4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
43 #include "exec/semihost.h"
45 #ifdef CONFIG_USER_ONLY
46 #define GDB_ATTACHED "0"
48 #define GDB_ATTACHED "1"
51 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
52 uint8_t *buf, int len, bool is_write)
54 CPUClass *cc = CPU_GET_CLASS(cpu);
56 if (cc->memory_rw_debug) {
57 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
59 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
71 GDB_SIGNAL_UNKNOWN = 143
74 #ifdef CONFIG_USER_ONLY
76 /* Map target signal numbers to GDB protocol signal numbers and vice
77 * versa. For user emulation's currently supported systems, we can
78 * assume most signals are defined.
81 static int gdb_signal_table[] = {
241 /* In system mode we only need SIGINT and SIGTRAP; other signals
242 are not yet supported. */
249 static int gdb_signal_table[] = {
259 #ifdef CONFIG_USER_ONLY
260 static int target_signal_to_gdb (int sig)
263 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
264 if (gdb_signal_table[i] == sig)
266 return GDB_SIGNAL_UNKNOWN;
270 static int gdb_signal_to_target (int sig)
272 if (sig < ARRAY_SIZE (gdb_signal_table))
273 return gdb_signal_table[sig];
280 typedef struct GDBRegisterState {
286 struct GDBRegisterState *next;
296 typedef struct GDBState {
297 CPUState *c_cpu; /* current CPU for step/continue ops */
298 CPUState *g_cpu; /* current CPU for other ops */
299 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
300 enum RSState state; /* parsing state */
301 char line_buf[MAX_PACKET_LENGTH];
304 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
307 #ifdef CONFIG_USER_ONLY
311 CharDriverState *chr;
312 CharDriverState *mon_chr;
314 char syscall_buf[256];
315 gdb_syscall_complete_cb current_syscall_cb;
318 /* By default use no IRQs and no timers while single stepping so as to
319 * make single stepping like an ICE HW step.
321 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
323 static GDBState *gdbserver_state;
327 #ifdef CONFIG_USER_ONLY
328 /* XXX: This is not thread safe. Do we care? */
329 static int gdbserver_fd = -1;
331 static int get_char(GDBState *s)
337 ret = qemu_recv(s->fd, &ch, 1, 0);
339 if (errno == ECONNRESET)
341 if (errno != EINTR && errno != EAGAIN)
343 } else if (ret == 0) {
361 /* Decide if either remote gdb syscalls or native file IO should be used. */
362 int use_gdb_syscalls(void)
364 SemihostingTarget target = semihosting_get_target();
365 if (target == SEMIHOSTING_TARGET_NATIVE) {
366 /* -semihosting-config target=native */
368 } else if (target == SEMIHOSTING_TARGET_GDB) {
369 /* -semihosting-config target=gdb */
373 /* -semihosting-config target=auto */
374 /* On the first call check if gdb is connected and remember. */
375 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
376 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
379 return gdb_syscall_mode == GDB_SYS_ENABLED;
382 /* Resume execution. */
383 static inline void gdb_continue(GDBState *s)
385 #ifdef CONFIG_USER_ONLY
386 s->running_state = 1;
388 if (!runstate_needs_reset()) {
394 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
396 #ifdef CONFIG_USER_ONLY
400 ret = send(s->fd, buf, len, 0);
402 if (errno != EINTR && errno != EAGAIN)
410 qemu_chr_fe_write(s->chr, buf, len);
414 static inline int fromhex(int v)
416 if (v >= '0' && v <= '9')
418 else if (v >= 'A' && v <= 'F')
420 else if (v >= 'a' && v <= 'f')
426 static inline int tohex(int v)
434 static void memtohex(char *buf, const uint8_t *mem, int len)
