search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
target-s390x: Move cpu_gdb_{read,write}_register()
[qemu/rayw.git] / gdbstub.c
blob58502f3991b05fe677a2801340ba6c8d01caa8d2
1 /*
2 * gdb server stub
3 *
4 * Copyright (c) 2003-2005 Fabrice Bellard
5 *
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
10 *
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
15 *
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
18 */
19 #include "config.h"
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
22 #include <stdlib.h>
23 #include <stdio.h>
24 #include <stdarg.h>
25 #include <string.h>
26 #include <errno.h>
27 #include <unistd.h>
28 #include <fcntl.h>
29
30 #include "qemu.h"
31 #else
32 #include "monitor/monitor.h"
33 #include "sysemu/char.h"
34 #include "sysemu/sysemu.h"
35 #include "exec/gdbstub.h"
36 #endif
37
38 #define MAX_PACKET_LENGTH 4096
39
40 #include "cpu.h"
41 #include "qemu/sockets.h"
42 #include "sysemu/kvm.h"
43 #include "qemu/bitops.h"
44
45 static inline int target_memory_rw_debug(CPUState *cpu, target_ulong addr,
46 uint8_t *buf, int len, bool is_write)
47 {
48 CPUClass *cc = CPU_GET_CLASS(cpu);
49
50 if (cc->memory_rw_debug) {
51 return cc->memory_rw_debug(cpu, addr, buf, len, is_write);
52 }
53 return cpu_memory_rw_debug(cpu, addr, buf, len, is_write);
54 }
55
56 enum {
57 GDB_SIGNAL_0 = 0,
58 GDB_SIGNAL_INT = 2,
59 GDB_SIGNAL_QUIT = 3,
60 GDB_SIGNAL_TRAP = 5,
61 GDB_SIGNAL_ABRT = 6,
62 GDB_SIGNAL_ALRM = 14,
63 GDB_SIGNAL_IO = 23,
64 GDB_SIGNAL_XCPU = 24,
65 GDB_SIGNAL_UNKNOWN = 143
66 };
67
68 #ifdef CONFIG_USER_ONLY
69
70 /* Map target signal numbers to GDB protocol signal numbers and vice
71 * versa. For user emulation's currently supported systems, we can
72 * assume most signals are defined.
73 */
74
75 static int gdb_signal_table[] = {
76 0,
77 TARGET_SIGHUP,
78 TARGET_SIGINT,
79 TARGET_SIGQUIT,
80 TARGET_SIGILL,
81 TARGET_SIGTRAP,
82 TARGET_SIGABRT,
83 -1, /* SIGEMT */
84 TARGET_SIGFPE,
85 TARGET_SIGKILL,
86 TARGET_SIGBUS,
87 TARGET_SIGSEGV,
88 TARGET_SIGSYS,
89 TARGET_SIGPIPE,
90 TARGET_SIGALRM,
91 TARGET_SIGTERM,
92 TARGET_SIGURG,
93 TARGET_SIGSTOP,
94 TARGET_SIGTSTP,
95 TARGET_SIGCONT,
96 TARGET_SIGCHLD,
97 TARGET_SIGTTIN,
98 TARGET_SIGTTOU,
99 TARGET_SIGIO,
100 TARGET_SIGXCPU,
101 TARGET_SIGXFSZ,
102 TARGET_SIGVTALRM,
103 TARGET_SIGPROF,
104 TARGET_SIGWINCH,
105 -1, /* SIGLOST */
106 TARGET_SIGUSR1,
107 TARGET_SIGUSR2,
108 #ifdef TARGET_SIGPWR
109 TARGET_SIGPWR,
110 #else
111 -1,
112 #endif
113 -1, /* SIGPOLL */
114 -1,
115 -1,
116 -1,
117 -1,
118 -1,
119 -1,
120 -1,
121 -1,
122 -1,
123 -1,
124 -1,
125 #ifdef __SIGRTMIN
126 __SIGRTMIN + 1,
127 __SIGRTMIN + 2,
128 __SIGRTMIN + 3,
129 __SIGRTMIN + 4,
130 __SIGRTMIN + 5,
131 __SIGRTMIN + 6,
132 __SIGRTMIN + 7,
133 __SIGRTMIN + 8,
134 __SIGRTMIN + 9,
135 __SIGRTMIN + 10,
136 __SIGRTMIN + 11,
137 __SIGRTMIN + 12,
138 __SIGRTMIN + 13,
139 __SIGRTMIN + 14,
140 __SIGRTMIN + 15,
141 __SIGRTMIN + 16,
142 __SIGRTMIN + 17,
143 __SIGRTMIN + 18,
144 __SIGRTMIN + 19,
145 __SIGRTMIN + 20,
146 __SIGRTMIN + 21,
147 __SIGRTMIN + 22,
148 __SIGRTMIN + 23,
149 __SIGRTMIN + 24,
150 __SIGRTMIN + 25,
151 __SIGRTMIN + 26,
152 __SIGRTMIN + 27,
153 __SIGRTMIN + 28,
154 __SIGRTMIN + 29,
155 __SIGRTMIN + 30,
156 __SIGRTMIN + 31,
157 -1, /* SIGCANCEL */
158 __SIGRTMIN,
159 __SIGRTMIN + 32,
160 __SIGRTMIN + 33,
161 __SIGRTMIN + 34,
162 __SIGRTMIN + 35,
163 __SIGRTMIN + 36,
164 __SIGRTMIN + 37,
165 __SIGRTMIN + 38,
166 __SIGRTMIN + 39,
167 __SIGRTMIN + 40,
168 __SIGRTMIN + 41,
169 __SIGRTMIN + 42,
170 __SIGRTMIN + 43,
171 __SIGRTMIN + 44,
172 __SIGRTMIN + 45,
173 __SIGRTMIN + 46,
174 __SIGRTMIN + 47,
175 __SIGRTMIN + 48,
176 __SIGRTMIN + 49,
177 __SIGRTMIN + 50,
178 __SIGRTMIN + 51,
179 __SIGRTMIN + 52,
180 __SIGRTMIN + 53,
181 __SIGRTMIN + 54,
182 __SIGRTMIN + 55,
183 __SIGRTMIN + 56,
184 __SIGRTMIN + 57,
185 __SIGRTMIN + 58,
186 __SIGRTMIN + 59,
187 __SIGRTMIN + 60,
188 __SIGRTMIN + 61,
189 __SIGRTMIN + 62,
190 __SIGRTMIN + 63,
191 __SIGRTMIN + 64,
192 __SIGRTMIN + 65,
193 __SIGRTMIN + 66,
194 __SIGRTMIN + 67,
195 __SIGRTMIN + 68,
196 __SIGRTMIN + 69,
197 __SIGRTMIN + 70,
198 __SIGRTMIN + 71,
199 __SIGRTMIN + 72,
200 __SIGRTMIN + 73,
201 __SIGRTMIN + 74,
202 __SIGRTMIN + 75,
203 __SIGRTMIN + 76,
204 __SIGRTMIN + 77,
205 __SIGRTMIN + 78,
206 __SIGRTMIN + 79,
207 __SIGRTMIN + 80,
208 __SIGRTMIN + 81,
209 __SIGRTMIN + 82,
210 __SIGRTMIN + 83,
211 __SIGRTMIN + 84,
212 __SIGRTMIN + 85,
213 __SIGRTMIN + 86,
214 __SIGRTMIN + 87,
215 __SIGRTMIN + 88,
216 __SIGRTMIN + 89,
217 __SIGRTMIN + 90,
218 __SIGRTMIN + 91,
219 __SIGRTMIN + 92,
220 __SIGRTMIN + 93,
221 __SIGRTMIN + 94,
222 __SIGRTMIN + 95,
223 -1, /* SIGINFO */
224 -1, /* UNKNOWN */
225 -1, /* DEFAULT */
226 -1,
227 -1,
228 -1,
229 -1,
230 -1,
231 -1
232 #endif
233 };
234 #else
235 /* In system mode we only need SIGINT and SIGTRAP; other signals
236 are not yet supported. */
237
238 enum {
239 TARGET_SIGINT = 2,
240 TARGET_SIGTRAP = 5
241 };
242
243 static int gdb_signal_table[] = {
244 -1,
245 -1,
246 TARGET_SIGINT,
247 -1,
248 -1,
249 TARGET_SIGTRAP
250 };
251 #endif
252
253 #ifdef CONFIG_USER_ONLY
254 static int target_signal_to_gdb (int sig)
255 {
256 int i;
257 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
258 if (gdb_signal_table[i] == sig)
