]> git.proxmox.com Git - qemu.git/blob - gdbstub.c
projects / qemu.git / blob
? search:
summary | shortlog | log | commit | commitdiff | tree
blame | history | raw | HEAD
target-alpha: Move cpu_gdb_{read,write}_register()
[qemu.git] / gdbstub.c
1 /*
2 * gdb server stub
3 *
4 * Copyright (c) 2003-2005 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "config.h"
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
22 #include <stdlib.h>
23 #include <stdio.h>
24 #include <stdarg.h>
25 #include <string.h>
26 #include <errno.h>
27 #include <unistd.h>
28 #include <fcntl.h>
29
30 #include "qemu.h"
31 #else
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
36 #endif
37
38 #define MAX_PACKET_LENGTH 4096
39
40 #include "cpu.h"
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
43 #include "qemu/bitops.h"
44
45 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
46 uint8_t *buf, int len, bool is_write)
47 {
48 CPUClass *cc = CPU_GET_CLASS(cpu);
49
50 if (cc->memory_rw_debug) {
51 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
52 }
53 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
54 }
55
56 enum {
57 GDB_SIGNAL_0 = 0,
58 GDB_SIGNAL_INT = 2,
59 GDB_SIGNAL_QUIT = 3,
60 GDB_SIGNAL_TRAP = 5,
61 GDB_SIGNAL_ABRT = 6,
62 GDB_SIGNAL_ALRM = 14,
63 GDB_SIGNAL_IO = 23,
64 GDB_SIGNAL_XCPU = 24,
65 GDB_SIGNAL_UNKNOWN = 143
66 };
67
68 #ifdef CONFIG_USER_ONLY
69
70 /* Map target signal numbers to GDB protocol signal numbers and vice
71 * versa. For user emulation's currently supported systems, we can
72 * assume most signals are defined.
73 */
74
75 static int gdb_signal_table[] = {
76 0,
77 TARGET_SIGHUP,
78 TARGET_SIGINT,
79 TARGET_SIGQUIT,
80 TARGET_SIGILL,
81 TARGET_SIGTRAP,
82 TARGET_SIGABRT,
83 -1, /* SIGEMT */
84 TARGET_SIGFPE,
85 TARGET_SIGKILL,
86 TARGET_SIGBUS,
87 TARGET_SIGSEGV,
88 TARGET_SIGSYS,
89 TARGET_SIGPIPE,
90 TARGET_SIGALRM,
91 TARGET_SIGTERM,
92 TARGET_SIGURG,
93 TARGET_SIGSTOP,
94 TARGET_SIGTSTP,
95 TARGET_SIGCONT,
96 TARGET_SIGCHLD,
97 TARGET_SIGTTIN,
98 TARGET_SIGTTOU,
99 TARGET_SIGIO,
100 TARGET_SIGXCPU,
101 TARGET_SIGXFSZ,
102 TARGET_SIGVTALRM,
103 TARGET_SIGPROF,
104 TARGET_SIGWINCH,
105 -1, /* SIGLOST */
106 TARGET_SIGUSR1,
107 TARGET_SIGUSR2,
108 #ifdef TARGET_SIGPWR
109 TARGET_SIGPWR,
110 #else
111 -1,
112 #endif
113 -1, /* SIGPOLL */
114 -1,
115 -1,
116 -1,
117 -1,
118 -1,
119 -1,
120 -1,
121 -1,
122 -1,
123 -1,
124 -1,
125 #ifdef __SIGRTMIN
126 __SIGRTMIN + 1,
127 __SIGRTMIN + 2,
128 __SIGRTMIN + 3,
129 __SIGRTMIN + 4,
130 __SIGRTMIN + 5,
131 __SIGRTMIN + 6,
132 __SIGRTMIN + 7,
133 __SIGRTMIN + 8,
134 __SIGRTMIN + 9,
135 __SIGRTMIN + 10,
136 __SIGRTMIN + 11,
137 __SIGRTMIN + 12,
138 __SIGRTMIN + 13,
139 __SIGRTMIN + 14,
140 __SIGRTMIN + 15,
141 __SIGRTMIN + 16,
142 __SIGRTMIN + 17,
143 __SIGRTMIN + 18,
144 __SIGRTMIN + 19,
145 __SIGRTMIN + 20,
146 __SIGRTMIN + 21,
147 __SIGRTMIN + 22,
148 __SIGRTMIN + 23,
149 __SIGRTMIN + 24,
150 __SIGRTMIN + 25,
151 __SIGRTMIN + 26,
152 __SIGRTMIN + 27,
153 __SIGRTMIN + 28,
154 __SIGRTMIN + 29,
155 __SIGRTMIN + 30,
156 __SIGRTMIN + 31,
157 -1, /* SIGCANCEL */
158 __SIGRTMIN,
159 __SIGRTMIN + 32,
160 __SIGRTMIN + 33,
161 __SIGRTMIN + 34,
162 __SIGRTMIN + 35,
163 __SIGRTMIN + 36,
164 __SIGRTMIN + 37,
165 __SIGRTMIN + 38,
166 __SIGRTMIN + 39,
167 __SIGRTMIN + 40,
168 __SIGRTMIN + 41,
169 __SIGRTMIN + 42,
170 __SIGRTMIN + 43,
171 __SIGRTMIN + 44,
172 __SIGRTMIN + 45,
173 __SIGRTMIN + 46,
174 __SIGRTMIN + 47,
175 __SIGRTMIN + 48,
176 __SIGRTMIN + 49,
177 __SIGRTMIN + 50,
178 __SIGRTMIN + 51,
179 __SIGRTMIN + 52,
180 __SIGRTMIN + 53,
181 __SIGRTMIN + 54,
182 __SIGRTMIN + 55,
183 __SIGRTMIN + 56,
184 __SIGRTMIN + 57,
185 __SIGRTMIN + 58,
186 __SIGRTMIN + 59,
187 __SIGRTMIN + 60,
188 __SIGRTMIN + 61,
189 __SIGRTMIN + 62,
190 __SIGRTMIN + 63,
191 __SIGRTMIN + 64,
192 __SIGRTMIN + 65,
193 __SIGRTMIN + 66,
194 __SIGRTMIN + 67,
195 __SIGRTMIN + 68,
196 __SIGRTMIN + 69,
197 __SIGRTMIN + 70,
198 __SIGRTMIN + 71,
199 __SIGRTMIN + 72,
200 __SIGRTMIN + 73,
201 __SIGRTMIN + 74,
202 __SIGRTMIN + 75,
203 __SIGRTMIN + 76,
204 __SIGRTMIN + 77,
205 __SIGRTMIN + 78,
206 __SIGRTMIN + 79,
207 __SIGRTMIN + 80,
208 __SIGRTMIN + 81,
209 __SIGRTMIN + 82,
210 __SIGRTMIN + 83,
211 __SIGRTMIN + 84,
212 __SIGRTMIN + 85,
213 __SIGRTMIN + 86,
214 __SIGRTMIN + 87,
215 __SIGRTMIN + 88,
216 __SIGRTMIN + 89,
217 __SIGRTMIN + 90,
218 __SIGRTMIN + 91,
219 __SIGRTMIN + 92,
220 __SIGRTMIN + 93,
221 __SIGRTMIN + 94,
222 __SIGRTMIN + 95,
223 -1, /* SIGINFO */
224 -1, /* UNKNOWN */
225 -1, /* DEFAULT */
226 -1,
227 -1,
228 -1,
229 -1,
230 -1,
231 -1
232 #endif
233 };
234 #else
235 /* In system mode we only need SIGINT and SIGTRAP; other signals
236 are not yet supported. */
237
238 enum {
239 TARGET_SIGINT = 2,
240 TARGET_SIGTRAP = 5
241 };
242
243 static int gdb_signal_table[] = {
244 -1,
245 -1,
246 TARGET_SIGINT,
247 -1,
248 -1,
249 TARGET_SIGTRAP
250 };
251 #endif
252
253 #ifdef CONFIG_USER_ONLY
254 static int target_signal_to_gdb (int sig)
255 {
256 int i;
257 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
258 if (gdb_signal_table[i] == sig)
259 return i;
260 return GDB_SIGNAL_UNKNOWN;
261 }
262 #endif
263
264 static int gdb_signal_to_target (int sig)
265 {
266 if (sig < ARRAY_SIZE (gdb_signal_table))
267 return gdb_signal_table[sig];
268 else
269 return -1;
270 }
271
272 //#define DEBUG_GDB
273
274 typedef struct GDBRegisterState {
275 int base_reg;
276 int num_regs;
277 gdb_reg_cb get_reg;
278 gdb_reg_cb set_reg;
279 const char *xml;
280 struct GDBRegisterState *next;
281 } GDBRegisterState;
282
283 enum RSState {
284 RS_INACTIVE,
285 RS_IDLE,
286 RS_GETLINE,
287 RS_CHKSUM1,
288 RS_CHKSUM2,
289 };
290 typedef struct GDBState {
291 CPUState *c_cpu; /* current CPU for step/continue ops */
292 CPUState *g_cpu; /* current CPU for other ops */
293 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
294 enum RSState state; /* parsing state */
295 char line_buf[MAX_PACKET_LENGTH];
296 int line_buf_index;
297 int line_csum;
298 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
299 int last_packet_len;
300 int signal;
301 #ifdef CONFIG_USER_ONLY
302 int fd;
303 int running_state;
304 #else
305 CharDriverState *chr;
306 CharDriverState *mon_chr;
307 #endif
308 char syscall_buf[256];
309 gdb_syscall_complete_cb current_syscall_cb;
310 } GDBState;
311
312 /* By default use no IRQs and no timers while single stepping so as to
313 * make single stepping like an ICE HW step.
