4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/error-report.h"
22 #include "qemu/cutils.h"
23 #include "trace-root.h"
24 #ifdef CONFIG_USER_ONLY
27 #include "monitor/monitor.h"
28 #include "chardev/char.h"
29 #include "chardev/char-fe.h"
30 #include "sysemu/sysemu.h"
31 #include "exec/gdbstub.h"
32 #include "hw/cpu/cluster.h"
35 #define MAX_PACKET_LENGTH 4096
37 #include "qemu/sockets.h"
38 #include "sysemu/hw_accel.h"
39 #include "sysemu/kvm.h"
40 #include "exec/semihost.h"
41 #include "exec/exec-all.h"
43 #ifdef CONFIG_USER_ONLY
44 #define GDB_ATTACHED "0"
46 #define GDB_ATTACHED "1"
49 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
50 uint8_t *buf, int len, bool is_write)
52 CPUClass *cc = CPU_GET_CLASS(cpu);
54 if (cc->memory_rw_debug) {
55 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
57 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
60 /* Return the GDB index for a given vCPU state.
62 * For user mode this is simply the thread id. In system mode GDB
63 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
65 static inline int cpu_gdb_index(CPUState *cpu)
67 #if defined(CONFIG_USER_ONLY)
68 TaskState *ts = (TaskState *) cpu->opaque;
71 return cpu->cpu_index + 1;
84 GDB_SIGNAL_UNKNOWN = 143
87 #ifdef CONFIG_USER_ONLY
89 /* Map target signal numbers to GDB protocol signal numbers and vice
90 * versa. For user emulation's currently supported systems, we can
91 * assume most signals are defined.
94 static int gdb_signal_table[] = {
254 /* In system mode we only need SIGINT and SIGTRAP; other signals
255 are not yet supported. */
262 static int gdb_signal_table[] = {
272 #ifdef CONFIG_USER_ONLY
273 static int target_signal_to_gdb (int sig)
276 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
277 if (gdb_signal_table[i] == sig)
279 return GDB_SIGNAL_UNKNOWN;
283 static int gdb_signal_to_target (int sig)
285 if (sig < ARRAY_SIZE (gdb_signal_table))
286 return gdb_signal_table[sig];
291 typedef struct GDBRegisterState {
297 struct GDBRegisterState *next;
300 typedef struct GDBProcess {
304 char target_xml[1024];
316 typedef struct GDBState {
317 CPUState *c_cpu; /* current CPU for step/continue ops */
318 CPUState *g_cpu; /* current CPU for other ops */
319 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
320 enum RSState state; /* parsing state */
321 char line_buf[MAX_PACKET_LENGTH];
323 int line_sum; /* running checksum */
324 int line_csum; /* checksum at the end of the packet */
325 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
328 #ifdef CONFIG_USER_ONLY
336 GDBProcess *processes;
338 char syscall_buf[256];
339 gdb_syscall_complete_cb current_syscall_cb;
342 /* By default use no IRQs and no timers while single stepping so as to
343 * make single stepping like an ICE HW step.
345 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
347 static GDBState *gdbserver_state;
351 #ifdef CONFIG_USER_ONLY
352 /* XXX: This is not thread safe. Do we care? */
353 static int gdbserver_fd = -1;
355 static int get_char(GDBState *s)
361 ret = qemu_recv(s->fd, &ch, 1, 0);
363 if (errno == ECONNRESET)
367 } else if (ret == 0) {
385 /* Decide if either remote gdb syscalls or native file IO should be used. */
386 int use_gdb_syscalls(void)
388 SemihostingTarget target = semihosting_get_target();
389 if (target == SEMIHOSTING_TARGET_NATIVE) {
390 /* -semihosting-config target=native */
392 } else if (target == SEMIHOSTING_TARGET_GDB) {
393 /* -semihosting-config target=gdb */
397 /* -semihosting-config target=auto */
398 /* On the first call check if gdb is connected and remember. */
399 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
400 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
403 return gdb_syscall_mode == GDB_SYS_ENABLED;
406 /* Resume execution. */
407 static inline void gdb_continue(GDBState *s)
410 #ifdef CONFIG_USER_ONLY
411 s->running_state = 1;
412 trace_gdbstub_op_continue();
414 if (!runstate_needs_reset()) {
415 trace_gdbstub_op_continue();
422 * Resume execution, per CPU actions. For user-mode emulation it's
423 * equivalent to gdb_continue.
425 static int gdb_continue_partial(GDBState *s, char *newstates)
429 #ifdef CONFIG_USER_ONLY
431 * This is not exactly accurate, but it's an improvement compared to the
432 * previous situation, where only one CPU would be single-stepped.