259 return i;
260 return GDB_SIGNAL_UNKNOWN;
261 }
262 #endif
263
264 static int gdb_signal_to_target (int sig)
265 {
266 if (sig < ARRAY_SIZE (gdb_signal_table))
267 return gdb_signal_table[sig];
268 else
269 return -1;
270 }
271
272 //#define DEBUG_GDB
273
274 typedef struct GDBRegisterState {
275 int base_reg;
276 int num_regs;
277 gdb_reg_cb get_reg;
278 gdb_reg_cb set_reg;
279 const char *xml;
280 struct GDBRegisterState *next;
281 } GDBRegisterState;
282
283 enum RSState {
284 RS_INACTIVE,
285 RS_IDLE,
286 RS_GETLINE,
287 RS_CHKSUM1,
288 RS_CHKSUM2,
289 };
290 typedef struct GDBState {
291 CPUState *c_cpu; /* current CPU for step/continue ops */
292 CPUState *g_cpu; /* current CPU for other ops */
293 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
294 enum RSState state; /* parsing state */
295 char line_buf[MAX_PACKET_LENGTH];
296 int line_buf_index;
297 int line_csum;
298 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
299 int last_packet_len;
300 int signal;
301 #ifdef CONFIG_USER_ONLY
302 int fd;
303 int running_state;
304 #else
305 CharDriverState *chr;
306 CharDriverState *mon_chr;
307 #endif
308 char syscall_buf[256];
309 gdb_syscall_complete_cb current_syscall_cb;
310 } GDBState;
311
312 /* By default use no IRQs and no timers while single stepping so as to
313 * make single stepping like an ICE HW step.
314 */
315 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
316
317 static GDBState *gdbserver_state;
318
319 /* This is an ugly hack to cope with both new and old gdb.
320 If gdb sends qXfer:features:read then assume we're talking to a newish
321 gdb that understands target descriptions. */
322 static int gdb_has_xml;
323
324 #ifdef CONFIG_USER_ONLY
325 /* XXX: This is not thread safe. Do we care? */
326 static int gdbserver_fd = -1;
327
328 static int get_char(GDBState *s)
329 {
330 uint8_t ch;
331 int ret;
332
333 for(;;) {
334 ret = qemu_recv(s->fd, &ch, 1, 0);
335 if (ret < 0) {
336 if (errno == ECONNRESET)
337 s->fd = -1;
338 if (errno != EINTR && errno != EAGAIN)
339 return -1;
340 } else if (ret == 0) {
341 close(s->fd);
342 s->fd = -1;
343 return -1;
344 } else {
345 break;
346 }
347 }
348 return ch;
349 }
350 #endif
351
352 static enum {
353 GDB_SYS_UNKNOWN,
354 GDB_SYS_ENABLED,
355 GDB_SYS_DISABLED,
356 } gdb_syscall_mode;
357
358 /* If gdb is connected when the first semihosting syscall occurs then use
359 remote gdb syscalls. Otherwise use native file IO. */
360 int use_gdb_syscalls(void)
361 {
362 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
363 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
364 : GDB_SYS_DISABLED);
365 }
366 return gdb_syscall_mode == GDB_SYS_ENABLED;
367 }
368
369 /* Resume execution. */
370 static inline void gdb_continue(GDBState *s)
371 {
372 #ifdef CONFIG_USER_ONLY
373 s->running_state = 1;
374 #else
375 if (runstate_check(RUN_STATE_GUEST_PANICKED)) {
376 runstate_set(RUN_STATE_DEBUG);
377 }
378 if (!runstate_needs_reset()) {
379 vm_start();
380 }
381 #endif
382 }
383
384 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
385 {
386 #ifdef CONFIG_USER_ONLY
387 int ret;
388
389 while (len > 0) {
390 ret = send(s->fd, buf, len, 0);
391 if (ret < 0) {
392 if (errno != EINTR && errno != EAGAIN)
393 return;
394 } else {
395 buf += ret;
396 len -= ret;
397 }
398 }
399 #else
400 qemu_chr_fe_write(s->chr, buf, len);
401 #endif
402 }
403
404 static inline int fromhex(int v)
405 {
406 if (v >= '0' && v <= '9')
407 return v - '0';
408 else if (v >= 'A' && v <= 'F')
409 return v - 'A' + 10;
410 else if (v >= 'a' && v <= 'f')
411 return v - 'a' + 10;
412 else
413 return 0;
414 }
415
416 static inline int tohex(int v)
417 {
418 if (v < 10)
419 return v + '0';
420 else
421 return v - 10 + 'a';
422 }
423
424 static void memtohex(char *buf, const uint8_t *mem, int len)
425 {
426 int i, c;
427 char *q;
428 q = buf;
429 for(i = 0; i < len; i++) {
430 c = mem[i];
431 *q++ = tohex(c >> 4);
432 *q++ = tohex(c & 0xf);
433 }
434 *q = '\0';
435 }
436
437 static void hextomem(uint8_t *mem, const char *buf, int len)
438 {
439 int i;
440
441 for(i = 0; i < len; i++) {
442 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
443 buf += 2;
444 }
445 }
446
447 /* return -1 if error, 0 if OK */
448 static int put_packet_binary(GDBState *s, const char *buf, int len)
449 {
450 int csum, i;
451 uint8_t *p;
452
453 for(;;) {
454 p = s->last_packet;
455 *(p++) = '$';
456 memcpy(p, buf, len);
457 p += len;
458 csum = 0;
459 for(i = 0; i < len; i++) {
460 csum += buf[i];
461 }
462 *(p++) = '#';
463 *(p++) = tohex((csum >> 4) & 0xf);
464 *(p++) = tohex((csum) & 0xf);
465
466 s->last_packet_len = p - s->last_packet;
467 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
468
469 #ifdef CONFIG_USER_ONLY
470 i = get_char(s);
471 if (i < 0)
472 return -1;
473 if (i == '+')
474 break;
475 #else
476 break;
477 #endif
478 }
479 return 0;
480 }
481
482 /* return -1 if error, 0 if OK */
483 static int put_packet(GDBState *s, const char *buf)
484 {
485 #ifdef DEBUG_GDB
486 printf("reply='%s'\n", buf);
487 #endif
488
489 return put_packet_binary(s, buf, strlen(buf));
490 }
491
492 /* The GDB remote protocol transfers values in target byte order. This means
493 we can use the raw memory access routines to access the value buffer.
