4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/error-report.h"
22 #include "qemu/cutils.h"
23 #include "trace-root.h"
24 #ifdef CONFIG_USER_ONLY
27 #include "monitor/monitor.h"
28 #include "chardev/char.h"
29 #include "chardev/char-fe.h"
30 #include "sysemu/sysemu.h"
31 #include "exec/gdbstub.h"
32 #include "hw/cpu/cluster.h"
35 #define MAX_PACKET_LENGTH 4096
37 #include "qemu/sockets.h"
38 #include "sysemu/hw_accel.h"
39 #include "sysemu/kvm.h"
40 #include "exec/semihost.h"
41 #include "exec/exec-all.h"
43 #ifdef CONFIG_USER_ONLY
44 #define GDB_ATTACHED "0"
46 #define GDB_ATTACHED "1"
49 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
50 uint8_t *buf, int len, bool is_write)
52 CPUClass *cc = CPU_GET_CLASS(cpu);
54 if (cc->memory_rw_debug) {
55 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
57 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
60 /* Return the GDB index for a given vCPU state.
62 * For user mode this is simply the thread id. In system mode GDB
63 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
65 static inline int cpu_gdb_index(CPUState *cpu)
67 #if defined(CONFIG_USER_ONLY)
68 TaskState *ts = (TaskState *) cpu->opaque;
71 return cpu->cpu_index + 1;
84 GDB_SIGNAL_UNKNOWN = 143
87 #ifdef CONFIG_USER_ONLY
89 /* Map target signal numbers to GDB protocol signal numbers and vice
90 * versa. For user emulation's currently supported systems, we can
91 * assume most signals are defined.
94 static int gdb_signal_table[] = {
254 /* In system mode we only need SIGINT and SIGTRAP; other signals
255 are not yet supported. */
262 static int gdb_signal_table[] = {
272 #ifdef CONFIG_USER_ONLY
273 static int target_signal_to_gdb (int sig)
276 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
277 if (gdb_signal_table[i] == sig)
279 return GDB_SIGNAL_UNKNOWN;
283 static int gdb_signal_to_target (int sig)
285 if (sig < ARRAY_SIZE (gdb_signal_table))
286 return gdb_signal_table[sig];
291 typedef struct GDBRegisterState {
297 struct GDBRegisterState *next;
300 typedef struct GDBProcess {
314 typedef struct GDBState {
315 CPUState *c_cpu; /* current CPU for step/continue ops */
316 CPUState *g_cpu; /* current CPU for other ops */
317 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
318 enum RSState state; /* parsing state */
319 char line_buf[MAX_PACKET_LENGTH];
321 int line_sum; /* running checksum */
322 int line_csum; /* checksum at the end of the packet */
323 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
326 #ifdef CONFIG_USER_ONLY
334 GDBProcess *processes;
336 char syscall_buf[256];
337 gdb_syscall_complete_cb current_syscall_cb;
340 /* By default use no IRQs and no timers while single stepping so as to
341 * make single stepping like an ICE HW step.
343 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
345 static GDBState *gdbserver_state;
349 #ifdef CONFIG_USER_ONLY
350 /* XXX: This is not thread safe. Do we care? */
351 static int gdbserver_fd = -1;
353 static int get_char(GDBState *s)
359 ret = qemu_recv(s->fd, &ch, 1, 0);
361 if (errno == ECONNRESET)
365 } else if (ret == 0) {
383 /* Decide if either remote gdb syscalls or native file IO should be used. */
384 int use_gdb_syscalls(void)
386 SemihostingTarget target = semihosting_get_target();
387 if (target == SEMIHOSTING_TARGET_NATIVE) {
388 /* -semihosting-config target=native */
390 } else if (target == SEMIHOSTING_TARGET_GDB) {
391 /* -semihosting-config target=gdb */
395 /* -semihosting-config target=auto */
396 /* On the first call check if gdb is connected and remember. */
397 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
398 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
401 return gdb_syscall_mode == GDB_SYS_ENABLED;
404 /* Resume execution. */
405 static inline void gdb_continue(GDBState *s)
408 #ifdef CONFIG_USER_ONLY
409 s->running_state = 1;
410 trace_gdbstub_op_continue();
412 if (!runstate_needs_reset()) {
413 trace_gdbstub_op_continue();
420 * Resume execution, per CPU actions. For user-mode emulation it's
421 * equivalent to gdb_continue.
423 static int gdb_continue_partial(GDBState *s, char *newstates)
427 #ifdef CONFIG_USER_ONLY
429 * This is not exactly accurate, but it's an improvement compared to the
430 * previous situation, where only one CPU would be single-stepped.