435 if (newstates[cpu->cpu_index] == 's') {
436 trace_gdbstub_op_stepping(cpu->cpu_index);
437 cpu_single_step(cpu, sstep_flags);
440 s->running_state = 1;
444 if (!runstate_needs_reset()) {
445 if (vm_prepare_start()) {
450 switch (newstates[cpu->cpu_index]) {
453 break; /* nothing to do here */
455 trace_gdbstub_op_stepping(cpu->cpu_index);
456 cpu_single_step(cpu, sstep_flags);
461 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
472 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
478 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
480 #ifdef CONFIG_USER_ONLY
484 ret = send(s->fd, buf, len, 0);
494 /* XXX this blocks entire thread. Rewrite to use
495 * qemu_chr_fe_write and background I/O callbacks */
496 qemu_chr_fe_write_all(&s->chr, buf, len);
500 static inline int fromhex(int v)
502 if (v >= '0' && v <= '9')
504 else if (v >= 'A' && v <= 'F')
506 else if (v >= 'a' && v <= 'f')
512 static inline int tohex(int v)
520 /* writes 2*len+1 bytes in buf */
521 static void memtohex(char *buf, const uint8_t *mem, int len)
526 for(i = 0; i < len; i++) {
528 *q++ = tohex(c >> 4);
529 *q++ = tohex(c & 0xf);
534 static void hextomem(uint8_t *mem, const char *buf, int len)
538 for(i = 0; i < len; i++) {
539 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
544 static void hexdump(const char *buf, int len,
545 void (*trace_fn)(size_t ofs, char const *text))
547 char line_buffer[3 * 16 + 4 + 16 + 1];
550 for (i = 0; i < len || (i & 0xF); ++i) {
551 size_t byte_ofs = i & 15;
554 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
555 line_buffer[3 * 16 + 4 + 16] = 0;
558 size_t col_group = (i >> 2) & 3;
559 size_t hex_col = byte_ofs * 3 + col_group;
560 size_t txt_col = 3 * 16 + 4 + byte_ofs;
565 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
566 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
567 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
573 trace_fn(i & -16, line_buffer);
577 /* return -1 if error, 0 if OK */
578 static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
583 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
584 hexdump(buf, len, trace_gdbstub_io_binaryreply);
593 for(i = 0; i < len; i++) {
597 *(p++) = tohex((csum >> 4) & 0xf);
598 *(p++) = tohex((csum) & 0xf);
600 s->last_packet_len = p - s->last_packet;
601 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
603 #ifdef CONFIG_USER_ONLY
616 /* return -1 if error, 0 if OK */
617 static int put_packet(GDBState *s, const char *buf)
619 trace_gdbstub_io_reply(buf);
621 return put_packet_binary(s, buf, strlen(buf), false);
624 /* Encode data using the encoding for 'x' packets. */
625 static int memtox(char *buf, const char *mem, int len)
633 case '#': case '$': case '*': case '}':
645 static uint32_t gdb_get_cpu_pid(const GDBState *s, CPUState *cpu)
647 /* TODO: In user mode, we should use the task state PID */
648 if (cpu->cluster_index == UNASSIGNED_CLUSTER_INDEX) {
649 /* Return the default process' PID */
650 return s->processes[s->process_num - 1].pid;
652 return cpu->cluster_index + 1;
655 static GDBProcess *gdb_get_process(const GDBState *s, uint32_t pid)
660 /* 0 means any process, we take the first one */
661 return &s->processes[0];
664 for (i = 0; i < s->process_num; i++) {
665 if (s->processes[i].pid == pid) {
666 return &s->processes[i];
673 static GDBProcess *gdb_get_cpu_process(const GDBState *s, CPUState *cpu)
675 return gdb_get_process(s, gdb_get_cpu_pid(s, cpu));
678 static CPUState *find_cpu(uint32_t thread_id)
683 if (cpu_gdb_index(cpu) == thread_id) {
691 static CPUState *get_first_cpu_in_process(const GDBState *s,
697 if (gdb_get_cpu_pid(s, cpu) == process->pid) {
705 static CPUState *gdb_next_cpu_in_process(const GDBState *s, CPUState *cpu)
707 uint32_t pid = gdb_get_cpu_pid(s, cpu);
711 if (gdb_get_cpu_pid(s, cpu) == pid) {
721 /* Return the cpu following @cpu, while ignoring unattached processes. */
722 static CPUState *gdb_next_attached_cpu(const GDBState *s, CPUState *cpu)
727 if (gdb_get_cpu_process(s, cpu)->attached) {
737 /* Return the first attached cpu */
738 static CPUState *gdb_first_attached_cpu(const GDBState *s)
740 CPUState *cpu = first_cpu;
741 GDBProcess *process = gdb_get_cpu_process(s, cpu);
743 if (!process->attached) {
744 return gdb_next_attached_cpu(s, cpu);
750 static CPUState *gdb_get_cpu(const GDBState *s, uint32_t pid, uint32_t tid)
756 /* 0 means any process/thread, we take the first attached one */
757 return gdb_first_attached_cpu(s);
758 } else if (pid && !tid) {
759 /* any thread in a specific process */
760 process = gdb_get_process(s, pid);
762 if (process == NULL) {
766 if (!process->attached) {
770 return get_first_cpu_in_process(s, process);
772 /* a specific thread */
779 process = gdb_get_cpu_process(s, cpu);
781 if (pid && process->pid != pid) {
785 if (!process->attached) {
793 static const char *get_feature_xml(const GDBState *s, const char *p,
794 const char **newp, GDBProcess *process)
799 CPUState *cpu = get_first_cpu_in_process(s, process);
800 CPUClass *cc = CPU_GET_CLASS(cpu);
803 while (p[len] && p[len] != ':')
808 if (strncmp(p, "target.xml", len) == 0) {
809 char *buf = process->target_xml;
810 const size_t buf_sz = sizeof(process->target_xml);
812 /* Generate the XML description for this CPU. */
817 "<?xml version=\"1.0\"?>"
818 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
820 if (cc->gdb_arch_name) {
821 gchar *arch = cc->gdb_arch_name(cpu);
822 pstrcat(buf, buf_sz, "<architecture>");
823 pstrcat(buf, buf_sz, arch);
824 pstrcat(buf, buf_sz, "</architecture>");
827 pstrcat(buf, buf_sz, "<xi:include href=\"");
828 pstrcat(buf, buf_sz, cc->gdb_core_xml_file);
829 pstrcat(buf, buf_sz, "\"/>");
830 for (r = cpu->gdb_regs; r; r = r->next) {
831 pstrcat(buf, buf_sz, "<xi:include href=\"");
832 pstrcat(buf, buf_sz, r->xml);
833 pstrcat(buf, buf_sz, "\"/>");
835 pstrcat(buf, buf_sz, "</target>");
