4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/error-report.h"
22 #include "qemu/cutils.h"
23 #include "trace-root.h"
24 #ifdef CONFIG_USER_ONLY
27 #include "monitor/monitor.h"
28 #include "chardev/char.h"
29 #include "chardev/char-fe.h"
30 #include "sysemu/sysemu.h"
31 #include "exec/gdbstub.h"
32 #include "hw/cpu/cluster.h"
35 #define MAX_PACKET_LENGTH 4096
37 #include "qemu/sockets.h"
38 #include "sysemu/hw_accel.h"
39 #include "sysemu/kvm.h"
40 #include "exec/semihost.h"
41 #include "exec/exec-all.h"
43 #ifdef CONFIG_USER_ONLY
44 #define GDB_ATTACHED "0"
46 #define GDB_ATTACHED "1"
49 static inline int target_memory_rw_debug(CPUState
*cpu
, target_ulong addr
,
50 uint8_t *buf
, int len
, bool is_write
)
52 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
54 if (cc
->memory_rw_debug
) {
55 return cc
->memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
57 return cpu_memory_rw_debug(cpu
, addr
, buf
, len
, is_write
);
60 /* Return the GDB index for a given vCPU state.
62 * For user mode this is simply the thread id. In system mode GDB
63 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
65 static inline int cpu_gdb_index(CPUState
*cpu
)
67 #if defined(CONFIG_USER_ONLY)
68 TaskState
*ts
= (TaskState
*) cpu
->opaque
;
71 return cpu
->cpu_index
+ 1;
84 GDB_SIGNAL_UNKNOWN
= 143
87 #ifdef CONFIG_USER_ONLY
89 /* Map target signal numbers to GDB protocol signal numbers and vice
90 * versa. For user emulation's currently supported systems, we can
91 * assume most signals are defined.
94 static int gdb_signal_table
[] = {
254 /* In system mode we only need SIGINT and SIGTRAP; other signals
255 are not yet supported. */
262 static int gdb_signal_table
[] = {
272 #ifdef CONFIG_USER_ONLY
273 static int target_signal_to_gdb (int sig
)
276 for (i
= 0; i
< ARRAY_SIZE (gdb_signal_table
); i
++)
277 if (gdb_signal_table
[i
] == sig
)
279 return GDB_SIGNAL_UNKNOWN
;
283 static int gdb_signal_to_target (int sig
)
285 if (sig
< ARRAY_SIZE (gdb_signal_table
))
286 return gdb_signal_table
[sig
];
291 typedef struct GDBRegisterState
{
297 struct GDBRegisterState
*next
;
300 typedef struct GDBProcess
{
314 typedef struct GDBState
{
315 CPUState
*c_cpu
; /* current CPU for step/continue ops */
316 CPUState
*g_cpu
; /* current CPU for other ops */
317 CPUState
*query_cpu
; /* for q{f|s}ThreadInfo */
318 enum RSState state
; /* parsing state */
319 char line_buf
[MAX_PACKET_LENGTH
];
321 int line_sum
; /* running checksum */
322 int line_csum
; /* checksum at the end of the packet */
323 uint8_t last_packet
[MAX_PACKET_LENGTH
+ 4];
326 #ifdef CONFIG_USER_ONLY
334 GDBProcess
*processes
;
336 char syscall_buf
[256];
337 gdb_syscall_complete_cb current_syscall_cb
;
340 /* By default use no IRQs and no timers while single stepping so as to
341 * make single stepping like an ICE HW step.
343 static int sstep_flags
= SSTEP_ENABLE
|SSTEP_NOIRQ
|SSTEP_NOTIMER
;
345 static GDBState
*gdbserver_state
;
349 #ifdef CONFIG_USER_ONLY
350 /* XXX: This is not thread safe. Do we care? */
351 static int gdbserver_fd
= -1;
353 static int get_char(GDBState
*s
)
359 ret
= qemu_recv(s
->fd
, &ch
, 1, 0);
361 if (errno
== ECONNRESET
)
365 } else if (ret
== 0) {
383 /* Decide if either remote gdb syscalls or native file IO should be used. */
384 int use_gdb_syscalls(void)
386 SemihostingTarget target
= semihosting_get_target();
387 if (target
== SEMIHOSTING_TARGET_NATIVE
) {
388 /* -semihosting-config target=native */
390 } else if (target
== SEMIHOSTING_TARGET_GDB
) {
391 /* -semihosting-config target=gdb */
395 /* -semihosting-config target=auto */
396 /* On the first call check if gdb is connected and remember. */
397 if (gdb_syscall_mode
== GDB_SYS_UNKNOWN
) {
398 gdb_syscall_mode
= (gdbserver_state
? GDB_SYS_ENABLED
401 return gdb_syscall_mode
== GDB_SYS_ENABLED
;
404 /* Resume execution. */
405 static inline void gdb_continue(GDBState
*s
)
408 #ifdef CONFIG_USER_ONLY
409 s
->running_state
= 1;
410 trace_gdbstub_op_continue();
412 if (!runstate_needs_reset()) {
413 trace_gdbstub_op_continue();
420 * Resume execution, per CPU actions. For user-mode emulation it's
421 * equivalent to gdb_continue.
423 static int gdb_continue_partial(GDBState
*s
, char *newstates
)
427 #ifdef CONFIG_USER_ONLY
429 * This is not exactly accurate, but it's an improvement compared to the
430 * previous situation, where only one CPU would be single-stepped.