314 */
315 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
316
317 static GDBState *gdbserver_state;
318
319 /* This is an ugly hack to cope with both new and old gdb.
320 If gdb sends qXfer:features:read then assume we're talking to a newish
321 gdb that understands target descriptions. */
322 static int gdb_has_xml;
323
324 #ifdef CONFIG_USER_ONLY
325 /* XXX: This is not thread safe. Do we care? */
326 static int gdbserver_fd = -1;
327
328 static int get_char(GDBState *s)
329 {
330 uint8_t ch;
331 int ret;
332
333 for(;;) {
334 ret = qemu_recv(s->fd, &ch, 1, 0);
335 if (ret < 0) {
336 if (errno == ECONNRESET)
337 s->fd = -1;
338 if (errno != EINTR && errno != EAGAIN)
339 return -1;
340 } else if (ret == 0) {
341 close(s->fd);
342 s->fd = -1;
343 return -1;
344 } else {
345 break;
346 }
347 }
348 return ch;
349 }
350 #endif
351
352 static enum {
353 GDB_SYS_UNKNOWN,
354 GDB_SYS_ENABLED,
355 GDB_SYS_DISABLED,
356 } gdb_syscall_mode;
357
358 /* If gdb is connected when the first semihosting syscall occurs then use
359 remote gdb syscalls. Otherwise use native file IO. */
360 int use_gdb_syscalls(void)
361 {
362 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
363 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
364 : GDB_SYS_DISABLED);
365 }
366 return gdb_syscall_mode == GDB_SYS_ENABLED;
367 }
368
369 /* Resume execution. */
370 static inline void gdb_continue(GDBState *s)
371 {
372 #ifdef CONFIG_USER_ONLY
373 s->running_state = 1;
374 #else
375 if (runstate_check(RUN_STATE_GUEST_PANICKED)) {
376 runstate_set(RUN_STATE_DEBUG);
377 }
378 if (!runstate_needs_reset()) {
379 vm_start();
380 }
381 #endif
382 }
383
384 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
385 {
386 #ifdef CONFIG_USER_ONLY
387 int ret;
388
389 while (len > 0) {
390 ret = send(s->fd, buf, len, 0);
391 if (ret < 0) {
392 if (errno != EINTR && errno != EAGAIN)
393 return;
394 } else {
395 buf += ret;
396 len -= ret;
397 }
398 }
399 #else
400 qemu_chr_fe_write(s->chr, buf, len);
401 #endif
402 }
403
404 static inline int fromhex(int v)
405 {
406 if (v >= '0' && v <= '9')
407 return v - '0';
408 else if (v >= 'A' && v <= 'F')
409 return v - 'A' + 10;
410 else if (v >= 'a' && v <= 'f')
411 return v - 'a' + 10;
412 else
413 return 0;
414 }
415
416 static inline int tohex(int v)
417 {
418 if (v < 10)
419 return v + '0';
420 else
421 return v - 10 + 'a';
422 }
423
424 static void memtohex(char *buf, const uint8_t *mem, int len)
425 {
426 int i, c;
427 char *q;
428 q = buf;
429 for(i = 0; i < len; i++) {
430 c = mem[i];
431 *q++ = tohex(c >> 4);
432 *q++ = tohex(c & 0xf);
433 }
434 *q = '\0';
435 }
436
437 static void hextomem(uint8_t *mem, const char *buf, int len)
438 {
439 int i;
440
441 for(i = 0; i < len; i++) {
442 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
443 buf += 2;
444 }
445 }
446
447 /* return -1 if error, 0 if OK */
448 static int put_packet_binary(GDBState *s, const char *buf, int len)
449 {
450 int csum, i;
451 uint8_t *p;
452
453 for(;;) {
454 p = s->last_packet;
455 *(p++) = '$';
456 memcpy(p, buf, len);
457 p += len;
458 csum = 0;
459 for(i = 0; i < len; i++) {
460 csum += buf[i];
461 }
462 *(p++) = '#';
463 *(p++) = tohex((csum >> 4) & 0xf);
464 *(p++) = tohex((csum) & 0xf);
465
466 s->last_packet_len = p - s->last_packet;
467 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
468
469 #ifdef CONFIG_USER_ONLY
470 i = get_char(s);
471 if (i < 0)
472 return -1;
473 if (i == '+')
474 break;
475 #else
476 break;
477 #endif
478 }
479 return 0;
480 }
481
482 /* return -1 if error, 0 if OK */
483 static int put_packet(GDBState *s, const char *buf)
484 {
485 #ifdef DEBUG_GDB
486 printf("reply='%s'\n", buf);
487 #endif
488
489 return put_packet_binary(s, buf, strlen(buf));
490 }
491
492 /* The GDB remote protocol transfers values in target byte order. This means
493 we can use the raw memory access routines to access the value buffer.
