFIG_USER_ONLY
1682 else if (strcmp(p, "Offsets") == 0) {
1683 TaskState *ts = s->c_cpu->opaque;
1685 snprintf(buf, sizeof(buf),
1686 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1687 ";Bss=" TARGET_ABI_FMT_lx,
1688 ts->info->code_offset,
1689 ts->info->data_offset,
1690 ts->info->data_offset);
1694 #else /* !CONFIG_USER_ONLY */
1695 else if (strncmp(p, "Rcmd,", 5) == 0) {
1696 int len = strlen(p + 5);
1698 if ((len % 2) != 0) {
1699 put_packet(s, "E01");
1703 hextomem(mem_buf, p + 5, len);
1705 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1706 put_packet(s, "OK");
1709 #endif /* !CONFIG_USER_ONLY */
1710 if (is_query_packet(p, "Supported", ':')) {
1711 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1712 cc = CPU_GET_CLASS(first_cpu);
1713 if (cc->gdb_core_xml_file != NULL) {
1714 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1717 if (strstr(p, "multiprocess+")) {
1718 s->multiprocess = true;
1720 pstrcat(buf, sizeof(buf), ";multiprocess+");
1725 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1727 target_ulong total_len;
1729 process = gdb_get_cpu_process(s, s->g_cpu);
1730 cc = CPU_GET_CLASS(s->g_cpu);
1731 if (cc->gdb_core_xml_file == NULL) {
1732 goto unknown_command;
1737 xml = get_feature_xml(s, p, &p, process);
1739 snprintf(buf, sizeof(buf), "E00");
1746 addr = strtoul(p, (char **)&p, 16);
1749 len = strtoul(p, (char **)&p, 16);
1751 total_len = strlen(xml);
1752 if (addr > total_len) {
1753 snprintf(buf, sizeof(buf), "E00");
1757 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1758 len = (MAX_PACKET_LENGTH - 5) / 2;
1759 if (len < total_len - addr) {
1761 len = memtox(buf + 1, xml + addr, len);
1764 len = memtox(buf + 1, xml + addr, total_len - addr);
1766 put_packet_binary(s, buf, len + 1, true);
1769 if (is_query_packet(p, "Attached", ':')) {
1770 put_packet(s, GDB_ATTACHED);
1773 /* Unrecognised 'q' command. */
1774 goto unknown_command;
1778 /* put empty packet */
1786 void gdb_set_stop_cpu(CPUState *cpu)
1788 GDBProcess *p = gdb_get_cpu_process(gdbserver_state, cpu);
1792 * Having a stop CPU corresponding to a process that is not attached
1793 * confuses GDB. So we ignore the request.
1798 gdbserver_state->c_cpu = cpu;
1799 gdbserver_state->g_cpu = cpu;
1802 #ifndef CONFIG_USER_ONLY
1803 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1805 GDBState *s = gdbserver_state;
1806 CPUState *cpu = s->c_cpu;
1812 if (running || s->state == RS_INACTIVE) {
1815 /* Is there a GDB syscall waiting to be sent? */
1816 if (s->current_syscall_cb) {
1817 put_packet(s, s->syscall_buf);
1822 /* No process attached */
1826 gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id));
1829 case RUN_STATE_DEBUG:
1830 if (cpu->watchpoint_hit) {
1831 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1842 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
1843 (target_ulong)cpu->watchpoint_hit->vaddr);
1844 snprintf(buf, sizeof(buf),
1845 "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
1846 GDB_SIGNAL_TRAP, thread_id, type,
1847 (target_ulong)cpu->watchpoint_hit->vaddr);
1848 cpu->watchpoint_hit = NULL;
1851 trace_gdbstub_hit_break();
1854 ret = GDB_SIGNAL_TRAP;
