1 /* Remote target communications for serial-line targets in custom GDB protocol
2 Copyright 1988, 1991, 1992, 1993 Free Software Foundation, Inc.
4 This file is part of GDB.
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
20 /* Remote communication protocol.
22 A debug packet whose contents are <data>
23 is encapsulated for transmission in the form:
25 $ <data> # CSUM1 CSUM2
27 <data> must be ASCII alphanumeric and cannot include characters
30 CSUM1 and CSUM2 are ascii hex representation of an 8-bit
31 checksum of <data>, the most significant nibble is sent first.
32 the hex digits 0-9,a-f are used.
34 Receiver responds with:
36 + - if CSUM is correct and ready for next packet
37 - - if CSUM is incorrect
40 All values are encoded in ascii hex digits.
45 reply XX....X Each byte of register data
46 is described by two hex digits.
47 Registers are in the internal order
48 for GDB, and the bytes in a register
49 are in the same order the machine uses.
52 write regs GXX..XX Each byte of register data
53 is described by two hex digits.
57 read mem mAA..AA,LLLL AA..AA is address, LLLL is length.
58 reply XX..XX XX..XX is mem contents
61 write mem MAA..AA,LLLL:XX..XX
63 LLLL is number of bytes,
68 cont cAA..AA AA..AA is address to resume
70 resume at same address.
72 step sAA..AA AA..AA is address to resume
74 resume at same address.
76 last signal ? Reply the current reason for stopping.
77 This is the same reply as is generated
78 for step or cont : SAA where AA is the
81 There is no immediate reply to step or cont.
82 The reply comes when the machine stops.
83 It is SAA AA is the "signal number"
85 or... TAAn...:r...;n:r...;n...:r...;
87 n... = register number
88 r... = register contents
102 #include "terminal.h"
105 #if !defined(DONT_USE_REMOTE)
107 #include <sys/types.h>
113 /* Prototypes for local functions */
116 remote_write_bytes PARAMS ((CORE_ADDR memaddr, char *myaddr, int len));
119 remote_read_bytes PARAMS ((CORE_ADDR memaddr, char *myaddr, int len));
122 remote_files_info PARAMS ((struct target_ops *ignore));
125 remote_xfer_memory PARAMS ((CORE_ADDR memaddr, char *myaddr, int len,
126 int should_write, struct target_ops *target));
129 remote_prepare_to_store PARAMS ((void));
132 remote_fetch_registers PARAMS ((int regno));
135 remote_resume PARAMS ((int step, int siggnal));
138 remote_start_remote PARAMS ((char *dummy));
141 remote_open PARAMS ((char *name, int from_tty));
144 remote_close PARAMS ((int quitting));
147 remote_store_registers PARAMS ((int regno));
150 getpkt PARAMS ((char *buf, int forever));
153 putpkt PARAMS ((char *buf));
156 remote_send PARAMS ((char *buf));
159 readchar PARAMS ((void));
162 remote_wait PARAMS ((WAITTYPE *status));
165 tohex PARAMS ((int nib));
168 fromhex PARAMS ((int a));
171 remote_detach PARAMS ((char *args, int from_tty));
174 remote_interrupt PARAMS ((int signo));
177 remote_interrupt_twice PARAMS ((int signo));
179 extern struct target_ops remote_ops; /* Forward decl */
181 static int kiodebug = 0;
182 /* This was 5 seconds, which is a long time to sit and wait.
183 Unless this is going though some terminal server or multiplexer or
184 other form of hairy serial connection, I would think 2 seconds would
186 static int timeout = 2;
192 /* Descriptor for I/O to remote machine. Initialize it to NULL so that
193 remote_open knows that we don't have a file open when the program
195 serial_t remote_desc = NULL;
199 /* Maximum number of bytes to read/write at once. The value here
200 is chosen to fill up a packet (the headers account for the 32). */
201 #define MAXBUFBYTES ((PBUFSIZ-32)/2)
203 /* Round up PBUFSIZ to hold all the registers, at least. */
204 #if REGISTER_BYTES > MAXBUFBYTES
206 #define PBUFSIZ (REGISTER_BYTES * 2 + 32)
209 /* Clean up connection to a remote debugger. */
213 remote_close (quitting)
217 SERIAL_CLOSE (remote_desc);
221 /* Stub for catch_errors. */
224 remote_start_remote (dummy)
227 /* Ack any packet which the remote side has already sent. */
228 /* I'm not sure this \r is needed; we don't use it any other time we
230 SERIAL_WRITE (remote_desc, "+\r", 2);
231 putpkt ("?"); /* initiate a query from remote machine */
233 start_remote (); /* Initialize gdb process mechanisms */
237 /* Open a connection to a remote debugger.
