]> git.proxmox.com Git - mirror_qemu.git/blame - gdbstub.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
job: Fix off-by-one assert checks for JobSTT and JobVerbTable
[mirror_qemu.git] / gdbstub.c
CommitLineData
b4608c04
FB		 1/*
2 * gdb server stub
5fafdf24 3 *
3475187d 4 * Copyright (c) 2003-2005 Fabrice Bellard
b4608c04
FB		 5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
b4608c04 18 */
d38ea87a 19#include "qemu/osdep.h"
da34e65c 20#include "qapi/error.h"
508b4ecc 21#include "qemu/error-report.h"
f348b6d1 22#include "qemu/cutils.h"
5c9522b3 23#include "trace-root.h"
f348b6d1 24#ifdef CONFIG_USER_ONLY
1fddef4b
FB		 25#include "qemu.h"
26#else
83c9089e 27#include "monitor/monitor.h"
8228e353 28#include "chardev/char.h"
4d43a603 29#include "chardev/char-fe.h"
9c17d615 30#include "sysemu/sysemu.h"
022c62cb 31#include "exec/gdbstub.h"
1fddef4b 32#endif
67b915a5 33
56aebc89
PB		 34#define MAX_PACKET_LENGTH 4096
35
1de7afc9 36#include "qemu/sockets.h"
b3946626 37#include "sysemu/hw_accel.h"
9c17d615 38#include "sysemu/kvm.h"
cfe67cef 39#include "exec/semihost.h"
63c91552 40#include "exec/exec-all.h"
ca587a8e 41
a3919386
JK		 42#ifdef CONFIG_USER_ONLY
43#define GDB_ATTACHED "0"
44#else
45#define GDB_ATTACHED "1"
46#endif
47
f3659eee
AF		 48static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
49 uint8_t *buf, int len, bool is_write)
44520db1 50{
f3659eee
AF		 51 CPUClass *cc = CPU_GET_CLASS(cpu);
52
53 if (cc->memory_rw_debug) {
54 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
55 }
56 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
44520db1 57}
ca587a8e 58
d2a6c857
AB		 59/* Return the GDB index for a given vCPU state.
60 *
61 * For user mode this is simply the thread id. In system mode GDB
62 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
63 */
64static inline int cpu_gdb_index(CPUState *cpu)
65{
66#if defined(CONFIG_USER_ONLY)
bd88c780
AB		 67 TaskState *ts = (TaskState *) cpu->opaque;
68 return ts->ts_tid;
d2a6c857
AB		 69#else
70 return cpu->cpu_index + 1;
71#endif
72}
73
ca587a8e
AJ		 74enum {
75 GDB_SIGNAL_0 = 0,
76 GDB_SIGNAL_INT = 2,
425189a8 77 GDB_SIGNAL_QUIT = 3,
ca587a8e 78 GDB_SIGNAL_TRAP = 5,
425189a8
JK		 79 GDB_SIGNAL_ABRT = 6,
80 GDB_SIGNAL_ALRM = 14,
81 GDB_SIGNAL_IO = 23,
82 GDB_SIGNAL_XCPU = 24,
ca587a8e
AJ		 83 GDB_SIGNAL_UNKNOWN = 143
84};
85
86#ifdef CONFIG_USER_ONLY
87
88/* Map target signal numbers to GDB protocol signal numbers and vice
89 * versa. For user emulation's currently supported systems, we can
90 * assume most signals are defined.
91 */
92
93static int gdb_signal_table[] = {
94 0,
95 TARGET_SIGHUP,
96 TARGET_SIGINT,
97 TARGET_SIGQUIT,
98 TARGET_SIGILL,
99 TARGET_SIGTRAP,
100 TARGET_SIGABRT,
101 -1, /* SIGEMT */
102 TARGET_SIGFPE,
103 TARGET_SIGKILL,
104 TARGET_SIGBUS,
105 TARGET_SIGSEGV,
106 TARGET_SIGSYS,
107 TARGET_SIGPIPE,
108 TARGET_SIGALRM,
109 TARGET_SIGTERM,
110 TARGET_SIGURG,
111 TARGET_SIGSTOP,
112 TARGET_SIGTSTP,
113 TARGET_SIGCONT,
114 TARGET_SIGCHLD,
115 TARGET_SIGTTIN,
116 TARGET_SIGTTOU,
117 TARGET_SIGIO,
118 TARGET_SIGXCPU,
119 TARGET_SIGXFSZ,
120 TARGET_SIGVTALRM,
121 TARGET_SIGPROF,
122 TARGET_SIGWINCH,
123 -1, /* SIGLOST */
124 TARGET_SIGUSR1,
125 TARGET_SIGUSR2,
c72d5bf8 126#ifdef TARGET_SIGPWR
ca587a8e 127 TARGET_SIGPWR,
c72d5bf8
BS		 128#else
129 -1,
130#endif
ca587a8e
AJ		 131 -1, /* SIGPOLL */
132 -1,
133 -1,
134 -1,
135 -1,
136 -1,
137 -1,
138 -1,
139 -1,
140 -1,
141 -1,
142 -1,
c72d5bf8 143#ifdef __SIGRTMIN
ca587a8e
AJ		 144 __SIGRTMIN + 1,
145 __SIGRTMIN + 2,
146 __SIGRTMIN + 3,
147 __SIGRTMIN + 4,
148 __SIGRTMIN + 5,
149 __SIGRTMIN + 6,
150 __SIGRTMIN + 7,
151 __SIGRTMIN + 8,
152 __SIGRTMIN + 9,
153 __SIGRTMIN + 10,
154 __SIGRTMIN + 11,
155 __SIGRTMIN + 12,
156 __SIGRTMIN + 13,
157 __SIGRTMIN + 14,
158 __SIGRTMIN + 15,
159 __SIGRTMIN + 16,
160 __SIGRTMIN + 17,
161 __SIGRTMIN + 18,
162 __SIGRTMIN + 19,
163 __SIGRTMIN + 20,
164 __SIGRTMIN + 21,
165 __SIGRTMIN + 22,
166 __SIGRTMIN + 23,
167 __SIGRTMIN + 24,
168 __SIGRTMIN + 25,
169 __SIGRTMIN + 26,
170 __SIGRTMIN + 27,
171 __SIGRTMIN + 28,
172 __SIGRTMIN + 29,
173 __SIGRTMIN + 30,
174 __SIGRTMIN + 31,
175 -1, /* SIGCANCEL */
176 __SIGRTMIN,
177 __SIGRTMIN + 32,
178 __SIGRTMIN + 33,
179 __SIGRTMIN + 34,
180 __SIGRTMIN + 35,
181 __SIGRTMIN + 36,
182 __SIGRTMIN + 37,
183 __SIGRTMIN + 38,
184 __SIGRTMIN + 39,
185 __SIGRTMIN + 40,
186 __SIGRTMIN + 41,
187 __SIGRTMIN + 42,
188 __SIGRTMIN + 43,
189 __SIGRTMIN + 44,
190 __SIGRTMIN + 45,
191 __SIGRTMIN + 46,
192 __SIGRTMIN + 47,
193 __SIGRTMIN + 48,
194 __SIGRTMIN + 49,
195 __SIGRTMIN + 50,
196 __SIGRTMIN + 51,
197 __SIGRTMIN + 52,
198 __SIGRTMIN + 53,
199 __SIGRTMIN + 54,
200 __SIGRTMIN + 55,
201 __SIGRTMIN + 56,
202 __SIGRTMIN + 57,
203 __SIGRTMIN + 58,
204 __SIGRTMIN + 59,
205 __SIGRTMIN + 60,
206 __SIGRTMIN + 61,
207 __SIGRTMIN + 62,
208 __SIGRTMIN + 63,
209 __SIGRTMIN + 64,
210 __SIGRTMIN + 65,
211 __SIGRTMIN + 66,
212 __SIGRTMIN + 67,
213 __SIGRTMIN + 68,
214 __SIGRTMIN + 69,
215 __SIGRTMIN + 70,
216 __SIGRTMIN + 71,
217 __SIGRTMIN + 72,
218 __SIGRTMIN + 73,
219 __SIGRTMIN + 74,
220 __SIGRTMIN + 75,
221 __SIGRTMIN + 76,
222 __SIGRTMIN + 77,
223 __SIGRTMIN + 78,
224 __SIGRTMIN + 79,
225 __SIGRTMIN + 80,
226 __SIGRTMIN + 81,
227 __SIGRTMIN + 82,
228 __SIGRTMIN + 83,
229 __SIGRTMIN + 84,
230 __SIGRTMIN + 85,
231 __SIGRTMIN + 86,
232 __SIGRTMIN + 87,
233 __SIGRTMIN + 88,
234 __SIGRTMIN + 89,
235 __SIGRTMIN + 90,
236 __SIGRTMIN + 91,
237 __SIGRTMIN + 92,
238 __SIGRTMIN + 93,
239 __SIGRTMIN + 94,
240 __SIGRTMIN + 95,
241 -1, /* SIGINFO */
242 -1, /* UNKNOWN */
243 -1, /* DEFAULT */
244 -1,
245 -1,
246 -1,
247 -1,
248 -1,
249 -1
c72d5bf8 250#endif
ca587a8e 251};
8f447cc7 252#else
ca587a8e
AJ		 253/* In system mode we only need SIGINT and SIGTRAP; other signals
254 are not yet supported. */
255
256enum {
257 TARGET_SIGINT = 2,
258 TARGET_SIGTRAP = 5
259};
260
261static int gdb_signal_table[] = {
262 -1,
263 -1,
264 TARGET_SIGINT,
265 -1,
266 -1,
267 TARGET_SIGTRAP
268};
269#endif
270
271#ifdef CONFIG_USER_ONLY
272static int target_signal_to_gdb (int sig)
273{
274 int i;
275 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
276 if (gdb_signal_table[i] == sig)
277 return i;
278 return GDB_SIGNAL_UNKNOWN;
279}
8f447cc7 280#endif
b4608c04 281
ca587a8e
AJ		 282static int gdb_signal_to_target (int sig)
283{
284 if (sig < ARRAY_SIZE (gdb_signal_table))
285 return gdb_signal_table[sig];
286 else
287 return -1;
288}
289
56aebc89
PB		 290typedef struct GDBRegisterState {
291 int base_reg;
292 int num_regs;
293 gdb_reg_cb get_reg;
294 gdb_reg_cb set_reg;
295 const char *xml;
296 struct GDBRegisterState *next;
297} GDBRegisterState;
298
858693c6 299enum RSState {
36556b20 300 RS_INACTIVE,
858693c6
FB		 301 RS_IDLE,
302 RS_GETLINE,
4bf43122
DG		 303 RS_GETLINE_ESC,
304 RS_GETLINE_RLE,
858693c6
FB		 305 RS_CHKSUM1,
306 RS_CHKSUM2,
307};
858693c6 308typedef struct GDBState {
2e0f2cfb
AF		 309 CPUState *c_cpu; /* current CPU for step/continue ops */
310 CPUState *g_cpu; /* current CPU for other ops */
52f34623 311 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
41625033 312 enum RSState state; /* parsing state */
56aebc89 313 char line_buf[MAX_PACKET_LENGTH];
858693c6 314 int line_buf_index;
4bf43122
DG		 315 int line_sum; /* running checksum */
316 int line_csum; /* checksum at the end of the packet */
56aebc89 317 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
4046d913 318 int last_packet_len;
1f487ee9 319 int signal;
41625033 320#ifdef CONFIG_USER_ONLY
4046d913 321 int fd;
41625033 322 int running_state;
4046d913 323#else
32a6ebec 324 CharBackend chr;
0ec7b3e7 325 Chardev *mon_chr;
41625033 326#endif
cdb432b2
MI		 327 char syscall_buf[256];
328 gdb_syscall_complete_cb current_syscall_cb;
858693c6 329} GDBState;
b4608c04 330
60897d36
EI		 331/* By default use no IRQs and no timers while single stepping so as to
332 * make single stepping like an ICE HW step.
