block: switch from g_slice allocator to malloc
[qemu.git] / gdbstub.c
blobd2c95b5d1ef1bc76870456f4b5936ca4ae975770
1 /*
2 * gdb server stub
4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include "config.h"
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
22 #include <stdlib.h>
23 #include <stdio.h>
24 #include <stdarg.h>
25 #include <string.h>
26 #include <errno.h>
27 #include <unistd.h>
28 #include <fcntl.h>
30 #include "qemu.h"
31 #else
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
36 #endif
38 #define MAX_PACKET_LENGTH 4096
40 #include "cpu.h"
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
43 #include "exec/semihost.h"
45 #ifdef CONFIG_USER_ONLY
46 #define GDB_ATTACHED "0"
47 #else
48 #define GDB_ATTACHED "1"
49 #endif
51 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
52 uint8_t *buf, int len, bool is_write)
54 CPUClass *cc = CPU_GET_CLASS(cpu);
56 if (cc->memory_rw_debug) {
57 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
59 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
62 enum {
63 GDB_SIGNAL_0 = 0,
64 GDB_SIGNAL_INT = 2,
65 GDB_SIGNAL_QUIT = 3,
66 GDB_SIGNAL_TRAP = 5,
67 GDB_SIGNAL_ABRT = 6,
68 GDB_SIGNAL_ALRM = 14,
69 GDB_SIGNAL_IO = 23,
70 GDB_SIGNAL_XCPU = 24,
71 GDB_SIGNAL_UNKNOWN = 143
74 #ifdef CONFIG_USER_ONLY
76 /* Map target signal numbers to GDB protocol signal numbers and vice
77 * versa. For user emulation's currently supported systems, we can
78 * assume most signals are defined.
81 static int gdb_signal_table[] = {
83 TARGET_SIGHUP,
84 TARGET_SIGINT,
85 TARGET_SIGQUIT,
86 TARGET_SIGILL,
87 TARGET_SIGTRAP,
88 TARGET_SIGABRT,
89 -1, /* SIGEMT */
90 TARGET_SIGFPE,
91 TARGET_SIGKILL,
92 TARGET_SIGBUS,
93 TARGET_SIGSEGV,
94 TARGET_SIGSYS,
95 TARGET_SIGPIPE,
96 TARGET_SIGALRM,
97 TARGET_SIGTERM,
98 TARGET_SIGURG,
99 TARGET_SIGSTOP,
100 TARGET_SIGTSTP,
101 TARGET_SIGCONT,
102 TARGET_SIGCHLD,
103 TARGET_SIGTTIN,
104 TARGET_SIGTTOU,
105 TARGET_SIGIO,
106 TARGET_SIGXCPU,
107 TARGET_SIGXFSZ,
108 TARGET_SIGVTALRM,
109 TARGET_SIGPROF,
110 TARGET_SIGWINCH,
111 -1, /* SIGLOST */
112 TARGET_SIGUSR1,
113 TARGET_SIGUSR2,
114 #ifdef TARGET_SIGPWR
115 TARGET_SIGPWR,
116 #else
118 #endif
119 -1, /* SIGPOLL */
131 #ifdef __SIGRTMIN
132 __SIGRTMIN + 1,
133 __SIGRTMIN + 2,
134 __SIGRTMIN + 3,
135 __SIGRTMIN + 4,
136 __SIGRTMIN + 5,
137 __SIGRTMIN + 6,
138 __SIGRTMIN + 7,
139 __SIGRTMIN + 8,
140 __SIGRTMIN + 9,
141 __SIGRTMIN + 10,
142 __SIGRTMIN + 11,
143 __SIGRTMIN + 12,
144 __SIGRTMIN + 13,
145 __SIGRTMIN + 14,
146 __SIGRTMIN + 15,
147 __SIGRTMIN + 16,
148 __SIGRTMIN + 17,
149 __SIGRTMIN + 18,
150 __SIGRTMIN + 19,
151 __SIGRTMIN + 20,
152 __SIGRTMIN + 21,
153 __SIGRTMIN + 22,
154 __SIGRTMIN + 23,
155 __SIGRTMIN + 24,
156 __SIGRTMIN + 25,
157 __SIGRTMIN + 26,
158 __SIGRTMIN + 27,
159 __SIGRTMIN + 28,
160 __SIGRTMIN + 29,
161 __SIGRTMIN + 30,
162 __SIGRTMIN + 31,
163 -1, /* SIGCANCEL */
164 __SIGRTMIN,
165 __SIGRTMIN + 32,
166 __SIGRTMIN + 33,
167 __SIGRTMIN + 34,
168 __SIGRTMIN + 35,
169 __SIGRTMIN + 36,
170 __SIGRTMIN + 37,
171 __SIGRTMIN + 38,
172 __SIGRTMIN + 39,
173 __SIGRTMIN + 40,
174 __SIGRTMIN + 41,
175 __SIGRTMIN + 42,
176 __SIGRTMIN + 43,
177 __SIGRTMIN + 44,
178 __SIGRTMIN + 45,
179 __SIGRTMIN + 46,
180 __SIGRTMIN + 47,
181 __SIGRTMIN + 48,
182 __SIGRTMIN + 49,
183 __SIGRTMIN + 50,
184 __SIGRTMIN + 51,
185 __SIGRTMIN + 52,
186 __SIGRTMIN + 53,
187 __SIGRTMIN + 54,
188 __SIGRTMIN + 55,
189 __SIGRTMIN + 56,
190 __SIGRTMIN + 57,
191 __SIGRTMIN + 58,
192 __SIGRTMIN + 59,
193 __SIGRTMIN + 60,
194 __SIGRTMIN + 61,
195 __SIGRTMIN + 62,
196 __SIGRTMIN + 63,
197 __SIGRTMIN + 64,
198 __SIGRTMIN + 65,
199 __SIGRTMIN + 66,
200 __SIGRTMIN + 67,
201 __SIGRTMIN + 68,
202 __SIGRTMIN + 69,
203 __SIGRTMIN + 70,
204 __SIGRTMIN + 71,
205 __SIGRTMIN + 72,
206 __SIGRTMIN + 73,
207 __SIGRTMIN + 74,
208 __SIGRTMIN + 75,
209 __SIGRTMIN + 76,
210 __SIGRTMIN + 77,
211 __SIGRTMIN + 78,
212 __SIGRTMIN + 79,
213 __SIGRTMIN + 80,
214 __SIGRTMIN + 81,
215 __SIGRTMIN + 82,
216 __SIGRTMIN + 83,
217 __SIGRTMIN + 84,
218 __SIGRTMIN + 85,
219 __SIGRTMIN + 86,
220 __SIGRTMIN + 87,
221 __SIGRTMIN + 88,
222 __SIGRTMIN + 89,
223 __SIGRTMIN + 90,
224 __SIGRTMIN + 91,
225 __SIGRTMIN + 92,
226 __SIGRTMIN + 93,
227 __SIGRTMIN + 94,
228 __SIGRTMIN + 95,
229 -1, /* SIGINFO */
230 -1, /* UNKNOWN */
231 -1, /* DEFAULT */
238 #endif
240 #else
241 /* In system mode we only need SIGINT and SIGTRAP; other signals
242 are not yet supported. */
244 enum {
245 TARGET_SIGINT = 2,
246 TARGET_SIGTRAP = 5
249 static int gdb_signal_table[] = {
252 TARGET_SIGINT,
255 TARGET_SIGTRAP
257 #endif
259 #ifdef CONFIG_USER_ONLY
260 static int target_signal_to_gdb (int sig)
262 int i;
263 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
