]> git.proxmox.com Git - mirror_qemu.git/blame - gdbstub.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
target-ppc: Use PowerPCCPU in PowerPCCPUClass::handle_mmu_fault hook
[mirror_qemu.git] / gdbstub.c
CommitLineData
b4608c04
FB		 1/*
2 * gdb server stub
5fafdf24 3 *
3475187d 4 * Copyright (c) 2003-2005 Fabrice Bellard
b4608c04
FB		 5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
b4608c04 18 */
978efd6a 19#include "config.h"
56aebc89 20#include "qemu-common.h"
1fddef4b
FB		 21#ifdef CONFIG_USER_ONLY
22#include <stdlib.h>
23#include <stdio.h>
24#include <stdarg.h>
25#include <string.h>
26#include <errno.h>
27#include <unistd.h>
978efd6a 28#include <fcntl.h>
1fddef4b
FB		 29
30#include "qemu.h"
31#else
83c9089e 32#include "monitor/monitor.h"
dccfcd0e 33#include "sysemu/char.h"
9c17d615 34#include "sysemu/sysemu.h"
022c62cb 35#include "exec/gdbstub.h"
1fddef4b 36#endif
67b915a5 37
56aebc89
PB		 38#define MAX_PACKET_LENGTH 4096
39
2b41f10e 40#include "cpu.h"
1de7afc9 41#include "qemu/sockets.h"
9c17d615 42#include "sysemu/kvm.h"
ca587a8e 43
f3659eee
AF		 44static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
45 uint8_t *buf, int len, bool is_write)
44520db1 46{
f3659eee
AF		 47 CPUClass *cc = CPU_GET_CLASS(cpu);
48
49 if (cc->memory_rw_debug) {
50 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
51 }
52 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
44520db1 53}
ca587a8e
AJ		 54
55enum {
56 GDB_SIGNAL_0 = 0,
57 GDB_SIGNAL_INT = 2,
425189a8 58 GDB_SIGNAL_QUIT = 3,
ca587a8e 59 GDB_SIGNAL_TRAP = 5,
425189a8
JK		 60 GDB_SIGNAL_ABRT = 6,
61 GDB_SIGNAL_ALRM = 14,
62 GDB_SIGNAL_IO = 23,
63 GDB_SIGNAL_XCPU = 24,
ca587a8e
AJ		 64 GDB_SIGNAL_UNKNOWN = 143
65};
66
67#ifdef CONFIG_USER_ONLY
68
69/* Map target signal numbers to GDB protocol signal numbers and vice
70 * versa. For user emulation's currently supported systems, we can
71 * assume most signals are defined.
72 */
73
74static int gdb_signal_table[] = {
75 0,
76 TARGET_SIGHUP,
77 TARGET_SIGINT,
78 TARGET_SIGQUIT,
79 TARGET_SIGILL,
80 TARGET_SIGTRAP,
81 TARGET_SIGABRT,
82 -1, /* SIGEMT */
83 TARGET_SIGFPE,
84 TARGET_SIGKILL,
85 TARGET_SIGBUS,
86 TARGET_SIGSEGV,
87 TARGET_SIGSYS,
88 TARGET_SIGPIPE,
89 TARGET_SIGALRM,
90 TARGET_SIGTERM,
91 TARGET_SIGURG,
92 TARGET_SIGSTOP,
93 TARGET_SIGTSTP,
94 TARGET_SIGCONT,
95 TARGET_SIGCHLD,
96 TARGET_SIGTTIN,
97 TARGET_SIGTTOU,
98 TARGET_SIGIO,
99 TARGET_SIGXCPU,
100 TARGET_SIGXFSZ,
101 TARGET_SIGVTALRM,
102 TARGET_SIGPROF,
103 TARGET_SIGWINCH,
104 -1, /* SIGLOST */
105 TARGET_SIGUSR1,
106 TARGET_SIGUSR2,
c72d5bf8 107#ifdef TARGET_SIGPWR
ca587a8e 108 TARGET_SIGPWR,
c72d5bf8
BS		 109#else
110 -1,
111#endif
ca587a8e
AJ		 112 -1, /* SIGPOLL */
113 -1,
114 -1,
115 -1,
116 -1,
117 -1,
118 -1,
119 -1,
120 -1,
121 -1,
122 -1,
123 -1,
c72d5bf8 124#ifdef __SIGRTMIN
ca587a8e
AJ		 125 __SIGRTMIN + 1,
126 __SIGRTMIN + 2,
127 __SIGRTMIN + 3,
128 __SIGRTMIN + 4,
129 __SIGRTMIN + 5,
130 __SIGRTMIN + 6,
131 __SIGRTMIN + 7,
132 __SIGRTMIN + 8,
133 __SIGRTMIN + 9,
134 __SIGRTMIN + 10,
135 __SIGRTMIN + 11,
136 __SIGRTMIN + 12,
137 __SIGRTMIN + 13,
138 __SIGRTMIN + 14,
139 __SIGRTMIN + 15,
140 __SIGRTMIN + 16,
141 __SIGRTMIN + 17,
142 __SIGRTMIN + 18,
143 __SIGRTMIN + 19,
144 __SIGRTMIN + 20,
145 __SIGRTMIN + 21,
146 __SIGRTMIN + 22,
147 __SIGRTMIN + 23,
148 __SIGRTMIN + 24,
149 __SIGRTMIN + 25,
150 __SIGRTMIN + 26,
151 __SIGRTMIN + 27,
152 __SIGRTMIN + 28,
153 __SIGRTMIN + 29,
154 __SIGRTMIN + 30,
155 __SIGRTMIN + 31,
156 -1, /* SIGCANCEL */
157 __SIGRTMIN,
158 __SIGRTMIN + 32,
159 __SIGRTMIN + 33,
160 __SIGRTMIN + 34,
161 __SIGRTMIN + 35,
162 __SIGRTMIN + 36,
163 __SIGRTMIN + 37,
164 __SIGRTMIN + 38,
165 __SIGRTMIN + 39,
166 __SIGRTMIN + 40,
167 __SIGRTMIN + 41,
168 __SIGRTMIN + 42,
169 __SIGRTMIN + 43,
170 __SIGRTMIN + 44,
171 __SIGRTMIN + 45,
172 __SIGRTMIN + 46,
173 __SIGRTMIN + 47,
174 __SIGRTMIN + 48,
175 __SIGRTMIN + 49,
176 __SIGRTMIN + 50,
177 __SIGRTMIN + 51,
178 __SIGRTMIN + 52,
179 __SIGRTMIN + 53,
180 __SIGRTMIN + 54,
181 __SIGRTMIN + 55,
182 __SIGRTMIN + 56,
183 __SIGRTMIN + 57,
184 __SIGRTMIN + 58,
185 __SIGRTMIN + 59,
186 __SIGRTMIN + 60,
187 __SIGRTMIN + 61,
188 __SIGRTMIN + 62,
189 __SIGRTMIN + 63,
190 __SIGRTMIN + 64,
191 __SIGRTMIN + 65,
192 __SIGRTMIN + 66,
193 __SIGRTMIN + 67,
194 __SIGRTMIN + 68,
195 __SIGRTMIN + 69,
196 __SIGRTMIN + 70,
197 __SIGRTMIN + 71,
198 __SIGRTMIN + 72,
199 __SIGRTMIN + 73,
200 __SIGRTMIN + 74,
201 __SIGRTMIN + 75,
202 __SIGRTMIN + 76,
203 __SIGRTMIN + 77,
204 __SIGRTMIN + 78,
205 __SIGRTMIN + 79,
206 __SIGRTMIN + 80,
207 __SIGRTMIN + 81,
208 __SIGRTMIN + 82,
209 __SIGRTMIN + 83,
210 __SIGRTMIN + 84,
211 __SIGRTMIN + 85,
212 __SIGRTMIN + 86,
213 __SIGRTMIN + 87,
214 __SIGRTMIN + 88,
215 __SIGRTMIN + 89,
216 __SIGRTMIN + 90,
217 __SIGRTMIN + 91,
218 __SIGRTMIN + 92,
219 __SIGRTMIN + 93,
220 __SIGRTMIN + 94,
221 __SIGRTMIN + 95,
222 -1, /* SIGINFO */
223 -1, /* UNKNOWN */
224 -1, /* DEFAULT */
225 -1,
226 -1,
227 -1,
228 -1,
229 -1,
230 -1
c72d5bf8 231#endif
ca587a8e 232};
8f447cc7 233#else
ca587a8e
AJ		 234/* In system mode we only need SIGINT and SIGTRAP; other signals
235 are not yet supported. */
236
237enum {
238 TARGET_SIGINT = 2,
239 TARGET_SIGTRAP = 5
240};
241
242static int gdb_signal_table[] = {
243 -1,
244 -1,
245 TARGET_SIGINT,
246 -1,
247 -1,
248 TARGET_SIGTRAP
249};
250#endif
251
252#ifdef CONFIG_USER_ONLY
253static int target_signal_to_gdb (int sig)
254{
255 int i;
256 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
257 if (gdb_signal_table[i] == sig)
258 return i;
259 return GDB_SIGNAL_UNKNOWN;
260}
8f447cc7 261#endif
b4608c04 262
ca587a8e
AJ		 263static int gdb_signal_to_target (int sig)
264{