433 if (newstates[cpu->cpu_index] == 's') {
434 trace_gdbstub_op_stepping(cpu->cpu_index);
435 cpu_single_step(cpu, sstep_flags);
438 s->running_state = 1;
442 if (!runstate_needs_reset()) {
443 if (vm_prepare_start()) {
448 switch (newstates[cpu->cpu_index]) {
451 break; /* nothing to do here */
453 trace_gdbstub_op_stepping(cpu->cpu_index);
454 cpu_single_step(cpu, sstep_flags);
459 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
470 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
476 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
478 #ifdef CONFIG_USER_ONLY
482 ret = send(s->fd, buf, len, 0);
492 /* XXX this blocks entire thread. Rewrite to use
493 * qemu_chr_fe_write and background I/O callbacks */
494 qemu_chr_fe_write_all(&s->chr, buf, len);
498 static inline int fromhex(int v)
500 if (v >= '0' && v <= '9')
502 else if (v >= 'A' && v <= 'F')
504 else if (v >= 'a' && v <= 'f')
510 static inline int tohex(int v)
518 /* writes 2*len+1 bytes in buf */
519 static void memtohex(char *buf, const uint8_t *mem, int len)
524 for(i = 0; i < len; i++) {
526 *q++ = tohex(c >> 4);
527 *q++ = tohex(c & 0xf);
532 static void hextomem(uint8_t *mem, const char *buf, int len)
536 for(i = 0; i < len; i++) {
537 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
542 static void hexdump(const char *buf, int len,
543 void (*trace_fn)(size_t ofs, char const *text))
545 char line_buffer[3 * 16 + 4 + 16 + 1];
548 for (i = 0; i < len || (i & 0xF); ++i) {
549 size_t byte_ofs = i & 15;
552 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
553 line_buffer[3 * 16 + 4 + 16] = 0;
556 size_t col_group = (i >> 2) & 3;
557 size_t hex_col = byte_ofs * 3 + col_group;
558 size_t txt_col = 3 * 16 + 4 + byte_ofs;
563 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
564 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
565 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
571 trace_fn(i & -16, line_buffer);
575 /* return -1 if error, 0 if OK */
576 static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
581 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
582 hexdump(buf, len, trace_gdbstub_io_binaryreply);
591 for(i = 0; i < len; i++) {
595 *(p++) = tohex((csum >> 4) & 0xf);
596 *(p++) = tohex((csum) & 0xf);
598 s->last_packet_len = p - s->last_packet;
599 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
601 #ifdef CONFIG_USER_ONLY
614 /* return -1 if error, 0 if OK */
615 static int put_packet(GDBState *s, const char *buf)
617 trace_gdbstub_io_reply(buf);
619 return put_packet_binary(s, buf, strlen(buf), false);
622 /* Encode data using the encoding for 'x' packets. */
623 static int memtox(char *buf, const char *mem, int len)
631 case '#': case '$': case '*': case '}':
643 static uint32_t gdb_get_cpu_pid(const GDBState *s, CPUState *cpu)
645 #ifndef CONFIG_USER_ONLY
646 gchar *path, *name = NULL;
648 CPUClusterState *cluster;
651 path = object_get_canonical_path(OBJECT(cpu));
654 /* Return the default process' PID */
655 ret = s->processes[s->process_num - 1].pid;
659 name = object_get_canonical_path_component(OBJECT(cpu));
660 assert(name != NULL);
663 * Retrieve the CPU parent path by removing the last '/' and the CPU name
664 * from the CPU canonical path.
666 path[strlen(path) - strlen(name) - 1] = '\0';
668 obj = object_resolve_path_type(path, TYPE_CPU_CLUSTER, NULL);
671 /* Return the default process' PID */
672 ret = s->processes[s->process_num - 1].pid;
676 cluster = CPU_CLUSTER(obj);
677 ret = cluster->cluster_id + 1;
686 /* TODO: In user mode, we should use the task state PID */
687 return s->processes[s->process_num - 1].pid;
691 static GDBProcess *gdb_get_process(const GDBState *s, uint32_t pid)
696 /* 0 means any process, we take the first one */
697 return &s->processes[0];
700 for (i = 0; i < s->process_num; i++) {
701 if (s->processes[i].pid == pid) {
702 return &s->processes[i];
709 static GDBProcess *gdb_get_cpu_process(const GDBState *s, CPUState *cpu)
711 return gdb_get_process(s, gdb_get_cpu_pid(s, cpu));
714 static CPUState *find_cpu(uint32_t thread_id)
719 if (cpu_gdb_index(cpu) == thread_id) {
727 static CPUState *get_first_cpu_in_process(const GDBState *s,
733 if (gdb_get_cpu_pid(s, cpu) == process->pid) {
741 static CPUState *gdb_next_cpu_in_process(const GDBState *s, CPUState *cpu)
743 uint32_t pid = gdb_get_cpu_pid(s, cpu);
747 if (gdb_get_cpu_pid(s, cpu) == pid) {
757 static CPUState *gdb_get_cpu(const GDBState *s, uint32_t pid, uint32_t tid)
763 /* 0 means any thread, we take the first one */
773 process = gdb_get_cpu_process(s, cpu);
775 if (process->pid != pid) {
779 if (!process->attached) {
786 /* Return the cpu following @cpu, while ignoring unattached processes. */
787 static CPUState *gdb_next_attached_cpu(const GDBState *s, CPUState *cpu)
792 if (gdb_get_cpu_process(s, cpu)->attached) {
802 /* Return the first attached cpu */
803 static CPUState *gdb_first_attached_cpu(const GDBState *s)
805 CPUState *cpu = first_cpu;
806 GDBProcess *process = gdb_get_cpu_process(s, cpu);
808 if (!process->attached) {
809 return gdb_next_attached_cpu(s, cpu);
815 static const char *get_feature_xml(const char *p, const char **newp,
821 static char target_xml[1024];
824 while (p[len] && p[len] != ':')
829 if (strncmp(p, "target.xml", len) == 0) {
830 /* Generate the XML description for this CPU. */
831 if (!target_xml[0]) {
833 CPUState *cpu = first_cpu;
835 pstrcat(target_xml, sizeof(target_xml),
836 "<?xml version=\"1.0\"?>"
837 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