1856 case RUN_STATE_PAUSED:
1857 trace_gdbstub_hit_paused();
1858 ret = GDB_SIGNAL_INT;
1860 case RUN_STATE_SHUTDOWN:
1861 trace_gdbstub_hit_shutdown();
1862 ret = GDB_SIGNAL_QUIT;
1864 case RUN_STATE_IO_ERROR:
1865 trace_gdbstub_hit_io_error();
1866 ret = GDB_SIGNAL_IO;
1868 case RUN_STATE_WATCHDOG:
1869 trace_gdbstub_hit_watchdog();
1870 ret = GDB_SIGNAL_ALRM;
1872 case RUN_STATE_INTERNAL_ERROR:
1873 trace_gdbstub_hit_internal_error();
1874 ret = GDB_SIGNAL_ABRT;
1876 case RUN_STATE_SAVE_VM:
1877 case RUN_STATE_RESTORE_VM:
1879 case RUN_STATE_FINISH_MIGRATE:
1880 ret = GDB_SIGNAL_XCPU;
1883 trace_gdbstub_hit_unknown(state);
1884 ret = GDB_SIGNAL_UNKNOWN;
1887 gdb_set_stop_cpu(cpu);
1888 snprintf(buf, sizeof(buf), "T%02xthread:%s;", ret, thread_id);
1893 /* disable single step if it was enabled */
1894 cpu_single_step(cpu, 0);
1898 /* Send a gdb syscall request.
1899 This accepts limited printf-style format specifiers, specifically:
1900 %x - target_ulong argument printed in hex.
1901 %lx - 64-bit argument printed in hex.
1902 %s - string pointer (target_ulong) and length (int) pair. */
1903 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1911 s = gdbserver_state;
1914 s->current_syscall_cb = cb;
1915 #ifndef CONFIG_USER_ONLY
1916 vm_stop(RUN_STATE_DEBUG);
1919 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1926 addr = va_arg(va, target_ulong);
1927 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1930 if (*(fmt++) != 'x')
1932 i64 = va_arg(va, uint64_t);
1933 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1936 addr = va_arg(va, target_ulong);
1937 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1938 addr, va_arg(va, int));
1942 error_report("gdbstub: Bad syscall format string '%s'",
1951 #ifdef CONFIG_USER_ONLY
1952 put_packet(s, s->syscall_buf);
1953 /* Return control to gdb for it to process the syscall request.
1954 * Since the protocol requires that gdb hands control back to us
1955 * using a "here are the results" F packet, we don't need to check
1956 * gdb_handlesig's return value (which is the signal to deliver if
1957 * execution was resumed via a continue packet).
1959 gdb_handlesig(s->c_cpu, 0);
1961 /* In this case wait to send the syscall packet until notification that
1962 the CPU has stopped. This must be done because if the packet is sent
1963 now the reply from the syscall request could be received while the CPU
1964 is still in the running state, which can cause packets to be dropped
1965 and state transition 'T' packets to be sent while the syscall is still
1967 qemu_cpu_kick(s->c_cpu);
1971 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1976 gdb_do_syscallv(cb, fmt, va);
1980 static void gdb_read_byte(GDBState *s, int ch)
1984 #ifndef CONFIG_USER_ONLY
1985 if (s->last_packet_len) {
1986 /* Waiting for a response to the last packet. If we see the start
1987 of a new command then abandon the previous response. */
1989 trace_gdbstub_err_got_nack();
1990 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1991 } else if (ch == '+') {
1992 trace_gdbstub_io_got_ack();
1994 trace_gdbstub_io_got_unexpected((uint8_t)ch);
1997 if (ch == '+' || ch == '$')
1998 s->last_packet_len = 0;
