4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
44 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
45 uint8_t *buf, int len, bool is_write)
47 CPUClass *cc = CPU_GET_CLASS(cpu);
49 if (cc->memory_rw_debug) {
50 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
52 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
64 GDB_SIGNAL_UNKNOWN = 143
67 #ifdef CONFIG_USER_ONLY
69 /* Map target signal numbers to GDB protocol signal numbers and vice
70 * versa. For user emulation's currently supported systems, we can
71 * assume most signals are defined.
74 static int gdb_signal_table[] = {
234 /* In system mode we only need SIGINT and SIGTRAP; other signals
235 are not yet supported. */
242 static int gdb_signal_table[] = {
252 #ifdef CONFIG_USER_ONLY
253 static int target_signal_to_gdb (int sig)
256 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
257 if (gdb_signal_table[i] == sig)
259 return GDB_SIGNAL_UNKNOWN;
263 static int gdb_signal_to_target (int sig)
265 if (sig < ARRAY_SIZE (gdb_signal_table))
266 return gdb_signal_table[sig];
273 typedef struct GDBRegisterState {
279 struct GDBRegisterState *next;
289 typedef struct GDBState {
290 CPUState *c_cpu; /* current CPU for step/continue ops */
291 CPUState *g_cpu; /* current CPU for other ops */
292 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
293 enum RSState state; /* parsing state */
294 char line_buf[MAX_PACKET_LENGTH];
297 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
300 #ifdef CONFIG_USER_ONLY
304 CharDriverState *chr;
305 CharDriverState *mon_chr;
307 char syscall_buf[256];
308 gdb_syscall_complete_cb current_syscall_cb;
311 /* By default use no IRQs and no timers while single stepping so as to
312 * make single stepping like an ICE HW step.
314 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
316 static GDBState *gdbserver_state;
320 #ifdef CONFIG_USER_ONLY
321 /* XXX: This is not thread safe. Do we care? */
322 static int gdbserver_fd = -1;
324 static int get_char(GDBState *s)
330 ret = qemu_recv(s->fd, &ch, 1, 0);
332 if (errno == ECONNRESET)
334 if (errno != EINTR && errno != EAGAIN)
336 } else if (ret == 0) {
354 /* If gdb is connected when the first semihosting syscall occurs then use
355 remote gdb syscalls. Otherwise use native file IO. */
356 int use_gdb_syscalls(void)
358 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
359 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
362 return gdb_syscall_mode == GDB_SYS_ENABLED;
365 /* Resume execution. */
366 static inline void gdb_continue(GDBState *s)
368 #ifdef CONFIG_USER_ONLY
369 s->running_state = 1;
371 if (!runstate_needs_reset()) {
377 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
379 #ifdef CONFIG_USER_ONLY
383 ret = send(s->fd, buf, len, 0);
385 if (errno != EINTR && errno != EAGAIN)
393 qemu_chr_fe_write(s->chr, buf, len);
397 static inline int fromhex(int v)
399 if (v >= '0' && v <= '9')
401 else if (v >= 'A' && v <= 'F')
403 else if (v >= 'a' && v <= 'f')
409 static inline int tohex(int v)
417 static void memtohex(char *buf, const uint8_t *mem, int len)
422 for(i = 0; i < len; i++) {
424 *q++ = tohex(c >> 4);
425 *q++ = tohex(c & 0xf);
430 static void hextomem(uint8_t *mem, const char *buf, int len)
434 for(i = 0; i < len; i++) {
435 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
440 /* return -1 if error, 0 if OK */
