util: move declarations out of qemu-common.h
[qemu/ar7.git] / gdbstub.c
blob0e431fd4dfcd22f7a89fede84fc6f0ac1f5f0f36
1 /*
2 * gdb server stub
4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include "qemu/osdep.h"
20 #include "qapi/error.h"
21 #include "qemu/cutils.h"
23 #ifdef CONFIG_USER_ONLY
24 #include "qemu.h"
25 #else
26 #include "monitor/monitor.h"
27 #include "sysemu/char.h"
28 #include "sysemu/sysemu.h"
29 #include "exec/gdbstub.h"
30 #endif
32 #define MAX_PACKET_LENGTH 4096
34 #include "cpu.h"
35 #include "qemu/sockets.h"
36 #include "sysemu/kvm.h"
37 #include "exec/semihost.h"
39 #ifdef CONFIG_USER_ONLY
40 #define GDB_ATTACHED "0"
41 #else
42 #define GDB_ATTACHED "1"
43 #endif
45 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
46 uint8_t *buf, int len, bool is_write)
48 CPUClass *cc = CPU_GET_CLASS(cpu);
50 if (cc->memory_rw_debug) {
51 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
53 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
56 enum {
57 GDB_SIGNAL_0 = 0,
58 GDB_SIGNAL_INT = 2,
59 GDB_SIGNAL_QUIT = 3,
60 GDB_SIGNAL_TRAP = 5,
61 GDB_SIGNAL_ABRT = 6,
62 GDB_SIGNAL_ALRM = 14,
63 GDB_SIGNAL_IO = 23,
64 GDB_SIGNAL_XCPU = 24,
65 GDB_SIGNAL_UNKNOWN = 143
68 #ifdef CONFIG_USER_ONLY
70 /* Map target signal numbers to GDB protocol signal numbers and vice
71 * versa. For user emulation's currently supported systems, we can
72 * assume most signals are defined.
75 static int gdb_signal_table[] = {
77 TARGET_SIGHUP,
78 TARGET_SIGINT,
79 TARGET_SIGQUIT,
80 TARGET_SIGILL,
81 TARGET_SIGTRAP,
82 TARGET_SIGABRT,
83 -1, /* SIGEMT */
84 TARGET_SIGFPE,
85 TARGET_SIGKILL,
86 TARGET_SIGBUS,
87 TARGET_SIGSEGV,
88 TARGET_SIGSYS,
89 TARGET_SIGPIPE,
90 TARGET_SIGALRM,
91 TARGET_SIGTERM,
92 TARGET_SIGURG,
93 TARGET_SIGSTOP,
94 TARGET_SIGTSTP,
95 TARGET_SIGCONT,
96 TARGET_SIGCHLD,
97 TARGET_SIGTTIN,
98 TARGET_SIGTTOU,
99 TARGET_SIGIO,
100 TARGET_SIGXCPU,
101 TARGET_SIGXFSZ,
102 TARGET_SIGVTALRM,
103 TARGET_SIGPROF,
104 TARGET_SIGWINCH,
105 -1, /* SIGLOST */
106 TARGET_SIGUSR1,
107 TARGET_SIGUSR2,
108 #ifdef TARGET_SIGPWR
109 TARGET_SIGPWR,
110 #else
112 #endif
113 -1, /* SIGPOLL */
125 #ifdef __SIGRTMIN
126 __SIGRTMIN + 1,
127 __SIGRTMIN + 2,
128 __SIGRTMIN + 3,
129 __SIGRTMIN + 4,
130 __SIGRTMIN + 5,
131 __SIGRTMIN + 6,
132 __SIGRTMIN + 7,
133 __SIGRTMIN + 8,
134 __SIGRTMIN + 9,
135 __SIGRTMIN + 10,
136 __SIGRTMIN + 11,
137 __SIGRTMIN + 12,
138 __SIGRTMIN + 13,
139 __SIGRTMIN + 14,
140 __SIGRTMIN + 15,
141 __SIGRTMIN + 16,
142 __SIGRTMIN + 17,
143 __SIGRTMIN + 18,
144 __SIGRTMIN + 19,
145 __SIGRTMIN + 20,
146 __SIGRTMIN + 21,
147 __SIGRTMIN + 22,
148 __SIGRTMIN + 23,
149 __SIGRTMIN + 24,
150 __SIGRTMIN + 25,
151 __SIGRTMIN + 26,
152 __SIGRTMIN + 27,
153 __SIGRTMIN + 28,
154 __SIGRTMIN + 29,
155 __SIGRTMIN + 30,
156 __SIGRTMIN + 31,
157 -1, /* SIGCANCEL */
158 __SIGRTMIN,
159 __SIGRTMIN + 32,
160 __SIGRTMIN + 33,
161 __SIGRTMIN + 34,
162 __SIGRTMIN + 35,
163 __SIGRTMIN + 36,
164 __SIGRTMIN + 37,
165 __SIGRTMIN + 38,
166 __SIGRTMIN + 39,
167 __SIGRTMIN + 40,
168 __SIGRTMIN + 41,
169 __SIGRTMIN + 42,
170 __SIGRTMIN + 43,
171 __SIGRTMIN + 44,
172 __SIGRTMIN + 45,
173 __SIGRTMIN + 46,
174 __SIGRTMIN + 47,
175 __SIGRTMIN + 48,
176 __SIGRTMIN + 49,
177 __SIGRTMIN + 50,
178 __SIGRTMIN + 51,
179 __SIGRTMIN + 52,
180 __SIGRTMIN + 53,
181 __SIGRTMIN + 54,
182 __SIGRTMIN + 55,
183 __SIGRTMIN + 56,
184 __SIGRTMIN + 57,
185 __SIGRTMIN + 58,
186 __SIGRTMIN + 59,
187 __SIGRTMIN + 60,
188 __SIGRTMIN + 61,
189 __SIGRTMIN + 62,
190 __SIGRTMIN + 63,
191 __SIGRTMIN + 64,
192 __SIGRTMIN + 65,
193 __SIGRTMIN + 66,
194 __SIGRTMIN + 67,
195 __SIGRTMIN + 68,
196 __SIGRTMIN + 69,
197 __SIGRTMIN + 70,
198 __SIGRTMIN + 71,
199 __SIGRTMIN + 72,
200 __SIGRTMIN + 73,
201 __SIGRTMIN + 74,
202 __SIGRTMIN + 75,
203 __SIGRTMIN + 76,
204 __SIGRTMIN + 77,
205 __SIGRTMIN + 78,
206 __SIGRTMIN + 79,
207 __SIGRTMIN + 80,
208 __SIGRTMIN + 81,
209 __SIGRTMIN + 82,
210 __SIGRTMIN + 83,
211 __SIGRTMIN + 84,
212 __SIGRTMIN + 85,
213 __SIGRTMIN + 86,
214 __SIGRTMIN + 87,
215 __SIGRTMIN + 88,
216 __SIGRTMIN + 89,
217 __SIGRTMIN + 90,
218 __SIGRTMIN + 91,
219 __SIGRTMIN + 92,
220 __SIGRTMIN + 93,
221 __SIGRTMIN + 94,
222 __SIGRTMIN + 95,
223 -1, /* SIGINFO */
224 -1, /* UNKNOWN */
225 -1, /* DEFAULT */
232 #endif
234 #else
235 /* In system mode we only need SIGINT and SIGTRAP; other signals
236 are not yet supported. */
238 enum {
239 TARGET_SIGINT = 2,
240 TARGET_SIGTRAP = 5
243 static int gdb_signal_table[] = {
246 TARGET_SIGINT,
249 TARGET_SIGTRAP
251 #endif
253 #ifdef CONFIG_USER_ONLY
254 static int target_signal_to_gdb (int sig)
256 int i;
257 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
258 if (gdb_signal_table[i] == sig)
259 return i;
260 return GDB_SIGNAL_UNKNOWN;
262 #endif
264 static int gdb_signal_to_target (int sig)