433 if (newstates
[cpu
->cpu_index
] == 's') {
434 trace_gdbstub_op_stepping(cpu
->cpu_index
);
435 cpu_single_step(cpu
, sstep_flags
);
438 s
->running_state
= 1;
442 if (!runstate_needs_reset()) {
443 if (vm_prepare_start()) {
448 switch (newstates
[cpu
->cpu_index
]) {
451 break; /* nothing to do here */
453 trace_gdbstub_op_stepping(cpu
->cpu_index
);
454 cpu_single_step(cpu
, sstep_flags
);
459 trace_gdbstub_op_continue_cpu(cpu
->cpu_index
);
470 qemu_clock_enable(QEMU_CLOCK_VIRTUAL
, true);
476 static void put_buffer(GDBState
*s
, const uint8_t *buf
, int len
)
478 #ifdef CONFIG_USER_ONLY
482 ret
= send(s
->fd
, buf
, len
, 0);
492 /* XXX this blocks entire thread. Rewrite to use
493 * qemu_chr_fe_write and background I/O callbacks */
494 qemu_chr_fe_write_all(&s
->chr
, buf
, len
);
498 static inline int fromhex(int v
)
500 if (v
>= '0' && v
<= '9')
502 else if (v
>= 'A' && v
<= 'F')
504 else if (v
>= 'a' && v
<= 'f')
510 static inline int tohex(int v
)
518 /* writes 2*len+1 bytes in buf */
519 static void memtohex(char *buf
, const uint8_t *mem
, int len
)
524 for(i
= 0; i
< len
; i
++) {
526 *q
++ = tohex(c
>> 4);
527 *q
++ = tohex(c
& 0xf);
532 static void hextomem(uint8_t *mem
, const char *buf
, int len
)
536 for(i
= 0; i
< len
; i
++) {
537 mem
[i
] = (fromhex(buf
[0]) << 4) | fromhex(buf
[1]);
542 static void hexdump(const char *buf
, int len
,
543 void (*trace_fn
)(size_t ofs
, char const *text
))
545 char line_buffer
[3 * 16 + 4 + 16 + 1];
548 for (i
= 0; i
< len
|| (i
& 0xF); ++i
) {
549 size_t byte_ofs
= i
& 15;
552 memset(line_buffer
, ' ', 3 * 16 + 4 + 16);
553 line_buffer
[3 * 16 + 4 + 16] = 0;
556 size_t col_group
= (i
>> 2) & 3;
557 size_t hex_col
= byte_ofs
* 3 + col_group
;
558 size_t txt_col
= 3 * 16 + 4 + byte_ofs
;
563 line_buffer
[hex_col
+ 0] = tohex((value
>> 4) & 0xF);
564 line_buffer
[hex_col
+ 1] = tohex((value
>> 0) & 0xF);
565 line_buffer
[txt_col
+ 0] = (value
>= ' ' && value
< 127)
571 trace_fn(i
& -16, line_buffer
);
575 /* return -1 if error, 0 if OK */
576 static int put_packet_binary(GDBState
*s
, const char *buf
, int len
, bool dump
)
581 if (dump
&& trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY
)) {
582 hexdump(buf
, len
, trace_gdbstub_io_binaryreply
);
591 for(i
= 0; i
< len
; i
++) {
595 *(p
++) = tohex((csum
>> 4) & 0xf);
596 *(p
++) = tohex((csum
) & 0xf);
598 s
->last_packet_len
= p
- s
->last_packet
;
599 put_buffer(s
, (uint8_t *)s
->last_packet
, s
->last_packet_len
);
601 #ifdef CONFIG_USER_ONLY
614 /* return -1 if error, 0 if OK */
615 static int put_packet(GDBState
*s
, const char *buf
)
617 trace_gdbstub_io_reply(buf
);
619 return put_packet_binary(s
, buf
, strlen(buf
), false);
622 /* Encode data using the encoding for 'x' packets. */
623 static int memtox(char *buf
, const char *mem
, int len
)
631 case '#': case '$': case '*': case '}':
643 static uint32_t gdb_get_cpu_pid(const GDBState
*s
, CPUState
*cpu
)
645 #ifndef CONFIG_USER_ONLY
646 gchar
*path
, *name
= NULL
;
648 CPUClusterState
*cluster
;
651 path
= object_get_canonical_path(OBJECT(cpu
));
654 /* Return the default process' PID */
655 ret
= s
->processes
[s
->process_num
- 1].pid
;
659 name
= object_get_canonical_path_component(OBJECT(cpu
));
660 assert(name
!= NULL
);
663 * Retrieve the CPU parent path by removing the last '/' and the CPU name
664 * from the CPU canonical path.
666 path
[strlen(path
) - strlen(name
) - 1] = '\0';
668 obj
= object_resolve_path_type(path
, TYPE_CPU_CLUSTER
, NULL
);
671 /* Return the default process' PID */
672 ret
= s
->processes
[s
->process_num
- 1].pid
;
676 cluster
= CPU_CLUSTER(obj
);
677 ret
= cluster
->cluster_id
+ 1;
686 /* TODO: In user mode, we should use the task state PID */
687 return s
->processes
[s
->process_num
- 1].pid
;
691 static GDBProcess
*gdb_get_process(const GDBState
*s
, uint32_t pid
)
696 /* 0 means any process, we take the first one */
697 return &s
->processes
[0];
700 for (i
= 0; i
< s
->process_num
; i
++) {
701 if (s
->processes
[i
].pid
== pid
) {
702 return &s
->processes
[i
];
709 static GDBProcess
*gdb_get_cpu_process(const GDBState
*s
, CPUState
*cpu
)
711 return gdb_get_process(s
, gdb_get_cpu_pid(s
, cpu
));
714 static CPUState
*find_cpu(uint32_t thread_id
)
719 if (cpu_gdb_index(cpu
) == thread_id
) {
727 static CPUState
*gdb_get_cpu(const GDBState
*s
, uint32_t pid
, uint32_t tid
)
733 /* 0 means any thread, we take the first one */
743 process
= gdb_get_cpu_process(s
, cpu
);
745 if (process
->pid
!= pid
) {
749 if (!process
->attached
) {
756 static const char *get_feature_xml(const char *p
, const char **newp
,
762 static char target_xml
[1024];
765 while (p
[len
] && p
[len
] != ':')
770 if (strncmp(p
, "target.xml", len
) == 0) {
771 /* Generate the XML description for this CPU. */
772 if (!target_xml
[0]) {
774 CPUState
*cpu
= first_cpu
;
776 pstrcat(target_xml
, sizeof(target_xml
),
777 "<?xml version=\"1.0\"?>"
778 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
780 if (cc
->gdb_arch_name
) {
781 gchar
*arch
= cc
->gdb_arch_name(cpu
);
782 pstrcat(target_xml
, sizeof(target_xml
), "<architecture>");
783 pstrcat(target_xml
, sizeof(target_xml
), arch
);
784 pstrcat(target_xml
, sizeof(target_xml
), "</architecture>");
787 pstrcat(target_xml
, sizeof(target_xml
), "<xi:include href=\"");
788 pstrcat(target_xml
, sizeof(target_xml
), cc
->gdb_core_xml_file
);
789 pstrcat(target_xml
, sizeof(target_xml
), "\"/>");
790 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
