4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
44 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
45 uint8_t *buf, int len, bool is_write)
47 CPUClass *cc = CPU_GET_CLASS(cpu);
49 if (cc->memory_rw_debug) {
50 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
52 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
64 GDB_SIGNAL_UNKNOWN = 143
67 #ifdef CONFIG_USER_ONLY
69 /* Map target signal numbers to GDB protocol signal numbers and vice
70 * versa. For user emulation's currently supported systems, we can
71 * assume most signals are defined.
74 static int gdb_signal_table[] = {
234 /* In system mode we only need SIGINT and SIGTRAP; other signals
235 are not yet supported. */
242 static int gdb_signal_table[] = {
252 #ifdef CONFIG_USER_ONLY
253 static int target_signal_to_gdb (int sig)
256 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
257 if (gdb_signal_table[i] == sig)
259 return GDB_SIGNAL_UNKNOWN;
263 static int gdb_signal_to_target (int sig)
265 if (sig < ARRAY_SIZE (gdb_signal_table))
266 return gdb_signal_table[sig];
273 typedef struct GDBRegisterState {
279 struct GDBRegisterState *next;
289 typedef struct GDBState {
290 CPUState *c_cpu; /* current CPU for step/continue ops */
291 CPUState *g_cpu; /* current CPU for other ops */
292 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
293 enum RSState state; /* parsing state */
294 char line_buf[MAX_PACKET_LENGTH];
297 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
300 #ifdef CONFIG_USER_ONLY
304 CharDriverState *chr;
305 CharDriverState *mon_chr;
307 char syscall_buf[256];
308 gdb_syscall_complete_cb current_syscall_cb;
311 /* By default use no IRQs and no timers while single stepping so as to
312 * make single stepping like an ICE HW step.
314 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
316 static GDBState *gdbserver_state;
320 int semihosting_target = SEMIHOSTING_TARGET_AUTO;
322 #ifdef CONFIG_USER_ONLY
323 /* XXX: This is not thread safe. Do we care? */
324 static int gdbserver_fd = -1;
326 static int get_char(GDBState *s)
332 ret = qemu_recv(s->fd, &ch, 1, 0);
334 if (errno == ECONNRESET)
336 if (errno != EINTR && errno != EAGAIN)
338 } else if (ret == 0) {
356 /* Decide if either remote gdb syscalls or native file IO should be used. */
357 int use_gdb_syscalls(void)
359 if (semihosting_target == SEMIHOSTING_TARGET_NATIVE) {
360 /* -semihosting-config target=native */
362 } else if (semihosting_target == SEMIHOSTING_TARGET_GDB) {
363 /* -semihosting-config target=gdb */
367 /* -semihosting-config target=auto */
368 /* On the first call check if gdb is connected and remember. */
369 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
370 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
373 return gdb_syscall_mode == GDB_SYS_ENABLED;
376 /* Resume execution. */
377 static inline void gdb_continue(GDBState *s)
379 #ifdef CONFIG_USER_ONLY
380 s->running_state = 1;
382 if (!runstate_needs_reset()) {
388 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
390 #ifdef CONFIG_USER_ONLY
394 ret = send(s->fd, buf, len, 0);
396 if (errno != EINTR && errno != EAGAIN)
404 qemu_chr_fe_write(s->chr, buf, len);
408 static inline int fromhex(int v)
410 if (v >= '0' && v <= '9')
412 else if (v >= 'A' && v <= 'F')
414 else if (v >= 'a' && v <= 'f')
420 static inline int tohex(int v)
428 static void memtohex(char *buf, const uint8_t *mem, int len)
433 for(i = 0; i < len; i++) {
