4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
44 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
45 uint8_t *buf, int len, bool is_write)
47 CPUClass *cc = CPU_GET_CLASS(cpu);
49 if (cc->memory_rw_debug) {
50 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
52 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
64 GDB_SIGNAL_UNKNOWN = 143
67 #ifdef CONFIG_USER_ONLY
69 /* Map target signal numbers to GDB protocol signal numbers and vice
70 * versa. For user emulation's currently supported systems, we can
71 * assume most signals are defined.
74 static int gdb_signal_table[] = {
234 /* In system mode we only need SIGINT and SIGTRAP; other signals
235 are not yet supported. */
242 static int gdb_signal_table[] = {
252 #ifdef CONFIG_USER_ONLY
253 static int target_signal_to_gdb (int sig)
256 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
257 if (gdb_signal_table[i] == sig)
259 return GDB_SIGNAL_UNKNOWN;
263 static int gdb_signal_to_target (int sig)
265 if (sig < ARRAY_SIZE (gdb_signal_table))
266 return gdb_signal_table[sig];
273 typedef struct GDBRegisterState {
279 struct GDBRegisterState *next;
289 typedef struct GDBState {
290 CPUState *c_cpu; /* current CPU for step/continue ops */
291 CPUState *g_cpu; /* current CPU for other ops */
292 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
293 enum RSState state; /* parsing state */
294 char line_buf[MAX_PACKET_LENGTH];
297 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
300 #ifdef CONFIG_USER_ONLY
304 CharDriverState *chr;
305 CharDriverState *mon_chr;
307 char syscall_buf[256];
308 gdb_syscall_complete_cb current_syscall_cb;
311 /* By default use no IRQs and no timers while single stepping so as to
312 * make single stepping like an ICE HW step.
314 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
316 static GDBState *gdbserver_state;
320 #ifdef CONFIG_USER_ONLY
321 /* XXX: This is not thread safe. Do we care? */
322 static int gdbserver_fd = -1;
324 static int get_char(GDBState *s)
330 ret = qemu_recv(s->fd, &ch, 1, 0);
332 if (errno == ECONNRESET)
334 if (errno != EINTR && errno != EAGAIN)
336 } else if (ret == 0) {
354 /* If gdb is connected when the first semihosting syscall occurs then use
355 remote gdb syscalls. Otherwise use native file IO. */
356 int use_gdb_syscalls(void)
358 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
359 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
362 return gdb_syscall_mode == GDB_SYS_ENABLED;
365 /* Resume execution. */
366 static inline void gdb_continue(GDBState *s)
368 #ifdef CONFIG_USER_ONLY
369 s->running_state = 1;
371 if (!runstate_needs_reset()) {
377 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
379 #ifdef CONFIG_USER_ONLY
383 ret = send(s->fd, buf, len, 0);
385 if (errno != EINTR && errno != EAGAIN)
393 qemu_chr_fe_write(s->chr, buf, len);
397 static inline int fromhex(int v)
399 if (v >= '0' && v <= '9')
401 else if (v >= 'A' && v <= 'F')
403 else if (v >= 'a' && v <= 'f')
409 static inline int tohex(int v)
417 static void memtohex(char *buf, const uint8_t *mem, int len)
422 for(i = 0; i < len; i++) {
424 *q++ = tohex(c >> 4);
425 *q++ = tohex(c & 0xf);
430 static void hextomem(uint8_t *mem, const char *buf, int len)
434 for(i = 0; i < len; i++) {
435 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
440 /* return -1 if error, 0 if OK */
