]> git.ipfire.org Git - thirdparty/qemu.git/blame - gdbstub.c
projects / thirdparty / qemu.git / blame
? search:
summary | shortlog | log | commit | commitdiff | tree
blob | blame (incremental) | history | HEAD
gdbstub: introduce GDB processes
[thirdparty/qemu.git] / gdbstub.c
CommitLineData
b4608c04
FB		 1/*
2 * gdb server stub
5fafdf24 3 *
3475187d 4 * Copyright (c) 2003-2005 Fabrice Bellard
b4608c04
FB		 5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
8167ee88 17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
b4608c04 18 */
d38ea87a 19#include "qemu/osdep.h"
da34e65c 20#include "qapi/error.h"
508b4ecc 21#include "qemu/error-report.h"
f348b6d1 22#include "qemu/cutils.h"
5c9522b3 23#include "trace-root.h"
f348b6d1 24#ifdef CONFIG_USER_ONLY
1fddef4b
FB		 25#include "qemu.h"
26#else
83c9089e 27#include "monitor/monitor.h"
8228e353 28#include "chardev/char.h"
4d43a603 29#include "chardev/char-fe.h"
9c17d615 30#include "sysemu/sysemu.h"
022c62cb 31#include "exec/gdbstub.h"
8f468636 32#include "hw/cpu/cluster.h"
1fddef4b 33#endif
67b915a5 34
56aebc89
PB		 35#define MAX_PACKET_LENGTH 4096
36
1de7afc9 37#include "qemu/sockets.h"
b3946626 38#include "sysemu/hw_accel.h"
9c17d615 39#include "sysemu/kvm.h"
cfe67cef 40#include "exec/semihost.h"
63c91552 41#include "exec/exec-all.h"
ca587a8e 42
a3919386
JK		 43#ifdef CONFIG_USER_ONLY
44#define GDB_ATTACHED "0"
45#else
46#define GDB_ATTACHED "1"
47#endif
48
f3659eee
AF		 49static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
50 uint8_t *buf, int len, bool is_write)
44520db1 51{
f3659eee
AF		 52 CPUClass *cc = CPU_GET_CLASS(cpu);
53
54 if (cc->memory_rw_debug) {
55 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
56 }
57 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
44520db1 58}
ca587a8e 59
d2a6c857
AB		 60/* Return the GDB index for a given vCPU state.
61 *
62 * For user mode this is simply the thread id. In system mode GDB
63 * numbers CPUs from 1 as 0 is reserved as an "any cpu" index.
64 */
65static inline int cpu_gdb_index(CPUState *cpu)
66{
67#if defined(CONFIG_USER_ONLY)
bd88c780
AB		 68 TaskState *ts = (TaskState *) cpu->opaque;
69 return ts->ts_tid;
d2a6c857
AB		 70#else
71 return cpu->cpu_index + 1;
72#endif
73}
74
ca587a8e
AJ		 75enum {
76 GDB_SIGNAL_0 = 0,
77 GDB_SIGNAL_INT = 2,
425189a8 78 GDB_SIGNAL_QUIT = 3,
ca587a8e 79 GDB_SIGNAL_TRAP = 5,
425189a8
JK		 80 GDB_SIGNAL_ABRT = 6,
81 GDB_SIGNAL_ALRM = 14,
82 GDB_SIGNAL_IO = 23,
83 GDB_SIGNAL_XCPU = 24,
ca587a8e
AJ		 84 GDB_SIGNAL_UNKNOWN = 143
85};
86
87#ifdef CONFIG_USER_ONLY
88
89/* Map target signal numbers to GDB protocol signal numbers and vice
90 * versa. For user emulation's currently supported systems, we can
91 * assume most signals are defined.
92 */
93
94static int gdb_signal_table[] = {
95 0,
96 TARGET_SIGHUP,
97 TARGET_SIGINT,
98 TARGET_SIGQUIT,
99 TARGET_SIGILL,
100 TARGET_SIGTRAP,
101 TARGET_SIGABRT,
102 -1, /* SIGEMT */
103 TARGET_SIGFPE,
104 TARGET_SIGKILL,
105 TARGET_SIGBUS,
106 TARGET_SIGSEGV,
107 TARGET_SIGSYS,
108 TARGET_SIGPIPE,
109 TARGET_SIGALRM,
110 TARGET_SIGTERM,
111 TARGET_SIGURG,
112 TARGET_SIGSTOP,
113 TARGET_SIGTSTP,
114 TARGET_SIGCONT,
115 TARGET_SIGCHLD,
116 TARGET_SIGTTIN,
117 TARGET_SIGTTOU,
118 TARGET_SIGIO,
119 TARGET_SIGXCPU,
120 TARGET_SIGXFSZ,
121 TARGET_SIGVTALRM,
122 TARGET_SIGPROF,
123 TARGET_SIGWINCH,
124 -1, /* SIGLOST */
125 TARGET_SIGUSR1,
126 TARGET_SIGUSR2,
c72d5bf8 127#ifdef TARGET_SIGPWR
ca587a8e 128 TARGET_SIGPWR,
c72d5bf8
BS		 129#else
130 -1,
131#endif
ca587a8e
AJ		 132 -1, /* SIGPOLL */
133 -1,
134 -1,
135 -1,
136 -1,
137 -1,
138 -1,
139 -1,
140 -1,
141 -1,
142 -1,
143 -1,
c72d5bf8 144#ifdef __SIGRTMIN
ca587a8e
AJ		 145 __SIGRTMIN + 1,
146 __SIGRTMIN + 2,
147 __SIGRTMIN + 3,
148 __SIGRTMIN + 4,
149 __SIGRTMIN + 5,
150 __SIGRTMIN + 6,
151 __SIGRTMIN + 7,
152 __SIGRTMIN + 8,
153 __SIGRTMIN + 9,
154 __SIGRTMIN + 10,
155 __SIGRTMIN + 11,
156 __SIGRTMIN + 12,
157 __SIGRTMIN + 13,
158 __SIGRTMIN + 14,
159 __SIGRTMIN + 15,
160 __SIGRTMIN + 16,
161 __SIGRTMIN + 17,
162 __SIGRTMIN + 18,
163 __SIGRTMIN + 19,
164 __SIGRTMIN + 20,
165 __SIGRTMIN + 21,
166 __SIGRTMIN + 22,
167 __SIGRTMIN + 23,
168 __SIGRTMIN + 24,
169 __SIGRTMIN + 25,
170 __SIGRTMIN + 26,
171 __SIGRTMIN + 27,
172 __SIGRTMIN + 28,
173 __SIGRTMIN + 29,
174 __SIGRTMIN + 30,
175 __SIGRTMIN + 31,
176 -1, /* SIGCANCEL */
177 __SIGRTMIN,
178 __SIGRTMIN + 32,
179 __SIGRTMIN + 33,
180 __SIGRTMIN + 34,
181 __SIGRTMIN + 35,
182 __SIGRTMIN + 36,
183 __SIGRTMIN + 37,
184 __SIGRTMIN + 38,
185 __SIGRTMIN + 39,
186 __SIGRTMIN + 40,
187 __SIGRTMIN + 41,
188 __SIGRTMIN + 42,
189 __SIGRTMIN + 43,
190 __SIGRTMIN + 44,
191 __SIGRTMIN + 45,
192 __SIGRTMIN + 46,
193 __SIGRTMIN + 47,
194 __SIGRTMIN + 48,
195 __SIGRTMIN + 49,
196 __SIGRTMIN + 50,
197 __SIGRTMIN + 51,
198 __SIGRTMIN + 52,
199 __SIGRTMIN + 53,
200 __SIGRTMIN + 54,
201 __SIGRTMIN + 55,
202 __SIGRTMIN + 56,
203 __SIGRTMIN + 57,
204 __SIGRTMIN + 58,
205 __SIGRTMIN + 59,
206 __SIGRTMIN + 60,
207 __SIGRTMIN + 61,
208 __SIGRTMIN + 62,
209 __SIGRTMIN + 63,
210 __SIGRTMIN + 64,
211 __SIGRTMIN + 65,
212 __SIGRTMIN + 66,
213 __SIGRTMIN + 67,
214 __SIGRTMIN + 68,
215 __SIGRTMIN + 69,
216 __SIGRTMIN + 70,
217 __SIGRTMIN + 71,
218 __SIGRTMIN + 72,
219 __SIGRTMIN + 73,
220 __SIGRTMIN + 74,
221 __SIGRTMIN + 75,
222 __SIGRTMIN + 76,
223 __SIGRTMIN + 77,
224 __SIGRTMIN + 78,
225 __SIGRTMIN + 79,
226 __SIGRTMIN + 80,
227 __SIGRTMIN + 81,
228 __SIGRTMIN + 82,
229 __SIGRTMIN + 83,
230 __SIGRTMIN + 84,
231 __SIGRTMIN + 85,
232 __SIGRTMIN + 86,
233 __SIGRTMIN + 87,
234 __SIGRTMIN + 88,
235 __SIGRTMIN + 89,
236 __SIGRTMIN + 90,
237 __SIGRTMIN + 91,
238 __SIGRTMIN + 92,
239 __SIGRTMIN + 93,
240 __SIGRTMIN + 94,
241 __SIGRTMIN + 95,
242 -1, /* SIGINFO */
243 -1, /* UNKNOWN */
244 -1, /* DEFAULT */
245 -1,
246 -1,
247 -1,
248 -1,
249 -1,
250 -1
c72d5bf8 251#endif
ca587a8e 252};
8f447cc7 253#else
ca587a8e
AJ		 254/* In system mode we only need SIGINT and SIGTRAP; other signals
255 are not yet supported. */
256
257enum {
258 TARGET_SIGINT = 2,
259 TARGET_SIGTRAP = 5
260};
261
262static int gdb_signal_table[] = {
263 -1,
264 -1,
265 TARGET_SIGINT,
266 -1,
267 -1,
268 TARGET_SIGTRAP
269};
270#endif
271
272#ifdef CONFIG_USER_ONLY
273static int target_signal_to_gdb (int sig)
274{
275 int i;
276 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
277 if (gdb_signal_table[i] == sig)
278 return i;
279 return GDB_SIGNAL_UNKNOWN;
280}
8f447cc7 281#endif
b4608c04 282
ca587a8e
AJ		 283static int gdb_signal_to_target (int sig)
284{
285 if (sig < ARRAY_SIZE (gdb_signal_table))
286 return gdb_signal_table[sig];
287 else
288 return -1;
289}
290
56aebc89
PB		 291typedef struct GDBRegisterState {
292 int base_reg;
293 int num_regs;
294 gdb_reg_cb get_reg;
295 gdb_reg_cb set_reg;
296 const char *xml;
297 struct GDBRegisterState *next;
298} GDBRegisterState;
299
8f468636
LM		 300typedef struct GDBProcess {
301 uint32_t pid;
302 bool attached;
303} GDBProcess;
304
858693c6 305enum RSState {
36556b20 306 RS_INACTIVE,
858693c6
FB		 307 RS_IDLE,
308 RS_GETLINE,
4bf43122
DG		 309 RS_GETLINE_ESC,
310 RS_GETLINE_RLE,
858693c6
FB		 311 RS_CHKSUM1,
312 RS_CHKSUM2,
313};
858693c6 314typedef struct GDBState {
2e0f2cfb
AF		 315 CPUState *c_cpu; /* current CPU for step/continue ops */
316 CPUState *g_cpu; /* current CPU for other ops */
52f34623 317 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
41625033 318 enum RSState state; /* parsing state */
56aebc89 319 char line_buf[MAX_PACKET_LENGTH];
858693c6 320 int line_buf_index;
4bf43122
DG		 321 int line_sum; /* running checksum */
322 int line_csum; /* checksum at the end of the packet */
56aebc89 323 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
4046d913 324 int last_packet_len;
1f487ee9 325 int signal;
41625033 326#ifdef CONFIG_USER_ONLY
4046d913 327 int fd;
41625033 328 int running_state;
4046d913 329#else
32a6ebec 330 CharBackend chr;
0ec7b3e7 331 Chardev *mon_chr;
41625033 332#endif
8f468636
LM		 333 bool multiprocess;
334 GDBProcess *processes;
335 int process_num;
cdb432b2
MI		 336 char syscall_buf[256];
337 gdb_syscall_complete_cb current_syscall_cb;
858693c6 338} GDBState;
b4608c04 339
60897d36
EI		 340/* By default use no IRQs and no timers while single stepping so as to
341 * make single stepping like an ICE HW step.
