4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
43 #include "exec/semihost.h"
45 #ifdef CONFIG_USER_ONLY
46 #define GDB_ATTACHED "0"
48 #define GDB_ATTACHED "1"
51 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
52 uint8_t *buf, int len, bool is_write)
54 CPUClass *cc = CPU_GET_CLASS(cpu);
56 if (cc->memory_rw_debug) {
57 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
59 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
71 GDB_SIGNAL_UNKNOWN = 143
74 #ifdef CONFIG_USER_ONLY
76 /* Map target signal numbers to GDB protocol signal numbers and vice
77 * versa. For user emulation's currently supported systems, we can
78 * assume most signals are defined.
81 static int gdb_signal_table[] = {
241 /* In system mode we only need SIGINT and SIGTRAP; other signals
242 are not yet supported. */
249 static int gdb_signal_table[] = {
259 #ifdef CONFIG_USER_ONLY
260 static int target_signal_to_gdb (int sig)
263 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
264 if (gdb_signal_table[i] == sig)
266 return GDB_SIGNAL_UNKNOWN;
270 static int gdb_signal_to_target (int sig)
272 if (sig < ARRAY_SIZE (gdb_signal_table))
273 return gdb_signal_table[sig];
280 typedef struct GDBRegisterState {
286 struct GDBRegisterState *next;
296 typedef struct GDBState {
297 CPUState *c_cpu; /* current CPU for step/continue ops */
298 CPUState *g_cpu; /* current CPU for other ops */
299 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
300 enum RSState state; /* parsing state */
301 char line_buf[MAX_PACKET_LENGTH];
304 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
307 #ifdef CONFIG_USER_ONLY
311 CharDriverState *chr;
312 CharDriverState *mon_chr;
314 char syscall_buf[256];
315 gdb_syscall_complete_cb current_syscall_cb;
318 /* By default use no IRQs and no timers while single stepping so as to
319 * make single stepping like an ICE HW step.
321 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
323 static GDBState *gdbserver_state;
327 #ifdef CONFIG_USER_ONLY
328 /* XXX: This is not thread safe. Do we care? */
329 static int gdbserver_fd = -1;
331 static int get_char(GDBState *s)
337 ret = qemu_recv(s->fd, &ch, 1, 0);
339 if (errno == ECONNRESET)
341 if (errno != EINTR && errno != EAGAIN)
343 } else if (ret == 0) {
361 /* Decide if either remote gdb syscalls or native file IO should be used. */
362 int use_gdb_syscalls(void)
364 SemihostingTarget target = semihosting_get_target();
365 if (target == SEMIHOSTING_TARGET_NATIVE) {
366 /* -semihosting-config target=native */
368 } else if (target == SEMIHOSTING_TARGET_GDB) {
369 /* -semihosting-config target=gdb */
373 /* -semihosting-config target=auto */
374 /* On the first call check if gdb is connected and remember. */
375 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
376 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
379 return gdb_syscall_mode == GDB_SYS_ENABLED;
382 /* Resume execution. */
383 static inline void gdb_continue(GDBState *s)
385 #ifdef CONFIG_USER_ONLY
386 s->running_state = 1;
388 if (!runstate_needs_reset()) {
394 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
396 #ifdef CONFIG_USER_ONLY
400 ret = send(s->fd, buf, len, 0);
402 if (errno != EINTR && errno != EAGAIN)
410 qemu_chr_fe_write(s->chr, buf, len);
414 static inline int fromhex(int v)
416 if (v >= '0' && v <= '9')
418 else if (v >= 'A' && v <= 'F')
420 else if (v >= 'a' && v <= 'f')
426 static inline int tohex(int v)
434 static void memtohex(char *buf, const uint8_t *mem, int len)
439 for(i = 0; i < len; i++) {
441 *q++ = tohex(c >> 4);