494 Conveniently, these also handle the case where the buffer is mis-aligned.
495 */
496 #define GET_REG8(val) do { \
497 stb_p(mem_buf, val); \
498 return 1; \
499 } while(0)
500 #define GET_REG16(val) do { \
501 stw_p(mem_buf, val); \
502 return 2; \
503 } while(0)
504 #define GET_REG32(val) do { \
505 stl_p(mem_buf, val); \
506 return 4; \
507 } while(0)
508 #define GET_REG64(val) do { \
509 stq_p(mem_buf, val); \
510 return 8; \
511 } while(0)
512
513 #if TARGET_LONG_BITS == 64
514 #define GET_REGL(val) GET_REG64(val)
515 #define ldtul_p(addr) ldq_p(addr)
516 #else
517 #define GET_REGL(val) GET_REG32(val)
518 #define ldtul_p(addr) ldl_p(addr)
519 #endif
520
521 #if defined(TARGET_I386)
522
523 #include "target-i386/gdbstub.c"
524
525 #elif defined (TARGET_PPC)
526
527 #if defined (TARGET_PPC64)
528 #define GDB_CORE_XML "power64-core.xml"
529 #else
530 #define GDB_CORE_XML "power-core.xml"
531 #endif
532
533 #include "target-ppc/gdbstub.c"
534
535 #elif defined (TARGET_SPARC)
536
537 #include "target-sparc/gdbstub.c"
538
539 #elif defined (TARGET_ARM)
540
541 #define GDB_CORE_XML "arm-core.xml"
542
543 #include "target-arm/gdbstub.c"
544
545 #elif defined (TARGET_M68K)
546
547 #define GDB_CORE_XML "cf-core.xml"
548
549 #include "target-m68k/gdbstub.c"
550
551 #elif defined (TARGET_MIPS)
552
553 #include "target-mips/gdbstub.c"
554
555 #elif defined(TARGET_OPENRISC)
556
557 #include "target-openrisc/gdbstub.c"
558
559 #elif defined (TARGET_SH4)
560
561 #include "target-sh4/gdbstub.c"
562
563 #elif defined (TARGET_MICROBLAZE)
564
565 #include "target-microblaze/gdbstub.c"
566
567 #elif defined (TARGET_CRIS)
568
569 #include "target-cris/gdbstub.c"
570
571 #elif defined (TARGET_ALPHA)
572
573 #include "target-alpha/gdbstub.c"
574
575 #elif defined (TARGET_S390X)
576
577 #include "target-s390x/gdbstub.c"
578
579 #elif defined (TARGET_LM32)
580
581 #include "hw/lm32/lm32_pic.h"
582
583 static int cpu_gdb_read_register(CPULM32State *env, uint8_t *mem_buf, int n)
584 {
585 if (n < 32) {
586 GET_REG32(env->regs[n]);
587 } else {
588 switch (n) {
589 case 32:
590 GET_REG32(env->pc);
591 /* FIXME: put in right exception ID */
592 case 33:
593 GET_REG32(0);
594 case 34:
595 GET_REG32(env->eba);
596 case 35:
597 GET_REG32(env->deba);
598 case 36:
599 GET_REG32(env->ie);
600 case 37:
601 GET_REG32(lm32_pic_get_im(env->pic_state));
602 case 38:
603 GET_REG32(lm32_pic_get_ip(env->pic_state));
604 }
605 }
606 return 0;
607 }
608
609 static int cpu_gdb_write_register(CPULM32State *env, uint8_t *mem_buf, int n)
610 {
611 LM32CPU *cpu = lm32_env_get_cpu(env);
612 CPUClass *cc = CPU_GET_CLASS(cpu);
613 uint32_t tmp;
614
615 if (n > cc->gdb_num_core_regs) {
616 return 0;
617 }
618
619 tmp = ldl_p(mem_buf);
620
621 if (n < 32) {
622 env->regs[n] = tmp;
623 } else {
624 switch (n) {
625 case 32:
626 env->pc = tmp;
627 break;
628 case 34:
629 env->eba = tmp;
630 break;
631 case 35:
632 env->deba = tmp;
633 break;
634 case 36:
635 env->ie = tmp;
636 break;
637 case 37:
638 lm32_pic_set_im(env->pic_state, tmp);
639 break;
640 case 38:
641 lm32_pic_set_ip(env->pic_state, tmp);
642 break;
643 }
644 }
645 return 4;
646 }
647 #elif defined(TARGET_XTENSA)
648
649 static int cpu_gdb_read_register(CPUXtensaState *env, uint8_t *mem_buf, int n)
650 {
651 const XtensaGdbReg *reg = env->config->gdb_regmap.reg + n;
652
653 if (n < 0 || n >= env->config->gdb_regmap.num_regs) {
654 return 0;
655 }
656
657 switch (reg->type) {
658 case 9: /*pc*/
659 GET_REG32(env->pc);
660
661 case 1: /*ar*/
662 xtensa_sync_phys_from_window(env);
663 GET_REG32(env->phys_regs[(reg->targno & 0xff) % env->config->nareg]);
664
665 case 2: /*SR*/
666 GET_REG32(env->sregs[reg->targno & 0xff]);
667
668 case 3: /*UR*/
669 GET_REG32(env->uregs[reg->targno & 0xff]);
670
671 case 4: /*f*/
672 GET_REG32(float32_val(env->fregs[reg->targno & 0x0f]));
673
674 case 8: /*a*/
675 GET_REG32(env->regs[reg->targno & 0x0f]);
676
677 default:
678 qemu_log("%s from reg %d of unsupported type %d\n",
679 __func__, n, reg->type);
680 return 0;
681 }
682 }
683
684 static int cpu_gdb_write_register(CPUXtensaState *env, uint8_t *mem_buf, int n)
685 {
686 uint32_t tmp;
687 const XtensaGdbReg *reg = env->config->gdb_regmap.reg + n;
688
689 if (n < 0 || n >= env->config->gdb_regmap.num_regs) {
690 return 0;
691 }
692
693 tmp = ldl_p(mem_buf);
694
695 switch (reg->type) {
696 case 9: /*pc*/
697 env->pc = tmp;
698 break;
699
700 case 1: /*ar*/
701 env->phys_regs[(reg->targno & 0xff) % env->config->nareg] = tmp;
702 xtensa_sync_window_from_phys(env);
703 break;
704
705 case 2: /*SR*/
706 env->sregs[reg->targno & 0xff] = tmp;
707 break;
708
709 case 3: /*UR*/
710 env->uregs[reg->targno & 0xff] = tmp;
711 break;
712
713 case 4: /*f*/
714 env->fregs[reg->targno & 0x0f] = make_float32(tmp);
715 break;
716
717 case 8: /*a*/
718 env->regs[reg->targno & 0x0f] = tmp;
719 break;
720
721 default:
722 qemu_log("%s to reg %d of unsupported type %d\n",
723 __func__, n, reg->type);
724 return 0;
725 }
726
727 return 4;
728 }
729 #else
730
731 static int cpu_gdb_read_register(CPUArchState *env, uint8_t *mem_buf, int n)
732 {
733 return 0;
734 }
735
736 static int cpu_gdb_write_register(CPUArchState *env, uint8_t *mem_buf, int n)
737 {
738 return 0;
739 }
740
741 #endif
742
743 #ifdef GDB_CORE_XML
744 /* Encode data using the encoding for 'x' packets. */
745 static int memtox(char *buf, const char *mem, int len)
746 {
747 char *p = buf;
748 char c;
749
750 while (len--) {
751 c = *(mem++);
752 switch (c) {
753 case '#': case '$': case '*': case '}':
754 *(p++) = '}';
755 *(p++) = c ^ 0x20;
756 break;
757 default:
758 *(p++) = c;
759 break;
760 }
761 }
762 return p - buf;
763 }
764
765 static const char *get_feature_xml(const char *p, const char **newp)
766 {
767 size_t len;
768 int i;
769 const char *name;
770 static char target_xml[1024];
771
772 len = 0;
773 while (p[len] && p[len] != ':')
774 len++;
775 *newp = p + len;
776
777 name = NULL;
778 if (strncmp(p, "target.xml", len) == 0) {
779 /* Generate the XML description for this CPU. */
780 if (!target_xml[0]) {
781 GDBRegisterState *r;
782 CPUState *cpu = first_cpu;
783
784 snprintf(target_xml, sizeof(target_xml),
785 "<?xml version=\"1.0\"?>"
786 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