265 if (sig < ARRAY_SIZE (gdb_signal_table))
266 return gdb_signal_table[sig];
267 else
268 return -1;
269}
270
4abe615b 271//#define DEBUG_GDB
b4608c04 272
56aebc89
PB		 273typedef struct GDBRegisterState {
274 int base_reg;
275 int num_regs;
276 gdb_reg_cb get_reg;
277 gdb_reg_cb set_reg;
278 const char *xml;
279 struct GDBRegisterState *next;
280} GDBRegisterState;
281
858693c6 282enum RSState {
36556b20 283 RS_INACTIVE,
858693c6
FB		 284 RS_IDLE,
285 RS_GETLINE,
286 RS_CHKSUM1,
287 RS_CHKSUM2,
288};
858693c6 289typedef struct GDBState {
2e0f2cfb
AF		 290 CPUState *c_cpu; /* current CPU for step/continue ops */
291 CPUState *g_cpu; /* current CPU for other ops */
52f34623 292 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
41625033 293 enum RSState state; /* parsing state */
56aebc89 294 char line_buf[MAX_PACKET_LENGTH];
858693c6
FB		 295 int line_buf_index;
296 int line_csum;
56aebc89 297 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
4046d913 298 int last_packet_len;
1f487ee9 299 int signal;
41625033 300#ifdef CONFIG_USER_ONLY
4046d913 301 int fd;
41625033 302 int running_state;
4046d913
PB		 303#else
304 CharDriverState *chr;
8a34a0fb 305 CharDriverState *mon_chr;
41625033 306#endif
cdb432b2
MI		 307 char syscall_buf[256];
308 gdb_syscall_complete_cb current_syscall_cb;
858693c6 309} GDBState;
b4608c04 310
60897d36
EI		 311/* By default use no IRQs and no timers while single stepping so as to
312 * make single stepping like an ICE HW step.
313 */
314static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
315
880a7578
AL		 316static GDBState *gdbserver_state;
317
5b50e790 318bool gdb_has_xml;
56aebc89 319
1fddef4b 320#ifdef CONFIG_USER_ONLY
4046d913
PB		 321/* XXX: This is not thread safe. Do we care? */
322static int gdbserver_fd = -1;
323
858693c6 324static int get_char(GDBState *s)
b4608c04
FB		 325{
326 uint8_t ch;
327 int ret;
328
329 for(;;) {
00aa0040 330 ret = qemu_recv(s->fd, &ch, 1, 0);
b4608c04 331 if (ret < 0) {
1f487ee9
EI		 332 if (errno == ECONNRESET)
333 s->fd = -1;
b4608c04
FB		 334 if (errno != EINTR && errno != EAGAIN)
335 return -1;
336 } else if (ret == 0) {
1f487ee9
EI		 337 close(s->fd);
338 s->fd = -1;
b4608c04
FB		 339 return -1;
340 } else {
341 break;
342 }
343 }
344 return ch;
345}
4046d913 346#endif
b4608c04 347
654efcf3 348static enum {
a2d1ebaf
PB		 349 GDB_SYS_UNKNOWN,
350 GDB_SYS_ENABLED,
351 GDB_SYS_DISABLED,
352} gdb_syscall_mode;
353
354/* If gdb is connected when the first semihosting syscall occurs then use
355 remote gdb syscalls. Otherwise use native file IO. */
356int use_gdb_syscalls(void)
357{
358 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
880a7578
AL		 359 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
360 : GDB_SYS_DISABLED);
a2d1ebaf
PB		 361 }
362 return gdb_syscall_mode == GDB_SYS_ENABLED;
363}
364
ba70a624
EI		 365/* Resume execution. */
366static inline void gdb_continue(GDBState *s)
367{
368#ifdef CONFIG_USER_ONLY
369 s->running_state = 1;
370#else
26ac7a31 371 if (!runstate_needs_reset()) {
87f25c12
PB		 372 vm_start();
373 }
ba70a624
EI		 374#endif
375}
376
858693c6 377static void put_buffer(GDBState *s, const uint8_t *buf, int len)
b4608c04 378{
4046d913 379#ifdef CONFIG_USER_ONLY
b4608c04
FB		 380 int ret;
381
382 while (len > 0) {
8f447cc7 383 ret = send(s->fd, buf, len, 0);
b4608c04
FB		 384 if (ret < 0) {
385 if (errno != EINTR && errno != EAGAIN)
386 return;
387 } else {
388 buf += ret;
389 len -= ret;
390 }
391 }
4046d913 392#else
2cc6e0a1 393 qemu_chr_fe_write(s->chr, buf, len);
4046d913 394#endif
b4608c04
FB		 395}
396
397static inline int fromhex(int v)
398{
399 if (v >= '0' && v <= '9')
400 return v - '0';
401 else if (v >= 'A' && v <= 'F')
402 return v - 'A' + 10;
403 else if (v >= 'a' && v <= 'f')
404 return v - 'a' + 10;
405 else
406 return 0;
407}
408
409static inline int tohex(int v)
410{
411 if (v < 10)
412 return v + '0';
413 else
414 return v - 10 + 'a';
415}
416
417static void memtohex(char *buf, const uint8_t *mem, int len)
418{
419 int i, c;
420 char *q;
421 q = buf;
422 for(i = 0; i < len; i++) {
423 c = mem[i];
424 *q++ = tohex(c >> 4);
425 *q++ = tohex(c & 0xf);
426 }
427 *q = '\0';
428}
429
430static void hextomem(uint8_t *mem, const char *buf, int len)
431{
432 int i;
433
434 for(i = 0; i < len; i++) {
435 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
436 buf += 2;
437 }
438}
439
b4608c04 440/* return -1 if error, 0 if OK */
56aebc89 441static int put_packet_binary(GDBState *s, const char *buf, int len)
b4608c04 442{
56aebc89 443 int csum, i;
60fe76f3 444 uint8_t *p;
b4608c04 445
b4608c04 446 for(;;) {
4046d913
PB		 447 p = s->last_packet;
448 *(p++) = '$';
4046d913
PB		 449 memcpy(p, buf, len);
450 p += len;
b4608c04
FB		 451 csum = 0;
452 for(i = 0; i < len; i++) {
453 csum += buf[i];
454 }
4046d913
PB		 455 *(p++) = '#';
456 *(p++) = tohex((csum >> 4) & 0xf);
457 *(p++) = tohex((csum) & 0xf);
b4608c04 458
4046d913 459 s->last_packet_len = p - s->last_packet;
ffe8ab83 460 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
b4608c04 461
4046d913
PB		 462#ifdef CONFIG_USER_ONLY
463 i = get_char(s);
464 if (i < 0)
b4608c04 465 return -1;
4046d913 466 if (i == '+')
b4608c04 467 break;
4046d913
PB		 468#else
469 break;
470#endif
b4608c04
FB		 471 }
472 return 0;
473}
474
56aebc89
PB		 475/* return -1 if error, 0 if OK */
476static int put_packet(GDBState *s, const char *buf)
477{
478#ifdef DEBUG_GDB
479 printf("reply='%s'\n", buf);
480#endif
79808573 481
56aebc89
PB		 482 return put_packet_binary(s, buf, strlen(buf));
483}
484
56aebc89
PB		 485/* Encode data using the encoding for 'x' packets. */
486static int memtox(char *buf, const char *mem, int len)
487{