435 *q++ = tohex(c >> 4);
436 *q++ = tohex(c & 0xf);
441 static void hextomem(uint8_t *mem, const char *buf, int len)
445 for(i = 0; i < len; i++) {
446 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
451 /* return -1 if error, 0 if OK */
452 static int put_packet_binary(GDBState *s, const char *buf, int len)
463 for(i = 0; i < len; i++) {
467 *(p++) = tohex((csum >> 4) & 0xf);
468 *(p++) = tohex((csum) & 0xf);
470 s->last_packet_len = p - s->last_packet;
471 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
473 #ifdef CONFIG_USER_ONLY
486 /* return -1 if error, 0 if OK */
487 static int put_packet(GDBState *s, const char *buf)
490 printf("reply='%s'\n", buf);
493 return put_packet_binary(s, buf, strlen(buf));
496 /* Encode data using the encoding for 'x' packets. */
497 static int memtox(char *buf, const char *mem, int len)
505 case '#': case '$': case '*': case '}':
517 static const char *get_feature_xml(const char *p, const char **newp,
523 static char target_xml[1024];
526 while (p[len] && p[len] != ':')
531 if (strncmp(p, "target.xml", len) == 0) {
532 /* Generate the XML description for this CPU. */
533 if (!target_xml[0]) {
535 CPUState *cpu = first_cpu;
537 snprintf(target_xml, sizeof(target_xml),
538 "<?xml version=\"1.0\"?>"
539 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
541 "<xi:include href=\"%s\"/>",
542 cc->gdb_core_xml_file);
544 for (r = cpu->gdb_regs; r; r = r->next) {
545 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
546 pstrcat(target_xml, sizeof(target_xml), r->xml);
547 pstrcat(target_xml, sizeof(target_xml), "\"/>");
549 pstrcat(target_xml, sizeof(target_xml), "</target>");
554 name = xml_builtin[i][0];
555 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
558 return name ? xml_builtin[i][1] : NULL;
561 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
563 CPUClass *cc = CPU_GET_CLASS(cpu);
564 CPUArchState *env = cpu->env_ptr;
567 if (reg < cc->gdb_num_core_regs) {
568 return cc->gdb_read_register(cpu, mem_buf, reg);
571 for (r = cpu->gdb_regs; r; r = r->next) {
572 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
573 return r->get_reg(env, mem_buf, reg - r->base_reg);
579 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
581 CPUClass *cc = CPU_GET_CLASS(cpu);
582 CPUArchState *env = cpu->env_ptr;
585 if (reg < cc->gdb_num_core_regs) {
586 return cc->gdb_write_register(cpu, mem_buf, reg);
589 for (r = cpu->gdb_regs; r; r = r->next) {
590 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
591 return r->set_reg(env, mem_buf, reg - r->base_reg);
597 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
598 specifies the first register number and these registers are included in
599 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
600 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
603 void gdb_register_coprocessor(CPUState *cpu,
604 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
605 int num_regs, const char *xml, int g_pos)
608 GDBRegisterState **p;
612 /* Check for duplicates. */
613 if (strcmp((*p)->xml, xml) == 0)
618 s = g_new0(GDBRegisterState, 1);
619 s->base_reg = cpu->gdb_num_regs;
620 s->num_regs = num_regs;
621 s->get_reg = get_reg;
622 s->set_reg = set_reg;
625 /* Add to end of list. */
626 cpu->gdb_num_regs += num_regs;
629 if (g_pos != s->base_reg) {
630 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
631 "Expected %d got %d\n", xml, g_pos, s->base_reg);