791 pstrcat(target_xml
, sizeof(target_xml
), "<xi:include href=\"");
792 pstrcat(target_xml
, sizeof(target_xml
), r
->xml
);
793 pstrcat(target_xml
, sizeof(target_xml
), "\"/>");
795 pstrcat(target_xml
, sizeof(target_xml
), "</target>");
799 if (cc
->gdb_get_dynamic_xml
) {
800 CPUState
*cpu
= first_cpu
;
801 char *xmlname
= g_strndup(p
, len
);
802 const char *xml
= cc
->gdb_get_dynamic_xml(cpu
, xmlname
);
810 name
= xml_builtin
[i
][0];
811 if (!name
|| (strncmp(name
, p
, len
) == 0 && strlen(name
) == len
))
814 return name
? xml_builtin
[i
][1] : NULL
;
817 static int gdb_read_register(CPUState
*cpu
, uint8_t *mem_buf
, int reg
)
819 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
820 CPUArchState
*env
= cpu
->env_ptr
;
823 if (reg
< cc
->gdb_num_core_regs
) {
824 return cc
->gdb_read_register(cpu
, mem_buf
, reg
);
827 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
828 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
829 return r
->get_reg(env
, mem_buf
, reg
- r
->base_reg
);
835 static int gdb_write_register(CPUState
*cpu
, uint8_t *mem_buf
, int reg
)
837 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
838 CPUArchState
*env
= cpu
->env_ptr
;
841 if (reg
< cc
->gdb_num_core_regs
) {
842 return cc
->gdb_write_register(cpu
, mem_buf
, reg
);
845 for (r
= cpu
->gdb_regs
; r
; r
= r
->next
) {
846 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
847 return r
->set_reg(env
, mem_buf
, reg
- r
->base_reg
);
853 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
854 specifies the first register number and these registers are included in
855 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
856 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
859 void gdb_register_coprocessor(CPUState
*cpu
,
860 gdb_reg_cb get_reg
, gdb_reg_cb set_reg
,
861 int num_regs
, const char *xml
, int g_pos
)
864 GDBRegisterState
**p
;
868 /* Check for duplicates. */
869 if (strcmp((*p
)->xml
, xml
) == 0)
874 s
= g_new0(GDBRegisterState
, 1);
875 s
->base_reg
= cpu
->gdb_num_regs
;
876 s
->num_regs
= num_regs
;
877 s
->get_reg
= get_reg
;
878 s
->set_reg
= set_reg
;
881 /* Add to end of list. */
882 cpu
->gdb_num_regs
+= num_regs
;
885 if (g_pos
!= s
->base_reg
) {
886 error_report("Error: Bad gdb register numbering for '%s', "
887 "expected %d got %d", xml
, g_pos
, s
->base_reg
);
889 cpu
->gdb_num_g_regs
= cpu
->gdb_num_regs
;
894 #ifndef CONFIG_USER_ONLY
895 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
896 static inline int xlat_gdb_type(CPUState
*cpu
, int gdbtype
)
898 static const int xlat
[] = {
899 [GDB_WATCHPOINT_WRITE
] = BP_GDB
| BP_MEM_WRITE
,
900 [GDB_WATCHPOINT_READ
] = BP_GDB
| BP_MEM_READ
,
901 [GDB_WATCHPOINT_ACCESS
] = BP_GDB
| BP_MEM_ACCESS
,
904 CPUClass
*cc
= CPU_GET_CLASS(cpu
);
905 int cputype
= xlat
[gdbtype
];
907 if (cc
->gdb_stop_before_watchpoint
) {
908 cputype
|= BP_STOP_BEFORE_ACCESS
;
914 static int gdb_breakpoint_insert(target_ulong addr
, target_ulong len
, int type
)
920 return kvm_insert_breakpoint(gdbserver_state
->c_cpu
, addr
, len
, type
);
924 case GDB_BREAKPOINT_SW
:
925 case GDB_BREAKPOINT_HW
:
927 err
= cpu_breakpoint_insert(cpu
, addr
, BP_GDB
, NULL
);
933 #ifndef CONFIG_USER_ONLY
934 case GDB_WATCHPOINT_WRITE
:
935 case GDB_WATCHPOINT_READ
:
936 case GDB_WATCHPOINT_ACCESS
:
938 err
= cpu_watchpoint_insert(cpu
, addr
, len
,
939 xlat_gdb_type(cpu
, type
), NULL
);
951 static int gdb_breakpoint_remove(target_ulong addr
, target_ulong len
, int type
)
957 return kvm_remove_breakpoint(gdbserver_state
->c_cpu
, addr
, len
, type
);
961 case GDB_BREAKPOINT_SW
:
962 case GDB_BREAKPOINT_HW
:
964 err
= cpu_breakpoint_remove(cpu
, addr
, BP_GDB
);
970 #ifndef CONFIG_USER_ONLY
971 case GDB_WATCHPOINT_WRITE
:
972 case GDB_WATCHPOINT_READ
:
973 case GDB_WATCHPOINT_ACCESS
:
975 err
= cpu_watchpoint_remove(cpu
, addr
, len
,
976 xlat_gdb_type(cpu
, type
));
987 static void gdb_breakpoint_remove_all(void)
992 kvm_remove_all_breakpoints(gdbserver_state
->c_cpu
);
997 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
998 #ifndef CONFIG_USER_ONLY
999 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
1004 static void gdb_set_cpu_pc(GDBState
*s
, target_ulong pc
)
1006 CPUState
*cpu
= s
->c_cpu
;
1008 cpu_synchronize_state(cpu
);
1009 cpu_set_pc(cpu
, pc
);
1012 static char *gdb_fmt_thread_id(const GDBState
*s
, CPUState
*cpu
,
1013 char *buf
, size_t buf_size
)
1015 if (s
->multiprocess
) {
1016 snprintf(buf
, buf_size
, "p%02x.%02x",
1017 gdb_get_cpu_pid(s
, cpu
), cpu_gdb_index(cpu
));
1019 snprintf(buf
, buf_size
, "%02x", cpu_gdb_index(cpu
));
1025 typedef enum GDBThreadIdKind
{
1027 GDB_ALL_THREADS
, /* One process, all threads */
1032 static GDBThreadIdKind
read_thread_id(const char *buf
, const char **end_buf
,
1033 uint32_t *pid
, uint32_t *tid
)
1040 ret
= qemu_strtoul(buf
, &buf
, 16, &p
);
1043 return GDB_READ_THREAD_ERR
;
1052 ret
= qemu_strtoul(buf
, &buf
, 16, &t
);
1055 return GDB_READ_THREAD_ERR
;
1061 return GDB_ALL_PROCESSES
;
1069 return GDB_ALL_THREADS
;
1076 return GDB_ONE_THREAD
;
1079 static int is_query_packet(const char *p
, const char *query
, char separator
)
1081 unsigned int query_len
= strlen(query
);
1083 return strncmp(p
, query
, query_len
) == 0 &&
1084 (p
[query_len
] == '\0' || p
[query_len
] == separator
);
1088 * gdb_handle_vcont - Parses and handles a vCont packet.
1089 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
1090 * a format error, 0 on success.