266 if (sig < ARRAY_SIZE (gdb_signal_table))
267 return gdb_signal_table[sig];
268 else
269 return -1;
272 //#define DEBUG_GDB
274 typedef struct GDBRegisterState {
275 int base_reg;
276 int num_regs;
277 gdb_reg_cb get_reg;
278 gdb_reg_cb set_reg;
279 const char *xml;
280 struct GDBRegisterState *next;
281 } GDBRegisterState;
283 enum RSState {
284 RS_INACTIVE,
285 RS_IDLE,
286 RS_GETLINE,
287 RS_CHKSUM1,
288 RS_CHKSUM2,
290 typedef struct GDBState {
291 CPUState *c_cpu; /* current CPU for step/continue ops */
292 CPUState *g_cpu; /* current CPU for other ops */
293 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
294 enum RSState state; /* parsing state */
295 char line_buf[MAX_PACKET_LENGTH];
296 int line_buf_index;
297 int line_csum;
298 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
299 int last_packet_len;
300 int signal;
301 #ifdef CONFIG_USER_ONLY
302 int fd;
303 int running_state;
304 #else
305 CharDriverState *chr;
306 CharDriverState *mon_chr;
307 #endif
308 char syscall_buf[256];
309 gdb_syscall_complete_cb current_syscall_cb;
310 } GDBState;
312 /* By default use no IRQs and no timers while single stepping so as to
313 * make single stepping like an ICE HW step.
315 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
317 static GDBState *gdbserver_state;
319 bool gdb_has_xml;
321 #ifdef CONFIG_USER_ONLY
322 /* XXX: This is not thread safe. Do we care? */
323 static int gdbserver_fd = -1;
325 static int get_char(GDBState *s)
327 uint8_t ch;
328 int ret;
330 for(;;) {
331 ret = qemu_recv(s->fd, &ch, 1, 0);
332 if (ret < 0) {
333 if (errno == ECONNRESET)
334 s->fd = -1;
335 if (errno != EINTR && errno != EAGAIN)
336 return -1;
337 } else if (ret == 0) {
338 close(s->fd);
339 s->fd = -1;
340 return -1;
341 } else {
342 break;
345 return ch;
347 #endif
349 static enum {
350 GDB_SYS_UNKNOWN,
351 GDB_SYS_ENABLED,
352 GDB_SYS_DISABLED,
353 } gdb_syscall_mode;
355 /* Decide if either remote gdb syscalls or native file IO should be used. */
356 int use_gdb_syscalls(void)
358 SemihostingTarget target = semihosting_get_target();
359 if (target == SEMIHOSTING_TARGET_NATIVE) {
360 /* -semihosting-config target=native */
361 return false;
362 } else if (target == SEMIHOSTING_TARGET_GDB) {
363 /* -semihosting-config target=gdb */
364 return true;
367 /* -semihosting-config target=auto */
368 /* On the first call check if gdb is connected and remember. */
369 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
370 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
371 : GDB_SYS_DISABLED);
373 return gdb_syscall_mode == GDB_SYS_ENABLED;
376 /* Resume execution. */
377 static inline void gdb_continue(GDBState *s)
379 #ifdef CONFIG_USER_ONLY
380 s->running_state = 1;
381 #else
382 if (!runstate_needs_reset()) {
383 vm_start();
385 #endif
388 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
390 #ifdef CONFIG_USER_ONLY
391 int ret;
393 while (len > 0) {
394 ret = send(s->fd, buf, len, 0);
395 if (ret < 0) {
396 if (errno != EINTR && errno != EAGAIN)
397 return;
398 } else {
399 buf += ret;
400 len -= ret;
403 #else
404 qemu_chr_fe_write(s->chr, buf, len);
405 #endif
408 static inline int fromhex(int v)
410 if (v >= '0' && v <= '9')
411 return v - '0';
412 else if (v >= 'A' && v <= 'F')
413 return v - 'A' + 10;
414 else if (v >= 'a' && v <= 'f')
415 return v - 'a' + 10;
416 else
417 return 0;
420 static inline int tohex(int v)
422 if (v < 10)
423 return v + '0';
424 else
425 return v - 10 + 'a';
428 static void memtohex(char *buf, const uint8_t *mem, int len)
430 int i, c;
431 char *q;
432 q = buf;
433 for(i = 0; i < len; i++) {
434 c = mem[i];
435 *q++ = tohex(c >> 4);
436 *q++ = tohex(c & 0xf);
438 *q = '\0';
441 static void hextomem(uint8_t *mem, const char *buf, int len)
443 int i;
445 for(i = 0; i < len; i++) {
446 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
447 buf += 2;
451 /* return -1 if error, 0 if OK */
452 static int put_packet_binary(GDBState *s, const char *buf, int len)
454 int csum, i;
455 uint8_t *p;
457 for(;;) {
458 p = s->last_packet;
459 *(p++) = '$';
460 memcpy(p, buf, len);
461 p += len;
462 csum = 0;
463 for(i = 0; i < len; i++) {
464 csum += buf[i];
466 *(p++) = '#';
467 *(p++) = tohex((csum >> 4) & 0xf);
468 *(p++) = tohex((csum) & 0xf);
470 s->last_packet_len = p - s->last_packet;
471 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
473 #ifdef CONFIG_USER_ONLY
474 i = get_char(s);
475 if (i < 0)
476 return -1;
477 if (i == '+')
478 break;
479 #else
480 break;
481 #endif
483 return 0;
486 /* return -1 if error, 0 if OK */
487 static int put_packet(GDBState *s, const char *buf)
489 #ifdef DEBUG_GDB
490 printf("reply='%s'\n", buf);
491 #endif
493 return put_packet_binary(s, buf, strlen(buf));
496 /* Encode data using the encoding for 'x' packets. */
497 static int memtox(char *buf, const char *mem, int len)