441 static int put_packet_binary(GDBState *s, const char *buf, int len)
452 for(i = 0; i < len; i++) {
456 *(p++) = tohex((csum >> 4) & 0xf);
457 *(p++) = tohex((csum) & 0xf);
459 s->last_packet_len = p - s->last_packet;
460 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
462 #ifdef CONFIG_USER_ONLY
475 /* return -1 if error, 0 if OK */
476 static int put_packet(GDBState *s, const char *buf)
479 printf("reply='%s'\n", buf);
482 return put_packet_binary(s, buf, strlen(buf));
485 /* Encode data using the encoding for 'x' packets. */
486 static int memtox(char *buf, const char *mem, int len)
494 case '#': case '$': case '*': case '}':
506 static const char *get_feature_xml(const char *p, const char **newp,
512 static char target_xml[1024];
515 while (p[len] && p[len] != ':')
520 if (strncmp(p, "target.xml", len) == 0) {
521 /* Generate the XML description for this CPU. */
522 if (!target_xml[0]) {
524 CPUState *cpu = first_cpu;
526 snprintf(target_xml, sizeof(target_xml),
527 "<?xml version=\"1.0\"?>"
528 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
530 "<xi:include href=\"%s\"/>",
531 cc->gdb_core_xml_file);
533 for (r = cpu->gdb_regs; r; r = r->next) {
534 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
535 pstrcat(target_xml, sizeof(target_xml), r->xml);
536 pstrcat(target_xml, sizeof(target_xml), "\"/>");
538 pstrcat(target_xml, sizeof(target_xml), "</target>");
543 name = xml_builtin[i][0];
544 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
547 return name ? xml_builtin[i][1] : NULL;
550 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
552 CPUClass *cc = CPU_GET_CLASS(cpu);
553 CPUArchState *env = cpu->env_ptr;
556 if (reg < cc->gdb_num_core_regs) {
557 return cc->gdb_read_register(cpu, mem_buf, reg);
560 for (r = cpu->gdb_regs; r; r = r->next) {
561 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
562 return r->get_reg(env, mem_buf, reg - r->base_reg);
568 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
570 CPUClass *cc = CPU_GET_CLASS(cpu);
571 CPUArchState *env = cpu->env_ptr;
574 if (reg < cc->gdb_num_core_regs) {
575 return cc->gdb_write_register(cpu, mem_buf, reg);
578 for (r = cpu->gdb_regs; r; r = r->next) {
579 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
580 return r->set_reg(env, mem_buf, reg - r->base_reg);
586 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
587 specifies the first register number and these registers are included in
588 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
589 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
592 void gdb_register_coprocessor(CPUState *cpu,
593 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
594 int num_regs, const char *xml, int g_pos)
597 GDBRegisterState **p;
601 /* Check for duplicates. */
602 if (strcmp((*p)->xml, xml) == 0)
607 s = g_new0(GDBRegisterState, 1);
608 s->base_reg = cpu->gdb_num_regs;
609 s->num_regs = num_regs;
610 s->get_reg = get_reg;
611 s->set_reg = set_reg;
614 /* Add to end of list. */
615 cpu->gdb_num_regs += num_regs;
618 if (g_pos != s->base_reg) {
619 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
620 "Expected %d got %d\n", xml, g_pos, s->base_reg);
622 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
627 #ifndef CONFIG_USER_ONLY
628 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
629 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
