]> git.proxmox.com Git - mirror_qemu.git/blame - gdbstub.c
projects / mirror_qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
acpi: do not use TARGET_PAGE_SIZE
[mirror_qemu.git] / gdbstub.c
CommitLineData
b4608c04
FB		 1/*
2 * gdb server stub
5fafdf24 3 *
3475187d 4 * Copyright (c) 2003-2005 Fabrice Bellard
b4608c04
FB		 5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
b4608c04 18 */
d38ea87a 19#include "qemu/osdep.h"
da34e65c 20#include "qapi/error.h"
f348b6d1 21#include "qemu/cutils.h"
1fddef4b 22
f348b6d1 23#ifdef CONFIG_USER_ONLY
1fddef4b
FB		 24#include "qemu.h"
25#else
83c9089e 26#include "monitor/monitor.h"
dccfcd0e 27#include "sysemu/char.h"
9c17d615 28#include "sysemu/sysemu.h"
022c62cb 29#include "exec/gdbstub.h"
1fddef4b 30#endif
67b915a5 31
56aebc89
PB		 32#define MAX_PACKET_LENGTH 4096
33
2b41f10e 34#include "cpu.h"
1de7afc9 35#include "qemu/sockets.h"
9c17d615 36#include "sysemu/kvm.h"
cfe67cef 37#include "exec/semihost.h"
ca587a8e 38
a3919386
JK		 39#ifdef CONFIG_USER_ONLY
40#define GDB_ATTACHED "0"
41#else
42#define GDB_ATTACHED "1"
43#endif
44
f3659eee
AF		 45static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
46 uint8_t *buf, int len, bool is_write)
44520db1 47{
f3659eee
AF		 48 CPUClass *cc = CPU_GET_CLASS(cpu);
49
50 if (cc->memory_rw_debug) {
51 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
52 }
53 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
44520db1 54}
ca587a8e
AJ		 55
56enum {
57 GDB_SIGNAL_0 = 0,
58 GDB_SIGNAL_INT = 2,
425189a8 59 GDB_SIGNAL_QUIT = 3,
ca587a8e 60 GDB_SIGNAL_TRAP = 5,
425189a8
JK		 61 GDB_SIGNAL_ABRT = 6,
62 GDB_SIGNAL_ALRM = 14,
63 GDB_SIGNAL_IO = 23,
64 GDB_SIGNAL_XCPU = 24,
ca587a8e
AJ		 65 GDB_SIGNAL_UNKNOWN = 143
66};
67
68#ifdef CONFIG_USER_ONLY
69
70/* Map target signal numbers to GDB protocol signal numbers and vice
71 * versa. For user emulation's currently supported systems, we can
72 * assume most signals are defined.
73 */
74
75static int gdb_signal_table[] = {
76 0,
77 TARGET_SIGHUP,
78 TARGET_SIGINT,
79 TARGET_SIGQUIT,
80 TARGET_SIGILL,
81 TARGET_SIGTRAP,
82 TARGET_SIGABRT,
83 -1, /* SIGEMT */
84 TARGET_SIGFPE,
85 TARGET_SIGKILL,
86 TARGET_SIGBUS,
87 TARGET_SIGSEGV,
88 TARGET_SIGSYS,
89 TARGET_SIGPIPE,
90 TARGET_SIGALRM,
91 TARGET_SIGTERM,
92 TARGET_SIGURG,
93 TARGET_SIGSTOP,
94 TARGET_SIGTSTP,
95 TARGET_SIGCONT,
96 TARGET_SIGCHLD,
97 TARGET_SIGTTIN,
98 TARGET_SIGTTOU,
99 TARGET_SIGIO,
100 TARGET_SIGXCPU,
101 TARGET_SIGXFSZ,
102 TARGET_SIGVTALRM,
103 TARGET_SIGPROF,
104 TARGET_SIGWINCH,
105 -1, /* SIGLOST */
106 TARGET_SIGUSR1,
107 TARGET_SIGUSR2,
c72d5bf8 108#ifdef TARGET_SIGPWR
ca587a8e 109 TARGET_SIGPWR,
c72d5bf8
BS		 110#else
111 -1,
112#endif
ca587a8e
AJ		 113 -1, /* SIGPOLL */
114 -1,
115 -1,
116 -1,
117 -1,
118 -1,
119 -1,
120 -1,
121 -1,
122 -1,
123 -1,
124 -1,
c72d5bf8 125#ifdef __SIGRTMIN
ca587a8e
AJ		 126 __SIGRTMIN + 1,
127 __SIGRTMIN + 2,
128 __SIGRTMIN + 3,
129 __SIGRTMIN + 4,
130 __SIGRTMIN + 5,
131 __SIGRTMIN + 6,
132 __SIGRTMIN + 7,
133 __SIGRTMIN + 8,
134 __SIGRTMIN + 9,
135 __SIGRTMIN + 10,
136 __SIGRTMIN + 11,
137 __SIGRTMIN + 12,
138 __SIGRTMIN + 13,
139 __SIGRTMIN + 14,
140 __SIGRTMIN + 15,
141 __SIGRTMIN + 16,
142 __SIGRTMIN + 17,
143 __SIGRTMIN + 18,
144 __SIGRTMIN + 19,
145 __SIGRTMIN + 20,
146 __SIGRTMIN + 21,
147 __SIGRTMIN + 22,
148 __SIGRTMIN + 23,
149 __SIGRTMIN + 24,
150 __SIGRTMIN + 25,
151 __SIGRTMIN + 26,
152 __SIGRTMIN + 27,
153 __SIGRTMIN + 28,
154 __SIGRTMIN + 29,
155 __SIGRTMIN + 30,
156 __SIGRTMIN + 31,
157 -1, /* SIGCANCEL */
158 __SIGRTMIN,
159 __SIGRTMIN + 32,
160 __SIGRTMIN + 33,
161 __SIGRTMIN + 34,
162 __SIGRTMIN + 35,
163 __SIGRTMIN + 36,
164 __SIGRTMIN + 37,
165 __SIGRTMIN + 38,
166 __SIGRTMIN + 39,
167 __SIGRTMIN + 40,
168 __SIGRTMIN + 41,
169 __SIGRTMIN + 42,
170 __SIGRTMIN + 43,
171 __SIGRTMIN + 44,
172 __SIGRTMIN + 45,
173 __SIGRTMIN + 46,
174 __SIGRTMIN + 47,
175 __SIGRTMIN + 48,
176 __SIGRTMIN + 49,
177 __SIGRTMIN + 50,
178 __SIGRTMIN + 51,
179 __SIGRTMIN + 52,
180 __SIGRTMIN + 53,
181 __SIGRTMIN + 54,
182 __SIGRTMIN + 55,
183 __SIGRTMIN + 56,
184 __SIGRTMIN + 57,
185 __SIGRTMIN + 58,
186 __SIGRTMIN + 59,
187 __SIGRTMIN + 60,
188 __SIGRTMIN + 61,
189 __SIGRTMIN + 62,
190 __SIGRTMIN + 63,
191 __SIGRTMIN + 64,
192 __SIGRTMIN + 65,
193 __SIGRTMIN + 66,
194 __SIGRTMIN + 67,
195 __SIGRTMIN + 68,
196 __SIGRTMIN + 69,
197 __SIGRTMIN + 70,
198 __SIGRTMIN + 71,
199 __SIGRTMIN + 72,
200 __SIGRTMIN + 73,
201 __SIGRTMIN + 74,
202 __SIGRTMIN + 75,
203 __SIGRTMIN + 76,
204 __SIGRTMIN + 77,
205 __SIGRTMIN + 78,
206 __SIGRTMIN + 79,
207 __SIGRTMIN + 80,
208 __SIGRTMIN + 81,
209 __SIGRTMIN + 82,
210 __SIGRTMIN + 83,
211 __SIGRTMIN + 84,
212 __SIGRTMIN + 85,
213 __SIGRTMIN + 86,
214 __SIGRTMIN + 87,
215 __SIGRTMIN + 88,
216 __SIGRTMIN + 89,
217 __SIGRTMIN + 90,
218 __SIGRTMIN + 91,
219 __SIGRTMIN + 92,
220 __SIGRTMIN + 93,
221 __SIGRTMIN + 94,
222 __SIGRTMIN + 95,
223 -1, /* SIGINFO */
224 -1, /* UNKNOWN */
225 -1, /* DEFAULT */
226 -1,
227 -1,
228 -1,
229 -1,
230 -1,
231 -1
c72d5bf8 232#endif
ca587a8e 233};
8f447cc7 234#else
ca587a8e
AJ		 235/* In system mode we only need SIGINT and SIGTRAP; other signals
236 are not yet supported. */
237
238enum {
239 TARGET_SIGINT = 2,
240 TARGET_SIGTRAP = 5
241};
242
243static int gdb_signal_table[] = {
244 -1,
245 -1,
246 TARGET_SIGINT,
247 -1,
248 -1,
249 TARGET_SIGTRAP
250};
251#endif
252
253#ifdef CONFIG_USER_ONLY
254static int target_signal_to_gdb (int sig)
255{
256 int i;
257 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
258 if (gdb_signal_table[i] == sig)
259 return i;
260 return GDB_SIGNAL_UNKNOWN;
261}
8f447cc7 262#endif
b4608c04 263
ca587a8e
AJ		 264static int gdb_signal_to_target (int sig)
265{
266 if (sig < ARRAY_SIZE (gdb_signal_table))
267 return gdb_signal_table[sig];
268 else
269 return -1;
270}
271
4abe615b 272//#define DEBUG_GDB
b4608c04 273
56aebc89
PB		 274typedef struct GDBRegisterState {
275 int base_reg;
276 int num_regs;
277 gdb_reg_cb get_reg;
278 gdb_reg_cb set_reg;