333 */
334static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
335
880a7578
AL		 336static GDBState *gdbserver_state;
337
5b50e790 338bool gdb_has_xml;
56aebc89 339
1fddef4b 340#ifdef CONFIG_USER_ONLY
4046d913
PB		 341/* XXX: This is not thread safe. Do we care? */
342static int gdbserver_fd = -1;
343
858693c6 344static int get_char(GDBState *s)
b4608c04
FB		 345{
346 uint8_t ch;
347 int ret;
348
349 for(;;) {
00aa0040 350 ret = qemu_recv(s->fd, &ch, 1, 0);
b4608c04 351 if (ret < 0) {
1f487ee9
EI		 352 if (errno == ECONNRESET)
353 s->fd = -1;
5819e3e0 354 if (errno != EINTR)
b4608c04
FB		 355 return -1;
356 } else if (ret == 0) {
1f487ee9
EI		 357 close(s->fd);
358 s->fd = -1;
b4608c04
FB		 359 return -1;
360 } else {
361 break;
362 }
363 }
364 return ch;
365}
4046d913 366#endif
b4608c04 367
654efcf3 368static enum {
a2d1ebaf
PB		 369 GDB_SYS_UNKNOWN,
370 GDB_SYS_ENABLED,
371 GDB_SYS_DISABLED,
372} gdb_syscall_mode;
373
a38bb079 374/* Decide if either remote gdb syscalls or native file IO should be used. */
a2d1ebaf
PB		 375int use_gdb_syscalls(void)
376{
cfe67cef
LA		 377 SemihostingTarget target = semihosting_get_target();
378 if (target == SEMIHOSTING_TARGET_NATIVE) {
a38bb079
LI		 379 /* -semihosting-config target=native */
380 return false;
cfe67cef 381 } else if (target == SEMIHOSTING_TARGET_GDB) {
a38bb079
LI		 382 /* -semihosting-config target=gdb */
383 return true;
384 }
385
386 /* -semihosting-config target=auto */
387 /* On the first call check if gdb is connected and remember. */
a2d1ebaf 388 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
880a7578
AL		 389 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
390 : GDB_SYS_DISABLED);
a2d1ebaf
PB		 391 }
392 return gdb_syscall_mode == GDB_SYS_ENABLED;
393}
394
ba70a624
EI		 395/* Resume execution. */
396static inline void gdb_continue(GDBState *s)
397{
5c9522b3 398
ba70a624
EI		 399#ifdef CONFIG_USER_ONLY
400 s->running_state = 1;
5c9522b3 401 trace_gdbstub_op_continue();
ba70a624 402#else
26ac7a31 403 if (!runstate_needs_reset()) {
5c9522b3 404 trace_gdbstub_op_continue();
87f25c12
PB		 405 vm_start();
406 }
ba70a624
EI		 407#endif
408}
409
544177ad
CI		 410/*
411 * Resume execution, per CPU actions. For user-mode emulation it's
412 * equivalent to gdb_continue.
413 */
414static int gdb_continue_partial(GDBState *s, char *newstates)
415{
416 CPUState *cpu;
417 int res = 0;
418#ifdef CONFIG_USER_ONLY
419 /*
420 * This is not exactly accurate, but it's an improvement compared to the
421 * previous situation, where only one CPU would be single-stepped.
422 */
423 CPU_FOREACH(cpu) {
424 if (newstates[cpu->cpu_index] == 's') {
5c9522b3 425 trace_gdbstub_op_stepping(cpu->cpu_index);
544177ad
CI		 426 cpu_single_step(cpu, sstep_flags);
427 }
428 }
429 s->running_state = 1;
430#else
431 int flag = 0;
432
433 if (!runstate_needs_reset()) {
434 if (vm_prepare_start()) {
435 return 0;
436 }
437
438 CPU_FOREACH(cpu) {
439 switch (newstates[cpu->cpu_index]) {
440 case 0:
441 case 1:
442 break; /* nothing to do here */
443 case 's':
5c9522b3 444 trace_gdbstub_op_stepping(cpu->cpu_index);
544177ad
CI		 445 cpu_single_step(cpu, sstep_flags);
446 cpu_resume(cpu);
447 flag = 1;
448 break;
449 case 'c':
5c9522b3 450 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
544177ad
CI		 451 cpu_resume(cpu);
452 flag = 1;
453 break;
454 default:
455 res = -1;
456 break;
457 }
458 }
459 }
460 if (flag) {
461 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
462 }
463#endif
464 return res;
465}
466
858693c6 467static void put_buffer(GDBState *s, const uint8_t *buf, int len)
b4608c04 468{
4046d913 469#ifdef CONFIG_USER_ONLY
b4608c04
FB		 470 int ret;
471
472 while (len > 0) {
8f447cc7 473 ret = send(s->fd, buf, len, 0);
b4608c04 474 if (ret < 0) {
5819e3e0 475 if (errno != EINTR)
b4608c04
FB		 476 return;
477 } else {
478 buf += ret;
479 len -= ret;
480 }
481 }
4046d913 482#else
6ab3fc32
DB		 483 /* XXX this blocks entire thread. Rewrite to use
484 * qemu_chr_fe_write and background I/O callbacks */
5345fdb4 485 qemu_chr_fe_write_all(&s->chr, buf, len);
4046d913 486#endif
b4608c04
FB		 487}
488
489static inline int fromhex(int v)
490{
491 if (v >= '0' && v <= '9')
492 return v - '0';
493 else if (v >= 'A' && v <= 'F')
494 return v - 'A' + 10;
495 else if (v >= 'a' && v <= 'f')
496 return v - 'a' + 10;
497 else
498 return 0;
499}
500
501static inline int tohex(int v)
502{
503 if (v < 10)
504 return v + '0';
505 else
506 return v - 10 + 'a';
507}
508
9005774b 509/* writes 2*len+1 bytes in buf */
b4608c04
FB		 510static void memtohex(char *buf, const uint8_t *mem, int len)
511{
512 int i, c;
513 char *q;
514 q = buf;
515 for(i = 0; i < len; i++) {
516 c = mem[i];
517 *q++ = tohex(c >> 4);
518 *q++ = tohex(c & 0xf);
519 }
520 *q = '\0';
521}
522
523static void hextomem(uint8_t *mem, const char *buf, int len)
524{
525 int i;
526
527 for(i = 0; i < len; i++) {
528 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
529 buf += 2;
530 }
531}
532
5c9522b3
DG		 533static void hexdump(const char *buf, int len,
534 void (*trace_fn)(size_t ofs, char const *text))
535{
536 char line_buffer[3 * 16 + 4 + 16 + 1];
537
538 size_t i;
539 for (i = 0; i < len || (i & 0xF); ++i) {
540 size_t byte_ofs = i & 15;
541
542 if (byte_ofs == 0) {
543 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
544 line_buffer[3 * 16 + 4 + 16] = 0;
545 }
546
547 size_t col_group = (i >> 2) & 3;
548 size_t hex_col = byte_ofs * 3 + col_group;
549 size_t txt_col = 3 * 16 + 4 + byte_ofs;
550
551 if (i < len) {
552 char value = buf[i];
553
554 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
555 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
556 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
557 ? value
558 : '.';
559 }
560
561 if (byte_ofs == 0xF)
562 trace_fn(i & -16, line_buffer);
563 }
564}
565
b4608c04 566/* return -1 if error, 0 if OK */
5c9522b3 567static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
b4608c04 568{
56aebc89 569 int csum, i;
60fe76f3 570 uint8_t *p;
b4608c04 571
5c9522b3
DG		 572 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
573 hexdump(buf, len, trace_gdbstub_io_binaryreply);
574 }
575
b4608c04 576 for(;;) {
4046d913
PB		 577 p = s->last_packet;
578 *(p++) = '$';
4046d913
PB		 579 memcpy(p, buf, len);
580 p += len;
b4608c04
FB		 581 csum = 0;
582 for(i = 0; i < len; i++) {
583 csum += buf[i];
584 }
4046d913
PB		 585 *(p++) = '#';
586 *(p++) = tohex((csum >> 4) & 0xf);
587 *(p++) = tohex((csum) & 0xf);
b4608c04 588
4046d913 589 s->last_packet_len = p - s->last_packet;
ffe8ab83 590 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
b4608c04 591
4046d913
PB		 592#ifdef CONFIG_USER_ONLY
593 i = get_char(s);
594 if (i < 0)
b4608c04 595 return -1;
4046d913 596 if (i == '+')
b4608c04 597 break;
4046d913
PB		 598#else
599 break;
600#endif
b4608c04
FB		 601 }
602 return 0;
603}
604
56aebc89
PB		 605/* return -1 if error, 0 if OK */
606static int put_packet(GDBState *s, const char *buf)
607{
5c9522b3 608 trace_gdbstub_io_reply(buf);
79808573 609
5c9522b3 610 return put_packet_binary(s, buf, strlen(buf), false);
56aebc89
PB		 611}
612
56aebc89
PB		 613/* Encode data using the encoding for 'x' packets. */
614static int memtox(char *buf, const char *mem, int len)
615{
616 char *p = buf;
617 char c;
618
619 while (len--) {
620 c = *(mem++);
621 switch (c) {
622 case '#': case '$': case '*': case '}':
623 *(p++) = '}';
624 *(p++) = c ^ 0x20;
625 break;
626 default:
627 *(p++) = c;
628 break;
629 }
630 }
631 return p - buf;
632}
f1ccf904 633
5b24c641
AF		 634static const char *get_feature_xml(const char *p, const char **newp,
635 CPUClass *cc)
56aebc89 636{
56aebc89
PB		 637 size_t len;
638 int i;
639 const char *name;
640 static char target_xml[1024];
641
642 len = 0;
643 while (p[len] && p[len] != ':')
644 len++;
645 *newp = p + len;
646
647 name = NULL;
648 if (strncmp(p, "target.xml", len) == 0) {
649 /* Generate the XML description for this CPU. */