2002 if (runstate_is_running()) {
2003 /* when the CPU is running, we cannot do anything except stop
2004 it when receiving a char */
2005 vm_stop(RUN_STATE_PAUSED);
2012 /* start of command packet */
2013 s->line_buf_index = 0;
2015 s->state = RS_GETLINE;
2017 trace_gdbstub_err_garbage((uint8_t)ch);
2022 /* start escape sequence */
2023 s->state = RS_GETLINE_ESC;
2025 } else if (ch == '*') {
2026 /* start run length encoding sequence */
2027 s->state = RS_GETLINE_RLE;
2029 } else if (ch == '#') {
2030 /* end of command, start of checksum*/
2031 s->state = RS_CHKSUM1;
2032 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2033 trace_gdbstub_err_overrun();
2036 /* unescaped command character */
2037 s->line_buf[s->line_buf_index++] = ch;
2041 case RS_GETLINE_ESC:
2043 /* unexpected end of command in escape sequence */
2044 s->state = RS_CHKSUM1;
2045 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2046 /* command buffer overrun */
2047 trace_gdbstub_err_overrun();
2050 /* parse escaped character and leave escape state */
2051 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
2053 s->state = RS_GETLINE;
2056 case RS_GETLINE_RLE:
2058 /* invalid RLE count encoding */
2059 trace_gdbstub_err_invalid_repeat((uint8_t)ch);
2060 s->state = RS_GETLINE;
2062 /* decode repeat length */
2063 int repeat = (unsigned char)ch - ' ' + 3;
2064 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
2065 /* that many repeats would overrun the command buffer */
2066 trace_gdbstub_err_overrun();
2068 } else if (s->line_buf_index < 1) {
2069 /* got a repeat but we have nothing to repeat */
2070 trace_gdbstub_err_invalid_rle();
2071 s->state = RS_GETLINE;
2073 /* repeat the last character */
2074 memset(s->line_buf + s->line_buf_index,
2075 s->line_buf[s->line_buf_index - 1], repeat);
2076 s->line_buf_index += repeat;
2078 s->state = RS_GETLINE;
2083 /* get high hex digit of checksum */
2084 if (!isxdigit(ch)) {
2085 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
2086 s->state = RS_GETLINE;
2089 s->line_buf[s->line_buf_index] = '\0';
2090 s->line_csum = fromhex(ch) << 4;
2091 s->state = RS_CHKSUM2;
2094 /* get low hex digit of checksum */
2095 if (!isxdigit(ch)) {
2096 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
2097 s->state = RS_GETLINE;
2100 s->line_csum |= fromhex(ch);
2102 if (s->line_csum != (s->line_sum & 0xff)) {
2103 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
2104 /* send NAK reply */
2106 put_buffer(s, &reply, 1);
2109 /* send ACK reply */
2111 put_buffer(s, &reply, 1);
2112 s->state = gdb_handle_packet(s, s->line_buf);
2121 /* Tell the remote gdb that the process has exited. */
2122 void gdb_exit(CPUArchState *env, int code)
2127 s = gdbserver_state;
2131 #ifdef CONFIG_USER_ONLY
2132 if (gdbserver_fd < 0 || s->fd < 0) {
2137 trace_gdbstub_op_exiting((uint8_t)code);
2139 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2142 #ifndef CONFIG_USER_ONLY
2143 qemu_chr_fe_deinit(&s->chr, true);
2148 * Create the process that will contain all the "orphan" CPUs (that are not
2149 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2150 * be attachable and thus will be invisible to the user.