499 char *p = buf;
500 char c;
502 while (len--) {
503 c = *(mem++);
504 switch (c) {
505 case '#': case '$': case '*': case '}':
506 *(p++) = '}';
507 *(p++) = c ^ 0x20;
508 break;
509 default:
510 *(p++) = c;
511 break;
514 return p - buf;
517 static const char *get_feature_xml(const char *p, const char **newp,
518 CPUClass *cc)
520 size_t len;
521 int i;
522 const char *name;
523 static char target_xml[1024];
525 len = 0;
526 while (p[len] && p[len] != ':')
527 len++;
528 *newp = p + len;
530 name = NULL;
531 if (strncmp(p, "target.xml", len) == 0) {
532 /* Generate the XML description for this CPU. */
533 if (!target_xml[0]) {
534 GDBRegisterState *r;
535 CPUState *cpu = first_cpu;
537 pstrcat(target_xml, sizeof(target_xml),
538 "<?xml version=\"1.0\"?>"
539 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
540 "<target>");
541 if (cc->gdb_arch_name) {
542 gchar *arch = cc->gdb_arch_name(cpu);
543 pstrcat(target_xml, sizeof(target_xml), "<architecture>");
544 pstrcat(target_xml, sizeof(target_xml), arch);
545 pstrcat(target_xml, sizeof(target_xml), "</architecture>");
546 g_free(arch);
548 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
549 pstrcat(target_xml, sizeof(target_xml), cc->gdb_core_xml_file);
550 pstrcat(target_xml, sizeof(target_xml), "\"/>");
551 for (r = cpu->gdb_regs; r; r = r->next) {
552 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
553 pstrcat(target_xml, sizeof(target_xml), r->xml);
554 pstrcat(target_xml, sizeof(target_xml), "\"/>");
556 pstrcat(target_xml, sizeof(target_xml), "</target>");
558 return target_xml;
560 for (i = 0; ; i++) {
561 name = xml_builtin[i][0];
562 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
563 break;
565 return name ? xml_builtin[i][1] : NULL;
568 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
570 CPUClass *cc = CPU_GET_CLASS(cpu);
571 CPUArchState *env = cpu->env_ptr;
572 GDBRegisterState *r;
574 if (reg < cc->gdb_num_core_regs) {
575 return cc->gdb_read_register(cpu, mem_buf, reg);
578 for (r = cpu->gdb_regs; r; r = r->next) {
579 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
580 return r->get_reg(env, mem_buf, reg - r->base_reg);
583 return 0;
586 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
588 CPUClass *cc = CPU_GET_CLASS(cpu);
589 CPUArchState *env = cpu->env_ptr;
590 GDBRegisterState *r;
592 if (reg < cc->gdb_num_core_regs) {
593 return cc->gdb_write_register(cpu, mem_buf, reg);
596 for (r = cpu->gdb_regs; r; r = r->next) {
597 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
598 return r->set_reg(env, mem_buf, reg - r->base_reg);
601 return 0;
604 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
605 specifies the first register number and these registers are included in
606 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
607 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
610 void gdb_register_coprocessor(CPUState *cpu,
611 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
612 int num_regs, const char *xml, int g_pos)
614 GDBRegisterState *s;
615 GDBRegisterState **p;
617 p = &cpu->gdb_regs;
618 while (*p) {
619 /* Check for duplicates. */
620 if (strcmp((*p)->xml, xml) == 0)
621 return;
622 p = &(*p)->next;
625 s = g_new0(GDBRegisterState, 1);
626 s->base_reg = cpu->gdb_num_regs;
627 s->num_regs = num_regs;
628 s->get_reg = get_reg;
629 s->set_reg = set_reg;
630 s->xml = xml;
632 /* Add to end of list. */
633 cpu->gdb_num_regs += num_regs;
634 *p = s;
635 if (g_pos) {
636 if (g_pos != s->base_reg) {
637 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
638 "Expected %d got %d\n", xml, g_pos, s->base_reg);
639 } else {
640 cpu->gdb_num_g_regs = cpu->gdb_num_regs;
645 #ifndef CONFIG_USER_ONLY
646 /* Translate GDB watchpoint type to a flags value for cpu_watchpoint_* */
647 static inline int xlat_gdb_type(CPUState *cpu, int gdbtype)
649 static const int xlat[] = {
650 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
651 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
652 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
655 CPUClass *cc = CPU_GET_CLASS(cpu);
656 int cputype = xlat[gdbtype];
658 if (cc->gdb_stop_before_watchpoint) {
659 cputype |= BP_STOP_BEFORE_ACCESS;
661 return cputype;
663 #endif
665 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
667 CPUState *cpu;
668 int err = 0;
670 if (kvm_enabled()) {
671 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
674 switch (type) {
675 case GDB_BREAKPOINT_SW:
676 case GDB_BREAKPOINT_HW:
677 CPU_FOREACH(cpu) {
678 err = cpu_breakpoint_insert(cpu, addr, BP_GDB, NULL);
679 if (err) {
680 break;
683 return err;
684 #ifndef CONFIG_USER_ONLY
685 case GDB_WATCHPOINT_WRITE:
686 case GDB_WATCHPOINT_READ:
687 case GDB_WATCHPOINT_ACCESS:
688 CPU_FOREACH(cpu) {
689 err = cpu_watchpoint_insert(cpu, addr, len,