238 NAME is the filename used for communication. */
241 remote_open (name, from_tty)
247 "To open a remote debug connection, you need to specify what serial\n\
248 device is attached to the remote system (e.g. /dev/ttya).");
250 target_preopen (from_tty);
252 unpush_target (&remote_ops);
258 remote_desc = SERIAL_OPEN (name);
260 perror_with_name (name);
266 if (sscanf (baud_rate, "%d", &rate) == 1)
267 if (SERIAL_SETBAUDRATE (remote_desc, rate))
269 SERIAL_CLOSE (remote_desc);
270 perror_with_name (name);
274 SERIAL_RAW (remote_desc);
278 puts_filtered ("Remote debugging using ");
279 puts_filtered (name);
280 puts_filtered ("\n");
282 push_target (&remote_ops); /* Switch to using remote target now */
284 /* Start the remote connection; if error (0), discard this target. */
285 immediate_quit++; /* Allow user to interrupt it */
286 if (!catch_errors (remote_start_remote, (char *)0,
287 "Couldn't establish connection to remote target\n", RETURN_MASK_ALL))
292 takes a program previously attached to and detaches it.
293 We better not have left any breakpoints
294 in the program or it'll die when it hits one.
295 Close the open connection to the remote debugger.
296 Use this when you want to detach and do something else
300 remote_detach (args, from_tty)
305 error ("Argument given to \"detach\" when remotely debugging.");
309 puts_filtered ("Ending remote debugging.\n");
312 /* Convert hex digit A to a number. */
318 if (a >= '0' && a <= '9')
320 else if (a >= 'a' && a <= 'f')
323 error ("Reply contains invalid hex digit");
327 /* Convert number NIB to a hex digit. */
339 /* Tell the remote machine to resume. */
342 remote_resume (step, siggnal)
350 target_terminal_ours_for_output ();
351 printf_filtered ("Can't send signals to a remote system. ");
352 name = strsigno (siggnal);
354 printf_filtered (name);
356 printf_filtered ("Signal %d", siggnal);
357 printf_filtered (" not sent.\n");
358 target_terminal_inferior ();
365 strcpy (buf, step ? "s": "c");
370 /* Send ^C to target to halt it. Target will respond, and send us a
374 remote_interrupt (signo)
377 /* If this doesn't work, try more severe steps. */
378 signal (signo, remote_interrupt_twice);
381 printf ("remote_interrupt called\n");
383 SERIAL_WRITE (remote_desc, "\003", 1); /* Send a ^C */
386 static void (*ofunc)();
388 /* The user typed ^C twice. */
390 remote_interrupt_twice (signo)
393 signal (signo, ofunc);
395 target_terminal_ours ();
396 if (query ("Interrupted while waiting for the program.\n\
397 Give up (and stop debugging it)? "))
399 target_mourn_inferior ();
400 return_to_top_level (RETURN_QUIT);
404 signal (signo, remote_interrupt);
405 target_terminal_inferior ();
409 /* Wait until the remote machine stops, then return,
410 storing status in STATUS just as `wait' would.