264 if (gdb_signal_table[i] == sig)
265 return i;
266 return GDB_SIGNAL_UNKNOWN;
268 #endif
270 static int gdb_signal_to_target (int sig)
272 if (sig < ARRAY_SIZE (gdb_signal_table))
273 return gdb_signal_table[sig];
274 else
275 return -1;
278 //#define DEBUG_GDB
280 typedef struct GDBRegisterState {
281 int base_reg;
282 int num_regs;
283 gdb_reg_cb get_reg;
284 gdb_reg_cb set_reg;
285 const char *xml;
286 struct GDBRegisterState *next;
287 } GDBRegisterState;
289 enum RSState {
290 RS_INACTIVE,
291 RS_IDLE,
292 RS_GETLINE,
293 RS_CHKSUM1,
294 RS_CHKSUM2,
296 typedef struct GDBState {
297 CPUState *c_cpu; /* current CPU for step/continue ops */
298 CPUState *g_cpu; /* current CPU for other ops */
299 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
300 enum RSState state; /* parsing state */
301 char line_buf[MAX_PACKET_LENGTH];
302 int line_buf_index;
303 int line_csum;
304 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
305 int last_packet_len;
306 int signal;
307 #ifdef CONFIG_USER_ONLY
308 int fd;
309 int running_state;
310 #else
311 CharDriverState *chr;
312 CharDriverState *mon_chr;
313 #endif
314 char syscall_buf[256];
315 gdb_syscall_complete_cb current_syscall_cb;
316 } GDBState;
318 /* By default use no IRQs and no timers while single stepping so as to
319 * make single stepping like an ICE HW step.
321 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
323 static GDBState *gdbserver_state;
325 bool gdb_has_xml;
327 #ifdef CONFIG_USER_ONLY
328 /* XXX: This is not thread safe. Do we care? */
329 static int gdbserver_fd = -1;
331 static int get_char(GDBState *s)
333 uint8_t ch;
334 int ret;
336 for(;;) {
337 ret = qemu_recv(s->fd, &ch, 1, 0);
338 if (ret < 0) {
339 if (errno == ECONNRESET)
340 s->fd = -1;
341 if (errno != EINTR && errno != EAGAIN)
342 return -1;
343 } else if (ret == 0) {
344 close(s->fd);
345 s->fd = -1;
346 return -1;
347 } else {
348 break;
351 return ch;
353 #endif
355 static enum {
356 GDB_SYS_UNKNOWN,
357 GDB_SYS_ENABLED,
358 GDB_SYS_DISABLED,
359 } gdb_syscall_mode;
361 /* Decide if either remote gdb syscalls or native file IO should be used. */
362 int use_gdb_syscalls(void)
364 SemihostingTarget target = semihosting_get_target();
365 if (target == SEMIHOSTING_TARGET_NATIVE) {
366 /* -semihosting-config target=native */
367 return false;
368 } else if (target == SEMIHOSTING_TARGET_GDB) {
369 /* -semihosting-config target=gdb */
370 return true;
373 /* -semihosting-config target=auto */
374 /* On the first call check if gdb is connected and remember. */
375 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
376 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
377 : GDB_SYS_DISABLED);
379 return gdb_syscall_mode == GDB_SYS_ENABLED;
382 /* Resume execution. */
383 static inline void gdb_continue(GDBState *s)
385 #ifdef CONFIG_USER_ONLY
386 s->running_state = 1;
387 #else
388 if (!runstate_needs_reset()) {
389 vm_start();
391 #endif
394 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
396 #ifdef CONFIG_USER_ONLY
397 int ret;
399 while (len > 0) {
400 ret = send(s->fd, buf, len, 0);
401 if (ret < 0) {
402 if (errno != EINTR && errno != EAGAIN)
403 return;
404 } else {
405 buf += ret;
406 len -= ret;
409 #else
410 qemu_chr_fe_write(s->chr, buf, len);
411 #endif
414 static inline int fromhex(int v)
416 if (v >= '0' && v <= '9')
417 return v - '0';
418 else if (v >= 'A' && v <= 'F')
419 return v - 'A' + 10;
420 else if (v >= 'a' && v <= 'f')
421 return v - 'a' + 10;
422 else
423 return 0;
426 static inline int tohex(int v)
428 if (v < 10)
429 return v + '0';
430 else
431 return v - 10 + 'a';
434 static void memtohex(char *buf, const uint8_t *mem, int len)
436 int i, c;
437 char *q;
438 q = buf;
439 for(i = 0; i < len; i++) {
440 c = mem[i];
441 *q++ = tohex(c >> 4);
442 *q++ = tohex(c & 0xf);
444 *q = '\0';
447 static void hextomem(uint8_t *mem, const char *buf, int len)
449 int i;
451 for(i = 0; i < len; i++) {
452 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
453 buf += 2;
457 /* return -1 if error, 0 if OK */
458 static int put_packet_binary(GDBState *s, const char *buf, int len)
460 int csum, i;
461 uint8_t *p;
463 for(;;) {
464 p = s->last_packet;
465 *(p++) = '$';
466 memcpy(p, buf, len);
467 p += len;
468 csum = 0;
469 for(i = 0; i < len; i++) {
470 csum += buf[i];
472 *(p++) = '#';
473 *(p++) = tohex((csum >> 4) & 0xf);
474 *(p++) = tohex((csum) & 0xf);
476 s->last_packet_len = p - s->last_packet;
477 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
479 #ifdef CONFIG_USER_ONLY
480 i = get_char(s);
481 if (i < 0)
482 return -1;
483 if (i == '+')
484 break;
485 #else
486 break;
487 #endif
489 return 0;
492 /* return -1 if error, 0 if OK */
