]> git.proxmox.com Git - qemu.git/blame - gdbstub.c
projects / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
smc91c111: Fix receive starvation
[qemu.git] / gdbstub.c
CommitLineData
b4608c04
FB		 1/*
2 * gdb server stub
5fafdf24 3 *
3475187d 4 * Copyright (c) 2003-2005 Fabrice Bellard
b4608c04
FB		 5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
b4608c04 18 */
978efd6a 19#include "config.h"
56aebc89 20#include "qemu-common.h"
1fddef4b
FB		 21#ifdef CONFIG_USER_ONLY
22#include <stdlib.h>
23#include <stdio.h>
24#include <stdarg.h>
25#include <string.h>
26#include <errno.h>
27#include <unistd.h>
978efd6a 28#include <fcntl.h>
1fddef4b
FB		 29
30#include "qemu.h"
31#else
83c9089e 32#include "monitor/monitor.h"
dccfcd0e 33#include "sysemu/char.h"
9c17d615 34#include "sysemu/sysemu.h"
022c62cb 35#include "exec/gdbstub.h"
1fddef4b 36#endif
67b915a5 37
56aebc89
PB		 38#define MAX_PACKET_LENGTH 4096
39
2b41f10e 40#include "cpu.h"
1de7afc9 41#include "qemu/sockets.h"
9c17d615 42#include "sysemu/kvm.h"
ca587a8e 43
f3659eee
AF		 44static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
45 uint8_t *buf, int len, bool is_write)
44520db1 46{
f3659eee
AF		 47 CPUClass *cc = CPU_GET_CLASS(cpu);
48
49 if (cc->memory_rw_debug) {
50 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
51 }
52 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
44520db1 53}
ca587a8e
AJ		 54
55enum {
56 GDB_SIGNAL_0 = 0,
57 GDB_SIGNAL_INT = 2,
425189a8 58 GDB_SIGNAL_QUIT = 3,
ca587a8e 59 GDB_SIGNAL_TRAP = 5,
425189a8
JK		 60 GDB_SIGNAL_ABRT = 6,
61 GDB_SIGNAL_ALRM = 14,
62 GDB_SIGNAL_IO = 23,
63 GDB_SIGNAL_XCPU = 24,
ca587a8e
AJ		 64 GDB_SIGNAL_UNKNOWN = 143
65};
66
67#ifdef CONFIG_USER_ONLY
68
69/* Map target signal numbers to GDB protocol signal numbers and vice
70 * versa. For user emulation's currently supported systems, we can
71 * assume most signals are defined.
72 */
73
74static int gdb_signal_table[] = {
75 0,
76 TARGET_SIGHUP,
77 TARGET_SIGINT,
78 TARGET_SIGQUIT,
79 TARGET_SIGILL,
80 TARGET_SIGTRAP,
81 TARGET_SIGABRT,
82 -1, /* SIGEMT */
83 TARGET_SIGFPE,
84 TARGET_SIGKILL,
85 TARGET_SIGBUS,
86 TARGET_SIGSEGV,
87 TARGET_SIGSYS,
88 TARGET_SIGPIPE,
89 TARGET_SIGALRM,
90 TARGET_SIGTERM,
91 TARGET_SIGURG,
92 TARGET_SIGSTOP,
93 TARGET_SIGTSTP,
94 TARGET_SIGCONT,
95 TARGET_SIGCHLD,
96 TARGET_SIGTTIN,
97 TARGET_SIGTTOU,
98 TARGET_SIGIO,
99 TARGET_SIGXCPU,
100 TARGET_SIGXFSZ,
101 TARGET_SIGVTALRM,
102 TARGET_SIGPROF,
103 TARGET_SIGWINCH,
104 -1, /* SIGLOST */
105 TARGET_SIGUSR1,
106 TARGET_SIGUSR2,
c72d5bf8 107#ifdef TARGET_SIGPWR
ca587a8e 108 TARGET_SIGPWR,
c72d5bf8
BS		 109#else
110 -1,
111#endif
ca587a8e
AJ		 112 -1, /* SIGPOLL */
113 -1,
114 -1,
115 -1,
116 -1,
117 -1,
118 -1,
119 -1,
120 -1,
121 -1,
122 -1,
123 -1,
c72d5bf8 124#ifdef __SIGRTMIN
ca587a8e
AJ		 125 __SIGRTMIN + 1,
126 __SIGRTMIN + 2,
127 __SIGRTMIN + 3,
128 __SIGRTMIN + 4,
129 __SIGRTMIN + 5,
130 __SIGRTMIN + 6,
131 __SIGRTMIN + 7,
132 __SIGRTMIN + 8,
133 __SIGRTMIN + 9,
134 __SIGRTMIN + 10,
135 __SIGRTMIN + 11,
136 __SIGRTMIN + 12,
137 __SIGRTMIN + 13,
138 __SIGRTMIN + 14,
139 __SIGRTMIN + 15,
140 __SIGRTMIN + 16,
141 __SIGRTMIN + 17,
142 __SIGRTMIN + 18,
143 __SIGRTMIN + 19,
144 __SIGRTMIN + 20,
145 __SIGRTMIN + 21,
146 __SIGRTMIN + 22,
147 __SIGRTMIN + 23,
148 __SIGRTMIN + 24,
149 __SIGRTMIN + 25,
150 __SIGRTMIN + 26,
151 __SIGRTMIN + 27,
152 __SIGRTMIN + 28,
153 __SIGRTMIN + 29,
154 __SIGRTMIN + 30,
155 __SIGRTMIN + 31,
156 -1, /* SIGCANCEL */
157 __SIGRTMIN,
158 __SIGRTMIN + 32,
159 __SIGRTMIN + 33,
160 __SIGRTMIN + 34,
161 __SIGRTMIN + 35,
162 __SIGRTMIN + 36,
163 __SIGRTMIN + 37,
164 __SIGRTMIN + 38,
165 __SIGRTMIN + 39,
166 __SIGRTMIN + 40,
167 __SIGRTMIN + 41,
168 __SIGRTMIN + 42,
169 __SIGRTMIN + 43,
170 __SIGRTMIN + 44,
171 __SIGRTMIN + 45,
172 __SIGRTMIN + 46,
173 __SIGRTMIN + 47,
174 __SIGRTMIN + 48,
175 __SIGRTMIN + 49,
176 __SIGRTMIN + 50,
177 __SIGRTMIN + 51,
178 __SIGRTMIN + 52,
179 __SIGRTMIN + 53,
180 __SIGRTMIN + 54,
181 __SIGRTMIN + 55,
182 __SIGRTMIN + 56,
183 __SIGRTMIN + 57,
184 __SIGRTMIN + 58,
185 __SIGRTMIN + 59,
186 __SIGRTMIN + 60,
187 __SIGRTMIN + 61,
188 __SIGRTMIN + 62,
189 __SIGRTMIN + 63,
190 __SIGRTMIN + 64,
191 __SIGRTMIN + 65,
192 __SIGRTMIN + 66,
193 __SIGRTMIN + 67,
194 __SIGRTMIN + 68,
195 __SIGRTMIN + 69,
196 __SIGRTMIN + 70,
197 __SIGRTMIN + 71,
198 __SIGRTMIN + 72,
199 __SIGRTMIN + 73,
200 __SIGRTMIN + 74,
201 __SIGRTMIN + 75,
202 __SIGRTMIN + 76,
203 __SIGRTMIN + 77,
204 __SIGRTMIN + 78,
205 __SIGRTMIN + 79,
206 __SIGRTMIN + 80,
207 __SIGRTMIN + 81,
208 __SIGRTMIN + 82,
209 __SIGRTMIN + 83,
210 __SIGRTMIN + 84,
211 __SIGRTMIN + 85,
212 __SIGRTMIN + 86,
213 __SIGRTMIN + 87,
214 __SIGRTMIN + 88,
215 __SIGRTMIN + 89,
216 __SIGRTMIN + 90,
217 __SIGRTMIN + 91,
218 __SIGRTMIN + 92,
219 __SIGRTMIN + 93,
220 __SIGRTMIN + 94,
221 __SIGRTMIN + 95,
222 -1, /* SIGINFO */
223 -1, /* UNKNOWN */
224 -1, /* DEFAULT */
225 -1,
226 -1,
227 -1,
228 -1,
229 -1,
230 -1
c72d5bf8 231#endif
ca587a8e 232};
8f447cc7 233#else
ca587a8e
AJ		 234/* In system mode we only need SIGINT and SIGTRAP; other signals
235 are not yet supported. */
236
237enum {
238 TARGET_SIGINT = 2,
239 TARGET_SIGTRAP = 5
240};
241
242static int gdb_signal_table[] = {
243 -1,
244 -1,
245 TARGET_SIGINT,
246 -1,
247 -1,
248 TARGET_SIGTRAP
249};
250#endif
251
252#ifdef CONFIG_USER_ONLY
253static int target_signal_to_gdb (int sig)
254{
255 int i;
256 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
257 if (gdb_signal_table[i] == sig)
258 return i;
259 return GDB_SIGNAL_UNKNOWN;
260}
8f447cc7 261#endif
b4608c04 262
ca587a8e
AJ		 263static int gdb_signal_to_target (int sig)
264{
265 if (sig < ARRAY_SIZE (gdb_signal_table))