488 char *p = buf;
489 char c;
490
491 while (len--) {
492 c = *(mem++);
493 switch (c) {
494 case '#': case '$': case '*': case '}':
495 *(p++) = '}';
496 *(p++) = c ^ 0x20;
497 break;
498 default:
499 *(p++) = c;
500 break;
501 }
502 }
503 return p - buf;
504}
f1ccf904 505
5b24c641
AF		 506static const char *get_feature_xml(const char *p, const char **newp,
507 CPUClass *cc)
56aebc89 508{
56aebc89
PB		 509 size_t len;
510 int i;
511 const char *name;
512 static char target_xml[1024];
513
514 len = 0;
515 while (p[len] && p[len] != ':')
516 len++;
517 *newp = p + len;
518
519 name = NULL;
520 if (strncmp(p, "target.xml", len) == 0) {
521 /* Generate the XML description for this CPU. */
522 if (!target_xml[0]) {
523 GDBRegisterState *r;
eac8b355 524 CPUState *cpu = first_cpu;
56aebc89 525
5b3715bf
BS		 526 snprintf(target_xml, sizeof(target_xml),
527 "<?xml version=\"1.0\"?>"
528 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
529 "<target>"
530 "<xi:include href=\"%s\"/>",
5b24c641 531 cc->gdb_core_xml_file);
56aebc89 532
eac8b355 533 for (r = cpu->gdb_regs; r; r = r->next) {
2dc766da
BS		 534 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
535 pstrcat(target_xml, sizeof(target_xml), r->xml);
536 pstrcat(target_xml, sizeof(target_xml), "\"/>");
56aebc89 537 }
2dc766da 538 pstrcat(target_xml, sizeof(target_xml), "</target>");
56aebc89
PB		 539 }
540 return target_xml;
541 }
542 for (i = 0; ; i++) {
543 name = xml_builtin[i][0];
544 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
545 break;
546 }
547 return name ? xml_builtin[i][1] : NULL;
548}
f1ccf904 549
385b9f0e 550static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
56aebc89 551{
a0e372f0 552 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 553 CPUArchState *env = cpu->env_ptr;
56aebc89 554 GDBRegisterState *r;
f1ccf904 555
a0e372f0 556 if (reg < cc->gdb_num_core_regs) {
5b50e790 557 return cc->gdb_read_register(cpu, mem_buf, reg);
a0e372f0 558 }
f1ccf904 559
eac8b355 560 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 561 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
562 return r->get_reg(env, mem_buf, reg - r->base_reg);
563 }
564 }
565 return 0;
f1ccf904
TS		 566}
567
385b9f0e 568static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
f1ccf904 569{
a0e372f0 570 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 571 CPUArchState *env = cpu->env_ptr;
56aebc89 572 GDBRegisterState *r;
f1ccf904 573
a0e372f0 574 if (reg < cc->gdb_num_core_regs) {
5b50e790 575 return cc->gdb_write_register(cpu, mem_buf, reg);
a0e372f0 576 }
56aebc89 577
eac8b355 578 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 579 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
580 return r->set_reg(env, mem_buf, reg - r->base_reg);
581 }
582 }
6da41eaf
FB		 583 return 0;
584}
585
56aebc89
PB		 586/* Register a supplemental set of CPU registers. If g_pos is nonzero it
587 specifies the first register number and these registers are included in
588 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
589 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
590 */
591
22169d41
AF		 592void gdb_register_coprocessor(CPUState *cpu,
593 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
594 int num_regs, const char *xml, int g_pos)
6da41eaf 595{
56aebc89
PB		 596 GDBRegisterState *s;
597 GDBRegisterState **p;
56aebc89 598
eac8b355 599 p = &cpu->gdb_regs;
56aebc89
PB		 600 while (*p) {
601 /* Check for duplicates. */
602 if (strcmp((*p)->xml, xml) == 0)
603 return;
604 p = &(*p)->next;
605 }
9643c25f
SW		 606
607 s = g_new0(GDBRegisterState, 1);
a0e372f0 608 s->base_reg = cpu->gdb_num_regs;
9643c25f
SW		 609 s->num_regs = num_regs;
610 s->get_reg = get_reg;
611 s->set_reg = set_reg;
612 s->xml = xml;
613
56aebc89 614 /* Add to end of list. */
a0e372f0 615 cpu->gdb_num_regs += num_regs;
56aebc89
PB		 616 *p = s;
617 if (g_pos) {
618 if (g_pos != s->base_reg) {
619 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
620 "Expected %d got %d\n", xml, g_pos, s->base_reg);
35143f01
AF		 621 } else {
622 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
56aebc89
PB		 623 }
624 }
6da41eaf
FB		 625}
626
a1d1bb31
AL		 627#ifndef CONFIG_USER_ONLY
628static const int xlat_gdb_type[] = {
629 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
630 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
631 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
632};
633#endif
634
880a7578 635static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
a1d1bb31 636{
182735ef 637 CPUState *cpu;
9349b4f9 638 CPUArchState *env;
880a7578
AL		 639 int err = 0;
640
62278814 641 if (kvm_enabled()) {
2e0f2cfb 642 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 643 }
e22a25c9 644
a1d1bb31
AL		 645 switch (type) {
646 case GDB_BREAKPOINT_SW:
647 case GDB_BREAKPOINT_HW:
bdc44640 648 CPU_FOREACH(cpu) {
182735ef 649 env = cpu->env_ptr;
880a7578
AL		 650 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
651 if (err)
652 break;
653 }
654 return err;
a1d1bb31
AL		 655#ifndef CONFIG_USER_ONLY
656 case GDB_WATCHPOINT_WRITE:
657 case GDB_WATCHPOINT_READ:
658 case GDB_WATCHPOINT_ACCESS:
bdc44640 659 CPU_FOREACH(cpu) {
182735ef 660 env = cpu->env_ptr;
880a7578
AL		 661 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
662 NULL);
663 if (err)
664 break;
665 }
666 return err;
a1d1bb31
AL		 667#endif
668 default:
669 return -ENOSYS;
670 }
671}
672
880a7578 673static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
a1d1bb31 674{
182735ef 675 CPUState *cpu;
9349b4f9 676 CPUArchState *env;
880a7578
AL		 677 int err = 0;
678
62278814 679 if (kvm_enabled()) {
2e0f2cfb 680 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 681 }