441 static int put_packet_binary(GDBState *s, const char *buf, int len)
452 for(i = 0; i < len; i++) {
456 *(p++) = tohex((csum >> 4) & 0xf);
457 *(p++) = tohex((csum) & 0xf);
459 s->last_packet_len = p - s->last_packet;
460 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
462 #ifdef CONFIG_USER_ONLY
475 /* return -1 if error, 0 if OK */
476 static int put_packet(GDBState *s, const char *buf)
479 printf("reply='%s'\n", buf);
482 return put_packet_binary(s, buf, strlen(buf));
485 /* Encode data using the encoding for 'x' packets. */
486 static int memtox(char *buf, const char *mem, int len)
494 case '#': case '$': case '*': case '}':
506 static const char *get_feature_xml(const char *p, const char **newp,
512 static char target_xml[1024];
515 while (p[len] && p[len] != ':')
520 if (strncmp(p, "target.xml", len) == 0) {
521 /* Generate the XML description for this CPU. */
522 if (!target_xml[0]) {
524 CPUState *cpu = first_cpu;
526 snprintf(target_xml, sizeof(target_xml),
527 "<?xml version=\"1.0\"?>"
528 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
530 "<xi:include href=\"%s\"/>",
531 cc->gdb_core_xml_file);
533 for (r = cpu->gdb_regs; r; r = r->next) {
534 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
535 pstrcat(target_xml, sizeof(target_xml), r->xml);
536 pstrcat(target_xml, sizeof(target_xml), "\"/>");
538 pstrcat(target_xml, sizeof(target_xml), "</target>");
543 name = xml_builtin[i][0];
544 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
547 return name ? xml_builtin[i][1] : NULL;
550 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
552 CPUClass *cc = CPU_GET_CLASS(cpu);
553 CPUArchState *env = cpu->env_ptr;
556 if (reg < cc->gdb_num_core_regs) {
557 return cc->gdb_read_register(cpu, mem_buf, reg);
560 for (r = cpu->gdb_regs; r; r = r->next) {
561 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
562 return r->get_reg(env, mem_buf, reg - r->base_reg);
568 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
570 CPUClass *cc = CPU_GET_CLASS(cpu);
571 CPUArchState *env = cpu->env_ptr;
574 if (reg < cc->gdb_num_core_regs) {
575 return cc->gdb_write_register(cpu, mem_buf, reg);
578 for (r = cpu->gdb_regs; r; r = r->next) {
579 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
580 return r->set_reg(env, mem_buf, reg - r->base_reg);
586 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
587 specifies the first register number and these registers are included in
588 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
589 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
592 void gdb_register_coprocessor(CPUState *cpu,
593 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
594 int num_regs, const char *xml, int g_pos)
597 GDBRegisterState **p;
601 /* Check for duplicates. */
602 if (strcmp((*p)->xml, xml) == 0)
607 s = g_new0(GDBRegisterState, 1);
608 s->base_reg = cpu->gdb_num_regs;
609 s->num_regs = num_regs;
610 s->get_reg = get_reg;
611 s->set_reg = set_reg;
614 /* Add to end of list. */
615 cpu->gdb_num_regs += num_regs;
618 if (g_pos != s->base_reg) {
619 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
620 "Expected %d got %d\n", xml, g_pos, s->base_reg);
622 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
627 #ifndef CONFIG_USER_ONLY
628 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
629 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