839 if (cc->gdb_arch_name) {
840 gchar *arch = cc->gdb_arch_name(cpu);
841 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
842 pstrcat(target_xml, sizeof(target_xml), arch);
843 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
846 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
847 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
848 pstrcat(target_xml, sizeof(target_xml), "\"/>");
849 for (r = cpu->gdb_regs; r; r = r->next) {
850 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
851 pstrcat(target_xml, sizeof(target_xml), r->xml);
852 pstrcat(target_xml, sizeof(target_xml), "\"/>");
854 pstrcat(target_xml, sizeof(target_xml), "</target>");
858 if (cc->gdb_get_dynamic_xml) {
859 CPUState *cpu = first_cpu;
860 char *xmlname = g_strndup(p, len);
861 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
869 name = xml_builtin[i][0];
870 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
873 return name ? xml_builtin[i][1] : NULL;
876 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
878 CPUClass *cc = CPU_GET_CLASS(cpu);
879 CPUArchState *env = cpu->env_ptr;
882 if (reg < cc->gdb_num_core_regs) {
883 return cc->gdb_read_register(cpu, mem_buf, reg);
886 for (r = cpu->gdb_regs; r; r = r->next) {
887 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
888 return r->get_reg(env, mem_buf, reg - r->base_reg);
894 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
896 CPUClass *cc = CPU_GET_CLASS(cpu);
897 CPUArchState *env = cpu->env_ptr;
900 if (reg < cc->gdb_num_core_regs) {
901 return cc->gdb_write_register(cpu, mem_buf, reg);
904 for (r = cpu->gdb_regs; r; r = r->next) {
905 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
906 return r->set_reg(env, mem_buf, reg - r->base_reg);
912 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
913 specifies the first register number and these registers are included in
914 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
915 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
918 void gdb_register_coprocessor(CPUState *cpu,
919 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
920 int num_regs, const char *xml, int g_pos)
923 GDBRegisterState **p;
927 /* Check for duplicates. */
928 if (strcmp((*p)->xml, xml) == 0)
933 s = g_new0(GDBRegisterState, 1);
934 s->base_reg = cpu->gdb_num_regs;
935 s->num_regs = num_regs;
936 s->get_reg = get_reg;
937 s->set_reg = set_reg;
940 /* Add to end of list. */
941 cpu->gdb_num_regs += num_regs;
944 if (g_pos != s->base_reg) {
945 error_report("Error: Bad gdb register numbering for '%s', "
946 "expected %d got %d", xml, g_pos, s->base_reg);
948 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
953 #ifndef CONFIG_USER_ONLY
954 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
955 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
957 static const int xlat[] = {
958 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
959 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
960 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
963 CPUClass *cc = CPU_GET_CLASS(cpu);
964 int cputype = xlat[gdbtype];
966 if (cc->gdb_stop_before_watchpoint) {
967 cputype |= BP_STOP_BEFORE_ACCESS;
973 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
979 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
983 case GDB_BREAKPOINT_SW:
984 case GDB_BREAKPOINT_HW:
986 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
992 #ifndef CONFIG_USER_ONLY
993 case GDB_WATCHPOINT_WRITE:
994 case GDB_WATCHPOINT_READ:
995 case GDB_WATCHPOINT_ACCESS:
997 err = cpu_watchpoint_insert(cpu, addr, len,
998 xlat_gdb_type(cpu, type), NULL);
1010 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
1015 if (kvm_enabled()) {
1016 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1020 case GDB_BREAKPOINT_SW:
1021 case GDB_BREAKPOINT_HW:
1023 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1029 #ifndef CONFIG_USER_ONLY
1030 case GDB_WATCHPOINT_WRITE:
1031 case GDB_WATCHPOINT_READ:
1032 case GDB_WATCHPOINT_ACCESS:
1034 err = cpu_watchpoint_remove(cpu, addr, len,
1035 xlat_gdb_type(cpu, type));
1046 static void gdb_breakpoint_remove_all(void)
1050 if (kvm_enabled()) {
1051 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1056 cpu_breakpoint_remove_all(cpu, BP_GDB);
1057 #ifndef CONFIG_USER_ONLY
1058 cpu_watchpoint_remove_all(cpu, BP_GDB);
1063 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1065 CPUState *cpu = s->c_cpu;
1067 cpu_synchronize_state(cpu);
1068 cpu_set_pc(cpu, pc);
1071 static char *gdb_fmt_thread_id(const GDBState *s, CPUState *cpu,
1072 char *buf, size_t buf_size)
1074 if (s->multiprocess) {
1075 snprintf(buf, buf_size, "p%02x.%02x",
1076 gdb_get_cpu_pid(s, cpu), cpu_gdb_index(cpu));
1078 snprintf(buf, buf_size, "%02x", cpu_gdb_index(cpu));
1084 typedef enum GDBThreadIdKind {
1086 GDB_ALL_THREADS, /* One process, all threads */
1091 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1092 uint32_t *pid, uint32_t *tid)
1099 ret = qemu_strtoul(buf, &buf, 16, &p);
1102 return GDB_READ_THREAD_ERR;
1111 ret = qemu_strtoul(buf, &buf, 16, &t);
1114 return GDB_READ_THREAD_ERR;
1120 return GDB_ALL_PROCESSES;
1128 return GDB_ALL_THREADS;
1135 return GDB_ONE_THREAD;
1138 static int is_query_packet(const char *p, const char *query, char separator)
1140 unsigned int query_len = strlen(query);
1142 return strncmp(p, query, query_len) == 0 &&
1143 (p[query_len] == '\0' || p[query_len] == separator);
1147 * gdb_handle_vcont - Parses and handles a vCont packet.