1092 static int gdb_handle_vcont(GDBState
*s
, const char *p
)
1094 int res
, idx
, signal
= 0;
1099 #ifdef CONFIG_USER_ONLY
1100 int max_cpus
= 1; /* global variable max_cpus exists only in system mode */
1103 max_cpus
= max_cpus
<= cpu
->cpu_index
? cpu
->cpu_index
+ 1 : max_cpus
;
1106 /* uninitialised CPUs stay 0 */
1107 newstates
= g_new0(char, max_cpus
);
1109 /* mark valid CPUs with 1 */
1111 newstates
[cpu
->cpu_index
] = 1;
1115 * res keeps track of what error we are returning, with -ENOTSUP meaning
1116 * that the command is unknown or unsupported, thus returning an empty
1117 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
1118 * or incorrect parameters passed.
1128 if (cur_action
== 'C' || cur_action
== 'S') {
1129 cur_action
= qemu_tolower(cur_action
);
1130 res
= qemu_strtoul(p
+ 1, &p
, 16, &tmp
);
1134 signal
= gdb_signal_to_target(tmp
);
1135 } else if (cur_action
!= 'c' && cur_action
!= 's') {
1136 /* unknown/invalid/unsupported command */
1140 /* thread specification. special values: (none), -1 = all; 0 = any */
1141 if ((p
[0] == ':' && p
[1] == '-' && p
[2] == '1') || (p
[0] != ':')) {
1145 for (idx
= 0; idx
< max_cpus
; idx
++) {
1146 if (newstates
[idx
] == 1) {
1147 newstates
[idx
] = cur_action
;
1150 } else if (*p
== ':') {
1152 res
= qemu_strtoul(p
, &p
, 16, &tmp
);
1157 /* 0 means any thread, so we pick the first valid CPU */
1158 cpu
= tmp
? find_cpu(tmp
) : first_cpu
;
1160 /* invalid CPU/thread specified */
1166 /* only use if no previous match occourred */
1167 if (newstates
[cpu
->cpu_index
] == 1) {
1168 newstates
[cpu
->cpu_index
] = cur_action
;
1173 gdb_continue_partial(s
, newstates
);
1181 static int gdb_handle_packet(GDBState
*s
, const char *line_buf
)
1188 int ch
, reg_size
, type
, res
;
1189 uint8_t mem_buf
[MAX_PACKET_LENGTH
];
1190 char buf
[sizeof(mem_buf
) + 1 /* trailing NUL */];
1193 target_ulong addr
, len
;
1194 GDBThreadIdKind thread_kind
;
1196 trace_gdbstub_io_command(line_buf
);
1202 /* TODO: Make this return the correct value for user-mode. */
1203 snprintf(buf
, sizeof(buf
), "T%02xthread:%s;", GDB_SIGNAL_TRAP
,
1204 gdb_fmt_thread_id(s
, s
->c_cpu
, thread_id
, sizeof(thread_id
)));
1206 /* Remove all the breakpoints when this query is issued,
1207 * because gdb is doing and initial connect and the state
1208 * should be cleaned up.
1210 gdb_breakpoint_remove_all();
1214 addr
= strtoull(p
, (char **)&p
, 16);
1215 gdb_set_cpu_pc(s
, addr
);
1221 s
->signal
= gdb_signal_to_target (strtoul(p
, (char **)&p
, 16));
1222 if (s
->signal
== -1)
1227 if (strncmp(p
, "Cont", 4) == 0) {
1230 put_packet(s
, "vCont;c;C;s;S");
1234 res
= gdb_handle_vcont(s
, p
);
1237 if ((res
== -EINVAL
) || (res
== -ERANGE
)) {
1238 put_packet(s
, "E22");
1241 goto unknown_command
;
1245 goto unknown_command
;
1248 /* Kill the target */
1249 error_report("QEMU: Terminated via GDBstub");
1253 gdb_breakpoint_remove_all();
1254 gdb_syscall_mode
= GDB_SYS_DISABLED
;
1256 put_packet(s
, "OK");
1260 addr
= strtoull(p
, (char **)&p
, 16);
1261 gdb_set_cpu_pc(s
, addr
);
1263 cpu_single_step(s
->c_cpu
, sstep_flags
);
1271 ret
= strtoull(p
, (char **)&p
, 16);
1274 err
= strtoull(p
, (char **)&p
, 16);
1281 if (s
->current_syscall_cb
) {
1282 s
->current_syscall_cb(s
->c_cpu
, ret
, err
);
1283 s
->current_syscall_cb
= NULL
;
1286 put_packet(s
, "T02");
1293 cpu_synchronize_state(s
->g_cpu
);
1295 for (addr
= 0; addr
< s
->g_cpu
->gdb_num_g_regs
; addr
++) {
1296 reg_size
= gdb_read_register(s
->g_cpu
, mem_buf
+ len
, addr
);
1299 memtohex(buf
, mem_buf
, len
);
1303 cpu_synchronize_state(s
->g_cpu
);
1304 registers
= mem_buf
;
1305 len
= strlen(p
) / 2;
1306 hextomem((uint8_t *)registers
, p
, len
);
1307 for (addr
= 0; addr
< s
->g_cpu
->gdb_num_g_regs
&& len
> 0; addr
++) {
1308 reg_size
= gdb_write_register(s
->g_cpu
, registers
, addr
);
1310 registers
+= reg_size
;
1312 put_packet(s
, "OK");
1315 addr
= strtoull(p
, (char **)&p
, 16);
1318 len
= strtoull(p
, NULL
, 16);
1320 /* memtohex() doubles the required space */
1321 if (len
> MAX_PACKET_LENGTH
/ 2) {
1322 put_packet (s
, "E22");
1326 if (target_memory_rw_debug(s
->g_cpu
, addr
, mem_buf
, len
, false) != 0) {
1327 put_packet (s
, "E14");
1329 memtohex(buf
, mem_buf
, len
);
1334 addr
= strtoull(p
, (char **)&p
, 16);
1337 len
= strtoull(p
, (char **)&p
, 16);
1341 /* hextomem() reads 2*len bytes */
1342 if (len
> strlen(p
) / 2) {
1343 put_packet (s
, "E22");
1346 hextomem(mem_buf
, p
, len
);
1347 if (target_memory_rw_debug(s
->g_cpu
, addr
, mem_buf
, len
,
1349 put_packet(s
, "E14");
1351 put_packet(s
, "OK");
1355 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1356 This works, but can be very slow. Anything new enough to
1357 understand XML also knows how to use this properly. */
1359 goto unknown_command
;
1360 addr
= strtoull(p
, (char **)&p
, 16);
1361 reg_size
= gdb_read_register(s
->g_cpu
, mem_buf
, addr
);
1363 memtohex(buf
, mem_buf
, reg_size