631 static const int xlat[] = {
632 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
633 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
634 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
637 CPUClass *cc = CPU_GET_CLASS(cpu);
638 int cputype = xlat[gdbtype];
640 if (cc->gdb_stop_before_watchpoint) {
641 cputype |= BP_STOP_BEFORE_ACCESS;
647 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
653 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
657 case GDB_BREAKPOINT_SW:
658 case GDB_BREAKPOINT_HW:
660 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
666 #ifndef CONFIG_USER_ONLY
667 case GDB_WATCHPOINT_WRITE:
668 case GDB_WATCHPOINT_READ:
669 case GDB_WATCHPOINT_ACCESS:
671 err = cpu_watchpoint_insert(cpu, addr, len,
672 xlat_gdb_type(cpu, type), NULL);
684 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
690 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
694 case GDB_BREAKPOINT_SW:
695 case GDB_BREAKPOINT_HW:
697 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
703 #ifndef CONFIG_USER_ONLY
704 case GDB_WATCHPOINT_WRITE:
705 case GDB_WATCHPOINT_READ:
706 case GDB_WATCHPOINT_ACCESS:
708 err = cpu_watchpoint_remove(cpu, addr, len,
709 xlat_gdb_type(cpu, type));
720 static void gdb_breakpoint_remove_all(void)
725 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
730 cpu_breakpoint_remove_all(cpu, BP_GDB);
731 #ifndef CONFIG_USER_ONLY
732 cpu_watchpoint_remove_all(cpu, BP_GDB);
737 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
739 CPUState *cpu = s->c_cpu;
740 CPUClass *cc = CPU_GET_CLASS(cpu);
742 cpu_synchronize_state(cpu);
748 static CPUState *find_cpu(uint32_t thread_id)
753 if (cpu_index(cpu) == thread_id) {
761 static int gdb_handle_packet(GDBState *s, const char *line_buf)
767 int ch, reg_size, type, res;
768 char buf[MAX_PACKET_LENGTH];
769 uint8_t mem_buf[MAX_PACKET_LENGTH];
771 target_ulong addr, len;
774 printf("command='%s'\n", line_buf);
780 /* TODO: Make this return the correct value for user-mode. */
781 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
782 cpu_index(s->c_cpu));
784 /* Remove all the breakpoints when this query is issued,
785 * because gdb is doing and initial connect and the state
786 * should be cleaned up.
788 gdb_breakpoint_remove_all();
792 addr = strtoull(p, (char **)&p, 16);
793 gdb_set_cpu_pc(s, addr);
799 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
805 if (strncmp(p, "Cont", 4) == 0) {
806 int res_signal, res_thread;
810 put_packet(s, "vCont;c;C;s;S");
825 if (action == 'C' || action == 'S') {
826 signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
830 } else if (action != 'c' && action != 's') {
836 thread = strtoull(p+1, (char **)&p, 16);
838 action = tolower(action);
839 if (res == 0 || (res == 'c' && action == 's')) {
846 if (res_thread != -1 && res_thread != 0) {
847 cpu = find_cpu(res_thread);
849 put_packet(s, "E22");
855 cpu_single_step(s->c_cpu, sstep_flags);
857 s->signal = res_signal;
863 goto unknown_command;
866 #ifdef CONFIG_USER_ONLY
867 /* Kill the target */
868 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
873 gdb_breakpoint_remove_all();
874 gdb_syscall_mode = GDB_SYS_DISABLED;
880 addr = strtoull(p, (char **)&p, 16);
881 gdb_set_cpu_pc(s, addr);
883 cpu_single_step(s->c_cpu, sstep_flags);
891 ret = strtoull(p, (char **)&p, 16);
894 err = strtoull(p, (char **)&p, 16);
