Plumb the HAXM-based hardware acceleration support
[qemu/ar7.git] / gdbstub.c
blobde9b62b8f8628cbb731135cd878b2429b924f2d1
1 /*
2 * gdb server stub
4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/cutils.h"
22 #include "cpu.h"
23 #ifdef CONFIG_USER_ONLY
24 #include "qemu.h"
25 #else
26 #include "monitor/monitor.h"
27 #include "sysemu/char.h"
28 #include "sysemu/sysemu.h"
29 #include "exec/gdbstub.h"
30 #endif
32 #define MAX_PACKET_LENGTH 4096
34 #include "qemu/sockets.h"
35 #include "sysemu/hw_accel.h"
36 #include "sysemu/kvm.h"
37 #include "exec/semihost.h"
38 #include "exec/exec-all.h"
40 #ifdef CONFIG_USER_ONLY
41 #define GDB_ATTACHED "0"
42 #else
43 #define GDB_ATTACHED "1"
44 #endif
46 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
47 uint8_t *buf, int len, bool is_write)
49 CPUClass *cc = CPU_GET_CLASS(cpu);
51 if (cc->memory_rw_debug) {
52 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
54 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
57 enum {
58 GDB_SIGNAL_0 = 0,
59 GDB_SIGNAL_INT = 2,
60 GDB_SIGNAL_QUIT = 3,
61 GDB_SIGNAL_TRAP = 5,
62 GDB_SIGNAL_ABRT = 6,
63 GDB_SIGNAL_ALRM = 14,
64 GDB_SIGNAL_IO = 23,
65 GDB_SIGNAL_XCPU = 24,
66 GDB_SIGNAL_UNKNOWN = 143
69 #ifdef CONFIG_USER_ONLY
71 /* Map target signal numbers to GDB protocol signal numbers and vice
72 * versa. For user emulation's currently supported systems, we can
73 * assume most signals are defined.
76 static int gdb_signal_table[] = {
78 TARGET_SIGHUP,
79 TARGET_SIGINT,
80 TARGET_SIGQUIT,
81 TARGET_SIGILL,
82 TARGET_SIGTRAP,
83 TARGET_SIGABRT,
84 -1, /* SIGEMT */
85 TARGET_SIGFPE,
86 TARGET_SIGKILL,
87 TARGET_SIGBUS,
88 TARGET_SIGSEGV,
89 TARGET_SIGSYS,
90 TARGET_SIGPIPE,
91 TARGET_SIGALRM,
92 TARGET_SIGTERM,
93 TARGET_SIGURG,
94 TARGET_SIGSTOP,
95 TARGET_SIGTSTP,
96 TARGET_SIGCONT,
97 TARGET_SIGCHLD,
98 TARGET_SIGTTIN,
99 TARGET_SIGTTOU,
100 TARGET_SIGIO,
101 TARGET_SIGXCPU,
102 TARGET_SIGXFSZ,
103 TARGET_SIGVTALRM,
104 TARGET_SIGPROF,
105 TARGET_SIGWINCH,
106 -1, /* SIGLOST */
107 TARGET_SIGUSR1,
108 TARGET_SIGUSR2,
109 #ifdef TARGET_SIGPWR
110 TARGET_SIGPWR,
111 #else
113 #endif
114 -1, /* SIGPOLL */
126 #ifdef __SIGRTMIN
127 __SIGRTMIN + 1,
128 __SIGRTMIN + 2,
129 __SIGRTMIN + 3,
130 __SIGRTMIN + 4,
131 __SIGRTMIN + 5,
132 __SIGRTMIN + 6,
133 __SIGRTMIN + 7,
134 __SIGRTMIN + 8,
135 __SIGRTMIN + 9,
136 __SIGRTMIN + 10,
137 __SIGRTMIN + 11,
138 __SIGRTMIN + 12,
139 __SIGRTMIN + 13,
140 __SIGRTMIN + 14,
141 __SIGRTMIN + 15,
142 __SIGRTMIN + 16,
143 __SIGRTMIN + 17,
144 __SIGRTMIN + 18,
145 __SIGRTMIN + 19,
146 __SIGRTMIN + 20,
147 __SIGRTMIN + 21,
148 __SIGRTMIN + 22,
149 __SIGRTMIN + 23,
150 __SIGRTMIN + 24,
151 __SIGRTMIN + 25,
152 __SIGRTMIN + 26,
153 __SIGRTMIN + 27,
154 __SIGRTMIN + 28,
155 __SIGRTMIN + 29,
156 __SIGRTMIN + 30,
157 __SIGRTMIN + 31,
158 -1, /* SIGCANCEL */
159 __SIGRTMIN,
160 __SIGRTMIN + 32,
161 __SIGRTMIN + 33,
162 __SIGRTMIN + 34,
163 __SIGRTMIN + 35,
164 __SIGRTMIN + 36,
165 __SIGRTMIN + 37,
166 __SIGRTMIN + 38,
167 __SIGRTMIN + 39,
168 __SIGRTMIN + 40,
169 __SIGRTMIN + 41,
170 __SIGRTMIN + 42,
171 __SIGRTMIN + 43,
172 __SIGRTMIN + 44,
173 __SIGRTMIN + 45,
174 __SIGRTMIN + 46,
175 __SIGRTMIN + 47,
176 __SIGRTMIN + 48,
177 __SIGRTMIN + 49,
178 __SIGRTMIN + 50,
179 __SIGRTMIN + 51,
180 __SIGRTMIN + 52,
181 __SIGRTMIN + 53,
182 __SIGRTMIN + 54,
183 __SIGRTMIN + 55,
184 __SIGRTMIN + 56,
185 __SIGRTMIN + 57,
186 __SIGRTMIN + 58,
187 __SIGRTMIN + 59,
188 __SIGRTMIN + 60,
189 __SIGRTMIN + 61,
190 __SIGRTMIN + 62,
191 __SIGRTMIN + 63,
192 __SIGRTMIN + 64,
193 __SIGRTMIN + 65,
194 __SIGRTMIN + 66,
195 __SIGRTMIN + 67,
196 __SIGRTMIN + 68,
197 __SIGRTMIN + 69,
198 __SIGRTMIN + 70,
199 __SIGRTMIN + 71,
200 __SIGRTMIN + 72,
201 __SIGRTMIN + 73,
202 __SIGRTMIN + 74,
203 __SIGRTMIN + 75,
204 __SIGRTMIN + 76,
205 __SIGRTMIN + 77,
206 __SIGRTMIN + 78,
207 __SIGRTMIN + 79,
208 __SIGRTMIN + 80,
209 __SIGRTMIN + 81,
210 __SIGRTMIN + 82,
211 __SIGRTMIN + 83,
212 __SIGRTMIN + 84,
213 __SIGRTMIN + 85,
214 __SIGRTMIN + 86,
215 __SIGRTMIN + 87,
216 __SIGRTMIN + 88,
217 __SIGRTMIN + 89,
218 __SIGRTMIN + 90,
219 __SIGRTMIN + 91,
220 __SIGRTMIN + 92,
221 __SIGRTMIN + 93,
222 __SIGRTMIN + 94,
223 __SIGRTMIN + 95,
224 -1, /* SIGINFO */
225 -1, /* UNKNOWN */
226 -1, /* DEFAULT */
233 #endif
235 #else
236 /* In system mode we only need SIGINT and SIGTRAP; other signals
237 are not yet supported. */
239 enum {
240 TARGET_SIGINT = 2,
241 TARGET_SIGTRAP = 5
244 static int gdb_signal_table[] = {
247 TARGET_SIGINT,
250 TARGET_SIGTRAP
252 #endif
254 #ifdef CONFIG_USER_ONLY
255 static int target_signal_to_gdb (int sig)
257 int i;
258 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
259 if (gdb_signal_table[i] == sig)
260 return i;
261 return GDB_SIGNAL_UNKNOWN;
263 #endif
265 static int gdb_signal_to_target (int sig)