839 if (cc->gdb_get_dynamic_xml) {
840 char *xmlname = g_strndup(p, len);
841 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
849 name = xml_builtin[i][0];
850 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
853 return name ? xml_builtin[i][1] : NULL;
856 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
858 CPUClass *cc = CPU_GET_CLASS(cpu);
859 CPUArchState *env = cpu->env_ptr;
862 if (reg < cc->gdb_num_core_regs) {
863 return cc->gdb_read_register(cpu, mem_buf, reg);
866 for (r = cpu->gdb_regs; r; r = r->next) {
867 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
868 return r->get_reg(env, mem_buf, reg - r->base_reg);
874 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
876 CPUClass *cc = CPU_GET_CLASS(cpu);
877 CPUArchState *env = cpu->env_ptr;
880 if (reg < cc->gdb_num_core_regs) {
881 return cc->gdb_write_register(cpu, mem_buf, reg);
884 for (r = cpu->gdb_regs; r; r = r->next) {
885 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
886 return r->set_reg(env, mem_buf, reg - r->base_reg);
892 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
893 specifies the first register number and these registers are included in
894 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
895 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
898 void gdb_register_coprocessor(CPUState *cpu,
899 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
900 int num_regs, const char *xml, int g_pos)
903 GDBRegisterState **p;
907 /* Check for duplicates. */
908 if (strcmp((*p)->xml, xml) == 0)
913 s = g_new0(GDBRegisterState, 1);
914 s->base_reg = cpu->gdb_num_regs;
915 s->num_regs = num_regs;
916 s->get_reg = get_reg;
917 s->set_reg = set_reg;
920 /* Add to end of list. */
921 cpu->gdb_num_regs += num_regs;
924 if (g_pos != s->base_reg) {
925 error_report("Error: Bad gdb register numbering for '%s', "
926 "expected %d got %d", xml, g_pos, s->base_reg);
928 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
933 #ifndef CONFIG_USER_ONLY
934 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
935 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
937 static const int xlat[] = {
938 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
939 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
940 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
943 CPUClass *cc = CPU_GET_CLASS(cpu);
944 int cputype = xlat[gdbtype];
946 if (cc->gdb_stop_before_watchpoint) {
947 cputype |= BP_STOP_BEFORE_ACCESS;
953 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
959 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
963 case GDB_BREAKPOINT_SW:
964 case GDB_BREAKPOINT_HW:
966 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
972 #ifndef CONFIG_USER_ONLY
973 case GDB_WATCHPOINT_WRITE:
974 case GDB_WATCHPOINT_READ:
975 case GDB_WATCHPOINT_ACCESS:
977 err = cpu_watchpoint_insert(cpu, addr, len,
978 xlat_gdb_type(cpu, type), NULL);
990 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
996 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1000 case GDB_BREAKPOINT_SW:
1001 case GDB_BREAKPOINT_HW:
1003 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
1009 #ifndef CONFIG_USER_ONLY
1010 case GDB_WATCHPOINT_WRITE:
1011 case GDB_WATCHPOINT_READ:
1012 case GDB_WATCHPOINT_ACCESS:
1014 err = cpu_watchpoint_remove(cpu, addr, len,
1015 xlat_gdb_type(cpu, type));
1026 static inline void gdb_cpu_breakpoint_remove_all(CPUState *cpu)
1028 cpu_breakpoint_remove_all(cpu, BP_GDB);
1029 #ifndef CONFIG_USER_ONLY
1030 cpu_watchpoint_remove_all(cpu, BP_GDB);
1034 static void gdb_process_breakpoint_remove_all(const GDBState *s, GDBProcess *p)
1036 CPUState *cpu = get_first_cpu_in_process(s, p);
1039 gdb_cpu_breakpoint_remove_all(cpu);
1040 cpu = gdb_next_cpu_in_process(s, cpu);
1044 static void gdb_breakpoint_remove_all(void)
1048 if (kvm_enabled()) {
1049 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1054 gdb_cpu_breakpoint_remove_all(cpu);
1058 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1060 CPUState *cpu = s->c_cpu;
1062 cpu_synchronize_state(cpu);
1063 cpu_set_pc(cpu, pc);
1066 static char *gdb_fmt_thread_id(const GDBState *s, CPUState *cpu,
1067 char *buf, size_t buf_size)
1069 if (s->multiprocess) {
1070 snprintf(buf, buf_size, "p%02x.%02x",
1071 gdb_get_cpu_pid(s, cpu), cpu_gdb_index(cpu));
1073 snprintf(buf, buf_size, "%02x", cpu_gdb_index(cpu));
1079 typedef enum GDBThreadIdKind {
1081 GDB_ALL_THREADS, /* One process, all threads */
1086 static GDBThreadIdKind read_thread_id(const char *buf, const char **end_buf,
1087 uint32_t *pid, uint32_t *tid)
1094 ret = qemu_strtoul(buf, &buf, 16, &p);
1097 return GDB_READ_THREAD_ERR;
1106 ret = qemu_strtoul(buf, &buf, 16, &t);
1109 return GDB_READ_THREAD_ERR;
1115 return GDB_ALL_PROCESSES;
1123 return GDB_ALL_THREADS;
1130 return GDB_ONE_THREAD;
1133 static int is_query_packet(const char *p, const char *query, char separator)
1135 unsigned int query_len = strlen(query);
1137 return strncmp(p, query, query_len) == 0 &&
1138 (p[query_len] == '\0' || p[query_len] == separator);
1142 * gdb_handle_vcont - Parses and handles a vCont packet.
1143 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1144 * a format error, 0 on success.
1146 static int gdb_handle_vcont(GDBState *s, const char *p)
1148 int res, signal = 0;
1153 GDBProcess *process;
1155 #ifdef CONFIG_USER_ONLY
1156 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
1159 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
1162 /* uninitialised CPUs stay 0 */
1163 newstates = g_new0(char, max_cpus);
1165 /* mark valid CPUs with 1 */
1167 newstates[cpu->cpu_index] = 1;
1171 * res keeps track of what error we are returning, with -ENOTSUP meaning
1172 * that the command is unknown or unsupported, thus returning an empty
1173 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1174 * or incorrect parameters passed.