690 xlat_gdb_type(cpu, type), NULL);
691 if (err) {
692 break;
695 return err;
696 #endif
697 default:
698 return -ENOSYS;
702 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
704 CPUState *cpu;
705 int err = 0;
707 if (kvm_enabled()) {
708 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
711 switch (type) {
712 case GDB_BREAKPOINT_SW:
713 case GDB_BREAKPOINT_HW:
714 CPU_FOREACH(cpu) {
715 err = cpu_breakpoint_remove(cpu, addr, BP_GDB);
716 if (err) {
717 break;
720 return err;
721 #ifndef CONFIG_USER_ONLY
722 case GDB_WATCHPOINT_WRITE:
723 case GDB_WATCHPOINT_READ:
724 case GDB_WATCHPOINT_ACCESS:
725 CPU_FOREACH(cpu) {
726 err = cpu_watchpoint_remove(cpu, addr, len,
727 xlat_gdb_type(cpu, type));
728 if (err)
729 break;
731 return err;
732 #endif
733 default:
734 return -ENOSYS;
738 static void gdb_breakpoint_remove_all(void)
740 CPUState *cpu;
742 if (kvm_enabled()) {
743 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
744 return;
747 CPU_FOREACH(cpu) {
748 cpu_breakpoint_remove_all(cpu, BP_GDB);
749 #ifndef CONFIG_USER_ONLY
750 cpu_watchpoint_remove_all(cpu, BP_GDB);
751 #endif
755 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
757 CPUState *cpu = s->c_cpu;
759 cpu_synchronize_state(cpu);
760 cpu_set_pc(cpu, pc);
763 static CPUState *find_cpu(uint32_t thread_id)
765 CPUState *cpu;
767 CPU_FOREACH(cpu) {
768 if (cpu_index(cpu) == thread_id) {
769 return cpu;
773 return NULL;
776 static int is_query_packet(const char *p, const char *query, char separator)
778 unsigned int query_len = strlen(query);
780 return strncmp(p, query, query_len) == 0 &&
781 (p[query_len] == '\0' || p[query_len] == separator);
784 static int gdb_handle_packet(GDBState *s, const char *line_buf)
786 CPUState *cpu;
787 CPUClass *cc;
788 const char *p;
789 uint32_t thread;
790 int ch, reg_size, type, res;
791 char buf[MAX_PACKET_LENGTH];
792 uint8_t mem_buf[MAX_PACKET_LENGTH];
793 uint8_t *registers;
794 target_ulong addr, len;
796 #ifdef DEBUG_GDB
797 printf("command='%s'\n", line_buf);
798 #endif
799 p = line_buf;
800 ch = *p++;
801 switch(ch) {
802 case '?':
803 /* TODO: Make this return the correct value for user-mode. */
804 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
805 cpu_index(s->c_cpu));
806 put_packet(s, buf);
807 /* Remove all the breakpoints when this query is issued,
808 * because gdb is doing and initial connect and the state
809 * should be cleaned up.
811 gdb_breakpoint_remove_all();
812 break;
813 case 'c':
814 if (*p != '\0') {
815 addr = strtoull(p, (char **)&p, 16);
816 gdb_set_cpu_pc(s, addr);
818 s->signal = 0;
819 gdb_continue(s);
820 return RS_IDLE;
821 case 'C':
822 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
823 if (s->signal == -1)
824 s->signal = 0;
825 gdb_continue(s);
826 return RS_IDLE;
827 case 'v':
828 if (strncmp(p, "Cont", 4) == 0) {
829 int res_signal, res_thread;
831 p += 4;
832 if (*p == '?') {
833 put_packet(s, "vCont;c;C;s;S");
834 break;
836 res = 0;
837 res_signal = 0;
838 res_thread = 0;
839 while (*p) {
840 int action, signal;
842 if (*p++ != ';') {
843 res = 0;
844 break;
846 action = *p++;
847 signal = 0;
848 if (action == 'C' || action == 'S') {
849 signal = gdb_signal_to_target(strtoul(p, (char **)&p, 16));
850 if (signal == -1) {
851 signal = 0;
853 } else if (action != 'c' && action != 's') {
854 res = 0;
855 break;
857 thread = 0;
858 if (*p == ':') {
859 thread = strtoull(p+1, (char **)&p, 16);
861 action = tolower(action);
862 if (res == 0 || (res == 'c' && action == 's')) {
863 res = action;
864 res_signal = signal;
865 res_thread = thread;
868 if (res) {
869 if (res_thread != -1 && res_thread != 0) {
870 cpu = find_cpu(res_thread);
871 if (cpu == NULL) {
872 put_packet(s, "E22");
873 break;
875 s->c_cpu = cpu;
877 if (res == 's') {
878 cpu_single_step(s->c_cpu, sstep_flags);
880 s->signal = res_signal;
881 gdb_continue(s);
882 return RS_IDLE;
884 break;
885 } else {
886 goto unknown_command;
888 case 'k':
889 /* Kill the target */
890 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
891 exit(0);
892 case 'D':
893 /* Detach packet */
894 gdb_breakpoint_remove_all();
895 gdb_syscall_mode = GDB_SYS_DISABLED;
896 gdb_continue(s);
897 put_packet(s, "OK");
898 break;
899 case 's':
900 if (*p != '\0') {
901 addr = strtoull(p, (char **)&p, 16);
902 gdb_set_cpu_pc(s, addr);
904 cpu_single_step(s->c_cpu, sstep_flags);
905 gdb_continue(s);
906 return RS_IDLE;
907 case 'F':
909 target_ulong ret;
910 target_ulong err;
912 ret = strtoull(p, (char **)&p, 16);
913 if (*p == ',') {
914 p++;
915 err = strtoull(p, (char **)&p, 16);
916 } else {
917 err = 0;
919 if (*p == ',')
920 p++;
921 type = *p;
922 if (s->current_syscall_cb) {
923 s->current_syscall_cb(s->c_cpu, ret, err);
924 s->current_syscall_cb = NULL;
926 if (type == 'C') {
927 put_packet(s, "T02");