631 static const int xlat[] = {
632 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
633 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
634 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
637 CPUClass *cc = CPU_GET_CLASS(cpu);
638 int cputype = xlat[gdbtype];
640 if (cc->gdb_stop_before_watchpoint) {
641 cputype |= BP_STOP_BEFORE_ACCESS;
647 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
653 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
657 case GDB_BREAKPOINT_SW:
658 case GDB_BREAKPOINT_HW:
660 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
666 #ifndef CONFIG_USER_ONLY
667 case GDB_WATCHPOINT_WRITE:
668 case GDB_WATCHPOINT_READ:
669 case GDB_WATCHPOINT_ACCESS:
671 err = cpu_watchpoint_insert(cpu, addr, len,
672 xlat_gdb_type(cpu, type), NULL);
684 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
690 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
694 case GDB_BREAKPOINT_SW:
695 case GDB_BREAKPOINT_HW:
697 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
703 #ifndef CONFIG_USER_ONLY
704 case GDB_WATCHPOINT_WRITE:
705 case GDB_WATCHPOINT_READ:
706 case GDB_WATCHPOINT_ACCESS:
708 err = cpu_watchpoint_remove(cpu, addr, len,
709 xlat_gdb_type(cpu, type));
720 static void gdb_breakpoint_remove_all(void)
725 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
730 cpu_breakpoint_remove_all(cpu, BP_GDB);
731 #ifndef CONFIG_USER_ONLY
732 cpu_watchpoint_remove_all(cpu, BP_GDB);
737 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
739 CPUState *cpu = s->c_cpu;
740 CPUClass *cc = CPU_GET_CLASS(cpu);
742 cpu_synchronize_state(cpu);
748 static CPUState *find_cpu(uint32_t thread_id)
753 if (cpu_index(cpu) == thread_id) {
761 static int gdb_handle_packet(GDBState *s, const char *line_buf)
767 int ch, reg_size, type, res;
768 char buf[MAX_PACKET_LENGTH];
769 uint8_t mem_buf[MAX_PACKET_LENGTH];
771 target_ulong addr, len;
774 printf("command='%s'\n", line_buf);
780 /* TODO: Make this return the correct value for user-mode. */
781 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
782 cpu_index(s->c_cpu));
784 /* Remove all the breakpoints when this query is issued,
785 * because gdb is doing and initial connect and the state
786 * should be cleaned up.
788 gdb_breakpoint_remove_all();
792 addr = strtoull(p, (char **)&p, 16);
793 gdb_set_cpu_pc(s, addr);
799 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
805 if (strncmp(p, "Cont", 4) == 0) {
806 int res_signal, res_thread;
810 put_packet(s, "vCont;c;C;s;S");
825 if (action == 'C' || action == 'S') {
826 signal = strtoul(p, (char **)&p, 16);
827 } else if (action != 'c' && action != 's') {
833 thread = strtoull(p+1, (char **)&p, 16);
835 action = tolower(action);
836 if (res == 0 || (res == 'c' && action == 's')) {
843 if (res_thread != -1 && res_thread != 0) {
844 cpu = find_cpu(res_thread);
846 put_packet(s, "E22");
852 cpu_single_step(s->c_cpu, sstep_flags);
854 s->signal = res_signal;
860 goto unknown_command;
863 #ifdef CONFIG_USER_ONLY
864 /* Kill the target */
865 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
870 gdb_breakpoint_remove_all();
871 gdb_syscall_mode = GDB_SYS_DISABLED;
877 addr = strtoull(p, (char **)&p, 16);
878 gdb_set_cpu_pc(s, addr);
880 cpu_single_step(s->c_cpu, sstep_flags);
888 ret = strtoull(p, (char **)&p, 16);
891 err = strtoull(p, (char **)&p, 16);