494 Conveniently, these also handle the case where the buffer is mis-aligned.
495 */
496 #define GET_REG8(val) do { \
497 stb_p(mem_buf, val); \
498 return 1; \
499 } while(0)
500 #define GET_REG16(val) do { \
501 stw_p(mem_buf, val); \
502 return 2; \
503 } while(0)
504 #define GET_REG32(val) do { \
505 stl_p(mem_buf, val); \
506 return 4; \
507 } while(0)
508 #define GET_REG64(val) do { \
509 stq_p(mem_buf, val); \
510 return 8; \
511 } while(0)
512
513 #if TARGET_LONG_BITS == 64
514 #define GET_REGL(val) GET_REG64(val)
515 #define ldtul_p(addr) ldq_p(addr)
516 #else
517 #define GET_REGL(val) GET_REG32(val)
518 #define ldtul_p(addr) ldl_p(addr)
519 #endif
520
521 #if defined(TARGET_I386)
522
523 #include "target-i386/gdbstub.c"
524
525 #elif defined (TARGET_PPC)
526
527 #if defined (TARGET_PPC64)
528 #define GDB_CORE_XML "power64-core.xml"
529 #else
530 #define GDB_CORE_XML "power-core.xml"
531 #endif
532
533 #include "target-ppc/gdbstub.c"
534
535 #elif defined (TARGET_SPARC)
536
537 #include "target-sparc/gdbstub.c"
538
539 #elif defined (TARGET_ARM)
540
541 #define GDB_CORE_XML "arm-core.xml"
542
543 #include "target-arm/gdbstub.c"
544
545 #elif defined (TARGET_M68K)
546
547 #define GDB_CORE_XML "cf-core.xml"
548
549 #include "target-m68k/gdbstub.c"
550
551 #elif defined (TARGET_MIPS)
552
553 #include "target-mips/gdbstub.c"
554
555 #elif defined(TARGET_OPENRISC)
556
557 #include "target-openrisc/gdbstub.c"
558
559 #elif defined (TARGET_SH4)
560
561 #include "target-sh4/gdbstub.c"
562
563 #elif defined (TARGET_MICROBLAZE)
564
565 #include "target-microblaze/gdbstub.c"
566
567 #elif defined (TARGET_CRIS)
568
569 #include "target-cris/gdbstub.c"
570
571 #elif defined (TARGET_ALPHA)
572
573 #include "target-alpha/gdbstub.c"
574
575 #elif defined (TARGET_S390X)
576
577 static int cpu_gdb_read_register(CPUS390XState *env, uint8_t *mem_buf, int n)
578 {
579 uint64_t val;
580 int cc_op;
581
582 switch (n) {
583 case S390_PSWM_REGNUM:
584 cc_op = calc_cc(env, env->cc_op, env->cc_src, env->cc_dst, env->cc_vr);
585 val = deposit64(env->psw.mask, 44, 2, cc_op);
586 GET_REGL(val);
587 case S390_PSWA_REGNUM:
588 GET_REGL(env->psw.addr);
589 case S390_R0_REGNUM ... S390_R15_REGNUM:
590 GET_REGL(env->regs[n-S390_R0_REGNUM]);
591 case S390_A0_REGNUM ... S390_A15_REGNUM:
592 GET_REG32(env->aregs[n-S390_A0_REGNUM]);
593 case S390_FPC_REGNUM:
594 GET_REG32(env->fpc);
595 case S390_F0_REGNUM ... S390_F15_REGNUM:
596 GET_REG64(env->fregs[n-S390_F0_REGNUM].ll);
597 }
598
599 return 0;
600 }
601
602 static int cpu_gdb_write_register(CPUS390XState *env, uint8_t *mem_buf, int n)
603 {
604 target_ulong tmpl;
605 uint32_t tmp32;
606 int r = 8;
607 tmpl = ldtul_p(mem_buf);
608 tmp32 = ldl_p(mem_buf);
609
610 switch (n) {
611 case S390_PSWM_REGNUM:
612 env->psw.mask = tmpl;
613 env->cc_op = extract64(tmpl, 44, 2);
614 break;
615 case S390_PSWA_REGNUM:
616 env->psw.addr = tmpl;
617 break;
618 case S390_R0_REGNUM ... S390_R15_REGNUM:
619 env->regs[n-S390_R0_REGNUM] = tmpl;
620 break;
621 case S390_A0_REGNUM ... S390_A15_REGNUM:
622 env->aregs[n-S390_A0_REGNUM] = tmp32;
623 r = 4;
624 break;
625 case S390_FPC_REGNUM:
626 env->fpc = tmp32;
627 r = 4;
628 break;
629 case S390_F0_REGNUM ... S390_F15_REGNUM:
630 env->fregs[n-S390_F0_REGNUM].ll = tmpl;
631 break;
632 default:
633 return 0;
634 }
635 return r;
636 }
637 #elif defined (TARGET_LM32)
638
639 #include "hw/lm32/lm32_pic.h"
640
641 static int cpu_gdb_read_register(CPULM32State *env, uint8_t *mem_buf, int n)
642 {
643 if (n < 32) {
644 GET_REG32(env->regs[n]);
645 } else {
646 switch (n) {
647 case 32:
648 GET_REG32(env->pc);
649 /* FIXME: put in right exception ID */
650 case 33:
651 GET_REG32(0);
652 case 34:
653 GET_REG32(env->eba);
654 case 35:
655 GET_REG32(env->deba);
656 case 36:
657 GET_REG32(env->ie);
658 case 37:
659 GET_REG32(lm32_pic_get_im(env->pic_state));
660 case 38:
661 GET_REG32(lm32_pic_get_ip(env->pic_state));
662 }
663 }
664 return 0;
665 }
666
667 static int cpu_gdb_write_register(CPULM32State *env, uint8_t *mem_buf, int n)
668 {
669 LM32CPU *cpu = lm32_env_get_cpu(env);
670 CPUClass *cc = CPU_GET_CLASS(cpu);
671 uint32_t tmp;
672
673 if (n > cc->gdb_num_core_regs) {
674 return 0;
675 }
676
677 tmp = ldl_p(mem_buf);
678
679 if (n < 32) {
680 env->regs[n] = tmp;
681 } else {
682 switch (n) {
683 case 32:
684 env->pc = tmp;
685 break;
686 case 34:
687 env->eba = tmp;
688 break;
689 case 35:
690 env->deba = tmp;
691 break;
692 case 36:
693 env->ie = tmp;
694 break;
695 case 37:
696 lm32_pic_set_im(env->pic_state, tmp);
697 break;
698 case 38:
699 lm32_pic_set_ip(env->pic_state, tmp);
700 break;
701 }
702 }
703 return 4;
704 }
705 #elif defined(TARGET_XTENSA)
706
707 static int cpu_gdb_read_register(CPUXtensaState *env, uint8_t *mem_buf, int n)
708 {
709 const XtensaGdbReg *reg = env->config->gdb_regmap.reg + n;
710
711 if (n < 0 || n >= env->config->gdb_regmap.num_regs) {
712 return 0;
713 }
714
715 switch (reg->type) {
716 case 9: /*pc*/
717 GET_REG32(env->pc);
718
719 case 1: /*ar*/
720 xtensa_sync_phys_from_window(env);
721 GET_REG32(env->phys_regs[(reg->targno & 0xff) % env->config->nareg]);
722
723 case 2: /*SR*/
724 GET_REG32(env->sregs[reg->targno & 0xff]);
725
726 case 3: /*UR*/
727 GET_REG32(env->uregs[reg->targno & 0xff]);
728
729 case 4: /*f*/
730 GET_REG32(float32_val(env->fregs[reg->targno & 0x0f]));
731
732 case 8: /*a*/
733 GET_REG32(env->regs[reg->targno & 0x0f]);
734
735 default:
736 qemu_log("%s from reg %d of unsupported type %d\n",
737 __func__, n, reg->type);
738 return 0;
739 }
740 }
741
742 static int cpu_gdb_write_register(CPUXtensaState *env, uint8_t *mem_buf, int n)
743 {
744 uint32_t tmp;
745 const XtensaGdbReg *reg = env->config->gdb_regmap.reg + n;
746
747 if (n < 0 || n >= env->config->gdb_regmap.num_regs) {
748 return 0;
749 }
750
751 tmp = ldl_p(mem_buf);
752
753 switch (reg->type) {
754 case 9: /*pc*/
755 env->pc = tmp;
756 break;
757
758 case 1: /*ar*/
759 env->phys_regs[(reg->targno & 0xff) % env->config->nareg] = tmp;
760 xtensa_sync_window_from_phys(env);
761 break;
762
763 case 2: /*SR*/
764 env->sregs[reg->targno & 0xff] = tmp;
765 break;
766
767 case 3: /*UR*/
768 env->uregs[reg->targno & 0xff] = tmp;
769 break;
770
771 case 4: /*f*/
772 env->fregs[reg->targno & 0x0f] = make_float32(tmp);
773 break;
774
775 case 8: /*a*/
776 env->regs[reg->targno & 0x0f] = tmp;
777 break;
778
779 default:
780 qemu_log("%s to reg %d of unsupported type %d\n",
781 __func__, n, reg->type);
782 return 0;
783 }
784
785 return 4;
786 }
787 #else
788
789 static int cpu_gdb_read_register(CPUArchState *env, uint8_t *mem_buf, int n)
790 {
791 return 0;
792 }
793
794 static int cpu_gdb_write_register(CPUArchState *env, uint8_t *mem_buf, int n)
795 {
796 return 0;
797 }
798
799 #endif
800
801 #ifdef GDB_CORE_XML
802 /* Encode data using the encoding for 'x' packets. */
803 static int memtox(char *buf, const char *mem, int len)
804 {
805 char *p = buf;
806 char c;
807
808 while (len--) {
809 c = *(mem++);
810 switch (c) {