901 if (s->current_syscall_cb) {
902 s->current_syscall_cb(s->c_cpu, ret, err);
903 s->current_syscall_cb = NULL;
906 put_packet(s, "T02");
913 cpu_synchronize_state(s->g_cpu);
915 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
916 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
919 memtohex(buf, mem_buf, len);
923 cpu_synchronize_state(s->g_cpu);
926 hextomem((uint8_t *)registers, p, len);
927 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
928 reg_size = gdb_write_register(s->g_cpu, registers, addr);
930 registers += reg_size;
935 addr = strtoull(p, (char **)&p, 16);
938 len = strtoull(p, NULL, 16);
939 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
940 put_packet (s, "E14");
942 memtohex(buf, mem_buf, len);
947 addr = strtoull(p, (char **)&p, 16);
950 len = strtoull(p, (char **)&p, 16);
953 hextomem(mem_buf, p, len);
954 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
956 put_packet(s, "E14");
962 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
963 This works, but can be very slow. Anything new enough to
964 understand XML also knows how to use this properly. */
966 goto unknown_command;
967 addr = strtoull(p, (char **)&p, 16);
968 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
970 memtohex(buf, mem_buf, reg_size);
973 put_packet(s, "E14");
978 goto unknown_command;
979 addr = strtoull(p, (char **)&p, 16);
982 reg_size = strlen(p) / 2;
983 hextomem(mem_buf, p, reg_size);
984 gdb_write_register(s->g_cpu, mem_buf, addr);
989 type = strtoul(p, (char **)&p, 16);
992 addr = strtoull(p, (char **)&p, 16);
995 len = strtoull(p, (char **)&p, 16);
997 res = gdb_breakpoint_insert(addr, len, type);
999 res = gdb_breakpoint_remove(addr, len, type);
1001 put_packet(s, "OK");
1002 else if (res == -ENOSYS)
1005 put_packet(s, "E22");
1009 thread = strtoull(p, (char **)&p, 16);
1010 if (thread == -1 || thread == 0) {
1011 put_packet(s, "OK");
1014 cpu = find_cpu(thread);
1016 put_packet(s, "E22");
1022 put_packet(s, "OK");
1026 put_packet(s, "OK");
1029 put_packet(s, "E22");
1034 thread = strtoull(p, (char **)&p, 16);
1035 cpu = find_cpu(thread);
1038 put_packet(s, "OK");
1040 put_packet(s, "E22");
1045 /* parse any 'q' packets here */
1046 if (!strcmp(p,"qemu.sstepbits")) {
1047 /* Query Breakpoint bit definitions */
1048 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1054 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1055 /* Display or change the sstep_flags */
1058 /* Display current setting */
1059 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1064 type = strtoul(p, (char **)&p, 16);
1066 put_packet(s, "OK");
1068 } else if (strcmp(p,"C") == 0) {
1069 /* "Current thread" remains vague in the spec, so always return
1070 * the first CPU (gdb returns the first thread). */
1071 put_packet(s, "QC1");
1073 } else if (strcmp(p,"fThreadInfo") == 0) {
1074 s->query_cpu = first_cpu;
1075 goto report_cpuinfo;
1076 } else if (strcmp(p,"sThreadInfo") == 0) {
1079 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1081 s->query_cpu = CPU_NEXT(s->query_cpu);
1085 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1086 thread = strtoull(p+16, (char **)&p, 16);
1087 cpu = find_cpu(thread);
1089 cpu_synchronize_state(cpu);
1090 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1091 "CPU#%d [%s]", cpu->cpu_index,
1092 cpu->halted ? "halted " : "running");