342 */
343static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
344
880a7578
AL		 345static GDBState *gdbserver_state;
346
5b50e790 347bool gdb_has_xml;
56aebc89 348
1fddef4b 349#ifdef CONFIG_USER_ONLY
4046d913
PB		 350/* XXX: This is not thread safe. Do we care? */
351static int gdbserver_fd = -1;
352
858693c6 353static int get_char(GDBState *s)
b4608c04
FB		 354{
355 uint8_t ch;
356 int ret;
357
358 for(;;) {
00aa0040 359 ret = qemu_recv(s->fd, &ch, 1, 0);
b4608c04 360 if (ret < 0) {
1f487ee9
EI		 361 if (errno == ECONNRESET)
362 s->fd = -1;
5819e3e0 363 if (errno != EINTR)
b4608c04
FB		 364 return -1;
365 } else if (ret == 0) {
1f487ee9
EI		 366 close(s->fd);
367 s->fd = -1;
b4608c04
FB		 368 return -1;
369 } else {
370 break;
371 }
372 }
373 return ch;
374}
4046d913 375#endif
b4608c04 376
654efcf3 377static enum {
a2d1ebaf
PB		 378 GDB_SYS_UNKNOWN,
379 GDB_SYS_ENABLED,
380 GDB_SYS_DISABLED,
381} gdb_syscall_mode;
382
a38bb079 383/* Decide if either remote gdb syscalls or native file IO should be used. */
a2d1ebaf
PB		 384int use_gdb_syscalls(void)
385{
cfe67cef
LA		 386 SemihostingTarget target = semihosting_get_target();
387 if (target == SEMIHOSTING_TARGET_NATIVE) {
a38bb079
LI		 388 /* -semihosting-config target=native */
389 return false;
cfe67cef 390 } else if (target == SEMIHOSTING_TARGET_GDB) {
a38bb079
LI		 391 /* -semihosting-config target=gdb */
392 return true;
393 }
394
395 /* -semihosting-config target=auto */
396 /* On the first call check if gdb is connected and remember. */
a2d1ebaf 397 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
880a7578
AL		 398 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
399 : GDB_SYS_DISABLED);
a2d1ebaf
PB		 400 }
401 return gdb_syscall_mode == GDB_SYS_ENABLED;
402}
403
ba70a624
EI		 404/* Resume execution. */
405static inline void gdb_continue(GDBState *s)
406{
5c9522b3 407
ba70a624
EI		 408#ifdef CONFIG_USER_ONLY
409 s->running_state = 1;
5c9522b3 410 trace_gdbstub_op_continue();
ba70a624 411#else
26ac7a31 412 if (!runstate_needs_reset()) {
5c9522b3 413 trace_gdbstub_op_continue();
87f25c12
PB		 414 vm_start();
415 }
ba70a624
EI		 416#endif
417}
418
544177ad
CI		 419/*
420 * Resume execution, per CPU actions. For user-mode emulation it's
421 * equivalent to gdb_continue.
422 */
423static int gdb_continue_partial(GDBState *s, char *newstates)
424{
425 CPUState *cpu;
426 int res = 0;
427#ifdef CONFIG_USER_ONLY
428 /*
429 * This is not exactly accurate, but it's an improvement compared to the
430 * previous situation, where only one CPU would be single-stepped.
431 */
432 CPU_FOREACH(cpu) {
433 if (newstates[cpu->cpu_index] == 's') {
5c9522b3 434 trace_gdbstub_op_stepping(cpu->cpu_index);
544177ad
CI		 435 cpu_single_step(cpu, sstep_flags);
436 }
437 }
438 s->running_state = 1;
439#else
440 int flag = 0;
441
442 if (!runstate_needs_reset()) {
443 if (vm_prepare_start()) {
444 return 0;
445 }
446
447 CPU_FOREACH(cpu) {
448 switch (newstates[cpu->cpu_index]) {
449 case 0:
450 case 1:
451 break; /* nothing to do here */
452 case 's':
5c9522b3 453 trace_gdbstub_op_stepping(cpu->cpu_index);
544177ad
CI		 454 cpu_single_step(cpu, sstep_flags);
455 cpu_resume(cpu);
456 flag = 1;
457 break;
458 case 'c':
5c9522b3 459 trace_gdbstub_op_continue_cpu(cpu->cpu_index);
544177ad
CI		 460 cpu_resume(cpu);
461 flag = 1;
462 break;
463 default:
464 res = -1;
465 break;
466 }
467 }
468 }
469 if (flag) {
470 qemu_clock_enable(QEMU_CLOCK_VIRTUAL, true);
471 }
472#endif
473 return res;
474}
475
858693c6 476static void put_buffer(GDBState *s, const uint8_t *buf, int len)
b4608c04 477{
4046d913 478#ifdef CONFIG_USER_ONLY
b4608c04
FB		 479 int ret;
480
481 while (len > 0) {
8f447cc7 482 ret = send(s->fd, buf, len, 0);
b4608c04 483 if (ret < 0) {
5819e3e0 484 if (errno != EINTR)
b4608c04
FB		 485 return;
486 } else {
487 buf += ret;
488 len -= ret;
489 }
490 }
4046d913 491#else
6ab3fc32
DB		 492 /* XXX this blocks entire thread. Rewrite to use
493 * qemu_chr_fe_write and background I/O callbacks */
5345fdb4 494 qemu_chr_fe_write_all(&s->chr, buf, len);
4046d913 495#endif
b4608c04
FB		 496}
497
498static inline int fromhex(int v)
499{
500 if (v >= '0' && v <= '9')
501 return v - '0';
502 else if (v >= 'A' && v <= 'F')
503 return v - 'A' + 10;
504 else if (v >= 'a' && v <= 'f')
505 return v - 'a' + 10;
506 else
507 return 0;
508}
509
510static inline int tohex(int v)
511{
512 if (v < 10)
513 return v + '0';
514 else
515 return v - 10 + 'a';
516}
517
9005774b 518/* writes 2*len+1 bytes in buf */
b4608c04
FB		 519static void memtohex(char *buf, const uint8_t *mem, int len)
520{
521 int i, c;
522 char *q;
523 q = buf;
524 for(i = 0; i < len; i++) {
525 c = mem[i];
526 *q++ = tohex(c >> 4);
527 *q++ = tohex(c & 0xf);
528 }
529 *q = '\0';
530}
531
532static void hextomem(uint8_t *mem, const char *buf, int len)
533{
534 int i;
535
536 for(i = 0; i < len; i++) {
537 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
538 buf += 2;
539 }
540}
541
5c9522b3
DG		 542static void hexdump(const char *buf, int len,
543 void (*trace_fn)(size_t ofs, char const *text))
544{
545 char line_buffer[3 * 16 + 4 + 16 + 1];
546
547 size_t i;
548 for (i = 0; i < len || (i & 0xF); ++i) {
549 size_t byte_ofs = i & 15;
550
551 if (byte_ofs == 0) {
552 memset(line_buffer, ' ', 3 * 16 + 4 + 16);
553 line_buffer[3 * 16 + 4 + 16] = 0;
554 }
555
556 size_t col_group = (i >> 2) & 3;
557 size_t hex_col = byte_ofs * 3 + col_group;
558 size_t txt_col = 3 * 16 + 4 + byte_ofs;
559
560 if (i < len) {
561 char value = buf[i];
562
563 line_buffer[hex_col + 0] = tohex((value >> 4) & 0xF);
564 line_buffer[hex_col + 1] = tohex((value >> 0) & 0xF);
565 line_buffer[txt_col + 0] = (value >= ' ' && value < 127)
566 ? value
567 : '.';
568 }
569
570 if (byte_ofs == 0xF)
571 trace_fn(i & -16, line_buffer);
572 }
573}
574
b4608c04 575/* return -1 if error, 0 if OK */
5c9522b3 576static int put_packet_binary(GDBState *s, const char *buf, int len, bool dump)
b4608c04 577{
56aebc89 578 int csum, i;
60fe76f3 579 uint8_t *p;
b4608c04 580
5c9522b3
DG		 581 if (dump && trace_event_get_state_backends(TRACE_GDBSTUB_IO_BINARYREPLY)) {
582 hexdump(buf, len, trace_gdbstub_io_binaryreply);
583 }
584
b4608c04 585 for(;;) {
4046d913
PB		 586 p = s->last_packet;
587 *(p++) = '$';
4046d913
PB		 588 memcpy(p, buf, len);
589 p += len;
b4608c04
FB		 590 csum = 0;
591 for(i = 0; i < len; i++) {
592 csum += buf[i];
593 }
4046d913
PB		 594 *(p++) = '#';
595 *(p++) = tohex((csum >> 4) & 0xf);
596 *(p++) = tohex((csum) & 0xf);
b4608c04 597
4046d913 598 s->last_packet_len = p - s->last_packet;
ffe8ab83 599 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
b4608c04 600
4046d913
PB		 601#ifdef CONFIG_USER_ONLY
602 i = get_char(s);
603 if (i < 0)
b4608c04 604 return -1;
4046d913 605 if (i == '+')
b4608c04 606 break;
4046d913
PB		 607#else
608 break;
609#endif
b4608c04
FB		 610 }
611 return 0;
612}
613
56aebc89
PB		 614/* return -1 if error, 0 if OK */
615static int put_packet(GDBState *s, const char *buf)
616{
5c9522b3 617 trace_gdbstub_io_reply(buf);
79808573 618
5c9522b3 619 return put_packet_binary(s, buf, strlen(buf), false);
56aebc89
PB		 620}
621
56aebc89
PB		 622/* Encode data using the encoding for 'x' packets. */
623static int memtox(char *buf, const char *mem, int len)
624{
625 char *p = buf;
626 char c;
627
628 while (len--) {
629 c = *(mem++);
630 switch (c) {
631 case '#': case '$': case '*': case '}':
632 *(p++) = '}';
633 *(p++) = c ^ 0x20;
634 break;
635 default:
636 *(p++) = c;
637 break;
638 }
639 }
640 return p - buf;
641}
f1ccf904 642
5b24c641
AF		 643static const char *get_feature_xml(const char *p, const char **newp,
644 CPUClass *cc)
56aebc89 645{
56aebc89
PB		 646 size_t len;
647 int i;
648 const char *name;
649 static char target_xml[1024];
650
651 len = 0;
652 while (p[len] && p[len] != ':')
653 len++;
654 *newp = p + len;
655
656 name = NULL;
657 if (strncmp(p, "target.xml", len) == 0) {
658 /* Generate the XML description for this CPU. */