787 "<target>"
788 "<xi:include href=\"%s\"/>",
789 GDB_CORE_XML);
790
791 for (r = cpu->gdb_regs; r; r = r->next) {
792 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
793 pstrcat(target_xml, sizeof(target_xml), r->xml);
794 pstrcat(target_xml, sizeof(target_xml), "\"/>");
795 }
796 pstrcat(target_xml, sizeof(target_xml), "</target>");
797 }
798 return target_xml;
799 }
800 for (i = 0; ; i++) {
801 name = xml_builtin[i][0];
802 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
803 break;
804 }
805 return name ? xml_builtin[i][1] : NULL;
806 }
807 #endif
808
809 static int gdb_read_register(CPUState *cpu, uint8_t *mem_buf, int reg)
810 {
811 CPUClass *cc = CPU_GET_CLASS(cpu);
812 CPUArchState *env = cpu->env_ptr;
813 GDBRegisterState *r;
814
815 if (reg < cc->gdb_num_core_regs) {
816 return cpu_gdb_read_register(env, mem_buf, reg);
817 }
818
819 for (r = cpu->gdb_regs; r; r = r->next) {
820 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
821 return r->get_reg(env, mem_buf, reg - r->base_reg);
822 }
823 }
824 return 0;
825 }
826
827 static int gdb_write_register(CPUState *cpu, uint8_t *mem_buf, int reg)
828 {
829 CPUClass *cc = CPU_GET_CLASS(cpu);
830 CPUArchState *env = cpu->env_ptr;
831 GDBRegisterState *r;
832
833 if (reg < cc->gdb_num_core_regs) {
834 return cpu_gdb_write_register(env, mem_buf, reg);
835 }
836
837 for (r = cpu->gdb_regs; r; r = r->next) {
838 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
839 return r->set_reg(env, mem_buf, reg - r->base_reg);
840 }
841 }
842 return 0;
843 }
844
845 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
846 specifies the first register number and these registers are included in
847 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
848 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
849 */
850
851 void gdb_register_coprocessor(CPUState *cpu,
852 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
853 int num_regs, const char *xml, int g_pos)
854 {
855 GDBRegisterState *s;
856 GDBRegisterState **p;
857
858 p = &cpu->gdb_regs;
859 while (*p) {
860 /* Check for duplicates. */
861 if (strcmp((*p)->xml, xml) == 0)
862 return;
863 p = &(*p)->next;
864 }
865
866 s = g_new0(GDBRegisterState, 1);
867 s->base_reg = cpu->gdb_num_regs;
868 s->num_regs = num_regs;
869 s->get_reg = get_reg;
870 s->set_reg = set_reg;
871 s->xml = xml;
872
873 /* Add to end of list. */
874 cpu->gdb_num_regs += num_regs;
875 *p = s;
876 if (g_pos) {
877 if (g_pos != s->base_reg) {
878 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
879 "Expected %d got %d\n", xml, g_pos, s->base_reg);
880 }
881 }
882 }
883
884 #ifndef CONFIG_USER_ONLY
885 static const int xlat_gdb_type[] = {
886 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
887 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
888 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
889 };
890 #endif
891
892 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
893 {
894 CPUState *cpu;
895 CPUArchState *env;
896 int err = 0;
897
898 if (kvm_enabled()) {
899 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
900 }
901
902 switch (type) {
903 case GDB_BREAKPOINT_SW:
904 case GDB_BREAKPOINT_HW:
905 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
906 env = cpu->env_ptr;
907 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
908 if (err)
909 break;
910 }
911 return err;
912 #ifndef CONFIG_USER_ONLY
913 case GDB_WATCHPOINT_WRITE:
914 case GDB_WATCHPOINT_READ:
915 case GDB_WATCHPOINT_ACCESS:
916 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
917 env = cpu->env_ptr;
918 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
919 NULL);
920 if (err)
921 break;
922 }
923 return err;
924 #endif
925 default:
926 return -ENOSYS;
927 }
928 }
929
930 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
931 {
932 CPUState *cpu;
933 CPUArchState *env;
934 int err = 0;
935
936 if (kvm_enabled()) {
937 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
938 }
939
940 switch (type) {
941 case GDB_BREAKPOINT_SW:
942 case GDB_BREAKPOINT_HW:
943 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
944 env = cpu->env_ptr;
945 err = cpu_breakpoint_remove(env, addr, BP_GDB);
946 if (err)
947 break;
948 }
949 return err;
950 #ifndef CONFIG_USER_ONLY
951 case GDB_WATCHPOINT_WRITE:
952 case GDB_WATCHPOINT_READ:
953 case GDB_WATCHPOINT_ACCESS:
954 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
955 env = cpu->env_ptr;
956 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
957 if (err)
958 break;
959 }
960 return err;
961 #endif
962 default:
963 return -ENOSYS;
964 }
965 }
966
967 static void gdb_breakpoint_remove_all(void)
968 {
969 CPUState *cpu;
970 CPUArchState *env;
971
972 if (kvm_enabled()) {
973 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
974 return;
975 }
976
977 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
978 env = cpu->env_ptr;
979 cpu_breakpoint_remove_all(env, BP_GDB);
980 #ifndef CONFIG_USER_ONLY
981 cpu_watchpoint_remove_all(env, BP_GDB);
982 #endif
983 }
984 }
985
986 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
987 {
988 CPUState *cpu = s->c_cpu;
989 CPUClass *cc = CPU_GET_CLASS(cpu);
990
991 cpu_synchronize_state(cpu);
992 if (cc->set_pc) {
993 cc->set_pc(cpu, pc);
994 }
995 }
996
997 static CPUState *find_cpu(uint32_t thread_id)
998 {
999 CPUState *cpu;
1000
1001 for (cpu = first_cpu; cpu != NULL; cpu = cpu->next_cpu) {
1002 if (cpu_index(cpu) == thread_id) {
1003 return cpu;
1004 }
1005 }
1006
1007 return NULL;
1008 }
1009
1010 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1011 {
1012 CPUState *cpu;
1013 const char *p;
1014 uint32_t thread;
1015 int ch, reg_size, type, res;
1016 char buf[MAX_PACKET_LENGTH];
1017 uint8_t mem_buf[MAX_PACKET_LENGTH];
1018 uint8_t *registers;
1019 target_ulong addr, len;
1020
1021 #ifdef DEBUG_GDB
1022 printf("command='%s'\n", line_buf);
1023 #endif
1024 p = line_buf;
1025 ch = *p++;
1026 switch(ch) {
1027 case '?':
1028 /* TODO: Make this return the correct value for user-mode. */
1029 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
1030 cpu_index(s->c_cpu));
1031 put_packet(s, buf);
1032 /* Remove all the breakpoints when this query is issued,
1033 * because gdb is doing and initial connect and the state
1034 * should be cleaned up.