493 static int put_packet(GDBState *s, const char *buf)
495 #ifdef DEBUG_GDB
496 printf("reply='%s'\n", buf);
497 #endif
499 return put_packet_binary(s, buf, strlen(buf));
502 /* Encode data using the encoding for 'x' packets. */
503 static int memtox(char *buf, const char *mem, int len)
505 char *p = buf;
506 char c;
508 while (len--) {
509 c = *(mem++);
510 switch (c) {
511 case '#': case '$': case '*': case '}':
512 *(p++) = '}';
513 *(p++) = c ^ 0x20;
514 break;
515 default:
516 *(p++) = c;
517 break;
520 return p - buf;
523 static const char *get_feature_xml(const char *p, const char **newp,
524 CPUClass *cc)
526 size_t len;
527 int i;
528 const char *name;
529 static char target_xml[1024];
531 len = 0;
532 while (p[len] && p[len] != ':')
533 len++;
534 *newp = p + len;
536 name = NULL;
537 if (strncmp(p, "target.xml", len) == 0) {
538 /* Generate the XML description for this CPU. */
539 if (!target_xml[0]) {
540 GDBRegisterState *r;
541 CPUState *cpu = first_cpu;
543 snprintf(target_xml, sizeof(target_xml),
544 "<?xml version=\"1.0\"?>"
545 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
546 "<target>"
547 "<xi:include href=\"%s\"/>",
548 cc->gdb_core_xml_file);
550 for (r = cpu->gdb_regs; r; r = r->next) {
551 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
552 pstrcat(target_xml, sizeof(target_xml), r->xml);
553 pstrcat(target_xml, sizeof(target_xml), "\"/>");
555 pstrcat(target_xml, sizeof(target_xml), "</target>");
557 return target_xml;
559 for (i = 0; ; i++) {
560 name = xml_builtin[i][0];
561 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
562 break;
564 return name ? xml_builtin[i][1] : NULL;
567 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
569 CPUClass *cc = CPU_GET_CLASS(cpu);
570 CPUArchState *env = cpu->env_ptr;
571 GDBRegisterState *r;
573 if (reg < cc->gdb_num_core_regs) {
574 return cc->gdb_read_register(cpu, mem_buf, reg);
577 for (r = cpu->gdb_regs; r; r = r->next) {
578 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
579 return r->get_reg(env, mem_buf, reg - r->base_reg);
582 return 0;
585 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
587 CPUClass *cc = CPU_GET_CLASS(cpu);
588 CPUArchState *env = cpu->env_ptr;
589 GDBRegisterState *r;
591 if (reg < cc->gdb_num_core_regs) {
592 return cc->gdb_write_register(cpu, mem_buf, reg);
595 for (r = cpu->gdb_regs; r; r = r->next) {
596 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
597 return r->set_reg(env, mem_buf, reg - r->base_reg);
600 return 0;
603 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
604 specifies the first register number and these registers are included in
605 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
606 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
609 void gdb_register_coprocessor(CPUState *cpu,
610 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
611 int num_regs, const char *xml, int g_pos)
613 GDBRegisterState *s;
614 GDBRegisterState **p;
616 p = &cpu->gdb_regs;
617 while (*p) {
618 /* Check for duplicates. */
619 if (strcmp((*p)->xml, xml) == 0)
620 return;
621 p = &(*p)->next;
624 s = g_new0(GDBRegisterState, 1);
625 s->base_reg = cpu->gdb_num_regs;
626 s->num_regs = num_regs;
627 s->get_reg = get_reg;
628 s->set_reg = set_reg;
629 s->xml = xml;
631 /* Add to end of list. */
632 cpu->gdb_num_regs += num_regs;
633 *p = s;
634 if (g_pos) {
635 if (g_pos != s->base_reg) {
636 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
637 "Expected %d got %d\n", xml, g_pos, s->base_reg);
638 } else {
639 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
644 #ifndef CONFIG_USER_ONLY
645 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
646 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
648 static const int xlat[] = {
649 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
650 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
651 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
654 CPUClass *cc = CPU_GET_CLASS(cpu);
655 int cputype = xlat[gdbtype];
657 if (cc->gdb_stop_before_watchpoint) {
658 cputype |= BP_STOP_BEFORE_ACCESS;
660 return cputype;
662 #endif
664 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
666 CPUState *cpu;
667 int err = 0;
669 if (kvm_enabled()) {
670 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
673 switch (type) {
674 case GDB_BREAKPOINT_SW:
675 case GDB_BREAKPOINT_HW:
676 CPU_FOREACH(cpu) {
677 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
678 if (err) {
679 break;
682 return err;
683 #ifndef CONFIG_USER_ONLY
684 case GDB_WATCHPOINT_WRITE:
685 case GDB_WATCHPOINT_READ:
686 case GDB_WATCHPOINT_ACCESS:
687 CPU_FOREACH(cpu) {
688 err = cpu_watchpoint_insert(cpu, addr, len,