659 if (!target_xml[0]) {
660 GDBRegisterState *r;
eac8b355 661 CPUState *cpu = first_cpu;
56aebc89 662
b3820e6c
DH		 663 pstrcat(target_xml, sizeof(target_xml),
664 "<?xml version=\"1.0\"?>"
665 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
666 "<target>");
667 if (cc->gdb_arch_name) {
668 gchar *arch = cc->gdb_arch_name(cpu);
669 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
670 pstrcat(target_xml, sizeof(target_xml), arch);
671 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
672 g_free(arch);
673 }
674 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
675 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
676 pstrcat(target_xml, sizeof(target_xml), "\"/>");
eac8b355 677 for (r = cpu->gdb_regs; r; r = r->next) {
2dc766da
BS		 678 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
679 pstrcat(target_xml, sizeof(target_xml), r->xml);
680 pstrcat(target_xml, sizeof(target_xml), "\"/>");
56aebc89 681 }
2dc766da 682 pstrcat(target_xml, sizeof(target_xml), "</target>");
56aebc89
PB		 683 }
684 return target_xml;
685 }
200bf5b7
AB		 686 if (cc->gdb_get_dynamic_xml) {
687 CPUState *cpu = first_cpu;
688 char *xmlname = g_strndup(p, len);
689 const char *xml = cc->gdb_get_dynamic_xml(cpu, xmlname);
690
691 g_free(xmlname);
692 if (xml) {
693 return xml;
694 }
695 }
56aebc89
PB		 696 for (i = 0; ; i++) {
697 name = xml_builtin[i][0];
698 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
699 break;
700 }
701 return name ? xml_builtin[i][1] : NULL;
702}
f1ccf904 703
385b9f0e 704static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
56aebc89 705{
a0e372f0 706 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 707 CPUArchState *env = cpu->env_ptr;
56aebc89 708 GDBRegisterState *r;
f1ccf904 709
a0e372f0 710 if (reg < cc->gdb_num_core_regs) {
5b50e790 711 return cc->gdb_read_register(cpu, mem_buf, reg);
a0e372f0 712 }
f1ccf904 713
eac8b355 714 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 715 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
716 return r->get_reg(env, mem_buf, reg - r->base_reg);
717 }
718 }
719 return 0;
f1ccf904
TS		 720}
721
385b9f0e 722static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
f1ccf904 723{
a0e372f0 724 CPUClass *cc = CPU_GET_CLASS(cpu);
385b9f0e 725 CPUArchState *env = cpu->env_ptr;
56aebc89 726 GDBRegisterState *r;
f1ccf904 727
a0e372f0 728 if (reg < cc->gdb_num_core_regs) {
5b50e790 729 return cc->gdb_write_register(cpu, mem_buf, reg);
a0e372f0 730 }
56aebc89 731
eac8b355 732 for (r = cpu->gdb_regs; r; r = r->next) {
56aebc89
PB		 733 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
734 return r->set_reg(env, mem_buf, reg - r->base_reg);
735 }
736 }
6da41eaf
FB		 737 return 0;
738}
739
56aebc89
PB		 740/* Register a supplemental set of CPU registers. If g_pos is nonzero it
741 specifies the first register number and these registers are included in
742 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
743 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
744 */
745
22169d41
AF		 746void gdb_register_coprocessor(CPUState *cpu,
747 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
748 int num_regs, const char *xml, int g_pos)
6da41eaf 749{
56aebc89
PB		 750 GDBRegisterState *s;
751 GDBRegisterState **p;
56aebc89 752
eac8b355 753 p = &cpu->gdb_regs;
56aebc89
PB		 754 while (*p) {
755 /* Check for duplicates. */
756 if (strcmp((*p)->xml, xml) == 0)
757 return;
758 p = &(*p)->next;
759 }
9643c25f
SW		 760
761 s = g_new0(GDBRegisterState, 1);
a0e372f0 762 s->base_reg = cpu->gdb_num_regs;
9643c25f
SW		 763 s->num_regs = num_regs;
764 s->get_reg = get_reg;
765 s->set_reg = set_reg;
766 s->xml = xml;
767
56aebc89 768 /* Add to end of list. */
a0e372f0 769 cpu->gdb_num_regs += num_regs;
56aebc89
PB		 770 *p = s;
771 if (g_pos) {
772 if (g_pos != s->base_reg) {
7ae6c571
ZY		 773 error_report("Error: Bad gdb register numbering for '%s', "
774 "expected %d got %d", xml, g_pos, s->base_reg);
35143f01
AF		 775 } else {
776 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
56aebc89
PB		 777 }
778 }
6da41eaf
FB		 779}
780
a1d1bb31 781#ifndef CONFIG_USER_ONLY
2472b6c0
PM		 782/* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
783static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
784{
785 static const int xlat[] = {
786 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
787 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
788 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
789 };
790
791 CPUClass *cc = CPU_GET_CLASS(cpu);
792 int cputype = xlat[gdbtype];
793
794 if (cc->gdb_stop_before_watchpoint) {
795 cputype |= BP_STOP_BEFORE_ACCESS;
796 }
797 return cputype;
798}
a1d1bb31
AL		 799#endif
800
880a7578 801static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
a1d1bb31 802{
182735ef 803 CPUState *cpu;
880a7578
AL		 804 int err = 0;
805
62278814 806 if (kvm_enabled()) {
2e0f2cfb 807 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 808 }
e22a25c9 809
a1d1bb31
AL		 810 switch (type) {
811 case GDB_BREAKPOINT_SW:
812 case GDB_BREAKPOINT_HW:
bdc44640 813 CPU_FOREACH(cpu) {
b3310ab3
AF		 814 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
815 if (err) {
880a7578 816 break;
b3310ab3 817 }
880a7578
AL		 818 }
819 return err;
a1d1bb31
AL		 820#ifndef CONFIG_USER_ONLY
821 case GDB_WATCHPOINT_WRITE:
822 case GDB_WATCHPOINT_READ:
823 case GDB_WATCHPOINT_ACCESS:
bdc44640 824 CPU_FOREACH(cpu) {
2472b6c0
PM		 825 err = cpu_watchpoint_insert(cpu, addr, len,
826 xlat_gdb_type(cpu, type), NULL);
827 if (err) {
880a7578 828 break;
2472b6c0 829 }
880a7578
AL		 830 }
831 return err;
a1d1bb31
AL		 832#endif
833 default:
834 return -ENOSYS;
835 }
836}
837
880a7578 838static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
a1d1bb31 839{
182735ef 840 CPUState *cpu;
880a7578
AL		 841 int err = 0;
842
62278814 843 if (kvm_enabled()) {
2e0f2cfb 844 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
62278814 845 }
e22a25c9 846
a1d1bb31
AL		 847 switch (type) {
848 case GDB_BREAKPOINT_SW:
849 case GDB_BREAKPOINT_HW:
bdc44640 850 CPU_FOREACH(cpu) {
b3310ab3
AF		 851 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
852 if (err) {
880a7578 853 break;
b3310ab3 854 }
880a7578
AL		 855 }
856 return err;
a1d1bb31
AL		 857#ifndef CONFIG_USER_ONLY
858 case GDB_WATCHPOINT_WRITE:
859 case GDB_WATCHPOINT_READ:
860 case GDB_WATCHPOINT_ACCESS:
bdc44640 861 CPU_FOREACH(cpu) {
2472b6c0
PM		 862 err = cpu_watchpoint_remove(cpu, addr, len,
863 xlat_gdb_type(cpu, type));
880a7578
AL		 864 if (err)
865 break;
866 }
867 return err;
a1d1bb31
AL		 868#endif
869 default:
870 return -ENOSYS;
871 }
872}
873
880a7578 874static void gdb_breakpoint_remove_all(void)
a1d1bb31 875{
182735ef 876 CPUState *cpu;
880a7578 877
e22a25c9 878 if (kvm_enabled()) {
2e0f2cfb 879 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
e22a25c9
AL		 880 return;
881 }
882
bdc44640 883 CPU_FOREACH(cpu) {
b3310ab3 884 cpu_breakpoint_remove_all(cpu, BP_GDB);
a1d1bb31 885#ifndef CONFIG_USER_ONLY
75a34036 886 cpu_watchpoint_remove_all(cpu, BP_GDB);
a1d1bb31 887#endif
880a7578 888 }
a1d1bb31
AL		 889}
890
fab9d284
AJ		 891static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
892{
2e0f2cfb 893 CPUState *cpu = s->c_cpu;
f45748f1
AF		 894
895 cpu_synchronize_state(cpu);
4a2b24ed 896 cpu_set_pc(cpu, pc);
fab9d284
AJ		 897}
898
2e0f2cfb 899static CPUState *find_cpu(uint32_t thread_id)
1e9fa730 900{
0d34282f 901 CPUState *cpu;
1e9fa730 902
bdc44640 903 CPU_FOREACH(cpu) {
d2a6c857 904 if (cpu_gdb_index(cpu) == thread_id) {
2e0f2cfb 905 return cpu;
aa48dd93 906 }
1e9fa730 907 }
aa48dd93
AF		 908
909 return NULL;
1e9fa730
NF		 910}
911
4dabe747
JK		 912static int is_query_packet(const char *p, const char *query, char separator)
913{
914 unsigned int query_len = strlen(query);
915
916 return strncmp(p, query, query_len) == 0 &&
917 (p[query_len] == '\0' || p[query_len] == separator);
918}
919
544177ad
CI		 920/**
921 * gdb_handle_vcont - Parses and handles a vCont packet.