898 if (s->current_syscall_cb) {
899 s->current_syscall_cb(s->c_cpu, ret, err);
900 s->current_syscall_cb = NULL;
903 put_packet(s, "T02");
910 cpu_synchronize_state(s->g_cpu);
912 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
913 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
916 memtohex(buf, mem_buf, len);
920 cpu_synchronize_state(s->g_cpu);
923 hextomem((uint8_t *)registers, p, len);
924 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
925 reg_size = gdb_write_register(s->g_cpu, registers, addr);
927 registers += reg_size;
932 addr = strtoull(p, (char **)&p, 16);
935 len = strtoull(p, NULL, 16);
936 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
937 put_packet (s, "E14");
939 memtohex(buf, mem_buf, len);
944 addr = strtoull(p, (char **)&p, 16);
947 len = strtoull(p, (char **)&p, 16);
950 hextomem(mem_buf, p, len);
951 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
953 put_packet(s, "E14");
959 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
960 This works, but can be very slow. Anything new enough to
961 understand XML also knows how to use this properly. */
963 goto unknown_command;
964 addr = strtoull(p, (char **)&p, 16);
965 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
967 memtohex(buf, mem_buf, reg_size);
970 put_packet(s, "E14");
975 goto unknown_command;
976 addr = strtoull(p, (char **)&p, 16);
979 reg_size = strlen(p) / 2;
980 hextomem(mem_buf, p, reg_size);
981 gdb_write_register(s->g_cpu, mem_buf, addr);
986 type = strtoul(p, (char **)&p, 16);
989 addr = strtoull(p, (char **)&p, 16);
992 len = strtoull(p, (char **)&p, 16);
994 res = gdb_breakpoint_insert(addr, len, type);
996 res = gdb_breakpoint_remove(addr, len, type);
999 else if (res == -ENOSYS)
1002 put_packet(s, "E22");
1006 thread = strtoull(p, (char **)&p, 16);
1007 if (thread == -1 || thread == 0) {
1008 put_packet(s, "OK");
1011 cpu = find_cpu(thread);
1013 put_packet(s, "E22");
1019 put_packet(s, "OK");
1023 put_packet(s, "OK");
1026 put_packet(s, "E22");
1031 thread = strtoull(p, (char **)&p, 16);
1032 cpu = find_cpu(thread);
1035 put_packet(s, "OK");
1037 put_packet(s, "E22");
1042 /* parse any 'q' packets here */
1043 if (!strcmp(p,"qemu.sstepbits")) {
1044 /* Query Breakpoint bit definitions */
1045 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1051 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1052 /* Display or change the sstep_flags */
1055 /* Display current setting */
1056 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1061 type = strtoul(p, (char **)&p, 16);
1063 put_packet(s, "OK");
1065 } else if (strcmp(p,"C") == 0) {
1066 /* "Current thread" remains vague in the spec, so always return
1067 * the first CPU (gdb returns the first thread). */
1068 put_packet(s, "QC1");
1070 } else if (strcmp(p,"fThreadInfo") == 0) {
1071 s->query_cpu = first_cpu;
1072 goto report_cpuinfo;
1073 } else if (strcmp(p,"sThreadInfo") == 0) {
1076 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1078 s->query_cpu = CPU_NEXT(s->query_cpu);
1082 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1083 thread = strtoull(p+16, (char **)&p, 16);
1084 cpu = find_cpu(thread);
1086 cpu_synchronize_state(cpu);
1087 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1088 "CPU#%d [%s]", cpu->cpu_index,
1089 cpu->halted ? "halted " : "running");
