4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
44 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
45 uint8_t *buf, int len, bool is_write)
47 CPUClass *cc = CPU_GET_CLASS(cpu);
49 if (cc->memory_rw_debug) {
50 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
52 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
64 GDB_SIGNAL_UNKNOWN = 143
67 #ifdef CONFIG_USER_ONLY
69 /* Map target signal numbers to GDB protocol signal numbers and vice
70 * versa. For user emulation's currently supported systems, we can
71 * assume most signals are defined.
74 static int gdb_signal_table[] = {
234 /* In system mode we only need SIGINT and SIGTRAP; other signals
235 are not yet supported. */
242 static int gdb_signal_table[] = {
252 #ifdef CONFIG_USER_ONLY
253 static int target_signal_to_gdb (int sig)
256 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
257 if (gdb_signal_table[i] == sig)
259 return GDB_SIGNAL_UNKNOWN;
263 static int gdb_signal_to_target (int sig)
265 if (sig < ARRAY_SIZE (gdb_signal_table))
266 return gdb_signal_table[sig];
273 typedef struct GDBRegisterState {
279 struct GDBRegisterState *next;
289 typedef struct GDBState {
290 CPUState *c_cpu; /* current CPU for step/continue ops */
291 CPUState *g_cpu; /* current CPU for other ops */
292 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
293 enum RSState state; /* parsing state */
294 char line_buf[MAX_PACKET_LENGTH];
297 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
300 #ifdef CONFIG_USER_ONLY
304 CharDriverState *chr;
305 CharDriverState *mon_chr;
307 char syscall_buf[256];
308 gdb_syscall_complete_cb current_syscall_cb;
311 /* By default use no IRQs and no timers while single stepping so as to
312 * make single stepping like an ICE HW step.
314 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
316 static GDBState *gdbserver_state;
320 #ifdef CONFIG_USER_ONLY
321 /* XXX: This is not thread safe. Do we care? */
322 static int gdbserver_fd = -1;
324 static int get_char(GDBState *s)
330 ret = qemu_recv(s->fd, &ch, 1, 0);
332 if (errno == ECONNRESET)
334 if (errno != EINTR && errno != EAGAIN)
336 } else if (ret == 0) {
354 /* If gdb is connected when the first semihosting syscall occurs then use
355 remote gdb syscalls. Otherwise use native file IO. */
356 int use_gdb_syscalls(void)
358 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
359 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
362 return gdb_syscall_mode == GDB_SYS_ENABLED;
365 /* Resume execution. */
366 static inline void gdb_continue(GDBState *s)
368 #ifdef CONFIG_USER_ONLY
369 s->running_state = 1;
371 if (!runstate_needs_reset()) {
377 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
379 #ifdef CONFIG_USER_ONLY
383 ret = send(s->fd, buf, len, 0);
385 if (errno != EINTR && errno != EAGAIN)
393 qemu_chr_fe_write(s->chr, buf, len);
397 static inline int fromhex(int v)
399 if (v >= '0' && v <= '9')
401 else if (v >= 'A' && v <= 'F')
403 else if (v >= 'a' && v <= 'f')
409 static inline int tohex(int v)
417 static void memtohex(char *buf, const uint8_t *mem, int len)
422 for(i = 0; i < len; i++) {
424 *q++ = tohex(c >> 4);
425 *q++ = tohex(c & 0xf);
430 static void hextomem(uint8_t *mem, const char *buf, int len)
434 for(i = 0; i < len; i++) {
435 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
440 /* return -1 if error, 0 if OK */
441 static int put_packet_binary(GDBState *s, const char *buf, int len)
452 for(i = 0; i < len; i++) {
456 *(p++) = tohex((csum >> 4) & 0xf);
457 *(p++) = tohex((csum) & 0xf);
459 s->last_packet_len = p - s->last_packet;
460 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
462 #ifdef CONFIG_USER_ONLY
475 /* return -1 if error, 0 if OK */
476 static int put_packet(GDBState *s, const char *buf)
479 printf("reply='%s'\n", buf);
482 return put_packet_binary(s, buf, strlen(buf));
485 /* Encode data using the encoding for 'x' packets. */
486 static int memtox(char *buf, const char *mem, int len)
494 case '#': case '$': case '*': case '}':
506 static const char *get_feature_xml(const char *p, const char **newp,
512 static char target_xml[1024];
515 while (p[len] && p[len] != ':')
520 if (strncmp(p, "target.xml", len) == 0) {
521 /* Generate the XML description for this CPU. */
522 if (!target_xml[0]) {
524 CPUState *cpu = first_cpu;
526 snprintf(target_xml, sizeof(target_xml),