442 *q++ = tohex(c & 0xf);
447 static void hextomem(uint8_t *mem, const char *buf, int len)
451 for(i = 0; i < len; i++) {
452 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
457 /* return -1 if error, 0 if OK */
458 static int put_packet_binary(GDBState *s, const char *buf, int len)
469 for(i = 0; i < len; i++) {
473 *(p++) = tohex((csum >> 4) & 0xf);
474 *(p++) = tohex((csum) & 0xf);
476 s->last_packet_len = p - s->last_packet;
477 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
479 #ifdef CONFIG_USER_ONLY
492 /* return -1 if error, 0 if OK */
493 static int put_packet(GDBState *s, const char *buf)
496 printf("reply='%s'\n", buf);
499 return put_packet_binary(s, buf, strlen(buf));
502 /* Encode data using the encoding for 'x' packets. */
503 static int memtox(char *buf, const char *mem, int len)
511 case '#': case '$': case '*': case '}':
523 static const char *get_feature_xml(const char *p, const char **newp,
529 static char target_xml[1024];
532 while (p[len] && p[len] != ':')
537 if (strncmp(p, "target.xml", len) == 0) {
538 /* Generate the XML description for this CPU. */
539 if (!target_xml[0]) {
541 CPUState *cpu = first_cpu;
543 snprintf(target_xml, sizeof(target_xml),
544 "<?xml version=\"1.0\"?>"
545 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
547 "<xi:include href=\"%s\"/>",
548 cc->gdb_core_xml_file);
550 for (r = cpu->gdb_regs; r; r = r->next) {
551 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
552 pstrcat(target_xml, sizeof(target_xml), r->xml);
553 pstrcat(target_xml, sizeof(target_xml), "\"/>");
555 pstrcat(target_xml, sizeof(target_xml), "</target>");
560 name = xml_builtin[i][0];
561 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
564 return name ? xml_builtin[i][1] : NULL;
567 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
569 CPUClass *cc = CPU_GET_CLASS(cpu);
570 CPUArchState *env = cpu->env_ptr;
573 if (reg < cc->gdb_num_core_regs) {
574 return cc->gdb_read_register(cpu, mem_buf, reg);
577 for (r = cpu->gdb_regs; r; r = r->next) {
578 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
579 return r->get_reg(env, mem_buf, reg - r->base_reg);
585 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
587 CPUClass *cc = CPU_GET_CLASS(cpu);
588 CPUArchState *env = cpu->env_ptr;
591 if (reg < cc->gdb_num_core_regs) {
592 return cc->gdb_write_register(cpu, mem_buf, reg);
595 for (r = cpu->gdb_regs; r; r = r->next) {
596 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
597 return r->set_reg(env, mem_buf, reg - r->base_reg);
603 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
604 specifies the first register number and these registers are included in
605 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
606 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
609 void gdb_register_coprocessor(CPUState *cpu,
610 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
611 int num_regs, const char *xml, int g_pos)
614 GDBRegisterState **p;
618 /* Check for duplicates. */
619 if (strcmp((*p)->xml, xml) == 0)
624 s = g_new0(GDBRegisterState, 1);
625 s->base_reg = cpu->gdb_num_regs;
626 s->num_regs = num_regs;
627 s->get_reg = get_reg;
628 s->set_reg = set_reg;
631 /* Add to end of list. */
632 cpu->gdb_num_regs += num_regs;
635 if (g_pos != s->base_reg) {
636 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
637 "Expected %d got %d\n", xml, g_pos, s->base_reg);
639 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
644 #ifndef CONFIG_USER_ONLY
645 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