439 for(i = 0; i < len; i++) {
441 *q++ = tohex(c >> 4);
442 *q++ = tohex(c & 0xf);
447 static void hextomem(uint8_t *mem, const char *buf, int len)
451 for(i = 0; i < len; i++) {
452 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
457 /* return -1 if error, 0 if OK */
458 static int put_packet_binary(GDBState *s, const char *buf, int len)
469 for(i = 0; i < len; i++) {
473 *(p++) = tohex((csum >> 4) & 0xf);
474 *(p++) = tohex((csum) & 0xf);
476 s->last_packet_len = p - s->last_packet;
477 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
479 #ifdef CONFIG_USER_ONLY
492 /* return -1 if error, 0 if OK */
493 static int put_packet(GDBState *s, const char *buf)
496 printf("reply='%s'\n", buf);
499 return put_packet_binary(s, buf, strlen(buf));
502 /* Encode data using the encoding for 'x' packets. */
503 static int memtox(char *buf, const char *mem, int len)
511 case '#': case '$': case '*': case '}':
523 static const char *get_feature_xml(const char *p, const char **newp,
529 static char target_xml[1024];
532 while (p[len] && p[len] != ':')
537 if (strncmp(p, "target.xml", len) == 0) {
538 /* Generate the XML description for this CPU. */
539 if (!target_xml[0]) {
541 CPUState *cpu = first_cpu;
543 snprintf(target_xml, sizeof(target_xml),
544 "<?xml version=\"1.0\"?>"
545 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
547 "<xi:include href=\"%s\"/>",
548 cc->gdb_core_xml_file);
550 for (r = cpu->gdb_regs; r; r = r->next) {
551 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
552 pstrcat(target_xml, sizeof(target_xml), r->xml);
553 pstrcat(target_xml, sizeof(target_xml), "\"/>");
555 pstrcat(target_xml, sizeof(target_xml), "</target>");
560 name = xml_builtin[i][0];
561 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
564 return name ? xml_builtin[i][1] : NULL;
567 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
569 CPUClass *cc = CPU_GET_CLASS(cpu);
570 CPUArchState *env = cpu->env_ptr;
573 if (reg < cc->gdb_num_core_regs) {
574 return cc->gdb_read_register(cpu, mem_buf, reg);
577 for (r = cpu->gdb_regs; r; r = r->next) {
578 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
579 return r->get_reg(env, mem_buf, reg - r->base_reg);
585 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
587 CPUClass *cc = CPU_GET_CLASS(cpu);
588 CPUArchState *env = cpu->env_ptr;
591 if (reg < cc->gdb_num_core_regs) {
592 return cc->gdb_write_register(cpu, mem_buf, reg);
595 for (r = cpu->gdb_regs; r; r = r->next) {
596 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
597 return r->set_reg(env, mem_buf, reg - r->base_reg);
603 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
604 specifies the first register number and these registers are included in
605 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
606 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
609 void gdb_register_coprocessor(CPUState *cpu,
610 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
611 int num_regs, const char *xml, int g_pos)
614 GDBRegisterState **p;
618 /* Check for duplicates. */
619 if (strcmp((*p)->xml, xml) == 0)
624 s = g_new0(GDBRegisterState, 1);
625 s->base_reg = cpu->gdb_num_regs;
626 s->num_regs = num_regs;
627 s->get_reg = get_reg;
628 s->set_reg = set_reg;
631 /* Add to end of list. */
632 cpu->gdb_num_regs += num_regs;
635 if (g_pos != s->base_reg) {
636 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
637 "Expected %d got %d\n", xml, g_pos, s->base_reg);
639 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