1093 memtohex(buf, mem_buf, len);
1098 #ifdef CONFIG_USER_ONLY
1099 else if (strncmp(p, "Offsets", 7) == 0) {
1100 TaskState *ts = s->c_cpu->opaque;
1102 snprintf(buf, sizeof(buf),
1103 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1104 ";Bss=" TARGET_ABI_FMT_lx,
1105 ts->info->code_offset,
1106 ts->info->data_offset,
1107 ts->info->data_offset);
1111 #else /* !CONFIG_USER_ONLY */
1112 else if (strncmp(p, "Rcmd,", 5) == 0) {
1113 int len = strlen(p + 5);
1115 if ((len % 2) != 0) {
1116 put_packet(s, "E01");
1119 hextomem(mem_buf, p + 5, len);
1122 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1123 put_packet(s, "OK");
1126 #endif /* !CONFIG_USER_ONLY */
1127 if (strncmp(p, "Supported", 9) == 0) {
1128 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1129 cc = CPU_GET_CLASS(first_cpu);
1130 if (cc->gdb_core_xml_file != NULL) {
1131 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1136 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1138 target_ulong total_len;
1140 cc = CPU_GET_CLASS(first_cpu);
1141 if (cc->gdb_core_xml_file == NULL) {
1142 goto unknown_command;
1147 xml = get_feature_xml(p, &p, cc);
1149 snprintf(buf, sizeof(buf), "E00");
1156 addr = strtoul(p, (char **)&p, 16);
1159 len = strtoul(p, (char **)&p, 16);
1161 total_len = strlen(xml);
1162 if (addr > total_len) {
1163 snprintf(buf, sizeof(buf), "E00");
1167 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1168 len = (MAX_PACKET_LENGTH - 5) / 2;
1169 if (len < total_len - addr) {
1171 len = memtox(buf + 1, xml + addr, len);
1174 len = memtox(buf + 1, xml + addr, total_len - addr);
1176 put_packet_binary(s, buf, len + 1);
1179 /* Unrecognised 'q' command. */
1180 goto unknown_command;
1184 /* put empty packet */
1192 void gdb_set_stop_cpu(CPUState *cpu)
1194 gdbserver_state->c_cpu = cpu;
1195 gdbserver_state->g_cpu = cpu;
1198 #ifndef CONFIG_USER_ONLY
1199 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1201 GDBState *s = gdbserver_state;
1202 CPUArchState *env = s->c_cpu->env_ptr;
1203 CPUState *cpu = s->c_cpu;
1208 if (running || s->state == RS_INACTIVE) {
1211 /* Is there a GDB syscall waiting to be sent? */
1212 if (s->current_syscall_cb) {
1213 put_packet(s, s->syscall_buf);
1217 case RUN_STATE_DEBUG:
1218 if (cpu->watchpoint_hit) {
1219 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1230 snprintf(buf, sizeof(buf),
1231 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1232 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1233 (target_ulong)cpu->watchpoint_hit->vaddr);
1234 cpu->watchpoint_hit = NULL;
1238 ret = GDB_SIGNAL_TRAP;
1240 case RUN_STATE_PAUSED:
1241 ret = GDB_SIGNAL_INT;
1243 case RUN_STATE_SHUTDOWN:
1244 ret = GDB_SIGNAL_QUIT;
1246 case RUN_STATE_IO_ERROR:
1247 ret = GDB_SIGNAL_IO;
1249 case RUN_STATE_WATCHDOG:
1250 ret = GDB_SIGNAL_ALRM;
1252 case RUN_STATE_INTERNAL_ERROR:
1253 ret = GDB_SIGNAL_ABRT;
1255 case RUN_STATE_SAVE_VM:
1256 case RUN_STATE_RESTORE_VM:
1258 case RUN_STATE_FINISH_MIGRATE:
1259 ret = GDB_SIGNAL_XCPU;
1262 ret = GDB_SIGNAL_UNKNOWN;
1265 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1270 /* disable single step if it was enabled */
1271 cpu_single_step(cpu, 0);
1275 /* Send a gdb syscall request.
1276 This accepts limited printf-style format specifiers, specifically:
1277 %x - target_ulong argument printed in hex.
1278 %lx - 64-bit argument printed in hex.
