4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
44 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
45 uint8_t *buf, int len, bool is_write)
47 CPUClass *cc = CPU_GET_CLASS(cpu);
49 if (cc->memory_rw_debug) {
50 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
52 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
64 GDB_SIGNAL_UNKNOWN = 143
67 #ifdef CONFIG_USER_ONLY
69 /* Map target signal numbers to GDB protocol signal numbers and vice
70 * versa. For user emulation's currently supported systems, we can
71 * assume most signals are defined.
74 static int gdb_signal_table[] = {
234 /* In system mode we only need SIGINT and SIGTRAP; other signals
235 are not yet supported. */
242 static int gdb_signal_table[] = {
252 #ifdef CONFIG_USER_ONLY
253 static int target_signal_to_gdb (int sig)
256 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
257 if (gdb_signal_table[i] == sig)
259 return GDB_SIGNAL_UNKNOWN;
263 static int gdb_signal_to_target (int sig)
265 if (sig < ARRAY_SIZE (gdb_signal_table))
266 return gdb_signal_table[sig];
273 typedef struct GDBRegisterState {
279 struct GDBRegisterState *next;
289 typedef struct GDBState {
290 CPUState *c_cpu; /* current CPU for step/continue ops */
291 CPUState *g_cpu; /* current CPU for other ops */
292 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
293 enum RSState state; /* parsing state */
294 char line_buf[MAX_PACKET_LENGTH];
297 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
300 #ifdef CONFIG_USER_ONLY
304 CharDriverState *chr;
305 CharDriverState *mon_chr;
307 char syscall_buf[256];
308 gdb_syscall_complete_cb current_syscall_cb;
311 /* By default use no IRQs and no timers while single stepping so as to
312 * make single stepping like an ICE HW step.
314 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
316 static GDBState *gdbserver_state;
320 #ifdef CONFIG_USER_ONLY
321 /* XXX: This is not thread safe. Do we care? */
322 static int gdbserver_fd = -1;
324 static int get_char(GDBState *s)
330 ret = qemu_recv(s->fd, &ch, 1, 0);
332 if (errno == ECONNRESET)
334 if (errno != EINTR && errno != EAGAIN)
336 } else if (ret == 0) {
354 /* If gdb is connected when the first semihosting syscall occurs then use
355 remote gdb syscalls. Otherwise use native file IO. */
356 int use_gdb_syscalls(void)
358 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
359 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
362 return gdb_syscall_mode == GDB_SYS_ENABLED;
365 /* Resume execution. */
366 static inline void gdb_continue(GDBState *s)
368 #ifdef CONFIG_USER_ONLY
369 s->running_state = 1;
371 if (!runstate_needs_reset()) {
377 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
379 #ifdef CONFIG_USER_ONLY
383 ret = send(s->fd, buf, len, 0);
385 if (errno != EINTR && errno != EAGAIN)
393 qemu_chr_fe_write(s->chr, buf, len);
397 static inline int fromhex(int v)
399 if (v >= '0' && v <= '9')
401 else if (v >= 'A' && v <= 'F')
403 else if (v >= 'a' && v <= 'f')
409 static inline int tohex(int v)
417 static void memtohex(char *buf, const uint8_t *mem, int len)
422 for(i = 0; i < len; i++) {
424 *q++ = tohex(c >> 4);
425 *q++ = tohex(c & 0xf);
430 static void hextomem(uint8_t *mem, const char *buf, int len)
434 for(i = 0; i < len; i++) {
435 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
440 /* return -1 if error, 0 if OK */
441 static int put_packet_binary(GDBState *s, const char *buf, int len)
452 for(i = 0; i < len; i++) {
456 *(p++) = tohex((csum >> 4) & 0xf);
457 *(p++) = tohex((csum) & 0xf);
459 s->last_packet_len = p - s->last_packet;
460 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
462 #ifdef CONFIG_USER_ONLY
475 /* return -1 if error, 0 if OK */
476 static int put_packet(GDBState *s, const char *buf)
479 printf("reply='%s'\n", buf);
482 return put_packet_binary(s, buf, strlen(buf));
485 /* Encode data using the encoding for 'x' packets. */
486 static int memtox(char *buf, const char *mem, int len)
494 case '#': case '$': case '*': case '}':
506 static const char *get_feature_xml(const char *p, const char **newp,
512 static char target_xml[1024];
515 while (p[len] && p[len] != ':')
520 if (strncmp(p, "target.xml", len) == 0) {
521 /* Generate the XML description for this CPU. */
522 if (!target_xml[0]) {
524 CPUState *cpu = first_cpu;
526 snprintf(target_xml, sizeof(target_xml),