922 * returns -ENOTSUP if a command is unsupported, -EINVAL or -ERANGE if there is
923 * a format error, 0 on success.
924 */
925static int gdb_handle_vcont(GDBState *s, const char *p)
926{
927 int res, idx, signal = 0;
928 char cur_action;
929 char *newstates;
930 unsigned long tmp;
931 CPUState *cpu;
932#ifdef CONFIG_USER_ONLY
933 int max_cpus = 1; /* global variable max_cpus exists only in system mode */
934
935 CPU_FOREACH(cpu) {
936 max_cpus = max_cpus <= cpu->cpu_index ? cpu->cpu_index + 1 : max_cpus;
937 }
938#endif
939 /* uninitialised CPUs stay 0 */
940 newstates = g_new0(char, max_cpus);
941
942 /* mark valid CPUs with 1 */
943 CPU_FOREACH(cpu) {
944 newstates[cpu->cpu_index] = 1;
945 }
946
947 /*
948 * res keeps track of what error we are returning, with -ENOTSUP meaning
949 * that the command is unknown or unsupported, thus returning an empty
950 * packet, while -EINVAL and -ERANGE cause an E22 packet, due to invalid,
951 * or incorrect parameters passed.
952 */
953 res = 0;
954 while (*p) {
955 if (*p++ != ';') {
956 res = -ENOTSUP;
957 goto out;
958 }
959
960 cur_action = *p++;
961 if (cur_action == 'C' || cur_action == 'S') {
95a5befc 962 cur_action = qemu_tolower(cur_action);
544177ad
CI		 963 res = qemu_strtoul(p + 1, &p, 16, &tmp);
964 if (res) {
965 goto out;
966 }
967 signal = gdb_signal_to_target(tmp);
968 } else if (cur_action != 'c' && cur_action != 's') {
969 /* unknown/invalid/unsupported command */
970 res = -ENOTSUP;
971 goto out;
972 }
973 /* thread specification. special values: (none), -1 = all; 0 = any */
974 if ((p[0] == ':' && p[1] == '-' && p[2] == '1') || (p[0] != ':')) {
975 if (*p == ':') {
976 p += 3;
977 }
978 for (idx = 0; idx < max_cpus; idx++) {
979 if (newstates[idx] == 1) {
980 newstates[idx] = cur_action;
981 }
982 }
983 } else if (*p == ':') {
984 p++;
985 res = qemu_strtoul(p, &p, 16, &tmp);
986 if (res) {
987 goto out;
988 }
5a6a1ad1 989
544177ad 990 /* 0 means any thread, so we pick the first valid CPU */
5a6a1ad1 991 cpu = tmp ? find_cpu(tmp) : first_cpu;
544177ad 992
544177ad 993 /* invalid CPU/thread specified */
5a6a1ad1 994 if (!cpu) {
544177ad
CI		 995 res = -EINVAL;
996 goto out;
997 }
5a6a1ad1 998
544177ad
CI		 999 /* only use if no previous match occourred */
1000 if (newstates[cpu->cpu_index] == 1) {
1001 newstates[cpu->cpu_index] = cur_action;
1002 }
1003 }
1004 }
1005 s->signal = signal;
1006 gdb_continue_partial(s, newstates);
1007
1008out:
1009 g_free(newstates);
1010
1011 return res;
1012}
1013
880a7578 1014static int gdb_handle_packet(GDBState *s, const char *line_buf)
b4608c04 1015{
2e0f2cfb 1016 CPUState *cpu;
5b24c641 1017 CPUClass *cc;
b4608c04 1018 const char *p;
1e9fa730
NF		 1019 uint32_t thread;
1020 int ch, reg_size, type, res;
56aebc89 1021 uint8_t mem_buf[MAX_PACKET_LENGTH];
9005774b 1022 char buf[sizeof(mem_buf) + 1 /* trailing NUL */];
56aebc89 1023 uint8_t *registers;
9d9754a3 1024 target_ulong addr, len;
3b46e624 1025
5c9522b3 1026 trace_gdbstub_io_command(line_buf);
118e2268 1027
858693c6
FB		 1028 p = line_buf;
1029 ch = *p++;
1030 switch(ch) {
1031 case '?':
1fddef4b 1032 /* TODO: Make this return the correct value for user-mode. */
ca587a8e 1033 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
d2a6c857 1034 cpu_gdb_index(s->c_cpu));
858693c6 1035 put_packet(s, buf);
7d03f82f
EI		 1036 /* Remove all the breakpoints when this query is issued,
1037 * because gdb is doing and initial connect and the state
1038 * should be cleaned up.
1039 */
880a7578 1040 gdb_breakpoint_remove_all();
858693c6
FB		 1041 break;
1042 case 'c':
1043 if (*p != '\0') {
9d9754a3 1044 addr = strtoull(p, (char **)&p, 16);
fab9d284 1045 gdb_set_cpu_pc(s, addr);
858693c6 1046 }
ca587a8e 1047 s->signal = 0;
ba70a624 1048 gdb_continue(s);
5c9522b3 1049 return RS_IDLE;
1f487ee9 1050 case 'C':
ca587a8e
AJ		 1051 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1052 if (s->signal == -1)
1053 s->signal = 0;
1f487ee9
EI		 1054 gdb_continue(s);
1055 return RS_IDLE;
dd32aa10
JK		 1056 case 'v':
1057 if (strncmp(p, "Cont", 4) == 0) {
dd32aa10
JK		 1058 p += 4;
1059 if (*p == '?') {
1060 put_packet(s, "vCont;c;C;s;S");
1061 break;
1062 }
544177ad
CI		 1063
1064 res = gdb_handle_vcont(s, p);
1065
dd32aa10 1066 if (res) {
544177ad
CI		 1067 if ((res == -EINVAL) || (res == -ERANGE)) {
1068 put_packet(s, "E22");
1069 break;
dd32aa10 1070 }
544177ad 1071 goto unknown_command;
dd32aa10
JK		 1072 }
1073 break;
1074 } else {
1075 goto unknown_command;
1076 }
7d03f82f
EI		 1077 case 'k':
1078 /* Kill the target */
7ae6c571 1079 error_report("QEMU: Terminated via GDBstub");
7d03f82f
EI		 1080 exit(0);
1081 case 'D':
1082 /* Detach packet */
880a7578 1083 gdb_breakpoint_remove_all();
7ea06da3 1084 gdb_syscall_mode = GDB_SYS_DISABLED;
7d03f82f
EI		 1085 gdb_continue(s);
1086 put_packet(s, "OK");
1087 break;
858693c6
FB		 1088 case 's':
1089 if (*p != '\0') {
8fac5803 1090 addr = strtoull(p, (char **)&p, 16);
fab9d284 1091 gdb_set_cpu_pc(s, addr);
858693c6 1092 }
2e0f2cfb 1093 cpu_single_step(s->c_cpu, sstep_flags);
ba70a624 1094 gdb_continue(s);
5c9522b3 1095 return RS_IDLE;
a2d1ebaf
PB		 1096 case 'F':
1097 {
1098 target_ulong ret;
1099 target_ulong err;
1100
1101 ret = strtoull(p, (char **)&p, 16);
1102 if (*p == ',') {
1103 p++;
1104 err = strtoull(p, (char **)&p, 16);
1105 } else {
1106 err = 0;
1107 }
1108 if (*p == ',')
1109 p++;
1110 type = *p;
cdb432b2 1111 if (s->current_syscall_cb) {
2e0f2cfb 1112 s->current_syscall_cb(s->c_cpu, ret, err);
cdb432b2
MI		 1113 s->current_syscall_cb = NULL;
1114 }
a2d1ebaf
PB		 1115 if (type == 'C') {
1116 put_packet(s, "T02");
1117 } else {
ba70a624 1118 gdb_continue(s);
a2d1ebaf
PB		 1119 }
1120 }
1121 break;
858693c6 1122 case 'g':
2e0f2cfb 1123 cpu_synchronize_state(s->g_cpu);
56aebc89 1124 len = 0;
35143f01 1125 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
2e0f2cfb 1126 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
56aebc89
PB		 1127 len += reg_size;
1128 }
1129 memtohex(buf, mem_buf, len);
858693c6
FB		 1130 put_packet(s, buf);
1131 break;
1132 case 'G':
2e0f2cfb 1133 cpu_synchronize_state(s->g_cpu);
56aebc89 1134 registers = mem_buf;
858693c6
FB		 1135 len = strlen(p) / 2;
1136 hextomem((uint8_t *)registers, p, len);
35143f01 1137 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
2e0f2cfb 1138 reg_size = gdb_write_register(s->g_cpu, registers, addr);
56aebc89
PB		 1139 len -= reg_size;
1140 registers += reg_size;
1141 }
858693c6
FB		 1142 put_packet(s, "OK");
1143 break;
1144 case 'm':
9d9754a3 1145 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 1146 if (*p == ',')
1147 p++;
9d9754a3 1148 len = strtoull(p, NULL, 16);
5accecb3
KW		 1149