266 return gdb_signal_table[sig];
267 else
268 return -1;
269}
270
4abe615b 271//#define DEBUG_GDB
b4608c04 272
56aebc89
PB		 273typedef struct GDBRegisterState {
274 int base_reg;
275 int num_regs;
276 gdb_reg_cb get_reg;
277 gdb_reg_cb set_reg;
278 const char *xml;
279 struct GDBRegisterState *next;
280} GDBRegisterState;
281
858693c6 282enum RSState {
36556b20 283 RS_INACTIVE,
858693c6
FB		 284 RS_IDLE,
285 RS_GETLINE,
286 RS_CHKSUM1,
287 RS_CHKSUM2,
288};
858693c6 289typedef struct GDBState {
2e0f2cfb
AF		 290 CPUState *c_cpu; /* current CPU for step/continue ops */
291 CPUState *g_cpu; /* current CPU for other ops */
52f34623 292 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
41625033 293 enum RSState state; /* parsing state */
56aebc89 294 char line_buf[MAX_PACKET_LENGTH];
858693c6
FB		 295 int line_buf_index;
296 int line_csum;
56aebc89 297 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
4046d913 298 int last_packet_len;
1f487ee9 299 int signal;
41625033 300#ifdef CONFIG_USER_ONLY
4046d913 301 int fd;
41625033 302 int running_state;
4046d913
PB		 303#else
304 CharDriverState *chr;
8a34a0fb 305 CharDriverState *mon_chr;
41625033 306#endif
cdb432b2
MI		 307 char syscall_buf[256];
308 gdb_syscall_complete_cb current_syscall_cb;
858693c6 309} GDBState;
b4608c04 310
60897d36
EI		 311/* By default use no IRQs and no timers while single stepping so as to
312 * make single stepping like an ICE HW step.
313 */
314static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
315
880a7578
AL		 316static GDBState *gdbserver_state;
317
5b50e790 318bool gdb_has_xml;
56aebc89 319
1fddef4b 320#ifdef CONFIG_USER_ONLY
4046d913
PB		 321/* XXX: This is not thread safe. Do we care? */
322static int gdbserver_fd = -1;
323
858693c6 324static int get_char(GDBState *s)
b4608c04
FB		 325{
326 uint8_t ch;
327 int ret;
328
329 for(;;) {
00aa0040 330 ret = qemu_recv(s->fd, &ch, 1, 0);
b4608c04 331 if (ret < 0) {
1f487ee9
EI		 332 if (errno == ECONNRESET)
333 s->fd = -1;
b4608c04
FB		 334 if (errno != EINTR && errno != EAGAIN)
335 return -1;
336 } else if (ret == 0) {
1f487ee9
EI		 337 close(s->fd);
338 s->fd = -1;
b4608c04
FB		 339 return -1;
340 } else {
341 break;
342 }
343 }
344 return ch;
345}
4046d913 346#endif
b4608c04 347
654efcf3 348static enum {
a2d1ebaf
PB		 349 GDB_SYS_UNKNOWN,
350 GDB_SYS_ENABLED,
351 GDB_SYS_DISABLED,
352} gdb_syscall_mode;
353
354/* If gdb is connected when the first semihosting syscall occurs then use
355 remote gdb syscalls. Otherwise use native file IO. */
356int use_gdb_syscalls(void)
357{
358 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
880a7578
AL		 359 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
360 : GDB_SYS_DISABLED);
a2d1ebaf
PB		 361 }
362 return gdb_syscall_mode == GDB_SYS_ENABLED;
363}
364
ba70a624
EI		 365/* Resume execution. */
366static inline void gdb_continue(GDBState *s)
367{
368#ifdef CONFIG_USER_ONLY
369 s->running_state = 1;
370#else
26ac7a31 371 if (!runstate_needs_reset()) {
87f25c12
PB		 372 vm_start();
373 }
ba70a624
EI		 374#endif
375}
376
858693c6 377static void put_buffer(GDBState *s, const uint8_t *buf, int len)
b4608c04 378{
4046d913 379#ifdef CONFIG_USER_ONLY
b4608c04
FB		 380 int ret;
381
382 while (len > 0) {
8f447cc7 383 ret = send(s->fd, buf, len, 0);
b4608c04
FB		 384 if (ret < 0) {
385 if (errno != EINTR && errno != EAGAIN)
386 return;
387 } else {
388 buf += ret;
389 len -= ret;
390 }
391 }
4046d913 392#else
2cc6e0a1 393 qemu_chr_fe_write(s->chr, buf, len);
4046d913 394#endif
b4608c04
FB		 395}
396
397static inline int fromhex(int v)
398{
399 if (v >= '0' && v <= '9')
400 return v - '0';
401 else if (v >= 'A' && v <= 'F')
402 return v - 'A' + 10;
403 else if (v >= 'a' && v <= 'f')
404 return v - 'a' + 10;
405 else
406 return 0;
407}
408
409static inline int tohex(int v)
410{
411 if (v < 10)
412 return v + '0';
413 else
414 return v - 10 + 'a';
415}
416
417static void memtohex(char *buf, const uint8_t *mem, int len)
418{
419 int i, c;
420 char *q;
421 q = buf;
422 for(i = 0; i < len; i++) {
423 c = mem[i];
424 *q++ = tohex(c >> 4);
425 *q++ = tohex(c & 0xf);
426 }
427 *q = '\0';
428}
429
430static void hextomem(uint8_t *mem, const char *buf, int len)
431{
432 int i;
433
434 for(i = 0; i < len; i++) {
435 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
436 buf += 2;
437 }
438}
439
b4608c04 440/* return -1 if error, 0 if OK */
56aebc89 441static int put_packet_binary(GDBState *s, const char *buf, int len)
b4608c04 442{
56aebc89 443 int csum, i;
60fe76f3 444 uint8_t *p;
b4608c04 445
b4608c04 446 for(;;) {
4046d913
PB		 447 p = s->last_packet;
448 *(p++) = '$';
4046d913
PB		 449 memcpy(p, buf, len);
450 p += len;
b4608c04
FB		 451 csum = 0;
452 for(i = 0; i < len; i++) {
453 csum += buf[i];
454 }
4046d913
PB		 455 *(p++) = '#';
456 *(p++) = tohex((csum >> 4) & 0xf);
457 *(p++) = tohex((csum) & 0xf);
b4608c04 458
4046d913 459 s->last_packet_len = p - s->last_packet;
ffe8ab83 460 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
b4608c04 461
4046d913
PB		 462#ifdef CONFIG_USER_ONLY
463 i = get_char(s);
464 if (i < 0)
b4608c04 465 return -1;
4046d913 466 if (i == '+')
b4608c04 467 break;
4046d913
PB		 468#else
469 break;
470#endif
b4608c04
FB		 471 }
472 return 0;
473}
474
56aebc89
PB		 475/* return -1 if error, 0 if OK */
476static int put_packet(GDBState *s, const char *buf)
477{
478#ifdef DEBUG_GDB
479 printf("reply='%s'\n", buf);
480#endif
79808573 481
56aebc89
PB		 482 return put_packet_binary(s, buf, strlen(buf));
483}
484
56aebc89
PB		 485/* Encode data using the encoding for 'x' packets. */
486static int memtox(char *buf, const char *mem, int len)
487{
488 char *p = buf;
489 char c;
490