527 "<?xml version=\"1.0\"?>"
528 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
530 "<xi:include href=\"%s\"/>",
531 cc->gdb_core_xml_file);
533 for (r = cpu->gdb_regs; r; r = r->next) {
534 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
535 pstrcat(target_xml, sizeof(target_xml), r->xml);
536 pstrcat(target_xml, sizeof(target_xml), "\"/>");
538 pstrcat(target_xml, sizeof(target_xml), "</target>");
543 name = xml_builtin[i][0];
544 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
547 return name ? xml_builtin[i][1] : NULL;
550 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
552 CPUClass *cc = CPU_GET_CLASS(cpu);
553 CPUArchState *env = cpu->env_ptr;
556 if (reg < cc->gdb_num_core_regs) {
557 return cc->gdb_read_register(cpu, mem_buf, reg);
560 for (r = cpu->gdb_regs; r; r = r->next) {
561 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
562 return r->get_reg(env, mem_buf, reg - r->base_reg);
568 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
570 CPUClass *cc = CPU_GET_CLASS(cpu);
571 CPUArchState *env = cpu->env_ptr;
574 if (reg < cc->gdb_num_core_regs) {
575 return cc->gdb_write_register(cpu, mem_buf, reg);
578 for (r = cpu->gdb_regs; r; r = r->next) {
579 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
580 return r->set_reg(env, mem_buf, reg - r->base_reg);
586 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
587 specifies the first register number and these registers are included in
588 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
589 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
592 void gdb_register_coprocessor(CPUState *cpu,
593 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
594 int num_regs, const char *xml, int g_pos)
597 GDBRegisterState **p;
601 /* Check for duplicates. */
602 if (strcmp((*p)->xml, xml) == 0)
607 s = g_new0(GDBRegisterState, 1);
608 s->base_reg = cpu->gdb_num_regs;
609 s->num_regs = num_regs;
610 s->get_reg = get_reg;
611 s->set_reg = set_reg;
614 /* Add to end of list. */
615 cpu->gdb_num_regs += num_regs;
618 if (g_pos != s->base_reg) {
619 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
620 "Expected %d got %d\n", xml, g_pos, s->base_reg);
622 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
627 #ifndef CONFIG_USER_ONLY
628 static const int xlat_gdb_type[] = {
629 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
630 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
631 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
635 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
642 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
646 case GDB_BREAKPOINT_SW:
647 case GDB_BREAKPOINT_HW:
650 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
655 #ifndef CONFIG_USER_ONLY
656 case GDB_WATCHPOINT_WRITE:
657 case GDB_WATCHPOINT_READ:
658 case GDB_WATCHPOINT_ACCESS:
661 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
673 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
680 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
684 case GDB_BREAKPOINT_SW:
685 case GDB_BREAKPOINT_HW:
688 err = cpu_breakpoint_remove(env, addr, BP_GDB);
693 #ifndef CONFIG_USER_ONLY
694 case GDB_WATCHPOINT_WRITE:
695 case GDB_WATCHPOINT_READ:
696 case GDB_WATCHPOINT_ACCESS:
699 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
710 static void gdb_breakpoint_remove_all(void)
716 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
722 cpu_breakpoint_remove_all(env, BP_GDB);
723 #ifndef CONFIG_USER_ONLY
724 cpu_watchpoint_remove_all(env, BP_GDB);
729 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
731 CPUState *cpu = s->c_cpu;
732 CPUClass *cc = CPU_GET_CLASS(cpu);
734 cpu_synchronize_state(cpu);
740 static CPUState *find_cpu(uint32_t thread_id)
745 if (cpu_index(cpu) == thread_id) {
753 static int gdb_handle_packet(GDBState *s, const char *line_buf)
759 int ch, reg_size, type, res;
760 char buf[MAX_PACKET_LENGTH];
761 uint8_t mem_buf[MAX_PACKET_LENGTH];
763 target_ulong addr, len;
766 printf("command='%s'\n", line_buf);
772 /* TODO: Make this return the correct value for user-mode. */
773 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
774 cpu_index(s->c_cpu));
776 /* Remove all the breakpoints when this query is issued,
777 * because gdb is doing and initial connect and the state
778 * should be cleaned up.