1150 /* memtohex() doubles the required space */
1151 if (len > MAX_PACKET_LENGTH / 2) {
1152 put_packet (s, "E22");
1153 break;
1154 }
1155
2e0f2cfb 1156 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
6f970bd9
FB		 1157 put_packet (s, "E14");
1158 } else {
1159 memtohex(buf, mem_buf, len);
1160 put_packet(s, buf);
1161 }
858693c6
FB		 1162 break;
1163 case 'M':
9d9754a3 1164 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 1165 if (*p == ',')
1166 p++;
9d9754a3 1167 len = strtoull(p, (char **)&p, 16);
b328f873 1168 if (*p == ':')
858693c6 1169 p++;
5accecb3
KW		 1170
1171 /* hextomem() reads 2*len bytes */
1172 if (len > strlen(p) / 2) {
1173 put_packet (s, "E22");
1174 break;
1175 }
858693c6 1176 hextomem(mem_buf, p, len);
2e0f2cfb 1177 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
f3659eee 1178 true) != 0) {
905f20b1 1179 put_packet(s, "E14");
44520db1 1180 } else {
858693c6 1181 put_packet(s, "OK");
44520db1 1182 }
858693c6 1183 break;
56aebc89
PB		 1184 case 'p':
1185 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1186 This works, but can be very slow. Anything new enough to
1187 understand XML also knows how to use this properly. */
1188 if (!gdb_has_xml)
1189 goto unknown_command;
1190 addr = strtoull(p, (char **)&p, 16);
2e0f2cfb 1191 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 1192 if (reg_size) {
1193 memtohex(buf, mem_buf, reg_size);
1194 put_packet(s, buf);
1195 } else {
1196 put_packet(s, "E14");
1197 }
1198 break;
1199 case 'P':
1200 if (!gdb_has_xml)
1201 goto unknown_command;
1202 addr = strtoull(p, (char **)&p, 16);
1203 if (*p == '=')
1204 p++;
1205 reg_size = strlen(p) / 2;
1206 hextomem(mem_buf, p, reg_size);
2e0f2cfb 1207 gdb_write_register(s->g_cpu, mem_buf, addr);
56aebc89
PB		 1208 put_packet(s, "OK");
1209 break;
858693c6 1210 case 'Z':
858693c6
FB		 1211 case 'z':
1212 type = strtoul(p, (char **)&p, 16);
1213 if (*p == ',')
1214 p++;
9d9754a3 1215 addr = strtoull(p, (char **)&p, 16);
858693c6
FB		 1216 if (*p == ',')
1217 p++;
9d9754a3 1218 len = strtoull(p, (char **)&p, 16);
a1d1bb31 1219 if (ch == 'Z')
880a7578 1220 res = gdb_breakpoint_insert(addr, len, type);
a1d1bb31 1221 else
880a7578 1222 res = gdb_breakpoint_remove(addr, len, type);
a1d1bb31
AL		 1223 if (res >= 0)
1224 put_packet(s, "OK");
1225 else if (res == -ENOSYS)
0f459d16 1226 put_packet(s, "");
a1d1bb31
AL		 1227 else
1228 put_packet(s, "E22");
858693c6 1229 break;
880a7578
AL		 1230 case 'H':
1231 type = *p++;
1232 thread = strtoull(p, (char **)&p, 16);
1233 if (thread == -1 || thread == 0) {
1234 put_packet(s, "OK");
1235 break;
1236 }
2e0f2cfb
AF		 1237 cpu = find_cpu(thread);
1238 if (cpu == NULL) {
880a7578
AL		 1239 put_packet(s, "E22");
1240 break;
1241 }
1242 switch (type) {
1243 case 'c':
2e0f2cfb 1244 s->c_cpu = cpu;
880a7578
AL		 1245 put_packet(s, "OK");
1246 break;
1247 case 'g':
2e0f2cfb 1248 s->g_cpu = cpu;
880a7578
AL		 1249 put_packet(s, "OK");
1250 break;
1251 default:
1252 put_packet(s, "E22");
1253 break;
1254 }
1255 break;
1256 case 'T':
1257 thread = strtoull(p, (char **)&p, 16);
2e0f2cfb 1258 cpu = find_cpu(thread);
1e9fa730 1259
2e0f2cfb 1260 if (cpu != NULL) {
1e9fa730
NF		 1261 put_packet(s, "OK");
1262 } else {
880a7578 1263 put_packet(s, "E22");
1e9fa730 1264 }
880a7578 1265 break;
978efd6a 1266 case 'q':
60897d36
EI		 1267 case 'Q':
1268 /* parse any 'q' packets here */
1269 if (!strcmp(p,"qemu.sstepbits")) {
1270 /* Query Breakpoint bit definitions */
363a37d5
BS		 1271 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1272 SSTEP_ENABLE,
1273 SSTEP_NOIRQ,
1274 SSTEP_NOTIMER);
60897d36
EI		 1275 put_packet(s, buf);
1276 break;
4dabe747 1277 } else if (is_query_packet(p, "qemu.sstep", '=')) {
60897d36
EI		 1278 /* Display or change the sstep_flags */
1279 p += 10;
1280 if (*p != '=') {
1281 /* Display current setting */
363a37d5 1282 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
60897d36
EI		 1283 put_packet(s, buf);
1284 break;
1285 }
1286 p++;
1287 type = strtoul(p, (char **)&p, 16);
1288 sstep_flags = type;
1289 put_packet(s, "OK");
1290 break;
880a7578
AL		 1291 } else if (strcmp(p,"C") == 0) {
1292 /* "Current thread" remains vague in the spec, so always return
1293 * the first CPU (gdb returns the first thread). */
1294 put_packet(s, "QC1");
1295 break;
1296 } else if (strcmp(p,"fThreadInfo") == 0) {
52f34623 1297 s->query_cpu = first_cpu;
880a7578
AL		 1298 goto report_cpuinfo;
1299 } else if (strcmp(p,"sThreadInfo") == 0) {
1300 report_cpuinfo:
1301 if (s->query_cpu) {
d2a6c857 1302 snprintf(buf, sizeof(buf), "m%x", cpu_gdb_index(s->query_cpu));
880a7578 1303 put_packet(s, buf);
bdc44640 1304 s->query_cpu = CPU_NEXT(s->query_cpu);
880a7578
AL		 1305 } else
1306 put_packet(s, "l");
1307 break;
1308 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1309 thread = strtoull(p+16, (char **)&p, 16);
2e0f2cfb
AF		 1310 cpu = find_cpu(thread);
1311 if (cpu != NULL) {
cb446eca 1312 cpu_synchronize_state(cpu);
5accecb3
KW		 1313 /* memtohex() doubles the required space */
1314 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
55e5c285 1315 "CPU#%d [%s]", cpu->cpu_index,
259186a7 1316 cpu->halted ? "halted " : "running");
5c9522b3 1317 trace_gdbstub_op_extra_info((char *)mem_buf);
1e9fa730
NF		 1318 memtohex(buf, mem_buf, len);
1319 put_packet(s, buf);
1320 }
880a7578 1321 break;
60897d36 1322 }
0b8a988c 1323#ifdef CONFIG_USER_ONLY
070949f3 1324 else if (strcmp(p, "Offsets") == 0) {
0429a971 1325 TaskState *ts = s->c_cpu->opaque;
978efd6a 1326
363a37d5
BS		 1327 snprintf(buf, sizeof(buf),
1328 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1329 ";Bss=" TARGET_ABI_FMT_lx,
1330 ts->info->code_offset,
1331 ts->info->data_offset,
1332 ts->info->data_offset);
978efd6a
PB		 1333 put_packet(s, buf);
1334 break;
1335 }
0b8a988c 1336#else /* !CONFIG_USER_ONLY */
8a34a0fb
AL		 1337 else if (strncmp(p, "Rcmd,", 5) == 0) {
1338 int len = strlen(p + 5);
1339
1340 if ((len % 2) != 0) {
1341 put_packet(s, "E01");
1342 break;
1343 }
8a34a0fb 1344 len = len / 2;
5accecb3 1345 hextomem(mem_buf, p + 5, len);
8a34a0fb 1346 mem_buf[len++] = 0;
fa5efccb 1347 qemu_chr_be_write(s->mon_chr, mem_buf, len);
8a34a0fb
AL		 1348 put_packet(s, "OK");
1349 break;
1350 }
0b8a988c 1351#endif /* !CONFIG_USER_ONLY */
4dabe747 1352 if (is_query_packet(p, "Supported", ':')) {
5b3715bf 1353 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
5b24c641
AF		 1354 cc = CPU_GET_CLASS(first_cpu);
1355 if (cc->gdb_core_xml_file != NULL) {
1356 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1357 }
56aebc89
PB		 1358 put_packet(s, buf);
1359 break;
1360 }
56aebc89
PB		 1361 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1362 const char *xml;