);
1366 put_packet(s
, "E14");
1371 goto unknown_command
;
1372 addr
= strtoull(p
, (char **)&p
, 16);
1375 reg_size
= strlen(p
) / 2;
1376 hextomem(mem_buf
, p
, reg_size
);
1377 gdb_write_register(s
->g_cpu
, mem_buf
, addr
);
1378 put_packet(s
, "OK");
1382 type
= strtoul(p
, (char **)&p
, 16);
1385 addr
= strtoull(p
, (char **)&p
, 16);
1388 len
= strtoull(p
, (char **)&p
, 16);
1390 res
= gdb_breakpoint_insert(addr
, len
, type
);
1392 res
= gdb_breakpoint_remove(addr
, len
, type
);
1394 put_packet(s
, "OK");
1395 else if (res
== -ENOSYS
)
1398 put_packet(s
, "E22");
1403 thread_kind
= read_thread_id(p
, &p
, &pid
, &tid
);
1404 if (thread_kind
== GDB_READ_THREAD_ERR
) {
1405 put_packet(s
, "E22");
1409 if (thread_kind
!= GDB_ONE_THREAD
) {
1410 put_packet(s
, "OK");
1413 cpu
= gdb_get_cpu(s
, pid
, tid
);
1415 put_packet(s
, "E22");
1421 put_packet(s
, "OK");
1425 put_packet(s
, "OK");
1428 put_packet(s
, "E22");
1433 thread_kind
= read_thread_id(p
, &p
, &pid
, &tid
);
1434 if (thread_kind
== GDB_READ_THREAD_ERR
) {
1435 put_packet(s
, "E22");
1438 cpu
= gdb_get_cpu(s
, pid
, tid
);
1441 put_packet(s
, "OK");
1443 put_packet(s
, "E22");
1448 /* parse any 'q' packets here */
1449 if (!strcmp(p
,"qemu.sstepbits")) {
1450 /* Query Breakpoint bit definitions */
1451 snprintf(buf
, sizeof(buf
), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1457 } else if (is_query_packet(p
, "qemu.sstep", '=')) {
1458 /* Display or change the sstep_flags */
1461 /* Display current setting */
1462 snprintf(buf
, sizeof(buf
), "0x%x", sstep_flags
);
1467 type
= strtoul(p
, (char **)&p
, 16);
1469 put_packet(s
, "OK");
1471 } else if (strcmp(p
,"C") == 0) {
1472 /* "Current thread" remains vague in the spec, so always return
1473 * the first CPU (gdb returns the first thread). */
1474 put_packet(s
, "QC1");
1476 } else if (strcmp(p
,"fThreadInfo") == 0) {
1477 s
->query_cpu
= first_cpu
;
1478 goto report_cpuinfo
;
1479 } else if (strcmp(p
,"sThreadInfo") == 0) {
1482 snprintf(buf
, sizeof(buf
), "m%x", cpu_gdb_index(s
->query_cpu
));
1484 s
->query_cpu
= CPU_NEXT(s
->query_cpu
);
1488 } else if (strncmp(p
,"ThreadExtraInfo,", 16) == 0) {
1489 thread
= strtoull(p
+16, (char **)&p
, 16);
1490 cpu
= find_cpu(thread
);
1492 cpu_synchronize_state(cpu
);
1493 /* memtohex() doubles the required space */
1494 len
= snprintf((char *)mem_buf
, sizeof(buf
) / 2,
1495 "CPU#%d [%s]", cpu
->cpu_index
,
1496 cpu
->halted
? "halted " : "running");
1497 trace_gdbstub_op_extra_info((char *)mem_buf
);
1498 memtohex(buf
, mem_buf
, len
);
1503 #ifdef CONFIG_USER_ONLY
1504 else if (strcmp(p
, "Offsets") == 0) {
1505 TaskState
*ts
= s
->c_cpu
->opaque
;
1507 snprintf(buf
, sizeof(buf
),
1508 "Text=" TARGET_ABI_FMT_lx
";Data=" TARGET_ABI_FMT_lx
1509 ";Bss=" TARGET_ABI_FMT_lx
,
1510 ts
->info
->code_offset
,
1511 ts
->info
->data_offset
,
1512 ts
->info
->data_offset
);
1516 #else /* !CONFIG_USER_ONLY */
1517 else if (strncmp(p
, "Rcmd,", 5) == 0) {
1518 int len
= strlen(p
+ 5);
1520 if ((len
% 2) != 0) {
1521 put_packet(s
, "E01");
1525 hextomem(mem_buf
, p
+ 5, len
);
1527 qemu_chr_be_write(s
->mon_chr
, mem_buf
, len
);
1528 put_packet(s
, "OK");
1531 #endif /* !CONFIG_USER_ONLY */
1532 if (is_query_packet(p
, "Supported", ':')) {
1533 snprintf(buf
, sizeof(buf
), "PacketSize=%x", MAX_PACKET_LENGTH
);
1534 cc
= CPU_GET_CLASS(first_cpu
);
1535 if (cc
->gdb_core_xml_file
!= NULL
) {
1536 pstrcat(buf
, sizeof(buf
), ";qXfer:features:read+");
1541 if (strncmp(p
, "Xfer:features:read:", 19) == 0) {
1543 target_ulong total_len
;
1545 cc
= CPU_GET_CLASS(first_cpu
);
1546 if (cc
->gdb_core_xml_file
== NULL
) {
1547 goto unknown_command
;
1552 xml
= get_feature_xml(p
, &p
, cc
);
1554 snprintf(buf
, sizeof(buf
), "E00");
1561 addr
= strtoul(p
, (char **)&p
, 16);
1564 len
= strtoul(p
, (char **)&p
, 16);
1566 total_len
= strlen(xml
);
1567 if (addr
> total_len
) {
1568 snprintf(buf
, sizeof(buf
), "E00");
1572 if (len
> (MAX_PACKET_LENGTH
- 5) / 2)
1573 len
= (MAX_PACKET_LENGTH
- 5) / 2;
1574 if (len
< total_len
- addr
) {
1576 len
= memtox(buf
+ 1, xml
+ addr
, len
);
1579 len
= memtox(buf
+ 1, xml
+ addr
, total_len
- addr
);
1581 put_packet_binary(s
, buf
, len
+ 1, true);
1584 if (is_query_packet(p
, "Attached", ':')) {
1585 put_packet(s
, GDB_ATTACHED
);
1588 /* Unrecognised 'q' command. */
1589 goto unknown_command
;
1593 /* put empty packet */
1601 void gdb_set_stop_cpu(CPUState
*cpu
)
1603 gdbserver_state
->c_cpu
= cpu
;
1604 gdbserver_state
->g_cpu
= cpu
;
1607 #ifndef CONFIG_USER_ONLY
1608 static void gdb_vm_state_change(void *opaque
, int running
, RunState state
)
1610 GDBState
*s
= gdbserver_state
;
1611 CPUState
*cpu
= s
->c_cpu
;
1616 if (running
|| s
->state
== RS_INACTIVE
) {
1619 /* Is there a GDB syscall waiting to be sent? */
1620 if (s
->current_syscall_cb
) {
1621 put_packet(s
, s
->syscall_buf
);
1625 case RUN_STATE_DEBUG
:
1626 if (cpu
->watchpoint_hit
) {