279 const char *xml;
280 struct GDBRegisterState *next;
281} GDBRegisterState;
282
858693c6 283enum RSState {
36556b20 284 RS_INACTIVE,
858693c6
FB		 285 RS_IDLE,
286 RS_GETLINE,
287 RS_CHKSUM1,
288 RS_CHKSUM2,
289};
858693c6 290typedef struct GDBState {
2e0f2cfb
AF		 291 CPUState *c_cpu; /* current CPU for step/continue ops */
292 CPUState *g_cpu; /* current CPU for other ops */
52f34623 293 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
41625033 294 enum RSState state; /* parsing state */
56aebc89 295 char line_buf[MAX_PACKET_LENGTH];
858693c6
FB		 296 int line_buf_index;
297 int line_csum;
56aebc89 298 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
4046d913 299 int last_packet_len;
1f487ee9 300 int signal;
41625033 301#ifdef CONFIG_USER_ONLY
4046d913 302 int fd;
41625033 303 int running_state;
4046d913
PB		 304#else
305 CharDriverState *chr;
8a34a0fb 306 CharDriverState *mon_chr;
41625033 307#endif
cdb432b2
MI		 308 char syscall_buf[256];
309 gdb_syscall_complete_cb current_syscall_cb;
858693c6 310} GDBState;
b4608c04 311
60897d36
EI		 312/* By default use no IRQs and no timers while single stepping so as to
313 * make single stepping like an ICE HW step.
314 */
315static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
316
880a7578
AL		 317static GDBState *gdbserver_state;
318
5b50e790 319bool gdb_has_xml;
56aebc89 320
1fddef4b 321#ifdef CONFIG_USER_ONLY
4046d913
PB		 322/* XXX: This is not thread safe. Do we care? */
323static int gdbserver_fd = -1;
324
858693c6 325static int get_char(GDBState *s)
b4608c04
FB		 326{
327 uint8_t ch;
328 int ret;
329
330 for(;;) {
00aa0040 331 ret = qemu_recv(s->fd, &ch, 1, 0);
b4608c04 332 if (ret < 0) {
1f487ee9
EI		 333 if (errno == ECONNRESET)
334 s->fd = -1;
b4608c04
FB		 335 if (errno != EINTR && errno != EAGAIN)
336 return -1;
337 } else if (ret == 0) {
1f487ee9
EI		 338 close(s->fd);
339 s->fd = -1;
b4608c04
FB		 340 return -1;
341 } else {
342 break;
343 }
344 }
345 return ch;
346}
4046d913 347#endif
b4608c04 348
654efcf3 349static enum {
a2d1ebaf
PB		 350 GDB_SYS_UNKNOWN,
351 GDB_SYS_ENABLED,
352 GDB_SYS_DISABLED,
353} gdb_syscall_mode;
354
a38bb079 355/* Decide if either remote gdb syscalls or native file IO should be used. */
a2d1ebaf
PB		 356int use_gdb_syscalls(void)
357{
cfe67cef
LA		 358 SemihostingTarget target = semihosting_get_target();
359 if (target == SEMIHOSTING_TARGET_NATIVE) {
a38bb079
LI		 360 /* -semihosting-config target=native */
361 return false;
cfe67cef 362 } else if (target == SEMIHOSTING_TARGET_GDB) {
a38bb079
LI		 363 /* -semihosting-config target=gdb */
364 return true;
365 }
366
367 /* -semihosting-config target=auto */
368 /* On the first call check if gdb is connected and remember. */
a2d1ebaf 369 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
880a7578
AL		 370 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
371 : GDB_SYS_DISABLED);
a2d1ebaf
PB		 372 }
373 return gdb_syscall_mode == GDB_SYS_ENABLED;
374}
375
ba70a624
EI		 376/* Resume execution. */
377static inline void gdb_continue(GDBState *s)
378{
379#ifdef CONFIG_USER_ONLY
380 s->running_state = 1;
381#else
26ac7a31 382 if (!runstate_needs_reset()) {
87f25c12
PB		 383 vm_start();
384 }
ba70a624
EI		 385#endif
386}
387
858693c6 388static void put_buffer(GDBState *s, const uint8_t *buf, int len)
b4608c04 389{
4046d913 390#ifdef CONFIG_USER_ONLY
b4608c04
FB		 391 int ret;
392
393 while (len > 0) {
8f447cc7 394 ret = send(s->fd, buf, len, 0);
b4608c04
FB		 395 if (ret < 0) {
396 if (errno != EINTR && errno != EAGAIN)
397 return;
398 } else {
399 buf += ret;
400 len -= ret;
401 }
402 }
4046d913 403#else
2cc6e0a1 404 qemu_chr_fe_write(s->chr, buf, len);
4046d913 405#endif
b4608c04
FB		 406}
407
408static inline int fromhex(int v)
409{
410 if (v >= '0' && v <= '9')
411 return v - '0';
412 else if (v >= 'A' && v <= 'F')
413 return v - 'A' + 10;
414 else if (v >= 'a' && v <= 'f')
415 return v - 'a' + 10;
416 else
417 return 0;
418}
419
420static inline int tohex(int v)
421{
422 if (v < 10)
423 return v + '0';
424 else
425 return v - 10 + 'a';
426}
427
428static void memtohex(char *buf, const uint8_t *mem, int len)
429{
430 int i, c;
431 char *q;
432 q = buf;
433 for(i = 0; i < len; i++) {
434 c = mem[i];
435 *q++ = tohex(c >> 4);
436 *q++ = tohex(c & 0xf);
437 }
438 *q = '\0';
439}
440
441static void hextomem(uint8_t *mem, const char *buf, int len)
442{
443 int i;
444
445 for(i = 0; i < len; i++) {
446 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
447 buf += 2;
448 }
449}
450
b4608c04 451/* return -1 if error, 0 if OK */
56aebc89 452static int put_packet_binary(GDBState *s, const char *buf, int len)
b4608c04 453{
56aebc89 454 int csum, i;
60fe76f3 455 uint8_t *p;
b4608c04 456
b4608c04 457 for(;;) {
4046d913
PB		 458 p = s->last_packet;
459 *(p++) = '$';
4046d913
PB		 460 memcpy(p, buf, len);
461 p += len;
b4608c04
FB		 462 csum = 0;
463 for(i = 0; i < len; i++) {
464 csum += buf[i];
465 }
4046d913
PB		 466 *(p++) = '#';
467 *(p++) = tohex((csum >> 4) & 0xf);
468 *(p++) = tohex((csum) & 0xf);
b4608c04 469
4046d913 470 s->last_packet_len = p - s->last_packet;
ffe8ab83 471 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
b4608c04 472
4046d913
PB		 473#ifdef CONFIG_USER_ONLY
474 i = get_char(s);
475 if (i < 0)
b4608c04 476 return -1;
4046d913 477 if (i == '+')
b4608c04 478 break;
4046d913
PB		 479#else
480 break;
481#endif
b4608c04
FB		 482 }
483 return 0;
484}
485
56aebc89
PB		 486/* return -1 if error, 0 if OK */
487static int put_packet(GDBState *s, const char *buf)
488{
489#ifdef DEBUG_GDB
490 printf("reply='%s'\n", buf);
491#endif
79808573 492
56aebc89
PB		 493 return put_packet_binary(s, buf, strlen(buf));
494}
495
56aebc89
PB		 496/* Encode data using the encoding for 'x' packets. */
497static int memtox(char *buf, const char *mem, int len)
498{
499 char *p = buf;
500 char c;
501
502 while (len--) {
503 c = *(mem++);
504 switch (c) {
505 case '#': case '$': case '*': case '}':
506 *(p++) = '}';