644 #ifndef CONFIG_USER_ONLY
645 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
646 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
648 static const int xlat[] = {
649 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
650 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
651 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
654 CPUClass *cc = CPU_GET_CLASS(cpu);
655 int cputype = xlat[gdbtype];
657 if (cc->gdb_stop_before_watchpoint) {
658 cputype |= BP_STOP_BEFORE_ACCESS;
664 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
670 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
674 case GDB_BREAKPOINT_SW:
675 case GDB_BREAKPOINT_HW:
677 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
683 #ifndef CONFIG_USER_ONLY
684 case GDB_WATCHPOINT_WRITE:
685 case GDB_WATCHPOINT_READ:
686 case GDB_WATCHPOINT_ACCESS:
688 err = cpu_watchpoint_insert(cpu, addr, len,
689 xlat_gdb_type(cpu, type), NULL);
701 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
707 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
711 case GDB_BREAKPOINT_SW:
712 case GDB_BREAKPOINT_HW:
714 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
720 #ifndef CONFIG_USER_ONLY
721 case GDB_WATCHPOINT_WRITE:
722 case GDB_WATCHPOINT_READ:
723 case GDB_WATCHPOINT_ACCESS:
725 err = cpu_watchpoint_remove(cpu, addr, len,
726 xlat_gdb_type(cpu, type));
737 static void gdb_breakpoint_remove_all(void)
742 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
747 cpu_breakpoint_remove_all(cpu, BP_GDB);
748 #ifndef CONFIG_USER_ONLY
749 cpu_watchpoint_remove_all(cpu, BP_GDB);
754 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
756 CPUState *cpu = s->c_cpu;
757 CPUClass *cc = CPU_GET_CLASS(cpu);
759 cpu_synchronize_state(cpu);
765 static CPUState *find_cpu(uint32_t thread_id)
770 if (cpu_index(cpu) == thread_id) {
778 static int is_query_packet(const char *p, const char *query, char separator)
780 unsigned int query_len = strlen(query);
782 return strncmp(p, query, query_len) == 0 &&
783 (p[query_len] == '\0' || p[query_len] == separator);
786 static int gdb_handle_packet(GDBState *s, const char *line_buf)
792 int ch, reg_size, type, res;
793 char buf[MAX_PACKET_LENGTH];
794 uint8_t mem_buf[MAX_PACKET_LENGTH];
796 target_ulong addr, len;
799 printf("command='%s'\n", line_buf);
805 /* TODO: Make this return the correct value for user-mode. */
806 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
807 cpu_index(s->c_cpu));
809 /* Remove all the breakpoints when this query is issued,
810 * because gdb is doing and initial connect and the state
811 * should be cleaned up.
813 gdb_breakpoint_remove_all();
817 addr = strtoull(p, (char **)&p, 16);
818 gdb_set_cpu_pc(s, addr);
824 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
830 if (strncmp(p, "Cont", 4) == 0) {
831 int res_signal, res_thread;
835 put_packet(s, "vCont;c;C;s;S");
850 if (action == 'C' || action == 'S') {
851 signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
855 } else if (action != 'c' && action != 's') {
861 thread = strtoull(p+1, (char **)&p, 16);
863 action = tolower(action);
864 if (res == 0 || (res == 'c' && action == 's')) {
871 if (res_thread != -1 && res_thread != 0) {
872 cpu = find_cpu(res_thread);
874 put_packet(s, "E22");
880 cpu_single_step(s->c_cpu, sstep_flags);
882 s->signal = res_signal;
888 goto unknown_command;
891 /* Kill the target */
892 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
896 gdb_breakpoint_remove_all();
897 gdb_syscall_mode = GDB_SYS_DISABLED;