e22a25c9 682
a1d1bb31
AL		 683 switch (type) {
684 case GDB_BREAKPOINT_SW:
685 case GDB_BREAKPOINT_HW:
bdc44640 686 CPU_FOREACH(cpu) {
182735ef 687 env = cpu->env_ptr;
880a7578
AL		 688 err = cpu_breakpoint_remove(env, addr, BP_GDB);
689 if (err)
690 break;
691 }
692 return err;
a1d1bb31
AL		 693#ifndef CONFIG_USER_ONLY
694 case GDB_WATCHPOINT_WRITE:
695 case GDB_WATCHPOINT_READ:
696 case GDB_WATCHPOINT_ACCESS:
bdc44640 697 CPU_FOREACH(cpu) {
182735ef 698 env = cpu->env_ptr;
880a7578
AL		 699 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
700 if (err)
701 break;
702 }
703 return err;
a1d1bb31
AL		 704#endif
705 default:
706 return -ENOSYS;
707 }
708}
709
880a7578 710static void gdb_breakpoint_remove_all(void)
a1d1bb31 711{
182735ef 712 CPUState *cpu;
9349b4f9 713 CPUArchState *env;
880a7578 714
e22a25c9 715 if (kvm_enabled()) {
2e0f2cfb 716 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
e22a25c9
AL		 717 return;
718 }
719
bdc44640 720 CPU_FOREACH(cpu) {
182735ef 721 env = cpu->env_ptr;
880a7578 722 cpu_breakpoint_remove_all(env, BP_GDB);
a1d1bb31 723#ifndef CONFIG_USER_ONLY
880a7578 724 cpu_watchpoint_remove_all(env, BP_GDB);
a1d1bb31 725#endif
880a7578 726 }
a1d1bb31
AL		 727}
728
fab9d284
AJ		 729static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
730{
2e0f2cfb 731 CPUState *cpu = s->c_cpu;
f45748f1
AF		 732 CPUClass *cc = CPU_GET_CLASS(cpu);
733
734 cpu_synchronize_state(cpu);
735 if (cc->set_pc) {
736 cc->set_pc(cpu, pc);
ff1d1977 737 }
fab9d284
AJ		 738}
739
2e0f2cfb 740static CPUState *find_cpu(uint32_t thread_id)
1e9fa730 741{
0d34282f 742 CPUState *cpu;
1e9fa730 743
bdc44640 744 CPU_FOREACH(cpu) {
aa48dd93 745 if (cpu_index(cpu) == thread_id) {
2e0f2cfb 746 return cpu;
aa48dd93 747 }
1e9fa730 748 }
aa48dd93
AF		 749
750 return NULL;
1e9fa730
NF		 751}
752
880a7578 753static int gdb_handle_packet(GDBState *s, const char *line_buf)
b4608c04 754{
2e0f2cfb 755 CPUState *cpu;
5b24c641 756 CPUClass *cc;
b4608c04 757 const char *p;
1e9fa730
NF		 758 uint32_t thread;
759 int ch, reg_size, type, res;
56aebc89
PB		 760 char buf[MAX_PACKET_LENGTH];
761 uint8_t mem_buf[MAX_PACKET_LENGTH];
762 uint8_t *registers;
9d9754a3 763 target_ulong addr, len;
3b46e624 764
858693c6
FB		 765#ifdef DEBUG_GDB
766 printf("command='%s'\n", line_buf);
767#endif
768 p = line_buf;
769 ch = *p++;
770 switch(ch) {
771 case '?':
1fddef4b 772 /* TODO: Make this return the correct value for user-mode. */
ca587a8e 773 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
2e0f2cfb 774 cpu_index(s->c_cpu));
858693c6 775 put_packet(s, buf);
7d03f82f
EI		 776 /* Remove all the breakpoints when this query is issued,
777 * because gdb is doing and initial connect and the state
778 * should be cleaned up.
779 */
880a7578 780 gdb_breakpoint_remove_all();
858693c6
FB		 781 break;
782 case 'c':
783 if (*p != '\0') {
9d9754a3 784 addr = strtoull(p, (char **)&p, 16);
fab9d284 785 gdb_set_cpu_pc(s, addr);
858693c6 786 }
ca587a8e 787 s->signal = 0;
ba70a624 788 gdb_continue(s);
41625033 789 return RS_IDLE;
1f487ee9 790 case 'C':
ca587a8e
AJ		 791 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
792 if (s->signal == -1)
793 s->signal = 0;
1f487ee9
EI		 794 gdb_continue(s);
795 return RS_IDLE;
dd32aa10
JK		 796 case 'v':
797 if (strncmp(p, "Cont", 4) == 0) {
798 int res_signal, res_thread;
799
800 p += 4;
801 if (*p == '?') {
802 put_packet(s, "vCont;c;C;s;S");
803 break;
804 }
805 res = 0;
806 res_signal = 0;
807 res_thread = 0;
808 while (*p) {
809 int action, signal;
810
811 if (*p++ != ';') {
812 res = 0;
813 break;
814 }
815 action = *p++;
816 signal = 0;
817 if (action == 'C' || action == 'S') {
818 signal = strtoul(p, (char **)&p, 16);
819 } else if (action != 'c' && action != 's') {
820 res = 0;
821 break;
822 }
823 thread = 0;
824 if (*p == ':') {
825 thread = strtoull(p+1, (char **)&p, 16);
826 }
827 action = tolower(action);
828 if (res == 0 || (res == 'c' && action == 's')) {
829 res = action;
830 res_signal = signal;
831 res_thread = thread;
832 }
833 }
834 if (res) {
835 if (res_thread != -1 && res_thread != 0) {
2e0f2cfb
AF		 836 cpu = find_cpu(res_thread);
837 if (cpu == NULL) {
dd32aa10
JK		 838 put_packet(s, "E22");
839 break;
840 }
2e0f2cfb 841 s->c_cpu = cpu;
dd32aa10
JK		 842 }
843 if (res == 's') {
2e0f2cfb 844 cpu_single_step(s->c_cpu, sstep_flags);
dd32aa10
JK		 845 }
846 s->signal = res_signal;
847 gdb_continue(s);
848 return RS_IDLE;
849 }
850 break;
851 } else {
852 goto unknown_command;
853 }
7d03f82f 854 case 'k':
00e94dbc 855#ifdef CONFIG_USER_ONLY
7d03f82f
EI		 856 /* Kill the target */
857 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
858 exit(0);
00e94dbc 859#endif
7d03f82f
EI		 860 case 'D':
861 /* Detach packet */
880a7578 862 gdb_breakpoint_remove_all();
7ea06da3 863 gdb_syscall_mode = GDB_SYS_DISABLED;
7d03f82f
EI		 864 gdb_continue(s);
865 put_packet(s, "OK");
866 break;
858693c6
FB		 867 case 's':
868 if (*p != '\0') {
8fac5803 869 addr = strtoull(p, (char **)&p, 16);
fab9d284 870 gdb_set_cpu_pc(s, addr);
858693c6 871 }
2e0f2cfb 872 cpu_single_step(s->c_cpu, sstep_flags);
ba70a624 873 gdb_continue(s);
41625033 874 return RS_IDLE;
a2d1ebaf
PB		 875 case 'F':
876 {
877 target_ulong ret;
878 target_ulong err;
879
880 ret = strtoull(p, (char **)&p, 16);
881 if (*p == ',') {
882 p++;
883 err = strtoull(p, (char **)&p, 16);
884 } else {
885 err = 0;
886 }
887 if (*p == ',')
888 p++;
889 type = *p;
cdb432b2 890 if (s->current_syscall_cb) {
2e0f2cfb 891 s->current_syscall_cb(s->c_cpu, ret, err);
cdb432b2
MI		 892 s->current_syscall_cb = NULL;
893 }
a2d1ebaf
PB		 894 if (type == 'C') {
895 put_packet(s, "T02");
896 } else {