1279 %s - string pointer (target_ulong) and length (int) pair. */
1280 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1289 s = gdbserver_state;
1292 s->current_syscall_cb = cb;
1293 #ifndef CONFIG_USER_ONLY
1294 vm_stop(RUN_STATE_DEBUG);
1298 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1305 addr = va_arg(va, target_ulong);
1306 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1309 if (*(fmt++) != 'x')
1311 i64 = va_arg(va, uint64_t);
1312 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1315 addr = va_arg(va, target_ulong);
1316 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1317 addr, va_arg(va, int));
1321 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1331 #ifdef CONFIG_USER_ONLY
1332 put_packet(s, s->syscall_buf);
1333 gdb_handlesig(s->c_cpu, 0);
1335 /* In this case wait to send the syscall packet until notification that
1336 the CPU has stopped. This must be done because if the packet is sent
1337 now the reply from the syscall request could be received while the CPU
1338 is still in the running state, which can cause packets to be dropped
1339 and state transition 'T' packets to be sent while the syscall is still
1345 static void gdb_read_byte(GDBState *s, int ch)
1350 #ifndef CONFIG_USER_ONLY
1351 if (s->last_packet_len) {
1352 /* Waiting for a response to the last packet. If we see the start
1353 of a new command then abandon the previous response. */
1356 printf("Got NACK, retransmitting\n");
1358 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1362 printf("Got ACK\n");
1364 printf("Got '%c' when expecting ACK/NACK\n", ch);
1366 if (ch == '+' || ch == '$')
1367 s->last_packet_len = 0;
1371 if (runstate_is_running()) {
1372 /* when the CPU is running, we cannot do anything except stop
1373 it when receiving a char */
1374 vm_stop(RUN_STATE_PAUSED);
1381 s->line_buf_index = 0;
1382 s->state = RS_GETLINE;
1387 s->state = RS_CHKSUM1;
1388 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1391 s->line_buf[s->line_buf_index++] = ch;
1395 s->line_buf[s->line_buf_index] = '\0';
1396 s->line_csum = fromhex(ch) << 4;
1397 s->state = RS_CHKSUM2;
1400 s->line_csum |= fromhex(ch);
1402 for(i = 0; i < s->line_buf_index; i++) {
1403 csum += s->line_buf[i];
1405 if (s->line_csum != (csum & 0xff)) {
1407 put_buffer(s, &reply, 1);
1411 put_buffer(s, &reply, 1);
1412 s->state = gdb_handle_packet(s, s->line_buf);
1421 /* Tell the remote gdb that the process has exited. */
1422 void gdb_exit(CPUArchState *env, int code)
1427 s = gdbserver_state;
1431 #ifdef CONFIG_USER_ONLY
1432 if (gdbserver_fd < 0 || s->fd < 0) {
1437 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1440 #ifndef CONFIG_USER_ONLY
1442 qemu_chr_delete(s->chr);
1447 #ifdef CONFIG_USER_ONLY
1453 s = gdbserver_state;
1455 if (gdbserver_fd < 0 || s->fd < 0)
1462 gdb_handlesig(CPUState *cpu, int sig)
1464 CPUArchState *env = cpu->env_ptr;
1469 s = gdbserver_state;
1470 if (gdbserver_fd < 0 || s->fd < 0) {
1474 /* disable single step if it was enabled */
1475 cpu_single_step(cpu, 0);
1479 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1482 /* put_packet() might have detected that the peer terminated the
1490 s->running_state = 0;
1491 while (s->running_state == 0) {
1492 n = read(s->fd, buf, 256);
1496 for (i = 0; i < n; i++) {
1497 gdb_read_byte(s, buf[i]);
1499 } else if (n == 0 || errno != EAGAIN) {
1500 /* XXX: Connection closed. Should probably wait for another
1501 connection before continuing. */
1510 /* Tell the remote gdb that the process has exited due to SIG. */
1511 void gdb_signalled(CPUArchState *env, int sig)
1516 s = gdbserver_state;
1517 if (gdbserver_fd < 0 || s->fd < 0) {
1521 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1525 static void gdb_accept(void)
1528 struct sockaddr_in sockaddr;
1533 len = sizeof(sockaddr);
1534 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1535 if (fd < 0 && errno != EINTR) {
1538 } else if (fd >= 0) {
1540 fcntl(fd, F_SETFD, FD_CLOEXEC);
1546 /* set short latency */
1547 socket_set_nodelay(fd);
1549 s = g_malloc0(sizeof(GDBState));
1550 s->c_cpu = first_cpu;
1551 s->g_cpu = first_cpu;
1553 gdb_has_xml = false;
1555 gdbserver_state = s;
1557 fcntl(fd, F_SETFL, O_NONBLOCK);
1560 static int gdbserver_open(int port)
1562 struct sockaddr_in sockaddr;
1565 fd = socket(PF_INET, SOCK_STREAM, 0);
1571 fcntl(fd, F_SETFD, FD_CLOEXEC);
1574 socket_set_fast_reuse(fd);
1576 sockaddr.sin_family = AF_INET;
1577 sockaddr.sin_port = htons(port);
1578 sockaddr.sin_addr.s_addr = 0;
1579 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1585 ret = listen(fd, 0);
1594 int gdbserver_start(int port)
1596 gdbserver_fd = gdbserver_open(port);
1597 if (gdbserver_fd < 0)
1599 /* accept connections */
1604 /* Disable gdb stub for child processes. */
1605 void gdbserver_fork(CPUArchState *env)
1607 CPUState *cpu = ENV_GET_CPU(env);
1608 GDBState *s = gdbserver_state;
1610 if (gdbserver_fd < 0 || s->fd < 0) {
1615 cpu_breakpoint_remove_all(cpu, BP_GDB);
1616 cpu_watchpoint_remove_all(cpu, BP_GDB);
1619 static int gdb_chr_can_receive(void *opaque)
1621 /* We can handle an arbitrarily large amount of data.