507 *(p++) = c ^ 0x20;
508 break;
509 default:
510 *(p++) = c;
511 break;
512 }
513 }
514 return p - buf;
515}
f1ccf904 516
5b24c641
AF		 517static const char *get_feature_xml(const char *p, const char **newp,
518 CPUClass *cc)
56aebc89 519{
56aebc89
PB		 520 size_t len;
521 int i;
522 const char *name;
523 static char target_xml[1024];
524
525 len = 0;
526 while (p[len] && p[len] != ':')
527 len++;
528 *newp = p + len;
529
530 name = NULL;
531 if (strncmp(p, "target.xml", len) == 0) {
532 /* Generate the XML description for this CPU. */
533 if (!target_xml[0]) {
534 GDBRegisterState *r;
eac8b355 535 CPUState *cpu = first_cpu;
56aebc89 536
b3820e6c
DH		 537 pstrcat(target_xml, sizeof(target_xml),
538 "<?xml version=\"1.0\"?>"
539 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
540 "<target>");
541 if (cc->gdb_arch_name) {
542 gchar *arch = cc->gdb_arch_name(cpu);
543 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
544 pstrcat(target_xml, sizeof(target_xml), arch);
545 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
546 g_free(arch);
547 }
548 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
549 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
550 pstrcat(target_xml, sizeof(target_xml), "\"/>");
eac8b355 551 for (r = cpu->gdb_regs; r; r = r->next) {
2dc766da
BS		 552 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
553 pstrcat(target_xml, sizeof(target_xml), r->xml);
554 pstrcat(target_xml, sizeof(target_xml), "\"/>");
56aebc89 555 }
2dc766da 556 pstrcat(target_xml, sizeof(target_xml), "</target>");
56aebc89
PB		 557 }
558 return target_xml;
559 }
560 for (i = 0; ; i++) {
561 name = xml_builtin[i][0];
562 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
563 break;
564 }
565 return name ? xml_builtin[i][1] : NULL;
566}
f1ccf904 567
385b9f0e 568static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
56aebc89 569{
a0e372f0 570 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 571 CPUArchState *env = cpu->env_ptr;
56aebc89 572 GDBRegisterState *r;
f1ccf904 573
a0e372f0 574 if (reg < cc->gdb_num_core_regs) {
5b50e790 575 return cc->gdb_read_register(cpu, mem_buf, reg);
a0e372f0 576 }
f1ccf904 577
eac8b355 578 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 579 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
580 return r->get_reg(env, mem_buf, reg - r->base_reg);
581 }
582 }
583 return 0;
f1ccf904
TS		 584}
585
385b9f0e 586static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
f1ccf904 587{
a0e372f0 588 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 589 CPUArchState *env = cpu->env_ptr;
56aebc89 590 GDBRegisterState *r;
f1ccf904 591
a0e372f0 592 if (reg < cc->gdb_num_core_regs) {
5b50e790 593 return cc->gdb_write_register(cpu, mem_buf, reg);
a0e372f0 594 }
56aebc89 595
eac8b355 596 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 597 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
598 return r->set_reg(env, mem_buf, reg - r->base_reg);
599 }
600 }
6da41eaf
FB		 601 return 0;
602}
603
56aebc89
PB		 604/* Register a supplemental set of CPU registers. If g_pos is nonzero it
605 specifies the first register number and these registers are included in
606 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
607 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
608 */
609
22169d41
AF		 610void gdb_register_coprocessor(CPUState *cpu,
611 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
612 int num_regs, const char *xml, int g_pos)
6da41eaf 613{
56aebc89
PB		 614 GDBRegisterState *s;
615 GDBRegisterState **p;
56aebc89 616
eac8b355 617 p = &cpu->gdb_regs;
56aebc89
PB		 618 while (*p) {
619 /* Check for duplicates. */
620 if (strcmp((*p)->xml, xml) == 0)
621 return;
622 p = &(*p)->next;
623 }
9643c25f
SW		 624
625 s = g_new0(GDBRegisterState, 1);
a0e372f0 626 s->base_reg = cpu->gdb_num_regs;
9643c25f
SW		 627 s->num_regs = num_regs;
628 s->get_reg = get_reg;
629 s->set_reg = set_reg;
630 s->xml = xml;
631
56aebc89 632 /* Add to end of list. */
a0e372f0 633 cpu->gdb_num_regs += num_regs;
56aebc89
PB		 634 *p = s;
635 if (g_pos) {
636 if (g_pos != s->base_reg) {
637 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
638 "Expected %d got %d\n", xml, g_pos, s->base_reg);
35143f01
AF		 639 } else {
640 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
56aebc89
PB		 641 }
642 }
6da41eaf
FB		 643}
644
a1d1bb31 645#ifndef CONFIG_USER_ONLY
2472b6c0
PM		 646/* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
647static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
648{
649 static const int xlat[] = {
650 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
651 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
652 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
653 };
654
655 CPUClass *cc = CPU_GET_CLASS(cpu);
656 int cputype = xlat[gdbtype];
657
658 if (cc->gdb_stop_before_watchpoint) {
659 cputype |= BP_STOP_BEFORE_ACCESS;
660 }
661 return cputype;
662}
a1d1bb31
AL		 663#endif
664
880a7578 665static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
a1d1bb31 666{
182735ef 667 CPUState *cpu;
880a7578
AL		 668 int err = 0;
669
62278814 670 if (kvm_enabled()) {
2e0f2cfb 671 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 672 }
e22a25c9 673
a1d1bb31
AL		 674 switch (type) {
675 case GDB_BREAKPOINT_SW:
676 case GDB_BREAKPOINT_HW:
bdc44640 677 CPU_FOREACH(cpu) {
b3310ab3
AF		 678 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
679 if (err) {
880a7578 680 break;
b3310ab3 681 }
880a7578
AL		 682 }
683 return err;
a1d1bb31
AL		 684#ifndef CONFIG_USER_ONLY
685 case GDB_WATCHPOINT_WRITE:
686 case GDB_WATCHPOINT_READ:
687 case GDB_WATCHPOINT_ACCESS:
bdc44640 688 CPU_FOREACH(cpu) {
2472b6c0
PM		 689 err = cpu_watchpoint_insert(cpu, addr, len,
690 xlat_gdb_type(cpu, type), NULL);
691 if (err) {
880a7578 692 break;
2472b6c0 693 }
880a7578
AL		 694 }
695 return err;
a1d1bb31
AL		 696#endif
697 default:
698 return -ENOSYS;
699 }
700}
701
880a7578 702static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