811 case '#': case '$': case '*': case '}':
812 *(p++) = '}';
813 *(p++) = c ^ 0x20;
814 break;
815 default:
816 *(p++) = c;
817 break;
818 }
819 }
820 return p - buf;
821 }
822
823 static const char *get_feature_xml(const char *p, const char **newp)
824 {
825 size_t len;
826 int i;
827 const char *name;
828 static char target_xml[1024];
829
830 len = 0;
831 while (p[len] && p[len] != ':')
832 len++;
833 *newp = p + len;
834
835 name = NULL;
836 if (strncmp(p, "target.xml", len) == 0) {
837 /* Generate the XML description for this CPU. */
838 if (!target_xml[0]) {
839 GDBRegisterState *r;
840 CPUState *cpu = first_cpu;
841
842 snprintf(target_xml, sizeof(target_xml),
843 "<?xml version=\"1.0\"?>"
844 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
845 "<target>"
846 "<xi:include href=\"%s\"/>",
847 GDB_CORE_XML);
848
849 for (r = cpu->gdb_regs; r; r = r->next) {
850 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
851 pstrcat(target_xml, sizeof(target_xml), r->xml);
852 pstrcat(target_xml, sizeof(target_xml), "\"/>");
853 }
854 pstrcat(target_xml, sizeof(target_xml), "</target>");
855 }
856 return target_xml;
857 }
858 for (i = 0; ; i++) {
859 name = xml_builtin[i][0];
860 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
861 break;
862 }
863 return name ? xml_builtin[i][1] : NULL;
864 }
865 #endif
866
867 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
868 {
869 CPUClass *cc = CPU_GET_CLASS(cpu);
870 CPUArchState *env = cpu->env_ptr;
871 GDBRegisterState *r;
872
873 if (reg < cc->gdb_num_core_regs) {
874 return cpu_gdb_read_register(env, mem_buf, reg);
875 }
876
877 for (r = cpu->gdb_regs; r; r = r->next) {
878 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
879 return r->get_reg(env, mem_buf, reg - r->base_reg);
880 }
881 }
882 return 0;
883 }
884
885 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
886 {
887 CPUClass *cc = CPU_GET_CLASS(cpu);
888 CPUArchState *env = cpu->env_ptr;
889 GDBRegisterState *r;
890
891 if (reg < cc->gdb_num_core_regs) {
892 return cpu_gdb_write_register(env, mem_buf, reg);
893 }
894
895 for (r = cpu->gdb_regs; r; r = r->next) {
896 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
897 return r->set_reg(env, mem_buf, reg - r->base_reg);
898 }
899 }
900 return 0;
901 }
902
903 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
904 specifies the first register number and these registers are included in
905 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
906 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
907 */
908
909 void gdb_register_coprocessor(CPUState *cpu,
910 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
911 int num_regs, const char *xml, int g_pos)
912 {
913 GDBRegisterState *s;
914 GDBRegisterState **p;
915
916 p = &cpu->gdb_regs;
917 while (*p) {
918 /* Check for duplicates. */
919 if (strcmp((*p)->xml, xml) == 0)
920 return;
921 p = &(*p)->next;
922 }
923
924 s = g_new0(GDBRegisterState, 1);
925 s->base_reg = cpu->gdb_num_regs;
926 s->num_regs = num_regs;
927 s->get_reg = get_reg;
928 s->set_reg = set_reg;
929 s->xml = xml;
930
931 /* Add to end of list. */
932 cpu->gdb_num_regs += num_regs;
933 *p = s;
934 if (g_pos) {
935 if (g_pos != s->base_reg) {
936 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
937 "Expected %d got %d\n", xml, g_pos, s->base_reg);
938 }
939 }
940 }
941
942 #ifndef CONFIG_USER_ONLY
943 static const int xlat_gdb_type[] = {
944 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
945 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
946 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
947 };
948 #endif
949
950 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
951 {
952 CPUState *cpu;
953 CPUArchState *env;
954 int err = 0;
955
956 if (kvm_enabled()) {
957 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
958 }
959
960 switch (type) {
961 case GDB_BREAKPOINT_SW:
962 case GDB_BREAKPOINT_HW:
963 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
964 env = cpu->env_ptr;
965 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
966 if (err)
967 break;
968 }
969 return err;
970 #ifndef CONFIG_USER_ONLY
971 case GDB_WATCHPOINT_WRITE:
972 case GDB_WATCHPOINT_READ:
973 case GDB_WATCHPOINT_ACCESS:
974 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
975 env = cpu->env_ptr;
976 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
977 NULL);
978 if (err)
979 break;
980 }
981 return err;
982 #endif
983 default:
984 return -ENOSYS;
985 }
986 }
987
988 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
989 {
990 CPUState *cpu;
991 CPUArchState *env;
992 int err = 0;
993
994 if (kvm_enabled()) {
995 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
996 }
997
998 switch (type) {
999 case GDB_BREAKPOINT_SW:
1000 case GDB_BREAKPOINT_HW:
1001 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
1002 env = cpu->env_ptr;
1003 err = cpu_breakpoint_remove(env, addr, BP_GDB);
1004 if (err)
1005 break;
1006 }
1007 return err;
1008 #ifndef CONFIG_USER_ONLY
1009 case GDB_WATCHPOINT_WRITE:
1010 case GDB_WATCHPOINT_READ:
1011 case GDB_WATCHPOINT_ACCESS:
1012 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
1013 env = cpu->env_ptr;
1014 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
1015 if (err)
1016 break;
1017 }
1018 return err;
1019 #endif
1020 default:
1021 return -ENOSYS;
1022 }
1023 }
1024
1025 static void gdb_breakpoint_remove_all(void)
1026 {
1027 CPUState *cpu;
1028 CPUArchState *env;
1029
1030 if (kvm_enabled()) {
1031 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1032 return;
1033 }
1034
1035 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
1036 env = cpu->env_ptr;
1037 cpu_breakpoint_remove_all(env, BP_GDB);
1038 #ifndef CONFIG_USER_ONLY
1039 cpu_watchpoint_remove_all(env, BP_GDB);
1040 #endif
1041 }
1042 }
1043
1044 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1045 {
1046 CPUState *cpu = s->c_cpu;
1047 CPUClass *cc = CPU_GET_CLASS(cpu);
1048
1049 cpu_synchronize_state(cpu);
1050 if (cc->set_pc) {
1051 cc->set_pc(cpu, pc);
1052 }
1053 }
1054
1055 static CPUState *find_cpu(uint32_t thread_id)
1056 {
1057 CPUState *cpu;
1058
1059 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
1060 if (cpu_index(cpu) == thread_id) {
1061 return cpu;
1062 }
1063 }
1064
1065 return NULL;
1066 }
1067
1068 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1069 {
1070 CPUState *cpu;
1071 const char *p;
1072 uint32_t thread;
1073 int ch, reg_size, type, res;
1074 char buf[MAX_PACKET_LENGTH];
1075 uint8_t mem_buf[MAX_PACKET_LENGTH];
1076 uint8_t *registers;
1077 target_ulong addr, len;
1078
1079 #ifdef DEBUG_GDB
1080 printf("command='%s'\n", line_buf);
1081 #endif
1082 p = line_buf;
1083 ch = *p++;
1084 switch(ch) {
1085 case '?':
1086 /* TODO: Make this return the correct value for user-mode. */
1087 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
1088 cpu_index(s->c_cpu));
1089 put_packet(s, buf);
1090 /* Remove all the breakpoints when this query is issued,
1091 * because gdb is doing and initial connect and the state
1092 * should be cleaned up.