2152 static void create_default_process(GDBState *s)
2154 GDBProcess *process;
2157 if (s->process_num) {
2158 max_pid = s->processes[s->process_num - 1].pid;
2161 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2162 process = &s->processes[s->process_num - 1];
2164 /* We need an available PID slot for this process */
2165 assert(max_pid < UINT32_MAX);
2167 process->pid = max_pid + 1;
2168 process->attached = false;
2169 process->target_xml[0] = '\0';
2172 #ifdef CONFIG_USER_ONLY
2174 gdb_handlesig(CPUState *cpu, int sig)
2180 s = gdbserver_state;
2181 if (gdbserver_fd < 0 || s->fd < 0) {
2185 /* disable single step if it was enabled */
2186 cpu_single_step(cpu, 0);
2190 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
2193 /* put_packet() might have detected that the peer terminated the
2201 s->running_state = 0;
2202 while (s->running_state == 0) {
2203 n = read(s->fd, buf, 256);
2207 for (i = 0; i < n; i++) {
2208 gdb_read_byte(s, buf[i]);
2211 /* XXX: Connection closed. Should probably wait for another
2212 connection before continuing. */
2225 /* Tell the remote gdb that the process has exited due to SIG. */
2226 void gdb_signalled(CPUArchState *env, int sig)
2231 s = gdbserver_state;
2232 if (gdbserver_fd < 0 || s->fd < 0) {
2236 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
2240 static bool gdb_accept(void)
2243 struct sockaddr_in sockaddr;
2248 len = sizeof(sockaddr);
2249 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
2250 if (fd < 0 && errno != EINTR) {
2253 } else if (fd >= 0) {
2254 qemu_set_cloexec(fd);
2259 /* set short latency */
2260 if (socket_set_nodelay(fd)) {
2261 perror("setsockopt");
2266 s = g_malloc0(sizeof(GDBState));
2267 create_default_process(s);
2268 s->processes[0].attached = true;
2269 s->c_cpu = gdb_first_attached_cpu(s);
2270 s->g_cpu = s->c_cpu;
2272 gdb_has_xml = false;
2274 gdbserver_state = s;
2278 static int gdbserver_open(int port)
2280 struct sockaddr_in sockaddr;
2283 fd = socket(PF_INET, SOCK_STREAM, 0);
2288 qemu_set_cloexec(fd);
2290 socket_set_fast_reuse(fd);
2292 sockaddr.sin_family = AF_INET;
2293 sockaddr.sin_port = htons(port);
2294 sockaddr.sin_addr.s_addr = 0;
2295 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
2301 ret = listen(fd, 1);
2310 int gdbserver_start(int port)
2312 gdbserver_fd = gdbserver_open(port);
2313 if (gdbserver_fd < 0)
2315 /* accept connections */
2316 if (!gdb_accept()) {
2317 close(gdbserver_fd);
2324 /* Disable gdb stub for child processes. */
2325 void gdbserver_fork(CPUState *cpu)
2327 GDBState *s = gdbserver_state;
2329 if (gdbserver_fd < 0 || s->fd < 0) {
2334 cpu_breakpoint_remove_all(cpu, BP_GDB);
2335 cpu_watchpoint_remove_all(cpu, BP_GDB);
2338 static int gdb_chr_can_receive(void *opaque)
2340 /* We can handle an arbitrarily large amount of data.
2341 Pick the maximum packet size, which is as good as anything. */
2342 return MAX_PACKET_LENGTH;
2345 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
2349 for (i = 0; i < size; i++) {
2350 gdb_read_byte(gdbserver_state, buf[i]);
2354 static void gdb_chr_event(void *opaque, int event)
2357 GDBState *s = (GDBState *) opaque;
2360 case CHR_EVENT_OPENED:
2361 /* Start with first process attached, others detached */
2362 for (i = 0; i < s->process_num; i++) {
2363 s->processes[i].attached = !i;
2366 s->c_cpu = gdb_first_attached_cpu(s);
2367 s->g_cpu = s->c_cpu;
2369 vm_stop(RUN_STATE_PAUSED);
2370 gdb_has_xml = false;
2377 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
2379 char buf[MAX_PACKET_LENGTH];
2382 if (len > (MAX_PACKET_LENGTH/2) - 1)
2383 len = (MAX_PACKET_LENGTH/2) - 1;
2384 memtohex(buf + 1, (uint8_t *)msg, len);
2388 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
2390 const char *p = (const char *)buf;
2393 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
2395 if (len <= max_sz) {
2396 gdb_monitor_output(gdbserver_state, p, len);
2399 gdb_monitor_output(gdbserver_state, p, max_sz);
2407 static void gdb_sigterm_handler(int signal)
2409 if (runstate_is_running()) {
2410 vm_stop(RUN_STATE_PAUSED);
2415 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
2416 bool *be_opened, Error **errp)
2421 static void char_gdb_class_init(ObjectClass *oc, void *data)
2423 ChardevClass *cc = CHARDEV_CLASS(oc);
2425 cc->internal = true;
2426 cc->open = gdb_monitor_open;
2427 cc->chr_write = gdb_monitor_write;
2430 #define TYPE_CHARDEV_GDB "chardev-gdb"
2432 static const TypeInfo char_gdb_type_info = {
2433 .name = TYPE_CHARDEV_GDB,
2434 .parent = TYPE_CHARDEV,
2435 .class_init = char_gdb_class_init,
2438 static int find_cpu_clusters(Object *child, void *opaque)
2440 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
2441 GDBState *s = (GDBState *) opaque;
2442 CPUClusterState *cluster = CPU_CLUSTER(child);
2443 GDBProcess *process;
2445 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2447 process = &s->processes[s->process_num - 1];
2450 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
2451 * runtime, we enforce here that the machine does not use a cluster ID
2452 * that would lead to PID 0.