689 xlat_gdb_type(cpu, type), NULL);
690 if (err) {
691 break;
694 return err;
695 #endif
696 default:
697 return -ENOSYS;
701 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
703 CPUState *cpu;
704 int err = 0;
706 if (kvm_enabled()) {
707 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
710 switch (type) {
711 case GDB_BREAKPOINT_SW:
712 case GDB_BREAKPOINT_HW:
713 CPU_FOREACH(cpu) {
714 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
715 if (err) {
716 break;
719 return err;
720 #ifndef CONFIG_USER_ONLY
721 case GDB_WATCHPOINT_WRITE:
722 case GDB_WATCHPOINT_READ:
723 case GDB_WATCHPOINT_ACCESS:
724 CPU_FOREACH(cpu) {
725 err = cpu_watchpoint_remove(cpu, addr, len,
726 xlat_gdb_type(cpu, type));
727 if (err)
728 break;
730 return err;
731 #endif
732 default:
733 return -ENOSYS;
737 static void gdb_breakpoint_remove_all(void)
739 CPUState *cpu;
741 if (kvm_enabled()) {
742 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
743 return;
746 CPU_FOREACH(cpu) {
747 cpu_breakpoint_remove_all(cpu, BP_GDB);
748 #ifndef CONFIG_USER_ONLY
749 cpu_watchpoint_remove_all(cpu, BP_GDB);
750 #endif
754 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
756 CPUState *cpu = s->c_cpu;
758 cpu_synchronize_state(cpu);
759 cpu_set_pc(cpu, pc);
762 static CPUState *find_cpu(uint32_t thread_id)
764 CPUState *cpu;
766 CPU_FOREACH(cpu) {
767 if (cpu_index(cpu) == thread_id) {
768 return cpu;
772 return NULL;
775 static int is_query_packet(const char *p, const char *query, char separator)
777 unsigned int query_len = strlen(query);
779 return strncmp(p, query, query_len) == 0 &&
780 (p[query_len] == '\0' || p[query_len] == separator);
783 static int gdb_handle_packet(GDBState *s, const char *line_buf)
785 CPUState *cpu;
786 CPUClass *cc;
787 const char *p;
788 uint32_t thread;
789 int ch, reg_size, type, res;
790 char buf[MAX_PACKET_LENGTH];
791 uint8_t mem_buf[MAX_PACKET_LENGTH];
792 uint8_t *registers;
793 target_ulong addr, len;
795 #ifdef DEBUG_GDB
796 printf("command='%s'\n", line_buf);
797 #endif
798 p = line_buf;
799 ch = *p++;
800 switch(ch) {
801 case '?':
802 /* TODO: Make this return the correct value for user-mode. */
803 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
804 cpu_index(s->c_cpu));
805 put_packet(s, buf);
806 /* Remove all the breakpoints when this query is issued,
807 * because gdb is doing and initial connect and the state
808 * should be cleaned up.
810 gdb_breakpoint_remove_all();
811 break;
812 case 'c':
813 if (*p != '\0') {
814 addr = strtoull(p, (char **)&p, 16);
815 gdb_set_cpu_pc(s, addr);
817 s->signal = 0;
818 gdb_continue(s);
819 return RS_IDLE;
820 case 'C':
821 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
822 if (s->signal == -1)
823 s->signal = 0;
824 gdb_continue(s);
825 return RS_IDLE;
826 case 'v':
827 if (strncmp(p, "Cont", 4) == 0) {
828 int res_signal, res_thread;
830 p += 4;
831 if (*p == '?') {
832 put_packet(s, "vCont;c;C;s;S");
833 break;
835 res = 0;
836 res_signal = 0;
837 res_thread = 0;
838 while (*p) {
839 int action, signal;
841 if (*p++ != ';') {
842 res = 0;
843 break;
845 action = *p++;
846 signal = 0;
847 if (action == 'C' || action == 'S') {
848 signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
849 if (signal == -1) {
850 signal = 0;
852 } else if (action != 'c' && action != 's') {
853 res = 0;
854 break;
856 thread = 0;
857 if (*p == ':') {
858 thread = strtoull(p+1, (char **)&p, 16);
860 action = tolower(action);
861 if (res == 0 || (res == 'c' && action == 's')) {
862 res = action;
863 res_signal = signal;
864 res_thread = thread;
867 if (res) {
868 if (res_thread != -1 && res_thread != 0) {
869 cpu = find_cpu(res_thread);
870 if (cpu == NULL) {
871 put_packet(s, "E22");
872 break;
874 s->c_cpu = cpu;
876 if (res == 's') {
877 cpu_single_step(s->c_cpu, sstep_flags);
879 s->signal = res_signal;
880 gdb_continue(s);
881 return RS_IDLE;
883 break;
884 } else {
885 goto unknown_command;
887 case 'k':
888 /* Kill the target */
889 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
890 exit(0);
891 case 'D':
892 /* Detach packet */
893 gdb_breakpoint_remove_all();
894 gdb_syscall_mode = GDB_SYS_DISABLED;
895 gdb_continue(s);
896 put_packet(s, "OK");
897 break;
898 case 's':
899 if (*p != '\0') {
900 addr = strtoull(p, (char **)&p, 16);
901 gdb_set_cpu_pc(s, addr);
903 cpu_single_step(s->c_cpu, sstep_flags);
904 gdb_continue(s);
905 return RS_IDLE;
906 case 'F':
908 target_ulong ret;
909 target_ulong err;
911 ret = strtoull(p, (char **)&p, 16);
912 if (*p == ',') {
913 p++;
914 err = strtoull(p, (char **)&p, 16);
915 } else {
916 err = 0;
918 if (*p == ',')
919 p++;
920 type = *p;
921 if (s->current_syscall_cb) {