1093 */
1094 gdb_breakpoint_remove_all();
1095 break;
1096 case 'c':
1097 if (*p != '\0') {
1098 addr = strtoull(p, (char **)&p, 16);
1099 gdb_set_cpu_pc(s, addr);
1100 }
1101 s->signal = 0;
1102 gdb_continue(s);
1103 return RS_IDLE;
1104 case 'C':
1105 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1106 if (s->signal == -1)
1107 s->signal = 0;
1108 gdb_continue(s);
1109 return RS_IDLE;
1110 case 'v':
1111 if (strncmp(p, "Cont", 4) == 0) {
1112 int res_signal, res_thread;
1113
1114 p += 4;
1115 if (*p == '?') {
1116 put_packet(s, "vCont;c;C;s;S");
1117 break;
1118 }
1119 res = 0;
1120 res_signal = 0;
1121 res_thread = 0;
1122 while (*p) {
1123 int action, signal;
1124
1125 if (*p++ != ';') {
1126 res = 0;
1127 break;
1128 }
1129 action = *p++;
1130 signal = 0;
1131 if (action == 'C' || action == 'S') {
1132 signal = strtoul(p, (char **)&p, 16);
1133 } else if (action != 'c' && action != 's') {
1134 res = 0;
1135 break;
1136 }
1137 thread = 0;
1138 if (*p == ':') {
1139 thread = strtoull(p+1, (char **)&p, 16);
1140 }
1141 action = tolower(action);
1142 if (res == 0 || (res == 'c' && action == 's')) {
1143 res = action;
1144 res_signal = signal;
1145 res_thread = thread;
1146 }
1147 }
1148 if (res) {
1149 if (res_thread != -1 && res_thread != 0) {
1150 cpu = find_cpu(res_thread);
1151 if (cpu == NULL) {
1152 put_packet(s, "E22");
1153 break;
1154 }
1155 s->c_cpu = cpu;
1156 }
1157 if (res == 's') {
1158 cpu_single_step(s->c_cpu, sstep_flags);
1159 }
1160 s->signal = res_signal;
1161 gdb_continue(s);
1162 return RS_IDLE;
1163 }
1164 break;
1165 } else {
1166 goto unknown_command;
1167 }
1168 case 'k':
1169 #ifdef CONFIG_USER_ONLY
1170 /* Kill the target */
1171 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
1172 exit(0);
1173 #endif
1174 case 'D':
1175 /* Detach packet */
1176 gdb_breakpoint_remove_all();
1177 gdb_syscall_mode = GDB_SYS_DISABLED;
1178 gdb_continue(s);
1179 put_packet(s, "OK");
1180 break;
1181 case 's':
1182 if (*p != '\0') {
1183 addr = strtoull(p, (char **)&p, 16);
1184 gdb_set_cpu_pc(s, addr);
1185 }
1186 cpu_single_step(s->c_cpu, sstep_flags);
1187 gdb_continue(s);
1188 return RS_IDLE;
1189 case 'F':
1190 {
1191 target_ulong ret;
1192 target_ulong err;
1193
1194 ret = strtoull(p, (char **)&p, 16);
1195 if (*p == ',') {
1196 p++;
1197 err = strtoull(p, (char **)&p, 16);
1198 } else {
1199 err = 0;
1200 }
1201 if (*p == ',')
1202 p++;
1203 type = *p;
1204 if (s->current_syscall_cb) {
1205 s->current_syscall_cb(s->c_cpu, ret, err);
1206 s->current_syscall_cb = NULL;
1207 }
1208 if (type == 'C') {
1209 put_packet(s, "T02");
1210 } else {
1211 gdb_continue(s);
1212 }
1213 }
1214 break;
1215 case 'g':
1216 cpu_synchronize_state(s->g_cpu);
1217 len = 0;
1218 for (addr = 0; addr < s->g_cpu->gdb_num_regs; addr++) {
1219 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1220 len += reg_size;
1221 }
1222 memtohex(buf, mem_buf, len);
1223 put_packet(s, buf);
1224 break;
1225 case 'G':
1226 cpu_synchronize_state(s->g_cpu);
1227 registers = mem_buf;
1228 len = strlen(p) / 2;
1229 hextomem((uint8_t *)registers, p, len);
1230 for (addr = 0; addr < s->g_cpu->gdb_num_regs && len > 0; addr++) {
1231 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1232 len -= reg_size;
1233 registers += reg_size;
1234 }
1235 put_packet(s, "OK");
1236 break;
1237 case 'm':
1238 addr = strtoull(p, (char **)&p, 16);
1239 if (*p == ',')
1240 p++;
1241 len = strtoull(p, NULL, 16);
1242 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
1243 put_packet (s, "E14");
1244 } else {
1245 memtohex(buf, mem_buf, len);
1246 put_packet(s, buf);
1247 }
1248 break;
1249 case 'M':
1250 addr = strtoull(p, (char **)&p, 16);
1251 if (*p == ',')
1252 p++;
1253 len = strtoull(p, (char **)&p, 16);
1254 if (*p == ':')
1255 p++;
1256 hextomem(mem_buf, p, len);
1257 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
1258 true) != 0) {
1259 put_packet(s, "E14");
1260 } else {
1261 put_packet(s, "OK");
1262 }
1263 break;
1264 case 'p':
1265 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1266 This works, but can be very slow. Anything new enough to
1267 understand XML also knows how to use this properly. */
1268 if (!gdb_has_xml)
1269 goto unknown_command;
1270 addr = strtoull(p, (char **)&p, 16);
1271 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1272 if (reg_size) {
1273 memtohex(buf, mem_buf, reg_size);
1274 put_packet(s, buf);
1275 } else {
1276 put_packet(s, "E14");
1277 }
1278 break;
1279 case 'P':
1280 if (!gdb_has_xml)
1281 goto unknown_command;
1282 addr = strtoull(p, (char **)&p, 16);
1283 if (*p == '=')
1284 p++;
1285 reg_size = strlen(p) / 2;
1286 hextomem(mem_buf, p, reg_size);
1287 gdb_write_register(s->g_cpu, mem_buf, addr);
1288 put_packet(s, "OK");
1289 break;
1290 case 'Z':
1291 case 'z':
1292 type = strtoul(p, (char **)&p, 16);
1293 if (*p == ',')
1294 p++;
1295 addr = strtoull(p, (char **)&p, 16);
1296 if (*p == ',')
1297 p++;
1298 len = strtoull(p, (char **)&p, 16);
1299 if (ch == 'Z')
1300 res = gdb_breakpoint_insert(addr, len, type);
1301 else
1302 res = gdb_breakpoint_remove(addr, len, type);
1303 if (res >= 0)
1304 put_packet(s, "OK");
1305 else if (res == -ENOSYS)
1306 put_packet(s, "");
1307 else
1308 put_packet(s, "E22");
1309 break;
1310 case 'H':
1311 type = *p++;
1312 thread = strtoull(p, (char **)&p, 16);
1313 if (thread == -1 || thread == 0) {
1314 put_packet(s, "OK");
1315 break;
1316 }
1317 cpu = find_cpu(thread);
1318 if (cpu == NULL) {
1319 put_packet(s, "E22");
1320 break;
1321 }
1322 switch (type) {
1323 case 'c':
1324 s->c_cpu = cpu;
1325 put_packet(s, "OK");
1326 break;
1327 case 'g':
1328 s->g_cpu = cpu;
1329 put_packet(s, "OK");
1330 break;
1331 default:
1332 put_packet(s, "E22");
1333 break;
1334 }
1335 break;
1336 case 'T':
1337 thread = strtoull(p, (char **)&p, 16);
1338 cpu = find_cpu(thread);
1339
1340 if (cpu != NULL) {
1341 put_packet(s, "OK");
1342 } else {
1343 put_packet(s, "E22");
1344 }
1345 break;