a1d1bb31 703{
182735ef 704 CPUState *cpu;
880a7578
AL		 705 int err = 0;
706
62278814 707 if (kvm_enabled()) {
2e0f2cfb 708 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 709 }
e22a25c9 710
a1d1bb31
AL		 711 switch (type) {
712 case GDB_BREAKPOINT_SW:
713 case GDB_BREAKPOINT_HW:
bdc44640 714 CPU_FOREACH(cpu) {
b3310ab3
AF		 715 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
716 if (err) {
880a7578 717 break;
b3310ab3 718 }
880a7578
AL		 719 }
720 return err;
a1d1bb31
AL		 721#ifndef CONFIG_USER_ONLY
722 case GDB_WATCHPOINT_WRITE:
723 case GDB_WATCHPOINT_READ:
724 case GDB_WATCHPOINT_ACCESS:
bdc44640 725 CPU_FOREACH(cpu) {
2472b6c0
PM		 726 err = cpu_watchpoint_remove(cpu, addr, len,
727 xlat_gdb_type(cpu, type));
880a7578
AL		 728 if (err)
729 break;
730 }
731 return err;
a1d1bb31
AL		 732#endif
733 default:
734 return -ENOSYS;
735 }
736}
737
880a7578 738static void gdb_breakpoint_remove_all(void)
a1d1bb31 739{
182735ef 740 CPUState *cpu;
880a7578 741
e22a25c9 742 if (kvm_enabled()) {
2e0f2cfb 743 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
e22a25c9
AL		 744 return;
745 }
746
bdc44640 747 CPU_FOREACH(cpu) {
b3310ab3 748 cpu_breakpoint_remove_all(cpu, BP_GDB);
a1d1bb31 749#ifndef CONFIG_USER_ONLY
75a34036 750 cpu_watchpoint_remove_all(cpu, BP_GDB);
a1d1bb31 751#endif
880a7578 752 }
a1d1bb31
AL		 753}
754
fab9d284
AJ		 755static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
756{
2e0f2cfb 757 CPUState *cpu = s->c_cpu;
f45748f1
AF		 758
759 cpu_synchronize_state(cpu);
4a2b24ed 760 cpu_set_pc(cpu, pc);
fab9d284
AJ		 761}
762
2e0f2cfb 763static CPUState *find_cpu(uint32_t thread_id)
1e9fa730 764{
0d34282f 765 CPUState *cpu;
1e9fa730 766
bdc44640 767 CPU_FOREACH(cpu) {
aa48dd93 768 if (cpu_index(cpu) == thread_id) {
2e0f2cfb 769 return cpu;
aa48dd93 770 }
1e9fa730 771 }
aa48dd93
AF		 772
773 return NULL;
1e9fa730
NF		 774}
775
4dabe747
JK		 776static int is_query_packet(const char *p, const char *query, char separator)
777{
778 unsigned int query_len = strlen(query);
779
780 return strncmp(p, query, query_len) == 0 &&
781 (p[query_len] == '\0' || p[query_len] == separator);
782}
783
880a7578 784static int gdb_handle_packet(GDBState *s, const char *line_buf)
b4608c04 785{
2e0f2cfb 786 CPUState *cpu;
5b24c641 787 CPUClass *cc;
b4608c04 788 const char *p;
1e9fa730
NF		 789 uint32_t thread;
790 int ch, reg_size, type, res;
56aebc89
PB		 791 char buf[MAX_PACKET_LENGTH];
792 uint8_t mem_buf[MAX_PACKET_LENGTH];
793 uint8_t *registers;
9d9754a3 794 target_ulong addr, len;
3b46e624 795
858693c6
FB		 796#ifdef DEBUG_GDB
797 printf("command='%s'\n", line_buf);
798#endif
799 p = line_buf;
800 ch = *p++;
801 switch(ch) {
802 case '?':
1fddef4b 803 /* TODO: Make this return the correct value for user-mode. */
ca587a8e 804 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
2e0f2cfb 805 cpu_index(s->c_cpu));
858693c6 806 put_packet(s, buf);
7d03f82f
EI		 807 /* Remove all the breakpoints when this query is issued,
808 * because gdb is doing and initial connect and the state
809 * should be cleaned up.
810 */
880a7578 811 gdb_breakpoint_remove_all();
858693c6
FB		 812 break;
813 case 'c':
814 if (*p != '\0') {
9d9754a3 815 addr = strtoull(p, (char **)&p, 16);
fab9d284 816 gdb_set_cpu_pc(s, addr);
858693c6 817 }
ca587a8e 818 s->signal = 0;
ba70a624 819 gdb_continue(s);
41625033 820 return RS_IDLE;
1f487ee9 821 case 'C':
ca587a8e
AJ		 822 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
823 if (s->signal == -1)
824 s->signal = 0;
1f487ee9
EI		 825 gdb_continue(s);
826 return RS_IDLE;
dd32aa10
JK		 827 case 'v':
828 if (strncmp(p, "Cont", 4) == 0) {
829 int res_signal, res_thread;
830
831 p += 4;
832 if (*p == '?') {
833 put_packet(s, "vCont;c;C;s;S");
834 break;
835 }
836 res = 0;
837 res_signal = 0;
838 res_thread = 0;
839 while (*p) {
840 int action, signal;
841
842 if (*p++ != ';') {
843 res = 0;
844 break;
845 }
846 action = *p++;
847 signal = 0;
848 if (action == 'C' || action == 'S') {
f17b0690
MS		 849 signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
850 if (signal == -1) {
851 signal = 0;
852 }
dd32aa10
JK		 853 } else if (action != 'c' && action != 's') {
854 res = 0;
855 break;
856 }
857 thread = 0;
858 if (*p == ':') {
859 thread = strtoull(p+1, (char **)&p, 16);
860 }
861 action = tolower(action);
862 if (res == 0 || (res == 'c' && action == 's')) {
863 res = action;
864 res_signal = signal;
865 res_thread = thread;
866 }
867 }
868 if (res) {
869 if (res_thread != -1 && res_thread != 0) {
2e0f2cfb
AF		 870 cpu = find_cpu(res_thread);
871 if (cpu == NULL) {
dd32aa10
JK		 872 put_packet(s, "E22");
873 break;
874 }
2e0f2cfb 875 s->c_cpu = cpu;
dd32aa10
JK		 876 }
877 if (res == 's') {
2e0f2cfb 878 cpu_single_step(s->c_cpu, sstep_flags);
dd32aa10
JK		 879 }
880 s->signal = res_signal;
881 gdb_continue(s);
882 return RS_IDLE;
883 }
884 break;
885 } else {
886 goto unknown_command;
887 }
7d03f82f
EI		 888 case 'k':
889 /* Kill the target */
890 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
891 exit(0);
892 case 'D':
893 /* Detach packet */
880a7578 894 gdb_breakpoint_remove_all();
7ea06da3 895 gdb_syscall_mode = GDB_SYS_DISABLED;
7d03f82f
EI		 896 gdb_continue(s);
897 put_packet(s, "OK");
898 break;
858693c6
FB		 899 case 's':
900 if (*p != '\0') {
8fac5803 901 addr = strtoull(p, (char **)&p, 16);
fab9d284 902 gdb_set_cpu_pc(s, addr);
858693c6 903 }
2e0f2cfb 904 cpu_single_step(s->c_cpu, sstep_flags);
ba70a624 905 gdb_continue(s);
41625033 906 return RS_IDLE;
a2d1ebaf
PB		 907 case 'F':
908 {
909 target_ulong ret;
910 target_ulong err;
911
912 ret = strtoull(p, (char **)&p, 16);
913 if (*p == ',') {
914 p++;
915 err = strtoull(p, (char **)&p, 16);
916 } else {
917 err = 0;
918 }
919 if (*p == ',')
920 p++;
921 type = *p;
cdb432b2 922 if (s->current_syscall_cb) {
2e0f2cfb 923 s->current_syscall_cb(s->c_cpu, ret, err);
cdb432b2
MI		 924 s->current_syscall_cb = NULL;
925 }
a2d1ebaf
PB		 926 if (type == 'C') {