650 if (!target_xml[0]) {
651 GDBRegisterState *r;
eac8b355 652 CPUState *cpu = first_cpu;
56aebc89 653
b3820e6c
DH		 654 pstrcat(target_xml, sizeof(target_xml),
655 "<?xml version=\"1.0\"?>"
656 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
657 "<target>");
658 if (cc->gdb_arch_name) {
659 gchar *arch = cc->gdb_arch_name(cpu);
660 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
661 pstrcat(target_xml, sizeof(target_xml), arch);
662 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
663 g_free(arch);
664 }
665 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
666 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
667 pstrcat(target_xml, sizeof(target_xml), "\"/>");
eac8b355 668 for (r = cpu->gdb_regs; r; r = r->next) {
2dc766da
BS		 669 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
670 pstrcat(target_xml, sizeof(target_xml), r->xml);
671 pstrcat(target_xml, sizeof(target_xml), "\"/>");
56aebc89 672 }
2dc766da 673 pstrcat(target_xml, sizeof(target_xml), "</target>");
56aebc89
PB		 674 }
675 return target_xml;
676 }
200bf5b7
AB		 677 if (cc->gdb_get_dynamic_xml) {
678 CPUState *cpu = first_cpu;
679 char *xmlname = g_strndup(p, len);
680 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
681
682 g_free(xmlname);
683 if (xml) {
684 return xml;
685 }
686 }
56aebc89
PB		 687 for (i = 0; ; i++) {
688 name = xml_builtin[i][0];
689 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
690 break;
691 }
692 return name ? xml_builtin[i][1] : NULL;
693}
f1ccf904 694
385b9f0e 695static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
56aebc89 696{
a0e372f0 697 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 698 CPUArchState *env = cpu->env_ptr;
56aebc89 699 GDBRegisterState *r;
f1ccf904 700
a0e372f0 701 if (reg < cc->gdb_num_core_regs) {
5b50e790 702 return cc->gdb_read_register(cpu, mem_buf, reg);
a0e372f0 703 }
f1ccf904 704
eac8b355 705 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 706 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
707 return r->get_reg(env, mem_buf, reg - r->base_reg);
708 }
709 }
710 return 0;
f1ccf904
TS		 711}
712
385b9f0e 713static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
f1ccf904 714{
a0e372f0 715 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 716 CPUArchState *env = cpu->env_ptr;
56aebc89 717 GDBRegisterState *r;
f1ccf904 718
a0e372f0 719 if (reg < cc->gdb_num_core_regs) {
5b50e790 720 return cc->gdb_write_register(cpu, mem_buf, reg);
a0e372f0 721 }
56aebc89 722
eac8b355 723 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 724 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
725 return r->set_reg(env, mem_buf, reg - r->base_reg);
726 }
727 }
6da41eaf
FB		 728 return 0;
729}
730
56aebc89
PB		 731/* Register a supplemental set of CPU registers. If g_pos is nonzero it
732 specifies the first register number and these registers are included in
733 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
734 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
735 */
736
22169d41
AF		 737void gdb_register_coprocessor(CPUState *cpu,
738 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
739 int num_regs, const char *xml, int g_pos)
6da41eaf 740{
56aebc89
PB		 741 GDBRegisterState *s;
742 GDBRegisterState **p;
56aebc89 743
eac8b355 744 p = &cpu->gdb_regs;
56aebc89
PB		 745 while (*p) {
746 /* Check for duplicates. */
747 if (strcmp((*p)->xml, xml) == 0)
748 return;
749 p = &(*p)->next;
750 }
9643c25f
SW		 751
752 s = g_new0(GDBRegisterState, 1);
a0e372f0 753 s->base_reg = cpu->gdb_num_regs;
9643c25f
SW		 754 s->num_regs = num_regs;
755 s->get_reg = get_reg;
756 s->set_reg = set_reg;
757 s->xml = xml;
758
56aebc89 759 /* Add to end of list. */
a0e372f0 760 cpu->gdb_num_regs += num_regs;
56aebc89
PB		 761 *p = s;
762 if (g_pos) {
763 if (g_pos != s->base_reg) {
7ae6c571
ZY		 764 error_report("Error: Bad gdb register numbering for '%s', "
765 "expected %d got %d", xml, g_pos, s->base_reg);
35143f01
AF		 766 } else {
767 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
56aebc89
PB		 768 }
769 }
6da41eaf
FB		 770}
771
a1d1bb31 772#ifndef CONFIG_USER_ONLY
2472b6c0
PM		 773/* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
774static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
775{
776 static const int xlat[] = {
777 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
778 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
779 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
780 };
781
782 CPUClass *cc = CPU_GET_CLASS(cpu);
783 int cputype = xlat[gdbtype];
784
785 if (cc->gdb_stop_before_watchpoint) {
786 cputype |= BP_STOP_BEFORE_ACCESS;
787 }
788 return cputype;
789}
a1d1bb31
AL		 790#endif
791
880a7578 792static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
a1d1bb31 793{
182735ef 794 CPUState *cpu;
880a7578
AL		 795 int err = 0;
796
62278814 797 if (kvm_enabled()) {
2e0f2cfb 798 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 799 }
e22a25c9 800
a1d1bb31
AL		 801 switch (type) {
802 case GDB_BREAKPOINT_SW:
803 case GDB_BREAKPOINT_HW:
bdc44640 804 CPU_FOREACH(cpu) {
b3310ab3
AF		 805 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
806 if (err) {
880a7578 807 break;
b3310ab3 808 }
880a7578
AL		 809 }
810 return err;
a1d1bb31
AL		 811#ifndef CONFIG_USER_ONLY
812 case GDB_WATCHPOINT_WRITE:
813 case GDB_WATCHPOINT_READ:
814 case GDB_WATCHPOINT_ACCESS:
bdc44640 815 CPU_FOREACH(cpu) {
2472b6c0
PM		 816 err = cpu_watchpoint_insert(cpu, addr, len,
817 xlat_gdb_type(cpu, type), NULL);
818 if (err) {
880a7578 819 break;
2472b6c0 820 }
880a7578
AL		 821 }
822 return err;
a1d1bb31
AL		 823#endif
824 default:
825 return -ENOSYS;
826 }
827}
828
880a7578 829static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
a1d1bb31 830{
182735ef 831 CPUState *cpu;
880a7578
AL		 832 int err = 0;
833
62278814 834 if (kvm_enabled()) {
2e0f2cfb 835 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 836 }
e22a25c9 837
a1d1bb31
AL		 838 switch (type) {
839 case GDB_BREAKPOINT_SW:
840 case GDB_BREAKPOINT_HW:
bdc44640 841 CPU_FOREACH(cpu) {
b3310ab3
AF		 842 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
843 if (err) {
880a7578 844 break;
b3310ab3 845 }
880a7578
AL		 846 }
847 return err;
a1d1bb31
AL		 848#ifndef CONFIG_USER_ONLY
849 case GDB_WATCHPOINT_WRITE:
850 case GDB_WATCHPOINT_READ:
851 case GDB_WATCHPOINT_ACCESS:
bdc44640 852 CPU_FOREACH(cpu) {
2472b6c0
PM		 853 err = cpu_watchpoint_remove(cpu, addr, len,
854 xlat_gdb_type(cpu, type));
880a7578
AL		 855 if (err)
856 break;
857 }
858 return err;
a1d1bb31
AL		 859#endif
860 default:
861 return -ENOSYS;
862 }
863}
864
880a7578 865static void gdb_breakpoint_remove_all(void)
a1d1bb31 866{
182735ef 867 CPUState *cpu;
880a7578 868
e22a25c9 869 if (kvm_enabled()) {
2e0f2cfb 870 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
e22a25c9
AL		 871 return;
872 }
873
bdc44640 874 CPU_FOREACH(cpu) {
b3310ab3 875 cpu_breakpoint_remove_all(cpu, BP_GDB);
a1d1bb31 876#ifndef CONFIG_USER_ONLY
75a34036 877 cpu_watchpoint_remove_all(cpu, BP_GDB);
a1d1bb31 878#endif
880a7578 879 }
a1d1bb31
AL		 880}
881
fab9d284
AJ		 882static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
883{
2e0f2cfb 884 CPUState *cpu = s->c_cpu;
f45748f1
AF		 885
886 cpu_synchronize_state(cpu);
4a2b24ed 887 cpu_set_pc(cpu, pc);
fab9d284
AJ		 888}
889
2e0f2cfb 890static CPUState *find_cpu(uint32_t thread_id)
1e9fa730 891{
0d34282f 892 CPUState *cpu;
1e9fa730 893
bdc44640 894 CPU_FOREACH(cpu) {
d2a6c857 895 if (cpu_gdb_index(cpu) == thread_id) {
2e0f2cfb 896 return cpu;
aa48dd93 897 }
1e9fa730 898 }
aa48dd93
AF		 899
900 return NULL;
1e9fa730
NF		 901}
902
4dabe747
JK		 903static int is_query_packet(const char *p, const char *query, char separator)
904{
905 unsigned int query_len = strlen(query);
906
907 return strncmp(p, query, query_len) == 0 &&
908 (p[query_len] == '\0' || p[query_len] == separator);
909}
910
544177ad
CI		 911/**
912 * gdb_handle_vcont - Parses and handles a vCont packet.