491 while (len--) {
492 c = *(mem++);
493 switch (c) {
494 case '#': case '$': case '*': case '}':
495 *(p++) = '}';
496 *(p++) = c ^ 0x20;
497 break;
498 default:
499 *(p++) = c;
500 break;
501 }
502 }
503 return p - buf;
504}
f1ccf904 505
5b24c641
AF		 506static const char *get_feature_xml(const char *p, const char **newp,
507 CPUClass *cc)
56aebc89 508{
56aebc89
PB		 509 size_t len;
510 int i;
511 const char *name;
512 static char target_xml[1024];
513
514 len = 0;
515 while (p[len] && p[len] != ':')
516 len++;
517 *newp = p + len;
518
519 name = NULL;
520 if (strncmp(p, "target.xml", len) == 0) {
521 /* Generate the XML description for this CPU. */
522 if (!target_xml[0]) {
523 GDBRegisterState *r;
eac8b355 524 CPUState *cpu = first_cpu;
56aebc89 525
5b3715bf
BS		 526 snprintf(target_xml, sizeof(target_xml),
527 "<?xml version=\"1.0\"?>"
528 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
529 "<target>"
530 "<xi:include href=\"%s\"/>",
5b24c641 531 cc->gdb_core_xml_file);
56aebc89 532
eac8b355 533 for (r = cpu->gdb_regs; r; r = r->next) {
2dc766da
BS		 534 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
535 pstrcat(target_xml, sizeof(target_xml), r->xml);
536 pstrcat(target_xml, sizeof(target_xml), "\"/>");
56aebc89 537 }
2dc766da 538 pstrcat(target_xml, sizeof(target_xml), "</target>");
56aebc89
PB		 539 }
540 return target_xml;
541 }
542 for (i = 0; ; i++) {
543 name = xml_builtin[i][0];
544 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
545 break;
546 }
547 return name ? xml_builtin[i][1] : NULL;
548}
f1ccf904 549
385b9f0e 550static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
56aebc89 551{
a0e372f0 552 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 553 CPUArchState *env = cpu->env_ptr;
56aebc89 554 GDBRegisterState *r;
f1ccf904 555
a0e372f0 556 if (reg < cc->gdb_num_core_regs) {
5b50e790 557 return cc->gdb_read_register(cpu, mem_buf, reg);
a0e372f0 558 }
f1ccf904 559
eac8b355 560 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 561 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
562 return r->get_reg(env, mem_buf, reg - r->base_reg);
563 }
564 }
565 return 0;
f1ccf904
TS		 566}
567
385b9f0e 568static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
f1ccf904 569{
a0e372f0 570 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 571 CPUArchState *env = cpu->env_ptr;
56aebc89 572 GDBRegisterState *r;
f1ccf904 573
a0e372f0 574 if (reg < cc->gdb_num_core_regs) {
5b50e790 575 return cc->gdb_write_register(cpu, mem_buf, reg);
a0e372f0 576 }
56aebc89 577
eac8b355 578 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 579 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
580 return r->set_reg(env, mem_buf, reg - r->base_reg);
581 }
582 }
6da41eaf
FB		 583 return 0;
584}
585
56aebc89
PB		 586/* Register a supplemental set of CPU registers. If g_pos is nonzero it
587 specifies the first register number and these registers are included in
588 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
589 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
590 */
591
22169d41
AF		 592void gdb_register_coprocessor(CPUState *cpu,
593 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
594 int num_regs, const char *xml, int g_pos)
6da41eaf 595{
56aebc89
PB		 596 GDBRegisterState *s;
597 GDBRegisterState **p;
56aebc89 598
eac8b355 599 p = &cpu->gdb_regs;
56aebc89
PB		 600 while (*p) {
601 /* Check for duplicates. */
602 if (strcmp((*p)->xml, xml) == 0)
603 return;
604 p = &(*p)->next;
605 }
9643c25f
SW		 606
607 s = g_new0(GDBRegisterState, 1);
a0e372f0 608 s->base_reg = cpu->gdb_num_regs;
9643c25f
SW		 609 s->num_regs = num_regs;
610 s->get_reg = get_reg;
611 s->set_reg = set_reg;
612 s->xml = xml;
613
56aebc89 614 /* Add to end of list. */
a0e372f0 615 cpu->gdb_num_regs += num_regs;
56aebc89
PB		 616 *p = s;
617 if (g_pos) {
618 if (g_pos != s->base_reg) {
619 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
620 "Expected %d got %d\n", xml, g_pos, s->base_reg);
35143f01
AF		 621 } else {
622 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
56aebc89
PB		 623 }
624 }
6da41eaf
FB		 625}
626
a1d1bb31
AL		 627#ifndef CONFIG_USER_ONLY
628static const int xlat_gdb_type[] = {
629 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
630 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
631 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
632};
633#endif
634
880a7578 635static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
a1d1bb31 636{
182735ef 637 CPUState *cpu;
9349b4f9 638 CPUArchState *env;
880a7578
AL		 639 int err = 0;
640
62278814 641 if (kvm_enabled()) {
2e0f2cfb 642 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 643 }
e22a25c9 644
a1d1bb31
AL		 645 switch (type) {
646 case GDB_BREAKPOINT_SW:
647 case GDB_BREAKPOINT_HW:
bdc44640 648 CPU_FOREACH(cpu) {
182735ef 649 env = cpu->env_ptr;
880a7578
AL		 650 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
651 if (err)
652 break;
653 }
654 return err;
a1d1bb31
AL		 655#ifndef CONFIG_USER_ONLY
656 case GDB_WATCHPOINT_WRITE:
657 case GDB_WATCHPOINT_READ:
658 case GDB_WATCHPOINT_ACCESS:
bdc44640 659 CPU_FOREACH(cpu) {
182735ef 660 env = cpu->env_ptr;
880a7578
AL		 661 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
662 NULL);
663 if (err)
664 break;
665 }
666 return err;
a1d1bb31
AL		 667#endif
668 default:
669 return -ENOSYS;
670 }
671}
672
880a7578 673static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
a1d1bb31 674{
182735ef 675 CPUState *cpu;
9349b4f9 676 CPUArchState *env;
880a7578
AL		 677 int err = 0;
678
62278814 679 if (kvm_enabled()) {
2e0f2cfb 680 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 681 }
e22a25c9 682