927 put_packet(s, "T02");
928 } else {
ba70a624 929 gdb_continue(s);
a2d1ebaf
PB		 930 }
931 }
932 break;
858693c6 933 case 'g':
2e0f2cfb 934 cpu_synchronize_state(s->g_cpu);
56aebc89 935 len = 0;
35143f01 936 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
2e0f2cfb 937 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
56aebc89
PB		 938 len += reg_size;
939 }
940 memtohex(buf, mem_buf, len);
858693c6
FB		 941 put_packet(s, buf);
942 break;
943 case 'G':
2e0f2cfb 944 cpu_synchronize_state(s->g_cpu);
56aebc89 945 registers = mem_buf;
858693c6
FB		 946 len = strlen(p) / 2;
947 hextomem((uint8_t *)registers, p, len);
35143f01 948 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
2e0f2cfb 949 reg_size = gdb_write_register(s->g_cpu, registers, addr);
56aebc89
PB		 950 len -= reg_size;
951 registers += reg_size;
952 }
858693c6
FB		 953 put_packet(s, "OK");
954 break;
955 case 'm':
9d9754a3 956 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 957 if (*p == ',')
958 p++;
9d9754a3 959 len = strtoull(p, NULL, 16);
5accecb3
KW		 960
961 /* memtohex() doubles the required space */
962 if (len > MAX_PACKET_LENGTH / 2) {
963 put_packet (s, "E22");
964 break;
965 }
966
2e0f2cfb 967 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
6f970bd9
FB		 968 put_packet (s, "E14");
969 } else {
970 memtohex(buf, mem_buf, len);
971 put_packet(s, buf);
972 }
858693c6
FB		 973 break;
974 case 'M':
9d9754a3 975 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 976 if (*p == ',')
977 p++;
9d9754a3 978 len = strtoull(p, (char **)&p, 16);
b328f873 979 if (*p == ':')
858693c6 980 p++;
5accecb3
KW		 981
982 /* hextomem() reads 2*len bytes */
983 if (len > strlen(p) / 2) {
984 put_packet (s, "E22");
985 break;
986 }
858693c6 987 hextomem(mem_buf, p, len);
2e0f2cfb 988 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
f3659eee 989 true) != 0) {
905f20b1 990 put_packet(s, "E14");
44520db1 991 } else {
858693c6 992 put_packet(s, "OK");
44520db1 993 }
858693c6 994 break;
56aebc89
PB		 995 case 'p':
996 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
997 This works, but can be very slow. Anything new enough to
998 understand XML also knows how to use this properly. */
999 if (!gdb_has_xml)
1000 goto unknown_command;
1001 addr = strtoull(p, (char **)&p, 16);
2e0f2cfb 1002 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 1003 if (reg_size) {
1004 memtohex(buf, mem_buf, reg_size);
1005 put_packet(s, buf);
1006 } else {
1007 put_packet(s, "E14");
1008 }
1009 break;
1010 case 'P':
1011 if (!gdb_has_xml)
1012 goto unknown_command;
1013 addr = strtoull(p, (char **)&p, 16);
1014 if (*p == '=')
1015 p++;
1016 reg_size = strlen(p) / 2;
1017 hextomem(mem_buf, p, reg_size);
2e0f2cfb 1018 gdb_write_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 1019 put_packet(s, "OK");
1020 break;
858693c6 1021 case 'Z':
858693c6
FB		 1022 case 'z':
1023 type = strtoul(p, (char **)&p, 16);
1024 if (*p == ',')
1025 p++;
9d9754a3 1026 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 1027 if (*p == ',')
1028 p++;
9d9754a3 1029 len = strtoull(p, (char **)&p, 16);
a1d1bb31 1030 if (ch == 'Z')
880a7578 1031 res = gdb_breakpoint_insert(addr, len, type);
a1d1bb31 1032 else
880a7578 1033 res = gdb_breakpoint_remove(addr, len, type);
a1d1bb31
AL		 1034 if (res >= 0)
1035 put_packet(s, "OK");
1036 else if (res == -ENOSYS)
0f459d16 1037 put_packet(s, "");
a1d1bb31
AL		 1038 else
1039 put_packet(s, "E22");
858693c6 1040 break;
880a7578
AL		 1041 case 'H':
1042 type = *p++;
1043 thread = strtoull(p, (char **)&p, 16);
1044 if (thread == -1 || thread == 0) {
1045 put_packet(s, "OK");
1046 break;
1047 }
2e0f2cfb
AF		 1048 cpu = find_cpu(thread);
1049 if (cpu == NULL) {
880a7578
AL		 1050 put_packet(s, "E22");
1051 break;
1052 }
1053 switch (type) {
1054 case 'c':
2e0f2cfb 1055 s->c_cpu = cpu;
880a7578
AL		 1056 put_packet(s, "OK");
1057 break;
1058 case 'g':
2e0f2cfb 1059 s->g_cpu = cpu;
880a7578
AL		 1060 put_packet(s, "OK");
1061 break;
1062 default:
1063 put_packet(s, "E22");
1064 break;
1065 }
1066 break;
1067 case 'T':
1068 thread = strtoull(p, (char **)&p, 16);
2e0f2cfb 1069 cpu = find_cpu(thread);
1e9fa730 1070
2e0f2cfb 1071 if (cpu != NULL) {
1e9fa730
NF		 1072 put_packet(s, "OK");
1073 } else {
880a7578 1074 put_packet(s, "E22");
1e9fa730 1075 }
880a7578 1076 break;
978efd6a 1077 case 'q':
60897d36
EI		 1078 case 'Q':
1079 /* parse any 'q' packets here */
1080 if (!strcmp(p,"qemu.sstepbits")) {
1081 /* Query Breakpoint bit definitions */
363a37d5
BS		 1082 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1083 SSTEP_ENABLE,
1084 SSTEP_NOIRQ,
1085 SSTEP_NOTIMER);
60897d36
EI		 1086 put_packet(s, buf);
1087 break;
4dabe747 1088 } else if (is_query_packet(p, "qemu.sstep", '=')) {
60897d36
EI		 1089 /* Display or change the sstep_flags */
1090 p += 10;
1091 if (*p != '=') {
1092 /* Display current setting */
363a37d5 1093 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
60897d36
EI		 1094 put_packet(s, buf);
1095 break;
1096 }
1097 p++;
1098 type = strtoul(p, (char **)&p, 16);
1099 sstep_flags = type;
1100 put_packet(s, "OK");
1101 break;
880a7578
AL		 1102 } else if (strcmp(p,"C") == 0) {
1103 /* "Current thread" remains vague in the spec, so always return
1104 * the first CPU (gdb returns the first thread). */
1105 put_packet(s, "QC1");
1106 break;
1107 } else if (strcmp(p,"fThreadInfo") == 0) {
52f34623 1108 s->query_cpu = first_cpu;
880a7578
AL		 1109 goto report_cpuinfo;
1110 } else if (strcmp(p,"sThreadInfo") == 0) {
1111 report_cpuinfo:
1112 if (s->query_cpu) {
52f34623 1113 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
880a7578 1114 put_packet(s, buf);
bdc44640 1115 s->query_cpu = CPU_NEXT(s->query_cpu);
880a7578
AL		 1116 } else
1117 put_packet(s, "l");
1118 break;
1119 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1120 thread = strtoull(p+16, (char **)&p, 16);
2e0f2cfb
AF		 1121 cpu = find_cpu(thread);
1122 if (cpu != NULL) {
cb446eca 1123 cpu_synchronize_state(cpu);