922 s->current_syscall_cb(s->c_cpu, ret, err);
923 s->current_syscall_cb = NULL;
925 if (type == 'C') {
926 put_packet(s, "T02");
927 } else {
928 gdb_continue(s);
931 break;
932 case 'g':
933 cpu_synchronize_state(s->g_cpu);
934 len = 0;
935 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
936 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
937 len += reg_size;
939 memtohex(buf, mem_buf, len);
940 put_packet(s, buf);
941 break;
942 case 'G':
943 cpu_synchronize_state(s->g_cpu);
944 registers = mem_buf;
945 len = strlen(p) / 2;
946 hextomem((uint8_t *)registers, p, len);
947 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
948 reg_size = gdb_write_register(s->g_cpu, registers, addr);
949 len -= reg_size;
950 registers += reg_size;
952 put_packet(s, "OK");
953 break;
954 case 'm':
955 addr = strtoull(p, (char **)&p, 16);
956 if (*p == ',')
957 p++;
958 len = strtoull(p, NULL, 16);
959 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
960 put_packet (s, "E14");
961 } else {
962 memtohex(buf, mem_buf, len);
963 put_packet(s, buf);
965 break;
966 case 'M':
967 addr = strtoull(p, (char **)&p, 16);
968 if (*p == ',')
969 p++;
970 len = strtoull(p, (char **)&p, 16);
971 if (*p == ':')
972 p++;
973 hextomem(mem_buf, p, len);
974 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
975 true) != 0) {
976 put_packet(s, "E14");
977 } else {
978 put_packet(s, "OK");
980 break;
981 case 'p':
982 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
983 This works, but can be very slow. Anything new enough to
984 understand XML also knows how to use this properly. */
985 if (!gdb_has_xml)
986 goto unknown_command;
987 addr = strtoull(p, (char **)&p, 16);
988 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
989 if (reg_size) {
990 memtohex(buf, mem_buf, reg_size);
991 put_packet(s, buf);
992 } else {
993 put_packet(s, "E14");
995 break;
996 case 'P':
997 if (!gdb_has_xml)
998 goto unknown_command;
999 addr = strtoull(p, (char **)&p, 16);
1000 if (*p == '=')
1001 p++;
1002 reg_size = strlen(p) / 2;
1003 hextomem(mem_buf, p, reg_size);
1004 gdb_write_register(s->g_cpu, mem_buf, addr);
1005 put_packet(s, "OK");
1006 break;
1007 case 'Z':
1008 case 'z':
1009 type = strtoul(p, (char **)&p, 16);
1010 if (*p == ',')
1011 p++;
1012 addr = strtoull(p, (char **)&p, 16);
1013 if (*p == ',')
1014 p++;
1015 len = strtoull(p, (char **)&p, 16);
1016 if (ch == 'Z')
1017 res = gdb_breakpoint_insert(addr, len, type);
1018 else
1019 res = gdb_breakpoint_remove(addr, len, type);
1020 if (res >= 0)
1021 put_packet(s, "OK");
1022 else if (res == -ENOSYS)
1023 put_packet(s, "");
1024 else
1025 put_packet(s, "E22");
1026 break;
1027 case 'H':
1028 type = *p++;
1029 thread = strtoull(p, (char **)&p, 16);
1030 if (thread == -1 || thread == 0) {
1031 put_packet(s, "OK");
1032 break;
1034 cpu = find_cpu(thread);
1035 if (cpu == NULL) {
1036 put_packet(s, "E22");
1037 break;
1039 switch (type) {
1040 case 'c':
1041 s->c_cpu = cpu;
1042 put_packet(s, "OK");
1043 break;
1044 case 'g':
1045 s->g_cpu = cpu;
1046 put_packet(s, "OK");
1047 break;
1048 default:
1049 put_packet(s, "E22");
1050 break;
1052 break;
1053 case 'T':
1054 thread = strtoull(p, (char **)&p, 16);
1055 cpu = find_cpu(thread);
1057 if (cpu != NULL) {
1058 put_packet(s, "OK");
1059 } else {
1060 put_packet(s, "E22");
1062 break;
1063 case 'q':
1064 case 'Q':
1065 /* parse any 'q' packets here */
1066 if (!strcmp(p,"qemu.sstepbits")) {
1067 /* Query Breakpoint bit definitions */
1068 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1069 SSTEP_ENABLE,
1070 SSTEP_NOIRQ,
1071 SSTEP_NOTIMER);
1072 put_packet(s, buf);
1073 break;
1074 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1075 /* Display or change the sstep_flags */
1076 p += 10;
1077 if (*p != '=') {
1078 /* Display current setting */
1079 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1080 put_packet(s, buf);
1081 break;
1083 p++;
1084 type = strtoul(p, (char **)&p, 16);
1085 sstep_flags = type;
1086 put_packet(s, "OK");
1087 break;
1088 } else if (strcmp(p,"C") == 0) {
1089 /* "Current thread" remains vague in the spec, so always return
1090 * the first CPU (gdb returns the first thread). */
1091 put_packet(s, "QC1");
1092 break;
1093 } else if (strcmp(p,"fThreadInfo") == 0) {
1094 s->query_cpu = first_cpu;
1095 goto report_cpuinfo;
1096 } else if (strcmp(p,"sThreadInfo") == 0) {
1097 report_cpuinfo:
1098 if (s->query_cpu) {
1099 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1100 put_packet(s, buf);
1101 s->query_cpu = CPU_NEXT(s->query_cpu);
1102 } else
1103 put_packet(s, "l");
1104 break;
1105 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1106 thread = strtoull(p+16, (char **)&p, 16);
1107 cpu = find_cpu(thread);