527 "<?xml version=\"1.0\"?>"
528 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
530 "<xi:include href=\"%s\"/>",
531 cc->gdb_core_xml_file);
533 for (r = cpu->gdb_regs; r; r = r->next) {
534 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
535 pstrcat(target_xml, sizeof(target_xml), r->xml);
536 pstrcat(target_xml, sizeof(target_xml), "\"/>");
538 pstrcat(target_xml, sizeof(target_xml), "</target>");
543 name = xml_builtin[i][0];
544 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
547 return name ? xml_builtin[i][1] : NULL;
550 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
552 CPUClass *cc = CPU_GET_CLASS(cpu);
553 CPUArchState *env = cpu->env_ptr;
556 if (reg < cc->gdb_num_core_regs) {
557 return cc->gdb_read_register(cpu, mem_buf, reg);
560 for (r = cpu->gdb_regs; r; r = r->next) {
561 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
562 return r->get_reg(env, mem_buf, reg - r->base_reg);
568 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
570 CPUClass *cc = CPU_GET_CLASS(cpu);
571 CPUArchState *env = cpu->env_ptr;
574 if (reg < cc->gdb_num_core_regs) {
575 return cc->gdb_write_register(cpu, mem_buf, reg);
578 for (r = cpu->gdb_regs; r; r = r->next) {
579 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
580 return r->set_reg(env, mem_buf, reg - r->base_reg);
586 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
587 specifies the first register number and these registers are included in
588 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
589 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
592 void gdb_register_coprocessor(CPUState *cpu,
593 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
594 int num_regs, const char *xml, int g_pos)
597 GDBRegisterState **p;
601 /* Check for duplicates. */
602 if (strcmp((*p)->xml, xml) == 0)
607 s = g_new0(GDBRegisterState, 1);
608 s->base_reg = cpu->gdb_num_regs;
609 s->num_regs = num_regs;
610 s->get_reg = get_reg;
611 s->set_reg = set_reg;
614 /* Add to end of list. */
615 cpu->gdb_num_regs += num_regs;
618 if (g_pos != s->base_reg) {
619 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
620 "Expected %d got %d\n", xml, g_pos, s->base_reg);
622 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
627 #ifndef CONFIG_USER_ONLY
628 static const int xlat_gdb_type[] = {
629 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
630 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
631 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
635 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
641 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
645 case GDB_BREAKPOINT_SW:
646 case GDB_BREAKPOINT_HW:
648 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
654 #ifndef CONFIG_USER_ONLY
655 case GDB_WATCHPOINT_WRITE:
656 case GDB_WATCHPOINT_READ:
657 case GDB_WATCHPOINT_ACCESS:
659 err = cpu_watchpoint_insert(cpu, addr, len, xlat_gdb_type[type],
671 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
677 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
681 case GDB_BREAKPOINT_SW:
682 case GDB_BREAKPOINT_HW:
684 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
690 #ifndef CONFIG_USER_ONLY
691 case GDB_WATCHPOINT_WRITE:
692 case GDB_WATCHPOINT_READ:
693 case GDB_WATCHPOINT_ACCESS:
695 err = cpu_watchpoint_remove(cpu, addr, len, xlat_gdb_type[type]);
706 static void gdb_breakpoint_remove_all(void)
711 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
716 cpu_breakpoint_remove_all(cpu, BP_GDB);
717 #ifndef CONFIG_USER_ONLY
718 cpu_watchpoint_remove_all(cpu, BP_GDB);
723 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
725 CPUState *cpu = s->c_cpu;
726 CPUClass *cc = CPU_GET_CLASS(cpu);
728 cpu_synchronize_state(cpu);
734 static CPUState *find_cpu(uint32_t thread_id)
739 if (cpu_index(cpu) == thread_id) {
747 static int gdb_handle_packet(GDBState *s, const char *line_buf)
753 int ch, reg_size, type, res;
754 char buf[MAX_PACKET_LENGTH];
755 uint8_t mem_buf[MAX_PACKET_LENGTH];
757 target_ulong addr, len;
760 printf("command='%s'\n", line_buf);
766 /* TODO: Make this return the correct value for user-mode. */
767 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
768 cpu_index(s->c_cpu));
770 /* Remove all the breakpoints when this query is issued,
771 * because gdb is doing and initial connect and the state
772 * should be cleaned up.