903 addr = strtoull(p, (char **)&p, 16);
904 gdb_set_cpu_pc(s, addr);
906 cpu_single_step(s->c_cpu, sstep_flags);
914 ret = strtoull(p, (char **)&p, 16);
917 err = strtoull(p, (char **)&p, 16);
924 if (s->current_syscall_cb) {
925 s->current_syscall_cb(s->c_cpu, ret, err);
926 s->current_syscall_cb = NULL;
929 put_packet(s, "T02");
936 cpu_synchronize_state(s->g_cpu);
938 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
939 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
942 memtohex(buf, mem_buf, len);
946 cpu_synchronize_state(s->g_cpu);
949 hextomem((uint8_t *)registers, p, len);
950 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
951 reg_size = gdb_write_register(s->g_cpu, registers, addr);
953 registers += reg_size;
958 addr = strtoull(p, (char **)&p, 16);
961 len = strtoull(p, NULL, 16);
962 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
963 put_packet (s, "E14");
965 memtohex(buf, mem_buf, len);
970 addr = strtoull(p, (char **)&p, 16);
973 len = strtoull(p, (char **)&p, 16);
976 hextomem(mem_buf, p, len);
977 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
979 put_packet(s, "E14");
985 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
986 This works, but can be very slow. Anything new enough to
987 understand XML also knows how to use this properly. */
989 goto unknown_command;
990 addr = strtoull(p, (char **)&p, 16);
991 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
993 memtohex(buf, mem_buf, reg_size);
996 put_packet(s, "E14");
1001 goto unknown_command;
1002 addr = strtoull(p, (char **)&p, 16);
1005 reg_size = strlen(p) / 2;
1006 hextomem(mem_buf, p, reg_size);
1007 gdb_write_register(s->g_cpu, mem_buf, addr);
1008 put_packet(s, "OK");
1012 type = strtoul(p, (char **)&p, 16);
1015 addr = strtoull(p, (char **)&p, 16);
1018 len = strtoull(p, (char **)&p, 16);
1020 res = gdb_breakpoint_insert(addr, len, type);
1022 res = gdb_breakpoint_remove(addr, len, type);
1024 put_packet(s, "OK");
1025 else if (res == -ENOSYS)
1028 put_packet(s, "E22");
1032 thread = strtoull(p, (char **)&p, 16);
1033 if (thread == -1 || thread == 0) {
1034 put_packet(s, "OK");
1037 cpu = find_cpu(thread);
1039 put_packet(s, "E22");
1045 put_packet(s, "OK");
1049 put_packet(s, "OK");
1052 put_packet(s, "E22");
1057 thread = strtoull(p, (char **)&p, 16);
1058 cpu = find_cpu(thread);
1061 put_packet(s, "OK");
1063 put_packet(s, "E22");
1068 /* parse any 'q' packets here */
1069 if (!strcmp(p,"qemu.sstepbits")) {
1070 /* Query Breakpoint bit definitions */
1071 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1077 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1078 /* Display or change the sstep_flags */
1081 /* Display current setting */
1082 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1087 type = strtoul(p, (char **)&p, 16);
1089 put_packet(s, "OK");
1091 } else if (strcmp(p,"C") == 0) {
1092 /* "Current thread" remains vague in the spec, so always return
1093 * the first CPU (gdb returns the first thread). */
1094 put_packet(s, "QC1");
1096 } else if (strcmp(p,"fThreadInfo") == 0) {
1097 s->query_cpu = first_cpu;
1098 goto report_cpuinfo;
1099 } else if (strcmp(p,"sThreadInfo") == 0) {
1102 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1104 s->query_cpu = CPU_NEXT(s->query_cpu);
1108 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1109 thread = strtoull(p+16, (char **)&p, 16);
1110 cpu = find_cpu(thread);
1112 cpu_synchronize_state(cpu);