1622 Pick the maximum packet size, which is as good as anything. */
1623 return MAX_PACKET_LENGTH;
1626 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1630 for (i = 0; i < size; i++) {
1631 gdb_read_byte(gdbserver_state, buf[i]);
1635 static void gdb_chr_event(void *opaque, int event)
1638 case CHR_EVENT_OPENED:
1639 vm_stop(RUN_STATE_PAUSED);
1640 gdb_has_xml = false;
1647 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1649 char buf[MAX_PACKET_LENGTH];
1652 if (len > (MAX_PACKET_LENGTH/2) - 1)
1653 len = (MAX_PACKET_LENGTH/2) - 1;
1654 memtohex(buf + 1, (uint8_t *)msg, len);
1658 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1660 const char *p = (const char *)buf;
1663 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1665 if (len <= max_sz) {
1666 gdb_monitor_output(gdbserver_state, p, len);
1669 gdb_monitor_output(gdbserver_state, p, max_sz);
1677 static void gdb_sigterm_handler(int signal)
1679 if (runstate_is_running()) {
1680 vm_stop(RUN_STATE_PAUSED);
1685 int gdbserver_start(const char *device)
1688 char gdbstub_device_name[128];
1689 CharDriverState *chr = NULL;
1690 CharDriverState *mon_chr;
1694 if (strcmp(device, "none") != 0) {
1695 if (strstart(device, "tcp:", NULL)) {
1696 /* enforce required TCP attributes */
1697 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1698 "%s,nowait,nodelay,server", device);
1699 device = gdbstub_device_name;
1702 else if (strcmp(device, "stdio") == 0) {
1703 struct sigaction act;
1705 memset(&act, 0, sizeof(act));
1706 act.sa_handler = gdb_sigterm_handler;
1707 sigaction(SIGINT, &act, NULL);
1710 chr = qemu_chr_new("gdb", device, NULL);
1714 qemu_chr_fe_claim_no_fail(chr);
1715 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1716 gdb_chr_event, NULL);
1719 s = gdbserver_state;
1721 s = g_malloc0(sizeof(GDBState));
1722 gdbserver_state = s;
1724 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1726 /* Initialize a monitor terminal for gdb */
1727 mon_chr = qemu_chr_alloc();
1728 mon_chr->chr_write = gdb_monitor_write;
1729 monitor_init(mon_chr, 0);
1732 qemu_chr_delete(s->chr);
1733 mon_chr = s->mon_chr;
1734 memset(s, 0, sizeof(GDBState));
1736 s->c_cpu = first_cpu;
1737 s->g_cpu = first_cpu;
1739 s->state = chr ? RS_IDLE : RS_INACTIVE;
1740 s->mon_chr = mon_chr;
1741 s->current_syscall_cb = NULL;
projects / sdk / emulator / qemu.git / blob