1363 target_ulong total_len;
1364
5b24c641
AF		 1365 cc = CPU_GET_CLASS(first_cpu);
1366 if (cc->gdb_core_xml_file == NULL) {
1367 goto unknown_command;
1368 }
1369
5b50e790 1370 gdb_has_xml = true;
56aebc89 1371 p += 19;
5b24c641 1372 xml = get_feature_xml(p, &p, cc);
56aebc89 1373 if (!xml) {
5b3715bf 1374 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1375 put_packet(s, buf);
1376 break;
1377 }
1378
1379 if (*p == ':')
1380 p++;
1381 addr = strtoul(p, (char **)&p, 16);
1382 if (*p == ',')
1383 p++;
1384 len = strtoul(p, (char **)&p, 16);
1385
1386 total_len = strlen(xml);
1387 if (addr > total_len) {
5b3715bf 1388 snprintf(buf, sizeof(buf), "E00");
56aebc89
PB		 1389 put_packet(s, buf);
1390 break;
1391 }
1392 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1393 len = (MAX_PACKET_LENGTH - 5) / 2;
1394 if (len < total_len - addr) {
1395 buf[0] = 'm';
1396 len = memtox(buf + 1, xml + addr, len);
1397 } else {
1398 buf[0] = 'l';
1399 len = memtox(buf + 1, xml + addr, total_len - addr);
1400 }
5c9522b3 1401 put_packet_binary(s, buf, len + 1, true);
56aebc89
PB		 1402 break;
1403 }
a3919386
JK		 1404 if (is_query_packet(p, "Attached", ':')) {
1405 put_packet(s, GDB_ATTACHED);
1406 break;
1407 }
56aebc89
PB		 1408 /* Unrecognised 'q' command. */
1409 goto unknown_command;
1410
858693c6 1411 default:
56aebc89 1412 unknown_command:
858693c6
FB		 1413 /* put empty packet */
1414 buf[0] = '\0';
1415 put_packet(s, buf);
1416 break;
1417 }
1418 return RS_IDLE;
1419}
1420
64f6b346 1421void gdb_set_stop_cpu(CPUState *cpu)
880a7578 1422{
2e0f2cfb
AF		 1423 gdbserver_state->c_cpu = cpu;
1424 gdbserver_state->g_cpu = cpu;
880a7578
AL		 1425}
1426
1fddef4b 1427#ifndef CONFIG_USER_ONLY
1dfb4dd9 1428static void gdb_vm_state_change(void *opaque, int running, RunState state)
858693c6 1429{
880a7578 1430 GDBState *s = gdbserver_state;
2e0f2cfb 1431 CPUState *cpu = s->c_cpu;
858693c6 1432 char buf[256];
d6fc1b39 1433 const char *type;
858693c6
FB		 1434 int ret;
1435
cdb432b2
MI		 1436 if (running || s->state == RS_INACTIVE) {
1437 return;
1438 }
1439 /* Is there a GDB syscall waiting to be sent? */
1440 if (s->current_syscall_cb) {
1441 put_packet(s, s->syscall_buf);
a2d1ebaf 1442 return;
e07bbac5 1443 }
1dfb4dd9 1444 switch (state) {
0461d5a6 1445 case RUN_STATE_DEBUG:
ff4700b0
AF		 1446 if (cpu->watchpoint_hit) {
1447 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
a1d1bb31 1448 case BP_MEM_READ:
d6fc1b39
AL		 1449 type = "r";
1450 break;
a1d1bb31 1451 case BP_MEM_ACCESS:
d6fc1b39
AL		 1452 type = "a";
1453 break;
1454 default:
1455 type = "";
1456 break;
1457 }
5c9522b3
DG		 1458 trace_gdbstub_hit_watchpoint(type, cpu_gdb_index(cpu),
1459 (target_ulong)cpu->watchpoint_hit->vaddr);
880a7578
AL		 1460 snprintf(buf, sizeof(buf),
1461 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
d2a6c857 1462 GDB_SIGNAL_TRAP, cpu_gdb_index(cpu), type,
ff4700b0
AF		 1463 (target_ulong)cpu->watchpoint_hit->vaddr);
1464 cpu->watchpoint_hit = NULL;
425189a8 1465 goto send_packet;
5c9522b3
DG		 1466 } else {
1467 trace_gdbstub_hit_break();
6658ffb8 1468 }
bbd77c18 1469 tb_flush(cpu);
ca587a8e 1470 ret = GDB_SIGNAL_TRAP;
425189a8 1471 break;
0461d5a6 1472 case RUN_STATE_PAUSED:
5c9522b3 1473 trace_gdbstub_hit_paused();
9781e040 1474 ret = GDB_SIGNAL_INT;
425189a8 1475 break;
0461d5a6 1476 case RUN_STATE_SHUTDOWN:
5c9522b3 1477 trace_gdbstub_hit_shutdown();
425189a8
JK		 1478 ret = GDB_SIGNAL_QUIT;
1479 break;
0461d5a6 1480 case RUN_STATE_IO_ERROR:
5c9522b3 1481 trace_gdbstub_hit_io_error();
425189a8
JK		 1482 ret = GDB_SIGNAL_IO;
1483 break;
0461d5a6 1484 case RUN_STATE_WATCHDOG:
5c9522b3 1485 trace_gdbstub_hit_watchdog();
425189a8
JK		 1486 ret = GDB_SIGNAL_ALRM;
1487 break;
0461d5a6 1488 case RUN_STATE_INTERNAL_ERROR:
5c9522b3 1489 trace_gdbstub_hit_internal_error();
425189a8
JK		 1490 ret = GDB_SIGNAL_ABRT;
1491 break;
0461d5a6
LC		 1492 case RUN_STATE_SAVE_VM:
1493 case RUN_STATE_RESTORE_VM:
425189a8 1494 return;
0461d5a6 1495 case RUN_STATE_FINISH_MIGRATE:
425189a8
JK		 1496 ret = GDB_SIGNAL_XCPU;
1497 break;
1498 default:
5c9522b3 1499 trace_gdbstub_hit_unknown(state);
425189a8
JK		 1500 ret = GDB_SIGNAL_UNKNOWN;
1501 break;
bbeb7b5c 1502 }
226d007d 1503 gdb_set_stop_cpu(cpu);
d2a6c857 1504 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_gdb_index(cpu));
425189a8
JK		 1505
1506send_packet:
858693c6 1507 put_packet(s, buf);
425189a8
JK		 1508
1509 /* disable single step if it was enabled */
3825b28f 1510 cpu_single_step(cpu, 0);
858693c6 1511}
1fddef4b 1512#endif
858693c6 1513
a2d1ebaf
PB		 1514/* Send a gdb syscall request.
1515 This accepts limited printf-style format specifiers, specifically:
a87295e8
PB		 1516 %x - target_ulong argument printed in hex.
1517 %lx - 64-bit argument printed in hex.
1518 %s - string pointer (target_ulong) and length (int) pair. */
19239b39 1519void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
a2d1ebaf 1520{
a2d1ebaf 1521 char *p;
cdb432b2 1522 char *p_end;
a2d1ebaf 1523 target_ulong addr;
a87295e8 1524 uint64_t i64;
a2d1ebaf
PB		 1525 GDBState *s;
1526
880a7578 1527 s = gdbserver_state;
a2d1ebaf
PB		 1528 if (!s)
1529 return;
cdb432b2 1530 s->current_syscall_cb = cb;
a2d1ebaf 1531#ifndef CONFIG_USER_ONLY
0461d5a6 1532 vm_stop(RUN_STATE_DEBUG);
a2d1ebaf 1533#endif
cdb432b2
MI		 1534 p = s->syscall_buf;
1535 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
a2d1ebaf
PB		 1536 *(p++) = 'F';
1537 while (*fmt) {
1538 if (*fmt == '%') {
1539 fmt++;
1540 switch (*fmt++) {
1541 case 'x':
1542 addr = va_arg(va, target_ulong);
cdb432b2 1543 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
a2d1ebaf 1544 break;
a87295e8
PB		 1545 case 'l':
1546 if (*(fmt++) != 'x')
1547 goto bad_format;
1548 i64 = va_arg(va, uint64_t);
cdb432b2 1549 p += snprintf(p, p_end - p, "%" PRIx64, i64);
a87295e8 1550 break;
a2d1ebaf
PB		 1551 case 's':
1552 addr = va_arg(va, target_ulong);
cdb432b2 1553 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
363a37d5 1554 addr, va_arg(va, int));
a2d1ebaf
PB		 1555 break;
1556 default:
a87295e8 1557 bad_format:
7ae6c571
ZY		 1558 error_report("gdbstub: Bad syscall format string '%s'",
1559 fmt - 1);
a2d1ebaf
PB		 1560 break;
1561 }
1562 } else {
1563 *(p++) = *(fmt++);
1564 }
1565 }
8a93e02a 1566 *p = 0;
a2d1ebaf 1567#ifdef CONFIG_USER_ONLY
cdb432b2 1568 put_packet(s, s->syscall_buf);
4f710866
PM		 1569 /* Return control to gdb for it to process the syscall request.
1570 * Since the protocol requires that gdb hands control back to us
1571 * using a "here are the results" F packet, we don't need to check
1572 * gdb_handlesig's return value (which is the signal to deliver if
1573 * execution was resumed via a continue packet).