646 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
648 static const int xlat[] = {
649 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
650 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
651 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
654 CPUClass *cc = CPU_GET_CLASS(cpu);
655 int cputype = xlat[gdbtype];
657 if (cc->gdb_stop_before_watchpoint) {
658 cputype |= BP_STOP_BEFORE_ACCESS;
664 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
670 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
674 case GDB_BREAKPOINT_SW:
675 case GDB_BREAKPOINT_HW:
677 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
683 #ifndef CONFIG_USER_ONLY
684 case GDB_WATCHPOINT_WRITE:
685 case GDB_WATCHPOINT_READ:
686 case GDB_WATCHPOINT_ACCESS:
688 err = cpu_watchpoint_insert(cpu, addr, len,
689 xlat_gdb_type(cpu, type), NULL);
701 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
707 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
711 case GDB_BREAKPOINT_SW:
712 case GDB_BREAKPOINT_HW:
714 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
720 #ifndef CONFIG_USER_ONLY
721 case GDB_WATCHPOINT_WRITE:
722 case GDB_WATCHPOINT_READ:
723 case GDB_WATCHPOINT_ACCESS:
725 err = cpu_watchpoint_remove(cpu, addr, len,
726 xlat_gdb_type(cpu, type));
737 static void gdb_breakpoint_remove_all(void)
742 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
747 cpu_breakpoint_remove_all(cpu, BP_GDB);
748 #ifndef CONFIG_USER_ONLY
749 cpu_watchpoint_remove_all(cpu, BP_GDB);
754 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
756 CPUState *cpu = s->c_cpu;
758 cpu_synchronize_state(cpu);
762 static CPUState *find_cpu(uint32_t thread_id)
767 if (cpu_index(cpu) == thread_id) {
775 static int is_query_packet(const char *p, const char *query, char separator)
777 unsigned int query_len = strlen(query);
779 return strncmp(p, query, query_len) == 0 &&
780 (p[query_len] == '\0' || p[query_len] == separator);
783 static int gdb_handle_packet(GDBState *s, const char *line_buf)
789 int ch, reg_size, type, res;
790 char buf[MAX_PACKET_LENGTH];
791 uint8_t mem_buf[MAX_PACKET_LENGTH];
793 target_ulong addr, len;
796 printf("command='%s'\n", line_buf);
802 /* TODO: Make this return the correct value for user-mode. */
803 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
804 cpu_index(s->c_cpu));
806 /* Remove all the breakpoints when this query is issued,
807 * because gdb is doing and initial connect and the state
808 * should be cleaned up.
810 gdb_breakpoint_remove_all();
814 addr = strtoull(p, (char **)&p, 16);
815 gdb_set_cpu_pc(s, addr);
821 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
827 if (strncmp(p, "Cont", 4) == 0) {
828 int res_signal, res_thread;
832 put_packet(s, "vCont;c;C;s;S");
847 if (action == 'C' || action == 'S') {
848 signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
852 } else if (action != 'c' && action != 's') {
858 thread = strtoull(p+1, (char **)&p, 16);
860 action = tolower(action);
861 if (res == 0 || (res == 'c' && action == 's')) {
868 if (res_thread != -1 && res_thread != 0) {
869 cpu = find_cpu(res_thread);
871 put_packet(s, "E22");
877 cpu_single_step(s->c_cpu, sstep_flags);
879 s->signal = res_signal;
885 goto unknown_command;
888 /* Kill the target */
889 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
893 gdb_breakpoint_remove_all();
894 gdb_syscall_mode = GDB_SYS_DISABLED;
900 addr = strtoull(p, (char **)&p, 16);
901 gdb_set_cpu_pc(s, addr);
903 cpu_single_step(s->c_cpu, sstep_flags);
911 ret = strtoull(p, (char **)&p, 16);
914 err = strtoull(p, (char **)&p, 16);