928 } else {
929 gdb_continue(s);
932 break;
933 case 'g':
934 cpu_synchronize_state(s->g_cpu);
935 len = 0;
936 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs; addr++) {
937 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
938 len += reg_size;
940 memtohex(buf, mem_buf, len);
941 put_packet(s, buf);
942 break;
943 case 'G':
944 cpu_synchronize_state(s->g_cpu);
945 registers = mem_buf;
946 len = strlen(p) / 2;
947 hextomem((uint8_t *)registers, p, len);
948 for (addr = 0; addr < s->g_cpu->gdb_num_g_regs && len > 0; addr++) {
949 reg_size = gdb_write_register(s->g_cpu, registers, addr);
950 len -= reg_size;
951 registers += reg_size;
953 put_packet(s, "OK");
954 break;
955 case 'm':
956 addr = strtoull(p, (char **)&p, 16);
957 if (*p == ',')
958 p++;
959 len = strtoull(p, NULL, 16);
961 /* memtohex() doubles the required space */
962 if (len > MAX_PACKET_LENGTH / 2) {
963 put_packet (s, "E22");
964 break;
967 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
968 put_packet (s, "E14");
969 } else {
970 memtohex(buf, mem_buf, len);
971 put_packet(s, buf);
973 break;
974 case 'M':
975 addr = strtoull(p, (char **)&p, 16);
976 if (*p == ',')
977 p++;
978 len = strtoull(p, (char **)&p, 16);
979 if (*p == ':')
980 p++;
982 /* hextomem() reads 2*len bytes */
983 if (len > strlen(p) / 2) {
984 put_packet (s, "E22");
985 break;
987 hextomem(mem_buf, p, len);
988 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
989 true) != 0) {
990 put_packet(s, "E14");
991 } else {
992 put_packet(s, "OK");
994 break;
995 case 'p':
996 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
997 This works, but can be very slow. Anything new enough to
998 understand XML also knows how to use this properly. */
999 if (!gdb_has_xml)
1000 goto unknown_command;
1001 addr = strtoull(p, (char **)&p, 16);
1002 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1003 if (reg_size) {
1004 memtohex(buf, mem_buf, reg_size);
1005 put_packet(s, buf);
1006 } else {
1007 put_packet(s, "E14");
1009 break;
1010 case 'P':
1011 if (!gdb_has_xml)
1012 goto unknown_command;
1013 addr = strtoull(p, (char **)&p, 16);
1014 if (*p == '=')
1015 p++;
1016 reg_size = strlen(p) / 2;
1017 hextomem(mem_buf, p, reg_size);
1018 gdb_write_register(s->g_cpu, mem_buf, addr);
1019 put_packet(s, "OK");
1020 break;
1021 case 'Z':
1022 case 'z':
1023 type = strtoul(p, (char **)&p, 16);
1024 if (*p == ',')
1025 p++;
1026 addr = strtoull(p, (char **)&p, 16);
1027 if (*p == ',')
1028 p++;
1029 len = strtoull(p, (char **)&p, 16);
1030 if (ch == 'Z')
1031 res = gdb_breakpoint_insert(addr, len, type);
1032 else
1033 res = gdb_breakpoint_remove(addr, len, type);
1034 if (res >= 0)
1035 put_packet(s, "OK");
1036 else if (res == -ENOSYS)
1037 put_packet(s, "");
1038 else
1039 put_packet(s, "E22");
1040 break;
1041 case 'H':
1042 type = *p++;
1043 thread = strtoull(p, (char **)&p, 16);
1044 if (thread == -1 || thread == 0) {
1045 put_packet(s, "OK");
1046 break;
1048 cpu = find_cpu(thread);
1049 if (cpu == NULL) {
1050 put_packet(s, "E22");
1051 break;
1053 switch (type) {
1054 case 'c':
1055 s->c_cpu = cpu;
1056 put_packet(s, "OK");
1057 break;
1058 case 'g':
1059 s->g_cpu = cpu;
1060 put_packet(s, "OK");
1061 break;
1062 default:
1063 put_packet(s, "E22");
1064 break;
1066 break;
1067 case 'T':
1068 thread = strtoull(p, (char **)&p, 16);
1069 cpu = find_cpu(thread);
1071 if (cpu != NULL) {
1072 put_packet(s, "OK");
1073 } else {
1074 put_packet(s, "E22");
1076 break;
1077 case 'q':
1078 case 'Q':
1079 /* parse any 'q' packets here */
1080 if (!strcmp(p,"qemu.sstepbits")) {
1081 /* Query Breakpoint bit definitions */
1082 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1083 SSTEP_ENABLE,
1084 SSTEP_NOIRQ,
1085 SSTEP_NOTIMER);
1086 put_packet(s, buf);
1087 break;
1088 } else if (is_query_packet(p, "qemu.sstep", '=')) {
1089 /* Display or change the sstep_flags */
1090 p += 10;
1091 if (*p != '=') {
1092 /* Display current setting */
1093 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1094 put_packet(s, buf);
1095 break;
1097 p++;
1098 type = strtoul(p, (char **)&p, 16);
1099 sstep_flags = type;
1100 put_packet(s, "OK");
1101 break;
1102 } else if (strcmp(p,"C") == 0) {
1103 /* "Current thread" remains vague in the spec, so always return
1104 * the first CPU (gdb returns the first thread). */
1105 put_packet(s, "QC1");
1106 break;
1107 } else if (strcmp(p,"fThreadInfo") == 0) {
1108 s->query_cpu = first_cpu;
1109 goto report_cpuinfo;
1110 } else if (strcmp(p,"sThreadInfo") == 0) {
1111 report_cpuinfo:
1112 if (s->query_cpu) {
1113 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1114 put_packet(s, buf);
1115 s->query_cpu = CPU_NEXT(s->query_cpu);
1116 } else
1117 put_packet(s, "l");
1118 break;
1119 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1120 thread = strtoull(p+16, (char **)&p, 16);