1108 if (cpu != NULL) {
1109 cpu_synchronize_state(cpu);
1110 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1111 "CPU#%d [%s]", cpu->cpu_index,
1112 cpu->halted ? "halted " : "running");
1113 memtohex(buf, mem_buf, len);
1114 put_packet(s, buf);
1116 break;
1118 #ifdef CONFIG_USER_ONLY
1119 else if (strcmp(p, "Offsets") == 0) {
1120 TaskState *ts = s->c_cpu->opaque;
1122 snprintf(buf, sizeof(buf),
1123 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1124 ";Bss=" TARGET_ABI_FMT_lx,
1125 ts->info->code_offset,
1126 ts->info->data_offset,
1127 ts->info->data_offset);
1128 put_packet(s, buf);
1129 break;
1131 #else /* !CONFIG_USER_ONLY */
1132 else if (strncmp(p, "Rcmd,", 5) == 0) {
1133 int len = strlen(p + 5);
1135 if ((len % 2) != 0) {
1136 put_packet(s, "E01");
1137 break;
1139 hextomem(mem_buf, p + 5, len);
1140 len = len / 2;
1141 mem_buf[len++] = 0;
1142 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1143 put_packet(s, "OK");
1144 break;
1146 #endif /* !CONFIG_USER_ONLY */
1147 if (is_query_packet(p, "Supported", ':')) {
1148 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1149 cc = CPU_GET_CLASS(first_cpu);
1150 if (cc->gdb_core_xml_file != NULL) {
1151 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1153 put_packet(s, buf);
1154 break;
1156 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1157 const char *xml;
1158 target_ulong total_len;
1160 cc = CPU_GET_CLASS(first_cpu);
1161 if (cc->gdb_core_xml_file == NULL) {
1162 goto unknown_command;
1165 gdb_has_xml = true;
1166 p += 19;
1167 xml = get_feature_xml(p, &p, cc);
1168 if (!xml) {
1169 snprintf(buf, sizeof(buf), "E00");
1170 put_packet(s, buf);
1171 break;
1174 if (*p == ':')
1175 p++;
1176 addr = strtoul(p, (char **)&p, 16);
1177 if (*p == ',')
1178 p++;
1179 len = strtoul(p, (char **)&p, 16);
1181 total_len = strlen(xml);
1182 if (addr > total_len) {
1183 snprintf(buf, sizeof(buf), "E00");
1184 put_packet(s, buf);
1185 break;
1187 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1188 len = (MAX_PACKET_LENGTH - 5) / 2;
1189 if (len < total_len - addr) {
1190 buf[0] = 'm';
1191 len = memtox(buf + 1, xml + addr, len);
1192 } else {
1193 buf[0] = 'l';
1194 len = memtox(buf + 1, xml + addr, total_len - addr);
1196 put_packet_binary(s, buf, len + 1);
1197 break;
1199 if (is_query_packet(p, "Attached", ':')) {
1200 put_packet(s, GDB_ATTACHED);
1201 break;
1203 /* Unrecognised 'q' command. */
1204 goto unknown_command;
1206 default:
1207 unknown_command:
1208 /* put empty packet */
1209 buf[0] = '\0';
1210 put_packet(s, buf);
1211 break;
1213 return RS_IDLE;
1216 void gdb_set_stop_cpu(CPUState *cpu)
1218 gdbserver_state->c_cpu = cpu;
1219 gdbserver_state->g_cpu = cpu;
1222 #ifndef CONFIG_USER_ONLY
1223 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1225 GDBState *s = gdbserver_state;
1226 CPUState *cpu = s->c_cpu;
1227 char buf[256];
1228 const char *type;
1229 int ret;
1231 if (running || s->state == RS_INACTIVE) {
1232 return;
1234 /* Is there a GDB syscall waiting to be sent? */
1235 if (s->current_syscall_cb) {
1236 put_packet(s, s->syscall_buf);
1237 return;
1239 switch (state) {
1240 case RUN_STATE_DEBUG:
1241 if (cpu->watchpoint_hit) {
1242 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1243 case BP_MEM_READ:
1244 type = "r";
1245 break;
1246 case BP_MEM_ACCESS:
1247 type = "a";
1248 break;
1249 default:
1250 type = "";
1251 break;
1253 snprintf(buf, sizeof(buf),
1254 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1255 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1256 (target_ulong)cpu->watchpoint_hit->vaddr);
1257 cpu->watchpoint_hit = NULL;
1258 goto send_packet;
1260 tb_flush(cpu);
1261 ret = GDB_SIGNAL_TRAP;
1262 break;
1263 case RUN_STATE_PAUSED:
1264 ret = GDB_SIGNAL_INT;
1265 break;
1266 case RUN_STATE_SHUTDOWN:
1267 ret = GDB_SIGNAL_QUIT;
1268 break;
1269 case RUN_STATE_IO_ERROR:
1270 ret = GDB_SIGNAL_IO;
1271 break;
1272 case RUN_STATE_WATCHDOG:
1273 ret = GDB_SIGNAL_ALRM;
1274 break;
1275 case RUN_STATE_INTERNAL_ERROR:
1276 ret = GDB_SIGNAL_ABRT;
1277 break;
1278 case RUN_STATE_SAVE_VM:
1279 case RUN_STATE_RESTORE_VM:
1280 return;
1281 case RUN_STATE_FINISH_MIGRATE:
1282 ret = GDB_SIGNAL_XCPU;
1283 break;
1284 default:
1285 ret = GDB_SIGNAL_UNKNOWN;
1286 break;
1288 gdb_set_stop_cpu(cpu);
1289 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1291 send_packet:
1292 put_packet(s, buf);
1294 /* disable single step if it was enabled */
1295 cpu_single_step(cpu, 0);
1297 #endif
1299 /* Send a gdb syscall request.
1300 This accepts limited printf-style format specifiers, specifically:
1301 %x - target_ulong argument printed in hex.
1302 %lx - 64-bit argument printed in hex.