921 if (s->current_syscall_cb) {
922 s->current_syscall_cb(s->c_cpu, ret, err);
923 s->current_syscall_cb = NULL;
926 put_packet(s, "T02");
933 cpu_synchronize_state(s->g_cpu);
935 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
936 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
939 memtohex(buf, mem_buf, len);
943 cpu_synchronize_state(s->g_cpu);
946 hextomem((uint8_t *)registers, p, len);
947 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
948 reg_size = gdb_write_register(s->g_cpu, registers, addr);
950 registers += reg_size;
955 addr = strtoull(p, (char **)&p, 16);
958 len = strtoull(p, NULL, 16);
960 /* memtohex() doubles the required space */
961 if (len > MAX_PACKET_LENGTH / 2) {
962 put_packet (s, "E22");
966 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
967 put_packet (s, "E14");
969 memtohex(buf, mem_buf, len);
974 addr = strtoull(p, (char **)&p, 16);
977 len = strtoull(p, (char **)&p, 16);
981 /* hextomem() reads 2*len bytes */
982 if (len > strlen(p) / 2) {
983 put_packet (s, "E22");
986 hextomem(mem_buf, p, len);
987 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
989 put_packet(s, "E14");
995 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
996 This works, but can be very slow. Anything new enough to
997 understand XML also knows how to use this properly. */
999 goto unknown_command;
1000 addr = strtoull(p, (char **)&p, 16);
1001 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1003 memtohex(buf, mem_buf, reg_size);
1006 put_packet(s, "E14");
1011 goto unknown_command;
1012 addr = strtoull(p, (char **)&p, 16);
1015 reg_size = strlen(p) / 2;
1016 hextomem(mem_buf, p, reg_size);
1017 gdb_write_register(s->g_cpu, mem_buf, addr);
1018 put_packet(s, "OK");
1022 type = strtoul(p, (char **)&p, 16);
1025 addr = strtoull(p, (char **)&p, 16);
1028 len = strtoull(p, (char **)&p, 16);
1030 res = gdb_breakpoint_insert(addr, len, type);
1032 res = gdb_breakpoint_remove(addr, len, type);
1034 put_packet(s, "OK");
1035 else if (res == -ENOSYS)
1038 put_packet(s, "E22");
1042 thread = strtoull(p, (char **)&p, 16);
1043 if (thread == -1 || thread == 0) {
1044 put_packet(s, "OK");
1047 cpu = find_cpu(thread);
1049 put_packet(s, "E22");
1055 put_packet(s, "OK");
1059 put_packet(s, "OK");
1062 put_packet(s, "E22");
1067 thread = strtoull(p, (char **)&p, 16);
1068 cpu = find_cpu(thread);
1071 put_packet(s, "OK");
1073 put_packet(s, "E22");
1078 /* parse any 'q' packets here */
1079 if (!strcmp(p,"qemu.sstepbits")) {
1080 /* Query Breakpoint bit definitions */
1081 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1087 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1088 /* Display or change the sstep_flags */
1091 /* Display current setting */
1092 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1097 type = strtoul(p, (char **)&p, 16);
1099 put_packet(s, "OK");
1101 } else if (strcmp(p,"C") == 0) {
1102 /* "Current thread" remains vague in the spec, so always return
1103 * the first CPU (gdb returns the first thread). */
1104 put_packet(s, "QC1");
1106 } else if (strcmp(p,"fThreadInfo") == 0) {
1107 s->query_cpu = first_cpu;
1108 goto report_cpuinfo;
1109 } else if (strcmp(p,"sThreadInfo") == 0) {
1112 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1114 s->query_cpu = CPU_NEXT(s->query_cpu);
1118 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1119 thread = strtoull(p+16, (char **)&p, 16);
1120 cpu = find_cpu(thread);
1122 cpu_synchronize_state(cpu);
1123 /* memtohex() doubles the required space */