1346 case 'q':
1347 case 'Q':
1348 /* parse any 'q' packets here */
1349 if (!strcmp(p,"qemu.sstepbits")) {
1350 /* Query Breakpoint bit definitions */
1351 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1352 SSTEP_ENABLE,
1353 SSTEP_NOIRQ,
1354 SSTEP_NOTIMER);
1355 put_packet(s, buf);
1356 break;
1357 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1358 /* Display or change the sstep_flags */
1359 p += 10;
1360 if (*p != '=') {
1361 /* Display current setting */
1362 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1363 put_packet(s, buf);
1364 break;
1365 }
1366 p++;
1367 type = strtoul(p, (char **)&p, 16);
1368 sstep_flags = type;
1369 put_packet(s, "OK");
1370 break;
1371 } else if (strcmp(p,"C") == 0) {
1372 /* "Current thread" remains vague in the spec, so always return
1373 * the first CPU (gdb returns the first thread). */
1374 put_packet(s, "QC1");
1375 break;
1376 } else if (strcmp(p,"fThreadInfo") == 0) {
1377 s->query_cpu = first_cpu;
1378 goto report_cpuinfo;
1379 } else if (strcmp(p,"sThreadInfo") == 0) {
1380 report_cpuinfo:
1381 if (s->query_cpu) {
1382 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1383 put_packet(s, buf);
1384 s->query_cpu = s->query_cpu->next_cpu;
1385 } else
1386 put_packet(s, "l");
1387 break;
1388 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1389 thread = strtoull(p+16, (char **)&p, 16);
1390 cpu = find_cpu(thread);
1391 if (cpu != NULL) {
1392 cpu_synchronize_state(cpu);
1393 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1394 "CPU#%d [%s]", cpu->cpu_index,
1395 cpu->halted ? "halted " : "running");
1396 memtohex(buf, mem_buf, len);
1397 put_packet(s, buf);
1398 }
1399 break;
1400 }
1401 #ifdef CONFIG_USER_ONLY
1402 else if (strncmp(p, "Offsets", 7) == 0) {
1403 CPUArchState *env = s->c_cpu->env_ptr;
1404 TaskState *ts = env->opaque;
1405
1406 snprintf(buf, sizeof(buf),
1407 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1408 ";Bss=" TARGET_ABI_FMT_lx,
1409 ts->info->code_offset,
1410 ts->info->data_offset,
1411 ts->info->data_offset);
1412 put_packet(s, buf);
1413 break;
1414 }
1415 #else /* !CONFIG_USER_ONLY */
1416 else if (strncmp(p, "Rcmd,", 5) == 0) {
1417 int len = strlen(p + 5);
1418
1419 if ((len % 2) != 0) {
1420 put_packet(s, "E01");
1421 break;
1422 }
1423 hextomem(mem_buf, p + 5, len);
1424 len = len / 2;
1425 mem_buf[len++] = 0;
1426 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1427 put_packet(s, "OK");
1428 break;
1429 }
1430 #endif /* !CONFIG_USER_ONLY */
1431 if (strncmp(p, "Supported", 9) == 0) {
1432 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1433 #ifdef GDB_CORE_XML
1434 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1435 #endif
1436 put_packet(s, buf);
1437 break;
1438 }
1439 #ifdef GDB_CORE_XML
1440 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1441 const char *xml;
1442 target_ulong total_len;
1443
1444 gdb_has_xml = 1;
1445 p += 19;
1446 xml = get_feature_xml(p, &p);
1447 if (!xml) {
1448 snprintf(buf, sizeof(buf), "E00");
1449 put_packet(s, buf);
1450 break;
1451 }
1452
1453 if (*p == ':')
1454 p++;
1455 addr = strtoul(p, (char **)&p, 16);
1456 if (*p == ',')
1457 p++;
1458 len = strtoul(p, (char **)&p, 16);
1459
1460 total_len = strlen(xml);
1461 if (addr > total_len) {
1462 snprintf(buf, sizeof(buf), "E00");
1463 put_packet(s, buf);
1464 break;
1465 }
1466 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1467 len = (MAX_PACKET_LENGTH - 5) / 2;
1468 if (len < total_len - addr) {
1469 buf[0] = 'm';
1470 len = memtox(buf + 1, xml + addr, len);
1471 } else {
1472 buf[0] = 'l';
1473 len = memtox(buf + 1, xml + addr, total_len - addr);
1474 }
1475 put_packet_binary(s, buf, len + 1);
1476 break;
1477 }
1478 #endif
1479 /* Unrecognised 'q' command. */
1480 goto unknown_command;
1481
1482 default:
1483 unknown_command:
1484 /* put empty packet */
1485 buf[0] = '\0';
1486 put_packet(s, buf);
1487 break;
1488 }
1489 return RS_IDLE;
1490 }
1491
1492 void gdb_set_stop_cpu(CPUState *cpu)
1493 {
1494 gdbserver_state->c_cpu = cpu;
1495 gdbserver_state->g_cpu = cpu;
1496 }
1497
1498 #ifndef CONFIG_USER_ONLY
1499 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1500 {
1501 GDBState *s = gdbserver_state;
1502 CPUArchState *env = s->c_cpu->env_ptr;
1503 CPUState *cpu = s->c_cpu;
1504 char buf[256];
1505 const char *type;
1506 int ret;
1507
1508 if (running || s->state == RS_INACTIVE) {
1509 return;
1510 }
1511 /* Is there a GDB syscall waiting to be sent? */
1512 if (s->current_syscall_cb) {
1513 put_packet(s, s->syscall_buf);
1514 return;
1515 }
1516 switch (state) {
1517 case RUN_STATE_DEBUG:
1518 if (env->watchpoint_hit) {
1519 switch (env->watchpoint_hit->flags & BP_MEM_ACCESS) {
1520 case BP_MEM_READ:
1521 type = "r";
1522 break;
1523 case BP_MEM_ACCESS:
1524 type = "a";
1525 break;
1526 default:
1527 type = "";
1528 break;
1529 }
1530 snprintf(buf, sizeof(buf),
1531 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1532 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1533 env->watchpoint_hit->vaddr);
1534 env->watchpoint_hit = NULL;
1535 goto send_packet;
1536 }
1537 tb_flush(env);
1538 ret = GDB_SIGNAL_TRAP;
1539 break;
1540 case RUN_STATE_PAUSED:
1541 ret = GDB_SIGNAL_INT;
1542 break;
1543 case RUN_STATE_SHUTDOWN:
1544 ret = GDB_SIGNAL_QUIT;
1545 break;
1546 case RUN_STATE_IO_ERROR:
1547 ret = GDB_SIGNAL_IO;
1548 break;
1549 case RUN_STATE_WATCHDOG:
1550 ret = GDB_SIGNAL_ALRM;
1551 break;
1552 case RUN_STATE_INTERNAL_ERROR:
1553 ret = GDB_SIGNAL_ABRT;
1554 break;
1555 case RUN_STATE_SAVE_VM:
1556 case RUN_STATE_RESTORE_VM:
1557 return;
1558 case RUN_STATE_FINISH_MIGRATE:
1559 ret = GDB_SIGNAL_XCPU;
1560 break;
1561 default:
1562 ret = GDB_SIGNAL_UNKNOWN;
1563 break;
1564 }
1565 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1566
1567 send_packet:
1568 put_packet(s, buf);
1569
1570 /* disable single step if it was enabled */
1571 cpu_single_step(cpu, 0);
1572 }
1573 #endif
1574
1575 /* Send a gdb syscall request.