1303 %s - string pointer (target_ulong) and length (int) pair. */
1304 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1306 char *p;
1307 char *p_end;
1308 target_ulong addr;
1309 uint64_t i64;
1310 GDBState *s;
1312 s = gdbserver_state;
1313 if (!s)
1314 return;
1315 s->current_syscall_cb = cb;
1316 #ifndef CONFIG_USER_ONLY
1317 vm_stop(RUN_STATE_DEBUG);
1318 #endif
1319 p = s->syscall_buf;
1320 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1321 *(p++) = 'F';
1322 while (*fmt) {
1323 if (*fmt == '%') {
1324 fmt++;
1325 switch (*fmt++) {
1326 case 'x':
1327 addr = va_arg(va, target_ulong);
1328 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1329 break;
1330 case 'l':
1331 if (*(fmt++) != 'x')
1332 goto bad_format;
1333 i64 = va_arg(va, uint64_t);
1334 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1335 break;
1336 case 's':
1337 addr = va_arg(va, target_ulong);
1338 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1339 addr, va_arg(va, int));
1340 break;
1341 default:
1342 bad_format:
1343 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1344 fmt - 1);
1345 break;
1347 } else {
1348 *(p++) = *(fmt++);
1351 *p = 0;
1352 #ifdef CONFIG_USER_ONLY
1353 put_packet(s, s->syscall_buf);
1354 gdb_handlesig(s->c_cpu, 0);
1355 #else
1356 /* In this case wait to send the syscall packet until notification that
1357 the CPU has stopped. This must be done because if the packet is sent
1358 now the reply from the syscall request could be received while the CPU
1359 is still in the running state, which can cause packets to be dropped
1360 and state transition 'T' packets to be sent while the syscall is still
1361 being processed. */
1362 qemu_cpu_kick(s->c_cpu);
1363 #endif
1366 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1368 va_list va;
1370 va_start(va, fmt);
1371 gdb_do_syscallv(cb, fmt, va);
1372 va_end(va);
1375 static void gdb_read_byte(GDBState *s, int ch)
1377 int i, csum;
1378 uint8_t reply;
1380 #ifndef CONFIG_USER_ONLY
1381 if (s->last_packet_len) {
1382 /* Waiting for a response to the last packet. If we see the start
1383 of a new command then abandon the previous response. */
1384 if (ch == '-') {
1385 #ifdef DEBUG_GDB
1386 printf("Got NACK, retransmitting\n");
1387 #endif
1388 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1390 #ifdef DEBUG_GDB
1391 else if (ch == '+')
1392 printf("Got ACK\n");
1393 else
1394 printf("Got '%c' when expecting ACK/NACK\n", ch);
1395 #endif
1396 if (ch == '+' || ch == '$')
1397 s->last_packet_len = 0;
1398 if (ch != '$')
1399 return;
1401 if (runstate_is_running()) {
1402 /* when the CPU is running, we cannot do anything except stop
1403 it when receiving a char */
1404 vm_stop(RUN_STATE_PAUSED);
1405 } else
1406 #endif
1408 switch(s->state) {
1409 case RS_IDLE:
1410 if (ch == '$') {
1411 s->line_buf_index = 0;
1412 s->state = RS_GETLINE;
1414 break;
1415 case RS_GETLINE:
1416 if (ch == '#') {
1417 s->state = RS_CHKSUM1;
1418 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1419 s->state = RS_IDLE;
1420 } else {
1421 s->line_buf[s->line_buf_index++] = ch;
1423 break;
1424 case RS_CHKSUM1:
1425 s->line_buf[s->line_buf_index] = '\0';
1426 s->line_csum = fromhex(ch) << 4;
1427 s->state = RS_CHKSUM2;
1428 break;
1429 case RS_CHKSUM2:
1430 s->line_csum |= fromhex(ch);
1431 csum = 0;
1432 for(i = 0; i < s->line_buf_index; i++) {
1433 csum += s->line_buf[i];
1435 if (s->line_csum != (csum & 0xff)) {
1436 reply = '-';
1437 put_buffer(s, &reply, 1);
1438 s->state = RS_IDLE;
1439 } else {
1440 reply = '+';
1441 put_buffer(s, &reply, 1);
1442 s->state = gdb_handle_packet(s, s->line_buf);
1444 break;
1445 default:
1446 abort();
1451 /* Tell the remote gdb that the process has exited. */
1452 void gdb_exit(CPUArchState *env, int code)
1454 GDBState *s;
1455 char buf[4];
1457 s = gdbserver_state;
1458 if (!s) {
1459 return;
1461 #ifdef CONFIG_USER_ONLY
1462 if (gdbserver_fd < 0 || s->fd < 0) {
1463 return;
1465 #else
1466 if (!s->chr) {
1467 return;
1469 #endif
1471 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1472 put_packet(s, buf);
1474 #ifndef CONFIG_USER_ONLY
1475 qemu_chr_delete(s->chr);
1476 #endif
1479 #ifdef CONFIG_USER_ONLY
1481 gdb_queuesig (void)
1483 GDBState *s;
1485 s = gdbserver_state;
1487 if (gdbserver_fd < 0 || s->fd < 0)
1488 return 0;
1489 else
1490 return 1;
1494 gdb_handlesig(CPUState *cpu, int sig)
1496 GDBState *s;
1497 char buf[256];
1498 int n;
1500 s = gdbserver_state;
1501 if (gdbserver_fd < 0 || s->fd < 0) {
1502 return sig;
1505 /* disable single step if it was enabled */
1506 cpu_single_step(cpu, 0);
1507 tb_flush(cpu);
1509 if (sig != 0) {
1510 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1511 put_packet(s, buf);
1513 /* put_packet() might have detected that the peer terminated the
1514 connection. */
1515 if (s->fd < 0) {
1516 return sig;
1519 sig = 0;
1520 s->state = RS_IDLE;
1521 s->running_state = 0;
1522 while (s->running_state == 0) {
1523 n = read(s->fd, buf, 256);
1524 if (n > 0) {
1525 int i;
1527 for (i = 0; i < n; i++) {
1528 gdb_read_byte(s, buf[i]);
1530 } else if (n == 0 || errno != EAGAIN) {
1531 /* XXX: Connection closed. Should probably wait for another