1627 switch (cpu
->watchpoint_hit
->flags
& BP_MEM_ACCESS
) {
1638 trace_gdbstub_hit_watchpoint(type
, cpu_gdb_index(cpu
),
1639 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
1640 snprintf(buf
, sizeof(buf
),
1641 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx
";",
1642 GDB_SIGNAL_TRAP
, cpu_gdb_index(cpu
), type
,
1643 (target_ulong
)cpu
->watchpoint_hit
->vaddr
);
1644 cpu
->watchpoint_hit
= NULL
;
1647 trace_gdbstub_hit_break();
1650 ret
= GDB_SIGNAL_TRAP
;
1652 case RUN_STATE_PAUSED
:
1653 trace_gdbstub_hit_paused();
1654 ret
= GDB_SIGNAL_INT
;
1656 case RUN_STATE_SHUTDOWN
:
1657 trace_gdbstub_hit_shutdown();
1658 ret
= GDB_SIGNAL_QUIT
;
1660 case RUN_STATE_IO_ERROR
:
1661 trace_gdbstub_hit_io_error();
1662 ret
= GDB_SIGNAL_IO
;
1664 case RUN_STATE_WATCHDOG
:
1665 trace_gdbstub_hit_watchdog();
1666 ret
= GDB_SIGNAL_ALRM
;
1668 case RUN_STATE_INTERNAL_ERROR
:
1669 trace_gdbstub_hit_internal_error();
1670 ret
= GDB_SIGNAL_ABRT
;
1672 case RUN_STATE_SAVE_VM
:
1673 case RUN_STATE_RESTORE_VM
:
1675 case RUN_STATE_FINISH_MIGRATE
:
1676 ret
= GDB_SIGNAL_XCPU
;
1679 trace_gdbstub_hit_unknown(state
);
1680 ret
= GDB_SIGNAL_UNKNOWN
;
1683 gdb_set_stop_cpu(cpu
);
1684 snprintf(buf
, sizeof(buf
), "T%02xthread:%02x;", ret
, cpu_gdb_index(cpu
));
1689 /* disable single step if it was enabled */
1690 cpu_single_step(cpu
, 0);
1694 /* Send a gdb syscall request.
1695 This accepts limited printf-style format specifiers, specifically:
1696 %x - target_ulong argument printed in hex.
1697 %lx - 64-bit argument printed in hex.
1698 %s - string pointer (target_ulong) and length (int) pair. */
1699 void gdb_do_syscallv(gdb_syscall_complete_cb cb
, const char *fmt
, va_list va
)
1707 s
= gdbserver_state
;
1710 s
->current_syscall_cb
= cb
;
1711 #ifndef CONFIG_USER_ONLY
1712 vm_stop(RUN_STATE_DEBUG
);
1715 p_end
= &s
->syscall_buf
[sizeof(s
->syscall_buf
)];
1722 addr
= va_arg(va
, target_ulong
);
1723 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
, addr
);
1726 if (*(fmt
++) != 'x')
1728 i64
= va_arg(va
, uint64_t);
1729 p
+= snprintf(p
, p_end
- p
, "%" PRIx64
, i64
);
1732 addr
= va_arg(va
, target_ulong
);
1733 p
+= snprintf(p
, p_end
- p
, TARGET_FMT_lx
"/%x",
1734 addr
, va_arg(va
, int));
1738 error_report("gdbstub: Bad syscall format string '%s'",
1747 #ifdef CONFIG_USER_ONLY
1748 put_packet(s
, s
->syscall_buf
);
1749 /* Return control to gdb for it to process the syscall request.
1750 * Since the protocol requires that gdb hands control back to us
1751 * using a "here are the results" F packet, we don't need to check
1752 * gdb_handlesig's return value (which is the signal to deliver if
1753 * execution was resumed via a continue packet).
1755 gdb_handlesig(s
->c_cpu
, 0);
1757 /* In this case wait to send the syscall packet until notification that
1758 the CPU has stopped. This must be done because if the packet is sent
1759 now the reply from the syscall request could be received while the CPU
1760 is still in the running state, which can cause packets to be dropped
1761 and state transition 'T' packets to be sent while the syscall is still
1763 qemu_cpu_kick(s
->c_cpu
);
1767 void gdb_do_syscall(gdb_syscall_complete_cb cb
, const char *fmt
, ...)
1772 gdb_do_syscallv(cb
, fmt
, va
);
1776 static void gdb_read_byte(GDBState
*s
, int ch
)
1780 #ifndef CONFIG_USER_ONLY
1781 if (s
->last_packet_len
) {
1782 /* Waiting for a response to the last packet. If we see the start
1783 of a new command then abandon the previous response. */
1785 trace_gdbstub_err_got_nack();
1786 put_buffer(s
, (uint8_t *)s
->last_packet
, s
->last_packet_len
);
1787 } else if (ch
== '+') {
1788 trace_gdbstub_io_got_ack();
1790 trace_gdbstub_io_got_unexpected((uint8_t)ch
);
1793 if (ch
== '+' || ch
== '$')
1794 s
->last_packet_len
= 0;
1798 if (runstate_is_running()) {
1799 /* when the CPU is running, we cannot do anything except stop
1800 it when receiving a char */
1801 vm_stop(RUN_STATE_PAUSED
);
1808 /* start of command packet */
1809 s
->line_buf_index
= 0;
1811 s
->state
= RS_GETLINE
;
1813 trace_gdbstub_err_garbage((uint8_t)ch
);
1818 /* start escape sequence */
1819 s
->state
= RS_GETLINE_ESC
;
1821 } else if (ch
== '*') {
1822 /* start run length encoding sequence */
1823 s
->state
= RS_GETLINE_RLE
;
1825 } else if (ch
== '#') {
1826 /* end of command, start of checksum*/
1827 s
->state
= RS_CHKSUM1
;
1828 } else if (s
->line_buf_index
>= sizeof(s
->line_buf
) - 1) {
1829 trace_gdbstub_err_overrun();
1832 /* unescaped command character */
1833 s
->line_buf
[s
->line_buf_index
++] = ch
;
1837 case RS_GETLINE_ESC
:
1839 /* unexpected end of command in escape sequence */
1840 s
->state
= RS_CHKSUM1
;
1841 } else if (s
->line_buf_index
>= sizeof(s
->line_buf
) - 1) {
1842 /* command buffer overrun */
1843 trace_gdbstub_err_overrun();
1846 /* parse escaped character and leave escape state */
1847 s
->line_buf
[s
->line_buf_index
++] = ch
^ 0x20;
1849 s
->state
= RS_GETLINE