1090 memtohex(buf, mem_buf, len);
1095 #ifdef CONFIG_USER_ONLY
1096 else if (strncmp(p, "Offsets", 7) == 0) {
1097 TaskState *ts = s->c_cpu->opaque;
1099 snprintf(buf, sizeof(buf),
1100 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1101 ";Bss=" TARGET_ABI_FMT_lx,
1102 ts->info->code_offset,
1103 ts->info->data_offset,
1104 ts->info->data_offset);
1108 #else /* !CONFIG_USER_ONLY */
1109 else if (strncmp(p, "Rcmd,", 5) == 0) {
1110 int len = strlen(p + 5);
1112 if ((len % 2) != 0) {
1113 put_packet(s, "E01");
1116 hextomem(mem_buf, p + 5, len);
1119 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1120 put_packet(s, "OK");
1123 #endif /* !CONFIG_USER_ONLY */
1124 if (strncmp(p, "Supported", 9) == 0) {
1125 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1126 cc = CPU_GET_CLASS(first_cpu);
1127 if (cc->gdb_core_xml_file != NULL) {
1128 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1133 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1135 target_ulong total_len;
1137 cc = CPU_GET_CLASS(first_cpu);
1138 if (cc->gdb_core_xml_file == NULL) {
1139 goto unknown_command;
1144 xml = get_feature_xml(p, &p, cc);
1146 snprintf(buf, sizeof(buf), "E00");
1153 addr = strtoul(p, (char **)&p, 16);
1156 len = strtoul(p, (char **)&p, 16);
1158 total_len = strlen(xml);
1159 if (addr > total_len) {
1160 snprintf(buf, sizeof(buf), "E00");
1164 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1165 len = (MAX_PACKET_LENGTH - 5) / 2;
1166 if (len < total_len - addr) {
1168 len = memtox(buf + 1, xml + addr, len);
1171 len = memtox(buf + 1, xml + addr, total_len - addr);
1173 put_packet_binary(s, buf, len + 1);
1176 /* Unrecognised 'q' command. */
1177 goto unknown_command;
1181 /* put empty packet */
1189 void gdb_set_stop_cpu(CPUState *cpu)
1191 gdbserver_state->c_cpu = cpu;
1192 gdbserver_state->g_cpu = cpu;
1195 #ifndef CONFIG_USER_ONLY
1196 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1198 GDBState *s = gdbserver_state;
1199 CPUArchState *env = s->c_cpu->env_ptr;
1200 CPUState *cpu = s->c_cpu;
1205 if (running || s->state == RS_INACTIVE) {
1208 /* Is there a GDB syscall waiting to be sent? */
1209 if (s->current_syscall_cb) {
1210 put_packet(s, s->syscall_buf);
1214 case RUN_STATE_DEBUG:
1215 if (cpu->watchpoint_hit) {
1216 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1227 snprintf(buf, sizeof(buf),
1228 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1229 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1230 (target_ulong)cpu->watchpoint_hit->vaddr);
1231 cpu->watchpoint_hit = NULL;
1235 ret = GDB_SIGNAL_TRAP;
1237 case RUN_STATE_PAUSED:
1238 ret = GDB_SIGNAL_INT;
1240 case RUN_STATE_SHUTDOWN:
1241 ret = GDB_SIGNAL_QUIT;
1243 case RUN_STATE_IO_ERROR:
1244 ret = GDB_SIGNAL_IO;
1246 case RUN_STATE_WATCHDOG:
1247 ret = GDB_SIGNAL_ALRM;
1249 case RUN_STATE_INTERNAL_ERROR:
1250 ret = GDB_SIGNAL_ABRT;
1252 case RUN_STATE_SAVE_VM:
1253 case RUN_STATE_RESTORE_VM:
1255 case RUN_STATE_FINISH_MIGRATE:
1256 ret = GDB_SIGNAL_XCPU;
1259 ret = GDB_SIGNAL_UNKNOWN;
1262 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1267 /* disable single step if it was enabled */
1268 cpu_single_step(cpu, 0);
1272 /* Send a gdb syscall request.
1273 This accepts limited printf-style format specifiers, specifically:
1274 %x - target_ulong argument printed in hex.
1275 %lx - 64-bit argument printed in hex.