411 Returns "pid" (though it's not clear what, if anything, that
412 means in the case of this target). */
418 unsigned char buf[PBUFSIZ];
422 char regs[MAX_REGISTER_RAW_SIZE];
424 WSETEXIT ((*status), 0);
426 ofunc = (void (*)()) signal (SIGINT, remote_interrupt);
427 getpkt ((char *) buf, 1);
428 signal (SIGINT, ofunc);
431 error ("Remote failure reply: %s", buf);
434 /* Expedited reply, containing Signal, {regno, reg} repeat */
435 /* format is: 'Tssn...:r...;n...:r...;n...:r...;#cc', where
437 n... = register number
438 r... = register contents
441 p = &buf[3]; /* after Txx */
447 regno = strtol (p, &p1, 16); /* Read the register number */
450 error ("Remote sent badly formed register number: %s\nPacket: '%s'\n",
456 error ("Malformed packet (missing colon): %s\nPacket: '%s'\n",
459 if (regno >= NUM_REGS)
460 error ("Remote sent bad register number %d: %s\nPacket: '%s'\n",
463 for (i = 0; i < REGISTER_RAW_SIZE (regno); i++)
465 if (p[0] == 0 || p[1] == 0)
466 error ("Remote reply is too short: %s", buf);
467 regs[i] = fromhex (p[0]) * 16 + fromhex (p[1]);
472 error("Remote register badly formatted: %s", buf);
474 supply_register (regno, regs);
477 else if (buf[0] != 'S')
478 error ("Invalid remote reply: %s", buf);
480 WSETSTOP ((*status), (((fromhex (buf[1])) << 4) + (fromhex (buf[2]))));
485 /* Read the remote registers into the block REGS. */
486 /* Currently we just read all the registers, so we don't use regno. */
489 remote_fetch_registers (regno)
495 char regs[REGISTER_BYTES];
500 /* Reply describes registers byte by byte, each byte encoded as two
501 hex characters. Suck them all up, then supply them to the
502 register cacheing/storage mechanism. */
505 for (i = 0; i < REGISTER_BYTES; i++)
507 if (p[0] == 0 || p[1] == 0)
508 error ("Remote reply is too short: %s", buf);
509 regs[i] = fromhex (p[0]) * 16 + fromhex (p[1]);
512 for (i = 0; i < NUM_REGS; i++)
513 supply_register (i, ®s[REGISTER_BYTE(i)]);
516 /* Prepare to store registers. Since we send them all, we have to
517 read out the ones we don't want to change first. */
520 remote_prepare_to_store ()
522 /* Make sure the entire registers array is valid. */
523 read_register_bytes (0, (char *)NULL, REGISTER_BYTES);
526 /* Store the remote registers from the contents of the block REGISTERS.
527 FIXME, eventually just store one register if that's all that is needed. */
531 remote_store_registers (regno)
540 /* Command describes registers byte by byte,
541 each byte encoded as two hex characters. */
544 for (i = 0; i < REGISTER_BYTES; i++)
546 *p++ = tohex ((registers[i] >> 4) & 0xf);
547 *p++ = tohex (registers[i] & 0xf);
555 /* Read a word from remote address ADDR and return it.
556 This goes through the data cache. */
559 remote_fetch_word (addr)
564 extern CORE_ADDR text_start, text_end;
566 if (addr >= text_start && addr < text_end)
569 xfer_core_file (addr, &buffer, sizeof (int));
573 return dcache_fetch (addr);
576 /* Write a word WORD into remote address ADDR.
577 This goes through the data cache. */
580 remote_store_word (addr, word)
584 dcache_poke (addr, word);
588 /* Write memory data directly to the remote machine.
589 This does not inform the data cache; the data cache uses this.
590 MEMADDR is the address in the remote memory space.
591 MYADDR is the address of the buffer in our space.
592 LEN is the number of bytes. */
595 remote_write_bytes (memaddr, myaddr, len)
604 if (len > PBUFSIZ / 2 - 20)
607 sprintf (buf, "M%x,%x:", memaddr, len);
609 /* We send target system values byte by byte, in increasing byte addresses,
610 each byte encoded as two hex characters. */
612 p = buf + strlen (buf);
613 for (i = 0; i < len; i++)
615 *p++ = tohex ((myaddr[i] >> 4) & 0xf);
616 *p++ = tohex (myaddr[i] & 0xf);
623 /* Read memory data directly from the remote machine.
624 This does not use the data cache; the data cache uses this.
625 MEMADDR is the address in the remote memory space.
626 MYADDR is the address of the buffer in our space.
627 LEN is the number of bytes. */
630 remote_read_bytes (memaddr, myaddr, len)
639 if (len > PBUFSIZ / 2 - 1)
642 sprintf (buf, "m%x,%x", memaddr, len);
645 /* Reply describes memory byte by byte,
646 each byte encoded as two hex characters. */
649 for (i = 0; i < len; i++)
651 if (p[0] == 0 || p[1] == 0)
652 error ("Remote reply is too short: %s", buf);
653 myaddr[i] = fromhex (p[0]) * 16 + fromhex (p[1]);
658 /* Read or write LEN bytes from inferior memory at MEMADDR, transferring
659 to or from debugger address MYADDR. Write to inferior if SHOULD_WRITE is
660 nonzero. Returns length of data written or read; 0 for error. */
664 remote_xfer_memory(memaddr, myaddr, len, should_write, target)
669 struct target_ops *target; /* ignored */
675 if (len > MAXBUFBYTES)
676 xfersize = MAXBUFBYTES;
681 remote_write_bytes(memaddr, myaddr, xfersize);
683 remote_read_bytes (memaddr, myaddr, xfersize);
688 return origlen; /* no error possible */
692 remote_files_info (ignore)
693 struct target_ops *ignore;
695 puts_filtered ("Debugging a target over a serial line.\n");
698 /* Stuff for dealing with the packets which are part of this protocol.