267 if (sig < ARRAY_SIZE (gdb_signal_table))
268 return gdb_signal_table[sig];
269 else
270 return -1;
273 //#define DEBUG_GDB
275 typedef struct GDBRegisterState {
276 int base_reg;
277 int num_regs;
278 gdb_reg_cb get_reg;
279 gdb_reg_cb set_reg;
280 const char *xml;
281 struct GDBRegisterState *next;
282 } GDBRegisterState;
284 enum RSState {
285 RS_INACTIVE,
286 RS_IDLE,
287 RS_GETLINE,
288 RS_CHKSUM1,
289 RS_CHKSUM2,
291 typedef struct GDBState {
292 CPUState *c_cpu; /* current CPU for step/continue ops */
293 CPUState *g_cpu; /* current CPU for other ops */
294 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
295 enum RSState state; /* parsing state */
296 char line_buf[MAX_PACKET_LENGTH];
297 int line_buf_index;
298 int line_csum;
299 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
300 int last_packet_len;
301 int signal;
302 #ifdef CONFIG_USER_ONLY
303 int fd;
304 int running_state;
305 #else
306 CharBackend chr;
307 CharDriverState *mon_chr;
308 #endif
309 char syscall_buf[256];
310 gdb_syscall_complete_cb current_syscall_cb;
311 } GDBState;
313 /* By default use no IRQs and no timers while single stepping so as to
314 * make single stepping like an ICE HW step.
316 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
318 static GDBState *gdbserver_state;
320 bool gdb_has_xml;
322 #ifdef CONFIG_USER_ONLY
323 /* XXX: This is not thread safe. Do we care? */
324 static int gdbserver_fd = -1;
326 static int get_char(GDBState *s)
328 uint8_t ch;
329 int ret;
331 for(;;) {
332 ret = qemu_recv(s->fd, &ch, 1, 0);
333 if (ret < 0) {
334 if (errno == ECONNRESET)
335 s->fd = -1;
336 if (errno != EINTR)
337 return -1;
338 } else if (ret == 0) {
339 close(s->fd);
340 s->fd = -1;
341 return -1;
342 } else {
343 break;
346 return ch;
348 #endif
350 static enum {
351 GDB_SYS_UNKNOWN,
352 GDB_SYS_ENABLED,
353 GDB_SYS_DISABLED,
354 } gdb_syscall_mode;
356 /* Decide if either remote gdb syscalls or native file IO should be used. */
357 int use_gdb_syscalls(void)
359 SemihostingTarget target = semihosting_get_target();
360 if (target == SEMIHOSTING_TARGET_NATIVE) {
361 /* -semihosting-config target=native */
362 return false;
363 } else if (target == SEMIHOSTING_TARGET_GDB) {
364 /* -semihosting-config target=gdb */
365 return true;
368 /* -semihosting-config target=auto */
369 /* On the first call check if gdb is connected and remember. */
370 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
371 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
372 : GDB_SYS_DISABLED);
374 return gdb_syscall_mode == GDB_SYS_ENABLED;
377 /* Resume execution. */
378 static inline void gdb_continue(GDBState *s)
380 #ifdef CONFIG_USER_ONLY
381 s->running_state = 1;
382 #else
383 if (!runstate_needs_reset()) {
384 vm_start();
386 #endif
389 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
391 #ifdef CONFIG_USER_ONLY
392 int ret;
394 while (len > 0) {
395 ret = send(s->fd, buf, len, 0);
396 if (ret < 0) {
397 if (errno != EINTR)
398 return;
399 } else {
400 buf += ret;
401 len -= ret;
404 #else
405 /* XXX this blocks entire thread. Rewrite to use
406 * qemu_chr_fe_write and background I/O callbacks */
407 qemu_chr_fe_write_all(&s->chr, buf, len);
408 #endif
411 static inline int fromhex(int v)
413 if (v >= '0' && v <= '9')
414 return v - '0';
415 else if (v >= 'A' && v <= 'F')
416 return v - 'A' + 10;
417 else if (v >= 'a' && v <= 'f')
418 return v - 'a' + 10;
419 else
420 return 0;
423 static inline int tohex(int v)
425 if (v < 10)
426 return v + '0';
427 else
428 return v - 10 + 'a';
431 static void memtohex(char *buf, const uint8_t *mem, int len)
433 int i, c;
434 char *q;
435 q = buf;
436 for(i = 0; i < len; i++) {
437 c = mem[i];
438 *q++ = tohex(c >> 4);
439 *q++ = tohex(c & 0xf);
441 *q = '\0';
444 static void hextomem(uint8_t *mem, const char *buf, int len)
446 int i;
448 for(i = 0; i < len; i++) {
449 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
450 buf += 2;
454 /* return -1 if error, 0 if OK */
455 static int put_packet_binary(GDBState *s, const char *buf, int len)
457 int csum, i;
458 uint8_t *p;
460 for(;;) {
461 p = s->last_packet;
462 *(p++) = '$';
463 memcpy(p, buf, len);
464 p += len;
465 csum = 0;
466 for(i = 0; i < len; i++) {
467 csum += buf[i];
469 *(p++) = '#';
470 *(p++) = tohex((csum >> 4) & 0xf);
471 *(p++) = tohex((csum) & 0xf);
473 s->last_packet_len = p - s->last_packet;
474 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
476 #ifdef CONFIG_USER_ONLY
477 i = get_char(s);
478 if (i < 0)
479 return -1;
480 if (i == '+')
481 break;
482 #else
483 break;
484 #endif
486 return 0;
489 /* return -1 if error, 0 if OK */
490 static int put_packet(GDBState *s, const char *buf)
492 #ifdef DEBUG_GDB
493 printf("reply='%s'\n", buf);
494 #endif
496 return put_packet_binary(s, buf, strlen(buf));