1574 */
2e0f2cfb 1575 gdb_handlesig(s->c_cpu, 0);
a2d1ebaf 1576#else
cdb432b2
MI		 1577 /* In this case wait to send the syscall packet until notification that
1578 the CPU has stopped. This must be done because if the packet is sent
1579 now the reply from the syscall request could be received while the CPU
1580 is still in the running state, which can cause packets to be dropped
1581 and state transition 'T' packets to be sent while the syscall is still
1582 being processed. */
9102deda 1583 qemu_cpu_kick(s->c_cpu);
a2d1ebaf
PB		 1584#endif
1585}
1586
19239b39
PM		 1587void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1588{
1589 va_list va;
1590
1591 va_start(va, fmt);
1592 gdb_do_syscallv(cb, fmt, va);
1593 va_end(va);
1594}
1595
6a00d601 1596static void gdb_read_byte(GDBState *s, int ch)
858693c6 1597{
60fe76f3 1598 uint8_t reply;
858693c6 1599
1fddef4b 1600#ifndef CONFIG_USER_ONLY
4046d913
PB		 1601 if (s->last_packet_len) {
1602 /* Waiting for a response to the last packet. If we see the start
1603 of a new command then abandon the previous response. */
1604 if (ch == '-') {
5c9522b3 1605 trace_gdbstub_err_got_nack();
ffe8ab83 1606 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
118e2268 1607 } else if (ch == '+') {
5c9522b3 1608 trace_gdbstub_io_got_ack();
118e2268 1609 } else {
5c9522b3 1610 trace_gdbstub_io_got_unexpected((uint8_t)ch);
4046d913 1611 }
118e2268 1612
4046d913
PB		 1613 if (ch == '+' || ch == '$')
1614 s->last_packet_len = 0;
1615 if (ch != '$')
1616 return;
1617 }
1354869c 1618 if (runstate_is_running()) {
858693c6
FB		 1619 /* when the CPU is running, we cannot do anything except stop
1620 it when receiving a char */
0461d5a6 1621 vm_stop(RUN_STATE_PAUSED);
5fafdf24 1622 } else
1fddef4b 1623#endif
41625033 1624 {
858693c6
FB		 1625 switch(s->state) {
1626 case RS_IDLE:
1627 if (ch == '$') {
4bf43122 1628 /* start of command packet */
858693c6 1629 s->line_buf_index = 0;
4bf43122 1630 s->line_sum = 0;
858693c6 1631 s->state = RS_GETLINE;
4bf43122 1632 } else {
5c9522b3 1633 trace_gdbstub_err_garbage((uint8_t)ch);
c33a346e 1634 }
b4608c04 1635 break;
858693c6 1636 case RS_GETLINE:
4bf43122
DG		 1637 if (ch == '}') {
1638 /* start escape sequence */
1639 s->state = RS_GETLINE_ESC;
1640 s->line_sum += ch;
1641 } else if (ch == '*') {
1642 /* start run length encoding sequence */
1643 s->state = RS_GETLINE_RLE;
1644 s->line_sum += ch;
1645 } else if (ch == '#') {
1646 /* end of command, start of checksum*/
1647 s->state = RS_CHKSUM1;
1648 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
5c9522b3 1649 trace_gdbstub_err_overrun();
4bf43122
DG		 1650 s->state = RS_IDLE;
1651 } else {
1652 /* unescaped command character */
1653 s->line_buf[s->line_buf_index++] = ch;
1654 s->line_sum += ch;
1655 }
1656 break;
1657 case RS_GETLINE_ESC:
858693c6 1658 if (ch == '#') {
4bf43122
DG		 1659 /* unexpected end of command in escape sequence */
1660 s->state = RS_CHKSUM1;
858693c6 1661 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
4bf43122 1662 /* command buffer overrun */
5c9522b3 1663 trace_gdbstub_err_overrun();
858693c6 1664 s->state = RS_IDLE;
4c3a88a2 1665 } else {
4bf43122
DG		 1666 /* parse escaped character and leave escape state */
1667 s->line_buf[s->line_buf_index++] = ch ^ 0x20;
1668 s->line_sum += ch;
1669 s->state = RS_GETLINE;
1670 }
1671 break;
1672 case RS_GETLINE_RLE:
1673 if (ch < ' ') {
1674 /* invalid RLE count encoding */
5c9522b3 1675 trace_gdbstub_err_invalid_repeat((uint8_t)ch);
4bf43122
DG		 1676 s->state = RS_GETLINE;
1677 } else {
1678 /* decode repeat length */
1679 int repeat = (unsigned char)ch - ' ' + 3;
1680 if (s->line_buf_index + repeat >= sizeof(s->line_buf) - 1) {
1681 /* that many repeats would overrun the command buffer */
5c9522b3 1682 trace_gdbstub_err_overrun();
4bf43122
DG		 1683 s->state = RS_IDLE;
1684 } else if (s->line_buf_index < 1) {
1685 /* got a repeat but we have nothing to repeat */
5c9522b3 1686 trace_gdbstub_err_invalid_rle();
4bf43122
DG		 1687 s->state = RS_GETLINE;
1688 } else {
1689 /* repeat the last character */
1690 memset(s->line_buf + s->line_buf_index,
1691 s->line_buf[s->line_buf_index - 1], repeat);
1692 s->line_buf_index += repeat;
1693 s->line_sum += ch;
1694 s->state = RS_GETLINE;
1695 }
4c3a88a2
FB		 1696 }
1697 break;
858693c6 1698 case RS_CHKSUM1:
4bf43122
DG		 1699 /* get high hex digit of checksum */
1700 if (!isxdigit(ch)) {
5c9522b3 1701 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
4bf43122
DG		 1702 s->state = RS_GETLINE;
1703 break;
1704 }
858693c6
FB		 1705 s->line_buf[s->line_buf_index] = '\0';
1706 s->line_csum = fromhex(ch) << 4;
1707 s->state = RS_CHKSUM2;
1708 break;
1709 case RS_CHKSUM2:
4bf43122
DG		 1710 /* get low hex digit of checksum */
1711 if (!isxdigit(ch)) {
5c9522b3 1712 trace_gdbstub_err_checksum_invalid((uint8_t)ch);
4bf43122
DG		 1713 s->state = RS_GETLINE;
1714 break;
858693c6 1715 }
4bf43122
DG		 1716 s->line_csum |= fromhex(ch);
1717
1718 if (s->line_csum != (s->line_sum & 0xff)) {
5c9522b3 1719 trace_gdbstub_err_checksum_incorrect(s->line_sum, s->line_csum);
4bf43122 1720 /* send NAK reply */
60fe76f3
TS		 1721 reply = '-';
1722 put_buffer(s, &reply, 1);
858693c6 1723 s->state = RS_IDLE;
4c3a88a2 1724 } else {
4bf43122 1725 /* send ACK reply */
60fe76f3
TS		 1726 reply = '+';
1727 put_buffer(s, &reply, 1);
880a7578 1728 s->state = gdb_handle_packet(s, s->line_buf);
4c3a88a2
FB		 1729 }
1730 break;
a2d1ebaf
PB		 1731 default:
1732 abort();
858693c6
FB		 1733 }
1734 }
1735}
1736
0e1c9c54 1737/* Tell the remote gdb that the process has exited. */
9349b4f9 1738void gdb_exit(CPUArchState *env, int code)
0e1c9c54
PB		 1739{
1740 GDBState *s;
1741 char buf[4];
1742
1743 s = gdbserver_state;
1744 if (!s) {
1745 return;
1746 }
1747#ifdef CONFIG_USER_ONLY
1748 if (gdbserver_fd < 0 || s->fd < 0) {
1749 return;
1750 }
1751#endif
1752
5c9522b3
DG		 1753 trace_gdbstub_op_exiting((uint8_t)code);
1754
0e1c9c54
PB		 1755 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1756 put_packet(s, buf);
e2af15b2
FC		 1757
1758#ifndef CONFIG_USER_ONLY
1ce2610c 1759 qemu_chr_fe_deinit(&s->chr, true);
e2af15b2 1760#endif
0e1c9c54
PB		 1761}
1762
8f468636
LM		 1763/*
1764 * Create the process that will contain all the "orphan" CPUs (that are not
1765 * part of a CPU cluster). Note that if this process contains no CPUs, it won't
1766 * be attachable and thus will be invisible to the user.
1767 */
1768static void create_default_process(GDBState *s)
1769{
1770 GDBProcess *process;
1771 int max_pid = 0;
1772
1773 if (s->process_num) {
1774 max_pid = s->processes[s->process_num - 1].pid;
1775 }
1776
1777 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
1778 process = &s->processes[s->process_num - 1];
1779
1780 /* We need an available PID slot for this process */
1781 assert(max_pid < UINT32_MAX);
1782
1783 process->pid = max_pid + 1;
1784 process->attached = false;
1785}
1786
1fddef4b
FB		 1787#ifdef CONFIG_USER_ONLY
1788int
db6b81d4 1789gdb_handlesig(CPUState *cpu, int sig)
1fddef4b 1790{
5ca666c7
AF		 1791 GDBState *s;
1792 char buf[256];
1793 int n;
1fddef4b 1794
5ca666c7
AF		 1795 s = gdbserver_state;
1796 if (gdbserver_fd < 0 || s->fd < 0) {
1797 return sig;
1798 }
1fddef4b 1799
5ca666c7 1800 /* disable single step if it was enabled */
3825b28f 1801 cpu_single_step(cpu, 0);
bbd77c18 1802 tb_flush(cpu);
1fddef4b 1803
5ca666c7
AF		 1804 if (sig != 0) {
1805 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1806 put_packet(s, buf);
1807 }
1808 /* put_packet() might have detected that the peer terminated the
1809 connection. */
1810 if (s->fd < 0) {
1811 return sig;
1812 }
1fddef4b 1813
5ca666c7
AF		 1814 sig = 0;
1815 s->state = RS_IDLE;
1816 s->running_state = 0;
1817 while (s->running_state == 0) {
1818 n = read(s->fd, buf, 256);
1819 if (n > 0) {
1820 int i;
1821
1822 for (i = 0; i < n; i++) {
1823 gdb_read_byte(s, buf[i]);
1824 }
5819e3e0 1825 } else {
5ca666c7
AF		 1826 /* XXX: Connection closed. Should probably wait for another
1827 connection before continuing. */
5819e3e0
PW		 1828 if (n == 0) {
1829 close(s->fd);
1830 }
1831 s->fd = -1;
5ca666c7 1832 return sig;
1fddef4b 1833 }
5ca666c7
AF		 1834 }
1835 sig = s->signal;
1836 s->signal = 0;
1837 return sig;
1fddef4b 1838}
e9009676 1839
ca587a8e 1840/* Tell the remote gdb that the process has exited due to SIG. */
9349b4f9 1841void gdb_signalled(CPUArchState *env, int sig)
ca587a8e 1842{
5ca666c7
AF		 1843 GDBState *s;
1844 char buf[4];
ca587a8e 1845
5ca666c7
AF		 1846 s = gdbserver_state;
1847 if (gdbserver_fd < 0 || s->fd < 0) {
1848 return;
1849 }
ca587a8e 1850
5ca666c7
AF		 1851 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1852 put_packet(s, buf);
ca587a8e 1853}
1fddef4b 1854
2f652224 1855static bool gdb_accept(void)
858693c6
FB		 1856{
1857 GDBState *s;
1858 struct sockaddr_in sockaddr;
1859 socklen_t len;
bf1c852a 1860 int fd;
858693c6
FB		 1861
1862 for(;;) {
1863 len = sizeof(sockaddr);
1864 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1865 if (fd < 0 && errno != EINTR) {
1866 perror("accept");
2f652224 1867 return false;
858693c6 1868 } else if (fd >= 0) {
f5bdd781 1869 qemu_set_cloexec(fd);
b4608c04
FB		 1870 break;
1871 }
1872 }
858693c6
FB		 1873
1874 /* set short latency */
2f652224
PM		 1875 if (socket_set_nodelay(fd)) {
1876 perror("setsockopt");
ead75d84 1877 close(fd);
2f652224
PM		 1878 return false;
1879 }
3b46e624 1880
7267c094 1881 s = g_malloc0(sizeof(GDBState));
2e0f2cfb
AF		 1882 s->c_cpu = first_cpu;
1883 s->g_cpu = first_cpu;
8f468636 1884 create_default_process(s);
858693c6 1885 s->fd = fd;
5b50e790 1886 gdb_has_xml = false;
858693c6 1887
880a7578 1888 gdbserver_state = s;
2f652224 1889 return true;
858693c6
FB		 1890}
1891
1892static int gdbserver_open(int port)
1893{
1894 struct sockaddr_in sockaddr;
6669ca13 1895 int fd, ret;
858693c6
FB		 1896
1897 fd = socket(PF_INET, SOCK_STREAM, 0);
1898 if (fd < 0) {
1899 perror("socket");
1900 return -1;
1901 }
f5bdd781 1902 qemu_set_cloexec(fd);
858693c6 1903
6669ca13 1904 socket_set_fast_reuse(fd);
858693c6
FB		 1905
1906 sockaddr.sin_family = AF_INET;
1907 sockaddr.sin_port = htons(port);
1908 sockaddr.sin_addr.s_addr = 0;
1909 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1910 if (ret < 0) {
1911 perror("bind");
bb16172c 1912 close(fd);
858693c6
FB		 1913 return -1;
1914 }
96165b9e 1915 ret = listen(fd, 1);
858693c6
FB		 1916 if (ret < 0) {
1917 perror("listen");
bb16172c 1918 close(fd);
858693c6
FB		 1919 return -1;
1920 }
858693c6
FB		 1921 return fd;
1922}
1923
1924int gdbserver_start(int port)
1925{
1926 gdbserver_fd = gdbserver_open(port);
1927 if (gdbserver_fd < 0)
1928 return -1;
1929 /* accept connections */
2f652224
PM		 1930 if (!gdb_accept()) {
1931 close(gdbserver_fd);
1932 gdbserver_fd = -1;
1933 return -1;
1934 }
4046d913
PB		 1935 return 0;
1936}
2b1319c8
AJ		 1937
1938/* Disable gdb stub for child processes. */
f7ec7f7b 1939void gdbserver_fork(CPUState *cpu)
2b1319c8
AJ		 1940{
1941 GDBState *s = gdbserver_state;
75a34036
AF		 1942
1943 if (gdbserver_fd < 0 || s->fd < 0) {
1944 return;
1945 }
2b1319c8
AJ		 1946 close(s->fd);
1947 s->fd = -1;
b3310ab3 1948 cpu_breakpoint_remove_all(cpu, BP_GDB);
75a34036 1949 cpu_watchpoint_remove_all(cpu, BP_GDB);
2b1319c8 1950}
1fddef4b 1951#else
aa1f17c1 1952static int gdb_chr_can_receive(void *opaque)
4046d913 1953{
56aebc89
PB		 1954 /* We can handle an arbitrarily large amount of data.