913 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
914 * a format error, 0 on success.
915 */
916static int gdb_handle_vcont(GDBState *s, const char *p)
917{
918 int res, idx, signal = 0;
919 char cur_action;
920 char *newstates;
921 unsigned long tmp;
922 CPUState *cpu;
923#ifdef CONFIG_USER_ONLY
924 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
925
926 CPU_FOREACH(cpu) {
927 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
928 }
929#endif
930 /* uninitialised CPUs stay 0 */
931 newstates = g_new0(char, max_cpus);
932
933 /* mark valid CPUs with 1 */
934 CPU_FOREACH(cpu) {
935 newstates[cpu->cpu_index] = 1;
936 }
937
938 /*
939 * res keeps track of what error we are returning, with -ENOTSUP meaning
940 * that the command is unknown or unsupported, thus returning an empty
941 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
942 * or incorrect parameters passed.
943 */
944 res = 0;
945 while (*p) {
946 if (*p++ != ';') {
947 res = -ENOTSUP;
948 goto out;
949 }
950
951 cur_action = *p++;
952 if (cur_action == 'C' || cur_action == 'S') {
95a5befc 953 cur_action = qemu_tolower(cur_action);
544177ad
CI		 954 res = qemu_strtoul(p + 1, &p, 16, &tmp);
955 if (res) {
956 goto out;
957 }
958 signal = gdb_signal_to_target(tmp);
959 } else if (cur_action != 'c' && cur_action != 's') {
960 /* unknown/invalid/unsupported command */
961 res = -ENOTSUP;
962 goto out;
963 }
964 /* thread specification. special values: (none), -1 = all; 0 = any */
965 if ((p[0] == ':' && p[1] == '-' && p[2] == '1') || (p[0] != ':')) {
966 if (*p == ':') {
967 p += 3;
968 }
969 for (idx = 0; idx < max_cpus; idx++) {
970 if (newstates[idx] == 1) {
971 newstates[idx] = cur_action;
972 }
973 }
974 } else if (*p == ':') {
975 p++;
976 res = qemu_strtoul(p, &p, 16, &tmp);
977 if (res) {
978 goto out;
979 }
5a6a1ad1 980
544177ad 981 /* 0 means any thread, so we pick the first valid CPU */
5a6a1ad1 982 cpu = tmp ? find_cpu(tmp) : first_cpu;
544177ad 983
544177ad 984 /* invalid CPU/thread specified */
5a6a1ad1 985 if (!cpu) {
544177ad
CI		 986 res = -EINVAL;
987 goto out;
988 }
5a6a1ad1 989
544177ad
CI		 990 /* only use if no previous match occourred */
991 if (newstates[cpu->cpu_index] == 1) {
992 newstates[cpu->cpu_index] = cur_action;
993 }
994 }
995 }
996 s->signal = signal;
997 gdb_continue_partial(s, newstates);
998
999out:
1000 g_free(newstates);
1001
1002 return res;
1003}
1004
880a7578 1005static int gdb_handle_packet(GDBState *s, const char *line_buf)
b4608c04 1006{
2e0f2cfb 1007 CPUState *cpu;
5b24c641 1008 CPUClass *cc;
b4608c04 1009 const char *p;
1e9fa730
NF		 1010 uint32_t thread;
1011 int ch, reg_size, type, res;
56aebc89 1012 uint8_t mem_buf[MAX_PACKET_LENGTH];
9005774b 1013 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
56aebc89 1014 uint8_t *registers;
9d9754a3 1015 target_ulong addr, len;
3b46e624 1016
5c9522b3 1017 trace_gdbstub_io_command(line_buf);
118e2268 1018
858693c6
FB		 1019 p = line_buf;
1020 ch = *p++;
1021 switch(ch) {
1022 case '?':
1fddef4b 1023 /* TODO: Make this return the correct value for user-mode. */
ca587a8e 1024 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
d2a6c857 1025 cpu_gdb_index(s->c_cpu));
858693c6 1026 put_packet(s, buf);
7d03f82f
EI		 1027 /* Remove all the breakpoints when this query is issued,
1028 * because gdb is doing and initial connect and the state
1029 * should be cleaned up.
1030 */
880a7578 1031 gdb_breakpoint_remove_all();
858693c6
FB		 1032 break;
1033 case 'c':
1034 if (*p != '\0') {
9d9754a3 1035 addr = strtoull(p, (char **)&p, 16);
fab9d284 1036 gdb_set_cpu_pc(s, addr);
858693c6 1037 }
ca587a8e 1038 s->signal = 0;
ba70a624 1039 gdb_continue(s);
5c9522b3 1040 return RS_IDLE;
1f487ee9 1041 case 'C':
ca587a8e
AJ		 1042 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1043 if (s->signal == -1)
1044 s->signal = 0;
1f487ee9
EI		 1045 gdb_continue(s);
1046 return RS_IDLE;
dd32aa10
JK		 1047 case 'v':
1048 if (strncmp(p, "Cont", 4) == 0) {
dd32aa10
JK		 1049 p += 4;
1050 if (*p == '?') {
1051 put_packet(s, "vCont;c;C;s;S");
1052 break;
1053 }
544177ad
CI		 1054
1055 res = gdb_handle_vcont(s, p);
1056
dd32aa10 1057 if (res) {
544177ad
CI		 1058 if ((res == -EINVAL) || (res == -ERANGE)) {
1059 put_packet(s, "E22");
1060 break;
dd32aa10 1061 }
544177ad 1062 goto unknown_command;
dd32aa10
JK		 1063 }
1064 break;
1065 } else {
1066 goto unknown_command;
1067 }
7d03f82f
EI		 1068 case 'k':
1069 /* Kill the target */
7ae6c571 1070 error_report("QEMU: Terminated via GDBstub");
7d03f82f
EI		 1071 exit(0);
1072 case 'D':
1073 /* Detach packet */
880a7578 1074 gdb_breakpoint_remove_all();
7ea06da3 1075 gdb_syscall_mode = GDB_SYS_DISABLED;
7d03f82f
EI		 1076 gdb_continue(s);
1077 put_packet(s, "OK");
1078 break;
858693c6
FB		 1079 case 's':
1080 if (*p != '\0') {
8fac5803 1081 addr = strtoull(p, (char **)&p, 16);
fab9d284 1082 gdb_set_cpu_pc(s, addr);
858693c6 1083 }
2e0f2cfb 1084 cpu_single_step(s->c_cpu, sstep_flags);
ba70a624 1085 gdb_continue(s);
5c9522b3 1086 return RS_IDLE;
a2d1ebaf
PB		 1087 case 'F':
1088 {
1089 target_ulong ret;
1090 target_ulong err;
1091
1092 ret = strtoull(p, (char **)&p, 16);
1093 if (*p == ',') {
1094 p++;
1095 err = strtoull(p, (char **)&p, 16);
1096 } else {
1097 err = 0;
1098 }
1099 if (*p == ',')
1100 p++;
1101 type = *p;
cdb432b2 1102 if (s->current_syscall_cb) {
2e0f2cfb 1103 s->current_syscall_cb(s->c_cpu, ret, err);
cdb432b2
MI		 1104 s->current_syscall_cb = NULL;
1105 }
a2d1ebaf
PB		 1106 if (type == 'C') {
1107 put_packet(s, "T02");
1108 } else {
ba70a624 1109 gdb_continue(s);
a2d1ebaf
PB		 1110 }
1111 }
1112 break;
858693c6 1113 case 'g':
2e0f2cfb 1114 cpu_synchronize_state(s->g_cpu);
56aebc89 1115 len = 0;
35143f01 1116 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
2e0f2cfb 1117 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
56aebc89
PB		 1118 len += reg_size;
1119 }
1120 memtohex(buf, mem_buf, len);
858693c6
FB		 1121 put_packet(s, buf);
1122 break;
1123 case 'G':
2e0f2cfb 1124 cpu_synchronize_state(s->g_cpu);
56aebc89 1125 registers = mem_buf;
858693c6
FB		 1126 len = strlen(p) / 2;
1127 hextomem((uint8_t *)registers, p, len);
35143f01 1128 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
2e0f2cfb 1129 reg_size = gdb_write_register(s->g_cpu, registers, addr);
56aebc89
PB		 1130 len -= reg_size;
1131 registers += reg_size;
1132 }
858693c6
FB		 1133 put_packet(s, "OK");
1134 break;
1135 case 'm':
9d9754a3 1136 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 1137 if (*p == ',')
1138 p++;
9d9754a3 1139 len = strtoull(p, NULL, 16);
5accecb3
KW		 1140
1141 /* memtohex() doubles the required space */
1142 if (len > MAX_PACKET_LENGTH / 2) {