633 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
638 #ifndef CONFIG_USER_ONLY
639 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
640 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
642 static const int xlat[] = {
643 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
644 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
645 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
648 CPUClass *cc = CPU_GET_CLASS(cpu);
649 int cputype = xlat[gdbtype];
651 if (cc->gdb_stop_before_watchpoint) {
652 cputype |= BP_STOP_BEFORE_ACCESS;
658 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
664 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
668 case GDB_BREAKPOINT_SW:
669 case GDB_BREAKPOINT_HW:
671 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
677 #ifndef CONFIG_USER_ONLY
678 case GDB_WATCHPOINT_WRITE:
679 case GDB_WATCHPOINT_READ:
680 case GDB_WATCHPOINT_ACCESS:
682 err = cpu_watchpoint_insert(cpu, addr, len,
683 xlat_gdb_type(cpu, type), NULL);
695 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
701 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
705 case GDB_BREAKPOINT_SW:
706 case GDB_BREAKPOINT_HW:
708 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
714 #ifndef CONFIG_USER_ONLY
715 case GDB_WATCHPOINT_WRITE:
716 case GDB_WATCHPOINT_READ:
717 case GDB_WATCHPOINT_ACCESS:
719 err = cpu_watchpoint_remove(cpu, addr, len,
720 xlat_gdb_type(cpu, type));
731 static void gdb_breakpoint_remove_all(void)
736 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
741 cpu_breakpoint_remove_all(cpu, BP_GDB);
742 #ifndef CONFIG_USER_ONLY
743 cpu_watchpoint_remove_all(cpu, BP_GDB);
748 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
750 CPUState *cpu = s->c_cpu;
751 CPUClass *cc = CPU_GET_CLASS(cpu);
753 cpu_synchronize_state(cpu);
759 static CPUState *find_cpu(uint32_t thread_id)
764 if (cpu_index(cpu) == thread_id) {
772 static int gdb_handle_packet(GDBState *s, const char *line_buf)
778 int ch, reg_size, type, res;
779 char buf[MAX_PACKET_LENGTH];
780 uint8_t mem_buf[MAX_PACKET_LENGTH];
782 target_ulong addr, len;
785 printf("command='%s'\n", line_buf);
791 /* TODO: Make this return the correct value for user-mode. */
792 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
793 cpu_index(s->c_cpu));
795 /* Remove all the breakpoints when this query is issued,
796 * because gdb is doing and initial connect and the state
797 * should be cleaned up.
799 gdb_breakpoint_remove_all();
803 addr = strtoull(p, (char **)&p, 16);
804 gdb_set_cpu_pc(s, addr);
810 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
816 if (strncmp(p, "Cont", 4) == 0) {
817 int res_signal, res_thread;
821 put_packet(s, "vCont;c;C;s;S");
836 if (action == 'C' || action == 'S') {
837 signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
841 } else if (action != 'c' && action != 's') {
847 thread = strtoull(p+1, (char **)&p, 16);
849 action = tolower(action);
850 if (res == 0 || (res == 'c' && action == 's')) {
857 if (res_thread != -1 && res_thread != 0) {
858 cpu = find_cpu(res_thread);
860 put_packet(s, "E22");
866 cpu_single_step(s->c_cpu, sstep_flags);
868 s->signal = res_signal;
874 goto unknown_command;
877 #ifdef CONFIG_USER_ONLY
878 /* Kill the target */
879 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
884 gdb_breakpoint_remove_all();
885 gdb_syscall_mode = GDB_SYS_DISABLED;
891 addr = strtoull(p, (char **)&p, 16);
892 gdb_set_cpu_pc(s, addr);