1124 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1125 "CPU#%d [%s]", cpu->cpu_index,
1126 cpu->halted ? "halted " : "running");
1127 memtohex(buf, mem_buf, len);
1132 #ifdef CONFIG_USER_ONLY
1133 else if (strcmp(p, "Offsets") == 0) {
1134 TaskState *ts = s->c_cpu->opaque;
1136 snprintf(buf, sizeof(buf),
1137 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1138 ";Bss=" TARGET_ABI_FMT_lx,
1139 ts->info->code_offset,
1140 ts->info->data_offset,
1141 ts->info->data_offset);
1145 #else /* !CONFIG_USER_ONLY */
1146 else if (strncmp(p, "Rcmd,", 5) == 0) {
1147 int len = strlen(p + 5);
1149 if ((len % 2) != 0) {
1150 put_packet(s, "E01");
1154 hextomem(mem_buf, p + 5, len);
1156 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1157 put_packet(s, "OK");
1160 #endif /* !CONFIG_USER_ONLY */
1161 if (is_query_packet(p, "Supported", ':')) {
1162 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1163 cc = CPU_GET_CLASS(first_cpu);
1164 if (cc->gdb_core_xml_file != NULL) {
1165 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1170 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1172 target_ulong total_len;
1174 cc = CPU_GET_CLASS(first_cpu);
1175 if (cc->gdb_core_xml_file == NULL) {
1176 goto unknown_command;
1181 xml = get_feature_xml(p, &p, cc);
1183 snprintf(buf, sizeof(buf), "E00");
1190 addr = strtoul(p, (char **)&p, 16);
1193 len = strtoul(p, (char **)&p, 16);
1195 total_len = strlen(xml);
1196 if (addr > total_len) {
1197 snprintf(buf, sizeof(buf), "E00");
1201 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1202 len = (MAX_PACKET_LENGTH - 5) / 2;
1203 if (len < total_len - addr) {
1205 len = memtox(buf + 1, xml + addr, len);
1208 len = memtox(buf + 1, xml + addr, total_len - addr);
1210 put_packet_binary(s, buf, len + 1);
1213 if (is_query_packet(p, "Attached", ':')) {
1214 put_packet(s, GDB_ATTACHED);
1217 /* Unrecognised 'q' command. */
1218 goto unknown_command;
1222 /* put empty packet */
1230 void gdb_set_stop_cpu(CPUState *cpu)
1232 gdbserver_state->c_cpu = cpu;
1233 gdbserver_state->g_cpu = cpu;
1236 #ifndef CONFIG_USER_ONLY
1237 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1239 GDBState *s = gdbserver_state;
1240 CPUState *cpu = s->c_cpu;
1245 if (running || s->state == RS_INACTIVE) {
1248 /* Is there a GDB syscall waiting to be sent? */
1249 if (s->current_syscall_cb) {
1250 put_packet(s, s->syscall_buf);
1254 case RUN_STATE_DEBUG:
1255 if (cpu->watchpoint_hit) {
1256 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1267 snprintf(buf, sizeof(buf),
1268 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1269 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1270 (target_ulong)cpu->watchpoint_hit->vaddr);
1271 cpu->watchpoint_hit = NULL;
1275 ret = GDB_SIGNAL_TRAP;
1277 case RUN_STATE_PAUSED:
1278 ret = GDB_SIGNAL_INT;
1280 case RUN_STATE_SHUTDOWN:
1281 ret = GDB_SIGNAL_QUIT;
1283 case RUN_STATE_IO_ERROR:
1284 ret = GDB_SIGNAL_IO;
1286 case RUN_STATE_WATCHDOG:
1287 ret = GDB_SIGNAL_ALRM;
1289 case RUN_STATE_INTERNAL_ERROR:
1290 ret = GDB_SIGNAL_ABRT;
1292 case RUN_STATE_SAVE_VM:
1293 case RUN_STATE_RESTORE_VM:
1295 case RUN_STATE_FINISH_MIGRATE:
1296 ret = GDB_SIGNAL_XCPU;
1299 ret = GDB_SIGNAL_UNKNOWN;
1302 gdb_set_stop_cpu(cpu);
1303 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1308 /* disable single step if it was enabled */
1309 cpu_single_step(cpu, 0);
1313 /* Send a gdb syscall request.
1314 This accepts limited printf-style format specifiers, specifically:
1315 %x - target_ulong argument printed in hex.
1316 %lx - 64-bit argument printed in hex.