1143 put_packet (s, "E22");
1144 break;
1145 }
1146
2e0f2cfb 1147 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
6f970bd9
FB		 1148 put_packet (s, "E14");
1149 } else {
1150 memtohex(buf, mem_buf, len);
1151 put_packet(s, buf);
1152 }
858693c6
FB		 1153 break;
1154 case 'M':
9d9754a3 1155 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 1156 if (*p == ',')
1157 p++;
9d9754a3 1158 len = strtoull(p, (char **)&p, 16);
b328f873 1159 if (*p == ':')
858693c6 1160 p++;
5accecb3
KW		 1161
1162 /* hextomem() reads 2*len bytes */
1163 if (len > strlen(p) / 2) {
1164 put_packet (s, "E22");
1165 break;
1166 }
858693c6 1167 hextomem(mem_buf, p, len);
2e0f2cfb 1168 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
f3659eee 1169 true) != 0) {
905f20b1 1170 put_packet(s, "E14");
44520db1 1171 } else {
858693c6 1172 put_packet(s, "OK");
44520db1 1173 }
858693c6 1174 break;
56aebc89
PB		 1175 case 'p':
1176 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1177 This works, but can be very slow. Anything new enough to
1178 understand XML also knows how to use this properly. */
1179 if (!gdb_has_xml)
1180 goto unknown_command;
1181 addr = strtoull(p, (char **)&p, 16);
2e0f2cfb 1182 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 1183 if (reg_size) {
1184 memtohex(buf, mem_buf, reg_size);
1185 put_packet(s, buf);
1186 } else {
1187 put_packet(s, "E14");
1188 }
1189 break;
1190 case 'P':
1191 if (!gdb_has_xml)
1192 goto unknown_command;
1193 addr = strtoull(p, (char **)&p, 16);
1194 if (*p == '=')
1195 p++;
1196 reg_size = strlen(p) / 2;
1197 hextomem(mem_buf, p, reg_size);
2e0f2cfb 1198 gdb_write_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 1199 put_packet(s, "OK");
1200 break;
858693c6 1201 case 'Z':
858693c6
FB		 1202 case 'z':
1203 type = strtoul(p, (char **)&p, 16);
1204 if (*p == ',')
1205 p++;
9d9754a3 1206 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 1207 if (*p == ',')
1208 p++;
9d9754a3 1209 len = strtoull(p, (char **)&p, 16);
a1d1bb31 1210 if (ch == 'Z')
880a7578 1211 res = gdb_breakpoint_insert(addr, len, type);
a1d1bb31 1212 else
880a7578 1213 res = gdb_breakpoint_remove(addr, len, type);
a1d1bb31
AL		 1214 if (res >= 0)
1215 put_packet(s, "OK");
1216 else if (res == -ENOSYS)
0f459d16 1217 put_packet(s, "");
a1d1bb31
AL		 1218 else
1219 put_packet(s, "E22");
858693c6 1220 break;
880a7578
AL		 1221 case 'H':
1222 type = *p++;
1223 thread = strtoull(p, (char **)&p, 16);
1224 if (thread == -1 || thread == 0) {
1225 put_packet(s, "OK");
1226 break;
1227 }
2e0f2cfb
AF		 1228 cpu = find_cpu(thread);
1229 if (cpu == NULL) {
880a7578
AL		 1230 put_packet(s, "E22");
1231 break;
1232 }
1233 switch (type) {
1234 case 'c':
2e0f2cfb 1235 s->c_cpu = cpu;
880a7578
AL		 1236 put_packet(s, "OK");
1237 break;
1238 case 'g':
2e0f2cfb 1239 s->g_cpu = cpu;
880a7578
AL		 1240 put_packet(s, "OK");
1241 break;
1242 default:
1243 put_packet(s, "E22");
1244 break;
1245 }
1246 break;
1247 case 'T':
1248 thread = strtoull(p, (char **)&p, 16);
2e0f2cfb 1249 cpu = find_cpu(thread);
1e9fa730 1250
2e0f2cfb 1251 if (cpu != NULL) {
1e9fa730
NF		 1252 put_packet(s, "OK");
1253 } else {
880a7578 1254 put_packet(s, "E22");
1e9fa730 1255 }
880a7578 1256 break;
978efd6a 1257 case 'q':
60897d36
EI		 1258 case 'Q':
1259 /* parse any 'q' packets here */
1260 if (!strcmp(p,"qemu.sstepbits")) {
1261 /* Query Breakpoint bit definitions */
363a37d5
BS		 1262 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1263 SSTEP_ENABLE,
1264 SSTEP_NOIRQ,
1265 SSTEP_NOTIMER);
60897d36
EI		 1266 put_packet(s, buf);
1267 break;
4dabe747 1268 } else if (is_query_packet(p, "qemu.sstep", '=')) {
60897d36
EI		 1269 /* Display or change the sstep_flags */
1270 p += 10;
1271 if (*p != '=') {
1272 /* Display current setting */
363a37d5 1273 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
60897d36
EI		 1274 put_packet(s, buf);
1275 break;
1276 }
1277 p++;
1278 type = strtoul(p, (char **)&p, 16);
1279 sstep_flags = type;
1280 put_packet(s, "OK");
1281 break;
880a7578
AL		 1282 } else if (strcmp(p,"C") == 0) {
1283 /* "Current thread" remains vague in the spec, so always return
1284 * the first CPU (gdb returns the first thread). */
1285 put_packet(s, "QC1");
1286 break;
1287 } else if (strcmp(p,"fThreadInfo") == 0) {
52f34623 1288 s->query_cpu = first_cpu;
880a7578
AL		 1289 goto report_cpuinfo;
1290 } else if (strcmp(p,"sThreadInfo") == 0) {
1291 report_cpuinfo:
1292 if (s->query_cpu) {
d2a6c857 1293 snprintf(buf, sizeof(buf), "m%x", cpu_gdb_index(s->query_cpu));
880a7578 1294 put_packet(s, buf);
bdc44640 1295 s->query_cpu = CPU_NEXT(s->query_cpu);
880a7578
AL		 1296 } else
1297 put_packet(s, "l");
1298 break;
1299 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1300 thread = strtoull(p+16, (char **)&p, 16);
2e0f2cfb
AF		 1301 cpu = find_cpu(thread);
1302 if (cpu != NULL) {
cb446eca 1303 cpu_synchronize_state(cpu);
5accecb3
KW		 1304 /* memtohex() doubles the required space */
1305 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
55e5c285 1306 "CPU#%d [%s]", cpu->cpu_index,
259186a7 1307 cpu->halted ? "halted " : "running");
5c9522b3 1308 trace_gdbstub_op_extra_info((char *)mem_buf);
1e9fa730
NF		 1309 memtohex(buf, mem_buf, len);
1310 put_packet(s, buf);
1311 }
880a7578 1312 break;
60897d36 1313 }
0b8a988c 1314#ifdef CONFIG_USER_ONLY
070949f3 1315 else if (strcmp(p, "Offsets") == 0) {
0429a971 1316 TaskState *ts = s->c_cpu->opaque;
978efd6a 1317
363a37d5
BS		 1318 snprintf(buf, sizeof(buf),
1319 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1320 ";Bss=" TARGET_ABI_FMT_lx,
1321 ts->info->code_offset,
1322 ts->info->data_offset,
1323 ts->info->data_offset);
978efd6a
PB		 1324 put_packet(s, buf);
1325 break;
1326 }
0b8a988c 1327#else /* !CONFIG_USER_ONLY */
8a34a0fb
AL		 1328 else if (strncmp(p, "Rcmd,", 5) == 0) {
1329 int len = strlen(p + 5);
1330
1331 if ((len % 2) != 0) {
1332 put_packet(s, "E01");
1333 break;
1334 }
8a34a0fb 1335 len = len / 2;
5accecb3 1336 hextomem(mem_buf, p + 5, len);
8a34a0fb 1337 mem_buf[len++] = 0;
fa5efccb 1338 qemu_chr_be_write(s->mon_chr, mem_buf, len);
8a34a0fb
AL		 1339 put_packet(s, "OK");
1340 break;
1341 }
0b8a988c 1342#endif /* !CONFIG_USER_ONLY */
4dabe747 1343 if (is_query_packet(p, "Supported", ':')) {
5b3715bf 1344 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
5b24c641
AF		 1345 cc = CPU_GET_CLASS(first_cpu);
1346 if (cc->gdb_core_xml_file != NULL) {
1347 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1348 }
56aebc89
PB		 1349 put_packet(s, buf);
1350 break;
1351 }
56aebc89
PB		 1352 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1353 const char *xml;
1354 target_ulong total_len;
1355