780 gdb_breakpoint_remove_all();
784 addr = strtoull(p, (char **)&p, 16);
785 gdb_set_cpu_pc(s, addr);
791 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
797 if (strncmp(p, "Cont", 4) == 0) {
798 int res_signal, res_thread;
802 put_packet(s, "vCont;c;C;s;S");
817 if (action == 'C' || action == 'S') {
818 signal = strtoul(p, (char **)&p, 16);
819 } else if (action != 'c' && action != 's') {
825 thread = strtoull(p+1, (char **)&p, 16);
827 action = tolower(action);
828 if (res == 0 || (res == 'c' && action == 's')) {
835 if (res_thread != -1 && res_thread != 0) {
836 cpu = find_cpu(res_thread);
838 put_packet(s, "E22");
844 cpu_single_step(s->c_cpu, sstep_flags);
846 s->signal = res_signal;
852 goto unknown_command;
855 #ifdef CONFIG_USER_ONLY
856 /* Kill the target */
857 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
862 gdb_breakpoint_remove_all();
863 gdb_syscall_mode = GDB_SYS_DISABLED;
869 addr = strtoull(p, (char **)&p, 16);
870 gdb_set_cpu_pc(s, addr);
872 cpu_single_step(s->c_cpu, sstep_flags);
880 ret = strtoull(p, (char **)&p, 16);
883 err = strtoull(p, (char **)&p, 16);
890 if (s->current_syscall_cb) {
891 s->current_syscall_cb(s->c_cpu, ret, err);
892 s->current_syscall_cb = NULL;
895 put_packet(s, "T02");
902 cpu_synchronize_state(s->g_cpu);
904 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
905 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
908 memtohex(buf, mem_buf, len);
912 cpu_synchronize_state(s->g_cpu);
915 hextomem((uint8_t *)registers, p, len);
916 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
917 reg_size = gdb_write_register(s->g_cpu, registers, addr);
919 registers += reg_size;
924 addr = strtoull(p, (char **)&p, 16);
927 len = strtoull(p, NULL, 16);
928 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
929 put_packet (s, "E14");
931 memtohex(buf, mem_buf, len);
936 addr = strtoull(p, (char **)&p, 16);
939 len = strtoull(p, (char **)&p, 16);
942 hextomem(mem_buf, p, len);
943 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
945 put_packet(s, "E14");
951 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
952 This works, but can be very slow. Anything new enough to
953 understand XML also knows how to use this properly. */
955 goto unknown_command;
956 addr = strtoull(p, (char **)&p, 16);
957 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
959 memtohex(buf, mem_buf, reg_size);
962 put_packet(s, "E14");
967 goto unknown_command;
968 addr = strtoull(p, (char **)&p, 16);
971 reg_size = strlen(p) / 2;
972 hextomem(mem_buf, p, reg_size);
973 gdb_write_register(s->g_cpu, mem_buf, addr);
978 type = strtoul(p, (char **)&p, 16);
981 addr = strtoull(p, (char **)&p, 16);
984 len = strtoull(p, (char **)&p, 16);
986 res = gdb_breakpoint_insert(addr, len, type);
988 res = gdb_breakpoint_remove(addr, len, type);
991 else if (res == -ENOSYS)
994 put_packet(s, "E22");
998 thread = strtoull(p, (char **)&p, 16);
999 if (thread == -1 || thread == 0) {
1000 put_packet(s, "OK");
1003 cpu = find_cpu(thread);
1005 put_packet(s, "E22");
1011 put_packet(s, "OK");
1015 put_packet(s, "OK");
1018 put_packet(s, "E22");
1023 thread = strtoull(p, (char **)&p, 16);
1024 cpu = find_cpu(thread);
1027 put_packet(s, "OK");
1029 put_packet(s, "E22");
1034 /* parse any 'q' packets here */
1035 if (!strcmp(p,"qemu.sstepbits")) {
1036 /* Query Breakpoint bit definitions */
1037 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1043 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1044 /* Display or change the sstep_flags */
1047 /* Display current setting */
1048 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1053 type = strtoul(p, (char **)&p, 16);
1055 put_packet(s, "OK");
1057 } else if (strcmp(p,"C") == 0) {
1058 /* "Current thread" remains vague in the spec, so always return