ba70a624 897 gdb_continue(s);
a2d1ebaf
PB		 898 }
899 }
900 break;
858693c6 901 case 'g':
2e0f2cfb 902 cpu_synchronize_state(s->g_cpu);
56aebc89 903 len = 0;
35143f01 904 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
2e0f2cfb 905 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
56aebc89
PB		 906 len += reg_size;
907 }
908 memtohex(buf, mem_buf, len);
858693c6
FB		 909 put_packet(s, buf);
910 break;
911 case 'G':
2e0f2cfb 912 cpu_synchronize_state(s->g_cpu);
56aebc89 913 registers = mem_buf;
858693c6
FB		 914 len = strlen(p) / 2;
915 hextomem((uint8_t *)registers, p, len);
35143f01 916 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
2e0f2cfb 917 reg_size = gdb_write_register(s->g_cpu, registers, addr);
56aebc89
PB		 918 len -= reg_size;
919 registers += reg_size;
920 }
858693c6
FB		 921 put_packet(s, "OK");
922 break;
923 case 'm':
9d9754a3 924 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 925 if (*p == ',')
926 p++;
9d9754a3 927 len = strtoull(p, NULL, 16);
2e0f2cfb 928 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
6f970bd9
FB		 929 put_packet (s, "E14");
930 } else {
931 memtohex(buf, mem_buf, len);
932 put_packet(s, buf);
933 }
858693c6
FB		 934 break;
935 case 'M':
9d9754a3 936 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 937 if (*p == ',')
938 p++;
9d9754a3 939 len = strtoull(p, (char **)&p, 16);
b328f873 940 if (*p == ':')
858693c6
FB		 941 p++;
942 hextomem(mem_buf, p, len);
2e0f2cfb 943 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
f3659eee 944 true) != 0) {
905f20b1 945 put_packet(s, "E14");
44520db1 946 } else {
858693c6 947 put_packet(s, "OK");
44520db1 948 }
858693c6 949 break;
56aebc89
PB		 950 case 'p':
951 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
952 This works, but can be very slow. Anything new enough to
953 understand XML also knows how to use this properly. */
954 if (!gdb_has_xml)
955 goto unknown_command;
956 addr = strtoull(p, (char **)&p, 16);
2e0f2cfb 957 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 958 if (reg_size) {
959 memtohex(buf, mem_buf, reg_size);
960 put_packet(s, buf);
961 } else {
962 put_packet(s, "E14");
963 }
964 break;
965 case 'P':
966 if (!gdb_has_xml)
967 goto unknown_command;
968 addr = strtoull(p, (char **)&p, 16);
969 if (*p == '=')
970 p++;
971 reg_size = strlen(p) / 2;
972 hextomem(mem_buf, p, reg_size);
2e0f2cfb 973 gdb_write_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 974 put_packet(s, "OK");
975 break;
858693c6 976 case 'Z':
858693c6
FB		 977 case 'z':
978 type = strtoul(p, (char **)&p, 16);
979 if (*p == ',')
980 p++;
9d9754a3 981 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 982 if (*p == ',')
983 p++;
9d9754a3 984 len = strtoull(p, (char **)&p, 16);
a1d1bb31 985 if (ch == 'Z')
880a7578 986 res = gdb_breakpoint_insert(addr, len, type);
a1d1bb31 987 else
880a7578 988 res = gdb_breakpoint_remove(addr, len, type);
a1d1bb31
AL		 989 if (res >= 0)
990 put_packet(s, "OK");
991 else if (res == -ENOSYS)
0f459d16 992 put_packet(s, "");
a1d1bb31
AL		 993 else
994 put_packet(s, "E22");
858693c6 995 break;
880a7578
AL		 996 case 'H':
997 type = *p++;
998 thread = strtoull(p, (char **)&p, 16);
999 if (thread == -1 || thread == 0) {
1000 put_packet(s, "OK");
1001 break;
1002 }
2e0f2cfb
AF		 1003 cpu = find_cpu(thread);
1004 if (cpu == NULL) {
880a7578
AL		 1005 put_packet(s, "E22");
1006 break;
1007 }
1008 switch (type) {
1009 case 'c':
2e0f2cfb 1010 s->c_cpu = cpu;
880a7578
AL		 1011 put_packet(s, "OK");
1012 break;
1013 case 'g':
2e0f2cfb 1014 s->g_cpu = cpu;
880a7578
AL		 1015 put_packet(s, "OK");
1016 break;
1017 default:
1018 put_packet(s, "E22");
1019 break;
1020 }
1021 break;
1022 case 'T':
1023 thread = strtoull(p, (char **)&p, 16);
2e0f2cfb 1024 cpu = find_cpu(thread);
1e9fa730 1025
2e0f2cfb 1026 if (cpu != NULL) {
1e9fa730
NF		 1027 put_packet(s, "OK");
1028 } else {
880a7578 1029 put_packet(s, "E22");
1e9fa730 1030 }
880a7578 1031 break;
978efd6a 1032 case 'q':
60897d36
EI		 1033 case 'Q':
1034 /* parse any 'q' packets here */
1035 if (!strcmp(p,"qemu.sstepbits")) {
1036 /* Query Breakpoint bit definitions */
363a37d5
BS		 1037 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1038 SSTEP_ENABLE,
1039 SSTEP_NOIRQ,
1040 SSTEP_NOTIMER);
60897d36
EI		 1041 put_packet(s, buf);
1042 break;
1043 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1044 /* Display or change the sstep_flags */
1045 p += 10;
1046 if (*p != '=') {
1047 /* Display current setting */
363a37d5 1048 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
60897d36
EI		 1049 put_packet(s, buf);
1050 break;
1051 }
1052 p++;
1053 type = strtoul(p, (char **)&p, 16);
1054 sstep_flags = type;
1055 put_packet(s, "OK");
1056 break;
880a7578
AL		 1057 } else if (strcmp(p,"C") == 0) {
1058 /* "Current thread" remains vague in the spec, so always return
1059 * the first CPU (gdb returns the first thread). */
1060 put_packet(s, "QC1");
1061 break;
1062 } else if (strcmp(p,"fThreadInfo") == 0) {
52f34623 1063 s->query_cpu = first_cpu;
880a7578
AL		 1064 goto report_cpuinfo;
1065 } else if (strcmp(p,"sThreadInfo") == 0) {
1066 report_cpuinfo:
1067 if (s->query_cpu) {
52f34623 1068 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
880a7578 1069 put_packet(s, buf);
bdc44640 1070 s->query_cpu = CPU_NEXT(s->query_cpu);
880a7578
AL		 1071 } else
1072 put_packet(s, "l");
1073 break;
1074 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1075 thread = strtoull(p+16, (char **)&p, 16);
2e0f2cfb
AF		 1076 cpu = find_cpu(thread);
1077 if (cpu != NULL) {
cb446eca 1078 cpu_synchronize_state(cpu);
1e9fa730 1079 len = snprintf((char *)mem_buf, sizeof(mem_buf),
55e5c285 1080 "CPU#%d [%s]", cpu->cpu_index,