1121 cpu = find_cpu(thread);
1122 if (cpu != NULL) {
1123 cpu_synchronize_state(cpu);
1124 /* memtohex() doubles the required space */
1125 len = snprintf((char *)mem_buf, sizeof(buf) / 2,
1126 "CPU#%d [%s]", cpu->cpu_index,
1127 cpu->halted ? "halted " : "running");
1128 memtohex(buf, mem_buf, len);
1129 put_packet(s, buf);
1131 break;
1133 #ifdef CONFIG_USER_ONLY
1134 else if (strcmp(p, "Offsets") == 0) {
1135 TaskState *ts = s->c_cpu->opaque;
1137 snprintf(buf, sizeof(buf),
1138 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1139 ";Bss=" TARGET_ABI_FMT_lx,
1140 ts->info->code_offset,
1141 ts->info->data_offset,
1142 ts->info->data_offset);
1143 put_packet(s, buf);
1144 break;
1146 #else /* !CONFIG_USER_ONLY */
1147 else if (strncmp(p, "Rcmd,", 5) == 0) {
1148 int len = strlen(p + 5);
1150 if ((len % 2) != 0) {
1151 put_packet(s, "E01");
1152 break;
1154 len = len / 2;
1155 hextomem(mem_buf, p + 5, len);
1156 mem_buf[len++] = 0;
1157 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1158 put_packet(s, "OK");
1159 break;
1161 #endif /* !CONFIG_USER_ONLY */
1162 if (is_query_packet(p, "Supported", ':')) {
1163 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1164 cc = CPU_GET_CLASS(first_cpu);
1165 if (cc->gdb_core_xml_file != NULL) {
1166 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1168 put_packet(s, buf);
1169 break;
1171 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1172 const char *xml;
1173 target_ulong total_len;
1175 cc = CPU_GET_CLASS(first_cpu);
1176 if (cc->gdb_core_xml_file == NULL) {
1177 goto unknown_command;
1180 gdb_has_xml = true;
1181 p += 19;
1182 xml = get_feature_xml(p, &p, cc);
1183 if (!xml) {
1184 snprintf(buf, sizeof(buf), "E00");
1185 put_packet(s, buf);
1186 break;
1189 if (*p == ':')
1190 p++;
1191 addr = strtoul(p, (char **)&p, 16);
1192 if (*p == ',')
1193 p++;
1194 len = strtoul(p, (char **)&p, 16);
1196 total_len = strlen(xml);
1197 if (addr > total_len) {
1198 snprintf(buf, sizeof(buf), "E00");
1199 put_packet(s, buf);
1200 break;
1202 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1203 len = (MAX_PACKET_LENGTH - 5) / 2;
1204 if (len < total_len - addr) {
1205 buf[0] = 'm';
1206 len = memtox(buf + 1, xml + addr, len);
1207 } else {
1208 buf[0] = 'l';
1209 len = memtox(buf + 1, xml + addr, total_len - addr);
1211 put_packet_binary(s, buf, len + 1);
1212 break;
1214 if (is_query_packet(p, "Attached", ':')) {
1215 put_packet(s, GDB_ATTACHED);
1216 break;
1218 /* Unrecognised 'q' command. */
1219 goto unknown_command;
1221 default:
1222 unknown_command:
1223 /* put empty packet */
1224 buf[0] = '\0';
1225 put_packet(s, buf);
1226 break;
1228 return RS_IDLE;
1231 void gdb_set_stop_cpu(CPUState *cpu)
1233 gdbserver_state->c_cpu = cpu;
1234 gdbserver_state->g_cpu = cpu;
1237 #ifndef CONFIG_USER_ONLY
1238 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1240 GDBState *s = gdbserver_state;
1241 CPUState *cpu = s->c_cpu;
1242 char buf[256];
1243 const char *type;
1244 int ret;
1246 if (running || s->state == RS_INACTIVE) {
1247 return;
1249 /* Is there a GDB syscall waiting to be sent? */
1250 if (s->current_syscall_cb) {
1251 put_packet(s, s->syscall_buf);
1252 return;
1254 switch (state) {
1255 case RUN_STATE_DEBUG:
1256 if (cpu->watchpoint_hit) {
1257 switch (cpu->watchpoint_hit->flags & BP_MEM_ACCESS) {
1258 case BP_MEM_READ:
1259 type = "r";
1260 break;
1261 case BP_MEM_ACCESS:
1262 type = "a";
1263 break;
1264 default:
1265 type = "";
1266 break;
1268 snprintf(buf, sizeof(buf),
1269 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1270 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1271 (target_ulong)cpu->watchpoint_hit->vaddr);
1272 cpu->watchpoint_hit = NULL;
1273 goto send_packet;
1275 tb_flush(cpu);
1276 ret = GDB_SIGNAL_TRAP;
1277 break;
1278 case RUN_STATE_PAUSED:
1279 ret = GDB_SIGNAL_INT;
1280 break;
1281 case RUN_STATE_SHUTDOWN:
1282 ret = GDB_SIGNAL_QUIT;
1283 break;
1284 case RUN_STATE_IO_ERROR:
1285 ret = GDB_SIGNAL_IO;
1286 break;
1287 case RUN_STATE_WATCHDOG:
1288 ret = GDB_SIGNAL_ALRM;
1289 break;
1290 case RUN_STATE_INTERNAL_ERROR:
1291 ret = GDB_SIGNAL_ABRT;
1292 break;
1293 case RUN_STATE_SAVE_VM:
1294 case RUN_STATE_RESTORE_VM:
1295 return;
1296 case RUN_STATE_FINISH_MIGRATE:
1297 ret = GDB_SIGNAL_XCPU;
1298 break;
1299 default:
1300 ret = GDB_SIGNAL_UNKNOWN;
1301 break;
1303 gdb_set_stop_cpu(cpu);
1304 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1306 send_packet:
1307 put_packet(s, buf);
1309 /* disable single step if it was enabled */
1310 cpu_single_step(cpu, 0);
1312 #endif
1314 /* Send a gdb syscall request.
1315 This accepts limited printf-style format specifiers, specifically:
1316 %x - target_ulong argument printed in hex.
1317 %lx - 64-bit argument printed in hex.