1035 */
1036 gdb_breakpoint_remove_all();
1037 break;
1038 case 'c':
1039 if (*p != '\0') {
1040 addr = strtoull(p, (char **)&p, 16);
1041 gdb_set_cpu_pc(s, addr);
1042 }
1043 s->signal = 0;
1044 gdb_continue(s);
1045 return RS_IDLE;
1046 case 'C':
1047 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1048 if (s->signal == -1)
1049 s->signal = 0;
1050 gdb_continue(s);
1051 return RS_IDLE;
1052 case 'v':
1053 if (strncmp(p, "Cont", 4) == 0) {
1054 int res_signal, res_thread;
1055
1056 p += 4;
1057 if (*p == '?') {
1058 put_packet(s, "vCont;c;C;s;S");
1059 break;
1060 }
1061 res = 0;
1062 res_signal = 0;
1063 res_thread = 0;
1064 while (*p) {
1065 int action, signal;
1066
1067 if (*p++ != ';') {
1068 res = 0;
1069 break;
1070 }
1071 action = *p++;
1072 signal = 0;
1073 if (action == 'C' || action == 'S') {
1074 signal = strtoul(p, (char **)&p, 16);
1075 } else if (action != 'c' && action != 's') {
1076 res = 0;
1077 break;
1078 }
1079 thread = 0;
1080 if (*p == ':') {
1081 thread = strtoull(p+1, (char **)&p, 16);
1082 }
1083 action = tolower(action);
1084 if (res == 0 || (res == 'c' && action == 's')) {
1085 res = action;
1086 res_signal = signal;
1087 res_thread = thread;
1088 }
1089 }
1090 if (res) {
1091 if (res_thread != -1 && res_thread != 0) {
1092 cpu = find_cpu(res_thread);
1093 if (cpu == NULL) {
1094 put_packet(s, "E22");
1095 break;
1096 }
1097 s->c_cpu = cpu;
1098 }
1099 if (res == 's') {
1100 cpu_single_step(s->c_cpu, sstep_flags);
1101 }
1102 s->signal = res_signal;
1103 gdb_continue(s);
1104 return RS_IDLE;
1105 }
1106 break;
1107 } else {
1108 goto unknown_command;
1109 }
1110 case 'k':
1111 #ifdef CONFIG_USER_ONLY
1112 /* Kill the target */
1113 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
1114 exit(0);
1115 #endif
1116 case 'D':
1117 /* Detach packet */
1118 gdb_breakpoint_remove_all();
1119 gdb_syscall_mode = GDB_SYS_DISABLED;
1120 gdb_continue(s);
1121 put_packet(s, "OK");
1122 break;
1123 case 's':
1124 if (*p != '\0') {
1125 addr = strtoull(p, (char **)&p, 16);
1126 gdb_set_cpu_pc(s, addr);
1127 }
1128 cpu_single_step(s->c_cpu, sstep_flags);
1129 gdb_continue(s);
1130 return RS_IDLE;
1131 case 'F':
1132 {
1133 target_ulong ret;
1134 target_ulong err;
1135
1136 ret = strtoull(p, (char **)&p, 16);
1137 if (*p == ',') {
1138 p++;
1139 err = strtoull(p, (char **)&p, 16);
1140 } else {
1141 err = 0;
1142 }
1143 if (*p == ',')
1144 p++;
1145 type = *p;
1146 if (s->current_syscall_cb) {
1147 s->current_syscall_cb(s->c_cpu, ret, err);
1148 s->current_syscall_cb = NULL;
1149 }
1150 if (type == 'C') {
1151 put_packet(s, "T02");
1152 } else {
1153 gdb_continue(s);
1154 }
1155 }
1156 break;
1157 case 'g':
1158 cpu_synchronize_state(s->g_cpu);
1159 len = 0;
1160 for (addr = 0; addr < s->g_cpu->gdb_num_regs; addr++) {
1161 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1162 len += reg_size;
1163 }
1164 memtohex(buf, mem_buf, len);
1165 put_packet(s, buf);
1166 break;
1167 case 'G':
1168 cpu_synchronize_state(s->g_cpu);
1169 registers = mem_buf;
1170 len = strlen(p) / 2;
1171 hextomem((uint8_t *)registers, p, len);
1172 for (addr = 0; addr < s->g_cpu->gdb_num_regs && len > 0; addr++) {
1173 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1174 len -= reg_size;
1175 registers += reg_size;
1176 }
1177 put_packet(s, "OK");
1178 break;
1179 case 'm':
1180 addr = strtoull(p, (char **)&p, 16);
1181 if (*p == ',')
1182 p++;
1183 len = strtoull(p, NULL, 16);
1184 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, false) != 0) {
1185 put_packet (s, "E14");
1186 } else {
1187 memtohex(buf, mem_buf, len);
1188 put_packet(s, buf);
1189 }
1190 break;
1191 case 'M':
1192 addr = strtoull(p, (char **)&p, 16);
1193 if (*p == ',')
1194 p++;
1195 len = strtoull(p, (char **)&p, 16);
1196 if (*p == ':')
1197 p++;
1198 hextomem(mem_buf, p, len);
1199 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len,
1200 true) != 0) {
1201 put_packet(s, "E14");
1202 } else {
1203 put_packet(s, "OK");
1204 }
1205 break;
1206 case 'p':
1207 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1208 This works, but can be very slow. Anything new enough to
1209 understand XML also knows how to use this properly. */
1210 if (!gdb_has_xml)
1211 goto unknown_command;
1212 addr = strtoull(p, (char **)&p, 16);
1213 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1214 if (reg_size) {
1215 memtohex(buf, mem_buf, reg_size);
1216 put_packet(s, buf);
1217 } else {
1218 put_packet(s, "E14");
1219 }
1220 break;
1221 case 'P':
1222 if (!gdb_has_xml)
1223 goto unknown_command;
1224 addr = strtoull(p, (char **)&p, 16);
1225 if (*p == '=')
1226 p++;
1227 reg_size = strlen(p) / 2;
1228 hextomem(mem_buf, p, reg_size);
1229 gdb_write_register(s->g_cpu, mem_buf, addr);
1230 put_packet(s, "OK");
1231 break;
1232 case 'Z':
1233 case 'z':
1234 type = strtoul(p, (char **)&p, 16);
1235 if (*p == ',')
1236 p++;
1237 addr = strtoull(p, (char **)&p, 16);
1238 if (*p == ',')
1239 p++;
1240 len = strtoull(p, (char **)&p, 16);
1241 if (ch == 'Z')
1242 res = gdb_breakpoint_insert(addr, len, type);
1243 else
1244 res = gdb_breakpoint_remove(addr, len, type);
1245 if (res >= 0)
1246 put_packet(s, "OK");
1247 else if (res == -ENOSYS)
1248 put_packet(s, "");
1249 else
1250 put_packet(s, "E22");
1251 break;
1252 case 'H':
1253 type = *p++;
1254 thread = strtoull(p, (char **)&p, 16);
1255 if (thread == -1 || thread == 0) {
1256 put_packet(s, "OK");
1257 break;
1258 }
1259 cpu = find_cpu(thread);
1260 if (cpu == NULL) {
1261 put_packet(s, "E22");
1262 break;
1263 }
1264 switch (type) {
1265 case 'c':
1266 s->c_cpu = cpu;
1267 put_packet(s, "OK");
1268 break;
1269 case 'g':
1270 s->g_cpu = cpu;
1271 put_packet(s, "OK");
1272 break;
1273 default:
1274 put_packet(s, "E22");
1275 break;
1276 }
1277 break;
1278 case 'T':
1279 thread = strtoull(p, (char **)&p, 16);
1280 cpu = find_cpu(thread);
1281
1282 if (cpu != NULL) {
1283 put_packet(s, "OK");
1284 } else {
1285 put_packet(s, "E22");
1286 }
1287 break;
1288 case 'q':