774 gdb_breakpoint_remove_all();
778 addr = strtoull(p, (char **)&p, 16);
779 gdb_set_cpu_pc(s, addr);
785 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
791 if (strncmp(p, "Cont", 4) == 0) {
792 int res_signal, res_thread;
796 put_packet(s, "vCont;c;C;s;S");
811 if (action == 'C' || action == 'S') {
812 signal = strtoul(p, (char **)&p, 16);
813 } else if (action != 'c' && action != 's') {
819 thread = strtoull(p+1, (char **)&p, 16);
821 action = tolower(action);
822 if (res == 0 || (res == 'c' && action == 's')) {
829 if (res_thread != -1 && res_thread != 0) {
830 cpu = find_cpu(res_thread);
832 put_packet(s, "E22");
838 cpu_single_step(s->c_cpu, sstep_flags);
840 s->signal = res_signal;
846 goto unknown_command;
849 #ifdef CONFIG_USER_ONLY
850 /* Kill the target */
851 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
856 gdb_breakpoint_remove_all();
857 gdb_syscall_mode = GDB_SYS_DISABLED;
863 addr = strtoull(p, (char **)&p, 16);
864 gdb_set_cpu_pc(s, addr);
866 cpu_single_step(s->c_cpu, sstep_flags);
874 ret = strtoull(p, (char **)&p, 16);
877 err = strtoull(p, (char **)&p, 16);
884 if (s->current_syscall_cb) {
885 s->current_syscall_cb(s->c_cpu, ret, err);
886 s->current_syscall_cb = NULL;
889 put_packet(s, "T02");
896 cpu_synchronize_state(s->g_cpu);
898 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
899 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
902 memtohex(buf, mem_buf, len);
906 cpu_synchronize_state(s->g_cpu);
909 hextomem((uint8_t *)registers, p, len);
910 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
911 reg_size = gdb_write_register(s->g_cpu, registers, addr);
913 registers += reg_size;
918 addr = strtoull(p, (char **)&p, 16);
921 len = strtoull(p, NULL, 16);
922 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
923 put_packet (s, "E14");
925 memtohex(buf, mem_buf, len);
930 addr = strtoull(p, (char **)&p, 16);
933 len = strtoull(p, (char **)&p, 16);
936 hextomem(mem_buf, p, len);
937 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
939 put_packet(s, "E14");
945 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
946 This works, but can be very slow. Anything new enough to
947 understand XML also knows how to use this properly. */
949 goto unknown_command;
950 addr = strtoull(p, (char **)&p, 16);
951 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
953 memtohex(buf, mem_buf, reg_size);
956 put_packet(s, "E14");
961 goto unknown_command;
962 addr = strtoull(p, (char **)&p, 16);
965 reg_size = strlen(p) / 2;
966 hextomem(mem_buf, p, reg_size);
967 gdb_write_register(s->g_cpu, mem_buf, addr);
972 type = strtoul(p, (char **)&p, 16);
975 addr = strtoull(p, (char **)&p, 16);
978 len = strtoull(p, (char **)&p, 16);
980 res = gdb_breakpoint_insert(addr, len, type);
982 res = gdb_breakpoint_remove(addr, len, type);
985 else if (res == -ENOSYS)
988 put_packet(s, "E22");
992 thread = strtoull(p, (char **)&p, 16);
993 if (thread == -1 || thread == 0) {
997 cpu = find_cpu(thread);
999 put_packet(s, "E22");
1005 put_packet(s, "OK");
1009 put_packet(s, "OK");
1012 put_packet(s, "E22");
1017 thread = strtoull(p, (char **)&p, 16);
1018 cpu = find_cpu(thread);
1021 put_packet(s, "OK");
1023 put_packet(s, "E22");
1028 /* parse any 'q' packets here */
1029 if (!strcmp(p,"qemu.sstepbits")) {
1030 /* Query Breakpoint bit definitions */
1031 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1037 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1038 /* Display or change the sstep_flags */
1041 /* Display current setting */
1042 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1047 type = strtoul(p, (char **)&p, 16);
1049 put_packet(s, "OK");
1051 } else if (strcmp(p,"C") == 0) {
1052 /* "Current thread" remains vague in the spec, so always return
1053 * the first CPU (gdb returns the first thread). */