1059 * the first CPU (gdb returns the first thread). */
1060 put_packet(s, "QC1");
1062 } else if (strcmp(p,"fThreadInfo") == 0) {
1063 s->query_cpu = first_cpu;
1064 goto report_cpuinfo;
1065 } else if (strcmp(p,"sThreadInfo") == 0) {
1068 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1070 s->query_cpu = CPU_NEXT(s->query_cpu);
1074 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1075 thread = strtoull(p+16, (char **)&p, 16);
1076 cpu = find_cpu(thread);
1078 cpu_synchronize_state(cpu);
1079 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1080 "CPU#%d [%s]", cpu->cpu_index,
1081 cpu->halted ? "halted " : "running");
1082 memtohex(buf, mem_buf, len);
1087 #ifdef CONFIG_USER_ONLY
1088 else if (strncmp(p, "Offsets", 7) == 0) {
1089 TaskState *ts = s->c_cpu->opaque;
1091 snprintf(buf, sizeof(buf),
1092 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1093 ";Bss=" TARGET_ABI_FMT_lx,
1094 ts->info->code_offset,
1095 ts->info->data_offset,
1096 ts->info->data_offset);
1100 #else /* !CONFIG_USER_ONLY */
1101 else if (strncmp(p, "Rcmd,", 5) == 0) {
1102 int len = strlen(p + 5);
1104 if ((len % 2) != 0) {
1105 put_packet(s, "E01");
1108 hextomem(mem_buf, p + 5, len);
1111 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1112 put_packet(s, "OK");
1115 #endif /* !CONFIG_USER_ONLY */
1116 if (strncmp(p, "Supported", 9) == 0) {
1117 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1118 cc = CPU_GET_CLASS(first_cpu);
1119 if (cc->gdb_core_xml_file != NULL) {
1120 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1125 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1127 target_ulong total_len;
1129 cc = CPU_GET_CLASS(first_cpu);
1130 if (cc->gdb_core_xml_file == NULL) {
1131 goto unknown_command;
1136 xml = get_feature_xml(p, &p, cc);
1138 snprintf(buf, sizeof(buf), "E00");
1145 addr = strtoul(p, (char **)&p, 16);
1148 len = strtoul(p, (char **)&p, 16);
1150 total_len = strlen(xml);
1151 if (addr > total_len) {
1152 snprintf(buf, sizeof(buf), "E00");
1156 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1157 len = (MAX_PACKET_LENGTH - 5) / 2;
1158 if (len < total_len - addr) {
1160 len = memtox(buf + 1, xml + addr, len);
1163 len = memtox(buf + 1, xml + addr, total_len - addr);
1165 put_packet_binary(s, buf, len + 1);
1168 /* Unrecognised 'q' command. */
1169 goto unknown_command;
1173 /* put empty packet */
1181 void gdb_set_stop_cpu(CPUState *cpu)
1183 gdbserver_state->c_cpu = cpu;
1184 gdbserver_state->g_cpu = cpu;
1187 #ifndef CONFIG_USER_ONLY
1188 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1190 GDBState *s = gdbserver_state;
1191 CPUArchState *env = s->c_cpu->env_ptr;
1192 CPUState *cpu = s->c_cpu;
1197 if (running || s->state == RS_INACTIVE) {
1200 /* Is there a GDB syscall waiting to be sent? */
1201 if (s->current_syscall_cb) {
1202 put_packet(s, s->syscall_buf);
1206 case RUN_STATE_DEBUG:
1207 if (cpu->watchpoint_hit) {
1208 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1219 snprintf(buf, sizeof(buf),
1220 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1221 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1222 (target_ulong)cpu->watchpoint_hit->vaddr);
1223 cpu->watchpoint_hit = NULL;
1227 ret = GDB_SIGNAL_TRAP;
1229 case RUN_STATE_PAUSED:
1230 ret = GDB_SIGNAL_INT;
1232 case RUN_STATE_SHUTDOWN:
1233 ret = GDB_SIGNAL_QUIT;
1235 case RUN_STATE_IO_ERROR:
1236 ret = GDB_SIGNAL_IO;
1238 case RUN_STATE_WATCHDOG:
1239 ret = GDB_SIGNAL_ALRM;
1241 case RUN_STATE_INTERNAL_ERROR:
1242 ret = GDB_SIGNAL_ABRT;
1244 case RUN_STATE_SAVE_VM:
1245 case RUN_STATE_RESTORE_VM:
1247 case RUN_STATE_FINISH_MIGRATE:
1248 ret = GDB_SIGNAL_XCPU;
1251 ret = GDB_SIGNAL_UNKNOWN;
1254 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1259 /* disable single step if it was enabled */
1260 cpu_single_step(cpu, 0);
1264 /* Send a gdb syscall request.