1276 %s - string pointer (target_ulong) and length (int) pair. */
1277 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1286 s = gdbserver_state;
1289 s->current_syscall_cb = cb;
1290 #ifndef CONFIG_USER_ONLY
1291 vm_stop(RUN_STATE_DEBUG);
1295 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1302 addr = va_arg(va, target_ulong);
1303 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1306 if (*(fmt++) != 'x')
1308 i64 = va_arg(va, uint64_t);
1309 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1312 addr = va_arg(va, target_ulong);
1313 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1314 addr, va_arg(va, int));
1318 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1328 #ifdef CONFIG_USER_ONLY
1329 put_packet(s, s->syscall_buf);
1330 gdb_handlesig(s->c_cpu, 0);
1332 /* In this case wait to send the syscall packet until notification that
1333 the CPU has stopped. This must be done because if the packet is sent
1334 now the reply from the syscall request could be received while the CPU
1335 is still in the running state, which can cause packets to be dropped
1336 and state transition 'T' packets to be sent while the syscall is still
1342 static void gdb_read_byte(GDBState *s, int ch)
1347 #ifndef CONFIG_USER_ONLY
1348 if (s->last_packet_len) {
1349 /* Waiting for a response to the last packet. If we see the start
1350 of a new command then abandon the previous response. */
1353 printf("Got NACK, retransmitting\n");
1355 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1359 printf("Got ACK\n");
1361 printf("Got '%c' when expecting ACK/NACK\n", ch);
1363 if (ch == '+' || ch == '$')
1364 s->last_packet_len = 0;
1368 if (runstate_is_running()) {
1369 /* when the CPU is running, we cannot do anything except stop
1370 it when receiving a char */
1371 vm_stop(RUN_STATE_PAUSED);
1378 s->line_buf_index = 0;
1379 s->state = RS_GETLINE;
1384 s->state = RS_CHKSUM1;
1385 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1388 s->line_buf[s->line_buf_index++] = ch;
1392 s->line_buf[s->line_buf_index] = '\0';
1393 s->line_csum = fromhex(ch) << 4;
1394 s->state = RS_CHKSUM2;
1397 s->line_csum |= fromhex(ch);
1399 for(i = 0; i < s->line_buf_index; i++) {
1400 csum += s->line_buf[i];
1402 if (s->line_csum != (csum & 0xff)) {
1404 put_buffer(s, &reply, 1);
1408 put_buffer(s, &reply, 1);
1409 s->state = gdb_handle_packet(s, s->line_buf);
1418 /* Tell the remote gdb that the process has exited. */
1419 void gdb_exit(CPUArchState *env, int code)
1424 s = gdbserver_state;
1428 #ifdef CONFIG_USER_ONLY
1429 if (gdbserver_fd < 0 || s->fd < 0) {
1434 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1437 #ifndef CONFIG_USER_ONLY
1439 qemu_chr_delete(s->chr);
1444 #ifdef CONFIG_USER_ONLY
1450 s = gdbserver_state;
1452 if (gdbserver_fd < 0 || s->fd < 0)
1459 gdb_handlesig(CPUState *cpu, int sig)
1461 CPUArchState *env = cpu->env_ptr;
1466 s = gdbserver_state;
1467 if (gdbserver_fd < 0 || s->fd < 0) {
1471 /* disable single step if it was enabled */
1472 cpu_single_step(cpu, 0);
1476 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1479 /* put_packet() might have detected that the peer terminated the
1487 s->running_state = 0;
1488 while (s->running_state == 0) {
1489 n = read(s->fd, buf, 256);
1493 for (i = 0; i < n; i++) {
1494 gdb_read_byte(s, buf[i]);
1496 } else if (n == 0 || errno != EAGAIN) {
1497 /* XXX: Connection closed. Should probably wait for another
1498 connection before continuing. */
1507 /* Tell the remote gdb that the process has exited due to SIG. */
1508 void gdb_signalled(CPUArchState *env, int sig)
1513 s = gdbserver_state;
1514 if (gdbserver_fd < 0 || s->fd < 0) {
1518 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1522 static void gdb_accept(void)
1525 struct sockaddr_in sockaddr;
1530 len = sizeof(sockaddr);
1531 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1532 if (fd < 0 && errno != EINTR) {
1535 } else if (fd >= 0) {
1537 fcntl(fd, F_SETFD, FD_CLOEXEC);
1543 /* set short latency */
1544 socket_set_nodelay(fd);
1546 s = g_malloc0(sizeof(GDBState));
1547 s->c_cpu = first_cpu;
1548 s->g_cpu = first_cpu;
1550 gdb_has_xml = false;
1552 gdbserver_state = s;
1554 fcntl(fd, F_SETFL, O_NONBLOCK);
1557 static int gdbserver_open(int port)
1559 struct sockaddr_in sockaddr;
1562 fd = socket(PF_INET, SOCK_STREAM, 0);
1568 fcntl(fd, F_SETFD, FD_CLOEXEC);
1571 socket_set_fast_reuse(fd);
1573 sockaddr.sin_family = AF_INET;
1574 sockaddr.sin_port = htons(port);
1575 sockaddr.sin_addr.s_addr = 0;
1576 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1582 ret = listen(fd, 0);
1591 int gdbserver_start(int port)
1593 gdbserver_fd = gdbserver_open(port);
1594 if (gdbserver_fd < 0)
1596 /* accept connections */
1601 /* Disable gdb stub for child processes. */
1602 void gdbserver_fork(CPUArchState *env)
1604 CPUState *cpu = ENV_GET_CPU(env);
1605 GDBState *s = gdbserver_state;
1607 if (gdbserver_fd < 0 || s->fd < 0) {
1612 cpu_breakpoint_remove_all(cpu, BP_GDB);
1613 cpu_watchpoint_remove_all(cpu, BP_GDB);
1616 static int gdb_chr_can_receive(void *opaque)
1618 /* We can handle an arbitrarily large amount of data.