1576 This accepts limited printf-style format specifiers, specifically:
1577 %x - target_ulong argument printed in hex.
1578 %lx - 64-bit argument printed in hex.
1579 %s - string pointer (target_ulong) and length (int) pair. */
1580 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1581 {
1582 va_list va;
1583 char *p;
1584 char *p_end;
1585 target_ulong addr;
1586 uint64_t i64;
1587 GDBState *s;
1588
1589 s = gdbserver_state;
1590 if (!s)
1591 return;
1592 s->current_syscall_cb = cb;
1593 #ifndef CONFIG_USER_ONLY
1594 vm_stop(RUN_STATE_DEBUG);
1595 #endif
1596 va_start(va, fmt);
1597 p = s->syscall_buf;
1598 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1599 *(p++) = 'F';
1600 while (*fmt) {
1601 if (*fmt == '%') {
1602 fmt++;
1603 switch (*fmt++) {
1604 case 'x':
1605 addr = va_arg(va, target_ulong);
1606 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1607 break;
1608 case 'l':
1609 if (*(fmt++) != 'x')
1610 goto bad_format;
1611 i64 = va_arg(va, uint64_t);
1612 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1613 break;
1614 case 's':
1615 addr = va_arg(va, target_ulong);
1616 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1617 addr, va_arg(va, int));
1618 break;
1619 default:
1620 bad_format:
1621 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1622 fmt - 1);
1623 break;
1624 }
1625 } else {
1626 *(p++) = *(fmt++);
1627 }
1628 }
1629 *p = 0;
1630 va_end(va);
1631 #ifdef CONFIG_USER_ONLY
1632 put_packet(s, s->syscall_buf);
1633 gdb_handlesig(s->c_cpu, 0);
1634 #else
1635 /* In this case wait to send the syscall packet until notification that
1636 the CPU has stopped. This must be done because if the packet is sent
1637 now the reply from the syscall request could be received while the CPU
1638 is still in the running state, which can cause packets to be dropped
1639 and state transition 'T' packets to be sent while the syscall is still
1640 being processed. */
1641 cpu_exit(s->c_cpu);
1642 #endif
1643 }
1644
1645 static void gdb_read_byte(GDBState *s, int ch)
1646 {
1647 int i, csum;
1648 uint8_t reply;
1649
1650 #ifndef CONFIG_USER_ONLY
1651 if (s->last_packet_len) {
1652 /* Waiting for a response to the last packet. If we see the start
1653 of a new command then abandon the previous response. */
1654 if (ch == '-') {
1655 #ifdef DEBUG_GDB
1656 printf("Got NACK, retransmitting\n");
1657 #endif
1658 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1659 }
1660 #ifdef DEBUG_GDB
1661 else if (ch == '+')
1662 printf("Got ACK\n");
1663 else
1664 printf("Got '%c' when expecting ACK/NACK\n", ch);
1665 #endif
1666 if (ch == '+' || ch == '$')
1667 s->last_packet_len = 0;
1668 if (ch != '$')
1669 return;
1670 }
1671 if (runstate_is_running()) {
1672 /* when the CPU is running, we cannot do anything except stop
1673 it when receiving a char */
1674 vm_stop(RUN_STATE_PAUSED);
1675 } else
1676 #endif
1677 {
1678 switch(s->state) {
1679 case RS_IDLE:
1680 if (ch == '$') {
1681 s->line_buf_index = 0;
1682 s->state = RS_GETLINE;
1683 }
1684 break;
1685 case RS_GETLINE:
1686 if (ch == '#') {
1687 s->state = RS_CHKSUM1;
1688 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1689 s->state = RS_IDLE;
1690 } else {
1691 s->line_buf[s->line_buf_index++] = ch;
1692 }
1693 break;
1694 case RS_CHKSUM1:
1695 s->line_buf[s->line_buf_index] = '\0';
1696 s->line_csum = fromhex(ch) << 4;
1697 s->state = RS_CHKSUM2;
1698 break;
1699 case RS_CHKSUM2:
1700 s->line_csum |= fromhex(ch);
1701 csum = 0;
1702 for(i = 0; i < s->line_buf_index; i++) {
1703 csum += s->line_buf[i];
1704 }
1705 if (s->line_csum != (csum & 0xff)) {
1706 reply = '-';
1707 put_buffer(s, &reply, 1);
1708 s->state = RS_IDLE;
1709 } else {
1710 reply = '+';
1711 put_buffer(s, &reply, 1);
1712 s->state = gdb_handle_packet(s, s->line_buf);
1713 }
1714 break;
1715 default:
1716 abort();
1717 }
1718 }
1719 }
1720
1721 /* Tell the remote gdb that the process has exited. */
1722 void gdb_exit(CPUArchState *env, int code)
1723 {
1724 GDBState *s;
1725 char buf[4];
1726
1727 s = gdbserver_state;
1728 if (!s) {
1729 return;
1730 }
1731 #ifdef CONFIG_USER_ONLY
1732 if (gdbserver_fd < 0 || s->fd < 0) {
1733 return;
1734 }
1735 #endif
1736
1737 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1738 put_packet(s, buf);
1739
1740 #ifndef CONFIG_USER_ONLY
1741 if (s->chr) {
1742 qemu_chr_delete(s->chr);
1743 }
1744 #endif
1745 }
1746
1747 #ifdef CONFIG_USER_ONLY
1748 int
1749 gdb_queuesig (void)
1750 {
1751 GDBState *s;
1752
1753 s = gdbserver_state;
1754
1755 if (gdbserver_fd < 0 || s->fd < 0)
1756 return 0;
1757 else
1758 return 1;
1759 }
1760
1761 int
1762 gdb_handlesig(CPUState *cpu, int sig)
1763 {
1764 CPUArchState *env = cpu->env_ptr;
1765 GDBState *s;
1766 char buf[256];
1767 int n;
1768
1769 s = gdbserver_state;
1770 if (gdbserver_fd < 0 || s->fd < 0) {
1771 return sig;
1772 }
1773
1774 /* disable single step if it was enabled */
1775 cpu_single_step(cpu, 0);
1776 tb_flush(env);
1777
1778 if (sig != 0) {
1779 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1780 put_packet(s, buf);
1781 }
1782 /* put_packet() might have detected that the peer terminated the
1783 connection. */
1784 if (s->fd < 0) {
1785 return sig;
1786 }
1787
1788 sig = 0;
1789 s->state = RS_IDLE;
1790 s->running_state = 0;
1791 while (s->running_state == 0) {
1792 n = read(s->fd, buf, 256);
1793 if (n > 0) {
1794 int i;
1795
1796 for (i = 0; i < n; i++) {
1797 gdb_read_byte(s, buf[i]);
1798 }
1799 } else if (n == 0 || errno != EAGAIN) {
1800 /* XXX: Connection closed. Should probably wait for another
1801 connection before continuing. */
1802 return sig;
1803 }
1804 }