5b24c641
AF		 1356 cc = CPU_GET_CLASS(first_cpu);
1357 if (cc->gdb_core_xml_file == NULL) {
1358 goto unknown_command;
1359 }
1360
5b50e790 1361 gdb_has_xml = true;
56aebc89 1362 p += 19;
5b24c641 1363 xml = get_feature_xml(p, &p, cc);
56aebc89 1364 if (!xml) {
5b3715bf 1365 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1366 put_packet(s, buf);
1367 break;
1368 }
1369
1370 if (*p == ':')
1371 p++;
1372 addr = strtoul(p, (char **)&p, 16);
1373 if (*p == ',')
1374 p++;
1375 len = strtoul(p, (char **)&p, 16);
1376
1377 total_len = strlen(xml);
1378 if (addr > total_len) {
5b3715bf 1379 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1380 put_packet(s, buf);
1381 break;
1382 }
1383 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1384 len = (MAX_PACKET_LENGTH - 5) / 2;
1385 if (len < total_len - addr) {
1386 buf[0] = 'm';
1387 len = memtox(buf + 1, xml + addr, len);
1388 } else {
1389 buf[0] = 'l';
1390 len = memtox(buf + 1, xml + addr, total_len - addr);
1391 }
5c9522b3 1392 put_packet_binary(s, buf, len + 1, true);
56aebc89
PB		 1393 break;
1394 }
a3919386
JK		 1395 if (is_query_packet(p, "Attached", ':')) {
1396 put_packet(s, GDB_ATTACHED);
1397 break;
1398 }
56aebc89
PB		 1399 /* Unrecognised 'q' command. */
1400 goto unknown_command;
1401
858693c6 1402 default:
56aebc89 1403 unknown_command:
858693c6
FB		 1404 /* put empty packet */
1405 buf[0] = '\0';
1406 put_packet(s, buf);
1407 break;
1408 }
1409 return RS_IDLE;
1410}
1411
64f6b346 1412void gdb_set_stop_cpu(CPUState *cpu)
880a7578 1413{
2e0f2cfb
AF		 1414 gdbserver_state->c_cpu = cpu;
1415 gdbserver_state->g_cpu = cpu;
880a7578
AL		 1416}
1417
1fddef4b 1418#ifndef CONFIG_USER_ONLY
1dfb4dd9 1419static void gdb_vm_state_change(void *opaque, int running, RunState state)
858693c6 1420{
880a7578 1421 GDBState *s = gdbserver_state;
2e0f2cfb 1422 CPUState *cpu = s->c_cpu;
858693c6 1423 char buf[256];
d6fc1b39 1424 const char *type;
858693c6
FB		 1425 int ret;
1426
cdb432b2
MI		 1427 if (running || s->state == RS_INACTIVE) {
1428 return;
1429 }
1430 /* Is there a GDB syscall waiting to be sent? */
1431 if (s->current_syscall_cb) {
1432 put_packet(s, s->syscall_buf);
a2d1ebaf 1433 return;
e07bbac5 1434 }
1dfb4dd9 1435 switch (state) {
0461d5a6 1436 case RUN_STATE_DEBUG:
ff4700b0
AF		 1437 if (cpu->watchpoint_hit) {
1438 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
a1d1bb31 1439 case BP_MEM_READ:
d6fc1b39
AL		 1440 type = "r";
1441 break;
a1d1bb31 1442 case BP_MEM_ACCESS:
d6fc1b39
AL		 1443 type = "a";
1444 break;
1445 default:
1446 type = "";
1447 break;
1448 }
5c9522b3
DG		 1449 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
1450 (target_ulong)cpu->watchpoint_hit->vaddr);
880a7578
AL		 1451 snprintf(buf, sizeof(buf),
1452 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
d2a6c857 1453 GDB_SIGNAL_TRAP, cpu_gdb_index(cpu), type,
ff4700b0
AF		 1454 (target_ulong)cpu->watchpoint_hit->vaddr);
1455 cpu->watchpoint_hit = NULL;
425189a8 1456 goto send_packet;
5c9522b3
DG		 1457 } else {
1458 trace_gdbstub_hit_break();
6658ffb8 1459 }
bbd77c18 1460 tb_flush(cpu);
ca587a8e 1461 ret = GDB_SIGNAL_TRAP;
425189a8 1462 break;
0461d5a6 1463 case RUN_STATE_PAUSED:
5c9522b3 1464 trace_gdbstub_hit_paused();
9781e040 1465 ret = GDB_SIGNAL_INT;
425189a8 1466 break;
0461d5a6 1467 case RUN_STATE_SHUTDOWN:
5c9522b3 1468 trace_gdbstub_hit_shutdown();
425189a8
JK		 1469 ret = GDB_SIGNAL_QUIT;
1470 break;
0461d5a6 1471 case RUN_STATE_IO_ERROR:
5c9522b3 1472 trace_gdbstub_hit_io_error();
425189a8
JK		 1473 ret = GDB_SIGNAL_IO;
1474 break;
0461d5a6 1475 case RUN_STATE_WATCHDOG:
5c9522b3 1476 trace_gdbstub_hit_watchdog();
425189a8
JK		 1477 ret = GDB_SIGNAL_ALRM;
1478 break;
0461d5a6 1479 case RUN_STATE_INTERNAL_ERROR:
5c9522b3 1480 trace_gdbstub_hit_internal_error();
425189a8
JK		 1481 ret = GDB_SIGNAL_ABRT;
1482 break;
0461d5a6
LC		 1483 case RUN_STATE_SAVE_VM:
1484 case RUN_STATE_RESTORE_VM:
425189a8 1485 return;
0461d5a6 1486 case RUN_STATE_FINISH_MIGRATE:
425189a8
JK		 1487 ret = GDB_SIGNAL_XCPU;
1488 break;
1489 default:
5c9522b3 1490 trace_gdbstub_hit_unknown(state);
425189a8
JK		 1491 ret = GDB_SIGNAL_UNKNOWN;
1492 break;
bbeb7b5c 1493 }
226d007d 1494 gdb_set_stop_cpu(cpu);
d2a6c857 1495 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_gdb_index(cpu));
425189a8
JK		 1496
1497send_packet:
858693c6 1498 put_packet(s, buf);
425189a8
JK		 1499
1500 /* disable single step if it was enabled */
3825b28f 1501 cpu_single_step(cpu, 0);
858693c6 1502}
1fddef4b 1503#endif
858693c6 1504
a2d1ebaf
PB		 1505/* Send a gdb syscall request.
1506 This accepts limited printf-style format specifiers, specifically:
a87295e8
PB		 1507 %x - target_ulong argument printed in hex.
1508 %lx - 64-bit argument printed in hex.
1509 %s - string pointer (target_ulong) and length (int) pair. */
19239b39 1510void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
a2d1ebaf 1511{
a2d1ebaf 1512 char *p;
cdb432b2 1513 char *p_end;
a2d1ebaf 1514 target_ulong addr;
a87295e8 1515 uint64_t i64;
a2d1ebaf
PB		 1516 GDBState *s;
1517
880a7578 1518 s = gdbserver_state;
a2d1ebaf
PB		 1519 if (!s)
1520 return;
cdb432b2 1521 s->current_syscall_cb = cb;
a2d1ebaf 1522#ifndef CONFIG_USER_ONLY
0461d5a6 1523 vm_stop(RUN_STATE_DEBUG);
a2d1ebaf 1524#endif
cdb432b2
MI		 1525 p = s->syscall_buf;
1526 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
a2d1ebaf
PB		 1527 *(p++) = 'F';
1528 while (*fmt) {
1529 if (*fmt == '%') {
1530 fmt++;
1531 switch (*fmt++) {
1532 case 'x':
1533 addr = va_arg(va, target_ulong);
cdb432b2 1534 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
a2d1ebaf 1535 break;
a87295e8
PB		 1536 case 'l':
1537 if (*(fmt++) != 'x')
1538 goto bad_format;
1539 i64 = va_arg(va, uint64_t);
cdb432b2 1540 p += snprintf(p, p_end - p, "%" PRIx64, i64);
a87295e8 1541 break;
a2d1ebaf
PB		 1542 case 's':
1543 addr = va_arg(va, target_ulong);
cdb432b2 1544 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
363a37d5 1545 addr, va_arg(va, int));
a2d1ebaf
PB		 1546 break;
1547 default:
a87295e8 1548 bad_format:
7ae6c571
ZY		 1549 error_report("gdbstub: Bad syscall format string '%s'",
1550 fmt - 1);
a2d1ebaf
PB		 1551 break;
1552 }
1553 } else {
1554 *(p++) = *(fmt++);
1555 }
1556 }
8a93e02a 1557 *p = 0;
a2d1ebaf 1558#ifdef CONFIG_USER_ONLY
cdb432b2 1559 put_packet(s, s->syscall_buf);
4f710866
PM		 1560 /* Return control to gdb for it to process the syscall request.
1561 * Since the protocol requires that gdb hands control back to us
1562 * using a "here are the results" F packet, we don't need to check
1563 * gdb_handlesig's return value (which is the signal to deliver if
1564 * execution was resumed via a continue packet).