1318 %s - string pointer (target_ulong) and length (int) pair. */
1319 void gdb_do_syscallv(gdb_syscall_complete_cb cb, const char *fmt, va_list va)
1321 char *p;
1322 char *p_end;
1323 target_ulong addr;
1324 uint64_t i64;
1325 GDBState *s;
1327 s = gdbserver_state;
1328 if (!s)
1329 return;
1330 s->current_syscall_cb = cb;
1331 #ifndef CONFIG_USER_ONLY
1332 vm_stop(RUN_STATE_DEBUG);
1333 #endif
1334 p = s->syscall_buf;
1335 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1336 *(p++) = 'F';
1337 while (*fmt) {
1338 if (*fmt == '%') {
1339 fmt++;
1340 switch (*fmt++) {
1341 case 'x':
1342 addr = va_arg(va, target_ulong);
1343 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1344 break;
1345 case 'l':
1346 if (*(fmt++) != 'x')
1347 goto bad_format;
1348 i64 = va_arg(va, uint64_t);
1349 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1350 break;
1351 case 's':
1352 addr = va_arg(va, target_ulong);
1353 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1354 addr, va_arg(va, int));
1355 break;
1356 default:
1357 bad_format:
1358 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1359 fmt - 1);
1360 break;
1362 } else {
1363 *(p++) = *(fmt++);
1366 *p = 0;
1367 #ifdef CONFIG_USER_ONLY
1368 put_packet(s, s->syscall_buf);
1369 gdb_handlesig(s->c_cpu, 0);
1370 #else
1371 /* In this case wait to send the syscall packet until notification that
1372 the CPU has stopped. This must be done because if the packet is sent
1373 now the reply from the syscall request could be received while the CPU
1374 is still in the running state, which can cause packets to be dropped
1375 and state transition 'T' packets to be sent while the syscall is still
1376 being processed. */
1377 qemu_cpu_kick(s->c_cpu);
1378 #endif
1381 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1383 va_list va;
1385 va_start(va, fmt);
1386 gdb_do_syscallv(cb, fmt, va);
1387 va_end(va);
1390 static void gdb_read_byte(GDBState *s, int ch)
1392 int i, csum;
1393 uint8_t reply;
1395 #ifndef CONFIG_USER_ONLY
1396 if (s->last_packet_len) {
1397 /* Waiting for a response to the last packet. If we see the start
1398 of a new command then abandon the previous response. */
1399 if (ch == '-') {
1400 #ifdef DEBUG_GDB
1401 printf("Got NACK, retransmitting\n");
1402 #endif
1403 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1405 #ifdef DEBUG_GDB
1406 else if (ch == '+')
1407 printf("Got ACK\n");
1408 else
1409 printf("Got '%c' when expecting ACK/NACK\n", ch);
1410 #endif
1411 if (ch == '+' || ch == '$')
1412 s->last_packet_len = 0;
1413 if (ch != '$')
1414 return;
1416 if (runstate_is_running()) {
1417 /* when the CPU is running, we cannot do anything except stop
1418 it when receiving a char */
1419 vm_stop(RUN_STATE_PAUSED);
1420 } else
1421 #endif
1423 switch(s->state) {
1424 case RS_IDLE:
1425 if (ch == '$') {
1426 s->line_buf_index = 0;
1427 s->state = RS_GETLINE;
1429 break;
1430 case RS_GETLINE:
1431 if (ch == '#') {
1432 s->state = RS_CHKSUM1;
1433 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1434 s->state = RS_IDLE;
1435 } else {
1436 s->line_buf[s->line_buf_index++] = ch;
1438 break;
1439 case RS_CHKSUM1:
1440 s->line_buf[s->line_buf_index] = '\0';
1441 s->line_csum = fromhex(ch) << 4;
1442 s->state = RS_CHKSUM2;
1443 break;
1444 case RS_CHKSUM2:
1445 s->line_csum |= fromhex(ch);
1446 csum = 0;
1447 for(i = 0; i < s->line_buf_index; i++) {
1448 csum += s->line_buf[i];
1450 if (s->line_csum != (csum & 0xff)) {
1451 reply = '-';
1452 put_buffer(s, &reply, 1);
1453 s->state = RS_IDLE;
1454 } else {
1455 reply = '+';
1456 put_buffer(s, &reply, 1);
1457 s->state = gdb_handle_packet(s, s->line_buf);
1459 break;
1460 default:
1461 abort();
1466 /* Tell the remote gdb that the process has exited. */
1467 void gdb_exit(CPUArchState *env, int code)
1469 GDBState *s;
1470 char buf[4];
1472 s = gdbserver_state;
1473 if (!s) {
1474 return;
1476 #ifdef CONFIG_USER_ONLY
1477 if (gdbserver_fd < 0 || s->fd < 0) {
1478 return;
1480 #else
1481 if (!s->chr) {
1482 return;
1484 #endif
1486 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1487 put_packet(s, buf);
1489 #ifndef CONFIG_USER_ONLY
1490 qemu_chr_delete(s->chr);
1491 #endif
1494 #ifdef CONFIG_USER_ONLY
1496 gdb_queuesig (void)
1498 GDBState *s;
1500 s = gdbserver_state;
1502 if (gdbserver_fd < 0 || s->fd < 0)
1503 return 0;
1504 else
1505 return 1;
1509 gdb_handlesig(CPUState *cpu, int sig)
1511 GDBState *s;
1512 char buf[256];
1513 int n;
1515 s = gdbserver_state;
1516 if (gdbserver_fd < 0 || s->fd < 0) {
1517 return sig;
1520 /* disable single step if it was enabled */
1521 cpu_single_step(cpu, 0);
1522 tb_flush(cpu);
1524 if (sig != 0) {
1525 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1526 put_packet(s, buf);
1528 /* put_packet() might have detected that the peer terminated the
1529 connection. */
1530 if (s->fd < 0) {
1531 return sig;
1534 sig = 0;
1535 s->state = RS_IDLE;
1536 s->running_state = 0;
1537 while (s->running_state == 0) {
1538 n = read(s->fd, buf, 256);
1539 if (n > 0) {
1540 int i;
1542 for (i = 0; i < n; i++) {
1543 gdb_read_byte(s, buf[i]);
1545 } else if (n == 0 || errno != EAGAIN) {
1546 /* XXX: Connection closed. Should probably wait for another