1805 sig = s->signal;
1806 s->signal = 0;
1807 return sig;
1808 }
1809
1810 /* Tell the remote gdb that the process has exited due to SIG. */
1811 void gdb_signalled(CPUArchState *env, int sig)
1812 {
1813 GDBState *s;
1814 char buf[4];
1815
1816 s = gdbserver_state;
1817 if (gdbserver_fd < 0 || s->fd < 0) {
1818 return;
1819 }
1820
1821 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1822 put_packet(s, buf);
1823 }
1824
1825 static void gdb_accept(void)
1826 {
1827 GDBState *s;
1828 struct sockaddr_in sockaddr;
1829 socklen_t len;
1830 int fd;
1831
1832 for(;;) {
1833 len = sizeof(sockaddr);
1834 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1835 if (fd < 0 && errno != EINTR) {
1836 perror("accept");
1837 return;
1838 } else if (fd >= 0) {
1839 #ifndef _WIN32
1840 fcntl(fd, F_SETFD, FD_CLOEXEC);
1841 #endif
1842 break;
1843 }
1844 }
1845
1846 /* set short latency */
1847 socket_set_nodelay(fd);
1848
1849 s = g_malloc0(sizeof(GDBState));
1850 s->c_cpu = first_cpu;
1851 s->g_cpu = first_cpu;
1852 s->fd = fd;
1853 gdb_has_xml = 0;
1854
1855 gdbserver_state = s;
1856
1857 fcntl(fd, F_SETFL, O_NONBLOCK);
1858 }
1859
1860 static int gdbserver_open(int port)
1861 {
1862 struct sockaddr_in sockaddr;
1863 int fd, val, ret;
1864
1865 fd = socket(PF_INET, SOCK_STREAM, 0);
1866 if (fd < 0) {
1867 perror("socket");
1868 return -1;
1869 }
1870 #ifndef _WIN32
1871 fcntl(fd, F_SETFD, FD_CLOEXEC);
1872 #endif
1873
1874 /* allow fast reuse */
1875 val = 1;
1876 qemu_setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val));
1877
1878 sockaddr.sin_family = AF_INET;
1879 sockaddr.sin_port = htons(port);
1880 sockaddr.sin_addr.s_addr = 0;
1881 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1882 if (ret < 0) {
1883 perror("bind");
1884 close(fd);
1885 return -1;
1886 }
1887 ret = listen(fd, 0);
1888 if (ret < 0) {
1889 perror("listen");
1890 close(fd);
1891 return -1;
1892 }
1893 return fd;
1894 }
1895
1896 int gdbserver_start(int port)
1897 {
1898 gdbserver_fd = gdbserver_open(port);
1899 if (gdbserver_fd < 0)
1900 return -1;
1901 /* accept connections */
1902 gdb_accept();
1903 return 0;
1904 }
1905
1906 /* Disable gdb stub for child processes. */
1907 void gdbserver_fork(CPUArchState *env)
1908 {
1909 GDBState *s = gdbserver_state;
1910 if (gdbserver_fd < 0 || s->fd < 0)
1911 return;
1912 close(s->fd);
1913 s->fd = -1;
1914 cpu_breakpoint_remove_all(env, BP_GDB);
1915 cpu_watchpoint_remove_all(env, BP_GDB);
1916 }
1917 #else
1918 static int gdb_chr_can_receive(void *opaque)
1919 {
1920 /* We can handle an arbitrarily large amount of data.
1921 Pick the maximum packet size, which is as good as anything. */
1922 return MAX_PACKET_LENGTH;
1923 }
1924
1925 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1926 {
1927 int i;
1928
1929 for (i = 0; i < size; i++) {
1930 gdb_read_byte(gdbserver_state, buf[i]);
1931 }
1932 }
1933
1934 static void gdb_chr_event(void *opaque, int event)
1935 {
1936 switch (event) {
1937 case CHR_EVENT_OPENED:
1938 vm_stop(RUN_STATE_PAUSED);
1939 gdb_has_xml = 0;
1940 break;
1941 default:
1942 break;
1943 }
1944 }
1945
1946 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1947 {
1948 char buf[MAX_PACKET_LENGTH];
1949
1950 buf[0] = 'O';
1951 if (len > (MAX_PACKET_LENGTH/2) - 1)
1952 len = (MAX_PACKET_LENGTH/2) - 1;
1953 memtohex(buf + 1, (uint8_t *)msg, len);
1954 put_packet(s, buf);
1955 }
1956
1957 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1958 {
1959 const char *p = (const char *)buf;
1960 int max_sz;
1961
1962 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1963 for (;;) {
1964 if (len <= max_sz) {
1965 gdb_monitor_output(gdbserver_state, p, len);
1966 break;
1967 }
1968 gdb_monitor_output(gdbserver_state, p, max_sz);
1969 p += max_sz;
1970 len -= max_sz;
1971 }
1972 return len;
1973 }
1974
1975 #ifndef _WIN32
1976 static void gdb_sigterm_handler(int signal)
1977 {
1978 if (runstate_is_running()) {
1979 vm_stop(RUN_STATE_PAUSED);
1980 }
1981 }
1982 #endif
1983
1984 int gdbserver_start(const char *device)
1985 {
1986 GDBState *s;
1987 char gdbstub_device_name[128];
1988 CharDriverState *chr = NULL;
1989 CharDriverState *mon_chr;
1990
1991 if (!device)
1992 return -1;
1993 if (strcmp(device, "none") != 0) {
1994 if (strstart(device, "tcp:", NULL)) {
1995 /* enforce required TCP attributes */
1996 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1997 "%s,nowait,nodelay,server", device);
1998 device = gdbstub_device_name;
1999 }
2000 #ifndef _WIN32
2001 else if (strcmp(device, "stdio") == 0) {
2002 struct sigaction act;
2003
2004 memset(&act, 0, sizeof(act));
2005 act.sa_handler = gdb_sigterm_handler;
2006 sigaction(SIGINT, &act, NULL);
2007 }
2008 #endif
2009 chr = qemu_chr_new("gdb", device, NULL);
2010 if (!chr)
2011 return -1;
2012
2013 qemu_chr_fe_claim_no_fail(chr);
2014 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
2015 gdb_chr_event, NULL);
2016 }
2017
2018 s = gdbserver_state;
2019 if (!s) {
2020 s = g_malloc0(sizeof(GDBState));
2021 gdbserver_state = s;
2022
2023 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2024
2025 /* Initialize a monitor terminal for gdb */
2026 mon_chr = g_malloc0(sizeof(*mon_chr));
2027 mon_chr->chr_write = gdb_monitor_write;
2028 monitor_init(mon_chr, 0);
2029 } else {
2030 if (s->chr)
2031 qemu_chr_delete(s->chr);
2032 mon_chr = s->mon_chr;
2033 memset(s, 0, sizeof(GDBState));
2034 }
2035 s->c_cpu = first_cpu;
2036 s->g_cpu = first_cpu;
2037 s->chr = chr;
2038 s->state = chr ? RS_IDLE : RS_INACTIVE;
2039 s->mon_chr = mon_chr;
2040 s->current_syscall_cb = NULL;
2041
2042 return 0;
2043 }
2044 #endif
Qemu copy for testing