1054 put_packet(s, "QC1");
1056 } else if (strcmp(p,"fThreadInfo") == 0) {
1057 s->query_cpu = first_cpu;
1058 goto report_cpuinfo;
1059 } else if (strcmp(p,"sThreadInfo") == 0) {
1062 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1064 s->query_cpu = CPU_NEXT(s->query_cpu);
1068 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1069 thread = strtoull(p+16, (char **)&p, 16);
1070 cpu = find_cpu(thread);
1072 cpu_synchronize_state(cpu);
1073 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1074 "CPU#%d [%s]", cpu->cpu_index,
1075 cpu->halted ? "halted " : "running");
1076 memtohex(buf, mem_buf, len);
1081 #ifdef CONFIG_USER_ONLY
1082 else if (strncmp(p, "Offsets", 7) == 0) {
1083 TaskState *ts = s->c_cpu->opaque;
1085 snprintf(buf, sizeof(buf),
1086 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1087 ";Bss=" TARGET_ABI_FMT_lx,
1088 ts->info->code_offset,
1089 ts->info->data_offset,
1090 ts->info->data_offset);
1094 #else /* !CONFIG_USER_ONLY */
1095 else if (strncmp(p, "Rcmd,", 5) == 0) {
1096 int len = strlen(p + 5);
1098 if ((len % 2) != 0) {
1099 put_packet(s, "E01");
1102 hextomem(mem_buf, p + 5, len);
1105 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1106 put_packet(s, "OK");
1109 #endif /* !CONFIG_USER_ONLY */
1110 if (strncmp(p, "Supported", 9) == 0) {
1111 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1112 cc = CPU_GET_CLASS(first_cpu);
1113 if (cc->gdb_core_xml_file != NULL) {
1114 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1119 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1121 target_ulong total_len;
1123 cc = CPU_GET_CLASS(first_cpu);
1124 if (cc->gdb_core_xml_file == NULL) {
1125 goto unknown_command;
1130 xml = get_feature_xml(p, &p, cc);
1132 snprintf(buf, sizeof(buf), "E00");
1139 addr = strtoul(p, (char **)&p, 16);
1142 len = strtoul(p, (char **)&p, 16);
1144 total_len = strlen(xml);
1145 if (addr > total_len) {
1146 snprintf(buf, sizeof(buf), "E00");
1150 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1151 len = (MAX_PACKET_LENGTH - 5) / 2;
1152 if (len < total_len - addr) {
1154 len = memtox(buf + 1, xml + addr, len);
1157 len = memtox(buf + 1, xml + addr, total_len - addr);
1159 put_packet_binary(s, buf, len + 1);
1162 /* Unrecognised 'q' command. */
1163 goto unknown_command;
1167 /* put empty packet */
1175 void gdb_set_stop_cpu(CPUState *cpu)
1177 gdbserver_state->c_cpu = cpu;
1178 gdbserver_state->g_cpu = cpu;
1181 #ifndef CONFIG_USER_ONLY
1182 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1184 GDBState *s = gdbserver_state;
1185 CPUArchState *env = s->c_cpu->env_ptr;
1186 CPUState *cpu = s->c_cpu;
1191 if (running || s->state == RS_INACTIVE) {
1194 /* Is there a GDB syscall waiting to be sent? */
1195 if (s->current_syscall_cb) {
1196 put_packet(s, s->syscall_buf);
1200 case RUN_STATE_DEBUG:
1201 if (cpu->watchpoint_hit) {
1202 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1213 snprintf(buf, sizeof(buf),
1214 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1215 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1216 (target_ulong)cpu->watchpoint_hit->vaddr);
1217 cpu->watchpoint_hit = NULL;
1221 ret = GDB_SIGNAL_TRAP;
1223 case RUN_STATE_PAUSED:
1224 ret = GDB_SIGNAL_INT;
1226 case RUN_STATE_SHUTDOWN:
1227 ret = GDB_SIGNAL_QUIT;
1229 case RUN_STATE_IO_ERROR:
1230 ret = GDB_SIGNAL_IO;
1232 case RUN_STATE_WATCHDOG:
1233 ret = GDB_SIGNAL_ALRM;
1235 case RUN_STATE_INTERNAL_ERROR:
1236 ret = GDB_SIGNAL_ABRT;
1238 case RUN_STATE_SAVE_VM:
1239 case RUN_STATE_RESTORE_VM:
1241 case RUN_STATE_FINISH_MIGRATE:
1242 ret = GDB_SIGNAL_XCPU;
1245 ret = GDB_SIGNAL_UNKNOWN;
1248 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1253 /* disable single step if it was enabled */
1254 cpu_single_step(cpu, 0);
1258 /* Send a gdb syscall request.