1565 */
2e0f2cfb 1566 gdb_handlesig(s->c_cpu, 0);
a2d1ebaf 1567#else
cdb432b2
MI		 1568 /* In this case wait to send the syscall packet until notification that
1569 the CPU has stopped. This must be done because if the packet is sent
1570 now the reply from the syscall request could be received while the CPU
1571 is still in the running state, which can cause packets to be dropped
1572 and state transition 'T' packets to be sent while the syscall is still
1573 being processed. */
9102deda 1574 qemu_cpu_kick(s->c_cpu);
a2d1ebaf
PB		 1575#endif
1576}
1577
19239b39
PM		 1578void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1579{
1580 va_list va;
1581
1582 va_start(va, fmt);
1583 gdb_do_syscallv(cb, fmt, va);
1584 va_end(va);
1585}
1586
6a00d601 1587static void gdb_read_byte(GDBState *s, int ch)
858693c6 1588{
60fe76f3 1589 uint8_t reply;
858693c6 1590
1fddef4b 1591#ifndef CONFIG_USER_ONLY
4046d913
PB		 1592 if (s->last_packet_len) {
1593 /* Waiting for a response to the last packet. If we see the start
1594 of a new command then abandon the previous response. */
1595 if (ch == '-') {
5c9522b3 1596 trace_gdbstub_err_got_nack();
ffe8ab83 1597 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
118e2268 1598 } else if (ch == '+') {
5c9522b3 1599 trace_gdbstub_io_got_ack();
118e2268 1600 } else {
5c9522b3 1601 trace_gdbstub_io_got_unexpected((uint8_t)ch);
4046d913 1602 }
118e2268 1603
4046d913
PB		 1604 if (ch == '+' || ch == '$')
1605 s->last_packet_len = 0;
1606 if (ch != '$')
1607 return;
1608 }
1354869c 1609 if (runstate_is_running()) {
858693c6
FB		 1610 /* when the CPU is running, we cannot do anything except stop
1611 it when receiving a char */
0461d5a6 1612 vm_stop(RUN_STATE_PAUSED);
5fafdf24 1613 } else
1fddef4b 1614#endif
41625033 1615 {
858693c6
FB		 1616 switch(s->state) {
1617 case RS_IDLE:
1618 if (ch == '$') {
4bf43122 1619 /* start of command packet */
858693c6 1620 s->line_buf_index = 0;
4bf43122 1621 s->line_sum = 0;
858693c6 1622 s->state = RS_GETLINE;
4bf43122 1623 } else {
5c9522b3 1624 trace_gdbstub_err_garbage((uint8_t)ch);
c33a346e 1625 }
b4608c04 1626 break;
858693c6 1627 case RS_GETLINE:
4bf43122
DG		 1628 if (ch == '}') {
1629 /* start escape sequence */
1630 s->state = RS_GETLINE_ESC;
1631 s->line_sum += ch;
1632 } else if (ch == '*') {
1633 /* start run length encoding sequence */
1634 s->state = RS_GETLINE_RLE;
1635 s->line_sum += ch;
1636 } else if (ch == '#') {
1637 /* end of command, start of checksum*/
1638 s->state = RS_CHKSUM1;
1639 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
5c9522b3 1640 trace_gdbstub_err_overrun();
4bf43122
DG		 1641 s->state = RS_IDLE;
1642 } else {
1643 /* unescaped command character */
1644 s->line_buf[s->line_buf_index++] = ch;
1645 s->line_sum += ch;
1646 }
1647 break;
1648 case RS_GETLINE_ESC:
858693c6 1649 if (ch == '#') {
4bf43122
DG		 1650 /* unexpected end of command in escape sequence */
1651 s->state = RS_CHKSUM1;
858693c6 1652 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
4bf43122 1653 /* command buffer overrun */
5c9522b3 1654 trace_gdbstub_err_overrun();
858693c6 1655 s->state = RS_IDLE;
4c3a88a2 1656 } else {
4bf43122
DG		 1657 /* parse escaped character and leave escape state */
1658 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
1659 s->line_sum += ch;
1660 s->state = RS_GETLINE;
1661 }
1662 break;
1663 case RS_GETLINE_RLE:
1664 if (ch < ' ') {
1665 /* invalid RLE count encoding */
5c9522b3 1666 trace_gdbstub_err_invalid_repeat((uint8_t)ch);
4bf43122
DG		 1667 s->state = RS_GETLINE;
1668 } else {
1669 /* decode repeat length */
1670 int repeat = (unsigned char)ch - ' ' + 3;
1671 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
1672 /* that many repeats would overrun the command buffer */
5c9522b3 1673 trace_gdbstub_err_overrun();
4bf43122
DG		 1674 s->state = RS_IDLE;
1675 } else if (s->line_buf_index < 1) {
1676 /* got a repeat but we have nothing to repeat */
5c9522b3 1677 trace_gdbstub_err_invalid_rle();
4bf43122
DG		 1678 s->state = RS_GETLINE;
1679 } else {
1680 /* repeat the last character */
1681 memset(s->line_buf + s->line_buf_index,
1682 s->line_buf[s->line_buf_index - 1], repeat);
1683 s->line_buf_index += repeat;
1684 s->line_sum += ch;
1685 s->state = RS_GETLINE;
1686 }
4c3a88a2
FB		 1687 }
1688 break;
858693c6 1689 case RS_CHKSUM1:
4bf43122
DG		 1690 /* get high hex digit of checksum */
1691 if (!isxdigit(ch)) {
5c9522b3 1692 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
4bf43122
DG		 1693 s->state = RS_GETLINE;
1694 break;
1695 }
858693c6
FB		 1696 s->line_buf[s->line_buf_index] = '\0';
1697 s->line_csum = fromhex(ch) << 4;
1698 s->state = RS_CHKSUM2;
1699 break;
1700 case RS_CHKSUM2:
4bf43122
DG		 1701 /* get low hex digit of checksum */
1702 if (!isxdigit(ch)) {
5c9522b3 1703 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
4bf43122
DG		 1704 s->state = RS_GETLINE;
1705 break;
858693c6 1706 }
4bf43122
DG		 1707 s->line_csum |= fromhex(ch);
1708
1709 if (s->line_csum != (s->line_sum & 0xff)) {
5c9522b3 1710 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
4bf43122 1711 /* send NAK reply */
60fe76f3
TS		 1712 reply = '-';
1713 put_buffer(s, &reply, 1);
858693c6 1714 s->state = RS_IDLE;
4c3a88a2 1715 } else {
4bf43122 1716 /* send ACK reply */
60fe76f3
TS		 1717 reply = '+';
1718 put_buffer(s, &reply, 1);
880a7578 1719 s->state = gdb_handle_packet(s, s->line_buf);
4c3a88a2
FB		 1720 }
1721 break;
a2d1ebaf
PB		 1722 default:
1723 abort();
858693c6
FB		 1724 }
1725 }
1726}
1727
0e1c9c54 1728/* Tell the remote gdb that the process has exited. */
9349b4f9 1729void gdb_exit(CPUArchState *env, int code)
0e1c9c54
PB		 1730{
1731 GDBState *s;
1732 char buf[4];
1733
1734 s = gdbserver_state;
1735 if (!s) {
1736 return;
1737 }
1738#ifdef CONFIG_USER_ONLY
1739 if (gdbserver_fd < 0 || s->fd < 0) {
1740 return;
1741 }
1742#endif
1743
5c9522b3
DG		 1744 trace_gdbstub_op_exiting((uint8_t)code);
1745
0e1c9c54
PB		 1746 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1747 put_packet(s, buf);
e2af15b2
FC		 1748
1749#ifndef CONFIG_USER_ONLY
1ce2610c 1750 qemu_chr_fe_deinit(&s->chr, true);
e2af15b2 1751#endif
0e1c9c54
PB		 1752}
1753
1fddef4b
FB		 1754#ifdef CONFIG_USER_ONLY
1755int
db6b81d4 1756gdb_handlesig(CPUState *cpu, int sig)
1fddef4b 1757{
5ca666c7
AF		 1758 GDBState *s;
1759 char buf[256];
1760 int n;
1fddef4b 1761
5ca666c7
AF		 1762 s = gdbserver_state;
1763 if (gdbserver_fd < 0 || s->fd < 0) {
1764 return sig;
1765 }
1fddef4b 1766
5ca666c7 1767 /* disable single step if it was enabled */
3825b28f 1768 cpu_single_step(cpu, 0);
bbd77c18 1769 tb_flush(cpu);
1fddef4b 1770
5ca666c7
AF		 1771 if (sig != 0) {
1772 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1773 put_packet(s, buf);
1774 }
1775 /* put_packet() might have detected that the peer terminated the
1776 connection. */
1777 if (s->fd < 0) {
1778 return sig;
1779 }
1fddef4b 1780
5ca666c7
AF		 1781 sig = 0;
1782 s->state = RS_IDLE;
1783 s->running_state = 0;
1784 while (s->running_state == 0) {
1785 n = read(s->fd, buf, 256);
1786 if (n > 0) {
1787 int i;
1788
1789 for (i = 0; i < n; i++) {
1790 gdb_read_byte(s, buf[i]);
1791 }
5819e3e0 1792 } else {
5ca666c7
AF		 1793 /* XXX: Connection closed. Should probably wait for another
1794 connection before continuing. */
5819e3e0
PW		 1795 if (n == 0) {
1796 close(s->fd);
1797 }
1798 s->fd = -1;
5ca666c7 1799 return sig;
1fddef4b 1800 }
5ca666c7
AF		 1801 }
1802 sig = s->signal;
1803 s->signal = 0;
1804 return sig;
1fddef4b 1805}
e9009676 1806
ca587a8e 1807/* Tell the remote gdb that the process has exited due to SIG. */
9349b4f9 1808void gdb_signalled(CPUArchState *env, int sig)
ca587a8e 1809{
5ca666c7
AF		 1810 GDBState *s;
1811 char buf[4];
ca587a8e 1812
5ca666c7
AF		 1813 s = gdbserver_state;