a1d1bb31
AL		 683 switch (type) {
684 case GDB_BREAKPOINT_SW:
685 case GDB_BREAKPOINT_HW:
bdc44640 686 CPU_FOREACH(cpu) {
182735ef 687 env = cpu->env_ptr;
880a7578
AL		 688 err = cpu_breakpoint_remove(env, addr, BP_GDB);
689 if (err)
690 break;
691 }
692 return err;
a1d1bb31
AL		 693#ifndef CONFIG_USER_ONLY
694 case GDB_WATCHPOINT_WRITE:
695 case GDB_WATCHPOINT_READ:
696 case GDB_WATCHPOINT_ACCESS:
bdc44640 697 CPU_FOREACH(cpu) {
182735ef 698 env = cpu->env_ptr;
880a7578
AL		 699 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
700 if (err)
701 break;
702 }
703 return err;
a1d1bb31
AL		 704#endif
705 default:
706 return -ENOSYS;
707 }
708}
709
880a7578 710static void gdb_breakpoint_remove_all(void)
a1d1bb31 711{
182735ef 712 CPUState *cpu;
9349b4f9 713 CPUArchState *env;
880a7578 714
e22a25c9 715 if (kvm_enabled()) {
2e0f2cfb 716 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
e22a25c9
AL		 717 return;
718 }
719
bdc44640 720 CPU_FOREACH(cpu) {
182735ef 721 env = cpu->env_ptr;
880a7578 722 cpu_breakpoint_remove_all(env, BP_GDB);
a1d1bb31 723#ifndef CONFIG_USER_ONLY
880a7578 724 cpu_watchpoint_remove_all(env, BP_GDB);
a1d1bb31 725#endif
880a7578 726 }
a1d1bb31
AL		 727}
728
fab9d284
AJ		 729static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
730{
2e0f2cfb 731 CPUState *cpu = s->c_cpu;
f45748f1
AF		 732 CPUClass *cc = CPU_GET_CLASS(cpu);
733
734 cpu_synchronize_state(cpu);
735 if (cc->set_pc) {
736 cc->set_pc(cpu, pc);
ff1d1977 737 }
fab9d284
AJ		 738}
739
2e0f2cfb 740static CPUState *find_cpu(uint32_t thread_id)
1e9fa730 741{
0d34282f 742 CPUState *cpu;
1e9fa730 743
bdc44640 744 CPU_FOREACH(cpu) {
aa48dd93 745 if (cpu_index(cpu) == thread_id) {
2e0f2cfb 746 return cpu;
aa48dd93 747 }
1e9fa730 748 }
aa48dd93
AF		 749
750 return NULL;
1e9fa730
NF		 751}
752
880a7578 753static int gdb_handle_packet(GDBState *s, const char *line_buf)
b4608c04 754{
2e0f2cfb 755 CPUState *cpu;
5b24c641 756 CPUClass *cc;
b4608c04 757 const char *p;
1e9fa730
NF		 758 uint32_t thread;
759 int ch, reg_size, type, res;
56aebc89
PB		 760 char buf[MAX_PACKET_LENGTH];
761 uint8_t mem_buf[MAX_PACKET_LENGTH];
762 uint8_t *registers;
9d9754a3 763 target_ulong addr, len;
3b46e624 764
858693c6
FB		 765#ifdef DEBUG_GDB
766 printf("command='%s'\n", line_buf);
767#endif
768 p = line_buf;
769 ch = *p++;
770 switch(ch) {
771 case '?':
1fddef4b 772 /* TODO: Make this return the correct value for user-mode. */
ca587a8e 773 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
2e0f2cfb 774 cpu_index(s->c_cpu));
858693c6 775 put_packet(s, buf);
7d03f82f
EI		 776 /* Remove all the breakpoints when this query is issued,
777 * because gdb is doing and initial connect and the state
778 * should be cleaned up.
779 */
880a7578 780 gdb_breakpoint_remove_all();
858693c6
FB		 781 break;
782 case 'c':
783 if (*p != '\0') {
9d9754a3 784 addr = strtoull(p, (char **)&p, 16);
fab9d284 785 gdb_set_cpu_pc(s, addr);
858693c6 786 }
ca587a8e 787 s->signal = 0;
ba70a624 788 gdb_continue(s);
41625033 789 return RS_IDLE;
1f487ee9 790 case 'C':
ca587a8e
AJ		 791 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
792 if (s->signal == -1)
793 s->signal = 0;
1f487ee9
EI		 794 gdb_continue(s);
795 return RS_IDLE;
dd32aa10
JK		 796 case 'v':
797 if (strncmp(p, "Cont", 4) == 0) {
798 int res_signal, res_thread;
799
800 p += 4;
801 if (*p == '?') {
802 put_packet(s, "vCont;c;C;s;S");
803 break;
804 }
805 res = 0;
806 res_signal = 0;
807 res_thread = 0;
808 while (*p) {
809 int action, signal;
810
811 if (*p++ != ';') {
812 res = 0;
813 break;
814 }
815 action = *p++;
816 signal = 0;
817 if (action == 'C' || action == 'S') {
818 signal = strtoul(p, (char **)&p, 16);
819 } else if (action != 'c' && action != 's') {
820 res = 0;
821 break;
822 }
823 thread = 0;
824 if (*p == ':') {
825 thread = strtoull(p+1, (char **)&p, 16);
826 }
827 action = tolower(action);
828 if (res == 0 || (res == 'c' && action == 's')) {
829 res = action;
830 res_signal = signal;
831 res_thread = thread;
832 }
833 }
834 if (res) {
835 if (res_thread != -1 && res_thread != 0) {
2e0f2cfb
AF		 836 cpu = find_cpu(res_thread);
837 if (cpu == NULL) {
dd32aa10
JK		 838 put_packet(s, "E22");
839 break;
840 }
2e0f2cfb 841 s->c_cpu = cpu;
dd32aa10
JK		 842 }
843 if (res == 's') {
2e0f2cfb 844 cpu_single_step(s->c_cpu, sstep_flags);
dd32aa10
JK		 845 }
846 s->signal = res_signal;
847 gdb_continue(s);
848 return RS_IDLE;
849 }
850 break;
851 } else {
852 goto unknown_command;
853 }
7d03f82f 854 case 'k':
00e94dbc 855#ifdef CONFIG_USER_ONLY
7d03f82f
EI		 856 /* Kill the target */
857 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
858 exit(0);
00e94dbc 859#endif
7d03f82f
EI		 860 case 'D':
861 /* Detach packet */
880a7578 862 gdb_breakpoint_remove_all();
7ea06da3 863 gdb_syscall_mode = GDB_SYS_DISABLED;
7d03f82f
EI		 864 gdb_continue(s);
865 put_packet(s, "OK");
866 break;
858693c6
FB		 867 case 's':
868 if (*p != '\0') {
8fac5803 869 addr = strtoull(p, (char **)&p, 16);
fab9d284 870 gdb_set_cpu_pc(s, addr);
858693c6 871 }
2e0f2cfb 872 cpu_single_step(s->c_cpu, sstep_flags);
ba70a624 873 gdb_continue(s);
41625033 874 return RS_IDLE;
a2d1ebaf
PB		 875 case 'F':
876 {
877 target_ulong ret;
878 target_ulong err;
879
880 ret = strtoull(p, (char **)&p, 16);
881 if (*p == ',') {
882 p++;
883 err = strtoull(p, (char **)&p, 16);
884 } else {
885 err = 0;
886 }
887 if (*p == ',')
888 p++;
889 type = *p;
cdb432b2 890 if (s->current_syscall_cb) {
2e0f2cfb 891 s->current_syscall_cb(s->c_cpu, ret, err);
cdb432b2
MI		 892 s->current_syscall_cb = NULL;
893 }
a2d1ebaf
PB		 894 if (type == 'C') {
895 put_packet(s, "T02");
896 } else {
ba70a624 897 gdb_continue(s);
a2d1ebaf