1184 if (cur_action == 'C' || cur_action == 'S') {
1185 cur_action = qemu_tolower(cur_action);
1186 res = qemu_strtoul(p + 1, &p, 16, &tmp);
1190 signal = gdb_signal_to_target(tmp);
1191 } else if (cur_action != 'c' && cur_action != 's') {
1192 /* unknown/invalid/unsupported command */
1202 switch (read_thread_id(p, &p, &pid, &tid)) {
1203 case GDB_READ_THREAD_ERR:
1207 case GDB_ALL_PROCESSES:
1208 cpu = gdb_first_attached_cpu(s);
1210 if (newstates[cpu->cpu_index] == 1) {
1211 newstates[cpu->cpu_index] = cur_action;
1214 cpu = gdb_next_attached_cpu(s, cpu);
1218 case GDB_ALL_THREADS:
1219 process = gdb_get_process(s, pid);
1221 if (!process->attached) {
1226 cpu = get_first_cpu_in_process(s, process);
1228 if (newstates[cpu->cpu_index] == 1) {
1229 newstates[cpu->cpu_index] = cur_action;
1232 cpu = gdb_next_cpu_in_process(s, cpu);
1236 case GDB_ONE_THREAD:
1237 cpu = gdb_get_cpu(s, pid, tid);
1239 /* invalid CPU/thread specified */
1245 /* only use if no previous match occourred */
1246 if (newstates[cpu->cpu_index] == 1) {
1247 newstates[cpu->cpu_index] = cur_action;
1253 gdb_continue_partial(s, newstates);
1261 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1264 GDBProcess *process;
1268 int ch, reg_size, type, res;
1269 uint8_t mem_buf[MAX_PACKET_LENGTH];
1270 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
1273 target_ulong addr, len;
1274 GDBThreadIdKind thread_kind;
1276 trace_gdbstub_io_command(line_buf);
1282 put_packet(s, "OK");
1285 /* TODO: Make this return the correct value for user-mode. */
1286 snprintf(buf, sizeof(buf), "T%02xthread:%s;", GDB_SIGNAL_TRAP,
1287 gdb_fmt_thread_id(s, s->c_cpu, thread_id, sizeof(thread_id)));
1289 /* Remove all the breakpoints when this query is issued,
1290 * because gdb is doing and initial connect and the state
1291 * should be cleaned up.
1293 gdb_breakpoint_remove_all();
1297 addr = strtoull(p, (char **)&p, 16);
1298 gdb_set_cpu_pc(s, addr);
1304 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1305 if (s->signal == -1)
1310 if (strncmp(p, "Cont", 4) == 0) {
1313 put_packet(s, "vCont;c;C;s;S");
1317 res = gdb_handle_vcont(s, p);
1320 if ((res == -EINVAL) || (res == -ERANGE)) {
1321 put_packet(s, "E22");
1324 goto unknown_command;
1327 } else if (strncmp(p, "Attach;", 7) == 0) {
1332 if (qemu_strtoul(p, &p, 16, &pid)) {
1333 put_packet(s, "E22");
1337 process = gdb_get_process(s, pid);
1339 if (process == NULL) {
1340 put_packet(s, "E22");
1344 cpu = get_first_cpu_in_process(s, process);
1347 /* Refuse to attach an empty process */
1348 put_packet(s, "E22");
1352 process->attached = true;
1357 snprintf(buf, sizeof(buf), "T%02xthread:%s;", GDB_SIGNAL_TRAP,
1358 gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id)));
1362 } else if (strncmp(p, "Kill;", 5) == 0) {
1363 /* Kill the target */
1364 error_report("QEMU: Terminated via GDBstub");
1367 goto unknown_command;
1370 /* Kill the target */
1371 error_report("QEMU: Terminated via GDBstub");
1377 if (s->multiprocess) {
1380 put_packet(s, "E22");
1384 if (qemu_strtoul(p + 1, &p, 16, &lpid)) {
1385 put_packet(s, "E22");
1392 process = gdb_get_process(s, pid);
1393 gdb_process_breakpoint_remove_all(s, process);
1394 process->attached = false;
1396 if (pid == gdb_get_cpu_pid(s, s->c_cpu)) {
1397 s->c_cpu = gdb_first_attached_cpu(s);
1400 if (pid == gdb_get_cpu_pid(s, s->g_cpu)) {
1401 s->g_cpu = gdb_first_attached_cpu(s);
1404 if (s->c_cpu == NULL) {
1405 /* No more process attached */
1406 gdb_syscall_mode = GDB_SYS_DISABLED;
1409 put_packet(s, "OK");
1413 addr = strtoull(p, (char **)&p, 16);
1414 gdb_set_cpu_pc(s, addr);
1416 cpu_single_step(s->c_cpu, sstep_flags);
1424 ret = strtoull(p, (char **)&p, 16);
1427 err = strtoull(p, (char **)&p, 16);
1434 if (s->current_syscall_cb) {
1435 s->current_syscall_cb(s->c_cpu, ret, err);
1436 s->current_syscall_cb = NULL;
1439 put_packet(s, "T02");
1446 cpu_synchronize_state(s->g_cpu);
1448 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
1449 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1452 memtohex(buf, mem_buf, len);
1456 cpu_synchronize_state(s->g_cpu);
1457 registers = mem_buf;
1458 len = strlen(p) / 2;
1459 hextomem((uint8_t *)registers, p, len);
1460 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
1461 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1463 registers += reg_size;
1465 put_packet(s, "OK");
1468 addr = strtoull(p, (char **)&p, 16);
1471 len = strtoull(p, NULL, 16);
1473 /* memtohex() doubles the required space */
1474 if (len > MAX_PACKET_LENGTH / 2) {
1475 put_packet (s, "E22");
1479 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
1480 put_packet (s, "E14");
1482 memtohex(buf, mem_buf, len);
1487 addr = strtoull(p, (char **)&p, 16);
1490 len = strtoull(p, (char **)&p, 16);
1494 /* hextomem() reads 2*len bytes */
1495 if (len > strlen(p) / 2) {
1496 put_packet (s, "E22");
1499 hextomem(mem_buf, p, len);
1500 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
1502 put_packet(s, "E14");
1504 put_packet(s, "OK");
1508 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1509 This works, but can be very slow. Anything new enough to
1510 understand XML also knows how to use this properly. */
1512 goto unknown_command;
1513 addr = strtoull(p, (char **)&p, 16);
1514 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1516 memtohex(buf, mem_buf, reg_size);