1317 %s - string pointer (target_ulong) and length (int) pair. */
1318 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1326 s = gdbserver_state;
1329 s->current_syscall_cb = cb;
1330 #ifndef CONFIG_USER_ONLY
1331 vm_stop(RUN_STATE_DEBUG);
1334 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1341 addr = va_arg(va, target_ulong);
1342 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1345 if (*(fmt++) != 'x')
1347 i64 = va_arg(va, uint64_t);
1348 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1351 addr = va_arg(va, target_ulong);
1352 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1353 addr, va_arg(va, int));
1357 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1366 #ifdef CONFIG_USER_ONLY
1367 put_packet(s, s->syscall_buf);
1368 gdb_handlesig(s->c_cpu, 0);
1370 /* In this case wait to send the syscall packet until notification that
1371 the CPU has stopped. This must be done because if the packet is sent
1372 now the reply from the syscall request could be received while the CPU
1373 is still in the running state, which can cause packets to be dropped
1374 and state transition 'T' packets to be sent while the syscall is still
1376 qemu_cpu_kick(s->c_cpu);
1380 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1385 gdb_do_syscallv(cb, fmt, va);
1389 static void gdb_read_byte(GDBState *s, int ch)
1394 #ifndef CONFIG_USER_ONLY
1395 if (s->last_packet_len) {
1396 /* Waiting for a response to the last packet. If we see the start
1397 of a new command then abandon the previous response. */
1400 printf("Got NACK, retransmitting\n");
1402 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1406 printf("Got ACK\n");
1408 printf("Got '%c' when expecting ACK/NACK\n", ch);
1410 if (ch == '+' || ch == '$')
1411 s->last_packet_len = 0;
1415 if (runstate_is_running()) {
1416 /* when the CPU is running, we cannot do anything except stop
1417 it when receiving a char */
1418 vm_stop(RUN_STATE_PAUSED);
1425 s->line_buf_index = 0;
1426 s->state = RS_GETLINE;
1431 s->state = RS_CHKSUM1;
1432 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1435 s->line_buf[s->line_buf_index++] = ch;
1439 s->line_buf[s->line_buf_index] = '\0';
1440 s->line_csum = fromhex(ch) << 4;
1441 s->state = RS_CHKSUM2;
1444 s->line_csum |= fromhex(ch);
1446 for(i = 0; i < s->line_buf_index; i++) {
1447 csum += s->line_buf[i];
1449 if (s->line_csum != (csum & 0xff)) {
1451 put_buffer(s, &reply, 1);
1455 put_buffer(s, &reply, 1);
1456 s->state = gdb_handle_packet(s, s->line_buf);
1465 /* Tell the remote gdb that the process has exited. */
1466 void gdb_exit(CPUArchState *env, int code)
1471 s = gdbserver_state;
1475 #ifdef CONFIG_USER_ONLY
1476 if (gdbserver_fd < 0 || s->fd < 0) {
1485 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1488 #ifndef CONFIG_USER_ONLY
1489 qemu_chr_delete(s->chr);
1493 #ifdef CONFIG_USER_ONLY
1499 s = gdbserver_state;
1501 if (gdbserver_fd < 0 || s->fd < 0)
1508 gdb_handlesig(CPUState *cpu, int sig)
1514 s = gdbserver_state;
1515 if (gdbserver_fd < 0 || s->fd < 0) {
1519 /* disable single step if it was enabled */
1520 cpu_single_step(cpu, 0);
1524 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1527 /* put_packet() might have detected that the peer terminated the
1535 s->running_state = 0;
1536 while (s->running_state == 0) {
1537 n = read(s->fd, buf, 256);
1541 for (i = 0; i < n; i++) {
1542 gdb_read_byte(s, buf[i]);
1544 } else if (n == 0 || errno != EAGAIN) {
1545 /* XXX: Connection closed. Should probably wait for another
1546 connection before continuing. */
1555 /* Tell the remote gdb that the process has exited due to SIG. */
1556 void gdb_signalled(CPUArchState *env, int sig)
1561 s = gdbserver_state;
1562 if (gdbserver_fd < 0 || s->fd < 0) {