1259 This accepts limited printf-style format specifiers, specifically:
1260 %x - target_ulong argument printed in hex.
1261 %lx - 64-bit argument printed in hex.
1262 %s - string pointer (target_ulong) and length (int) pair. */
1263 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1272 s = gdbserver_state;
1275 s->current_syscall_cb = cb;
1276 #ifndef CONFIG_USER_ONLY
1277 vm_stop(RUN_STATE_DEBUG);
1281 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1288 addr = va_arg(va, target_ulong);
1289 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1292 if (*(fmt++) != 'x')
1294 i64 = va_arg(va, uint64_t);
1295 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1298 addr = va_arg(va, target_ulong);
1299 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1300 addr, va_arg(va, int));
1304 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1314 #ifdef CONFIG_USER_ONLY
1315 put_packet(s, s->syscall_buf);
1316 gdb_handlesig(s->c_cpu, 0);
1318 /* In this case wait to send the syscall packet until notification that
1319 the CPU has stopped. This must be done because if the packet is sent
1320 now the reply from the syscall request could be received while the CPU
1321 is still in the running state, which can cause packets to be dropped
1322 and state transition 'T' packets to be sent while the syscall is still
1328 static void gdb_read_byte(GDBState *s, int ch)
1333 #ifndef CONFIG_USER_ONLY
1334 if (s->last_packet_len) {
1335 /* Waiting for a response to the last packet. If we see the start
1336 of a new command then abandon the previous response. */
1339 printf("Got NACK, retransmitting\n");
1341 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1345 printf("Got ACK\n");
1347 printf("Got '%c' when expecting ACK/NACK\n", ch);
1349 if (ch == '+' || ch == '$')
1350 s->last_packet_len = 0;
1354 if (runstate_is_running()) {
1355 /* when the CPU is running, we cannot do anything except stop
1356 it when receiving a char */
1357 vm_stop(RUN_STATE_PAUSED);
1364 s->line_buf_index = 0;
1365 s->state = RS_GETLINE;
1370 s->state = RS_CHKSUM1;
1371 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1374 s->line_buf[s->line_buf_index++] = ch;
1378 s->line_buf[s->line_buf_index] = '\0';
1379 s->line_csum = fromhex(ch) << 4;
1380 s->state = RS_CHKSUM2;
1383 s->line_csum |= fromhex(ch);
1385 for(i = 0; i < s->line_buf_index; i++) {
1386 csum += s->line_buf[i];
1388 if (s->line_csum != (csum & 0xff)) {
1390 put_buffer(s, &reply, 1);
1394 put_buffer(s, &reply, 1);
1395 s->state = gdb_handle_packet(s, s->line_buf);
1404 /* Tell the remote gdb that the process has exited. */
1405 void gdb_exit(CPUArchState *env, int code)
1410 s = gdbserver_state;
1414 #ifdef CONFIG_USER_ONLY
1415 if (gdbserver_fd < 0 || s->fd < 0) {
1420 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1423 #ifndef CONFIG_USER_ONLY
1425 qemu_chr_delete(s->chr);
1430 #ifdef CONFIG_USER_ONLY
1436 s = gdbserver_state;
1438 if (gdbserver_fd < 0 || s->fd < 0)
1445 gdb_handlesig(CPUState *cpu, int sig)
1447 CPUArchState *env = cpu->env_ptr;
1452 s = gdbserver_state;
1453 if (gdbserver_fd < 0 || s->fd < 0) {
1457 /* disable single step if it was enabled */
1458 cpu_single_step(cpu, 0);
1462 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1465 /* put_packet() might have detected that the peer terminated the
1473 s->running_state = 0;
1474 while (s->running_state == 0) {
1475 n = read(s->fd, buf, 256);
1479 for (i = 0; i < n; i++) {
1480 gdb_read_byte(s, buf[i]);
1482 } else if (n == 0 || errno != EAGAIN) {
1483 /* XXX: Connection closed. Should probably wait for another
1484 connection before continuing. */
1493 /* Tell the remote gdb that the process has exited due to SIG. */
1494 void gdb_signalled(CPUArchState *env, int sig)
1499 s = gdbserver_state;
1500 if (gdbserver_fd < 0 || s->fd < 0) {