1519 put_packet(s, "E14");
1524 goto unknown_command;
1525 addr = strtoull(p, (char **)&p, 16);
1528 reg_size = strlen(p) / 2;
1529 hextomem(mem_buf, p, reg_size);
1530 gdb_write_register(s->g_cpu, mem_buf, addr);
1531 put_packet(s, "OK");
1535 type = strtoul(p, (char **)&p, 16);
1538 addr = strtoull(p, (char **)&p, 16);
1541 len = strtoull(p, (char **)&p, 16);
1543 res = gdb_breakpoint_insert(addr, len, type);
1545 res = gdb_breakpoint_remove(addr, len, type);
1547 put_packet(s, "OK");
1548 else if (res == -ENOSYS)
1551 put_packet(s, "E22");
1556 thread_kind = read_thread_id(p, &p, &pid, &tid);
1557 if (thread_kind == GDB_READ_THREAD_ERR) {
1558 put_packet(s, "E22");
1562 if (thread_kind != GDB_ONE_THREAD) {
1563 put_packet(s, "OK");
1566 cpu = gdb_get_cpu(s, pid, tid);
1568 put_packet(s, "E22");
1574 put_packet(s, "OK");
1578 put_packet(s, "OK");
1581 put_packet(s, "E22");
1586 thread_kind = read_thread_id(p, &p, &pid, &tid);
1587 if (thread_kind == GDB_READ_THREAD_ERR) {
1588 put_packet(s, "E22");
1591 cpu = gdb_get_cpu(s, pid, tid);
1594 put_packet(s, "OK");
1596 put_packet(s, "E22");
1601 /* parse any 'q' packets here */
1602 if (!strcmp(p,"qemu.sstepbits")) {
1603 /* Query Breakpoint bit definitions */
1604 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1610 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1611 /* Display or change the sstep_flags */
1614 /* Display current setting */
1615 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1620 type = strtoul(p, (char **)&p, 16);
1622 put_packet(s, "OK");
1624 } else if (strcmp(p,"C") == 0) {
1626 * "Current thread" remains vague in the spec, so always return
1627 * the first thread of the current process (gdb returns the
1630 cpu = get_first_cpu_in_process(s, gdb_get_cpu_process(s, s->g_cpu));
1631 snprintf(buf, sizeof(buf), "QC%s",
1632 gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id)));
1635 } else if (strcmp(p,"fThreadInfo") == 0) {
1636 s->query_cpu = gdb_first_attached_cpu(s);
1637 goto report_cpuinfo;
1638 } else if (strcmp(p,"sThreadInfo") == 0) {
1641 snprintf(buf, sizeof(buf), "m%s",
1642 gdb_fmt_thread_id(s, s->query_cpu,
1643 thread_id, sizeof(thread_id)));
1645 s->query_cpu = gdb_next_attached_cpu(s, s->query_cpu);
1649 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1650 if (read_thread_id(p + 16, &p, &pid, &tid) == GDB_READ_THREAD_ERR) {
1651 put_packet(s, "E22");
1654 cpu = gdb_get_cpu(s, pid, tid);
1656 cpu_synchronize_state(cpu);
1658 if (s->multiprocess && (s->process_num > 1)) {
1659 /* Print the CPU model and name in multiprocess mode */
1660 ObjectClass *oc = object_get_class(OBJECT(cpu));
1661 const char *cpu_model = object_class_get_name(oc);
1663 object_get_canonical_path_component(OBJECT(cpu));
1664 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1665 "%s %s [%s]", cpu_model, cpu_name,
1666 cpu->halted ? "halted " : "running");
1669 /* memtohex() doubles the required space */
1670 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1671 "CPU#%d [%s]", cpu->cpu_index,
1672 cpu->halted ? "halted " : "running");
1674 trace_gdbstub_op_extra_info((char *)mem_buf);
1675 memtohex(buf, mem_buf, len);
1680 #ifdef CONFIG_USER_ONLY
1681 else if (strcmp(p, "Offsets") == 0) {
1682 TaskState *ts = s->c_cpu->opaque;
1684 snprintf(buf, sizeof(buf),
1685 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1686 ";Bss=" TARGET_ABI_FMT_lx,
1687 ts->info->code_offset,
1688 ts->info->data_offset,
1689 ts->info->data_offset);
1693 #else /* !CONFIG_USER_ONLY */
1694 else if (strncmp(p, "Rcmd,", 5) == 0) {
1695 int len = strlen(p + 5);
1697 if ((len % 2) != 0) {
1698 put_packet(s, "E01");
1702 hextomem(mem_buf, p + 5, len);
1704 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1705 put_packet(s, "OK");
1708 #endif /* !CONFIG_USER_ONLY */
1709 if (is_query_packet(p, "Supported", ':')) {
1710 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1711 cc = CPU_GET_CLASS(first_cpu);
1712 if (cc->gdb_core_xml_file != NULL) {
1713 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1716 if (strstr(p, "multiprocess+")) {
1717 s->multiprocess = true;
1719 pstrcat(buf, sizeof(buf), ";multiprocess+");
1724 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1726 target_ulong total_len;
1728 process = gdb_get_cpu_process(s, s->g_cpu);
1729 cc = CPU_GET_CLASS(s->g_cpu);
1730 if (cc->gdb_core_xml_file == NULL) {
1731 goto unknown_command;
1736 xml = get_feature_xml(s, p, &p, process);
1738 snprintf(buf, sizeof(buf), "E00");
1745 addr = strtoul(p, (char **)&p, 16);
1748 len = strtoul(p, (char **)&p, 16);
1750 total_len = strlen(xml);
1751 if (addr > total_len) {
1752 snprintf(buf, sizeof(buf), "E00");
1756 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1757 len = (MAX_PACKET_LENGTH - 5) / 2;
1758 if (len < total_len - addr) {
1760 len = memtox(buf + 1, xml + addr, len);
1763 len = memtox(buf + 1, xml + addr, total_len - addr);
1765 put_packet_binary(s, buf, len + 1, true);
1768 if (is_query_packet(p, "Attached", ':')) {
1769 put_packet(s, GDB_ATTACHED);
1772 /* Unrecognised 'q' command. */
1773 goto unknown_command;
1777 /* put empty packet */
1785 void gdb_set_stop_cpu(CPUState *cpu)
1787 GDBProcess *p = gdb_get_cpu_process(gdbserver_state, cpu);
1791 * Having a stop CPU corresponding to a process that is not attached
1792 * confuses GDB. So we ignore the request.