1289 case 'Q':
1290 /* parse any 'q' packets here */
1291 if (!strcmp(p,"qemu.sstepbits")) {
1292 /* Query Breakpoint bit definitions */
1293 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1294 SSTEP_ENABLE,
1295 SSTEP_NOIRQ,
1296 SSTEP_NOTIMER);
1297 put_packet(s, buf);
1298 break;
1299 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1300 /* Display or change the sstep_flags */
1301 p += 10;
1302 if (*p != '=') {
1303 /* Display current setting */
1304 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1305 put_packet(s, buf);
1306 break;
1307 }
1308 p++;
1309 type = strtoul(p, (char **)&p, 16);
1310 sstep_flags = type;
1311 put_packet(s, "OK");
1312 break;
1313 } else if (strcmp(p,"C") == 0) {
1314 /* "Current thread" remains vague in the spec, so always return
1315 * the first CPU (gdb returns the first thread). */
1316 put_packet(s, "QC1");
1317 break;
1318 } else if (strcmp(p,"fThreadInfo") == 0) {
1319 s->query_cpu = first_cpu;
1320 goto report_cpuinfo;
1321 } else if (strcmp(p,"sThreadInfo") == 0) {
1322 report_cpuinfo:
1323 if (s->query_cpu) {
1324 snprintf(buf, sizeof(buf), "m%x", cpu_index(s->query_cpu));
1325 put_packet(s, buf);
1326 s->query_cpu = s->query_cpu->next_cpu;
1327 } else
1328 put_packet(s, "l");
1329 break;
1330 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1331 thread = strtoull(p+16, (char **)&p, 16);
1332 cpu = find_cpu(thread);
1333 if (cpu != NULL) {
1334 cpu_synchronize_state(cpu);
1335 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1336 "CPU#%d [%s]", cpu->cpu_index,
1337 cpu->halted ? "halted " : "running");
1338 memtohex(buf, mem_buf, len);
1339 put_packet(s, buf);
1340 }
1341 break;
1342 }
1343 #ifdef CONFIG_USER_ONLY
1344 else if (strncmp(p, "Offsets", 7) == 0) {
1345 CPUArchState *env = s->c_cpu->env_ptr;
1346 TaskState *ts = env->opaque;
1347
1348 snprintf(buf, sizeof(buf),
1349 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1350 ";Bss=" TARGET_ABI_FMT_lx,
1351 ts->info->code_offset,
1352 ts->info->data_offset,
1353 ts->info->data_offset);
1354 put_packet(s, buf);
1355 break;
1356 }
1357 #else /* !CONFIG_USER_ONLY */
1358 else if (strncmp(p, "Rcmd,", 5) == 0) {
1359 int len = strlen(p + 5);
1360
1361 if ((len % 2) != 0) {
1362 put_packet(s, "E01");
1363 break;
1364 }
1365 hextomem(mem_buf, p + 5, len);
1366 len = len / 2;
1367 mem_buf[len++] = 0;
1368 qemu_chr_be_write(s->mon_chr, mem_buf, len);
1369 put_packet(s, "OK");
1370 break;
1371 }
1372 #endif /* !CONFIG_USER_ONLY */
1373 if (strncmp(p, "Supported", 9) == 0) {
1374 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1375 #ifdef GDB_CORE_XML
1376 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
1377 #endif
1378 put_packet(s, buf);
1379 break;
1380 }
1381 #ifdef GDB_CORE_XML
1382 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1383 const char *xml;
1384 target_ulong total_len;
1385
1386 gdb_has_xml = 1;
1387 p += 19;
1388 xml = get_feature_xml(p, &p);
1389 if (!xml) {
1390 snprintf(buf, sizeof(buf), "E00");
1391 put_packet(s, buf);
1392 break;
1393 }
1394
1395 if (*p == ':')
1396 p++;
1397 addr = strtoul(p, (char **)&p, 16);
1398 if (*p == ',')
1399 p++;
1400 len = strtoul(p, (char **)&p, 16);
1401
1402 total_len = strlen(xml);
1403 if (addr > total_len) {
1404 snprintf(buf, sizeof(buf), "E00");
1405 put_packet(s, buf);
1406 break;
1407 }
1408 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1409 len = (MAX_PACKET_LENGTH - 5) / 2;
1410 if (len < total_len - addr) {
1411 buf[0] = 'm';
1412 len = memtox(buf + 1, xml + addr, len);
1413 } else {
1414 buf[0] = 'l';
1415 len = memtox(buf + 1, xml + addr, total_len - addr);
1416 }
1417 put_packet_binary(s, buf, len + 1);
1418 break;
1419 }
1420 #endif
1421 /* Unrecognised 'q' command. */
1422 goto unknown_command;
1423
1424 default:
1425 unknown_command:
1426 /* put empty packet */
1427 buf[0] = '\0';
1428 put_packet(s, buf);
1429 break;
1430 }
1431 return RS_IDLE;
1432 }
1433
1434 void gdb_set_stop_cpu(CPUState *cpu)
1435 {
1436 gdbserver_state->c_cpu = cpu;
1437 gdbserver_state->g_cpu = cpu;
1438 }
1439
1440 #ifndef CONFIG_USER_ONLY
1441 static void gdb_vm_state_change(void *opaque, int running, RunState state)
1442 {
1443 GDBState *s = gdbserver_state;
1444 CPUArchState *env = s->c_cpu->env_ptr;
1445 CPUState *cpu = s->c_cpu;
1446 char buf[256];
1447 const char *type;
1448 int ret;
1449
1450 if (running || s->state == RS_INACTIVE) {
1451 return;
1452 }
1453 /* Is there a GDB syscall waiting to be sent? */
1454 if (s->current_syscall_cb) {
1455 put_packet(s, s->syscall_buf);
1456 return;
1457 }
1458 switch (state) {
1459 case RUN_STATE_DEBUG:
1460 if (env->watchpoint_hit) {
1461 switch (env->watchpoint_hit->flags & BP_MEM_ACCESS) {
1462 case BP_MEM_READ:
1463 type = "r";
1464 break;
1465 case BP_MEM_ACCESS:
1466 type = "a";
1467 break;
1468 default:
1469 type = "";
1470 break;
1471 }
1472 snprintf(buf, sizeof(buf),
1473 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1474 GDB_SIGNAL_TRAP, cpu_index(cpu), type,
1475 env->watchpoint_hit->vaddr);
1476 env->watchpoint_hit = NULL;
1477 goto send_packet;
1478 }
1479 tb_flush(env);
1480 ret = GDB_SIGNAL_TRAP;
1481 break;
1482 case RUN_STATE_PAUSED:
1483 ret = GDB_SIGNAL_INT;
1484 break;
1485 case RUN_STATE_SHUTDOWN:
1486 ret = GDB_SIGNAL_QUIT;
1487 break;
1488 case RUN_STATE_IO_ERROR:
1489 ret = GDB_SIGNAL_IO;
1490 break;
1491 case RUN_STATE_WATCHDOG:
1492 ret = GDB_SIGNAL_ALRM;
1493 break;
1494 case RUN_STATE_INTERNAL_ERROR:
1495 ret = GDB_SIGNAL_ABRT;
1496 break;
1497 case RUN_STATE_SAVE_VM:
1498 case RUN_STATE_RESTORE_VM:
1499 return;
1500 case RUN_STATE_FINISH_MIGRATE:
1501 ret = GDB_SIGNAL_XCPU;
1502 break;
1503 default:
1504 ret = GDB_SIGNAL_UNKNOWN;
1505 break;
1506 }
1507 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, cpu_index(cpu));
1508
1509 send_packet:
1510 put_packet(s, buf);
1511
1512 /* disable single step if it was enabled */
1513 cpu_single_step(cpu, 0);
1514 }
1515 #endif
1516
1517 /* Send a gdb syscall request.