699 See comment at top of file for details. */
701 /* Read a single character from the remote end, masking it down to 7 bits. */
708 ch = SERIAL_READCHAR (remote_desc, timeout);
716 /* Send the command in BUF to the remote machine,
717 and read the reply into BUF.
718 Report an error if we get an error reply. */
729 error ("Remote failure reply: %s", buf);
732 /* Send a packet to the remote machine, with error checking.
733 The data of the packet is in BUF. */
740 unsigned char csum = 0;
742 int cnt = strlen (buf);
746 /* Copy the packet into buffer BUF2, encapsulating it
747 and giving it a checksum. */
749 if (cnt > sizeof(buf2) - 5) /* Prosanity check */
755 for (i = 0; i < cnt; i++)
761 *p++ = tohex ((csum >> 4) & 0xf);
762 *p++ = tohex (csum & 0xf);
764 /* Send it over and over until we get a positive ack. */
771 printf ("Sending packet: %s...", buf2); fflush(stdout);
773 if (SERIAL_WRITE (remote_desc, buf2, p - buf2))
774 perror_with_name ("putpkt: write failed");
776 /* read until either a timeout occurs (-2) or '+' is read */
788 break; /* Retransmit buffer */
790 perror_with_name ("putpkt: couldn't read ACK");
792 error ("putpkt: EOF while trying to read ACK");
795 printf ("%02X %c ", ch&0xFF, ch);
798 break; /* Here to retransmit */
803 /* Read a packet from the remote machine, with error checking,
804 and store it in BUF. BUF is expected to be of size PBUFSIZ.
805 If FOREVER, wait forever rather than timing out; this is used
806 while the target is executing user code. */
809 getpkt (buf, forever)
816 unsigned char c1, c2;
818 #define MAX_RETRIES 10
822 /* This can loop forever if the remote side sends us characters
823 continuously, but if it pauses, we'll get a zero from readchar
824 because of timeout. Then we'll count that as a retry. */
827 if (c > 0 && c != '$')
830 if (c == SERIAL_TIMEOUT)
834 if (++retries >= MAX_RETRIES)
835 if (kiodebug) puts_filtered ("Timed out.\n");
840 error ("Remote connection closed");
841 if (c == SERIAL_ERROR)
842 perror_with_name ("Remote communication error");
844 /* Force csum to be zero here because of possible error retry. */
851 if (c == SERIAL_TIMEOUT)
854 puts_filtered ("Timeout in mid-packet, retrying\n");
855 goto whole; /* Start a new packet, count retries */
860 puts_filtered ("Saw new packet start in middle of old one\n");
861 goto whole; /* Start a new packet, count retries */
865 if (bp >= buf+PBUFSIZ-1)
868 puts_filtered ("Remote packet too long: ");
870 puts_filtered ("\n");
878 c1 = fromhex (readchar ());
879 c2 = fromhex (readchar ());
880 if ((csum & 0xff) == (c1 << 4) + c2)
882 printf_filtered ("Bad checksum, sentsum=0x%x, csum=0x%x, buf=",
883 (c1 << 4) + c2, csum & 0xff);
885 puts_filtered ("\n");
887 /* Try the whole thing again. */
889 if (++retries < MAX_RETRIES)
891 SERIAL_WRITE (remote_desc, "-", 1);
895 printf ("Ignoring packet error, continuing...\n");
902 SERIAL_WRITE (remote_desc, "+", 1);
905 fprintf (stderr,"Packet received: %s\n", buf);
908 /* The data cache leads to incorrect results because it doesn't know about
909 volatile variables, thus making it impossible to debug functions which
910 use hardware registers. Therefore it is #if 0'd out. Effect on
911 performance is some, for backtraces of functions with a few
912 arguments each. For functions with many arguments, the stack
913 frames don't fit in the cache blocks, which makes the cache less
914 helpful. Disabling the cache is a big performance win for fetching
915 large structures, because the cache code fetched data in 16-byte
918 /* The data cache records all the data read from the remote machine
919 since the last time it stopped.