1814 if (gdbserver_fd < 0 || s->fd < 0) {
1815 return;
1816 }
ca587a8e 1817
5ca666c7
AF		 1818 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1819 put_packet(s, buf);
ca587a8e 1820}
1fddef4b 1821
2f652224 1822static bool gdb_accept(void)
858693c6
FB		 1823{
1824 GDBState *s;
1825 struct sockaddr_in sockaddr;
1826 socklen_t len;
bf1c852a 1827 int fd;
858693c6
FB		 1828
1829 for(;;) {
1830 len = sizeof(sockaddr);
1831 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1832 if (fd < 0 && errno != EINTR) {
1833 perror("accept");
2f652224 1834 return false;
858693c6 1835 } else if (fd >= 0) {
f5bdd781 1836 qemu_set_cloexec(fd);
b4608c04
FB		 1837 break;
1838 }
1839 }
858693c6
FB		 1840
1841 /* set short latency */
2f652224
PM		 1842 if (socket_set_nodelay(fd)) {
1843 perror("setsockopt");
ead75d84 1844 close(fd);
2f652224
PM		 1845 return false;
1846 }
3b46e624 1847
7267c094 1848 s = g_malloc0(sizeof(GDBState));
2e0f2cfb
AF		 1849 s->c_cpu = first_cpu;
1850 s->g_cpu = first_cpu;
858693c6 1851 s->fd = fd;
5b50e790 1852 gdb_has_xml = false;
858693c6 1853
880a7578 1854 gdbserver_state = s;
2f652224 1855 return true;
858693c6
FB		 1856}
1857
1858static int gdbserver_open(int port)
1859{
1860 struct sockaddr_in sockaddr;
6669ca13 1861 int fd, ret;
858693c6
FB		 1862
1863 fd = socket(PF_INET, SOCK_STREAM, 0);
1864 if (fd < 0) {
1865 perror("socket");
1866 return -1;
1867 }
f5bdd781 1868 qemu_set_cloexec(fd);
858693c6 1869
6669ca13 1870 socket_set_fast_reuse(fd);
858693c6
FB		 1871
1872 sockaddr.sin_family = AF_INET;
1873 sockaddr.sin_port = htons(port);
1874 sockaddr.sin_addr.s_addr = 0;
1875 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1876 if (ret < 0) {
1877 perror("bind");
bb16172c 1878 close(fd);
858693c6
FB		 1879 return -1;
1880 }
96165b9e 1881 ret = listen(fd, 1);
858693c6
FB		 1882 if (ret < 0) {
1883 perror("listen");
bb16172c 1884 close(fd);
858693c6
FB		 1885 return -1;
1886 }
858693c6
FB		 1887 return fd;
1888}
1889
1890int gdbserver_start(int port)
1891{
1892 gdbserver_fd = gdbserver_open(port);
1893 if (gdbserver_fd < 0)
1894 return -1;
1895 /* accept connections */
2f652224
PM		 1896 if (!gdb_accept()) {
1897 close(gdbserver_fd);
1898 gdbserver_fd = -1;
1899 return -1;
1900 }
4046d913
PB		 1901 return 0;
1902}
2b1319c8
AJ		 1903
1904/* Disable gdb stub for child processes. */
f7ec7f7b 1905void gdbserver_fork(CPUState *cpu)
2b1319c8
AJ		 1906{
1907 GDBState *s = gdbserver_state;
75a34036
AF		 1908
1909 if (gdbserver_fd < 0 || s->fd < 0) {
1910 return;
1911 }
2b1319c8
AJ		 1912 close(s->fd);
1913 s->fd = -1;
b3310ab3 1914 cpu_breakpoint_remove_all(cpu, BP_GDB);
75a34036 1915 cpu_watchpoint_remove_all(cpu, BP_GDB);
2b1319c8 1916}
1fddef4b 1917#else
aa1f17c1 1918static int gdb_chr_can_receive(void *opaque)
4046d913 1919{
56aebc89
PB		 1920 /* We can handle an arbitrarily large amount of data.
1921 Pick the maximum packet size, which is as good as anything. */
1922 return MAX_PACKET_LENGTH;
4046d913
PB		 1923}
1924
aa1f17c1 1925static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
4046d913 1926{
4046d913
PB		 1927 int i;
1928
1929 for (i = 0; i < size; i++) {
880a7578 1930 gdb_read_byte(gdbserver_state, buf[i]);
4046d913
PB		 1931 }
1932}
1933
1934static void gdb_chr_event(void *opaque, int event)
1935{
1936 switch (event) {
b6b8df56 1937 case CHR_EVENT_OPENED:
0461d5a6 1938 vm_stop(RUN_STATE_PAUSED);
5b50e790 1939 gdb_has_xml = false;
4046d913
PB		 1940 break;
1941 default:
1942 break;
1943 }
1944}
1945
8a34a0fb
AL		 1946static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1947{
1948 char buf[MAX_PACKET_LENGTH];
1949
1950 buf[0] = 'O';
1951 if (len > (MAX_PACKET_LENGTH/2) - 1)
1952 len = (MAX_PACKET_LENGTH/2) - 1;
1953 memtohex(buf + 1, (uint8_t *)msg, len);
1954 put_packet(s, buf);
1955}
1956
0ec7b3e7 1957static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
8a34a0fb
AL		 1958{
1959 const char *p = (const char *)buf;
1960 int max_sz;
1961
1962 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1963 for (;;) {
1964 if (len <= max_sz) {
1965 gdb_monitor_output(gdbserver_state, p, len);
1966 break;
1967 }
1968 gdb_monitor_output(gdbserver_state, p, max_sz);
1969 p += max_sz;
1970 len -= max_sz;
1971 }
1972 return len;
1973}
1974
59030a8c
AL		 1975#ifndef _WIN32
1976static void gdb_sigterm_handler(int signal)
1977{
1354869c 1978 if (runstate_is_running()) {
0461d5a6 1979 vm_stop(RUN_STATE_PAUSED);
e07bbac5 1980 }
59030a8c
AL		 1981}
1982#endif
1983
777357d7
MAL		 1984static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
1985 bool *be_opened, Error **errp)
1986{
1987 *be_opened = false;
1988}
1989
1990static void char_gdb_class_init(ObjectClass *oc, void *data)
1991{
1992 ChardevClass *cc = CHARDEV_CLASS(oc);
1993
1994 cc->internal = true;
1995 cc->open = gdb_monitor_open;
1996 cc->chr_write = gdb_monitor_write;
1997}
1998
1999#define TYPE_CHARDEV_GDB "chardev-gdb"
2000
2001static const TypeInfo char_gdb_type_info = {
2002 .name = TYPE_CHARDEV_GDB,
2003 .parent = TYPE_CHARDEV,
2004 .class_init = char_gdb_class_init,
2005};
2006
59030a8c 2007int gdbserver_start(const char *device)
4046d913 2008{
5c9522b3
DG		 2009 trace_gdbstub_op_start(device);
2010
4046d913 2011 GDBState *s;
59030a8c 2012 char gdbstub_device_name[128];
0ec7b3e7
MAL		 2013 Chardev *chr = NULL;
2014 Chardev *mon_chr;
cfc3475a 2015
508b4ecc
ZY		 2016 if (!first_cpu) {
2017 error_report("gdbstub: meaningless to attach gdb to a "
2018 "machine without any CPU.");
2019 return -1;
2020 }
2021
59030a8c
AL		 2022 if (!device)
2023 return -1;
2024 if (strcmp(device, "none") != 0) {
2025 if (strstart(device, "tcp:", NULL)) {
2026 /* enforce required TCP attributes */
2027 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2028 "%s,nowait,nodelay,server", device);
2029 device = gdbstub_device_name;
36556b20 2030 }
59030a8c
AL		 2031#ifndef _WIN32
2032 else if (strcmp(device, "stdio") == 0) {
2033 struct sigaction act;
4046d913 2034
59030a8c
AL		 2035 memset(&act, 0, sizeof(act));
2036 act.sa_handler = gdb_sigterm_handler;
2037 sigaction(SIGINT, &act, NULL);
2038 }
2039#endif
95e30b2a
MAL		 2040 /*
2041 * FIXME: it's a bit weird to allow using a mux chardev here
2042 * and implicitly setup a monitor. We may want to break this.
2043 */
2044 chr = qemu_chr_new_noreplay("gdb", device, true);
36556b20
AL		 2045 if (!chr)
2046 return -1;
cfc3475a
PB		 2047 }
2048
36556b20
AL		 2049 s = gdbserver_state;
2050 if (!s) {
7267c094 2051 s = g_malloc0(sizeof(GDBState));
36556b20 2052 gdbserver_state = s;
4046d913 2053
36556b20
AL		 2054 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2055
2056 /* Initialize a monitor terminal for gdb */
777357d7
MAL		 2057 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
2058 NULL, &error_abort);
36556b20
AL		 2059 monitor_init(mon_chr, 0);
2060 } else {
1ce2610c 2061 qemu_chr_fe_deinit(&s->chr, true);
36556b20
AL		 2062 mon_chr = s->mon_chr;
2063 memset(s, 0, sizeof(GDBState));
32a6ebec 2064 s->mon_chr = mon_chr;
36556b20 2065 }
2e0f2cfb
AF		 2066 s->c_cpu = first_cpu;
2067 s->g_cpu = first_cpu;
32a6ebec
MAL		 2068 if (chr) {
2069 qemu_chr_fe_init(&s->chr, chr, &error_abort);
5345fdb4 2070 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
81517ba3 2071 gdb_chr_event, NULL, NULL, NULL, true);
32a6ebec 2072 }
36556b20
AL		 2073 s->state = chr ? RS_IDLE : RS_INACTIVE;
2074 s->mon_chr = mon_chr;
cdb432b2 2075 s->current_syscall_cb = NULL;
8a34a0fb 2076
b4608c04
FB		 2077 return 0;
2078}
777357d7 2079
1bb982b8
KF		 2080void gdbserver_cleanup(void)
2081{
2082 if (gdbserver_state) {
2083 put_packet(gdbserver_state, "W00");
2084 }
2085}
2086
777357d7
MAL		 2087static void register_types(void)
2088{
2089 type_register_static(&char_gdb_type_info);
2090}
2091
2092type_init(register_types);
4046d913 2093#endif
QEMU mirror