1265 This accepts limited printf-style format specifiers, specifically:
1266 %x - target_ulong argument printed in hex.
1267 %lx - 64-bit argument printed in hex.
1268 %s - string pointer (target_ulong) and length (int) pair. */
1269 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1278 s = gdbserver_state;
1281 s->current_syscall_cb = cb;
1282 #ifndef CONFIG_USER_ONLY
1283 vm_stop(RUN_STATE_DEBUG);
1287 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1294 addr = va_arg(va, target_ulong);
1295 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1298 if (*(fmt++) != 'x')
1300 i64 = va_arg(va, uint64_t);
1301 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1304 addr = va_arg(va, target_ulong);
1305 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1306 addr, va_arg(va, int));
1310 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1320 #ifdef CONFIG_USER_ONLY
1321 put_packet(s, s->syscall_buf);
1322 gdb_handlesig(s->c_cpu, 0);
1324 /* In this case wait to send the syscall packet until notification that
1325 the CPU has stopped. This must be done because if the packet is sent
1326 now the reply from the syscall request could be received while the CPU
1327 is still in the running state, which can cause packets to be dropped
1328 and state transition 'T' packets to be sent while the syscall is still
1334 static void gdb_read_byte(GDBState *s, int ch)
1339 #ifndef CONFIG_USER_ONLY
1340 if (s->last_packet_len) {
1341 /* Waiting for a response to the last packet. If we see the start
1342 of a new command then abandon the previous response. */
1345 printf("Got NACK, retransmitting\n");
1347 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1351 printf("Got ACK\n");
1353 printf("Got '%c' when expecting ACK/NACK\n", ch);
1355 if (ch == '+' || ch == '$')
1356 s->last_packet_len = 0;
1360 if (runstate_is_running()) {
1361 /* when the CPU is running, we cannot do anything except stop
1362 it when receiving a char */
1363 vm_stop(RUN_STATE_PAUSED);
1370 s->line_buf_index = 0;
1371 s->state = RS_GETLINE;
1376 s->state = RS_CHKSUM1;
1377 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1380 s->line_buf[s->line_buf_index++] = ch;
1384 s->line_buf[s->line_buf_index] = '\0';
1385 s->line_csum = fromhex(ch) << 4;
1386 s->state = RS_CHKSUM2;
1389 s->line_csum |= fromhex(ch);
1391 for(i = 0; i < s->line_buf_index; i++) {
1392 csum += s->line_buf[i];
1394 if (s->line_csum != (csum & 0xff)) {
1396 put_buffer(s, &reply, 1);
1400 put_buffer(s, &reply, 1);
1401 s->state = gdb_handle_packet(s, s->line_buf);
1410 /* Tell the remote gdb that the process has exited. */
1411 void gdb_exit(CPUArchState *env, int code)
1416 s = gdbserver_state;
1420 #ifdef CONFIG_USER_ONLY
1421 if (gdbserver_fd < 0 || s->fd < 0) {
1426 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1429 #ifndef CONFIG_USER_ONLY
1431 qemu_chr_delete(s->chr);
1436 #ifdef CONFIG_USER_ONLY
1442 s = gdbserver_state;
1444 if (gdbserver_fd < 0 || s->fd < 0)
1451 gdb_handlesig(CPUState *cpu, int sig)
1453 CPUArchState *env = cpu->env_ptr;
1458 s = gdbserver_state;
1459 if (gdbserver_fd < 0 || s->fd < 0) {
1463 /* disable single step if it was enabled */
1464 cpu_single_step(cpu, 0);
1468 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1471 /* put_packet() might have detected that the peer terminated the
1479 s->running_state = 0;
1480 while (s->running_state == 0) {
1481 n = read(s->fd, buf, 256);
1485 for (i = 0; i < n; i++) {
1486 gdb_read_byte(s, buf[i]);
1488 } else if (n == 0 || errno != EAGAIN) {
1489 /* XXX: Connection closed. Should probably wait for another
1490 connection before continuing. */
1499 /* Tell the remote gdb that the process has exited due to SIG. */
1500 void gdb_signalled(CPUArchState *env, int sig)
1505 s = gdbserver_state;
1506 if (gdbserver_fd < 0 || s->fd < 0) {