1566 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1570 static void gdb_accept(void)
1573 struct sockaddr_in sockaddr;
1578 len = sizeof(sockaddr);
1579 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1580 if (fd < 0 && errno != EINTR) {
1583 } else if (fd >= 0) {
1585 fcntl(fd, F_SETFD, FD_CLOEXEC);
1591 /* set short latency */
1592 socket_set_nodelay(fd);
1594 s = g_malloc0(sizeof(GDBState));
1595 s->c_cpu = first_cpu;
1596 s->g_cpu = first_cpu;
1598 gdb_has_xml = false;
1600 gdbserver_state = s;
1602 fcntl(fd, F_SETFL, O_NONBLOCK);
1605 static int gdbserver_open(int port)
1607 struct sockaddr_in sockaddr;
1610 fd = socket(PF_INET, SOCK_STREAM, 0);
1616 fcntl(fd, F_SETFD, FD_CLOEXEC);
1619 socket_set_fast_reuse(fd);
1621 sockaddr.sin_family = AF_INET;
1622 sockaddr.sin_port = htons(port);
1623 sockaddr.sin_addr.s_addr = 0;
1624 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1630 ret = listen(fd, 0);
1639 int gdbserver_start(int port)
1641 gdbserver_fd = gdbserver_open(port);
1642 if (gdbserver_fd < 0)
1644 /* accept connections */
1649 /* Disable gdb stub for child processes. */
1650 void gdbserver_fork(CPUState *cpu)
1652 GDBState *s = gdbserver_state;
1654 if (gdbserver_fd < 0 || s->fd < 0) {
1659 cpu_breakpoint_remove_all(cpu, BP_GDB);
1660 cpu_watchpoint_remove_all(cpu, BP_GDB);
1663 static int gdb_chr_can_receive(void *opaque)
1665 /* We can handle an arbitrarily large amount of data.
1666 Pick the maximum packet size, which is as good as anything. */
1667 return MAX_PACKET_LENGTH;
1670 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1674 for (i = 0; i < size; i++) {
1675 gdb_read_byte(gdbserver_state, buf[i]);
1679 static void gdb_chr_event(void *opaque, int event)
1682 case CHR_EVENT_OPENED:
1683 vm_stop(RUN_STATE_PAUSED);
1684 gdb_has_xml = false;
1691 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1693 char buf[MAX_PACKET_LENGTH];
1696 if (len > (MAX_PACKET_LENGTH/2) - 1)
1697 len = (MAX_PACKET_LENGTH/2) - 1;
1698 memtohex(buf + 1, (uint8_t *)msg, len);
1702 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1704 const char *p = (const char *)buf;
1707 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1709 if (len <= max_sz) {
1710 gdb_monitor_output(gdbserver_state, p, len);
1713 gdb_monitor_output(gdbserver_state, p, max_sz);
1721 static void gdb_sigterm_handler(int signal)
1723 if (runstate_is_running()) {
1724 vm_stop(RUN_STATE_PAUSED);
1729 int gdbserver_start(const char *device)
1732 char gdbstub_device_name[128];
1733 CharDriverState *chr = NULL;
1734 CharDriverState *mon_chr;
1738 if (strcmp(device, "none") != 0) {
1739 if (strstart(device, "tcp:", NULL)) {
1740 /* enforce required TCP attributes */
1741 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1742 "%s,nowait,nodelay,server", device);
1743 device = gdbstub_device_name;
1746 else if (strcmp(device, "stdio") == 0) {
1747 struct sigaction act;
1749 memset(&act, 0, sizeof(act));
1750 act.sa_handler = gdb_sigterm_handler;
1751 sigaction(SIGINT, &act, NULL);
1754 chr = qemu_chr_new("gdb", device, NULL);
1758 qemu_chr_fe_claim_no_fail(chr);
1759 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1760 gdb_chr_event, NULL);
1763 s = gdbserver_state;
1765 s = g_malloc0(sizeof(GDBState));
1766 gdbserver_state = s;
1768 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1770 /* Initialize a monitor terminal for gdb */
1771 mon_chr = qemu_chr_alloc();
1772 mon_chr->chr_write = gdb_monitor_write;
1773 monitor_init(mon_chr, 0);
1776 qemu_chr_delete(s->chr);
1777 mon_chr = s->mon_chr;
1778 memset(s, 0, sizeof(GDBState));
1780 s->c_cpu = first_cpu;
1781 s->g_cpu = first_cpu;
1783 s->state = chr ? RS_IDLE : RS_INACTIVE;
1784 s->mon_chr = mon_chr;
1785 s->current_syscall_cb = NULL;
projects / sdk / emulator / qemu.git / blob