1797 gdbserver_state->c_cpu = cpu;
1798 gdbserver_state->g_cpu = cpu;
1801 #ifndef CONFIG_USER_ONLY
1802 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1804 GDBState *s = gdbserver_state;
1805 CPUState *cpu = s->c_cpu;
1811 if (running || s->state == RS_INACTIVE) {
1814 /* Is there a GDB syscall waiting to be sent? */
1815 if (s->current_syscall_cb) {
1816 put_packet(s, s->syscall_buf);
1821 /* No process attached */
1825 gdb_fmt_thread_id(s, cpu, thread_id, sizeof(thread_id));
1828 case RUN_STATE_DEBUG:
1829 if (cpu->watchpoint_hit) {
1830 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1841 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
1842 (target_ulong)cpu->watchpoint_hit->vaddr);
1843 snprintf(buf, sizeof(buf),
1844 "T%02xthread:%s;%swatch:" TARGET_FMT_lx ";",
1845 GDB_SIGNAL_TRAP, thread_id, type,
1846 (target_ulong)cpu->watchpoint_hit->vaddr);
1847 cpu->watchpoint_hit = NULL;
1850 trace_gdbstub_hit_break();
1853 ret = GDB_SIGNAL_TRAP;
1855 case RUN_STATE_PAUSED:
1856 trace_gdbstub_hit_paused();
1857 ret = GDB_SIGNAL_INT;
1859 case RUN_STATE_SHUTDOWN:
1860 trace_gdbstub_hit_shutdown();
1861 ret = GDB_SIGNAL_QUIT;
1863 case RUN_STATE_IO_ERROR:
1864 trace_gdbstub_hit_io_error();
1865 ret = GDB_SIGNAL_IO;
1867 case RUN_STATE_WATCHDOG:
1868 trace_gdbstub_hit_watchdog();
1869 ret = GDB_SIGNAL_ALRM;
1871 case RUN_STATE_INTERNAL_ERROR:
1872 trace_gdbstub_hit_internal_error();
1873 ret = GDB_SIGNAL_ABRT;
1875 case RUN_STATE_SAVE_VM:
1876 case RUN_STATE_RESTORE_VM:
1878 case RUN_STATE_FINISH_MIGRATE:
1879 ret = GDB_SIGNAL_XCPU;
1882 trace_gdbstub_hit_unknown(state);
1883 ret = GDB_SIGNAL_UNKNOWN;
1886 gdb_set_stop_cpu(cpu);
1887 snprintf(buf, sizeof(buf), "T%02xthread:%s;", ret, thread_id);
1892 /* disable single step if it was enabled */
1893 cpu_single_step(cpu, 0);
1897 /* Send a gdb syscall request.
1898 This accepts limited printf-style format specifiers, specifically:
1899 %x - target_ulong argument printed in hex.
1900 %lx - 64-bit argument printed in hex.
1901 %s - string pointer (target_ulong) and length (int) pair. */
1902 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1910 s = gdbserver_state;
1913 s->current_syscall_cb = cb;
1914 #ifndef CONFIG_USER_ONLY
1915 vm_stop(RUN_STATE_DEBUG);
1918 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1925 addr = va_arg(va, target_ulong);
1926 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1929 if (*(fmt++) != 'x')
1931 i64 = va_arg(va, uint64_t);
1932 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1935 addr = va_arg(va, target_ulong);
1936 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1937 addr, va_arg(va, int));
1941 error_report("gdbstub: Bad syscall format string '%s'",
1950 #ifdef CONFIG_USER_ONLY
1951 put_packet(s, s->syscall_buf);
1952 /* Return control to gdb for it to process the syscall request.
1953 * Since the protocol requires that gdb hands control back to us
1954 * using a "here are the results" F packet, we don't need to check
1955 * gdb_handlesig's return value (which is the signal to deliver if
1956 * execution was resumed via a continue packet).