259186a7 1081 cpu->halted ? "halted " : "running");
1e9fa730
NF		 1082 memtohex(buf, mem_buf, len);
1083 put_packet(s, buf);
1084 }
880a7578 1085 break;
60897d36 1086 }
0b8a988c 1087#ifdef CONFIG_USER_ONLY
60897d36 1088 else if (strncmp(p, "Offsets", 7) == 0) {
0429a971 1089 TaskState *ts = s->c_cpu->opaque;
978efd6a 1090
363a37d5
BS		 1091 snprintf(buf, sizeof(buf),
1092 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1093 ";Bss=" TARGET_ABI_FMT_lx,
1094 ts->info->code_offset,
1095 ts->info->data_offset,
1096 ts->info->data_offset);
978efd6a
PB		 1097 put_packet(s, buf);
1098 break;
1099 }
0b8a988c 1100#else /* !CONFIG_USER_ONLY */
8a34a0fb
AL		 1101 else if (strncmp(p, "Rcmd,", 5) == 0) {
1102 int len = strlen(p + 5);
1103
1104 if ((len % 2) != 0) {
1105 put_packet(s, "E01");
1106 break;
1107 }
1108 hextomem(mem_buf, p + 5, len);
1109 len = len / 2;
1110 mem_buf[len++] = 0;
fa5efccb 1111 qemu_chr_be_write(s->mon_chr, mem_buf, len);
8a34a0fb
AL		 1112 put_packet(s, "OK");
1113 break;
1114 }
0b8a988c 1115#endif /* !CONFIG_USER_ONLY */
56aebc89 1116 if (strncmp(p, "Supported", 9) == 0) {
5b3715bf 1117 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
5b24c641
AF		 1118 cc = CPU_GET_CLASS(first_cpu);
1119 if (cc->gdb_core_xml_file != NULL) {
1120 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1121 }
56aebc89
PB		 1122 put_packet(s, buf);
1123 break;
1124 }
56aebc89
PB		 1125 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1126 const char *xml;
1127 target_ulong total_len;
1128
5b24c641
AF		 1129 cc = CPU_GET_CLASS(first_cpu);
1130 if (cc->gdb_core_xml_file == NULL) {
1131 goto unknown_command;
1132 }
1133
5b50e790 1134 gdb_has_xml = true;
56aebc89 1135 p += 19;
5b24c641 1136 xml = get_feature_xml(p, &p, cc);
56aebc89 1137 if (!xml) {
5b3715bf 1138 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1139 put_packet(s, buf);
1140 break;
1141 }
1142
1143 if (*p == ':')
1144 p++;
1145 addr = strtoul(p, (char **)&p, 16);
1146 if (*p == ',')
1147 p++;
1148 len = strtoul(p, (char **)&p, 16);
1149
1150 total_len = strlen(xml);
1151 if (addr > total_len) {
5b3715bf 1152 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1153 put_packet(s, buf);
1154 break;
1155 }
1156 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1157 len = (MAX_PACKET_LENGTH - 5) / 2;
1158 if (len < total_len - addr) {
1159 buf[0] = 'm';
1160 len = memtox(buf + 1, xml + addr, len);
1161 } else {
1162 buf[0] = 'l';
1163 len = memtox(buf + 1, xml + addr, total_len - addr);
1164 }
1165 put_packet_binary(s, buf, len + 1);
1166 break;
1167 }
56aebc89
PB		 1168 /* Unrecognised 'q' command. */
1169 goto unknown_command;
1170
858693c6 1171 default:
56aebc89 1172 unknown_command:
858693c6
FB		 1173 /* put empty packet */
1174 buf[0] = '\0';
1175 put_packet(s, buf);
1176 break;
1177 }
1178 return RS_IDLE;
1179}
1180
64f6b346 1181void gdb_set_stop_cpu(CPUState *cpu)
880a7578 1182{
2e0f2cfb
AF		 1183 gdbserver_state->c_cpu = cpu;
1184 gdbserver_state->g_cpu = cpu;
880a7578
AL		 1185}
1186
1fddef4b 1187#ifndef CONFIG_USER_ONLY
1dfb4dd9 1188static void gdb_vm_state_change(void *opaque, int running, RunState state)
858693c6 1189{
880a7578 1190 GDBState *s = gdbserver_state;
2e0f2cfb
AF		 1191 CPUArchState *env = s->c_cpu->env_ptr;
1192 CPUState *cpu = s->c_cpu;
858693c6 1193 char buf[256];
d6fc1b39 1194 const char *type;
858693c6
FB		 1195 int ret;
1196
cdb432b2
MI		 1197 if (running || s->state == RS_INACTIVE) {
1198 return;
1199 }
1200 /* Is there a GDB syscall waiting to be sent? */
1201 if (s->current_syscall_cb) {
1202 put_packet(s, s->syscall_buf);
a2d1ebaf 1203 return;
e07bbac5 1204 }
1dfb4dd9 1205 switch (state) {
0461d5a6 1206 case RUN_STATE_DEBUG:
ff4700b0
AF		 1207 if (cpu->watchpoint_hit) {
1208 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
a1d1bb31 1209 case BP_MEM_READ:
d6fc1b39
AL		 1210 type = "r";
1211 break;
a1d1bb31 1212 case BP_MEM_ACCESS:
d6fc1b39
AL		 1213 type = "a";
1214 break;
1215 default:
1216 type = "";
1217 break;
1218 }
880a7578
AL		 1219 snprintf(buf, sizeof(buf),
1220 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
0d34282f 1221 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
ff4700b0
AF		 1222 (target_ulong)cpu->watchpoint_hit->vaddr);
1223 cpu->watchpoint_hit = NULL;
425189a8 1224 goto send_packet;
6658ffb8 1225 }
425189a8 1226 tb_flush(env);
ca587a8e 1227 ret = GDB_SIGNAL_TRAP;
425189a8 1228 break;
0461d5a6 1229 case RUN_STATE_PAUSED:
9781e040 1230 ret = GDB_SIGNAL_INT;
425189a8 1231 break;
0461d5a6 1232 case RUN_STATE_SHUTDOWN:
425189a8
JK		 1233 ret = GDB_SIGNAL_QUIT;
1234 break;
0461d5a6 1235 case RUN_STATE_IO_ERROR:
425189a8
JK		 1236 ret = GDB_SIGNAL_IO;
1237 break;
0461d5a6 1238 case RUN_STATE_WATCHDOG:
425189a8
JK		 1239 ret = GDB_SIGNAL_ALRM;
1240 break;
0461d5a6 1241 case RUN_STATE_INTERNAL_ERROR:
425189a8
JK		 1242 ret = GDB_SIGNAL_ABRT;
1243 break;
0461d5a6
LC		 1244 case RUN_STATE_SAVE_VM:
1245 case RUN_STATE_RESTORE_VM:
425189a8 1246 return;
0461d5a6 1247 case RUN_STATE_FINISH_MIGRATE:
425189a8
JK		 1248 ret = GDB_SIGNAL_XCPU;
1249 break;
1250 default:
1251 ret = GDB_SIGNAL_UNKNOWN;
1252 break;
bbeb7b5c 1253 }
0d34282f 1254 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
425189a8
JK		 1255
1256send_packet:
858693c6 1257 put_packet(s, buf);
425189a8
JK		 1258
1259 /* disable single step if it was enabled */
3825b28f 1260 cpu_single_step(cpu, 0);
858693c6 1261}
1fddef4b 1262#endif
858693c6 1263
a2d1ebaf
PB		 1264/* Send a gdb syscall request.
1265 This accepts limited printf-style format specifiers, specifically:
a87295e8
PB		 1266 %x - target_ulong argument printed in hex.
1267 %lx - 64-bit argument printed in hex.