499 /* Encode data using the encoding for 'x' packets. */
500 static int memtox(char *buf, const char *mem, int len)
502 char *p = buf;
503 char c;
505 while (len--) {
506 c = *(mem++);
507 switch (c) {
508 case '#': case '$': case '*': case '}':
509 *(p++) = '}';
510 *(p++) = c ^ 0x20;
511 break;
512 default:
513 *(p++) = c;
514 break;
517 return p - buf;
520 static const char *get_feature_xml(const char *p, const char **newp,
521 CPUClass *cc)
523 size_t len;
524 int i;
525 const char *name;
526 static char target_xml[1024];
528 len = 0;
529 while (p[len] && p[len] != ':')
530 len++;
531 *newp = p + len;
533 name = NULL;
534 if (strncmp(p, "target.xml", len) == 0) {
535 /* Generate the XML description for this CPU. */
536 if (!target_xml[0]) {
537 GDBRegisterState *r;
538 CPUState *cpu = first_cpu;
540 pstrcat(target_xml, sizeof(target_xml),
541 "<?xml version=\"1.0\"?>"
542 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
543 "<target>");
544 if (cc->gdb_arch_name) {
545 gchar *arch = cc->gdb_arch_name(cpu);
546 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
547 pstrcat(target_xml, sizeof(target_xml), arch);
548 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
549 g_free(arch);
551 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
552 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
553 pstrcat(target_xml, sizeof(target_xml), "\"/>");
554 for (r = cpu->gdb_regs; r; r = r->next) {
555 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
556 pstrcat(target_xml, sizeof(target_xml), r->xml);
557 pstrcat(target_xml, sizeof(target_xml), "\"/>");
559 pstrcat(target_xml, sizeof(target_xml), "</target>");
561 return target_xml;
563 for (i = 0; ; i++) {
564 name = xml_builtin[i][0];
565 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
566 break;
568 return name ? xml_builtin[i][1] : NULL;
571 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
573 CPUClass *cc = CPU_GET_CLASS(cpu);
574 CPUArchState *env = cpu->env_ptr;
575 GDBRegisterState *r;
577 if (reg < cc->gdb_num_core_regs) {
578 return cc->gdb_read_register(cpu, mem_buf, reg);
581 for (r = cpu->gdb_regs; r; r = r->next) {
582 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
583 return r->get_reg(env, mem_buf, reg - r->base_reg);
586 return 0;
589 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
591 CPUClass *cc = CPU_GET_CLASS(cpu);
592 CPUArchState *env = cpu->env_ptr;
593 GDBRegisterState *r;
595 if (reg < cc->gdb_num_core_regs) {
596 return cc->gdb_write_register(cpu, mem_buf, reg);
599 for (r = cpu->gdb_regs; r; r = r->next) {
600 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
601 return r->set_reg(env, mem_buf, reg - r->base_reg);
604 return 0;
607 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
608 specifies the first register number and these registers are included in
609 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
610 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
613 void gdb_register_coprocessor(CPUState *cpu,
614 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
615 int num_regs, const char *xml, int g_pos)
617 GDBRegisterState *s;
618 GDBRegisterState **p;
620 p = &cpu->gdb_regs;
621 while (*p) {
622 /* Check for duplicates. */
623 if (strcmp((*p)->xml, xml) == 0)
624 return;
625 p = &(*p)->next;
628 s = g_new0(GDBRegisterState, 1);
629 s->base_reg = cpu->gdb_num_regs;
630 s->num_regs = num_regs;
631 s->get_reg = get_reg;
632 s->set_reg = set_reg;
633 s->xml = xml;
635 /* Add to end of list. */
636 cpu->gdb_num_regs += num_regs;
637 *p = s;
638 if (g_pos) {
639 if (g_pos != s->base_reg) {
640 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
641 "Expected %d got %d\n", xml, g_pos, s->base_reg);
642 } else {
643 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
648 #ifndef CONFIG_USER_ONLY
649 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
650 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
652 static const int xlat[] = {
653 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
654 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
655 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
658 CPUClass *cc = CPU_GET_CLASS(cpu);
659 int cputype = xlat[gdbtype];
661 if (cc->gdb_stop_before_watchpoint) {
662 cputype |= BP_STOP_BEFORE_ACCESS;
664 return cputype;
666 #endif
668 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
670 CPUState *cpu;
671 int err = 0;
673 if (kvm_enabled()) {
674 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
677 switch (type) {
678 case GDB_BREAKPOINT_SW:
679 case GDB_BREAKPOINT_HW:
680 CPU_FOREACH(cpu) {
681 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
682 if (err) {
683 break;
686 return err;
687 #ifndef CONFIG_USER_ONLY
688 case GDB_WATCHPOINT_WRITE:
689 case GDB_WATCHPOINT_READ:
690 case GDB_WATCHPOINT_ACCESS:
691 CPU_FOREACH(cpu) {