894 cpu_single_step(s->c_cpu, sstep_flags);
902 ret = strtoull(p, (char **)&p, 16);
905 err = strtoull(p, (char **)&p, 16);
912 if (s->current_syscall_cb) {
913 s->current_syscall_cb(s->c_cpu, ret, err);
914 s->current_syscall_cb = NULL;
917 put_packet(s, "T02");
924 cpu_synchronize_state(s->g_cpu);
926 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
927 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
930 memtohex(buf, mem_buf, len);
934 cpu_synchronize_state(s->g_cpu);
937 hextomem((uint8_t *)registers, p, len);
938 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
939 reg_size = gdb_write_register(s->g_cpu, registers, addr);
941 registers += reg_size;
946 addr = strtoull(p, (char **)&p, 16);
949 len = strtoull(p, NULL, 16);
950 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
951 put_packet (s, "E14");
953 memtohex(buf, mem_buf, len);
958 addr = strtoull(p, (char **)&p, 16);
961 len = strtoull(p, (char **)&p, 16);
964 hextomem(mem_buf, p, len);
965 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
967 put_packet(s, "E14");
973 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
974 This works, but can be very slow. Anything new enough to
975 understand XML also knows how to use this properly. */
977 goto unknown_command;
978 addr = strtoull(p, (char **)&p, 16);
979 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
981 memtohex(buf, mem_buf, reg_size);
984 put_packet(s, "E14");
989 goto unknown_command;
990 addr = strtoull(p, (char **)&p, 16);
993 reg_size = strlen(p) / 2;
994 hextomem(mem_buf, p, reg_size);
995 gdb_write_register(s->g_cpu, mem_buf, addr);
1000 type = strtoul(p, (char **)&p, 16);
1003 addr = strtoull(p, (char **)&p, 16);
1006 len = strtoull(p, (char **)&p, 16);
1008 res = gdb_breakpoint_insert(addr, len, type);
1010 res = gdb_breakpoint_remove(addr, len, type);
1012 put_packet(s, "OK");
1013 else if (res == -ENOSYS)
1016 put_packet(s, "E22");
1020 thread = strtoull(p, (char **)&p, 16);
1021 if (thread == -1 || thread == 0) {
1022 put_packet(s, "OK");
1025 cpu = find_cpu(thread);
1027 put_packet(s, "E22");
1033 put_packet(s, "OK");
1037 put_packet(s, "OK");
1040 put_packet(s, "E22");
1045 thread = strtoull(p, (char **)&p, 16);
1046 cpu = find_cpu(thread);
1049 put_packet(s, "OK");
1051 put_packet(s, "E22");
1056 /* parse any 'q' packets here */
1057 if (!strcmp(p,"qemu.sstepbits")) {
1058 /* Query Breakpoint bit definitions */
1059 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1065 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1066 /* Display or change the sstep_flags */
1069 /* Display current setting */
1070 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1075 type = strtoul(p, (char **)&p, 16);
1077 put_packet(s, "OK");
1079 } else if (strcmp(p,"C") == 0) {
1080 /* "Current thread" remains vague in the spec, so always return
1081 * the first CPU (gdb returns the first thread). */
1082 put_packet(s, "QC1");
1084 } else if (strcmp(p,"fThreadInfo") == 0) {
1085 s->query_cpu = first_cpu;
1086 goto report_cpuinfo;
1087 } else if (strcmp(p,"sThreadInfo") == 0) {
1090 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1092 s->query_cpu = CPU_NEXT(s->query_cpu);
1096 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1097 thread = strtoull(p+16, (char **)&p, 16);
1098 cpu = find_cpu(thread);
1100 cpu_synchronize_state(cpu);
1101 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1102 "CPU#%d [%s]", cpu->cpu_index,