1148 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1149 * a format error, 0 on success.
1151 static int gdb_handle_vcont(GDBState *s, const char *p)
1153 int res, signal = 0;
1158 GDBProcess *process;
1160 #ifdef CONFIG_USER_ONLY
1161 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1164 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1167 /* uninitialised CPUs stay 0 */
1168 newstates = g_new0(char, max_cpus);
1170 /* mark valid CPUs with 1 */
1172 newstates[cpu->cpu_index] = 1;
1176 * res keeps track of what error we are returning, with -ENOTSUP meaning
1177 * that the command is unknown or unsupported, thus returning an empty
1178 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1179 * or incorrect parameters passed.
1189 if (cur_action == 'C' || cur_action == 'S') {
1190 cur_action = qemu_tolower(cur_action);
1191 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1195 signal = gdb_signal_to_target(tmp);
1196 } else if (cur_action != 'c' && cur_action != 's') {
1197 /* unknown/invalid/unsupported command */
1207 switch (read_thread_id(p, &p, &pid, &tid)) {
1208 case GDB_READ_THREAD_ERR:
1212 case GDB_ALL_PROCESSES:
1213 cpu = gdb_first_attached_cpu(s);
1215 if (newstates[cpu->cpu_index] == 1) {
1216 newstates[cpu->cpu_index] = cur_action;
1219 cpu = gdb_next_attached_cpu(s, cpu);
1223 case GDB_ALL_THREADS:
1224 process = gdb_get_process(s, pid);
1226 if (!process->attached) {
1231 cpu = get_first_cpu_in_process(s, process);
1233 if (newstates[cpu->cpu_index] == 1) {
1234 newstates[cpu->cpu_index] = cur_action;
1237 cpu = gdb_next_cpu_in_process(s, cpu);
1241 case GDB_ONE_THREAD:
1242 cpu = gdb_get_cpu(s, pid, tid);
1244 /* invalid CPU/thread specified */
1250 /* only use if no previous match occourred */
1251 if (newstates[cpu->cpu_index] == 1) {
1252 newstates[cpu->cpu_index] = cur_action;
1258 gdb_continue_partial(s, newstates);
1266 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1273 int ch, reg_size, type, res;
1274 uint8_t mem_buf[MAX_PACKET_LENGTH];
1275 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
1278 target_ulong addr, len;
1279 GDBThreadIdKind thread_kind;
1281 trace_gdbstub_io_command(line_buf);
1287 /* TODO: Make this return the correct value for user-mode. */
1288 snprintf(buf, sizeof(buf), "T%02xthread:%s;", GDB_SIGNAL_TRAP,
1289 gdb_fmt_thread_id(s, s->c_cpu, thread_id, sizeof(thread_id)));
1291 /* Remove all the breakpoints when this query is issued,
1292 * because gdb is doing and initial connect and the state
1293 * should be cleaned up.
1295 gdb_breakpoint_remove_all();
1299 addr = strtoull(p, (char **)&p, 16);
1300 gdb_set_cpu_pc(s, addr);
1306 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1307 if (s->signal == -1)
1312 if (strncmp(p, "Cont", 4) == 0) {
1315 put_packet(s, "vCont;c;C;s;S");
1319 res = gdb_handle_vcont(s, p);
1322 if ((res == -EINVAL) || (res == -ERANGE)) {
1323 put_packet(s, "E22");
1326 goto unknown_command;
1330 goto unknown_command;
1333 /* Kill the target */
1334 error_report("QEMU: Terminated via GDBstub");
1338 gdb_breakpoint_remove_all();
1339 gdb_syscall_mode = GDB_SYS_DISABLED;
1341 put_packet(s, "OK");
1345 addr = strtoull(p, (char **)&p, 16);
1346 gdb_set_cpu_pc(s, addr);
1348 cpu_single_step(s->c_cpu, sstep_flags);
1356 ret = strtoull(p, (char **)&p, 16);
1359 err = strtoull(p, (char **)&p, 16);
1366 if (s->current_syscall_cb) {
1367 s->current_syscall_cb(s->c_cpu, ret, err);
1368 s->current_syscall_cb = NULL;
1371 put_packet(s, "T02");
1378 cpu_synchronize_state(s->g_cpu);
1380 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
1381 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1384 memtohex(buf, mem_buf, len);
1388 cpu_synchronize_state(s->g_cpu);
1389 registers = mem_buf;
1390 len = strlen(p) / 2;
1391 hextomem((uint8_t *)registers, p, len);
1392 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
1393 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1395 registers += reg_size;
1397 put_packet(s, "OK");
1400 addr = strtoull(p, (char **)&p, 16);
1403 len = strtoull(p, NULL, 16);
1405 /* memtohex() doubles the required space */
1406 if (len > MAX_PACKET_LENGTH / 2) {
1407 put_packet (s, "E22");
1411 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
1412 put_packet (s, "E14");
1414 memtohex(buf, mem_buf, len);
1419 addr = strtoull(p, (char **)&p, 16);
1422 len = strtoull(p, (char **)&p, 16);
1426 /* hextomem() reads 2*len bytes */
1427 if (len > strlen(p) / 2) {
1428 put_packet (s, "E22");
1431 hextomem(mem_buf, p, len);
1432 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
1434 put_packet(s, "E14");
1436 put_packet(s, "OK");
1440 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1441 This works, but can be very slow. Anything new enough to
1442 understand XML also knows how to use this properly. */