5accecb3
KW		 1124 /* memtohex() doubles the required space */
1125 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
55e5c285 1126 "CPU#%d [%s]", cpu->cpu_index,
259186a7 1127 cpu->halted ? "halted " : "running");
1e9fa730
NF		 1128 memtohex(buf, mem_buf, len);
1129 put_packet(s, buf);
1130 }
880a7578 1131 break;
60897d36 1132 }
0b8a988c 1133#ifdef CONFIG_USER_ONLY
070949f3 1134 else if (strcmp(p, "Offsets") == 0) {
0429a971 1135 TaskState *ts = s->c_cpu->opaque;
978efd6a 1136
363a37d5
BS		 1137 snprintf(buf, sizeof(buf),
1138 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1139 ";Bss=" TARGET_ABI_FMT_lx,
1140 ts->info->code_offset,
1141 ts->info->data_offset,
1142 ts->info->data_offset);
978efd6a
PB		 1143 put_packet(s, buf);
1144 break;
1145 }
0b8a988c 1146#else /* !CONFIG_USER_ONLY */
8a34a0fb
AL		 1147 else if (strncmp(p, "Rcmd,", 5) == 0) {
1148 int len = strlen(p + 5);
1149
1150 if ((len % 2) != 0) {
1151 put_packet(s, "E01");
1152 break;
1153 }
8a34a0fb 1154 len = len / 2;
5accecb3 1155 hextomem(mem_buf, p + 5, len);
8a34a0fb 1156 mem_buf[len++] = 0;
fa5efccb 1157 qemu_chr_be_write(s->mon_chr, mem_buf, len);
8a34a0fb
AL		 1158 put_packet(s, "OK");
1159 break;
1160 }
0b8a988c 1161#endif /* !CONFIG_USER_ONLY */
4dabe747 1162 if (is_query_packet(p, "Supported", ':')) {
5b3715bf 1163 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
5b24c641
AF		 1164 cc = CPU_GET_CLASS(first_cpu);
1165 if (cc->gdb_core_xml_file != NULL) {
1166 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1167 }
56aebc89
PB		 1168 put_packet(s, buf);
1169 break;
1170 }
56aebc89
PB		 1171 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1172 const char *xml;
1173 target_ulong total_len;
1174
5b24c641
AF		 1175 cc = CPU_GET_CLASS(first_cpu);
1176 if (cc->gdb_core_xml_file == NULL) {
1177 goto unknown_command;
1178 }
1179
5b50e790 1180 gdb_has_xml = true;
56aebc89 1181 p += 19;
5b24c641 1182 xml = get_feature_xml(p, &p, cc);
56aebc89 1183 if (!xml) {
5b3715bf 1184 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1185 put_packet(s, buf);
1186 break;
1187 }
1188
1189 if (*p == ':')
1190 p++;
1191 addr = strtoul(p, (char **)&p, 16);
1192 if (*p == ',')
1193 p++;
1194 len = strtoul(p, (char **)&p, 16);
1195
1196 total_len = strlen(xml);
1197 if (addr > total_len) {
5b3715bf 1198 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1199 put_packet(s, buf);
1200 break;
1201 }
1202 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1203 len = (MAX_PACKET_LENGTH - 5) / 2;
1204 if (len < total_len - addr) {
1205 buf[0] = 'm';
1206 len = memtox(buf + 1, xml + addr, len);
1207 } else {
1208 buf[0] = 'l';
1209 len = memtox(buf + 1, xml + addr, total_len - addr);
1210 }
1211 put_packet_binary(s, buf, len + 1);
1212 break;
1213 }
a3919386
JK		 1214 if (is_query_packet(p, "Attached", ':')) {
1215 put_packet(s, GDB_ATTACHED);
1216 break;
1217 }
56aebc89
PB		 1218 /* Unrecognised 'q' command. */
1219 goto unknown_command;
1220
858693c6 1221 default:
56aebc89 1222 unknown_command:
858693c6
FB		 1223 /* put empty packet */
1224 buf[0] = '\0';
1225 put_packet(s, buf);
1226 break;
1227 }
1228 return RS_IDLE;
1229}
1230
64f6b346 1231void gdb_set_stop_cpu(CPUState *cpu)
880a7578 1232{
2e0f2cfb
AF		 1233 gdbserver_state->c_cpu = cpu;
1234 gdbserver_state->g_cpu = cpu;
880a7578
AL		 1235}
1236
1fddef4b 1237#ifndef CONFIG_USER_ONLY
1dfb4dd9 1238static void gdb_vm_state_change(void *opaque, int running, RunState state)
858693c6 1239{
880a7578 1240 GDBState *s = gdbserver_state;
2e0f2cfb 1241 CPUState *cpu = s->c_cpu;
858693c6 1242 char buf[256];
d6fc1b39 1243 const char *type;
858693c6
FB		 1244 int ret;
1245
cdb432b2
MI		 1246 if (running || s->state == RS_INACTIVE) {
1247 return;
1248 }
1249 /* Is there a GDB syscall waiting to be sent? */
1250 if (s->current_syscall_cb) {
1251 put_packet(s, s->syscall_buf);
a2d1ebaf 1252 return;
e07bbac5 1253 }
1dfb4dd9 1254 switch (state) {
0461d5a6 1255 case RUN_STATE_DEBUG:
ff4700b0
AF		 1256 if (cpu->watchpoint_hit) {
1257 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
a1d1bb31 1258 case BP_MEM_READ:
d6fc1b39
AL		 1259 type = "r";
1260 break;
a1d1bb31 1261 case BP_MEM_ACCESS:
d6fc1b39
AL		 1262 type = "a";
1263 break;
1264 default:
1265 type = "";
1266 break;
1267 }
880a7578
AL		 1268 snprintf(buf, sizeof(buf),
1269 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
0d34282f 1270 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
ff4700b0
AF		 1271 (target_ulong)cpu->watchpoint_hit->vaddr);
1272 cpu->watchpoint_hit = NULL;
425189a8 1273 goto send_packet;
6658ffb8 1274 }
bbd77c18 1275 tb_flush(cpu);
ca587a8e 1276 ret = GDB_SIGNAL_TRAP;
425189a8 1277 break;
0461d5a6 1278 case RUN_STATE_PAUSED:
9781e040 1279 ret = GDB_SIGNAL_INT;
425189a8 1280 break;
0461d5a6 1281 case RUN_STATE_SHUTDOWN:
425189a8
JK		 1282 ret = GDB_SIGNAL_QUIT;
1283 break;
0461d5a6 1284 case RUN_STATE_IO_ERROR:
425189a8
JK		 1285 ret = GDB_SIGNAL_IO;
1286 break;
0461d5a6 1287 case RUN_STATE_WATCHDOG:
425189a8
JK		 1288 ret = GDB_SIGNAL_ALRM;
1289 break;
0461d5a6 1290 case RUN_STATE_INTERNAL_ERROR:
425189a8
JK		 1291 ret = GDB_SIGNAL_ABRT;
1292 break;
0461d5a6
LC		 1293 case RUN_STATE_SAVE_VM:
1294 case RUN_STATE_RESTORE_VM:
425189a8 1295 return;
0461d5a6 1296 case RUN_STATE_FINISH_MIGRATE:
425189a8
JK		 1297 ret = GDB_SIGNAL_XCPU;
1298 break;
1299 default:
1300 ret = GDB_SIGNAL_UNKNOWN;
1301 break;
bbeb7b5c 1302 }
226d007d 1303 gdb_set_stop_cpu(cpu);
0d34282f 1304 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
425189a8
JK		 1305
1306send_packet:
858693c6 1307 put_packet(s, buf);
425189a8
JK		 1308
1309 /* disable single step if it was enabled */
3825b28f 1310 cpu_single_step(cpu, 0);
858693c6 1311}
1fddef4b 1312#endif
858693c6 1313
a2d1ebaf
PB		 1314/* Send a gdb syscall request.
1315 This accepts limited printf-style format specifiers, specifically:
a87295e8
PB		 1316 %x - target_ulong argument printed in hex.
1317 %lx - 64-bit argument printed in hex.