1103 cpu->halted ? "halted " : "running");
1104 memtohex(buf, mem_buf, len);
1109 #ifdef CONFIG_USER_ONLY
1110 else if (strncmp(p, "Offsets", 7) == 0) {
1111 TaskState *ts = s->c_cpu->opaque;
1113 snprintf(buf, sizeof(buf),
1114 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1115 ";Bss=" TARGET_ABI_FMT_lx,
1116 ts->info->code_offset,
1117 ts->info->data_offset,
1118 ts->info->data_offset);
1122 #else /* !CONFIG_USER_ONLY */
1123 else if (strncmp(p, "Rcmd,", 5) == 0) {
1124 int len = strlen(p + 5);
1126 if ((len % 2) != 0) {
1127 put_packet(s, "E01");
1130 hextomem(mem_buf, p + 5, len);
1133 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1134 put_packet(s, "OK");
1137 #endif /* !CONFIG_USER_ONLY */
1138 if (strncmp(p, "Supported", 9) == 0) {
1139 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1140 cc = CPU_GET_CLASS(first_cpu);
1141 if (cc->gdb_core_xml_file != NULL) {
1142 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1147 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1149 target_ulong total_len;
1151 cc = CPU_GET_CLASS(first_cpu);
1152 if (cc->gdb_core_xml_file == NULL) {
1153 goto unknown_command;
1158 xml = get_feature_xml(p, &p, cc);
1160 snprintf(buf, sizeof(buf), "E00");
1167 addr = strtoul(p, (char **)&p, 16);
1170 len = strtoul(p, (char **)&p, 16);
1172 total_len = strlen(xml);
1173 if (addr > total_len) {
1174 snprintf(buf, sizeof(buf), "E00");
1178 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1179 len = (MAX_PACKET_LENGTH - 5) / 2;
1180 if (len < total_len - addr) {
1182 len = memtox(buf + 1, xml + addr, len);
1185 len = memtox(buf + 1, xml + addr, total_len - addr);
1187 put_packet_binary(s, buf, len + 1);
1190 /* Unrecognised 'q' command. */
1191 goto unknown_command;
1195 /* put empty packet */
1203 void gdb_set_stop_cpu(CPUState *cpu)
1205 gdbserver_state->c_cpu = cpu;
1206 gdbserver_state->g_cpu = cpu;
1209 #ifndef CONFIG_USER_ONLY
1210 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1212 GDBState *s = gdbserver_state;
1213 CPUArchState *env = s->c_cpu->env_ptr;
1214 CPUState *cpu = s->c_cpu;
1219 if (running || s->state == RS_INACTIVE) {
1222 /* Is there a GDB syscall waiting to be sent? */
1223 if (s->current_syscall_cb) {
1224 put_packet(s, s->syscall_buf);
1228 case RUN_STATE_DEBUG:
1229 if (cpu->watchpoint_hit) {
1230 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1241 snprintf(buf, sizeof(buf),
1242 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1243 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1244 (target_ulong)cpu->watchpoint_hit->vaddr);
1245 cpu->watchpoint_hit = NULL;
1249 ret = GDB_SIGNAL_TRAP;
1251 case RUN_STATE_PAUSED:
1252 ret = GDB_SIGNAL_INT;
1254 case RUN_STATE_SHUTDOWN:
1255 ret = GDB_SIGNAL_QUIT;
1257 case RUN_STATE_IO_ERROR:
1258 ret = GDB_SIGNAL_IO;
1260 case RUN_STATE_WATCHDOG:
1261 ret = GDB_SIGNAL_ALRM;
1263 case RUN_STATE_INTERNAL_ERROR:
1264 ret = GDB_SIGNAL_ABRT;
1266 case RUN_STATE_SAVE_VM:
1267 case RUN_STATE_RESTORE_VM:
1269 case RUN_STATE_FINISH_MIGRATE:
1270 ret = GDB_SIGNAL_XCPU;
1273 ret = GDB_SIGNAL_UNKNOWN;
1276 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1281 /* disable single step if it was enabled */
1282 cpu_single_step(cpu, 0);
1286 /* Send a gdb syscall request.
1287 This accepts limited printf-style format specifiers, specifically:
1288 %x - target_ulong argument printed in hex.
1289 %lx - 64-bit argument printed in hex.