692 err = cpu_watchpoint_insert(cpu, addr, len,
693 xlat_gdb_type(cpu, type), NULL);
694 if (err) {
695 break;
698 return err;
699 #endif
700 default:
701 return -ENOSYS;
705 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
707 CPUState *cpu;
708 int err = 0;
710 if (kvm_enabled()) {
711 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
714 switch (type) {
715 case GDB_BREAKPOINT_SW:
716 case GDB_BREAKPOINT_HW:
717 CPU_FOREACH(cpu) {
718 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
719 if (err) {
720 break;
723 return err;
724 #ifndef CONFIG_USER_ONLY
725 case GDB_WATCHPOINT_WRITE:
726 case GDB_WATCHPOINT_READ:
727 case GDB_WATCHPOINT_ACCESS:
728 CPU_FOREACH(cpu) {
729 err = cpu_watchpoint_remove(cpu, addr, len,
730 xlat_gdb_type(cpu, type));
731 if (err)
732 break;
734 return err;
735 #endif
736 default:
737 return -ENOSYS;
741 static void gdb_breakpoint_remove_all(void)
743 CPUState *cpu;
745 if (kvm_enabled()) {
746 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
747 return;
750 CPU_FOREACH(cpu) {
751 cpu_breakpoint_remove_all(cpu, BP_GDB);
752 #ifndef CONFIG_USER_ONLY
753 cpu_watchpoint_remove_all(cpu, BP_GDB);
754 #endif
758 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
760 CPUState *cpu = s->c_cpu;
762 cpu_synchronize_state(cpu);
763 cpu_set_pc(cpu, pc);
766 static CPUState *find_cpu(uint32_t thread_id)
768 CPUState *cpu;
770 CPU_FOREACH(cpu) {
771 if (cpu_index(cpu) == thread_id) {
772 return cpu;
776 return NULL;
779 static int is_query_packet(const char *p, const char *query, char separator)
781 unsigned int query_len = strlen(query);
783 return strncmp(p, query, query_len) == 0 &&
784 (p[query_len] == '\0' || p[query_len] == separator);
787 static int gdb_handle_packet(GDBState *s, const char *line_buf)
789 CPUState *cpu;
790 CPUClass *cc;
791 const char *p;
792 uint32_t thread;
793 int ch, reg_size, type, res;
794 char buf[MAX_PACKET_LENGTH];
795 uint8_t mem_buf[MAX_PACKET_LENGTH];
796 uint8_t *registers;
797 target_ulong addr, len;
799 #ifdef DEBUG_GDB
800 printf("command='%s'\n", line_buf);
801 #endif
802 p = line_buf;
803 ch = *p++;
804 switch(ch) {
805 case '?':
806 /* TODO: Make this return the correct value for user-mode. */
807 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
808 cpu_index(s->c_cpu));
809 put_packet(s, buf);
810 /* Remove all the breakpoints when this query is issued,
811 * because gdb is doing and initial connect and the state
812 * should be cleaned up.
814 gdb_breakpoint_remove_all();
815 break;
816 case 'c':
817 if (*p != '\0') {
818 addr = strtoull(p, (char **)&p, 16);
819 gdb_set_cpu_pc(s, addr);
821 s->signal = 0;
822 gdb_continue(s);
823 return RS_IDLE;
824 case 'C':
825 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
826 if (s->signal == -1)
827 s->signal = 0;
828 gdb_continue(s);
829 return RS_IDLE;
830 case 'v':
831 if (strncmp(p, "Cont", 4) == 0) {
832 int res_signal, res_thread;
834 p += 4;
835 if (*p == '?') {
836 put_packet(s, "vCont;c;C;s;S");
837 break;
839 res = 0;
840 res_signal = 0;
841 res_thread = 0;
842 while (*p) {
843 int action, signal;
845 if (*p++ != ';') {
846 res = 0;
847 break;
849 action = *p++;
850 signal = 0;
851 if (action == 'C' || action == 'S') {
852 signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
853 if (signal == -1) {
854 signal = 0;
856 } else if (action != 'c' && action != 's') {
857 res = 0;
858 break;
860 thread = 0;
861 if (*p == ':') {
862 thread = strtoull(p+1, (char **)&p, 16);
864 action = tolower(action);
865 if (res == 0 || (res == 'c' && action == 's')) {
866 res = action;
867 res_signal = signal;
868 res_thread = thread;
871 if (res) {
872 if (res_thread != -1 && res_thread != 0) {
873 cpu = find_cpu(res_thread);
874 if (cpu == NULL) {
875 put_packet(s, "E22");
876 break;
878 s->c_cpu = cpu;
880 if (res == 's') {
881 cpu_single_step(s->c_cpu, sstep_flags);
883 s->signal = res_signal;
884 gdb_continue(s);
885 return RS_IDLE;
887 break;
888 } else {
889 goto unknown_command;
891 case 'k':
892 /* Kill the target */
893 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
894 exit(0);
895 case 'D':
896 /* Detach packet */
897 gdb_breakpoint_remove_all();
898 gdb_syscall_mode = GDB_SYS_DISABLED;
899 gdb_continue(s);
900 put_packet(s, "OK");
901 break;
902 case 's':
903 if (*p != '\0') {
904 addr = strtoull(p, (char **)&p, 16);
905 gdb_set_cpu_pc(s, addr);
907 cpu_single_step(s->c_cpu, sstep_flags);
908 gdb_continue(s);
909 return RS_IDLE;
910 case 'F':
912 target_ulong ret;
913 target_ulong err;
915 ret = strtoull(p, (char **)&p, 16);
916 if (*p == ',') {
917 p++;
918 err = strtoull(p, (char **)&p, 16);
919 } else {
920 err = 0;
922 if (*p == ',')
923 p++;
924 type = *p;
925 if (s->current_syscall_cb) {
926 s->current_syscall_cb(s->c_cpu, ret, err);
927 s->current_syscall_cb = NULL;
929 if (type == 'C') {