;
1852 case RS_GETLINE_RLE
:
1854 /* invalid RLE count encoding */
1855 trace_gdbstub_err_invalid_repeat((uint8_t)ch
);
1856 s
->state
= RS_GETLINE
;
1858 /* decode repeat length */
1859 int repeat
= (unsigned char)ch
- ' ' + 3;
1860 if (s
->line_buf_index
+ repeat
>= sizeof(s
->line_buf
) - 1) {
1861 /* that many repeats would overrun the command buffer */
1862 trace_gdbstub_err_overrun();
1864 } else if (s
->line_buf_index
< 1) {
1865 /* got a repeat but we have nothing to repeat */
1866 trace_gdbstub_err_invalid_rle();
1867 s
->state
= RS_GETLINE
;
1869 /* repeat the last character */
1870 memset(s
->line_buf
+ s
->line_buf_index
,
1871 s
->line_buf
[s
->line_buf_index
- 1], repeat
);
1872 s
->line_buf_index
+= repeat
;
1874 s
->state
= RS_GETLINE
;
1879 /* get high hex digit of checksum */
1880 if (!isxdigit(ch
)) {
1881 trace_gdbstub_err_checksum_invalid((uint8_t)ch
);
1882 s
->state
= RS_GETLINE
;
1885 s
->line_buf
[s
->line_buf_index
] = '\0';
1886 s
->line_csum
= fromhex(ch
) << 4;
1887 s
->state
= RS_CHKSUM2
;
1890 /* get low hex digit of checksum */
1891 if (!isxdigit(ch
)) {
1892 trace_gdbstub_err_checksum_invalid((uint8_t)ch
);
1893 s
->state
= RS_GETLINE
;
1896 s
->line_csum
|= fromhex(ch
);
1898 if (s
->line_csum
!= (s
->line_sum
& 0xff)) {
1899 trace_gdbstub_err_checksum_incorrect(s
->line_sum
, s
->line_csum
);
1900 /* send NAK reply */
1902 put_buffer(s
, &reply
, 1);
1905 /* send ACK reply */
1907 put_buffer(s
, &reply
, 1);
1908 s
->state
= gdb_handle_packet(s
, s
->line_buf
);
1917 /* Tell the remote gdb that the process has exited. */
1918 void gdb_exit(CPUArchState
*env
, int code
)
1923 s
= gdbserver_state
;
1927 #ifdef CONFIG_USER_ONLY
1928 if (gdbserver_fd
< 0 || s
->fd
< 0) {
1933 trace_gdbstub_op_exiting((uint8_t)code
);
1935 snprintf(buf
, sizeof(buf
), "W%02x", (uint8_t)code
);
1938 #ifndef CONFIG_USER_ONLY
1939 qemu_chr_fe_deinit(&s
->chr
, true);
1944 * Create the process that will contain all the "orphan" CPUs (that are not
1945 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
1946 * be attachable and thus will be invisible to the user.
1948 static void create_default_process(GDBState
*s
)
1950 GDBProcess
*process
;
1953 if (s
->process_num
) {
1954 max_pid
= s
->processes
[s
->process_num
- 1].pid
;
1957 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
1958 process
= &s
->processes
[s
->process_num
- 1];
1960 /* We need an available PID slot for this process */
1961 assert(max_pid
< UINT32_MAX
);
1963 process
->pid
= max_pid
+ 1;
1964 process
->attached
= false;
1967 #ifdef CONFIG_USER_ONLY
1969 gdb_handlesig(CPUState
*cpu
, int sig
)
1975 s
= gdbserver_state
;
1976 if (gdbserver_fd
< 0 || s
->fd
< 0) {
1980 /* disable single step if it was enabled */
1981 cpu_single_step(cpu
, 0);
1985 snprintf(buf
, sizeof(buf
), "S%02x", target_signal_to_gdb(sig
));
1988 /* put_packet() might have detected that the peer terminated the
1996 s
->running_state
= 0;
1997 while (s
->running_state
== 0) {
1998 n
= read(s
->fd
, buf
, 256);
2002 for (i
= 0; i
< n
; i
++) {
2003 gdb_read_byte(s
, buf
[i
]);
2006 /* XXX: Connection closed. Should probably wait for another
2007 connection before continuing. */
2020 /* Tell the remote gdb that the process has exited due to SIG. */
2021 void gdb_signalled(CPUArchState
*env
, int sig
)
2026 s
= gdbserver_state
;
2027 if (gdbserver_fd
< 0 || s
->fd
< 0) {
2031 snprintf(buf
, sizeof(buf
), "X%02x", target_signal_to_gdb(sig
));
2035 static bool gdb_accept(void)
2038 struct sockaddr_in sockaddr
;
2043 len
= sizeof(sockaddr
);
2044 fd
= accept(gdbserver_fd
, (struct sockaddr
*)&sockaddr
, &len
);
2045 if (fd
< 0 && errno
!= EINTR
) {
2048 } else if (fd
>= 0) {
2049 qemu_set_cloexec(fd
);
2054 /* set short latency */
2055 if (socket_set_nodelay(fd
)) {
2056 perror("setsockopt");
2061 s
= g_malloc0(sizeof(GDBState
));
2062 s
->c_cpu
= first_cpu
;
2063 s
->g_cpu
= first_cpu
;
2064 create_default_process(s
);
2066 gdb_has_xml
= false;
2068 gdbserver_state
= s
;
2072 static int gdbserver_open(int port
)
2074 struct sockaddr_in sockaddr
;
2077 fd
= socket(PF_INET
, SOCK_STREAM
, 0);
2082 qemu_set_cloexec(fd
);
2084 socket_set_fast_reuse(fd
);
2086 sockaddr
.sin_family
= AF_INET
;
2087 sockaddr
.sin_port
= htons(port
);
2088 sockaddr
.sin_addr
.s_addr
= 0;
2089 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
2095 ret
= listen(fd
, 1);
2104 int gdbserver_start(int port
)
2106 gdbserver_fd
= gdbserver_open(port
);
2107 if (gdbserver_fd
< 0)
2109 /* accept connections */
2110 if (!gdb_accept()) {
2111 close(gdbserver_fd
);
2118 /* Disable gdb stub for child processes. */
2119 void gdbserver_fork(CPUState
*cpu
)
2121 GDBState
*s
= gdbserver_state
;
2123 if (gdbserver_fd
< 0 || s
->fd
< 0) {
2128 cpu_breakpoint_remove_all(cpu
, BP_GDB
);
2129 cpu_watchpoint_remove_all(cpu
, BP_GDB
);
2132 static int gdb_chr_can_receive(void *opaque
)
2134 /* We can handle an arbitrarily large amount of data.