1290 %s - string pointer (target_ulong) and length (int) pair. */
1291 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1300 s = gdbserver_state;
1303 s->current_syscall_cb = cb;
1304 #ifndef CONFIG_USER_ONLY
1305 vm_stop(RUN_STATE_DEBUG);
1309 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1316 addr = va_arg(va, target_ulong);
1317 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1320 if (*(fmt++) != 'x')
1322 i64 = va_arg(va, uint64_t);
1323 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1326 addr = va_arg(va, target_ulong);
1327 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1328 addr, va_arg(va, int));
1332 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1342 #ifdef CONFIG_USER_ONLY
1343 put_packet(s, s->syscall_buf);
1344 gdb_handlesig(s->c_cpu, 0);
1346 /* In this case wait to send the syscall packet until notification that
1347 the CPU has stopped. This must be done because if the packet is sent
1348 now the reply from the syscall request could be received while the CPU
1349 is still in the running state, which can cause packets to be dropped
1350 and state transition 'T' packets to be sent while the syscall is still
1356 static void gdb_read_byte(GDBState *s, int ch)
1361 #ifndef CONFIG_USER_ONLY
1362 if (s->last_packet_len) {
1363 /* Waiting for a response to the last packet. If we see the start
1364 of a new command then abandon the previous response. */
1367 printf("Got NACK, retransmitting\n");
1369 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1373 printf("Got ACK\n");
1375 printf("Got '%c' when expecting ACK/NACK\n", ch);
1377 if (ch == '+' || ch == '$')
1378 s->last_packet_len = 0;
1382 if (runstate_is_running()) {
1383 /* when the CPU is running, we cannot do anything except stop
1384 it when receiving a char */
1385 vm_stop(RUN_STATE_PAUSED);
1392 s->line_buf_index = 0;
1393 s->state = RS_GETLINE;
1398 s->state = RS_CHKSUM1;
1399 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1402 s->line_buf[s->line_buf_index++] = ch;
1406 s->line_buf[s->line_buf_index] = '\0';
1407 s->line_csum = fromhex(ch) << 4;
1408 s->state = RS_CHKSUM2;
1411 s->line_csum |= fromhex(ch);
1413 for(i = 0; i < s->line_buf_index; i++) {
1414 csum += s->line_buf[i];
1416 if (s->line_csum != (csum & 0xff)) {
1418 put_buffer(s, &reply, 1);
1422 put_buffer(s, &reply, 1);
1423 s->state = gdb_handle_packet(s, s->line_buf);
1432 /* Tell the remote gdb that the process has exited. */
1433 void gdb_exit(CPUArchState *env, int code)
1438 s = gdbserver_state;
1442 #ifdef CONFIG_USER_ONLY
1443 if (gdbserver_fd < 0 || s->fd < 0) {
1452 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1455 #ifndef CONFIG_USER_ONLY
1456 qemu_chr_delete(s->chr);
1460 #ifdef CONFIG_USER_ONLY
1466 s = gdbserver_state;
1468 if (gdbserver_fd < 0 || s->fd < 0)
1475 gdb_handlesig(CPUState *cpu, int sig)
1477 CPUArchState *env = cpu->env_ptr;
1482 s = gdbserver_state;
1483 if (gdbserver_fd < 0 || s->fd < 0) {
1487 /* disable single step if it was enabled */
1488 cpu_single_step(cpu, 0);
1492 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1495 /* put_packet() might have detected that the peer terminated the
1503 s->running_state = 0;
1504 while (s->running_state == 0) {
1505 n = read(s->fd, buf, 256);
1509 for (i = 0; i < n; i++) {
1510 gdb_read_byte(s, buf[i]);
1512 } else if (n == 0 || errno != EAGAIN) {
1513 /* XXX: Connection closed. Should probably wait for another
1514 connection before continuing. */
1523 /* Tell the remote gdb that the process has exited due to SIG. */
1524 void gdb_signalled(CPUArchState *env, int sig)
1529 s = gdbserver_state;
1530 if (gdbserver_fd < 0 || s->fd < 0) {
1534 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1538 static void gdb_accept(void)
1541 struct sockaddr_in sockaddr;
1546 len = sizeof(sockaddr);
1547 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1548 if (fd < 0 && errno != EINTR) {
1551 } else if (fd >= 0) {
1553 fcntl(fd, F_SETFD, FD_CLOEXEC);
1559 /* set short latency */
1560 socket_set_nodelay(fd);
1562 s = g_malloc0(sizeof(GDBState));
1563 s->c_cpu = first_cpu;
1564 s->g_cpu = first_cpu;
1566 gdb_has_xml = false;
1568 gdbserver_state = s;
1570 fcntl(fd, F_SETFL, O_NONBLOCK);
1573 static int gdbserver_open(int port)
1575 struct sockaddr_in sockaddr;
1578 fd = socket(PF_INET, SOCK_STREAM, 0);
1584 fcntl(fd, F_SETFD, FD_CLOEXEC);
1587 socket_set_fast_reuse(fd);
1589 sockaddr.sin_family = AF_INET;
1590 sockaddr.sin_port = htons(port);
1591 sockaddr.sin_addr.s_addr = 0;
1592 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1598 ret = listen(fd, 0);
1607 int gdbserver_start(int port)
1609 gdbserver_fd = gdbserver_open(port);
1610 if (gdbserver_fd < 0)
1612 /* accept connections */
1617 /* Disable gdb stub for child processes. */
1618 void gdbserver_fork(CPUArchState *env)
1620 CPUState *cpu = ENV_GET_CPU(env);
1621 GDBState *s = gdbserver_state;
1623 if (gdbserver_fd < 0 || s->fd < 0) {
1628 cpu_breakpoint_remove_all(cpu, BP_GDB);
1629 cpu_watchpoint_remove_all(cpu, BP_GDB);
1632 static int gdb_chr_can_receive(void *opaque)
1634 /* We can handle an arbitrarily large amount of data.