1268 %s - string pointer (target_ulong) and length (int) pair. */
7ccfb2eb 1269void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
a2d1ebaf
PB		 1270{
1271 va_list va;
a2d1ebaf 1272 char *p;
cdb432b2 1273 char *p_end;
a2d1ebaf 1274 target_ulong addr;
a87295e8 1275 uint64_t i64;
a2d1ebaf
PB		 1276 GDBState *s;
1277
880a7578 1278 s = gdbserver_state;
a2d1ebaf
PB		 1279 if (!s)
1280 return;
cdb432b2 1281 s->current_syscall_cb = cb;
a2d1ebaf 1282#ifndef CONFIG_USER_ONLY
0461d5a6 1283 vm_stop(RUN_STATE_DEBUG);
a2d1ebaf 1284#endif
a2d1ebaf 1285 va_start(va, fmt);
cdb432b2
MI		 1286 p = s->syscall_buf;
1287 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
a2d1ebaf
PB		 1288 *(p++) = 'F';
1289 while (*fmt) {
1290 if (*fmt == '%') {
1291 fmt++;
1292 switch (*fmt++) {
1293 case 'x':
1294 addr = va_arg(va, target_ulong);
cdb432b2 1295 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
a2d1ebaf 1296 break;
a87295e8
PB		 1297 case 'l':
1298 if (*(fmt++) != 'x')
1299 goto bad_format;
1300 i64 = va_arg(va, uint64_t);
cdb432b2 1301 p += snprintf(p, p_end - p, "%" PRIx64, i64);
a87295e8 1302 break;
a2d1ebaf
PB		 1303 case 's':
1304 addr = va_arg(va, target_ulong);
cdb432b2 1305 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
363a37d5 1306 addr, va_arg(va, int));
a2d1ebaf
PB		 1307 break;
1308 default:
a87295e8 1309 bad_format:
a2d1ebaf
PB		 1310 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1311 fmt - 1);
1312 break;
1313 }
1314 } else {
1315 *(p++) = *(fmt++);
1316 }
1317 }
8a93e02a 1318 *p = 0;
a2d1ebaf 1319 va_end(va);
a2d1ebaf 1320#ifdef CONFIG_USER_ONLY
cdb432b2 1321 put_packet(s, s->syscall_buf);
2e0f2cfb 1322 gdb_handlesig(s->c_cpu, 0);
a2d1ebaf 1323#else
cdb432b2
MI		 1324 /* In this case wait to send the syscall packet until notification that
1325 the CPU has stopped. This must be done because if the packet is sent
1326 now the reply from the syscall request could be received while the CPU
1327 is still in the running state, which can cause packets to be dropped
1328 and state transition 'T' packets to be sent while the syscall is still
1329 being processed. */
2e0f2cfb 1330 cpu_exit(s->c_cpu);
a2d1ebaf
PB		 1331#endif
1332}
1333
6a00d601 1334static void gdb_read_byte(GDBState *s, int ch)
858693c6
FB		 1335{
1336 int i, csum;
60fe76f3 1337 uint8_t reply;
858693c6 1338
1fddef4b 1339#ifndef CONFIG_USER_ONLY
4046d913
PB		 1340 if (s->last_packet_len) {
1341 /* Waiting for a response to the last packet. If we see the start
1342 of a new command then abandon the previous response. */
1343 if (ch == '-') {
1344#ifdef DEBUG_GDB
1345 printf("Got NACK, retransmitting\n");
1346#endif
ffe8ab83 1347 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
4046d913
PB		 1348 }
1349#ifdef DEBUG_GDB
1350 else if (ch == '+')
1351 printf("Got ACK\n");
1352 else
1353 printf("Got '%c' when expecting ACK/NACK\n", ch);
1354#endif
1355 if (ch == '+' || ch == '$')
1356 s->last_packet_len = 0;
1357 if (ch != '$')
1358 return;
1359 }
1354869c 1360 if (runstate_is_running()) {
858693c6
FB		 1361 /* when the CPU is running, we cannot do anything except stop
1362 it when receiving a char */
0461d5a6 1363 vm_stop(RUN_STATE_PAUSED);
5fafdf24 1364 } else
1fddef4b 1365#endif
41625033 1366 {
858693c6
FB		 1367 switch(s->state) {
1368 case RS_IDLE:
1369 if (ch == '$') {
1370 s->line_buf_index = 0;
1371 s->state = RS_GETLINE;
c33a346e 1372 }
b4608c04 1373 break;
858693c6
FB		 1374 case RS_GETLINE:
1375 if (ch == '#') {
1376 s->state = RS_CHKSUM1;
1377 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1378 s->state = RS_IDLE;
4c3a88a2 1379 } else {
858693c6 1380 s->line_buf[s->line_buf_index++] = ch;
4c3a88a2
FB		 1381 }
1382 break;
858693c6
FB		 1383 case RS_CHKSUM1:
1384 s->line_buf[s->line_buf_index] = '\0';
1385 s->line_csum = fromhex(ch) << 4;
1386 s->state = RS_CHKSUM2;
1387 break;
1388 case RS_CHKSUM2:
1389 s->line_csum |= fromhex(ch);
1390 csum = 0;
1391 for(i = 0; i < s->line_buf_index; i++) {
1392 csum += s->line_buf[i];
1393 }
1394 if (s->line_csum != (csum & 0xff)) {
60fe76f3
TS		 1395 reply = '-';
1396 put_buffer(s, &reply, 1);
858693c6 1397 s->state = RS_IDLE;
4c3a88a2 1398 } else {
60fe76f3
TS		 1399 reply = '+';
1400 put_buffer(s, &reply, 1);
880a7578 1401 s->state = gdb_handle_packet(s, s->line_buf);
4c3a88a2
FB		 1402 }
1403 break;
a2d1ebaf
PB		 1404 default:
1405 abort();
858693c6
FB		 1406 }
1407 }
1408}
1409
0e1c9c54 1410/* Tell the remote gdb that the process has exited. */
9349b4f9 1411void gdb_exit(CPUArchState *env, int code)
0e1c9c54
PB		 1412{
1413 GDBState *s;
1414 char buf[4];
1415
1416 s = gdbserver_state;
1417 if (!s) {
1418 return;
1419 }
1420#ifdef CONFIG_USER_ONLY
1421 if (gdbserver_fd < 0 || s->fd < 0) {
1422 return;
1423 }
1424#endif
1425
1426 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1427 put_packet(s, buf);
e2af15b2
FC		 1428
1429#ifndef CONFIG_USER_ONLY
1430 if (s->chr) {
70f24fb6 1431 qemu_chr_delete(s->chr);
e2af15b2
FC		 1432 }
1433#endif
0e1c9c54
PB		 1434}
1435
1fddef4b 1436#ifdef CONFIG_USER_ONLY
ca587a8e
AJ		 1437int
1438gdb_queuesig (void)
1439{
1440 GDBState *s;
1441
1442 s = gdbserver_state;
1443
1444 if (gdbserver_fd < 0 || s->fd < 0)
1445 return 0;
1446 else
1447 return 1;
1448}
1449
1fddef4b 1450int
db6b81d4 1451gdb_handlesig(CPUState *cpu, int sig)
1fddef4b 1452{
db6b81d4 1453 CPUArchState *env = cpu->env_ptr;
5ca666c7
AF		 1454 GDBState *s;
1455 char buf[256];
1456 int n;
1fddef4b 1457
5ca666c7
AF		 1458 s = gdbserver_state;
1459 if (gdbserver_fd < 0 || s->fd < 0) {
1460 return sig;
1461 }
1fddef4b 1462
5ca666c7 1463 /* disable single step if it was enabled */
3825b28f 1464 cpu_single_step(cpu, 0);
5ca666c7 1465 tb_flush(env);
1fddef4b 1466
5ca666c7
AF		 1467 if (sig != 0) {
1468 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1469 put_packet(s, buf);
1470 }
1471 /* put_packet() might have detected that the peer terminated the
1472 connection. */
1473 if (s->fd < 0) {
1474 return sig;
1475 }
1fddef4b 1476
5ca666c7
AF		 1477 sig = 0;
1478 s->state = RS_IDLE;
1479 s->running_state = 0;
1480 while (s->running_state == 0) {
1481 n = read(s->fd, buf, 256);
1482 if (n > 0) {
1483 int i;
1484
1485 for (i = 0; i < n; i++) {
1486 gdb_read_byte(s, buf[i]);
1487 }
1488 } else if (n == 0 || errno != EAGAIN) {
1489 /* XXX: Connection closed. Should probably wait for another
1490 connection before continuing. */
1491 return sig;
1fddef4b 1492 }
5ca666c7
AF		 1493 }
1494 sig = s->signal;
1495 s->signal = 0;
1496 return sig;
1fddef4b 1497}
e9009676 1498