PB		 898 }
899 }
900 break;
858693c6 901 case 'g':
2e0f2cfb 902 cpu_synchronize_state(s->g_cpu);
56aebc89 903 len = 0;
35143f01 904 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
2e0f2cfb 905 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
56aebc89
PB		 906 len += reg_size;
907 }
908 memtohex(buf, mem_buf, len);
858693c6
FB		 909 put_packet(s, buf);
910 break;
911 case 'G':
2e0f2cfb 912 cpu_synchronize_state(s->g_cpu);
56aebc89 913 registers = mem_buf;
858693c6
FB		 914 len = strlen(p) / 2;
915 hextomem((uint8_t *)registers, p, len);
35143f01 916 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
2e0f2cfb 917 reg_size = gdb_write_register(s->g_cpu, registers, addr);
56aebc89
PB		 918 len -= reg_size;
919 registers += reg_size;
920 }
858693c6
FB		 921 put_packet(s, "OK");
922 break;
923 case 'm':
9d9754a3 924 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 925 if (*p == ',')
926 p++;
9d9754a3 927 len = strtoull(p, NULL, 16);
2e0f2cfb 928 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
6f970bd9
FB		 929 put_packet (s, "E14");
930 } else {
931 memtohex(buf, mem_buf, len);
932 put_packet(s, buf);
933 }
858693c6
FB		 934 break;
935 case 'M':
9d9754a3 936 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 937 if (*p == ',')
938 p++;
9d9754a3 939 len = strtoull(p, (char **)&p, 16);
b328f873 940 if (*p == ':')
858693c6
FB		 941 p++;
942 hextomem(mem_buf, p, len);
2e0f2cfb 943 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
f3659eee 944 true) != 0) {
905f20b1 945 put_packet(s, "E14");
44520db1 946 } else {
858693c6 947 put_packet(s, "OK");
44520db1 948 }
858693c6 949 break;
56aebc89
PB		 950 case 'p':
951 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
952 This works, but can be very slow. Anything new enough to
953 understand XML also knows how to use this properly. */
954 if (!gdb_has_xml)
955 goto unknown_command;
956 addr = strtoull(p, (char **)&p, 16);
2e0f2cfb 957 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 958 if (reg_size) {
959 memtohex(buf, mem_buf, reg_size);
960 put_packet(s, buf);
961 } else {
962 put_packet(s, "E14");
963 }
964 break;
965 case 'P':
966 if (!gdb_has_xml)
967 goto unknown_command;
968 addr = strtoull(p, (char **)&p, 16);
969 if (*p == '=')
970 p++;
971 reg_size = strlen(p) / 2;
972 hextomem(mem_buf, p, reg_size);
2e0f2cfb 973 gdb_write_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 974 put_packet(s, "OK");
975 break;
858693c6 976 case 'Z':
858693c6
FB		 977 case 'z':
978 type = strtoul(p, (char **)&p, 16);
979 if (*p == ',')
980 p++;
9d9754a3 981 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 982 if (*p == ',')
983 p++;
9d9754a3 984 len = strtoull(p, (char **)&p, 16);
a1d1bb31 985 if (ch == 'Z')
880a7578 986 res = gdb_breakpoint_insert(addr, len, type);
a1d1bb31 987 else
880a7578 988 res = gdb_breakpoint_remove(addr, len, type);
a1d1bb31
AL		 989 if (res >= 0)
990 put_packet(s, "OK");
991 else if (res == -ENOSYS)
0f459d16 992 put_packet(s, "");
a1d1bb31
AL		 993 else
994 put_packet(s, "E22");
858693c6 995 break;
880a7578
AL		 996 case 'H':
997 type = *p++;
998 thread = strtoull(p, (char **)&p, 16);
999 if (thread == -1 || thread == 0) {
1000 put_packet(s, "OK");
1001 break;
1002 }
2e0f2cfb
AF		 1003 cpu = find_cpu(thread);
1004 if (cpu == NULL) {
880a7578
AL		 1005 put_packet(s, "E22");
1006 break;
1007 }
1008 switch (type) {
1009 case 'c':
2e0f2cfb 1010 s->c_cpu = cpu;
880a7578
AL		 1011 put_packet(s, "OK");
1012 break;
1013 case 'g':
2e0f2cfb 1014 s->g_cpu = cpu;
880a7578
AL		 1015 put_packet(s, "OK");
1016 break;
1017 default:
1018 put_packet(s, "E22");
1019 break;
1020 }
1021 break;
1022 case 'T':
1023 thread = strtoull(p, (char **)&p, 16);
2e0f2cfb 1024 cpu = find_cpu(thread);
1e9fa730 1025
2e0f2cfb 1026 if (cpu != NULL) {
1e9fa730
NF		 1027 put_packet(s, "OK");
1028 } else {
880a7578 1029 put_packet(s, "E22");
1e9fa730 1030 }
880a7578 1031 break;
978efd6a 1032 case 'q':
60897d36
EI		 1033 case 'Q':
1034 /* parse any 'q' packets here */
1035 if (!strcmp(p,"qemu.sstepbits")) {
1036 /* Query Breakpoint bit definitions */
363a37d5
BS		 1037 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1038 SSTEP_ENABLE,
1039 SSTEP_NOIRQ,
1040 SSTEP_NOTIMER);
60897d36
EI		 1041 put_packet(s, buf);
1042 break;
1043 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1044 /* Display or change the sstep_flags */
1045 p += 10;
1046 if (*p != '=') {
1047 /* Display current setting */
363a37d5 1048 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
60897d36
EI		 1049 put_packet(s, buf);
1050 break;
1051 }
1052 p++;
1053 type = strtoul(p, (char **)&p, 16);
1054 sstep_flags = type;
1055 put_packet(s, "OK");
1056 break;
880a7578
AL		 1057 } else if (strcmp(p,"C") == 0) {
1058 /* "Current thread" remains vague in the spec, so always return
1059 * the first CPU (gdb returns the first thread). */
1060 put_packet(s, "QC1");
1061 break;
1062 } else if (strcmp(p,"fThreadInfo") == 0) {
52f34623 1063 s->query_cpu = first_cpu;
880a7578
AL		 1064 goto report_cpuinfo;
1065 } else if (strcmp(p,"sThreadInfo") == 0) {
1066 report_cpuinfo:
1067 if (s->query_cpu) {
52f34623 1068 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
880a7578 1069 put_packet(s, buf);
bdc44640 1070 s->query_cpu = CPU_NEXT(s->query_cpu);
880a7578
AL		 1071 } else
1072 put_packet(s, "l");
1073 break;
1074 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1075 thread = strtoull(p+16, (char **)&p, 16);
2e0f2cfb
AF		 1076 cpu = find_cpu(thread);
1077 if (cpu != NULL) {
cb446eca 1078 cpu_synchronize_state(cpu);
1e9fa730 1079 len = snprintf((char *)mem_buf, sizeof(mem_buf),
55e5c285 1080 "CPU#%d [%s]", cpu->cpu_index,