1318 %s - string pointer (target_ulong) and length (int) pair. */
19239b39 1319void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
a2d1ebaf 1320{
a2d1ebaf 1321 char *p;
cdb432b2 1322 char *p_end;
a2d1ebaf 1323 target_ulong addr;
a87295e8 1324 uint64_t i64;
a2d1ebaf
PB		 1325 GDBState *s;
1326
880a7578 1327 s = gdbserver_state;
a2d1ebaf
PB		 1328 if (!s)
1329 return;
cdb432b2 1330 s->current_syscall_cb = cb;
a2d1ebaf 1331#ifndef CONFIG_USER_ONLY
0461d5a6 1332 vm_stop(RUN_STATE_DEBUG);
a2d1ebaf 1333#endif
cdb432b2
MI		 1334 p = s->syscall_buf;
1335 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
a2d1ebaf
PB		 1336 *(p++) = 'F';
1337 while (*fmt) {
1338 if (*fmt == '%') {
1339 fmt++;
1340 switch (*fmt++) {
1341 case 'x':
1342 addr = va_arg(va, target_ulong);
cdb432b2 1343 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
a2d1ebaf 1344 break;
a87295e8
PB		 1345 case 'l':
1346 if (*(fmt++) != 'x')
1347 goto bad_format;
1348 i64 = va_arg(va, uint64_t);
cdb432b2 1349 p += snprintf(p, p_end - p, "%" PRIx64, i64);
a87295e8 1350 break;
a2d1ebaf
PB		 1351 case 's':
1352 addr = va_arg(va, target_ulong);
cdb432b2 1353 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
363a37d5 1354 addr, va_arg(va, int));
a2d1ebaf
PB		 1355 break;
1356 default:
a87295e8 1357 bad_format:
a2d1ebaf
PB		 1358 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1359 fmt - 1);
1360 break;
1361 }
1362 } else {
1363 *(p++) = *(fmt++);
1364 }
1365 }
8a93e02a 1366 *p = 0;
a2d1ebaf 1367#ifdef CONFIG_USER_ONLY
cdb432b2 1368 put_packet(s, s->syscall_buf);
2e0f2cfb 1369 gdb_handlesig(s->c_cpu, 0);
a2d1ebaf 1370#else
cdb432b2
MI		 1371 /* In this case wait to send the syscall packet until notification that
1372 the CPU has stopped. This must be done because if the packet is sent
1373 now the reply from the syscall request could be received while the CPU
1374 is still in the running state, which can cause packets to be dropped
1375 and state transition 'T' packets to be sent while the syscall is still
1376 being processed. */
9102deda 1377 qemu_cpu_kick(s->c_cpu);
a2d1ebaf
PB		 1378#endif
1379}
1380
19239b39
PM		 1381void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1382{
1383 va_list va;
1384
1385 va_start(va, fmt);
1386 gdb_do_syscallv(cb, fmt, va);
1387 va_end(va);
1388}
1389
6a00d601 1390static void gdb_read_byte(GDBState *s, int ch)
858693c6
FB		 1391{
1392 int i, csum;
60fe76f3 1393 uint8_t reply;
858693c6 1394
1fddef4b 1395#ifndef CONFIG_USER_ONLY
4046d913
PB		 1396 if (s->last_packet_len) {
1397 /* Waiting for a response to the last packet. If we see the start
1398 of a new command then abandon the previous response. */
1399 if (ch == '-') {
1400#ifdef DEBUG_GDB
1401 printf("Got NACK, retransmitting\n");
1402#endif
ffe8ab83 1403 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
4046d913
PB		 1404 }
1405#ifdef DEBUG_GDB
1406 else if (ch == '+')
1407 printf("Got ACK\n");
1408 else
1409 printf("Got '%c' when expecting ACK/NACK\n", ch);
1410#endif
1411 if (ch == '+' || ch == '$')
1412 s->last_packet_len = 0;
1413 if (ch != '$')
1414 return;
1415 }
1354869c 1416 if (runstate_is_running()) {
858693c6
FB		 1417 /* when the CPU is running, we cannot do anything except stop
1418 it when receiving a char */
0461d5a6 1419 vm_stop(RUN_STATE_PAUSED);
5fafdf24 1420 } else
1fddef4b 1421#endif
41625033 1422 {
858693c6
FB		 1423 switch(s->state) {
1424 case RS_IDLE:
1425 if (ch == '$') {
1426 s->line_buf_index = 0;
1427 s->state = RS_GETLINE;
c33a346e 1428 }
b4608c04 1429 break;
858693c6
FB		 1430 case RS_GETLINE:
1431 if (ch == '#') {
1432 s->state = RS_CHKSUM1;
1433 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1434 s->state = RS_IDLE;
4c3a88a2 1435 } else {
858693c6 1436 s->line_buf[s->line_buf_index++] = ch;
4c3a88a2
FB		 1437 }
1438 break;
858693c6
FB		 1439 case RS_CHKSUM1:
1440 s->line_buf[s->line_buf_index] = '\0';
1441 s->line_csum = fromhex(ch) << 4;
1442 s->state = RS_CHKSUM2;
1443 break;
1444 case RS_CHKSUM2:
1445 s->line_csum |= fromhex(ch);
1446 csum = 0;
1447 for(i = 0; i < s->line_buf_index; i++) {
1448 csum += s->line_buf[i];
1449 }
1450 if (s->line_csum != (csum & 0xff)) {
60fe76f3
TS		 1451 reply = '-';
1452 put_buffer(s, &reply, 1);
858693c6 1453 s->state = RS_IDLE;
4c3a88a2 1454 } else {
60fe76f3
TS		 1455 reply = '+';
1456 put_buffer(s, &reply, 1);
880a7578 1457 s->state = gdb_handle_packet(s, s->line_buf);
4c3a88a2
FB		 1458 }
1459 break;
a2d1ebaf
PB		 1460 default:
1461 abort();
858693c6
FB		 1462 }
1463 }
1464}
1465
0e1c9c54 1466/* Tell the remote gdb that the process has exited. */
9349b4f9 1467void gdb_exit(CPUArchState *env, int code)
0e1c9c54
PB		 1468{
1469 GDBState *s;
1470 char buf[4];
1471
1472 s = gdbserver_state;
1473 if (!s) {
1474 return;
1475 }
1476#ifdef CONFIG_USER_ONLY
1477 if (gdbserver_fd < 0 || s->fd < 0) {
1478 return;
1479 }
3d0f4418
PB		 1480#else
1481 if (!s->chr) {
1482 return;
1483 }
0e1c9c54
PB		 1484#endif
1485
1486 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1487 put_packet(s, buf);
e2af15b2
FC		 1488
1489#ifndef CONFIG_USER_ONLY
3d0f4418 1490 qemu_chr_delete(s->chr);
e2af15b2 1491#endif
0e1c9c54
PB		 1492}
1493
1fddef4b 1494#ifdef CONFIG_USER_ONLY
ca587a8e
AJ		 1495int
1496gdb_queuesig (void)
1497{
1498 GDBState *s;
1499
1500 s = gdbserver_state;
1501
1502 if (gdbserver_fd < 0 || s->fd < 0)
1503 return 0;
1504 else
1505 return 1;
1506}
1507
1fddef4b 1508int
db6b81d4 1509gdb_handlesig(CPUState *cpu, int sig)
1fddef4b 1510{
5ca666c7
AF		 1511 GDBState *s;
1512 char buf[256];
1513 int n;
1fddef4b 1514
5ca666c7
AF		 1515 s = gdbserver_state;
1516 if (gdbserver_fd < 0 || s->fd < 0) {
1517 return sig;
1518 }
1fddef4b 1519
5ca666c7 1520 /* disable single step if it was enabled */
3825b28f 1521 cpu_single_step(cpu, 0);
bbd77c18 1522 tb_flush(cpu);
1fddef4b 1523
5ca666c7
AF		 1524 if (sig != 0) {
1525 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1526 put_packet(s, buf);
1527 }
1528 /* put_packet() might have detected that the peer terminated the
1529 connection. */
1530 if (s->fd < 0) {
1531 return sig;
1532 }
1fddef4b 1533
5ca666c7
AF		 1534 sig = 0;
1535 s->state = RS_IDLE;
1536 s->running_state = 0;
1537 while (s->running_state == 0) {
1538 n = read(s->fd, buf, 256);
1539 if (n > 0) {
1540 int i;
1541
1542 for (i = 0; i < n; i++) {
1543 gdb_read_byte(s, buf[i]);
1544 }
1545 } else if (n == 0 || errno != EAGAIN) {
1546 /* XXX: Connection closed. Should probably wait for another
1547 connection before continuing. */
1548 return sig;
1fddef4b 1549 }
5ca666c7
AF		 1550 }
1551 sig = s->signal;
1552 s->signal = 0;
1553 return sig;
1fddef4b 1554}
e9009676 1555