1444 goto unknown_command;
1445 addr = strtoull(p, (char **)&p, 16);
1446 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1448 memtohex(buf, mem_buf, reg_size);
1451 put_packet(s, "E14");
1456 goto unknown_command;
1457 addr = strtoull(p, (char **)&p, 16);
1460 reg_size = strlen(p) / 2;
1461 hextomem(mem_buf, p, reg_size);
1462 gdb_write_register(s->g_cpu, mem_buf, addr);
1463 put_packet(s, "OK");
1467 type = strtoul(p, (char **)&p, 16);
1470 addr = strtoull(p, (char **)&p, 16);
1473 len = strtoull(p, (char **)&p, 16);
1475 res = gdb_breakpoint_insert(addr, len, type);
1477 res = gdb_breakpoint_remove(addr, len, type);
1479 put_packet(s, "OK");
1480 else if (res == -ENOSYS)
1483 put_packet(s, "E22");
1488 thread_kind = read_thread_id(p, &p, &pid, &tid);
1489 if (thread_kind == GDB_READ_THREAD_ERR) {
1490 put_packet(s, "E22");
1494 if (thread_kind != GDB_ONE_THREAD) {
1495 put_packet(s, "OK");
1498 cpu = gdb_get_cpu(s, pid, tid);
1500 put_packet(s, "E22");
1506 put_packet(s, "OK");
1510 put_packet(s, "OK");
1513 put_packet(s, "E22");
1518 thread_kind = read_thread_id(p, &p, &pid, &tid);
1519 if (thread_kind == GDB_READ_THREAD_ERR) {
1520 put_packet(s, "E22");
1523 cpu = gdb_get_cpu(s, pid, tid);
1526 put_packet(s, "OK");
1528 put_packet(s, "E22");
1533 /* parse any 'q' packets here */
1534 if (!strcmp(p,"qemu.sstepbits")) {
1535 /* Query Breakpoint bit definitions */
1536 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1542 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1543 /* Display or change the sstep_flags */
1546 /* Display current setting */
1547 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1552 type = strtoul(p, (char **)&p, 16);
1554 put_packet(s, "OK");
1556 } else if (strcmp(p,"C") == 0) {
1557 /* "Current thread" remains vague in the spec, so always return
1558 * the first CPU (gdb returns the first thread). */
1559 put_packet(s, "QC1");
1561 } else if (strcmp(p,"fThreadInfo") == 0) {
1562 s->query_cpu = first_cpu;
1563 goto report_cpuinfo;
1564 } else if (strcmp(p,"sThreadInfo") == 0) {
1567 snprintf(buf, sizeof(buf), "m%x", cpu_gdb_index(s->query_cpu));
1569 s->query_cpu = CPU_NEXT(s->query_cpu);
1573 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1574 thread = strtoull(p+16, (char **)&p, 16);
1575 cpu = find_cpu(thread);
1577 cpu_synchronize_state(cpu);
1578 /* memtohex() doubles the required space */
1579 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1580 "CPU#%d [%s]", cpu->cpu_index,
1581 cpu->halted ? "halted " : "running");
1582 trace_gdbstub_op_extra_info((char *)mem_buf);
1583 memtohex(buf, mem_buf, len);
1588 #ifdef CONFIG_USER_ONLY
1589 else if (strcmp(p, "Offsets") == 0) {
1590 TaskState *ts = s->c_cpu->opaque;
1592 snprintf(buf, sizeof(buf),
1593 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1594 ";Bss=" TARGET_ABI_FMT_lx,
1595 ts->info->code_offset,
1596 ts->info->data_offset,
1597 ts->info->data_offset);
1601 #else /* !CONFIG_USER_ONLY */
1602 else if (strncmp(p, "Rcmd,", 5) == 0) {
1603 int len = strlen(p + 5);
1605 if ((len % 2) != 0) {
1606 put_packet(s, "E01");
1610 hextomem(mem_buf, p + 5, len);
1612 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1613 put_packet(s, "OK");
1616 #endif /* !CONFIG_USER_ONLY */
1617 if (is_query_packet(p, "Supported", ':')) {
1618 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1619 cc = CPU_GET_CLASS(first_cpu);
1620 if (cc->gdb_core_xml_file != NULL) {
1621 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1626 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1628 target_ulong total_len;
1630 cc = CPU_GET_CLASS(first_cpu);
1631 if (cc->gdb_core_xml_file == NULL) {
1632 goto unknown_command;
1637 xml = get_feature_xml(p, &p, cc);
1639 snprintf(buf, sizeof(buf), "E00");
1646 addr = strtoul(p, (char **)&p, 16);
1649 len = strtoul(p, (char **)&p, 16);
1651 total_len = strlen(xml);
1652 if (addr > total_len) {
1653 snprintf(buf, sizeof(buf), "E00");
1657 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1658 len = (MAX_PACKET_LENGTH - 5) / 2;
1659 if (len < total_len - addr) {
1661 len = memtox(buf + 1, xml + addr, len);
1664 len = memtox(buf + 1, xml + addr, total_len - addr);
1666 put_packet_binary(s, buf, len + 1, true);
1669 if (is_query_packet(p, "Attached", ':')) {
1670 put_packet(s, GDB_ATTACHED);
1673 /* Unrecognised 'q' command. */
1674 goto unknown_command;
1678 /* put empty packet */
1686 void gdb_set_stop_cpu(CPUState *cpu)
1688 gdbserver_state->c_cpu = cpu;
1689 gdbserver_state->g_cpu = cpu;
1692 #ifndef CONFIG_USER_ONLY
1693 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1695 GDBState *s = gdbserver_state;
1696 CPUState *cpu = s->c_cpu;
1701 if (running || s->state == RS_INACTIVE) {
1704 /* Is there a GDB syscall waiting to be sent? */
1705 if (s->current_syscall_cb) {