1547 connection before continuing. */
1548 return sig;
1551 sig = s->signal;
1552 s->signal = 0;
1553 return sig;
1556 /* Tell the remote gdb that the process has exited due to SIG. */
1557 void gdb_signalled(CPUArchState *env, int sig)
1559 GDBState *s;
1560 char buf[4];
1562 s = gdbserver_state;
1563 if (gdbserver_fd < 0 || s->fd < 0) {
1564 return;
1567 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1568 put_packet(s, buf);
1571 static void gdb_accept(void)
1573 GDBState *s;
1574 struct sockaddr_in sockaddr;
1575 socklen_t len;
1576 int fd;
1578 for(;;) {
1579 len = sizeof(sockaddr);
1580 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1581 if (fd < 0 && errno != EINTR) {
1582 perror("accept");
1583 return;
1584 } else if (fd >= 0) {
1585 #ifndef _WIN32
1586 fcntl(fd, F_SETFD, FD_CLOEXEC);
1587 #endif
1588 break;
1592 /* set short latency */
1593 socket_set_nodelay(fd);
1595 s = g_malloc0(sizeof(GDBState));
1596 s->c_cpu = first_cpu;
1597 s->g_cpu = first_cpu;
1598 s->fd = fd;
1599 gdb_has_xml = false;
1601 gdbserver_state = s;
1603 fcntl(fd, F_SETFL, O_NONBLOCK);
1606 static int gdbserver_open(int port)
1608 struct sockaddr_in sockaddr;
1609 int fd, ret;
1611 fd = socket(PF_INET, SOCK_STREAM, 0);
1612 if (fd < 0) {
1613 perror("socket");
1614 return -1;
1616 #ifndef _WIN32
1617 fcntl(fd, F_SETFD, FD_CLOEXEC);
1618 #endif
1620 socket_set_fast_reuse(fd);
1622 sockaddr.sin_family = AF_INET;
1623 sockaddr.sin_port = htons(port);
1624 sockaddr.sin_addr.s_addr = 0;
1625 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1626 if (ret < 0) {
1627 perror("bind");
1628 close(fd);
1629 return -1;
1631 ret = listen(fd, 0);
1632 if (ret < 0) {
1633 perror("listen");
1634 close(fd);
1635 return -1;
1637 return fd;
1640 int gdbserver_start(int port)
1642 gdbserver_fd = gdbserver_open(port);
1643 if (gdbserver_fd < 0)
1644 return -1;
1645 /* accept connections */
1646 gdb_accept();
1647 return 0;
1650 /* Disable gdb stub for child processes. */
1651 void gdbserver_fork(CPUState *cpu)
1653 GDBState *s = gdbserver_state;
1655 if (gdbserver_fd < 0 || s->fd < 0) {
1656 return;
1658 close(s->fd);
1659 s->fd = -1;
1660 cpu_breakpoint_remove_all(cpu, BP_GDB);
1661 cpu_watchpoint_remove_all(cpu, BP_GDB);
1663 #else
1664 static int gdb_chr_can_receive(void *opaque)
1666 /* We can handle an arbitrarily large amount of data.
1667 Pick the maximum packet size, which is as good as anything. */
1668 return MAX_PACKET_LENGTH;
1671 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1673 int i;
1675 for (i = 0; i < size; i++) {
1676 gdb_read_byte(gdbserver_state, buf[i]);
1680 static void gdb_chr_event(void *opaque, int event)
1682 switch (event) {
1683 case CHR_EVENT_OPENED:
1684 vm_stop(RUN_STATE_PAUSED);
1685 gdb_has_xml = false;
1686 break;
1687 default:
1688 break;
1692 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1694 char buf[MAX_PACKET_LENGTH];
1696 buf[0] = 'O';
1697 if (len > (MAX_PACKET_LENGTH/2) - 1)
1698 len = (MAX_PACKET_LENGTH/2) - 1;
1699 memtohex(buf + 1, (uint8_t *)msg, len);
1700 put_packet(s, buf);
1703 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1705 const char *p = (const char *)buf;
1706 int max_sz;
1708 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1709 for (;;) {
1710 if (len <= max_sz) {
1711 gdb_monitor_output(gdbserver_state, p, len);
1712 break;
1714 gdb_monitor_output(gdbserver_state, p, max_sz);
1715 p += max_sz;
1716 len -= max_sz;
1718 return len;
1721 #ifndef _WIN32
1722 static void gdb_sigterm_handler(int signal)
1724 if (runstate_is_running()) {
1725 vm_stop(RUN_STATE_PAUSED);
1728 #endif
1730 int gdbserver_start(const char *device)
1732 GDBState *s;
1733 char gdbstub_device_name[128];
1734 CharDriverState *chr = NULL;
1735 CharDriverState *mon_chr;
1736 ChardevCommon common = { 0 };
1738 if (!device)
1739 return -1;
1740 if (strcmp(device, "none") != 0) {
1741 if (strstart(device, "tcp:", NULL)) {
1742 /* enforce required TCP attributes */
1743 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1744 "%s,nowait,nodelay,server", device);
1745 device = gdbstub_device_name;
1747 #ifndef _WIN32
1748 else if (strcmp(device, "stdio") == 0) {
1749 struct sigaction act;
1751 memset(&act, 0, sizeof(act));
1752 act.sa_handler = gdb_sigterm_handler;
1753 sigaction(SIGINT, &act, NULL);
1755 #endif
1756 chr = qemu_chr_new_noreplay("gdb", device, NULL);
1757 if (!chr)
1758 return -1;
1760 qemu_chr_fe_claim_no_fail(chr);
1761 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1762 gdb_chr_event, NULL);
1765 s = gdbserver_state;
1766 if (!s) {
1767 s = g_malloc0(sizeof(GDBState));
1768 gdbserver_state = s;
1770 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1772 /* Initialize a monitor terminal for gdb */
1773 mon_chr = qemu_chr_alloc(&common, &error_abort);
1774 mon_chr->chr_write = gdb_monitor_write;
1775 monitor_init(mon_chr, 0);
1776 } else {
1777 if (s->chr)
1778 qemu_chr_delete(s->chr);
1779 mon_chr = s->mon_chr;
1780 memset(s, 0, sizeof(GDBState));
1782 s->c_cpu = first_cpu;
1783 s->g_cpu = first_cpu;
1784 s->chr = chr;
1785 s->state = chr ? RS_IDLE : RS_INACTIVE;
1786 s->mon_chr = mon_chr;
1787 s->current_syscall_cb = NULL;
1789 return 0;
1791 #endif