ca587a8e 1556/* Tell the remote gdb that the process has exited due to SIG. */
9349b4f9 1557void gdb_signalled(CPUArchState *env, int sig)
ca587a8e 1558{
5ca666c7
AF		 1559 GDBState *s;
1560 char buf[4];
ca587a8e 1561
5ca666c7
AF		 1562 s = gdbserver_state;
1563 if (gdbserver_fd < 0 || s->fd < 0) {
1564 return;
1565 }
ca587a8e 1566
5ca666c7
AF		 1567 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1568 put_packet(s, buf);
ca587a8e 1569}
1fddef4b 1570
880a7578 1571static void gdb_accept(void)
858693c6
FB		 1572{
1573 GDBState *s;
1574 struct sockaddr_in sockaddr;
1575 socklen_t len;
bf1c852a 1576 int fd;
858693c6
FB		 1577
1578 for(;;) {
1579 len = sizeof(sockaddr);
1580 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1581 if (fd < 0 && errno != EINTR) {
1582 perror("accept");
1583 return;
1584 } else if (fd >= 0) {
40ff6d7e
KW		 1585#ifndef _WIN32
1586 fcntl(fd, F_SETFD, FD_CLOEXEC);
1587#endif
b4608c04
FB		 1588 break;
1589 }
1590 }
858693c6
FB		 1591
1592 /* set short latency */
bf1c852a 1593 socket_set_nodelay(fd);
3b46e624 1594
7267c094 1595 s = g_malloc0(sizeof(GDBState));
2e0f2cfb
AF		 1596 s->c_cpu = first_cpu;
1597 s->g_cpu = first_cpu;
858693c6 1598 s->fd = fd;
5b50e790 1599 gdb_has_xml = false;
858693c6 1600
880a7578 1601 gdbserver_state = s;
a2d1ebaf 1602
858693c6 1603 fcntl(fd, F_SETFL, O_NONBLOCK);
858693c6
FB		 1604}
1605
1606static int gdbserver_open(int port)
1607{
1608 struct sockaddr_in sockaddr;
6669ca13 1609 int fd, ret;
858693c6
FB		 1610
1611 fd = socket(PF_INET, SOCK_STREAM, 0);
1612 if (fd < 0) {
1613 perror("socket");
1614 return -1;
1615 }
40ff6d7e
KW		 1616#ifndef _WIN32
1617 fcntl(fd, F_SETFD, FD_CLOEXEC);
1618#endif
858693c6 1619
6669ca13 1620 socket_set_fast_reuse(fd);
858693c6
FB		 1621
1622 sockaddr.sin_family = AF_INET;
1623 sockaddr.sin_port = htons(port);
1624 sockaddr.sin_addr.s_addr = 0;
1625 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1626 if (ret < 0) {
1627 perror("bind");
bb16172c 1628 close(fd);
858693c6
FB		 1629 return -1;
1630 }
1631 ret = listen(fd, 0);
1632 if (ret < 0) {
1633 perror("listen");
bb16172c 1634 close(fd);
858693c6
FB		 1635 return -1;
1636 }
858693c6
FB		 1637 return fd;
1638}
1639
1640int gdbserver_start(int port)
1641{
1642 gdbserver_fd = gdbserver_open(port);
1643 if (gdbserver_fd < 0)
1644 return -1;
1645 /* accept connections */
880a7578 1646 gdb_accept();
4046d913
PB		 1647 return 0;
1648}
2b1319c8
AJ		 1649
1650/* Disable gdb stub for child processes. */
f7ec7f7b 1651void gdbserver_fork(CPUState *cpu)
2b1319c8
AJ		 1652{
1653 GDBState *s = gdbserver_state;
75a34036
AF		 1654
1655 if (gdbserver_fd < 0 || s->fd < 0) {
1656 return;
1657 }
2b1319c8
AJ		 1658 close(s->fd);
1659 s->fd = -1;
b3310ab3 1660 cpu_breakpoint_remove_all(cpu, BP_GDB);
75a34036 1661 cpu_watchpoint_remove_all(cpu, BP_GDB);
2b1319c8 1662}
1fddef4b 1663#else
aa1f17c1 1664static int gdb_chr_can_receive(void *opaque)
4046d913 1665{
56aebc89
PB		 1666 /* We can handle an arbitrarily large amount of data.
1667 Pick the maximum packet size, which is as good as anything. */
1668 return MAX_PACKET_LENGTH;
4046d913
PB		 1669}
1670
aa1f17c1 1671static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
4046d913 1672{
4046d913
PB		 1673 int i;
1674
1675 for (i = 0; i < size; i++) {
880a7578 1676 gdb_read_byte(gdbserver_state, buf[i]);
4046d913
PB		 1677 }
1678}
1679
1680static void gdb_chr_event(void *opaque, int event)
1681{
1682 switch (event) {
b6b8df56 1683 case CHR_EVENT_OPENED:
0461d5a6 1684 vm_stop(RUN_STATE_PAUSED);
5b50e790 1685 gdb_has_xml = false;
4046d913
PB		 1686 break;
1687 default:
1688 break;
1689 }
1690}
1691
8a34a0fb
AL		 1692static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1693{
1694 char buf[MAX_PACKET_LENGTH];
1695
1696 buf[0] = 'O';
1697 if (len > (MAX_PACKET_LENGTH/2) - 1)
1698 len = (MAX_PACKET_LENGTH/2) - 1;
1699 memtohex(buf + 1, (uint8_t *)msg, len);
1700 put_packet(s, buf);
1701}
1702
1703static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1704{
1705 const char *p = (const char *)buf;
1706 int max_sz;
1707
1708 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1709 for (;;) {
1710 if (len <= max_sz) {
1711 gdb_monitor_output(gdbserver_state, p, len);
1712 break;
1713 }
1714 gdb_monitor_output(gdbserver_state, p, max_sz);
1715 p += max_sz;
1716 len -= max_sz;
1717 }
1718 return len;
1719}
1720
59030a8c
AL		 1721#ifndef _WIN32
1722static void gdb_sigterm_handler(int signal)
1723{
1354869c 1724 if (runstate_is_running()) {
0461d5a6 1725 vm_stop(RUN_STATE_PAUSED);
e07bbac5 1726 }
59030a8c
AL		 1727}
1728#endif
1729
1730int gdbserver_start(const char *device)
4046d913
PB		 1731{
1732 GDBState *s;
59030a8c 1733 char gdbstub_device_name[128];
36556b20
AL		 1734 CharDriverState *chr = NULL;
1735 CharDriverState *mon_chr;
d0d7708b 1736 ChardevCommon common = { 0 };
cfc3475a 1737
59030a8c
AL		 1738 if (!device)
1739 return -1;
1740 if (strcmp(device, "none") != 0) {
1741 if (strstart(device, "tcp:", NULL)) {
1742 /* enforce required TCP attributes */
1743 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1744 "%s,nowait,nodelay,server", device);
1745 device = gdbstub_device_name;
36556b20 1746 }
59030a8c
AL		 1747#ifndef _WIN32
1748 else if (strcmp(device, "stdio") == 0) {
1749 struct sigaction act;
4046d913 1750
59030a8c
AL		 1751 memset(&act, 0, sizeof(act));
1752 act.sa_handler = gdb_sigterm_handler;
1753 sigaction(SIGINT, &act, NULL);
1754 }
1755#endif
33577b47 1756 chr = qemu_chr_new_noreplay("gdb", device, NULL);
36556b20
AL		 1757 if (!chr)
1758 return -1;
1759
456d6069 1760 qemu_chr_fe_claim_no_fail(chr);
36556b20
AL		 1761 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1762 gdb_chr_event, NULL);
cfc3475a
PB		 1763 }
1764
36556b20
AL		 1765 s = gdbserver_state;
1766 if (!s) {
7267c094 1767 s = g_malloc0(sizeof(GDBState));
36556b20 1768 gdbserver_state = s;
4046d913 1769
36556b20
AL		 1770 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1771
1772 /* Initialize a monitor terminal for gdb */
d0d7708b 1773 mon_chr = qemu_chr_alloc(&common, &error_abort);
36556b20
AL		 1774 mon_chr->chr_write = gdb_monitor_write;
1775 monitor_init(mon_chr, 0);
1776 } else {
1777 if (s->chr)
70f24fb6 1778 qemu_chr_delete(s->chr);
36556b20
AL		 1779 mon_chr = s->mon_chr;
1780 memset(s, 0, sizeof(GDBState));
1781 }
2e0f2cfb
AF		 1782 s->c_cpu = first_cpu;
1783 s->g_cpu = first_cpu;
4046d913 1784 s->chr = chr;
36556b20
AL		 1785 s->state = chr ? RS_IDLE : RS_INACTIVE;
1786 s->mon_chr = mon_chr;
cdb432b2 1787 s->current_syscall_cb = NULL;
8a34a0fb 1788
b4608c04
FB		 1789 return 0;
1790}
4046d913 1791#endif
QEMU mirror