1113 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1114 "CPU#%d [%s]", cpu->cpu_index,
1115 cpu->halted ? "halted " : "running");
1116 memtohex(buf, mem_buf, len);
1121 #ifdef CONFIG_USER_ONLY
1122 else if (strcmp(p, "Offsets") == 0) {
1123 TaskState *ts = s->c_cpu->opaque;
1125 snprintf(buf, sizeof(buf),
1126 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1127 ";Bss=" TARGET_ABI_FMT_lx,
1128 ts->info->code_offset,
1129 ts->info->data_offset,
1130 ts->info->data_offset);
1134 #else /* !CONFIG_USER_ONLY */
1135 else if (strncmp(p, "Rcmd,", 5) == 0) {
1136 int len = strlen(p + 5);
1138 if ((len % 2) != 0) {
1139 put_packet(s, "E01");
1142 hextomem(mem_buf, p + 5, len);
1145 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1146 put_packet(s, "OK");
1149 #endif /* !CONFIG_USER_ONLY */
1150 if (is_query_packet(p, "Supported", ':')) {
1151 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1152 cc = CPU_GET_CLASS(first_cpu);
1153 if (cc->gdb_core_xml_file != NULL) {
1154 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1159 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1161 target_ulong total_len;
1163 cc = CPU_GET_CLASS(first_cpu);
1164 if (cc->gdb_core_xml_file == NULL) {
1165 goto unknown_command;
1170 xml = get_feature_xml(p, &p, cc);
1172 snprintf(buf, sizeof(buf), "E00");
1179 addr = strtoul(p, (char **)&p, 16);
1182 len = strtoul(p, (char **)&p, 16);
1184 total_len = strlen(xml);
1185 if (addr > total_len) {
1186 snprintf(buf, sizeof(buf), "E00");
1190 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1191 len = (MAX_PACKET_LENGTH - 5) / 2;
1192 if (len < total_len - addr) {
1194 len = memtox(buf + 1, xml + addr, len);
1197 len = memtox(buf + 1, xml + addr, total_len - addr);
1199 put_packet_binary(s, buf, len + 1);
1202 if (is_query_packet(p, "Attached", ':')) {
1203 put_packet(s, GDB_ATTACHED);
1206 /* Unrecognised 'q' command. */
1207 goto unknown_command;
1211 /* put empty packet */
1219 void gdb_set_stop_cpu(CPUState *cpu)
1221 gdbserver_state->c_cpu = cpu;
1222 gdbserver_state->g_cpu = cpu;
1225 #ifndef CONFIG_USER_ONLY
1226 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1228 GDBState *s = gdbserver_state;
1229 CPUState *cpu = s->c_cpu;
1234 if (running || s->state == RS_INACTIVE) {
1237 /* Is there a GDB syscall waiting to be sent? */
1238 if (s->current_syscall_cb) {
1239 put_packet(s, s->syscall_buf);
1243 case RUN_STATE_DEBUG:
1244 if (cpu->watchpoint_hit) {
1245 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1256 snprintf(buf, sizeof(buf),
1257 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1258 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1259 (target_ulong)cpu->watchpoint_hit->vaddr);
1260 cpu->watchpoint_hit = NULL;
1264 ret = GDB_SIGNAL_TRAP;
1266 case RUN_STATE_PAUSED:
1267 ret = GDB_SIGNAL_INT;
1269 case RUN_STATE_SHUTDOWN:
1270 ret = GDB_SIGNAL_QUIT;
1272 case RUN_STATE_IO_ERROR:
1273 ret = GDB_SIGNAL_IO;
1275 case RUN_STATE_WATCHDOG:
1276 ret = GDB_SIGNAL_ALRM;
1278 case RUN_STATE_INTERNAL_ERROR:
1279 ret = GDB_SIGNAL_ABRT;
1281 case RUN_STATE_SAVE_VM:
1282 case RUN_STATE_RESTORE_VM:
1284 case RUN_STATE_FINISH_MIGRATE:
1285 ret = GDB_SIGNAL_XCPU;
1288 ret = GDB_SIGNAL_UNKNOWN;
1291 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1296 /* disable single step if it was enabled */
1297 cpu_single_step(cpu, 0);
1301 /* Send a gdb syscall request.
1302 This accepts limited printf-style format specifiers, specifically:
1303 %x - target_ulong argument printed in hex.
1304 %lx - 64-bit argument printed in hex.