1532 connection before continuing. */
1533 return sig;
1536 sig = s->signal;
1537 s->signal = 0;
1538 return sig;
1541 /* Tell the remote gdb that the process has exited due to SIG. */
1542 void gdb_signalled(CPUArchState *env, int sig)
1544 GDBState *s;
1545 char buf[4];
1547 s = gdbserver_state;
1548 if (gdbserver_fd < 0 || s->fd < 0) {
1549 return;
1552 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1553 put_packet(s, buf);
1556 static void gdb_accept(void)
1558 GDBState *s;
1559 struct sockaddr_in sockaddr;
1560 socklen_t len;
1561 int fd;
1563 for(;;) {
1564 len = sizeof(sockaddr);
1565 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1566 if (fd < 0 && errno != EINTR) {
1567 perror("accept");
1568 return;
1569 } else if (fd >= 0) {
1570 #ifndef _WIN32
1571 fcntl(fd, F_SETFD, FD_CLOEXEC);
1572 #endif
1573 break;
1577 /* set short latency */
1578 socket_set_nodelay(fd);
1580 s = g_malloc0(sizeof(GDBState));
1581 s->c_cpu = first_cpu;
1582 s->g_cpu = first_cpu;
1583 s->fd = fd;
1584 gdb_has_xml = false;
1586 gdbserver_state = s;
1588 fcntl(fd, F_SETFL, O_NONBLOCK);
1591 static int gdbserver_open(int port)
1593 struct sockaddr_in sockaddr;
1594 int fd, ret;
1596 fd = socket(PF_INET, SOCK_STREAM, 0);
1597 if (fd < 0) {
1598 perror("socket");
1599 return -1;
1601 #ifndef _WIN32
1602 fcntl(fd, F_SETFD, FD_CLOEXEC);
1603 #endif
1605 socket_set_fast_reuse(fd);
1607 sockaddr.sin_family = AF_INET;
1608 sockaddr.sin_port = htons(port);
1609 sockaddr.sin_addr.s_addr = 0;
1610 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1611 if (ret < 0) {
1612 perror("bind");
1613 close(fd);
1614 return -1;
1616 ret = listen(fd, 0);
1617 if (ret < 0) {
1618 perror("listen");
1619 close(fd);
1620 return -1;
1622 return fd;
1625 int gdbserver_start(int port)
1627 gdbserver_fd = gdbserver_open(port);
1628 if (gdbserver_fd < 0)
1629 return -1;
1630 /* accept connections */
1631 gdb_accept();
1632 return 0;
1635 /* Disable gdb stub for child processes. */
1636 void gdbserver_fork(CPUState *cpu)
1638 GDBState *s = gdbserver_state;
1640 if (gdbserver_fd < 0 || s->fd < 0) {
1641 return;
1643 close(s->fd);
1644 s->fd = -1;
1645 cpu_breakpoint_remove_all(cpu, BP_GDB);
1646 cpu_watchpoint_remove_all(cpu, BP_GDB);
1648 #else
1649 static int gdb_chr_can_receive(void *opaque)
1651 /* We can handle an arbitrarily large amount of data.
1652 Pick the maximum packet size, which is as good as anything. */
1653 return MAX_PACKET_LENGTH;
1656 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1658 int i;
1660 for (i = 0; i < size; i++) {
1661 gdb_read_byte(gdbserver_state, buf[i]);
1665 static void gdb_chr_event(void *opaque, int event)
1667 switch (event) {
1668 case CHR_EVENT_OPENED:
1669 vm_stop(RUN_STATE_PAUSED);
1670 gdb_has_xml = false;
1671 break;
1672 default:
1673 break;
1677 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1679 char buf[MAX_PACKET_LENGTH];
1681 buf[0] = 'O';
1682 if (len > (MAX_PACKET_LENGTH/2) - 1)
1683 len = (MAX_PACKET_LENGTH/2) - 1;
1684 memtohex(buf + 1, (uint8_t *)msg, len);
1685 put_packet(s, buf);
1688 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1690 const char *p = (const char *)buf;
1691 int max_sz;
1693 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1694 for (;;) {
1695 if (len <= max_sz) {
1696 gdb_monitor_output(gdbserver_state, p, len);
1697 break;
1699 gdb_monitor_output(gdbserver_state, p, max_sz);
1700 p += max_sz;
1701 len -= max_sz;
1703 return len;
1706 #ifndef _WIN32
1707 static void gdb_sigterm_handler(int signal)
1709 if (runstate_is_running()) {
1710 vm_stop(RUN_STATE_PAUSED);
1713 #endif
1715 int gdbserver_start(const char *device)
1717 GDBState *s;
1718 char gdbstub_device_name[128];
1719 CharDriverState *chr = NULL;
1720 CharDriverState *mon_chr;
1722 if (!device)
1723 return -1;
1724 if (strcmp(device, "none") != 0) {
1725 if (strstart(device, "tcp:", NULL)) {
1726 /* enforce required TCP attributes */
1727 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1728 "%s,nowait,nodelay,server", device);
1729 device = gdbstub_device_name;
1731 #ifndef _WIN32
1732 else if (strcmp(device, "stdio") == 0) {
1733 struct sigaction act;
1735 memset(&act, 0, sizeof(act));
1736 act.sa_handler = gdb_sigterm_handler;
1737 sigaction(SIGINT, &act, NULL);
1739 #endif
1740 chr = qemu_chr_new("gdb", device, NULL);
1741 if (!chr)
1742 return -1;
1744 qemu_chr_fe_claim_no_fail(chr);
1745 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1746 gdb_chr_event, NULL);
1749 s = gdbserver_state;
1750 if (!s) {
1751 s = g_malloc0(sizeof(GDBState));
1752 gdbserver_state = s;
1754 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1756 /* Initialize a monitor terminal for gdb */
1757 mon_chr = qemu_chr_alloc();
1758 mon_chr->chr_write = gdb_monitor_write;
1759 monitor_init(mon_chr, 0);
1760 } else {
1761 if (s->chr)
1762 qemu_chr_delete(s->chr);
1763 mon_chr = s->mon_chr;
1764 memset(s, 0, sizeof(GDBState));
1766 s->c_cpu = first_cpu;
1767 s->g_cpu = first_cpu;
1768 s->chr = chr;
1769 s->state = chr ? RS_IDLE : RS_INACTIVE;
1770 s->mon_chr = mon_chr;
1771 s->current_syscall_cb = NULL;
1773 return 0;
1775 #endif