259186a7 1081 cpu->halted ? "halted " : "running");
1e9fa730
NF		 1082 memtohex(buf, mem_buf, len);
1083 put_packet(s, buf);
1084 }
880a7578 1085 break;
60897d36 1086 }
0b8a988c 1087#ifdef CONFIG_USER_ONLY
60897d36 1088 else if (strncmp(p, "Offsets", 7) == 0) {
2e0f2cfb
AF		 1089 CPUArchState *env = s->c_cpu->env_ptr;
1090 TaskState *ts = env->opaque;
978efd6a 1091
363a37d5
BS		 1092 snprintf(buf, sizeof(buf),
1093 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1094 ";Bss=" TARGET_ABI_FMT_lx,
1095 ts->info->code_offset,
1096 ts->info->data_offset,
1097 ts->info->data_offset);
978efd6a
PB		 1098 put_packet(s, buf);
1099 break;
1100 }
0b8a988c 1101#else /* !CONFIG_USER_ONLY */
8a34a0fb
AL		 1102 else if (strncmp(p, "Rcmd,", 5) == 0) {
1103 int len = strlen(p + 5);
1104
1105 if ((len % 2) != 0) {
1106 put_packet(s, "E01");
1107 break;
1108 }
1109 hextomem(mem_buf, p + 5, len);
1110 len = len / 2;
1111 mem_buf[len++] = 0;
fa5efccb 1112 qemu_chr_be_write(s->mon_chr, mem_buf, len);
8a34a0fb
AL		 1113 put_packet(s, "OK");
1114 break;
1115 }
0b8a988c 1116#endif /* !CONFIG_USER_ONLY */
56aebc89 1117 if (strncmp(p, "Supported", 9) == 0) {
5b3715bf 1118 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
5b24c641
AF		 1119 cc = CPU_GET_CLASS(first_cpu);
1120 if (cc->gdb_core_xml_file != NULL) {
1121 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1122 }
56aebc89
PB		 1123 put_packet(s, buf);
1124 break;
1125 }
56aebc89
PB		 1126 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1127 const char *xml;
1128 target_ulong total_len;
1129
5b24c641
AF		 1130 cc = CPU_GET_CLASS(first_cpu);
1131 if (cc->gdb_core_xml_file == NULL) {
1132 goto unknown_command;
1133 }
1134
5b50e790 1135 gdb_has_xml = true;
56aebc89 1136 p += 19;
5b24c641 1137 xml = get_feature_xml(p, &p, cc);
56aebc89 1138 if (!xml) {
5b3715bf 1139 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1140 put_packet(s, buf);
1141 break;
1142 }
1143
1144 if (*p == ':')
1145 p++;
1146 addr = strtoul(p, (char **)&p, 16);
1147 if (*p == ',')
1148 p++;
1149 len = strtoul(p, (char **)&p, 16);
1150
1151 total_len = strlen(xml);
1152 if (addr > total_len) {
5b3715bf 1153 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1154 put_packet(s, buf);
1155 break;
1156 }
1157 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1158 len = (MAX_PACKET_LENGTH - 5) / 2;
1159 if (len < total_len - addr) {
1160 buf[0] = 'm';
1161 len = memtox(buf + 1, xml + addr, len);
1162 } else {
1163 buf[0] = 'l';
1164 len = memtox(buf + 1, xml + addr, total_len - addr);
1165 }
1166 put_packet_binary(s, buf, len + 1);
1167 break;
1168 }
56aebc89
PB		 1169 /* Unrecognised 'q' command. */
1170 goto unknown_command;
1171
858693c6 1172 default:
56aebc89 1173 unknown_command:
858693c6
FB		 1174 /* put empty packet */
1175 buf[0] = '\0';
1176 put_packet(s, buf);
1177 break;
1178 }
1179 return RS_IDLE;
1180}
1181
64f6b346 1182void gdb_set_stop_cpu(CPUState *cpu)
880a7578 1183{
2e0f2cfb
AF		 1184 gdbserver_state->c_cpu = cpu;
1185 gdbserver_state->g_cpu = cpu;
880a7578
AL		 1186}
1187
1fddef4b 1188#ifndef CONFIG_USER_ONLY
1dfb4dd9 1189static void gdb_vm_state_change(void *opaque, int running, RunState state)
858693c6 1190{
880a7578 1191 GDBState *s = gdbserver_state;
2e0f2cfb
AF		 1192 CPUArchState *env = s->c_cpu->env_ptr;
1193 CPUState *cpu = s->c_cpu;
858693c6 1194 char buf[256];
d6fc1b39 1195 const char *type;
858693c6
FB		 1196 int ret;
1197
cdb432b2
MI		 1198 if (running || s->state == RS_INACTIVE) {
1199 return;
1200 }
1201 /* Is there a GDB syscall waiting to be sent? */
1202 if (s->current_syscall_cb) {
1203 put_packet(s, s->syscall_buf);
a2d1ebaf 1204 return;
e07bbac5 1205 }
1dfb4dd9 1206 switch (state) {
0461d5a6 1207 case RUN_STATE_DEBUG:
880a7578
AL		 1208 if (env->watchpoint_hit) {
1209 switch (env->watchpoint_hit->flags & BP_MEM_ACCESS) {
a1d1bb31 1210 case BP_MEM_READ:
d6fc1b39
AL		 1211 type = "r";
1212 break;
a1d1bb31 1213 case BP_MEM_ACCESS:
d6fc1b39
AL		 1214 type = "a";
1215 break;
1216 default:
1217 type = "";
1218 break;
1219 }
880a7578
AL		 1220 snprintf(buf, sizeof(buf),
1221 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
0d34282f 1222 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
880a7578 1223 env->watchpoint_hit->vaddr);
880a7578 1224 env->watchpoint_hit = NULL;
425189a8 1225 goto send_packet;
6658ffb8 1226 }
425189a8 1227 tb_flush(env);
ca587a8e 1228 ret = GDB_SIGNAL_TRAP;
425189a8 1229 break;
0461d5a6 1230 case RUN_STATE_PAUSED:
9781e040 1231 ret = GDB_SIGNAL_INT;
425189a8 1232 break;
0461d5a6 1233 case RUN_STATE_SHUTDOWN:
425189a8
JK		 1234 ret = GDB_SIGNAL_QUIT;
1235 break;
0461d5a6 1236 case RUN_STATE_IO_ERROR:
425189a8
JK		 1237 ret = GDB_SIGNAL_IO;
1238 break;
0461d5a6 1239 case RUN_STATE_WATCHDOG:
425189a8
JK		 1240 ret = GDB_SIGNAL_ALRM;
1241 break;
0461d5a6 1242 case RUN_STATE_INTERNAL_ERROR:
425189a8
JK		 1243 ret = GDB_SIGNAL_ABRT;
1244 break;
0461d5a6
LC		 1245 case RUN_STATE_SAVE_VM:
1246 case RUN_STATE_RESTORE_VM:
425189a8 1247 return;
0461d5a6 1248 case RUN_STATE_FINISH_MIGRATE:
425189a8
JK		 1249 ret = GDB_SIGNAL_XCPU;
1250 break;
1251 default:
1252 ret = GDB_SIGNAL_UNKNOWN;
1253 break;
bbeb7b5c 1254 }
0d34282f 1255 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
425189a8
JK		 1256
1257send_packet:
858693c6 1258 put_packet(s, buf);
425189a8
JK		 1259
1260 /* disable single step if it was enabled */
3825b28f 1261 cpu_single_step(cpu, 0);
858693c6 1262}
1fddef4b 1263#endif
858693c6 1264
a2d1ebaf
PB		 1265/* Send a gdb syscall request.
1266 This accepts limited printf-style format specifiers, specifically:
a87295e8
PB		 1267 %x - target_ulong argument printed in hex.
1268 %lx - 64-bit argument printed in hex.