2454 assert(cluster->cluster_id != UINT32_MAX);
2455 process->pid = cluster->cluster_id + 1;
2456 process->attached = false;
2457 process->target_xml[0] = '\0';
2462 return object_child_foreach(child, find_cpu_clusters, opaque);
2465 static int pid_order(const void *a, const void *b)
2467 GDBProcess *pa = (GDBProcess *) a;
2468 GDBProcess *pb = (GDBProcess *) b;
2470 if (pa->pid < pb->pid) {
2472 } else if (pa->pid > pb->pid) {
2479 static void create_processes(GDBState *s)
2481 object_child_foreach(object_get_root(), find_cpu_clusters, s);
2485 qsort(s->processes, s->process_num, sizeof(s->processes[0]), pid_order);
2488 create_default_process(s);
2491 static void cleanup_processes(GDBState *s)
2493 g_free(s->processes);
2495 s->processes = NULL;
2498 int gdbserver_start(const char *device)
2500 trace_gdbstub_op_start(device);
2503 char gdbstub_device_name[128];
2504 Chardev *chr = NULL;
2508 error_report("gdbstub: meaningless to attach gdb to a "
2509 "machine without any CPU.");
2515 if (strcmp(device, "none") != 0) {
2516 if (strstart(device, "tcp:", NULL)) {
2517 /* enforce required TCP attributes */
2518 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2519 "%s,nowait,nodelay,server", device);
2520 device = gdbstub_device_name;
2523 else if (strcmp(device, "stdio") == 0) {
2524 struct sigaction act;
2526 memset(&act, 0, sizeof(act));
2527 act.sa_handler = gdb_sigterm_handler;
2528 sigaction(SIGINT, &act, NULL);
2532 * FIXME: it's a bit weird to allow using a mux chardev here
2533 * and implicitly setup a monitor. We may want to break this.
2535 chr = qemu_chr_new_noreplay("gdb", device, true, NULL);
2540 s = gdbserver_state;
2542 s = g_malloc0(sizeof(GDBState));
2543 gdbserver_state = s;
2545 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2547 /* Initialize a monitor terminal for gdb */
2548 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
2549 NULL, NULL, &error_abort);
2550 monitor_init(mon_chr, 0);
2552 qemu_chr_fe_deinit(&s->chr, true);
2553 mon_chr = s->mon_chr;
2554 cleanup_processes(s);
2555 memset(s, 0, sizeof(GDBState));
2556 s->mon_chr = mon_chr;
2559 create_processes(s);
2562 qemu_chr_fe_init(&s->chr, chr, &error_abort);
2563 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
2564 gdb_chr_event, NULL, s, NULL, true);
2566 s->state = chr ? RS_IDLE : RS_INACTIVE;
2567 s->mon_chr = mon_chr;
2568 s->current_syscall_cb = NULL;
2573 void gdbserver_cleanup(void)
2575 if (gdbserver_state) {
2576 put_packet(gdbserver_state, "W00");
2580 static void register_types(void)
2582 type_register_static(&char_gdb_type_info);
2585 type_init(register_types);
projects / qemu.git / blob