1955 Pick the maximum packet size, which is as good as anything. */
1956 return MAX_PACKET_LENGTH;
4046d913
PB		 1957}
1958
aa1f17c1 1959static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
4046d913 1960{
4046d913
PB		 1961 int i;
1962
1963 for (i = 0; i < size; i++) {
880a7578 1964 gdb_read_byte(gdbserver_state, buf[i]);
4046d913
PB		 1965 }
1966}
1967
1968static void gdb_chr_event(void *opaque, int event)
1969{
1970 switch (event) {
b6b8df56 1971 case CHR_EVENT_OPENED:
0461d5a6 1972 vm_stop(RUN_STATE_PAUSED);
5b50e790 1973 gdb_has_xml = false;
4046d913
PB		 1974 break;
1975 default:
1976 break;
1977 }
1978}
1979
8a34a0fb
AL		 1980static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1981{
1982 char buf[MAX_PACKET_LENGTH];
1983
1984 buf[0] = 'O';
1985 if (len > (MAX_PACKET_LENGTH/2) - 1)
1986 len = (MAX_PACKET_LENGTH/2) - 1;
1987 memtohex(buf + 1, (uint8_t *)msg, len);
1988 put_packet(s, buf);
1989}
1990
0ec7b3e7 1991static int gdb_monitor_write(Chardev *chr, const uint8_t *buf, int len)
8a34a0fb
AL		 1992{
1993 const char *p = (const char *)buf;
1994 int max_sz;
1995
1996 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1997 for (;;) {
1998 if (len <= max_sz) {
1999 gdb_monitor_output(gdbserver_state, p, len);
2000 break;
2001 }
2002 gdb_monitor_output(gdbserver_state, p, max_sz);
2003 p += max_sz;
2004 len -= max_sz;
2005 }
2006 return len;
2007}
2008
59030a8c
AL		 2009#ifndef _WIN32
2010static void gdb_sigterm_handler(int signal)
2011{
1354869c 2012 if (runstate_is_running()) {
0461d5a6 2013 vm_stop(RUN_STATE_PAUSED);
e07bbac5 2014 }
59030a8c
AL		 2015}
2016#endif
2017
777357d7
MAL		 2018static void gdb_monitor_open(Chardev *chr, ChardevBackend *backend,
2019 bool *be_opened, Error **errp)
2020{
2021 *be_opened = false;
2022}
2023
2024static void char_gdb_class_init(ObjectClass *oc, void *data)
2025{
2026 ChardevClass *cc = CHARDEV_CLASS(oc);
2027
2028 cc->internal = true;
2029 cc->open = gdb_monitor_open;
2030 cc->chr_write = gdb_monitor_write;
2031}
2032
2033#define TYPE_CHARDEV_GDB "chardev-gdb"
2034
2035static const TypeInfo char_gdb_type_info = {
2036 .name = TYPE_CHARDEV_GDB,
2037 .parent = TYPE_CHARDEV,
2038 .class_init = char_gdb_class_init,
2039};
2040
8f468636
LM		 2041static int find_cpu_clusters(Object *child, void *opaque)
2042{
2043 if (object_dynamic_cast(child, TYPE_CPU_CLUSTER)) {
2044 GDBState *s = (GDBState *) opaque;
2045 CPUClusterState *cluster = CPU_CLUSTER(child);
2046 GDBProcess *process;
2047
2048 s->processes = g_renew(GDBProcess, s->processes, ++s->process_num);
2049
2050 process = &s->processes[s->process_num - 1];
2051
2052 /*
2053 * GDB process IDs -1 and 0 are reserved. To avoid subtle errors at
2054 * runtime, we enforce here that the machine does not use a cluster ID
2055 * that would lead to PID 0.
2056 */
2057 assert(cluster->cluster_id != UINT32_MAX);
2058 process->pid = cluster->cluster_id + 1;
2059 process->attached = false;
2060
2061 return 0;
2062 }
2063
2064 return object_child_foreach(child, find_cpu_clusters, opaque);
2065}
2066
2067static int pid_order(const void *a, const void *b)
2068{
2069 GDBProcess *pa = (GDBProcess *) a;
2070 GDBProcess *pb = (GDBProcess *) b;
2071
2072 if (pa->pid < pb->pid) {
2073 return -1;
2074 } else if (pa->pid > pb->pid) {
2075 return 1;
2076 } else {
2077 return 0;
2078 }
2079}
2080
2081static void create_processes(GDBState *s)
2082{
2083 object_child_foreach(object_get_root(), find_cpu_clusters, s);
2084
2085 if (s->processes) {
2086 /* Sort by PID */
2087 qsort(s->processes, s->process_num, sizeof(s->processes[0]), pid_order);
2088 }
2089
2090 create_default_process(s);
2091}
2092
2093static void cleanup_processes(GDBState *s)
2094{
2095 g_free(s->processes);
2096 s->process_num = 0;
2097 s->processes = NULL;
2098}
2099
59030a8c 2100int gdbserver_start(const char *device)
4046d913 2101{
5c9522b3
DG		 2102 trace_gdbstub_op_start(device);
2103
4046d913 2104 GDBState *s;
59030a8c 2105 char gdbstub_device_name[128];
0ec7b3e7
MAL		 2106 Chardev *chr = NULL;
2107 Chardev *mon_chr;
cfc3475a 2108
508b4ecc
ZY		 2109 if (!first_cpu) {
2110 error_report("gdbstub: meaningless to attach gdb to a "
2111 "machine without any CPU.");
2112 return -1;
2113 }
2114
59030a8c
AL		 2115 if (!device)
2116 return -1;
2117 if (strcmp(device, "none") != 0) {
2118 if (strstart(device, "tcp:", NULL)) {
2119 /* enforce required TCP attributes */
2120 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2121 "%s,nowait,nodelay,server", device);
2122 device = gdbstub_device_name;
36556b20 2123 }
59030a8c
AL		 2124#ifndef _WIN32
2125 else if (strcmp(device, "stdio") == 0) {
2126 struct sigaction act;
4046d913 2127
59030a8c
AL		 2128 memset(&act, 0, sizeof(act));
2129 act.sa_handler = gdb_sigterm_handler;
2130 sigaction(SIGINT, &act, NULL);
2131 }
2132#endif
95e30b2a
MAL		 2133 /*
2134 * FIXME: it's a bit weird to allow using a mux chardev here
2135 * and implicitly setup a monitor. We may want to break this.
2136 */
2137 chr = qemu_chr_new_noreplay("gdb", device, true);
36556b20
AL		 2138 if (!chr)
2139 return -1;
cfc3475a
PB		 2140 }
2141
36556b20
AL		 2142 s = gdbserver_state;
2143 if (!s) {
7267c094 2144 s = g_malloc0(sizeof(GDBState));
36556b20 2145 gdbserver_state = s;
4046d913 2146
36556b20
AL		 2147 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2148
2149 /* Initialize a monitor terminal for gdb */
777357d7
MAL		 2150 mon_chr = qemu_chardev_new(NULL, TYPE_CHARDEV_GDB,
2151 NULL, &error_abort);
36556b20
AL		 2152 monitor_init(mon_chr, 0);
2153 } else {
1ce2610c 2154 qemu_chr_fe_deinit(&s->chr, true);
36556b20 2155 mon_chr = s->mon_chr;
8f468636 2156 cleanup_processes(s);
36556b20 2157 memset(s, 0, sizeof(GDBState));
32a6ebec 2158 s->mon_chr = mon_chr;
36556b20 2159 }
2e0f2cfb
AF		 2160 s->c_cpu = first_cpu;
2161 s->g_cpu = first_cpu;
8f468636
LM		 2162
2163 create_processes(s);
2164
32a6ebec
MAL		 2165 if (chr) {
2166 qemu_chr_fe_init(&s->chr, chr, &error_abort);
5345fdb4 2167 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
81517ba3 2168 gdb_chr_event, NULL, NULL, NULL, true);
32a6ebec 2169 }
36556b20
AL		 2170 s->state = chr ? RS_IDLE : RS_INACTIVE;
2171 s->mon_chr = mon_chr;
cdb432b2 2172 s->current_syscall_cb = NULL;
8a34a0fb 2173
b4608c04
FB		 2174 return 0;
2175}
777357d7 2176
1bb982b8
KF		 2177void gdbserver_cleanup(void)
2178{
2179 if (gdbserver_state) {
2180 put_packet(gdbserver_state, "W00");
2181 }
2182}
2183
777357d7
MAL		 2184static void register_types(void)
2185{
2186 type_register_static(&char_gdb_type_info);
2187}
2188
2189type_init(register_types);
4046d913 2190#endif
Mirror of https://git.qemu.org/git/qemu.git