930 put_packet(s, "T02");
931 } else {
932 gdb_continue(s);
935 break;
936 case 'g':
937 cpu_synchronize_state(s->g_cpu);
938 len = 0;
939 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
940 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
941 len += reg_size;
943 memtohex(buf, mem_buf, len);
944 put_packet(s, buf);
945 break;
946 case 'G':
947 cpu_synchronize_state(s->g_cpu);
948 registers = mem_buf;
949 len = strlen(p) / 2;
950 hextomem((uint8_t *)registers, p, len);
951 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
952 reg_size = gdb_write_register(s->g_cpu, registers, addr);
953 len -= reg_size;
954 registers += reg_size;
956 put_packet(s, "OK");
957 break;
958 case 'm':
959 addr = strtoull(p, (char **)&p, 16);
960 if (*p == ',')
961 p++;
962 len = strtoull(p, NULL, 16);
964 /* memtohex() doubles the required space */
965 if (len > MAX_PACKET_LENGTH / 2) {
966 put_packet (s, "E22");
967 break;
970 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
971 put_packet (s, "E14");
972 } else {
973 memtohex(buf, mem_buf, len);
974 put_packet(s, buf);
976 break;
977 case 'M':
978 addr = strtoull(p, (char **)&p, 16);
979 if (*p == ',')
980 p++;
981 len = strtoull(p, (char **)&p, 16);
982 if (*p == ':')
983 p++;
985 /* hextomem() reads 2*len bytes */
986 if (len > strlen(p) / 2) {
987 put_packet (s, "E22");
988 break;
990 hextomem(mem_buf, p, len);
991 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
992 true) != 0) {
993 put_packet(s, "E14");
994 } else {
995 put_packet(s, "OK");
997 break;
998 case 'p':
999 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1000 This works, but can be very slow. Anything new enough to
1001 understand XML also knows how to use this properly. */
1002 if (!gdb_has_xml)
1003 goto unknown_command;
1004 addr = strtoull(p, (char **)&p, 16);
1005 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1006 if (reg_size) {
1007 memtohex(buf, mem_buf, reg_size);
1008 put_packet(s, buf);
1009 } else {
1010 put_packet(s, "E14");
1012 break;
1013 case 'P':
1014 if (!gdb_has_xml)
1015 goto unknown_command;
1016 addr = strtoull(p, (char **)&p, 16);
1017 if (*p == '=')
1018 p++;
1019 reg_size = strlen(p) / 2;
1020 hextomem(mem_buf, p, reg_size);
1021 gdb_write_register(s->g_cpu, mem_buf, addr);
1022 put_packet(s, "OK");
1023 break;
1024 case 'Z':
1025 case 'z':
1026 type = strtoul(p, (char **)&p, 16);
1027 if (*p == ',')
1028 p++;
1029 addr = strtoull(p, (char **)&p, 16);
1030 if (*p == ',')
1031 p++;
1032 len = strtoull(p, (char **)&p, 16);
1033 if (ch == 'Z')
1034 res = gdb_breakpoint_insert(addr, len, type);
1035 else
1036 res = gdb_breakpoint_remove(addr, len, type);
1037 if (res >= 0)
1038 put_packet(s, "OK");
1039 else if (res == -ENOSYS)
1040 put_packet(s, "");
1041 else
1042 put_packet(s, "E22");
1043 break;
1044 case 'H':
1045 type = *p++;
1046 thread = strtoull(p, (char **)&p, 16);
1047 if (thread == -1 || thread == 0) {
1048 put_packet(s, "OK");
1049 break;
1051 cpu = find_cpu(thread);
1052 if (cpu == NULL) {
1053 put_packet(s, "E22");
1054 break;
1056 switch (type) {
1057 case 'c':
1058 s->c_cpu = cpu;
1059 put_packet(s, "OK");
1060 break;
1061 case 'g':
1062 s->g_cpu = cpu;
1063 put_packet(s, "OK");
1064 break;
1065 default:
1066 put_packet(s, "E22");
1067 break;
1069 break;
1070 case 'T':
1071 thread = strtoull(p, (char **)&p, 16);
1072 cpu = find_cpu(thread);
1074 if (cpu != NULL) {
1075 put_packet(s, "OK");
1076 } else {
1077 put_packet(s, "E22");
1079 break;
1080 case 'q':
1081 case 'Q':
1082 /* parse any 'q' packets here */
1083 if (!strcmp(p,"qemu.sstepbits")) {
1084 /* Query Breakpoint bit definitions */
1085 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1086 SSTEP_ENABLE,
1087 SSTEP_NOIRQ,
1088 SSTEP_NOTIMER);
1089 put_packet(s, buf);
1090 break;
1091 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1092 /* Display or change the sstep_flags */
1093 p += 10;
1094 if (*p != '=') {
1095 /* Display current setting */
1096 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1097 put_packet(s, buf);
1098 break;
1100 p++;
1101 type = strtoul(p, (char **)&p, 16);
1102 sstep_flags = type;
1103 put_packet(s, "OK");
1104 break;
1105 } else if (strcmp(p,"C") == 0) {
1106 /* "Current thread" remains vague in the spec, so always return
1107 * the first CPU (gdb returns the first thread). */
1108 put_packet(s, "QC1");
1109 break;
1110 } else if (strcmp(p,"fThreadInfo") == 0) {
1111 s->query_cpu = first_cpu;
1112 goto report_cpuinfo;
1113 } else if (strcmp(p,"sThreadInfo") == 0) {
1114 report_cpuinfo:
1115 if (s->query_cpu) {
1116 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1117 put_packet(s, buf);
1118 s->query_cpu = CPU_NEXT(s->query_cpu);
1119 } else
1120 put_packet(s, "l");
1121 break;
1122 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1123 thread = strtoull(p+16, (char **)&p, 16);