1305 %s - string pointer (target_ulong) and length (int) pair. */
1306 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1315 s = gdbserver_state;
1318 s->current_syscall_cb = cb;
1319 #ifndef CONFIG_USER_ONLY
1320 vm_stop(RUN_STATE_DEBUG);
1324 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1331 addr = va_arg(va, target_ulong);
1332 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1335 if (*(fmt++) != 'x')
1337 i64 = va_arg(va, uint64_t);
1338 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1341 addr = va_arg(va, target_ulong);
1342 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1343 addr, va_arg(va, int));
1347 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1357 #ifdef CONFIG_USER_ONLY
1358 put_packet(s, s->syscall_buf);
1359 gdb_handlesig(s->c_cpu, 0);
1361 /* In this case wait to send the syscall packet until notification that
1362 the CPU has stopped. This must be done because if the packet is sent
1363 now the reply from the syscall request could be received while the CPU
1364 is still in the running state, which can cause packets to be dropped
1365 and state transition 'T' packets to be sent while the syscall is still
1371 static void gdb_read_byte(GDBState *s, int ch)
1376 #ifndef CONFIG_USER_ONLY
1377 if (s->last_packet_len) {
1378 /* Waiting for a response to the last packet. If we see the start
1379 of a new command then abandon the previous response. */
1382 printf("Got NACK, retransmitting\n");
1384 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1388 printf("Got ACK\n");
1390 printf("Got '%c' when expecting ACK/NACK\n", ch);
1392 if (ch == '+' || ch == '$')
1393 s->last_packet_len = 0;
1397 if (runstate_is_running()) {
1398 /* when the CPU is running, we cannot do anything except stop
1399 it when receiving a char */
1400 vm_stop(RUN_STATE_PAUSED);
1407 s->line_buf_index = 0;
1408 s->state = RS_GETLINE;
1413 s->state = RS_CHKSUM1;
1414 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1417 s->line_buf[s->line_buf_index++] = ch;
1421 s->line_buf[s->line_buf_index] = '\0';
1422 s->line_csum = fromhex(ch) << 4;
1423 s->state = RS_CHKSUM2;
1426 s->line_csum |= fromhex(ch);
1428 for(i = 0; i < s->line_buf_index; i++) {
1429 csum += s->line_buf[i];
1431 if (s->line_csum != (csum & 0xff)) {
1433 put_buffer(s, &reply, 1);
1437 put_buffer(s, &reply, 1);
1438 s->state = gdb_handle_packet(s, s->line_buf);
1447 /* Tell the remote gdb that the process has exited. */
1448 void gdb_exit(CPUArchState *env, int code)
1453 s = gdbserver_state;
1457 #ifdef CONFIG_USER_ONLY
1458 if (gdbserver_fd < 0 || s->fd < 0) {
1467 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1470 #ifndef CONFIG_USER_ONLY
1471 qemu_chr_delete(s->chr);
1475 #ifdef CONFIG_USER_ONLY
1481 s = gdbserver_state;
1483 if (gdbserver_fd < 0 || s->fd < 0)
1490 gdb_handlesig(CPUState *cpu, int sig)
1496 s = gdbserver_state;
1497 if (gdbserver_fd < 0 || s->fd < 0) {
1501 /* disable single step if it was enabled */
1502 cpu_single_step(cpu, 0);
1506 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1509 /* put_packet() might have detected that the peer terminated the
1517 s->running_state = 0;
1518 while (s->running_state == 0) {
1519 n = read(s->fd, buf, 256);
1523 for (i = 0; i < n; i++) {
1524 gdb_read_byte(s, buf[i]);
1526 } else if (n == 0 || errno != EAGAIN) {
1527 /* XXX: Connection closed. Should probably wait for another
1528 connection before continuing. */
1537 /* Tell the remote gdb that the process has exited due to SIG. */
1538 void gdb_signalled(CPUArchState *env, int sig)
1543 s = gdbserver_state;
1544 if (gdbserver_fd < 0 || s->fd < 0) {
1548 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1552 static void gdb_accept(void)
1555 struct sockaddr_in sockaddr;
1560 len = sizeof(sockaddr);
1561 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1562 if (fd < 0 && errno != EINTR) {
1565 } else if (fd >= 0) {
1567 fcntl(fd, F_SETFD, FD_CLOEXEC);
1573 /* set short latency */
1574 socket_set_nodelay(fd);
1576 s = g_malloc0(sizeof(GDBState));
1577 s->c_cpu = first_cpu;
1578 s->g_cpu = first_cpu;
1580 gdb_has_xml = false;
1582 gdbserver_state = s;
1584 fcntl(fd, F_SETFL, O_NONBLOCK);
1587 static int gdbserver_open(int port)
1589 struct sockaddr_in sockaddr;
1592 fd = socket(PF_INET, SOCK_STREAM, 0);
1598 fcntl(fd, F_SETFD, FD_CLOEXEC);
1601 socket_set_fast_reuse(fd);
1603 sockaddr.sin_family = AF_INET;
1604 sockaddr.sin_port = htons(port);
1605 sockaddr.sin_addr.s_addr = 0;
1606 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1612 ret = listen(fd, 0);
1621 int gdbserver_start(int port)
1623 gdbserver_fd = gdbserver_open(port);
1624 if (gdbserver_fd < 0)
1626 /* accept connections */
1631 /* Disable gdb stub for child processes. */
1632 void gdbserver_fork(CPUState *cpu)
1634 GDBState *s = gdbserver_state;
1636 if (gdbserver_fd < 0 || s->fd < 0) {
1641 cpu_breakpoint_remove_all(cpu, BP_GDB);
1642 cpu_watchpoint_remove_all(cpu, BP_GDB);
1645 static int gdb_chr_can_receive(void *opaque)
1647 /* We can handle an arbitrarily large amount of data.