1706 put_packet(s, s->syscall_buf);
1710 case RUN_STATE_DEBUG:
1711 if (cpu->watchpoint_hit) {
1712 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1723 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
1724 (target_ulong)cpu->watchpoint_hit->vaddr);
1725 snprintf(buf, sizeof(buf),
1726 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1727 GDB_SIGNAL_TRAP, cpu_gdb_index(cpu), type,
1728 (target_ulong)cpu->watchpoint_hit->vaddr);
1729 cpu->watchpoint_hit = NULL;
1732 trace_gdbstub_hit_break();
1735 ret = GDB_SIGNAL_TRAP;
1737 case RUN_STATE_PAUSED:
1738 trace_gdbstub_hit_paused();
1739 ret = GDB_SIGNAL_INT;
1741 case RUN_STATE_SHUTDOWN:
1742 trace_gdbstub_hit_shutdown();
1743 ret = GDB_SIGNAL_QUIT;
1745 case RUN_STATE_IO_ERROR:
1746 trace_gdbstub_hit_io_error();
1747 ret = GDB_SIGNAL_IO;
1749 case RUN_STATE_WATCHDOG:
1750 trace_gdbstub_hit_watchdog();
1751 ret = GDB_SIGNAL_ALRM;
1753 case RUN_STATE_INTERNAL_ERROR:
1754 trace_gdbstub_hit_internal_error();
1755 ret = GDB_SIGNAL_ABRT;
1757 case RUN_STATE_SAVE_VM:
1758 case RUN_STATE_RESTORE_VM:
1760 case RUN_STATE_FINISH_MIGRATE:
1761 ret = GDB_SIGNAL_XCPU;
1764 trace_gdbstub_hit_unknown(state);
1765 ret = GDB_SIGNAL_UNKNOWN;
1768 gdb_set_stop_cpu(cpu);
1769 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_gdb_index(cpu));
1774 /* disable single step if it was enabled */
1775 cpu_single_step(cpu, 0);
1779 /* Send a gdb syscall request.
1780 This accepts limited printf-style format specifiers, specifically:
1781 %x - target_ulong argument printed in hex.
1782 %lx - 64-bit argument printed in hex.
1783 %s - string pointer (target_ulong) and length (int) pair. */
1784 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1792 s = gdbserver_state;
1795 s->current_syscall_cb = cb;
1796 #ifndef CONFIG_USER_ONLY
1797 vm_stop(RUN_STATE_DEBUG);
1800 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1807 addr = va_arg(va, target_ulong);
1808 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1811 if (*(fmt++) != 'x')
1813 i64 = va_arg(va, uint64_t);
1814 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1817 addr = va_arg(va, target_ulong);
1818 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1819 addr, va_arg(va, int));
1823 error_report("gdbstub: Bad syscall format string '%s'",
1832 #ifdef CONFIG_USER_ONLY
1833 put_packet(s, s->syscall_buf);
1834 /* Return control to gdb for it to process the syscall request.
1835 * Since the protocol requires that gdb hands control back to us
1836 * using a "here are the results" F packet, we don't need to check
1837 * gdb_handlesig's return value (which is the signal to deliver if
1838 * execution was resumed via a continue packet).
1840 gdb_handlesig(s->c_cpu, 0);
1842 /* In this case wait to send the syscall packet until notification that
1843 the CPU has stopped. This must be done because if the packet is sent
1844 now the reply from the syscall request could be received while the CPU
1845 is still in the running state, which can cause packets to be dropped
1846 and state transition 'T' packets to be sent while the syscall is still
1848 qemu_cpu_kick(s->c_cpu);
1852 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1857 gdb_do_syscallv(cb, fmt, va);
1861 static void gdb_read_byte(GDBState *s, int ch)
1865 #ifndef CONFIG_USER_ONLY
1866 if (s->last_packet_len) {
1867 /* Waiting for a response to the last packet. If we see the start
1868 of a new command then abandon the previous response. */
1870 trace_gdbstub_err_got_nack();
1871 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1872 } else if (ch == '+') {
1873 trace_gdbstub_io_got_ack();
1875 trace_gdbstub_io_got_unexpected((uint8_t)ch);
1878 if (ch == '+' || ch == '$')
1879 s->last_packet_len = 0;
1883 if (runstate_is_running()) {
1884 /* when the CPU is running, we cannot do anything except stop
1885 it when receiving a char */
1886 vm_stop(RUN_STATE_PAUSED);
1893 /* start of command packet */
1894 s->line_buf_index = 0;
1896 s->state = RS_GETLINE;
1898 trace_gdbstub_err_garbage((uint8_t)ch);
1903 /* start escape sequence */
1904 s->state = RS_GETLINE_ESC;
1906 } else if (ch == '*') {
1907 /* start run length encoding sequence */
1908 s->state = RS_GETLINE_RLE;
1910 } else if (ch == '#') {
1911 /* end of command, start of checksum*/
1912 s->state = RS_CHKSUM1;
1913 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1914 trace_gdbstub_err_overrun();
1917 /* unescaped command character */
1918 s->line_buf[s->line_buf_index++] = ch;
1922 case RS_GETLINE_ESC:
1924 /* unexpected end of command in escape sequence */
1925 s->state = RS_CHKSUM1;
1926 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1927 /* command buffer overrun */
1928 trace_gdbstub_err_overrun();
1931 /* parse escaped character and leave escape state */
1932 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