1124 cpu = find_cpu(thread);
1125 if (cpu != NULL) {
1126 cpu_synchronize_state(cpu);
1127 /* memtohex() doubles the required space */
1128 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1129 "CPU#%d [%s]", cpu->cpu_index,
1130 cpu->halted ? "halted " : "running");
1131 memtohex(buf, mem_buf, len);
1132 put_packet(s, buf);
1134 break;
1136 #ifdef CONFIG_USER_ONLY
1137 else if (strcmp(p, "Offsets") == 0) {
1138 TaskState *ts = s->c_cpu->opaque;
1140 snprintf(buf, sizeof(buf),
1141 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1142 ";Bss=" TARGET_ABI_FMT_lx,
1143 ts->info->code_offset,
1144 ts->info->data_offset,
1145 ts->info->data_offset);
1146 put_packet(s, buf);
1147 break;
1149 #else /* !CONFIG_USER_ONLY */
1150 else if (strncmp(p, "Rcmd,", 5) == 0) {
1151 int len = strlen(p + 5);
1153 if ((len % 2) != 0) {
1154 put_packet(s, "E01");
1155 break;
1157 len = len / 2;
1158 hextomem(mem_buf, p + 5, len);
1159 mem_buf[len++] = 0;
1160 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1161 put_packet(s, "OK");
1162 break;
1164 #endif /* !CONFIG_USER_ONLY */
1165 if (is_query_packet(p, "Supported", ':')) {
1166 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1167 cc = CPU_GET_CLASS(first_cpu);
1168 if (cc->gdb_core_xml_file != NULL) {
1169 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1171 put_packet(s, buf);
1172 break;
1174 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1175 const char *xml;
1176 target_ulong total_len;
1178 cc = CPU_GET_CLASS(first_cpu);
1179 if (cc->gdb_core_xml_file == NULL) {
1180 goto unknown_command;
1183 gdb_has_xml = true;
1184 p += 19;
1185 xml = get_feature_xml(p, &p, cc);
1186 if (!xml) {
1187 snprintf(buf, sizeof(buf), "E00");
1188 put_packet(s, buf);
1189 break;
1192 if (*p == ':')
1193 p++;
1194 addr = strtoul(p, (char **)&p, 16);
1195 if (*p == ',')
1196 p++;
1197 len = strtoul(p, (char **)&p, 16);
1199 total_len = strlen(xml);
1200 if (addr > total_len) {
1201 snprintf(buf, sizeof(buf), "E00");
1202 put_packet(s, buf);
1203 break;
1205 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1206 len = (MAX_PACKET_LENGTH - 5) / 2;
1207 if (len < total_len - addr) {
1208 buf[0] = 'm';
1209 len = memtox(buf + 1, xml + addr, len);
1210 } else {
1211 buf[0] = 'l';
1212 len = memtox(buf + 1, xml + addr, total_len - addr);
1214 put_packet_binary(s, buf, len + 1);
1215 break;
1217 if (is_query_packet(p, "Attached", ':')) {
1218 put_packet(s, GDB_ATTACHED);
1219 break;
1221 /* Unrecognised 'q' command. */
1222 goto unknown_command;
1224 default:
1225 unknown_command:
1226 /* put empty packet */
1227 buf[0] = '\0';
1228 put_packet(s, buf);
1229 break;
1231 return RS_IDLE;
1234 void gdb_set_stop_cpu(CPUState *cpu)
1236 gdbserver_state->c_cpu = cpu;
1237 gdbserver_state->g_cpu = cpu;
1240 #ifndef CONFIG_USER_ONLY
1241 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1243 GDBState *s = gdbserver_state;
1244 CPUState *cpu = s->c_cpu;
1245 char buf[256];
1246 const char *type;
1247 int ret;
1249 if (running || s->state == RS_INACTIVE) {
1250 return;
1252 /* Is there a GDB syscall waiting to be sent? */
1253 if (s->current_syscall_cb) {
1254 put_packet(s, s->syscall_buf);
1255 return;
1257 switch (state) {
1258 case RUN_STATE_DEBUG:
1259 if (cpu->watchpoint_hit) {
1260 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1261 case BP_MEM_READ:
1262 type = "r";
1263 break;
1264 case BP_MEM_ACCESS:
1265 type = "a";
1266 break;
1267 default:
1268 type = "";
1269 break;
1271 snprintf(buf, sizeof(buf),
1272 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1273 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1274 (target_ulong)cpu->watchpoint_hit->vaddr);
1275 cpu->watchpoint_hit = NULL;
1276 goto send_packet;
1278 tb_flush(cpu);
1279 ret = GDB_SIGNAL_TRAP;
1280 break;
1281 case RUN_STATE_PAUSED:
1282 ret = GDB_SIGNAL_INT;
1283 break;
1284 case RUN_STATE_SHUTDOWN:
1285 ret = GDB_SIGNAL_QUIT;
1286 break;
1287 case RUN_STATE_IO_ERROR:
1288 ret = GDB_SIGNAL_IO;
1289 break;
1290 case RUN_STATE_WATCHDOG:
1291 ret = GDB_SIGNAL_ALRM;
1292 break;
1293 case RUN_STATE_INTERNAL_ERROR:
1294 ret = GDB_SIGNAL_ABRT;
1295 break;
1296 case RUN_STATE_SAVE_VM:
1297 case RUN_STATE_RESTORE_VM:
1298 return;
1299 case RUN_STATE_FINISH_MIGRATE:
1300 ret = GDB_SIGNAL_XCPU;
1301 break;
1302 default:
1303 ret = GDB_SIGNAL_UNKNOWN;
1304 break;
1306 gdb_set_stop_cpu(cpu);
1307 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1309 send_packet:
1310 put_packet(s, buf);
1312 /* disable single step if it was enabled */
1313 cpu_single_step(cpu, 0);
1315 #endif
1317 /* Send a gdb syscall request.
1318 This accepts limited printf-style format specifiers, specifically:
1319 %x - target_ulong argument printed in hex.
1320 %lx - 64-bit argument printed in hex.