1510 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1514 static void gdb_accept(void)
1517 struct sockaddr_in sockaddr;
1522 len = sizeof(sockaddr);
1523 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1524 if (fd < 0 && errno != EINTR) {
1527 } else if (fd >= 0) {
1529 fcntl(fd, F_SETFD, FD_CLOEXEC);
1535 /* set short latency */
1536 socket_set_nodelay(fd);
1538 s = g_malloc0(sizeof(GDBState));
1539 s->c_cpu = first_cpu;
1540 s->g_cpu = first_cpu;
1542 gdb_has_xml = false;
1544 gdbserver_state = s;
1546 fcntl(fd, F_SETFL, O_NONBLOCK);
1549 static int gdbserver_open(int port)
1551 struct sockaddr_in sockaddr;
1554 fd = socket(PF_INET, SOCK_STREAM, 0);
1560 fcntl(fd, F_SETFD, FD_CLOEXEC);
1563 socket_set_fast_reuse(fd);
1565 sockaddr.sin_family = AF_INET;
1566 sockaddr.sin_port = htons(port);
1567 sockaddr.sin_addr.s_addr = 0;
1568 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1574 ret = listen(fd, 0);
1583 int gdbserver_start(int port)
1585 gdbserver_fd = gdbserver_open(port);
1586 if (gdbserver_fd < 0)
1588 /* accept connections */
1593 /* Disable gdb stub for child processes. */
1594 void gdbserver_fork(CPUArchState *env)
1596 GDBState *s = gdbserver_state;
1597 if (gdbserver_fd < 0 || s->fd < 0)
1601 cpu_breakpoint_remove_all(env, BP_GDB);
1602 cpu_watchpoint_remove_all(env, BP_GDB);
1605 static int gdb_chr_can_receive(void *opaque)
1607 /* We can handle an arbitrarily large amount of data.
1608 Pick the maximum packet size, which is as good as anything. */
1609 return MAX_PACKET_LENGTH;
1612 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1616 for (i = 0; i < size; i++) {
1617 gdb_read_byte(gdbserver_state, buf[i]);
1621 static void gdb_chr_event(void *opaque, int event)
1624 case CHR_EVENT_OPENED:
1625 vm_stop(RUN_STATE_PAUSED);
1626 gdb_has_xml = false;
1633 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1635 char buf[MAX_PACKET_LENGTH];
1638 if (len > (MAX_PACKET_LENGTH/2) - 1)
1639 len = (MAX_PACKET_LENGTH/2) - 1;
1640 memtohex(buf + 1, (uint8_t *)msg, len);
1644 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1646 const char *p = (const char *)buf;
1649 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1651 if (len <= max_sz) {
1652 gdb_monitor_output(gdbserver_state, p, len);
1655 gdb_monitor_output(gdbserver_state, p, max_sz);
1663 static void gdb_sigterm_handler(int signal)
1665 if (runstate_is_running()) {
1666 vm_stop(RUN_STATE_PAUSED);
1671 int gdbserver_start(const char *device)
1674 char gdbstub_device_name[128];
1675 CharDriverState *chr = NULL;
1676 CharDriverState *mon_chr;
1680 if (strcmp(device, "none") != 0) {
1681 if (strstart(device, "tcp:", NULL)) {
1682 /* enforce required TCP attributes */
1683 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1684 "%s,nowait,nodelay,server", device);
1685 device = gdbstub_device_name;
1688 else if (strcmp(device, "stdio") == 0) {
1689 struct sigaction act;
1691 memset(&act, 0, sizeof(act));
1692 act.sa_handler = gdb_sigterm_handler;
1693 sigaction(SIGINT, &act, NULL);
1696 chr = qemu_chr_new("gdb", device, NULL);
1700 qemu_chr_fe_claim_no_fail(chr);
1701 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1702 gdb_chr_event, NULL);
1705 s = gdbserver_state;
1707 s = g_malloc0(sizeof(GDBState));
1708 gdbserver_state = s;
1710 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1712 /* Initialize a monitor terminal for gdb */
1713 mon_chr = g_malloc0(sizeof(*mon_chr));
1714 mon_chr->chr_write = gdb_monitor_write;
1715 monitor_init(mon_chr, 0);
1718 qemu_chr_delete(s->chr);
1719 mon_chr = s->mon_chr;
1720 memset(s, 0, sizeof(GDBState));
1722 s->c_cpu = first_cpu;
1723 s->g_cpu = first_cpu;
1725 s->state = chr ? RS_IDLE : RS_INACTIVE;
1726 s->mon_chr = mon_chr;
1727 s->current_syscall_cb = NULL;
projects / sdk / emulator / qemu.git / blob