2135 Pick the maximum packet size, which is as good as anything. */
2136 return MAX_PACKET_LENGTH
;
2139 static void gdb_chr_receive(void *opaque
, const uint8_t *buf
, int size
)
2143 for (i
= 0; i
< size
; i
++) {
2144 gdb_read_byte(gdbserver_state
, buf
[i
]);
2148 static void gdb_chr_event(void *opaque
, int event
)
2151 case CHR_EVENT_OPENED
:
2152 vm_stop(RUN_STATE_PAUSED
);
2153 gdb_has_xml
= false;
2160 static void gdb_monitor_output(GDBState
*s
, const char *msg
, int len
)
2162 char buf
[MAX_PACKET_LENGTH
];
2165 if (len
> (MAX_PACKET_LENGTH
/2) - 1)
2166 len
= (MAX_PACKET_LENGTH
/2) - 1;
2167 memtohex(buf
+ 1, (uint8_t *)msg
, len
);
2171 static int gdb_monitor_write(Chardev
*chr
, const uint8_t *buf
, int len
)
2173 const char *p
= (const char *)buf
;
2176 max_sz
= (sizeof(gdbserver_state
->last_packet
) - 2) / 2;
2178 if (len
<= max_sz
) {
2179 gdb_monitor_output(gdbserver_state
, p
, len
);
2182 gdb_monitor_output(gdbserver_state
, p
, max_sz
);
2190 static void gdb_sigterm_handler(int signal
)
2192 if (runstate_is_running()) {
2193 vm_stop(RUN_STATE_PAUSED
);
2198 static void gdb_monitor_open(Chardev
*chr
, ChardevBackend
*backend
,
2199 bool *be_opened
, Error
**errp
)
2204 static void char_gdb_class_init(ObjectClass
*oc
, void *data
)
2206 ChardevClass
*cc
= CHARDEV_CLASS(oc
);
2208 cc
->internal
= true;
2209 cc
->open
= gdb_monitor_open
;
2210 cc
->chr_write
= gdb_monitor_write
;
2213 #define TYPE_CHARDEV_GDB "chardev-gdb"
2215 static const TypeInfo char_gdb_type_info
= {
2216 .name
= TYPE_CHARDEV_GDB
,
2217 .parent
= TYPE_CHARDEV
,
2218 .class_init
= char_gdb_class_init
,
2221 static int find_cpu_clusters(Object
*child
, void *opaque
)
2223 if (object_dynamic_cast(child
, TYPE_CPU_CLUSTER
)) {
2224 GDBState
*s
= (GDBState
*) opaque
;
2225 CPUClusterState
*cluster
= CPU_CLUSTER(child
);
2226 GDBProcess
*process
;
2228 s
->processes
= g_renew(GDBProcess
, s
->processes
, ++s
->process_num
);
2230 process
= &s
->processes
[s
->process_num
- 1];
2233 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
2234 * runtime, we enforce here that the machine does not use a cluster ID
2235 * that would lead to PID 0.
2237 assert(cluster
->cluster_id
!= UINT32_MAX
);
2238 process
->pid
= cluster
->cluster_id
+ 1;
2239 process
->attached
= false;
2244 return object_child_foreach(child
, find_cpu_clusters
, opaque
);
2247 static int pid_order(const void *a
, const void *b
)
2249 GDBProcess
*pa
= (GDBProcess
*) a
;
2250 GDBProcess
*pb
= (GDBProcess
*) b
;
2252 if (pa
->pid
< pb
->pid
) {
2254 } else if (pa
->pid
> pb
->pid
) {
2261 static void create_processes(GDBState
*s
)
2263 object_child_foreach(object_get_root(), find_cpu_clusters
, s
);
2267 qsort(s
->processes
, s
->process_num
, sizeof(s
->processes
[0]), pid_order
);
2270 create_default_process(s
);
2273 static void cleanup_processes(GDBState
*s
)
2275 g_free(s
->processes
);
2277 s
->processes
= NULL
;
2280 int gdbserver_start(const char *device
)
2282 trace_gdbstub_op_start(device
);
2285 char gdbstub_device_name
[128];
2286 Chardev
*chr
= NULL
;
2290 error_report("gdbstub: meaningless to attach gdb to a "
2291 "machine without any CPU.");
2297 if (strcmp(device
, "none") != 0) {
2298 if (strstart(device
, "tcp:", NULL
)) {
2299 /* enforce required TCP attributes */
2300 snprintf(gdbstub_device_name
, sizeof(gdbstub_device_name
),
2301 "%s,nowait,nodelay,server", device
);
2302 device
= gdbstub_device_name
;
2305 else if (strcmp(device
, "stdio") == 0) {
2306 struct sigaction act
;
2308 memset(&act
, 0, sizeof(act
));
2309 act
.sa_handler
= gdb_sigterm_handler
;
2310 sigaction(SIGINT
, &act
, NULL
);
2314 * FIXME: it's a bit weird to allow using a mux chardev here
2315 * and implicitly setup a monitor. We may want to break this.
2317 chr
= qemu_chr_new_noreplay("gdb", device
, true);
2322 s
= gdbserver_state
;
2324 s
= g_malloc0(sizeof(GDBState
));
2325 gdbserver_state
= s
;
2327 qemu_add_vm_change_state_handler(gdb_vm_state_change
, NULL
);
2329 /* Initialize a monitor terminal for gdb */
2330 mon_chr
= qemu_chardev_new(NULL
, TYPE_CHARDEV_GDB
,
2331 NULL
, &error_abort
);
2332 monitor_init(mon_chr
, 0);
2334 qemu_chr_fe_deinit(&s
->chr
, true);
2335 mon_chr
= s
->mon_chr
;
2336 cleanup_processes(s
);
2337 memset(s
, 0, sizeof(GDBState
));
2338 s
->mon_chr
= mon_chr
;
2340 s
->c_cpu
= first_cpu
;
2341 s
->g_cpu
= first_cpu
;
2343 create_processes(s
);
2346 qemu_chr_fe_init(&s
->chr
, chr
, &error_abort
);
2347 qemu_chr_fe_set_handlers(&s
->chr
, gdb_chr_can_receive
, gdb_chr_receive
,
2348 gdb_chr_event
, NULL
, NULL
, NULL
, true);
2350 s
->state
= chr
? RS_IDLE
: RS_INACTIVE
;
2351 s
->mon_chr
= mon_chr
;
2352 s
->current_syscall_cb
= NULL
;
2357 void gdbserver_cleanup(void)
2359 if (gdbserver_state
) {
2360 put_packet(gdbserver_state
, "W00");
2364 static void register_types(void)
2366 type_register_static(&char_gdb_type_info
);
2369 type_init(register_types
);