1269 %s - string pointer (target_ulong) and length (int) pair. */
7ccfb2eb 1270void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
a2d1ebaf
PB		 1271{
1272 va_list va;
a2d1ebaf 1273 char *p;
cdb432b2 1274 char *p_end;
a2d1ebaf 1275 target_ulong addr;
a87295e8 1276 uint64_t i64;
a2d1ebaf
PB		 1277 GDBState *s;
1278
880a7578 1279 s = gdbserver_state;
a2d1ebaf
PB		 1280 if (!s)
1281 return;
cdb432b2 1282 s->current_syscall_cb = cb;
a2d1ebaf 1283#ifndef CONFIG_USER_ONLY
0461d5a6 1284 vm_stop(RUN_STATE_DEBUG);
a2d1ebaf 1285#endif
a2d1ebaf 1286 va_start(va, fmt);
cdb432b2
MI		 1287 p = s->syscall_buf;
1288 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
a2d1ebaf
PB		 1289 *(p++) = 'F';
1290 while (*fmt) {
1291 if (*fmt == '%') {
1292 fmt++;
1293 switch (*fmt++) {
1294 case 'x':
1295 addr = va_arg(va, target_ulong);
cdb432b2 1296 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
a2d1ebaf 1297 break;
a87295e8
PB		 1298 case 'l':
1299 if (*(fmt++) != 'x')
1300 goto bad_format;
1301 i64 = va_arg(va, uint64_t);
cdb432b2 1302 p += snprintf(p, p_end - p, "%" PRIx64, i64);
a87295e8 1303 break;
a2d1ebaf
PB		 1304 case 's':
1305 addr = va_arg(va, target_ulong);
cdb432b2 1306 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
363a37d5 1307 addr, va_arg(va, int));
a2d1ebaf
PB		 1308 break;
1309 default:
a87295e8 1310 bad_format:
a2d1ebaf
PB		 1311 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1312 fmt - 1);
1313 break;
1314 }
1315 } else {
1316 *(p++) = *(fmt++);
1317 }
1318 }
8a93e02a 1319 *p = 0;
a2d1ebaf 1320 va_end(va);
a2d1ebaf 1321#ifdef CONFIG_USER_ONLY
cdb432b2 1322 put_packet(s, s->syscall_buf);
2e0f2cfb 1323 gdb_handlesig(s->c_cpu, 0);
a2d1ebaf 1324#else
cdb432b2
MI		 1325 /* In this case wait to send the syscall packet until notification that
1326 the CPU has stopped. This must be done because if the packet is sent
1327 now the reply from the syscall request could be received while the CPU
1328 is still in the running state, which can cause packets to be dropped
1329 and state transition 'T' packets to be sent while the syscall is still
1330 being processed. */
2e0f2cfb 1331 cpu_exit(s->c_cpu);
a2d1ebaf
PB		 1332#endif
1333}
1334
6a00d601 1335static void gdb_read_byte(GDBState *s, int ch)
858693c6
FB		 1336{
1337 int i, csum;
60fe76f3 1338 uint8_t reply;
858693c6 1339
1fddef4b 1340#ifndef CONFIG_USER_ONLY
4046d913
PB		 1341 if (s->last_packet_len) {
1342 /* Waiting for a response to the last packet. If we see the start
1343 of a new command then abandon the previous response. */
1344 if (ch == '-') {
1345#ifdef DEBUG_GDB
1346 printf("Got NACK, retransmitting\n");
1347#endif
ffe8ab83 1348 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
4046d913
PB		 1349 }
1350#ifdef DEBUG_GDB
1351 else if (ch == '+')
1352 printf("Got ACK\n");
1353 else
1354 printf("Got '%c' when expecting ACK/NACK\n", ch);
1355#endif
1356 if (ch == '+' || ch == '$')
1357 s->last_packet_len = 0;
1358 if (ch != '$')
1359 return;
1360 }
1354869c 1361 if (runstate_is_running()) {
858693c6
FB		 1362 /* when the CPU is running, we cannot do anything except stop
1363 it when receiving a char */
0461d5a6 1364 vm_stop(RUN_STATE_PAUSED);
5fafdf24 1365 } else
1fddef4b 1366#endif
41625033 1367 {
858693c6
FB		 1368 switch(s->state) {
1369 case RS_IDLE:
1370 if (ch == '$') {
1371 s->line_buf_index = 0;
1372 s->state = RS_GETLINE;
c33a346e 1373 }
b4608c04 1374 break;
858693c6
FB		 1375 case RS_GETLINE:
1376 if (ch == '#') {
1377 s->state = RS_CHKSUM1;
1378 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1379 s->state = RS_IDLE;
4c3a88a2 1380 } else {
858693c6 1381 s->line_buf[s->line_buf_index++] = ch;
4c3a88a2
FB		 1382 }
1383 break;
858693c6
FB		 1384 case RS_CHKSUM1:
1385 s->line_buf[s->line_buf_index] = '\0';
1386 s->line_csum = fromhex(ch) << 4;
1387 s->state = RS_CHKSUM2;
1388 break;
1389 case RS_CHKSUM2:
1390 s->line_csum |= fromhex(ch);
1391 csum = 0;
1392 for(i = 0; i < s->line_buf_index; i++) {
1393 csum += s->line_buf[i];
1394 }
1395 if (s->line_csum != (csum & 0xff)) {
60fe76f3
TS		 1396 reply = '-';
1397 put_buffer(s, &reply, 1);
858693c6 1398 s->state = RS_IDLE;
4c3a88a2 1399 } else {
60fe76f3
TS		 1400 reply = '+';
1401 put_buffer(s, &reply, 1);
880a7578 1402 s->state = gdb_handle_packet(s, s->line_buf);
4c3a88a2
FB		 1403 }
1404 break;
a2d1ebaf
PB		 1405 default:
1406 abort();
858693c6
FB		 1407 }
1408 }
1409}
1410
0e1c9c54 1411/* Tell the remote gdb that the process has exited. */
9349b4f9 1412void gdb_exit(CPUArchState *env, int code)
0e1c9c54
PB		 1413{
1414 GDBState *s;
1415 char buf[4];
1416
1417 s = gdbserver_state;
1418 if (!s) {
1419 return;
1420 }
1421#ifdef CONFIG_USER_ONLY
1422 if (gdbserver_fd < 0 || s->fd < 0) {
1423 return;
1424 }
1425#endif
1426
1427 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1428 put_packet(s, buf);
e2af15b2
FC		 1429
1430#ifndef CONFIG_USER_ONLY
1431 if (s->chr) {
70f24fb6 1432 qemu_chr_delete(s->chr);
e2af15b2
FC		 1433 }
1434#endif
0e1c9c54
PB		 1435}
1436
1fddef4b 1437#ifdef CONFIG_USER_ONLY
ca587a8e
AJ		 1438int
1439gdb_queuesig (void)
1440{
1441 GDBState *s;
1442
1443 s = gdbserver_state;
1444
1445 if (gdbserver_fd < 0 || s->fd < 0)
1446 return 0;
1447 else
1448 return 1;
1449}
1450
1fddef4b 1451int
db6b81d4 1452gdb_handlesig(CPUState *cpu, int sig)
1fddef4b 1453{
db6b81d4 1454 CPUArchState *env = cpu->env_ptr;
5ca666c7
AF		 1455 GDBState *s;
1456 char buf[256];
1457 int n;
1fddef4b 1458
5ca666c7
AF		 1459 s = gdbserver_state;
1460 if (gdbserver_fd < 0 || s->fd < 0) {
1461 return sig;
1462 }
1fddef4b 1463
5ca666c7 1464 /* disable single step if it was enabled */
3825b28f 1465 cpu_single_step(cpu, 0);
5ca666c7 1466 tb_flush(env);
1fddef4b 1467
5ca666c7
AF		 1468 if (sig != 0) {
1469 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1470 put_packet(s, buf);
1471 }
1472 /* put_packet() might have detected that the peer terminated the
1473 connection. */
1474 if (s->fd < 0) {
1475 return sig;
1476 }
1fddef4b 1477
5ca666c7
AF		 1478 sig = 0;
1479 s->state = RS_IDLE;
1480 s->running_state = 0;
1481 while (s->running_state == 0) {
1482 n = read(s->fd, buf, 256);
1483 if (n > 0) {
1484 int i;
1485
1486 for (i = 0; i < n; i++) {
1487 gdb_read_byte(s, buf[i]);
1488 }
1489 } else if (n == 0 || errno != EAGAIN) {
1490 /* XXX: Connection closed. Should probably wait for another
1491 connection before continuing. */
1492 return sig;
1fddef4b 1493 }
5ca666c7
AF		 1494 }
1495 sig = s->signal;
1496 s->signal = 0;
1497 return sig;
1fddef4b 1498}
e9009676 1499