ca587a8e 1499/* Tell the remote gdb that the process has exited due to SIG. */
9349b4f9 1500void gdb_signalled(CPUArchState *env, int sig)
ca587a8e 1501{
5ca666c7
AF		 1502 GDBState *s;
1503 char buf[4];
ca587a8e 1504
5ca666c7
AF		 1505 s = gdbserver_state;
1506 if (gdbserver_fd < 0 || s->fd < 0) {
1507 return;
1508 }
ca587a8e 1509
5ca666c7
AF		 1510 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1511 put_packet(s, buf);
ca587a8e 1512}
1fddef4b 1513
880a7578 1514static void gdb_accept(void)
858693c6
FB		 1515{
1516 GDBState *s;
1517 struct sockaddr_in sockaddr;
1518 socklen_t len;
bf1c852a 1519 int fd;
858693c6
FB		 1520
1521 for(;;) {
1522 len = sizeof(sockaddr);
1523 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1524 if (fd < 0 && errno != EINTR) {
1525 perror("accept");
1526 return;
1527 } else if (fd >= 0) {
40ff6d7e
KW		 1528#ifndef _WIN32
1529 fcntl(fd, F_SETFD, FD_CLOEXEC);
1530#endif
b4608c04
FB		 1531 break;
1532 }
1533 }
858693c6
FB		 1534
1535 /* set short latency */
bf1c852a 1536 socket_set_nodelay(fd);
3b46e624 1537
7267c094 1538 s = g_malloc0(sizeof(GDBState));
2e0f2cfb
AF		 1539 s->c_cpu = first_cpu;
1540 s->g_cpu = first_cpu;
858693c6 1541 s->fd = fd;
5b50e790 1542 gdb_has_xml = false;
858693c6 1543
880a7578 1544 gdbserver_state = s;
a2d1ebaf 1545
858693c6 1546 fcntl(fd, F_SETFL, O_NONBLOCK);
858693c6
FB		 1547}
1548
1549static int gdbserver_open(int port)
1550{
1551 struct sockaddr_in sockaddr;
6669ca13 1552 int fd, ret;
858693c6
FB		 1553
1554 fd = socket(PF_INET, SOCK_STREAM, 0);
1555 if (fd < 0) {
1556 perror("socket");
1557 return -1;
1558 }
40ff6d7e
KW		 1559#ifndef _WIN32
1560 fcntl(fd, F_SETFD, FD_CLOEXEC);
1561#endif
858693c6 1562
6669ca13 1563 socket_set_fast_reuse(fd);
858693c6
FB		 1564
1565 sockaddr.sin_family = AF_INET;
1566 sockaddr.sin_port = htons(port);
1567 sockaddr.sin_addr.s_addr = 0;
1568 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1569 if (ret < 0) {
1570 perror("bind");
bb16172c 1571 close(fd);
858693c6
FB		 1572 return -1;
1573 }
1574 ret = listen(fd, 0);
1575 if (ret < 0) {
1576 perror("listen");
bb16172c 1577 close(fd);
858693c6
FB		 1578 return -1;
1579 }
858693c6
FB		 1580 return fd;
1581}
1582
1583int gdbserver_start(int port)
1584{
1585 gdbserver_fd = gdbserver_open(port);
1586 if (gdbserver_fd < 0)
1587 return -1;
1588 /* accept connections */
880a7578 1589 gdb_accept();
4046d913
PB		 1590 return 0;
1591}
2b1319c8
AJ		 1592
1593/* Disable gdb stub for child processes. */
9349b4f9 1594void gdbserver_fork(CPUArchState *env)
2b1319c8
AJ		 1595{
1596 GDBState *s = gdbserver_state;
9f6164d6 1597 if (gdbserver_fd < 0 || s->fd < 0)
2b1319c8
AJ		 1598 return;
1599 close(s->fd);
1600 s->fd = -1;
1601 cpu_breakpoint_remove_all(env, BP_GDB);
1602 cpu_watchpoint_remove_all(env, BP_GDB);
1603}
1fddef4b 1604#else
aa1f17c1 1605static int gdb_chr_can_receive(void *opaque)
4046d913 1606{
56aebc89
PB		 1607 /* We can handle an arbitrarily large amount of data.
1608 Pick the maximum packet size, which is as good as anything. */
1609 return MAX_PACKET_LENGTH;
4046d913
PB		 1610}
1611
aa1f17c1 1612static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
4046d913 1613{
4046d913
PB		 1614 int i;
1615
1616 for (i = 0; i < size; i++) {
880a7578 1617 gdb_read_byte(gdbserver_state, buf[i]);
4046d913
PB		 1618 }
1619}
1620
1621static void gdb_chr_event(void *opaque, int event)
1622{
1623 switch (event) {
b6b8df56 1624 case CHR_EVENT_OPENED:
0461d5a6 1625 vm_stop(RUN_STATE_PAUSED);
5b50e790 1626 gdb_has_xml = false;
4046d913
PB		 1627 break;
1628 default:
1629 break;
1630 }
1631}
1632
8a34a0fb
AL		 1633static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1634{
1635 char buf[MAX_PACKET_LENGTH];
1636
1637 buf[0] = 'O';
1638 if (len > (MAX_PACKET_LENGTH/2) - 1)
1639 len = (MAX_PACKET_LENGTH/2) - 1;
1640 memtohex(buf + 1, (uint8_t *)msg, len);
1641 put_packet(s, buf);
1642}
1643
1644static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1645{
1646 const char *p = (const char *)buf;
1647 int max_sz;
1648
1649 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1650 for (;;) {
1651 if (len <= max_sz) {
1652 gdb_monitor_output(gdbserver_state, p, len);
1653 break;
1654 }
1655 gdb_monitor_output(gdbserver_state, p, max_sz);
1656 p += max_sz;
1657 len -= max_sz;
1658 }
1659 return len;
1660}
1661
59030a8c
AL		 1662#ifndef _WIN32
1663static void gdb_sigterm_handler(int signal)
1664{
1354869c 1665 if (runstate_is_running()) {
0461d5a6 1666 vm_stop(RUN_STATE_PAUSED);
e07bbac5 1667 }
59030a8c
AL		 1668}
1669#endif
1670
1671int gdbserver_start(const char *device)
4046d913
PB		 1672{
1673 GDBState *s;
59030a8c 1674 char gdbstub_device_name[128];
36556b20
AL		 1675 CharDriverState *chr = NULL;
1676 CharDriverState *mon_chr;
cfc3475a 1677
59030a8c
AL		 1678 if (!device)
1679 return -1;
1680 if (strcmp(device, "none") != 0) {
1681 if (strstart(device, "tcp:", NULL)) {
1682 /* enforce required TCP attributes */
1683 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1684 "%s,nowait,nodelay,server", device);
1685 device = gdbstub_device_name;
36556b20 1686 }
59030a8c
AL		 1687#ifndef _WIN32
1688 else if (strcmp(device, "stdio") == 0) {
1689 struct sigaction act;
4046d913 1690
59030a8c
AL		 1691 memset(&act, 0, sizeof(act));
1692 act.sa_handler = gdb_sigterm_handler;
1693 sigaction(SIGINT, &act, NULL);
1694 }
1695#endif
27143a44 1696 chr = qemu_chr_new("gdb", device, NULL);
36556b20
AL		 1697 if (!chr)
1698 return -1;
1699
456d6069 1700 qemu_chr_fe_claim_no_fail(chr);
36556b20
AL		 1701 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1702 gdb_chr_event, NULL);
cfc3475a
PB		 1703 }
1704
36556b20
AL		 1705 s = gdbserver_state;
1706 if (!s) {
7267c094 1707 s = g_malloc0(sizeof(GDBState));
36556b20 1708 gdbserver_state = s;
4046d913 1709
36556b20
AL		 1710 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1711
1712 /* Initialize a monitor terminal for gdb */
7267c094 1713 mon_chr = g_malloc0(sizeof(*mon_chr));
36556b20
AL		 1714 mon_chr->chr_write = gdb_monitor_write;
1715 monitor_init(mon_chr, 0);
1716 } else {
1717 if (s->chr)
70f24fb6 1718 qemu_chr_delete(s->chr);
36556b20
AL		 1719 mon_chr = s->mon_chr;
1720 memset(s, 0, sizeof(GDBState));
1721 }
2e0f2cfb
AF		 1722 s->c_cpu = first_cpu;
1723 s->g_cpu = first_cpu;
4046d913 1724 s->chr = chr;
36556b20
AL		 1725 s->state = chr ? RS_IDLE : RS_INACTIVE;
1726 s->mon_chr = mon_chr;
cdb432b2 1727 s->current_syscall_cb = NULL;
8a34a0fb 1728
b4608c04
FB		 1729 return 0;
1730}
4046d913 1731#endif
QEMU mirror