1958 gdb_handlesig(s->c_cpu, 0);
1960 /* In this case wait to send the syscall packet until notification that
1961 the CPU has stopped. This must be done because if the packet is sent
1962 now the reply from the syscall request could be received while the CPU
1963 is still in the running state, which can cause packets to be dropped
1964 and state transition 'T' packets to be sent while the syscall is still
1966 qemu_cpu_kick(s->c_cpu);
1970 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1975 gdb_do_syscallv(cb, fmt, va);
1979 static void gdb_read_byte(GDBState *s, int ch)
1983 #ifndef CONFIG_USER_ONLY
1984 if (s->last_packet_len) {
1985 /* Waiting for a response to the last packet. If we see the start
1986 of a new command then abandon the previous response. */
1988 trace_gdbstub_err_got_nack();
1989 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1990 } else if (ch == '+') {
1991 trace_gdbstub_io_got_ack();
1993 trace_gdbstub_io_got_unexpected((uint8_t)ch);
1996 if (ch == '+' || ch == '$')
1997 s->last_packet_len = 0;
2001 if (runstate_is_running()) {
2002 /* when the CPU is running, we cannot do anything except stop
2003 it when receiving a char */
2004 vm_stop(RUN_STATE_PAUSED);
2011 /* start of command packet */
2012 s->line_buf_index = 0;
2014 s->state = RS_GETLINE;
2016 trace_gdbstub_err_garbage((uint8_t)ch);
2021 /* start escape sequence */
2022 s->state = RS_GETLINE_ESC;
2024 } else if (ch == '*') {
2025 /* start run length encoding sequence */
2026 s->state = RS_GETLINE_RLE;
2028 } else if (ch == '#') {
2029 /* end of command, start of checksum*/
2030 s->state = RS_CHKSUM1;
2031 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2032 trace_gdbstub_err_overrun();
2035 /* unescaped command character */
2036 s->line_buf[s->line_buf_index++] = ch;
2040 case RS_GETLINE_ESC:
2042 /* unexpected end of command in escape sequence */
2043 s->state = RS_CHKSUM1;
2044 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2045 /* command buffer overrun */
2046 trace_gdbstub_err_overrun();
2049 /* parse escaped character and leave escape state */
2050 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
2052 s->state = RS_GETLINE;
2055 case RS_GETLINE_RLE:
2057 /* invalid RLE count encoding */
2058 trace_gdbstub_err_invalid_repeat((uint8_t)ch);
2059 s->state = RS_GETLINE;
2061 /* decode repeat length */
2062 int repeat = (unsigned char)ch - ' ' + 3;
2063 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
2064 /* that many repeats would overrun the command buffer */
2065 trace_gdbstub_err_overrun();
2067 } else if (s->line_buf_index < 1) {
2068 /* got a repeat but we have nothing to repeat */
2069 trace_gdbstub_err_invalid_rle();
2070 s->state = RS_GETLINE;
2072 /* repeat the last character */
2073 memset(s->line_buf + s->line_buf_index,
2074 s->line_buf[s->line_buf_index - 1], repeat);
2075 s->line_buf_index += repeat;
2077 s->state = RS_GETLINE;
2082 /* get high hex digit of checksum */
2083 if (!isxdigit(ch)) {
2084 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
2085 s->state = RS_GETLINE;
2088 s->line_buf[s->line_buf_index] = '\0';
2089 s->line_csum = fromhex(ch) << 4;
2090 s->state = RS_CHKSUM2;
2093 /* get low hex digit of checksum */
2094 if (!isxdigit(ch)) {
2095 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
2096 s->state = RS_GETLINE;
2099 s->line_csum |= fromhex(ch);
2101 if (s->line_csum != (s->line_sum & 0xff)) {
2102 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
2103 /* send NAK reply */
2105 put_buffer(s, &reply, 1);
2108 /* send ACK reply */
2110 put_buffer(s, &reply, 1);
2111 s->state = gdb_handle_packet(s, s->line_buf);
2120 /* Tell the remote gdb that the process has exited. */
2121 void gdb_exit(CPUArchState *env, int code)
2126 s = gdbserver_state;
2130 #ifdef CONFIG_USER_ONLY
2131 if (gdbserver_fd < 0 || s->fd < 0) {
2136 trace_gdbstub_op_exiting((uint8_t)code);
2138 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2141 #ifndef CONFIG_USER_ONLY
2142 qemu_chr_fe_deinit(&s->chr, true);
2147 * Create the process that will contain all the "orphan" CPUs (that are not
2148 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
2149 * be attachable and thus will be invisible to the user.
2151 static void create_default_process(GDBState *s)
2153 GDBProcess *process;
2156 if (s->process_num) {
2157 max_pid = s->processes[s->process_num - 1].pid;
2160 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2161 process = &s->processes[s->process_num - 1];
2163 /* We need an available PID slot for this process */
2164 assert(max_pid < UINT32_MAX);
2166 process->pid = max_pid + 1;
2167 process->attached = false;
2168 process->target_xml[0] = '\0';
2171 #ifdef CONFIG_USER_ONLY
2173 gdb_handlesig(CPUState *cpu, int sig)
2179 s = gdbserver_state;
2180 if (gdbserver_fd < 0 || s->fd < 0) {
2184 /* disable single step if it was enabled */
2185 cpu_single_step(cpu, 0);
2189 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
2192 /* put_packet() might have detected that the peer terminated the
2200 s->running_state = 0;
2201 while (s->running_state == 0) {
2202 n = read(s->fd, buf, 256);
2206 for (i = 0; i < n; i++) {
2207 gdb_read_byte(s, buf[i]);
2210 /* XXX: Connection closed. Should probably wait for another
2211 connection before continuing. */
2224 /* Tell the remote gdb that the process has exited due to SIG. */
2225 void gdb_signalled(CPUArchState *env, int sig)
2230 s = gdbserver_state;
2231 if (gdbserver_fd < 0 || s->fd < 0) {
2235 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
2239 static bool gdb_accept(void)
2242 struct sockaddr_in sockaddr;
2247 len = sizeof(sockaddr);
2248 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
2249 if (fd < 0 && errno != EINTR) {
2252 } else if (fd >= 0) {
2253 qemu_set_cloexec(fd);
2258 /* set short latency */
2259 if (socket_set_nodelay(fd)) {
2260 perror("setsockopt");
2265 s = g_malloc0(sizeof(GDBState));
2266 create_default_process(s);
2267 s->processes[0].attached = true;
2268 s->c_cpu = gdb_first_attached_cpu(s);
2269 s->g_cpu = s->c_cpu;
2271 gdb_has_xml = false;
2273 gdbserver_state = s;
2277 static int gdbserver_open(int port)
2279 struct sockaddr_in sockaddr;
2282 fd = socket(PF_INET, SOCK_STREAM, 0);
2287 qemu_set_cloexec(fd);
2289 socket_set_fast_reuse(fd);
2291 sockaddr.sin_family = AF_INET;
2292 sockaddr.sin_port = htons(port);
2293 sockaddr.sin_addr.s_addr = 0;
2294 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
2300 ret = listen(fd, 1);
2309 int gdbserver_start(int port)
2311 gdbserver_fd = gdbserver_open(port);
2312 if (gdbserver_fd < 0)
2314 /* accept connections */
2315 if (!gdb_accept()) {
2316 close(gdbserver_fd);
2323 /* Disable gdb stub for child processes. */
2324 void gdbserver_fork(CPUState *cpu)
2326 GDBState *s = gdbserver_state;
2328 if (gdbserver_fd < 0 || s->fd < 0) {
2333 cpu_breakpoint_remove_all(cpu, BP_GDB);
2334 cpu_watchpoint_remove_all(cpu, BP_GDB);
2337 static int gdb_chr_can_receive(void *opaque)
2339 /* We can handle an arbitrarily large amount of data.