1321 %s - string pointer (target_ulong) and length (int) pair. */
1322 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1324 char *p;
1325 char *p_end;
1326 target_ulong addr;
1327 uint64_t i64;
1328 GDBState *s;
1330 s = gdbserver_state;
1331 if (!s)
1332 return;
1333 s->current_syscall_cb = cb;
1334 #ifndef CONFIG_USER_ONLY
1335 vm_stop(RUN_STATE_DEBUG);
1336 #endif
1337 p = s->syscall_buf;
1338 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1339 *(p++) = 'F';
1340 while (*fmt) {
1341 if (*fmt == '%') {
1342 fmt++;
1343 switch (*fmt++) {
1344 case 'x':
1345 addr = va_arg(va, target_ulong);
1346 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1347 break;
1348 case 'l':
1349 if (*(fmt++) != 'x')
1350 goto bad_format;
1351 i64 = va_arg(va, uint64_t);
1352 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1353 break;
1354 case 's':
1355 addr = va_arg(va, target_ulong);
1356 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1357 addr, va_arg(va, int));
1358 break;
1359 default:
1360 bad_format:
1361 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1362 fmt - 1);
1363 break;
1365 } else {
1366 *(p++) = *(fmt++);
1369 *p = 0;
1370 #ifdef CONFIG_USER_ONLY
1371 put_packet(s, s->syscall_buf);
1372 gdb_handlesig(s->c_cpu, 0);
1373 #else
1374 /* In this case wait to send the syscall packet until notification that
1375 the CPU has stopped. This must be done because if the packet is sent
1376 now the reply from the syscall request could be received while the CPU
1377 is still in the running state, which can cause packets to be dropped
1378 and state transition 'T' packets to be sent while the syscall is still
1379 being processed. */
1380 qemu_cpu_kick(s->c_cpu);
1381 #endif
1384 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1386 va_list va;
1388 va_start(va, fmt);
1389 gdb_do_syscallv(cb, fmt, va);
1390 va_end(va);
1393 static void gdb_read_byte(GDBState *s, int ch)
1395 int i, csum;
1396 uint8_t reply;
1398 #ifndef CONFIG_USER_ONLY
1399 if (s->last_packet_len) {
1400 /* Waiting for a response to the last packet. If we see the start
1401 of a new command then abandon the previous response. */
1402 if (ch == '-') {
1403 #ifdef DEBUG_GDB
1404 printf("Got NACK, retransmitting\n");
1405 #endif
1406 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1408 #ifdef DEBUG_GDB
1409 else if (ch == '+')
1410 printf("Got ACK\n");
1411 else
1412 printf("Got '%c' when expecting ACK/NACK\n", ch);
1413 #endif
1414 if (ch == '+' || ch == '$')
1415 s->last_packet_len = 0;
1416 if (ch != '$')
1417 return;
1419 if (runstate_is_running()) {
1420 /* when the CPU is running, we cannot do anything except stop
1421 it when receiving a char */
1422 vm_stop(RUN_STATE_PAUSED);
1423 } else
1424 #endif
1426 switch(s->state) {
1427 case RS_IDLE:
1428 if (ch == '$') {
1429 s->line_buf_index = 0;
1430 s->state = RS_GETLINE;
1432 break;
1433 case RS_GETLINE:
1434 if (ch == '#') {
1435 s->state = RS_CHKSUM1;
1436 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1437 s->state = RS_IDLE;
1438 } else {
1439 s->line_buf[s->line_buf_index++] = ch;
1441 break;
1442 case RS_CHKSUM1:
1443 s->line_buf[s->line_buf_index] = '\0';
1444 s->line_csum = fromhex(ch) << 4;
1445 s->state = RS_CHKSUM2;
1446 break;
1447 case RS_CHKSUM2:
1448 s->line_csum |= fromhex(ch);
1449 csum = 0;
1450 for(i = 0; i < s->line_buf_index; i++) {
1451 csum += s->line_buf[i];
1453 if (s->line_csum != (csum & 0xff)) {
1454 reply = '-';
1455 put_buffer(s, &reply, 1);
1456 s->state = RS_IDLE;
1457 } else {
1458 reply = '+';
1459 put_buffer(s, &reply, 1);
1460 s->state = gdb_handle_packet(s, s->line_buf);
1462 break;
1463 default:
1464 abort();
1469 /* Tell the remote gdb that the process has exited. */
1470 void gdb_exit(CPUArchState *env, int code)
1472 GDBState *s;
1473 char buf[4];
1474 #ifndef CONFIG_USER_ONLY
1475 CharDriverState *chr;
1476 #endif
1478 s = gdbserver_state;
1479 if (!s) {
1480 return;
1482 #ifdef CONFIG_USER_ONLY
1483 if (gdbserver_fd < 0 || s->fd < 0) {
1484 return;
1486 #else
1487 chr = qemu_chr_fe_get_driver(&s->chr);
1488 if (!chr) {
1489 return;
1491 #endif
1493 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1494 put_packet(s, buf);
1496 #ifndef CONFIG_USER_ONLY
1497 qemu_chr_fe_deinit(&s->chr);
1498 qemu_chr_delete(chr);
1499 #endif
1502 #ifdef CONFIG_USER_ONLY
1504 gdb_handlesig(CPUState *cpu, int sig)
1506 GDBState *s;
1507 char buf[256];
1508 int n;
1510 s = gdbserver_state;
1511 if (gdbserver_fd < 0 || s->fd < 0) {
1512 return sig;
1515 /* disable single step if it was enabled */
1516 cpu_single_step(cpu, 0);
1517 tb_flush(cpu);
1519 if (sig != 0) {
1520 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1521 put_packet(s, buf);
1523 /* put_packet() might have detected that the peer terminated the
1524 connection. */
1525 if (s->fd < 0) {
1526 return sig;
1529 sig = 0;
1530 s->state = RS_IDLE;
1531 s->running_state = 0;
1532 while (s->running_state == 0) {
1533 n = read(s->fd, buf, 256);
1534 if (n > 0) {
1535 int i;
1537 for (i = 0; i < n; i++) {
1538 gdb_read_byte(s, buf[i]);
1540 } else {
1541 /* XXX: Connection closed. Should probably wait for another
1542 connection before continuing. */
1543 if (n == 0) {
1544 close(s->fd);
1546 s->fd = -1;