1504 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1508 static void gdb_accept(void)
1511 struct sockaddr_in sockaddr;
1516 len = sizeof(sockaddr);
1517 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1518 if (fd < 0 && errno != EINTR) {
1521 } else if (fd >= 0) {
1523 fcntl(fd, F_SETFD, FD_CLOEXEC);
1529 /* set short latency */
1530 socket_set_nodelay(fd);
1532 s = g_malloc0(sizeof(GDBState));
1533 s->c_cpu = first_cpu;
1534 s->g_cpu = first_cpu;
1536 gdb_has_xml = false;
1538 gdbserver_state = s;
1540 fcntl(fd, F_SETFL, O_NONBLOCK);
1543 static int gdbserver_open(int port)
1545 struct sockaddr_in sockaddr;
1548 fd = socket(PF_INET, SOCK_STREAM, 0);
1554 fcntl(fd, F_SETFD, FD_CLOEXEC);
1557 socket_set_fast_reuse(fd);
1559 sockaddr.sin_family = AF_INET;
1560 sockaddr.sin_port = htons(port);
1561 sockaddr.sin_addr.s_addr = 0;
1562 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1568 ret = listen(fd, 0);
1577 int gdbserver_start(int port)
1579 gdbserver_fd = gdbserver_open(port);
1580 if (gdbserver_fd < 0)
1582 /* accept connections */
1587 /* Disable gdb stub for child processes. */
1588 void gdbserver_fork(CPUArchState *env)
1590 CPUState *cpu = ENV_GET_CPU(env);
1591 GDBState *s = gdbserver_state;
1593 if (gdbserver_fd < 0 || s->fd < 0) {
1598 cpu_breakpoint_remove_all(cpu, BP_GDB);
1599 cpu_watchpoint_remove_all(cpu, BP_GDB);
1602 static int gdb_chr_can_receive(void *opaque)
1604 /* We can handle an arbitrarily large amount of data.
1605 Pick the maximum packet size, which is as good as anything. */
1606 return MAX_PACKET_LENGTH;
1609 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1613 for (i = 0; i < size; i++) {
1614 gdb_read_byte(gdbserver_state, buf[i]);
1618 static void gdb_chr_event(void *opaque, int event)
1621 case CHR_EVENT_OPENED:
1622 vm_stop(RUN_STATE_PAUSED);
1623 gdb_has_xml = false;
1630 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1632 char buf[MAX_PACKET_LENGTH];
1635 if (len > (MAX_PACKET_LENGTH/2) - 1)
1636 len = (MAX_PACKET_LENGTH/2) - 1;
1637 memtohex(buf + 1, (uint8_t *)msg, len);
1641 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1643 const char *p = (const char *)buf;
1646 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1648 if (len <= max_sz) {
1649 gdb_monitor_output(gdbserver_state, p, len);
1652 gdb_monitor_output(gdbserver_state, p, max_sz);
1660 static void gdb_sigterm_handler(int signal)
1662 if (runstate_is_running()) {
1663 vm_stop(RUN_STATE_PAUSED);
1668 int gdbserver_start(const char *device)
1671 char gdbstub_device_name[128];
1672 CharDriverState *chr = NULL;
1673 CharDriverState *mon_chr;
1677 if (strcmp(device, "none") != 0) {
1678 if (strstart(device, "tcp:", NULL)) {
1679 /* enforce required TCP attributes */
1680 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1681 "%s,nowait,nodelay,server", device);
1682 device = gdbstub_device_name;
1685 else if (strcmp(device, "stdio") == 0) {
1686 struct sigaction act;
1688 memset(&act, 0, sizeof(act));
1689 act.sa_handler = gdb_sigterm_handler;
1690 sigaction(SIGINT, &act, NULL);
1693 chr = qemu_chr_new("gdb", device, NULL);
1697 qemu_chr_fe_claim_no_fail(chr);
1698 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1699 gdb_chr_event, NULL);
1702 s = gdbserver_state;
1704 s = g_malloc0(sizeof(GDBState));
1705 gdbserver_state = s;
1707 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1709 /* Initialize a monitor terminal for gdb */
1710 mon_chr = g_malloc0(sizeof(*mon_chr));
1711 mon_chr->chr_write = gdb_monitor_write;
1712 monitor_init(mon_chr, 0);
1715 qemu_chr_delete(s->chr);
1716 mon_chr = s->mon_chr;
1717 memset(s, 0, sizeof(GDBState));
1719 s->c_cpu = first_cpu;
1720 s->g_cpu = first_cpu;
1722 s->state = chr ? RS_IDLE : RS_INACTIVE;
1723 s->mon_chr = mon_chr;
1724 s->current_syscall_cb = NULL;
projects / lisovros / qemu_apohw.git / blob