1648 Pick the maximum packet size, which is as good as anything. */
1649 return MAX_PACKET_LENGTH;
1652 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1656 for (i = 0; i < size; i++) {
1657 gdb_read_byte(gdbserver_state, buf[i]);
1661 static void gdb_chr_event(void *opaque, int event)
1664 case CHR_EVENT_OPENED:
1665 vm_stop(RUN_STATE_PAUSED);
1666 gdb_has_xml = false;
1673 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1675 char buf[MAX_PACKET_LENGTH];
1678 if (len > (MAX_PACKET_LENGTH/2) - 1)
1679 len = (MAX_PACKET_LENGTH/2) - 1;
1680 memtohex(buf + 1, (uint8_t *)msg, len);
1684 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1686 const char *p = (const char *)buf;
1689 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1691 if (len <= max_sz) {
1692 gdb_monitor_output(gdbserver_state, p, len);
1695 gdb_monitor_output(gdbserver_state, p, max_sz);
1703 static void gdb_sigterm_handler(int signal)
1705 if (runstate_is_running()) {
1706 vm_stop(RUN_STATE_PAUSED);
1711 int gdbserver_start(const char *device)
1714 char gdbstub_device_name[128];
1715 CharDriverState *chr = NULL;
1716 CharDriverState *mon_chr;
1720 if (strcmp(device, "none") != 0) {
1721 if (strstart(device, "tcp:", NULL)) {
1722 /* enforce required TCP attributes */
1723 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1724 "%s,nowait,nodelay,server", device);
1725 device = gdbstub_device_name;
1728 else if (strcmp(device, "stdio") == 0) {
1729 struct sigaction act;
1731 memset(&act, 0, sizeof(act));
1732 act.sa_handler = gdb_sigterm_handler;
1733 sigaction(SIGINT, &act, NULL);
1736 chr = qemu_chr_new("gdb", device, NULL);
1740 qemu_chr_fe_claim_no_fail(chr);
1741 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1742 gdb_chr_event, NULL);
1745 s = gdbserver_state;
1747 s = g_malloc0(sizeof(GDBState));
1748 gdbserver_state = s;
1750 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1752 /* Initialize a monitor terminal for gdb */
1753 mon_chr = qemu_chr_alloc();
1754 mon_chr->chr_write = gdb_monitor_write;
1755 monitor_init(mon_chr, 0);
1758 qemu_chr_delete(s->chr);
1759 mon_chr = s->mon_chr;
1760 memset(s, 0, sizeof(GDBState));
1762 s->c_cpu = first_cpu;
1763 s->g_cpu = first_cpu;
1765 s->state = chr ? RS_IDLE : RS_INACTIVE;
1766 s->mon_chr = mon_chr;
1767 s->current_syscall_cb = NULL;
projects / qemu.git / blob