1934 s->state = RS_GETLINE;
1937 case RS_GETLINE_RLE:
1939 /* invalid RLE count encoding */
1940 trace_gdbstub_err_invalid_repeat((uint8_t)ch);
1941 s->state = RS_GETLINE;
1943 /* decode repeat length */
1944 int repeat = (unsigned char)ch - ' ' + 3;
1945 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
1946 /* that many repeats would overrun the command buffer */
1947 trace_gdbstub_err_overrun();
1949 } else if (s->line_buf_index < 1) {
1950 /* got a repeat but we have nothing to repeat */
1951 trace_gdbstub_err_invalid_rle();
1952 s->state = RS_GETLINE;
1954 /* repeat the last character */
1955 memset(s->line_buf + s->line_buf_index,
1956 s->line_buf[s->line_buf_index - 1], repeat);
1957 s->line_buf_index += repeat;
1959 s->state = RS_GETLINE;
1964 /* get high hex digit of checksum */
1965 if (!isxdigit(ch)) {
1966 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
1967 s->state = RS_GETLINE;
1970 s->line_buf[s->line_buf_index] = '\0';
1971 s->line_csum = fromhex(ch) << 4;
1972 s->state = RS_CHKSUM2;
1975 /* get low hex digit of checksum */
1976 if (!isxdigit(ch)) {
1977 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
1978 s->state = RS_GETLINE;
1981 s->line_csum |= fromhex(ch);
1983 if (s->line_csum != (s->line_sum & 0xff)) {
1984 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
1985 /* send NAK reply */
1987 put_buffer(s, &reply, 1);
1990 /* send ACK reply */
1992 put_buffer(s, &reply, 1);
1993 s->state = gdb_handle_packet(s, s->line_buf);
2002 /* Tell the remote gdb that the process has exited. */
2003 void gdb_exit(CPUArchState *env, int code)
2008 s = gdbserver_state;
2012 #ifdef CONFIG_USER_ONLY
2013 if (gdbserver_fd < 0 || s->fd < 0) {
2018 trace_gdbstub_op_exiting((uint8_t)code);
2020 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2023 #ifndef CONFIG_USER_ONLY
2024 qemu_chr_fe_deinit(&s->chr, true);
2029 * Create the process that will contain all the "orphan" CPUs (that are not
2030 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2031 * be attachable and thus will be invisible to the user.
2033 static void create_default_process(GDBState *s)
2035 GDBProcess *process;
2038 if (s->process_num) {
2039 max_pid = s->processes[s->process_num - 1].pid;
2042 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2043 process = &s->processes[s->process_num - 1];
2045 /* We need an available PID slot for this process */
2046 assert(max_pid < UINT32_MAX);
2048 process->pid = max_pid + 1;
2049 process->attached = false;
2052 #ifdef CONFIG_USER_ONLY
2054 gdb_handlesig(CPUState *cpu, int sig)
2060 s = gdbserver_state;
2061 if (gdbserver_fd < 0 || s->fd < 0) {
2065 /* disable single step if it was enabled */
2066 cpu_single_step(cpu, 0);
2070 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
2073 /* put_packet() might have detected that the peer terminated the
2081 s->running_state = 0;
2082 while (s->running_state == 0) {
2083 n = read(s->fd, buf, 256);
2087 for (i = 0; i < n; i++) {
2088 gdb_read_byte(s, buf[i]);
2091 /* XXX: Connection closed. Should probably wait for another
2092 connection before continuing. */
2105 /* Tell the remote gdb that the process has exited due to SIG. */
2106 void gdb_signalled(CPUArchState *env, int sig)
2111 s = gdbserver_state;
2112 if (gdbserver_fd < 0 || s->fd < 0) {
2116 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
2120 static bool gdb_accept(void)
2123 struct sockaddr_in sockaddr;
2128 len = sizeof(sockaddr);
2129 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
2130 if (fd < 0 && errno != EINTR) {
2133 } else if (fd >= 0) {
2134 qemu_set_cloexec(fd);
2139 /* set short latency */
2140 if (socket_set_nodelay(fd)) {
2141 perror("setsockopt");
2146 s = g_malloc0(sizeof(GDBState));
2147 s->c_cpu = first_cpu;
2148 s->g_cpu = first_cpu;
2149 create_default_process(s);
2151 gdb_has_xml = false;
2153 gdbserver_state = s;
2157 static int gdbserver_open(int port)
2159 struct sockaddr_in sockaddr;
2162 fd = socket(PF_INET, SOCK_STREAM, 0);
2167 qemu_set_cloexec(fd);
2169 socket_set_fast_reuse(fd);
2171 sockaddr.sin_family = AF_INET;
2172 sockaddr.sin_port = htons(port);
2173 sockaddr.sin_addr.s_addr = 0;
2174 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
2180 ret = listen(fd, 1);
2189 int gdbserver_start(int port)
2191 gdbserver_fd = gdbserver_open(port);
2192 if (gdbserver_fd < 0)
2194 /* accept connections */
2195 if (!gdb_accept()) {
2196 close(gdbserver_fd);
2203 /* Disable gdb stub for child processes. */
2204 void gdbserver_fork(CPUState *cpu)
2206 GDBState *s = gdbserver_state;
2208 if (gdbserver_fd < 0 || s->fd < 0) {
2213 cpu_breakpoint_remove_all(cpu, BP_GDB);
2214 cpu_watchpoint_remove_all(cpu, BP_GDB);
2217 static int gdb_chr_can_receive(void *opaque)
2219 /* We can handle an arbitrarily large amount of data.