1619 Pick the maximum packet size, which is as good as anything. */
1620 return MAX_PACKET_LENGTH;
1623 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1627 for (i = 0; i < size; i++) {
1628 gdb_read_byte(gdbserver_state, buf[i]);
1632 static void gdb_chr_event(void *opaque, int event)
1635 case CHR_EVENT_OPENED:
1636 vm_stop(RUN_STATE_PAUSED);
1637 gdb_has_xml = false;
1644 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1646 char buf[MAX_PACKET_LENGTH];
1649 if (len > (MAX_PACKET_LENGTH/2) - 1)
1650 len = (MAX_PACKET_LENGTH/2) - 1;
1651 memtohex(buf + 1, (uint8_t *)msg, len);
1655 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1657 const char *p = (const char *)buf;
1660 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1662 if (len <= max_sz) {
1663 gdb_monitor_output(gdbserver_state, p, len);
1666 gdb_monitor_output(gdbserver_state, p, max_sz);
1674 static void gdb_sigterm_handler(int signal)
1676 if (runstate_is_running()) {
1677 vm_stop(RUN_STATE_PAUSED);
1682 int gdbserver_start(const char *device)
1685 char gdbstub_device_name[128];
1686 CharDriverState *chr = NULL;
1687 CharDriverState *mon_chr;
1691 if (strcmp(device, "none") != 0) {
1692 if (strstart(device, "tcp:", NULL)) {
1693 /* enforce required TCP attributes */
1694 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1695 "%s,nowait,nodelay,server", device);
1696 device = gdbstub_device_name;
1699 else if (strcmp(device, "stdio") == 0) {
1700 struct sigaction act;
1702 memset(&act, 0, sizeof(act));
1703 act.sa_handler = gdb_sigterm_handler;
1704 sigaction(SIGINT, &act, NULL);
1707 chr = qemu_chr_new("gdb", device, NULL);
1711 qemu_chr_fe_claim_no_fail(chr);
1712 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1713 gdb_chr_event, NULL);
1716 s = gdbserver_state;
1718 s = g_malloc0(sizeof(GDBState));
1719 gdbserver_state = s;
1721 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1723 /* Initialize a monitor terminal for gdb */
1724 mon_chr = qemu_chr_alloc();
1725 mon_chr->chr_write = gdb_monitor_write;
1726 monitor_init(mon_chr, 0);
1729 qemu_chr_delete(s->chr);
1730 mon_chr = s->mon_chr;
1731 memset(s, 0, sizeof(GDBState));
1733 s->c_cpu = first_cpu;
1734 s->g_cpu = first_cpu;
1736 s->state = chr ? RS_IDLE : RS_INACTIVE;
1737 s->mon_chr = mon_chr;
1738 s->current_syscall_cb = NULL;
projects / sdk / emulator / qemu.git / blob