1518 This accepts limited printf-style format specifiers, specifically:
1519 %x - target_ulong argument printed in hex.
1520 %lx - 64-bit argument printed in hex.
1521 %s - string pointer (target_ulong) and length (int) pair. */
1522 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1523 {
1524 va_list va;
1525 char *p;
1526 char *p_end;
1527 target_ulong addr;
1528 uint64_t i64;
1529 GDBState *s;
1530
1531 s = gdbserver_state;
1532 if (!s)
1533 return;
1534 s->current_syscall_cb = cb;
1535 #ifndef CONFIG_USER_ONLY
1536 vm_stop(RUN_STATE_DEBUG);
1537 #endif
1538 va_start(va, fmt);
1539 p = s->syscall_buf;
1540 p_end = &s->syscall_buf[sizeof(s->syscall_buf)];
1541 *(p++) = 'F';
1542 while (*fmt) {
1543 if (*fmt == '%') {
1544 fmt++;
1545 switch (*fmt++) {
1546 case 'x':
1547 addr = va_arg(va, target_ulong);
1548 p += snprintf(p, p_end - p, TARGET_FMT_lx, addr);
1549 break;
1550 case 'l':
1551 if (*(fmt++) != 'x')
1552 goto bad_format;
1553 i64 = va_arg(va, uint64_t);
1554 p += snprintf(p, p_end - p, "%" PRIx64, i64);
1555 break;
1556 case 's':
1557 addr = va_arg(va, target_ulong);
1558 p += snprintf(p, p_end - p, TARGET_FMT_lx "/%x",
1559 addr, va_arg(va, int));
1560 break;
1561 default:
1562 bad_format:
1563 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1564 fmt - 1);
1565 break;
1566 }
1567 } else {
1568 *(p++) = *(fmt++);
1569 }
1570 }
1571 *p = 0;
1572 va_end(va);
1573 #ifdef CONFIG_USER_ONLY
1574 put_packet(s, s->syscall_buf);
1575 gdb_handlesig(s->c_cpu, 0);
1576 #else
1577 /* In this case wait to send the syscall packet until notification that
1578 the CPU has stopped. This must be done because if the packet is sent
1579 now the reply from the syscall request could be received while the CPU
1580 is still in the running state, which can cause packets to be dropped
1581 and state transition 'T' packets to be sent while the syscall is still
1582 being processed. */
1583 cpu_exit(s->c_cpu);
1584 #endif
1585 }
1586
1587 static void gdb_read_byte(GDBState *s, int ch)
1588 {
1589 int i, csum;
1590 uint8_t reply;
1591
1592 #ifndef CONFIG_USER_ONLY
1593 if (s->last_packet_len) {
1594 /* Waiting for a response to the last packet. If we see the start
1595 of a new command then abandon the previous response. */
1596 if (ch == '-') {
1597 #ifdef DEBUG_GDB
1598 printf("Got NACK, retransmitting\n");
1599 #endif
1600 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1601 }
1602 #ifdef DEBUG_GDB
1603 else if (ch == '+')
1604 printf("Got ACK\n");
1605 else
1606 printf("Got '%c' when expecting ACK/NACK\n", ch);
1607 #endif
1608 if (ch == '+' || ch == '$')
1609 s->last_packet_len = 0;
1610 if (ch != '$')
1611 return;
1612 }
1613 if (runstate_is_running()) {
1614 /* when the CPU is running, we cannot do anything except stop
1615 it when receiving a char */
1616 vm_stop(RUN_STATE_PAUSED);
1617 } else
1618 #endif
1619 {
1620 switch(s->state) {
1621 case RS_IDLE:
1622 if (ch == '$') {
1623 s->line_buf_index = 0;
1624 s->state = RS_GETLINE;
1625 }
1626 break;
1627 case RS_GETLINE:
1628 if (ch == '#') {
1629 s->state = RS_CHKSUM1;
1630 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1631 s->state = RS_IDLE;
1632 } else {
1633 s->line_buf[s->line_buf_index++] = ch;
1634 }
1635 break;
1636 case RS_CHKSUM1:
1637 s->line_buf[s->line_buf_index] = '\0';
1638 s->line_csum = fromhex(ch) << 4;
1639 s->state = RS_CHKSUM2;
1640 break;
1641 case RS_CHKSUM2:
1642 s->line_csum |= fromhex(ch);
1643 csum = 0;
1644 for(i = 0; i < s->line_buf_index; i++) {
1645 csum += s->line_buf[i];
1646 }
1647 if (s->line_csum != (csum & 0xff)) {
1648 reply = '-';
1649 put_buffer(s, &reply, 1);
1650 s->state = RS_IDLE;
1651 } else {
1652 reply = '+';
1653 put_buffer(s, &reply, 1);
1654 s->state = gdb_handle_packet(s, s->line_buf);
1655 }
1656 break;
1657 default:
1658 abort();
1659 }
1660 }
1661 }
1662
1663 /* Tell the remote gdb that the process has exited. */
1664 void gdb_exit(CPUArchState *env, int code)
1665 {
1666 GDBState *s;
1667 char buf[4];
1668
1669 s = gdbserver_state;
1670 if (!s) {
1671 return;
1672 }
1673 #ifdef CONFIG_USER_ONLY
1674 if (gdbserver_fd < 0 || s->fd < 0) {
1675 return;
1676 }
1677 #endif
1678
1679 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
1680 put_packet(s, buf);
1681
1682 #ifndef CONFIG_USER_ONLY
1683 if (s->chr) {
1684 qemu_chr_delete(s->chr);
1685 }
1686 #endif
1687 }
1688
1689 #ifdef CONFIG_USER_ONLY
1690 int
1691 gdb_queuesig (void)
1692 {
1693 GDBState *s;
1694
1695 s = gdbserver_state;
1696
1697 if (gdbserver_fd < 0 || s->fd < 0)
1698 return 0;
1699 else
1700 return 1;
1701 }
1702
1703 int
1704 gdb_handlesig(CPUState *cpu, int sig)
1705 {
1706 CPUArchState *env = cpu->env_ptr;
1707 GDBState *s;
1708 char buf[256];
1709 int n;
1710
1711 s = gdbserver_state;
1712 if (gdbserver_fd < 0 || s->fd < 0) {
1713 return sig;
1714 }
1715
1716 /* disable single step if it was enabled */
1717 cpu_single_step(cpu, 0);
1718 tb_flush(env);
1719
1720 if (sig != 0) {
1721 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb(sig));
1722 put_packet(s, buf);
1723 }
1724 /* put_packet() might have detected that the peer terminated the
1725 connection. */
1726 if (s->fd < 0) {
1727 return sig;
1728 }
1729
1730 sig = 0;
1731 s->state = RS_IDLE;
1732 s->running_state = 0;
1733 while (s->running_state == 0) {
1734 n = read(s->fd, buf, 256);
1735 if (n > 0) {
1736 int i;
1737
1738 for (i = 0; i < n; i++) {
1739 gdb_read_byte(s, buf[i]);
1740 }
1741 } else if (n == 0 || errno != EAGAIN) {
1742 /* XXX: Connection closed. Should probably wait for another
1743 connection before continuing. */
1744 return sig;
1745 }
1746 }
1747 sig = s->signal;