2220 Pick the maximum packet size, which is as good as anything. */
2221 return MAX_PACKET_LENGTH;
2224 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
2228 for (i = 0; i < size; i++) {
2229 gdb_read_byte(gdbserver_state, buf[i]);
2233 static void gdb_chr_event(void *opaque, int event)
2236 case CHR_EVENT_OPENED:
2237 vm_stop(RUN_STATE_PAUSED);
2238 gdb_has_xml = false;
2245 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
2247 char buf[MAX_PACKET_LENGTH];
2250 if (len > (MAX_PACKET_LENGTH/2) - 1)
2251 len = (MAX_PACKET_LENGTH/2) - 1;
2252 memtohex(buf + 1, (uint8_t *)msg, len);
2256 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
2258 const char *p = (const char *)buf;
2261 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
2263 if (len <= max_sz) {
2264 gdb_monitor_output(gdbserver_state, p, len);
2267 gdb_monitor_output(gdbserver_state, p, max_sz);
2275 static void gdb_sigterm_handler(int signal)
2277 if (runstate_is_running()) {
2278 vm_stop(RUN_STATE_PAUSED);
2283 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
2284 bool *be_opened, Error **errp)
2289 static void char_gdb_class_init(ObjectClass *oc, void *data)
2291 ChardevClass *cc = CHARDEV_CLASS(oc);
2293 cc->internal = true;
2294 cc->open = gdb_monitor_open;
2295 cc->chr_write = gdb_monitor_write;
2298 #define TYPE_CHARDEV_GDB "chardev-gdb"
2300 static const TypeInfo char_gdb_type_info = {
2301 .name = TYPE_CHARDEV_GDB,
2302 .parent = TYPE_CHARDEV,
2303 .class_init = char_gdb_class_init,
2306 static int find_cpu_clusters(Object *child, void *opaque)
2308 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
2309 GDBState *s = (GDBState *) opaque;
2310 CPUClusterState *cluster = CPU_CLUSTER(child);
2311 GDBProcess *process;
2313 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2315 process = &s->processes[s->process_num - 1];
2318 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
2319 * runtime, we enforce here that the machine does not use a cluster ID
2320 * that would lead to PID 0.
2322 assert(cluster->cluster_id != UINT32_MAX);
2323 process->pid = cluster->cluster_id + 1;
2324 process->attached = false;
2329 return object_child_foreach(child, find_cpu_clusters, opaque);
2332 static int pid_order(const void *a, const void *b)
2334 GDBProcess *pa = (GDBProcess *) a;
2335 GDBProcess *pb = (GDBProcess *) b;
2337 if (pa->pid < pb->pid) {
2339 } else if (pa->pid > pb->pid) {
2346 static void create_processes(GDBState *s)
2348 object_child_foreach(object_get_root(), find_cpu_clusters, s);
2352 qsort(s->processes, s->process_num, sizeof(s->processes[0]), pid_order);
2355 create_default_process(s);
2358 static void cleanup_processes(GDBState *s)
2360 g_free(s->processes);
2362 s->processes = NULL;
2365 int gdbserver_start(const char *device)
2367 trace_gdbstub_op_start(device);
2370 char gdbstub_device_name[128];
2371 Chardev *chr = NULL;
2375 error_report("gdbstub: meaningless to attach gdb to a "
2376 "machine without any CPU.");
2382 if (strcmp(device, "none") != 0) {
2383 if (strstart(device, "tcp:", NULL)) {
2384 /* enforce required TCP attributes */
2385 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2386 "%s,nowait,nodelay,server", device);
2387 device = gdbstub_device_name;
2390 else if (strcmp(device, "stdio") == 0) {
2391 struct sigaction act;
2393 memset(&act, 0, sizeof(act));
2394 act.sa_handler = gdb_sigterm_handler;
2395 sigaction(SIGINT, &act, NULL);
2399 * FIXME: it's a bit weird to allow using a mux chardev here
2400 * and implicitly setup a monitor. We may want to break this.
2402 chr = qemu_chr_new_noreplay("gdb", device, true);
2407 s = gdbserver_state;
2409 s = g_malloc0(sizeof(GDBState));
2410 gdbserver_state = s;
2412 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2414 /* Initialize a monitor terminal for gdb */
2415 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
2416 NULL, &error_abort);
2417 monitor_init(mon_chr, 0);
2419 qemu_chr_fe_deinit(&s->chr, true);
2420 mon_chr = s->mon_chr;
2421 cleanup_processes(s);
2422 memset(s, 0, sizeof(GDBState));
2423 s->mon_chr = mon_chr;
2425 s->c_cpu = first_cpu;
2426 s->g_cpu = first_cpu;
2428 create_processes(s);
2431 qemu_chr_fe_init(&s->chr, chr, &error_abort);
2432 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
2433 gdb_chr_event, NULL, NULL, NULL, true);
2435 s->state = chr ? RS_IDLE : RS_INACTIVE;
2436 s->mon_chr = mon_chr;
2437 s->current_syscall_cb = NULL;
2442 void gdbserver_cleanup(void)
2444 if (gdbserver_state) {
2445 put_packet(gdbserver_state, "W00");
2449 static void register_types(void)
2451 type_register_static(&char_gdb_type_info);
2454 type_init(register_types);
projects / qemu.git / blob