2340 Pick the maximum packet size, which is as good as anything. */
2341 return MAX_PACKET_LENGTH;
2344 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
2348 for (i = 0; i < size; i++) {
2349 gdb_read_byte(gdbserver_state, buf[i]);
2353 static void gdb_chr_event(void *opaque, int event)
2356 GDBState *s = (GDBState *) opaque;
2359 case CHR_EVENT_OPENED:
2360 /* Start with first process attached, others detached */
2361 for (i = 0; i < s->process_num; i++) {
2362 s->processes[i].attached = !i;
2365 s->c_cpu = gdb_first_attached_cpu(s);
2366 s->g_cpu = s->c_cpu;
2368 vm_stop(RUN_STATE_PAUSED);
2369 gdb_has_xml = false;
2376 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
2378 char buf[MAX_PACKET_LENGTH];
2381 if (len > (MAX_PACKET_LENGTH/2) - 1)
2382 len = (MAX_PACKET_LENGTH/2) - 1;
2383 memtohex(buf + 1, (uint8_t *)msg, len);
2387 static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
2389 const char *p = (const char *)buf;
2392 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
2394 if (len <= max_sz) {
2395 gdb_monitor_output(gdbserver_state, p, len);
2398 gdb_monitor_output(gdbserver_state, p, max_sz);
2406 static void gdb_sigterm_handler(int signal)
2408 if (runstate_is_running()) {
2409 vm_stop(RUN_STATE_PAUSED);
2414 static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
2415 bool *be_opened, Error **errp)
2420 static void char_gdb_class_init(ObjectClass *oc, void *data)
2422 ChardevClass *cc = CHARDEV_CLASS(oc);
2424 cc->internal = true;
2425 cc->open = gdb_monitor_open;
2426 cc->chr_write = gdb_monitor_write;
2429 #define TYPE_CHARDEV_GDB "chardev-gdb"
2431 static const TypeInfo char_gdb_type_info = {
2432 .name = TYPE_CHARDEV_GDB,
2433 .parent = TYPE_CHARDEV,
2434 .class_init = char_gdb_class_init,
2437 static int find_cpu_clusters(Object *child, void *opaque)
2439 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
2440 GDBState *s = (GDBState *) opaque;
2441 CPUClusterState *cluster = CPU_CLUSTER(child);
2442 GDBProcess *process;
2444 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2446 process = &s->processes[s->process_num - 1];
2449 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
2450 * runtime, we enforce here that the machine does not use a cluster ID
2451 * that would lead to PID 0.
2453 assert(cluster->cluster_id != UINT32_MAX);
2454 process->pid = cluster->cluster_id + 1;
2455 process->attached = false;
2456 process->target_xml[0] = '\0';
2461 return object_child_foreach(child, find_cpu_clusters, opaque);
2464 static int pid_order(const void *a, const void *b)
2466 GDBProcess *pa = (GDBProcess *) a;
2467 GDBProcess *pb = (GDBProcess *) b;
2469 if (pa->pid < pb->pid) {
2471 } else if (pa->pid > pb->pid) {
2478 static void create_processes(GDBState *s)
2480 object_child_foreach(object_get_root(), find_cpu_clusters, s);
2484 qsort(s->processes, s->process_num, sizeof(s->processes[0]), pid_order);
2487 create_default_process(s);
2490 static void cleanup_processes(GDBState *s)
2492 g_free(s->processes);
2494 s->processes = NULL;
2497 int gdbserver_start(const char *device)
2499 trace_gdbstub_op_start(device);
2502 char gdbstub_device_name[128];
2503 Chardev *chr = NULL;
2507 error_report("gdbstub: meaningless to attach gdb to a "
2508 "machine without any CPU.");
2514 if (strcmp(device, "none") != 0) {
2515 if (strstart(device, "tcp:", NULL)) {
2516 /* enforce required TCP attributes */
2517 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2518 "%s,nowait,nodelay,server", device);
2519 device = gdbstub_device_name;
2522 else if (strcmp(device, "stdio") == 0) {
2523 struct sigaction act;
2525 memset(&act, 0, sizeof(act));
2526 act.sa_handler = gdb_sigterm_handler;
2527 sigaction(SIGINT, &act, NULL);
2531 * FIXME: it's a bit weird to allow using a mux chardev here
2532 * and implicitly setup a monitor. We may want to break this.
2534 chr = qemu_chr_new_noreplay("gdb", device, true);
2539 s = gdbserver_state;
2541 s = g_malloc0(sizeof(GDBState));
2542 gdbserver_state = s;
2544 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2546 /* Initialize a monitor terminal for gdb */
2547 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
2548 NULL, &error_abort);
2549 monitor_init(mon_chr, 0);
2551 qemu_chr_fe_deinit(&s->chr, true);
2552 mon_chr = s->mon_chr;
2553 cleanup_processes(s);
2554 memset(s, 0, sizeof(GDBState));
2555 s->mon_chr = mon_chr;
2558 create_processes(s);
2561 qemu_chr_fe_init(&s->chr, chr, &error_abort);
2562 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
2563 gdb_chr_event, NULL, s, NULL, true);
2565 s->state = chr ? RS_IDLE : RS_INACTIVE;
2566 s->mon_chr = mon_chr;
2567 s->current_syscall_cb = NULL;
2572 void gdbserver_cleanup(void)
2574 if (gdbserver_state) {
2575 put_packet(gdbserver_state, "W00");
2579 static void register_types(void)
2581 type_register_static(&char_gdb_type_info);
2584 type_init(register_types);
projects / qemu.git / blob