1635 Pick the maximum packet size, which is as good as anything. */
1636 return MAX_PACKET_LENGTH;
1639 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1643 for (i = 0; i < size; i++) {
1644 gdb_read_byte(gdbserver_state, buf[i]);
1648 static void gdb_chr_event(void *opaque, int event)
1651 case CHR_EVENT_OPENED:
1652 vm_stop(RUN_STATE_PAUSED);
1653 gdb_has_xml = false;
1660 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1662 char buf[MAX_PACKET_LENGTH];
1665 if (len > (MAX_PACKET_LENGTH/2) - 1)
1666 len = (MAX_PACKET_LENGTH/2) - 1;
1667 memtohex(buf + 1, (uint8_t *)msg, len);
1671 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1673 const char *p = (const char *)buf;
1676 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1678 if (len <= max_sz) {
1679 gdb_monitor_output(gdbserver_state, p, len);
1682 gdb_monitor_output(gdbserver_state, p, max_sz);
1690 static void gdb_sigterm_handler(int signal)
1692 if (runstate_is_running()) {
1693 vm_stop(RUN_STATE_PAUSED);
1698 int gdbserver_start(const char *device)
1701 char gdbstub_device_name[128];
1702 CharDriverState *chr = NULL;
1703 CharDriverState *mon_chr;
1707 if (strcmp(device, "none") != 0) {
1708 if (strstart(device, "tcp:", NULL)) {
1709 /* enforce required TCP attributes */
1710 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1711 "%s,nowait,nodelay,server", device);
1712 device = gdbstub_device_name;
1715 else if (strcmp(device, "stdio") == 0) {
1716 struct sigaction act;
1718 memset(&act, 0, sizeof(act));
1719 act.sa_handler = gdb_sigterm_handler;
1720 sigaction(SIGINT, &act, NULL);
1723 chr = qemu_chr_new("gdb", device, NULL);
1727 qemu_chr_fe_claim_no_fail(chr);
1728 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1729 gdb_chr_event, NULL);
1732 s = gdbserver_state;
1734 s = g_malloc0(sizeof(GDBState));
1735 gdbserver_state = s;
1737 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1739 /* Initialize a monitor terminal for gdb */
1740 mon_chr = qemu_chr_alloc();
1741 mon_chr->chr_write = gdb_monitor_write;
1742 monitor_init(mon_chr, 0);
1745 qemu_chr_delete(s->chr);
1746 mon_chr = s->mon_chr;
1747 memset(s, 0, sizeof(GDBState));
1749 s->c_cpu = first_cpu;
1750 s->g_cpu = first_cpu;
1752 s->state = chr ? RS_IDLE : RS_INACTIVE;
1753 s->mon_chr = mon_chr;
1754 s->current_syscall_cb = NULL;
projects / lisovros / qemu_apohw.git / blob