1748 s->signal = 0;
1749 return sig;
1750 }
1751
1752 /* Tell the remote gdb that the process has exited due to SIG. */
1753 void gdb_signalled(CPUArchState *env, int sig)
1754 {
1755 GDBState *s;
1756 char buf[4];
1757
1758 s = gdbserver_state;
1759 if (gdbserver_fd < 0 || s->fd < 0) {
1760 return;
1761 }
1762
1763 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb(sig));
1764 put_packet(s, buf);
1765 }
1766
1767 static void gdb_accept(void)
1768 {
1769 GDBState *s;
1770 struct sockaddr_in sockaddr;
1771 socklen_t len;
1772 int fd;
1773
1774 for(;;) {
1775 len = sizeof(sockaddr);
1776 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1777 if (fd < 0 && errno != EINTR) {
1778 perror("accept");
1779 return;
1780 } else if (fd >= 0) {
1781 #ifndef _WIN32
1782 fcntl(fd, F_SETFD, FD_CLOEXEC);
1783 #endif
1784 break;
1785 }
1786 }
1787
1788 /* set short latency */
1789 socket_set_nodelay(fd);
1790
1791 s = g_malloc0(sizeof(GDBState));
1792 s->c_cpu = first_cpu;
1793 s->g_cpu = first_cpu;
1794 s->fd = fd;
1795 gdb_has_xml = 0;
1796
1797 gdbserver_state = s;
1798
1799 fcntl(fd, F_SETFL, O_NONBLOCK);
1800 }
1801
1802 static int gdbserver_open(int port)
1803 {
1804 struct sockaddr_in sockaddr;
1805 int fd, val, ret;
1806
1807 fd = socket(PF_INET, SOCK_STREAM, 0);
1808 if (fd < 0) {
1809 perror("socket");
1810 return -1;
1811 }
1812 #ifndef _WIN32
1813 fcntl(fd, F_SETFD, FD_CLOEXEC);
1814 #endif
1815
1816 /* allow fast reuse */
1817 val = 1;
1818 qemu_setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, &val, sizeof(val));
1819
1820 sockaddr.sin_family = AF_INET;
1821 sockaddr.sin_port = htons(port);
1822 sockaddr.sin_addr.s_addr = 0;
1823 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1824 if (ret < 0) {
1825 perror("bind");
1826 close(fd);
1827 return -1;
1828 }
1829 ret = listen(fd, 0);
1830 if (ret < 0) {
1831 perror("listen");
1832 close(fd);
1833 return -1;
1834 }
1835 return fd;
1836 }
1837
1838 int gdbserver_start(int port)
1839 {
1840 gdbserver_fd = gdbserver_open(port);
1841 if (gdbserver_fd < 0)
1842 return -1;
1843 /* accept connections */
1844 gdb_accept();
1845 return 0;
1846 }
1847
1848 /* Disable gdb stub for child processes. */
1849 void gdbserver_fork(CPUArchState *env)
1850 {
1851 GDBState *s = gdbserver_state;
1852 if (gdbserver_fd < 0 || s->fd < 0)
1853 return;
1854 close(s->fd);
1855 s->fd = -1;
1856 cpu_breakpoint_remove_all(env, BP_GDB);
1857 cpu_watchpoint_remove_all(env, BP_GDB);
1858 }
1859 #else
1860 static int gdb_chr_can_receive(void *opaque)
1861 {
1862 /* We can handle an arbitrarily large amount of data.
1863 Pick the maximum packet size, which is as good as anything. */
1864 return MAX_PACKET_LENGTH;
1865 }
1866
1867 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1868 {
1869 int i;
1870
1871 for (i = 0; i < size; i++) {
1872 gdb_read_byte(gdbserver_state, buf[i]);
1873 }
1874 }
1875
1876 static void gdb_chr_event(void *opaque, int event)
1877 {
1878 switch (event) {
1879 case CHR_EVENT_OPENED:
1880 vm_stop(RUN_STATE_PAUSED);
1881 gdb_has_xml = 0;
1882 break;
1883 default:
1884 break;
1885 }
1886 }
1887
1888 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
1889 {
1890 char buf[MAX_PACKET_LENGTH];
1891
1892 buf[0] = 'O';
1893 if (len > (MAX_PACKET_LENGTH/2) - 1)
1894 len = (MAX_PACKET_LENGTH/2) - 1;
1895 memtohex(buf + 1, (uint8_t *)msg, len);
1896 put_packet(s, buf);
1897 }
1898
1899 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
1900 {
1901 const char *p = (const char *)buf;
1902 int max_sz;
1903
1904 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
1905 for (;;) {
1906 if (len <= max_sz) {
1907 gdb_monitor_output(gdbserver_state, p, len);
1908 break;
1909 }
1910 gdb_monitor_output(gdbserver_state, p, max_sz);
1911 p += max_sz;
1912 len -= max_sz;
1913 }
1914 return len;
1915 }
1916
1917 #ifndef _WIN32
1918 static void gdb_sigterm_handler(int signal)
1919 {
1920 if (runstate_is_running()) {
1921 vm_stop(RUN_STATE_PAUSED);
1922 }
1923 }
1924 #endif
1925
1926 int gdbserver_start(const char *device)
1927 {
1928 GDBState *s;
1929 char gdbstub_device_name[128];
1930 CharDriverState *chr = NULL;
1931 CharDriverState *mon_chr;
1932
1933 if (!device)
1934 return -1;
1935 if (strcmp(device, "none") != 0) {
1936 if (strstart(device, "tcp:", NULL)) {
1937 /* enforce required TCP attributes */
1938 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
1939 "%s,nowait,nodelay,server", device);
1940 device = gdbstub_device_name;
1941 }
1942 #ifndef _WIN32
1943 else if (strcmp(device, "stdio") == 0) {
1944 struct sigaction act;
1945
1946 memset(&act, 0, sizeof(act));
1947 act.sa_handler = gdb_sigterm_handler;
1948 sigaction(SIGINT, &act, NULL);
1949 }
1950 #endif
1951 chr = qemu_chr_new("gdb", device, NULL);
1952 if (!chr)
1953 return -1;
1954
1955 qemu_chr_fe_claim_no_fail(chr);
1956 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1957 gdb_chr_event, NULL);
1958 }
1959
1960 s = gdbserver_state;
1961 if (!s) {
1962 s = g_malloc0(sizeof(GDBState));
1963 gdbserver_state = s;
1964
1965 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
1966
1967 /* Initialize a monitor terminal for gdb */
1968 mon_chr = g_malloc0(sizeof(*mon_chr));
1969 mon_chr->chr_write = gdb_monitor_write;
1970 monitor_init(mon_chr, 0);
1971 } else {
1972 if (s->chr)
1973 qemu_chr_delete(s->chr);
1974 mon_chr = s->mon_chr;
1975 memset(s, 0, sizeof(GDBState));
1976 }
1977 s->c_cpu = first_cpu;
1978 s->g_cpu = first_cpu;
1979 s->chr = chr;
1980 s->state = chr ? RS_IDLE : RS_INACTIVE;
1981 s->mon_chr = mon_chr;
1982 s->current_syscall_cb = NULL;
1983
1984 return 0;
1985 }
1986 #endif
Ray Wang's QEMU Repository