1547 return sig;
1550 sig = s->signal;
1551 s->signal = 0;
1552 return sig;
1555 /* Tell the remote gdb that the process has exited due to SIG. */
1556 void gdb_signalled(CPUArchState *env, int sig)
1558 GDBState *s;
1559 char buf[4];
1561 s = gdbserver_state;
1562 if (gdbserver_fd < 0 || s->fd < 0) {
1563 return;
1566 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1567 put_packet(s, buf);
1570 static void gdb_accept(void)
1572 GDBState *s;
1573 struct sockaddr_in sockaddr;
1574 socklen_t len;
1575 int fd;
1577 for(;;) {
1578 len = sizeof(sockaddr);
1579 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1580 if (fd < 0 && errno != EINTR) {
1581 perror("accept");
1582 return;
1583 } else if (fd >= 0) {
1584 #ifndef _WIN32
1585 fcntl(fd, F_SETFD, FD_CLOEXEC);
1586 #endif
1587 break;
1591 /* set short latency */
1592 socket_set_nodelay(fd);
1594 s = g_malloc0(sizeof(GDBState));
1595 s->c_cpu = first_cpu;
1596 s->g_cpu = first_cpu;
1597 s->fd = fd;
1598 gdb_has_xml = false;
1600 gdbserver_state = s;
1603 static int gdbserver_open(int port)
1605 struct sockaddr_in sockaddr;
1606 int fd, ret;
1608 fd = socket(PF_INET, SOCK_STREAM, 0);
1609 if (fd < 0) {
1610 perror("socket");
1611 return -1;
1613 #ifndef _WIN32
1614 fcntl(fd, F_SETFD, FD_CLOEXEC);
1615 #endif
1617 socket_set_fast_reuse(fd);
1619 sockaddr.sin_family = AF_INET;
1620 sockaddr.sin_port = htons(port);
1621 sockaddr.sin_addr.s_addr = 0;
1622 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1623 if (ret < 0) {
1624 perror("bind");
1625 close(fd);
1626 return -1;
1628 ret = listen(fd, 1);
1629 if (ret < 0) {
1630 perror("listen");
1631 close(fd);
1632 return -1;
1634 return fd;
1637 int gdbserver_start(int port)
1639 gdbserver_fd = gdbserver_open(port);
1640 if (gdbserver_fd < 0)
1641 return -1;
1642 /* accept connections */
1643 gdb_accept();
1644 return 0;
1647 /* Disable gdb stub for child processes. */
1648 void gdbserver_fork(CPUState *cpu)
1650 GDBState *s = gdbserver_state;
1652 if (gdbserver_fd < 0 || s->fd < 0) {
1653 return;
1655 close(s->fd);
1656 s->fd = -1;
1657 cpu_breakpoint_remove_all(cpu, BP_GDB);
1658 cpu_watchpoint_remove_all(cpu, BP_GDB);
1660 #else
1661 static int gdb_chr_can_receive(void *opaque)
1663 /* We can handle an arbitrarily large amount of data.
1664 Pick the maximum packet size, which is as good as anything. */
1665 return MAX_PACKET_LENGTH;
1668 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1670 int i;
1672 for (i = 0; i < size; i++) {
1673 gdb_read_byte(gdbserver_state, buf[i]);
1677 static void gdb_chr_event(void *opaque, int event)
1679 switch (event) {
1680 case CHR_EVENT_OPENED:
1681 vm_stop(RUN_STATE_PAUSED);
1682 gdb_has_xml = false;
1683 break;
1684 default:
1685 break;
1689 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1691 char buf[MAX_PACKET_LENGTH];
1693 buf[0] = 'O';
1694 if (len > (MAX_PACKET_LENGTH/2) - 1)
1695 len = (MAX_PACKET_LENGTH/2) - 1;
1696 memtohex(buf + 1, (uint8_t *)msg, len);
1697 put_packet(s, buf);
1700 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1702 const char *p = (const char *)buf;
1703 int max_sz;
1705 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1706 for (;;) {
1707 if (len <= max_sz) {
1708 gdb_monitor_output(gdbserver_state, p, len);
1709 break;
1711 gdb_monitor_output(gdbserver_state, p, max_sz);
1712 p += max_sz;
1713 len -= max_sz;
1715 return len;
1718 #ifndef _WIN32
1719 static void gdb_sigterm_handler(int signal)
1721 if (runstate_is_running()) {
1722 vm_stop(RUN_STATE_PAUSED);
1725 #endif
1727 int gdbserver_start(const char *device)
1729 GDBState *s;
1730 char gdbstub_device_name[128];
1731 CharDriverState *chr = NULL;
1732 CharDriverState *mon_chr;
1733 ChardevCommon common = { 0 };
1735 if (!device)
1736 return -1;
1737 if (strcmp(device, "none") != 0) {
1738 if (strstart(device, "tcp:", NULL)) {
1739 /* enforce required TCP attributes */
1740 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1741 "%s,nowait,nodelay,server", device);
1742 device = gdbstub_device_name;
1744 #ifndef _WIN32
1745 else if (strcmp(device, "stdio") == 0) {
1746 struct sigaction act;
1748 memset(&act, 0, sizeof(act));
1749 act.sa_handler = gdb_sigterm_handler;
1750 sigaction(SIGINT, &act, NULL);
1752 #endif
1753 chr = qemu_chr_new_noreplay("gdb", device);
1754 if (!chr)
1755 return -1;
1758 s = gdbserver_state;
1759 if (!s) {
1760 s = g_malloc0(sizeof(GDBState));
1761 gdbserver_state = s;
1763 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1765 /* Initialize a monitor terminal for gdb */
1766 mon_chr = qemu_chr_alloc(&common, &error_abort);
1767 mon_chr->chr_write = gdb_monitor_write;
1768 monitor_init(mon_chr, 0);
1769 } else {
1770 if (qemu_chr_fe_get_driver(&s->chr)) {
1771 qemu_chr_delete(qemu_chr_fe_get_driver(&s->chr));
1773 mon_chr = s->mon_chr;
1774 memset(s, 0, sizeof(GDBState));
1775 s->mon_chr = mon_chr;
1777 s->c_cpu = first_cpu;
1778 s->g_cpu = first_cpu;
1779 if (chr) {
1780 qemu_chr_fe_init(&s->chr, chr, &error_abort);
1781 qemu_chr_fe_set_handlers(&s->chr, gdb_chr_can_receive, gdb_chr_receive,
1782 gdb_chr_event, NULL, NULL, true);
1784 s->state = chr ? RS_IDLE : RS_INACTIVE;
1785 s->mon_chr = mon_chr;
1786 s->current_syscall_cb = NULL;
1788 return 0;
1790 #endif