ca587a8e 1500/* Tell the remote gdb that the process has exited due to SIG. */
9349b4f9 1501void gdb_signalled(CPUArchState *env, int sig)
ca587a8e 1502{
5ca666c7
AF		 1503 GDBState *s;
1504 char buf[4];
ca587a8e 1505
5ca666c7
AF		 1506 s = gdbserver_state;
1507 if (gdbserver_fd < 0 || s->fd < 0) {
1508 return;
1509 }
ca587a8e 1510
5ca666c7
AF		 1511 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1512 put_packet(s, buf);
ca587a8e 1513}
1fddef4b 1514
880a7578 1515static void gdb_accept(void)
858693c6
FB		 1516{
1517 GDBState *s;
1518 struct sockaddr_in sockaddr;
1519 socklen_t len;
bf1c852a 1520 int fd;
858693c6
FB		 1521
1522 for(;;) {
1523 len = sizeof(sockaddr);
1524 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1525 if (fd < 0 && errno != EINTR) {
1526 perror("accept");
1527 return;
1528 } else if (fd >= 0) {
40ff6d7e
KW		 1529#ifndef _WIN32
1530 fcntl(fd, F_SETFD, FD_CLOEXEC);
1531#endif
b4608c04
FB		 1532 break;
1533 }
1534 }
858693c6
FB		 1535
1536 /* set short latency */
bf1c852a 1537 socket_set_nodelay(fd);
3b46e624 1538
7267c094 1539 s = g_malloc0(sizeof(GDBState));
2e0f2cfb
AF		 1540 s->c_cpu = first_cpu;
1541 s->g_cpu = first_cpu;
858693c6 1542 s->fd = fd;
5b50e790 1543 gdb_has_xml = false;
858693c6 1544
880a7578 1545 gdbserver_state = s;
a2d1ebaf 1546
858693c6 1547 fcntl(fd, F_SETFL, O_NONBLOCK);
858693c6
FB		 1548}
1549
1550static int gdbserver_open(int port)
1551{
1552 struct sockaddr_in sockaddr;
6669ca13 1553 int fd, ret;
858693c6
FB		 1554
1555 fd = socket(PF_INET, SOCK_STREAM, 0);
1556 if (fd < 0) {
1557 perror("socket");
1558 return -1;
1559 }
40ff6d7e
KW		 1560#ifndef _WIN32
1561 fcntl(fd, F_SETFD, FD_CLOEXEC);
1562#endif
858693c6 1563
6669ca13 1564 socket_set_fast_reuse(fd);
858693c6
FB		 1565
1566 sockaddr.sin_family = AF_INET;
1567 sockaddr.sin_port = htons(port);
1568 sockaddr.sin_addr.s_addr = 0;
1569 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1570 if (ret < 0) {
1571 perror("bind");
bb16172c 1572 close(fd);
858693c6
FB		 1573 return -1;
1574 }
1575 ret = listen(fd, 0);
1576 if (ret < 0) {
1577 perror("listen");
bb16172c 1578 close(fd);
858693c6
FB		 1579 return -1;
1580 }
858693c6
FB		 1581 return fd;
1582}
1583
1584int gdbserver_start(int port)
1585{
1586 gdbserver_fd = gdbserver_open(port);
1587 if (gdbserver_fd < 0)
1588 return -1;
1589 /* accept connections */
880a7578 1590 gdb_accept();
4046d913
PB		 1591 return 0;
1592}
2b1319c8
AJ		 1593
1594/* Disable gdb stub for child processes. */
9349b4f9 1595void gdbserver_fork(CPUArchState *env)
2b1319c8
AJ		 1596{
1597 GDBState *s = gdbserver_state;
9f6164d6 1598 if (gdbserver_fd < 0 || s->fd < 0)
2b1319c8
AJ		 1599 return;
1600 close(s->fd);
1601 s->fd = -1;
1602 cpu_breakpoint_remove_all(env, BP_GDB);
1603 cpu_watchpoint_remove_all(env, BP_GDB);
1604}
1fddef4b 1605#else
aa1f17c1 1606static int gdb_chr_can_receive(void *opaque)
4046d913 1607{
56aebc89
PB		 1608 /* We can handle an arbitrarily large amount of data.
1609 Pick the maximum packet size, which is as good as anything. */
1610 return MAX_PACKET_LENGTH;
4046d913
PB		 1611}
1612
aa1f17c1 1613static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
4046d913 1614{
4046d913
PB		 1615 int i;
1616
1617 for (i = 0; i < size; i++) {
880a7578 1618 gdb_read_byte(gdbserver_state, buf[i]);
4046d913
PB		 1619 }
1620}
1621
1622static void gdb_chr_event(void *opaque, int event)
1623{
1624 switch (event) {
b6b8df56 1625 case CHR_EVENT_OPENED:
0461d5a6 1626 vm_stop(RUN_STATE_PAUSED);
5b50e790 1627 gdb_has_xml = false;
4046d913
PB		 1628 break;
1629 default:
1630 break;
1631 }
1632}
1633
8a34a0fb
AL		 1634static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1635{
1636 char buf[MAX_PACKET_LENGTH];
1637
1638 buf[0] = 'O';
1639 if (len > (MAX_PACKET_LENGTH/2) - 1)
1640 len = (MAX_PACKET_LENGTH/2) - 1;
1641 memtohex(buf + 1, (uint8_t *)msg, len);
1642 put_packet(s, buf);
1643}
1644
1645static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1646{
1647 const char *p = (const char *)buf;
1648 int max_sz;
1649
1650 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1651 for (;;) {
1652 if (len <= max_sz) {
1653 gdb_monitor_output(gdbserver_state, p, len);
1654 break;
1655 }
1656 gdb_monitor_output(gdbserver_state, p, max_sz);
1657 p += max_sz;
1658 len -= max_sz;
1659 }
1660 return len;
1661}
1662
59030a8c
AL		 1663#ifndef _WIN32
1664static void gdb_sigterm_handler(int signal)
1665{
1354869c 1666 if (runstate_is_running()) {
0461d5a6 1667 vm_stop(RUN_STATE_PAUSED);
e07bbac5 1668 }
59030a8c
AL		 1669}
1670#endif
1671
1672int gdbserver_start(const char *device)
4046d913
PB		 1673{
1674 GDBState *s;
59030a8c 1675 char gdbstub_device_name[128];
36556b20
AL		 1676 CharDriverState *chr = NULL;
1677 CharDriverState *mon_chr;
cfc3475a 1678
59030a8c
AL		 1679 if (!device)
1680 return -1;
1681 if (strcmp(device, "none") != 0) {
1682 if (strstart(device, "tcp:", NULL)) {
1683 /* enforce required TCP attributes */
1684 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1685 "%s,nowait,nodelay,server", device);
1686 device = gdbstub_device_name;
36556b20 1687 }
59030a8c
AL		 1688#ifndef _WIN32
1689 else if (strcmp(device, "stdio") == 0) {
1690 struct sigaction act;
4046d913 1691
59030a8c
AL		 1692 memset(&act, 0, sizeof(act));
1693 act.sa_handler = gdb_sigterm_handler;
1694 sigaction(SIGINT, &act, NULL);
1695 }
1696#endif
27143a44 1697 chr = qemu_chr_new("gdb", device, NULL);
36556b20
AL		 1698 if (!chr)
1699 return -1;
1700
456d6069 1701 qemu_chr_fe_claim_no_fail(chr);
36556b20
AL		 1702 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1703 gdb_chr_event, NULL);
cfc3475a
PB		 1704 }
1705
36556b20
AL		 1706 s = gdbserver_state;
1707 if (!s) {
7267c094 1708 s = g_malloc0(sizeof(GDBState));
36556b20 1709 gdbserver_state = s;
4046d913 1710
36556b20
AL		 1711 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1712
1713 /* Initialize a monitor terminal for gdb */
7267c094 1714 mon_chr = g_malloc0(sizeof(*mon_chr));
36556b20
AL		 1715 mon_chr->chr_write = gdb_monitor_write;
1716 monitor_init(mon_chr, 0);
1717 } else {
1718 if (s->chr)
70f24fb6 1719 qemu_chr_delete(s->chr);
36556b20
AL		 1720 mon_chr = s->mon_chr;
1721 memset(s, 0, sizeof(GDBState));
1722 }
2e0f2cfb
AF		 1723 s->c_cpu = first_cpu;
1724 s->g_cpu = first_cpu;
4046d913 1725 s->chr = chr;
36556b20
AL		 1726 s->state = chr ? RS_IDLE : RS_INACTIVE;
1727 s->mon_chr = mon_chr;
cdb432b2 1728 s->current_syscall_cb = NULL;
8a34a0fb 1729
b4608c04
FB		 1730 return 0;
1731}
4046d913 1732#endif
Qemu copy for testing