921 Each cache block holds 16 bytes of data
922 starting at a multiple-of-16 address. */
924 #define DCACHE_SIZE 64 /* Number of cache blocks */
926 struct dcache_block {
927 struct dcache_block *next, *last;
928 unsigned int addr; /* Address for which data is recorded. */
932 struct dcache_block dcache_free, dcache_valid;
934 /* Free all the data cache blocks, thus discarding all cached data. */
939 register struct dcache_block *db;
941 while ((db = dcache_valid.next) != &dcache_valid)
944 insque (db, &dcache_free);
949 * If addr is present in the dcache, return the address of the block
953 struct dcache_block *
956 register struct dcache_block *db;
961 /* Search all cache blocks for one that is at this address. */
962 db = dcache_valid.next;
963 while (db != &dcache_valid)
965 if ((addr & 0xfffffff0) == db->addr)
972 /* Return the int data at address ADDR in dcache block DC. */
975 dcache_value (db, addr)
976 struct dcache_block *db;
981 return (db->data[(addr>>2)&3]);
984 /* Get a free cache block, put it on the valid list,
985 and return its address. The caller should store into the block
986 the address and data that it describes. */
988 struct dcache_block *
991 register struct dcache_block *db;
993 if ((db = dcache_free.next) == &dcache_free)
994 /* If we can't get one from the free list, take last valid */
995 db = dcache_valid.last;
998 insque (db, &dcache_valid);
1002 /* Return the contents of the word at address ADDR in the remote machine,
1003 using the data cache. */
1009 register struct dcache_block *db;
1011 db = dcache_hit (addr);
1014 db = dcache_alloc ();
1015 remote_read_bytes (addr & ~0xf, db->data, 16);
1016 db->addr = addr & ~0xf;
1018 return (dcache_value (db, addr));
1021 /* Write the word at ADDR both in the data cache and in the remote machine. */
1023 dcache_poke (addr, data)
1027 register struct dcache_block *db;
1029 /* First make sure the word is IN the cache. DB is its cache block. */
1030 db = dcache_hit (addr);
1033 db = dcache_alloc ();
1034 remote_read_bytes (addr & ~0xf, db->data, 16);
1035 db->addr = addr & ~0xf;
1038 /* Modify the word in the cache. */
1039 db->data[(addr>>2)&3] = data;
1041 /* Send the changed word. */
1042 remote_write_bytes (addr, &data, 4);
1045 /* Initialize the data cache. */
1050 register struct dcache_block *db;
1052 db = (struct dcache_block *) xmalloc (sizeof (struct dcache_block) *
1054 dcache_free.next = dcache_free.last = &dcache_free;
1055 dcache_valid.next = dcache_valid.last = &dcache_valid;
1056 for (i=0;i<DCACHE_SIZE;i++,db++)
1057 insque (db, &dcache_free);
1065 /* Don't wait for it to die. I'm not really sure it matters whether
1066 we do or not. For the existing stubs, kill is a noop. */
1067 target_mourn_inferior ();
1073 unpush_target (&remote_ops);
1074 generic_mourn_inferior ();
1077 #ifdef REMOTE_BREAKPOINT
1079 /* On some machines, e.g. 68k, we may use a different breakpoint instruction
1080 than other targets. */
1081 static unsigned char break_insn[] = REMOTE_BREAKPOINT;
1083 /* Check that it fits in BREAKPOINT_MAX bytes. */
1084 static unsigned char check_break_insn_size[BREAKPOINT_MAX] = REMOTE_BREAKPOINT;
1086 #else /* No REMOTE_BREAKPOINT. */
1088 /* Same old breakpoint instruction. This code does nothing different
1089 than mem-break.c. */
1090 static unsigned char break_insn[] = BREAKPOINT;
1092 #endif /* No REMOTE_BREAKPOINT. */
1094 /* Insert a breakpoint on targets that don't have any better breakpoint
1095 support. We read the contents of the target location and stash it,
1096 then overwrite it with a breakpoint instruction. ADDR is the target
1097 location in the target machine. CONTENTS_CACHE is a pointer to
1098 memory allocated for saving the target contents. It is guaranteed
1099 by the caller to be long enough to save sizeof BREAKPOINT bytes (this
1100 is accomplished via BREAKPOINT_MAX). */
1103 remote_insert_breakpoint (addr, contents_cache)
1105 char *contents_cache;
1109 val = target_read_memory (addr, contents_cache, sizeof break_insn);
1112 val = target_write_memory (addr, (char *)break_insn, sizeof break_insn);
1118 remote_remove_breakpoint (addr, contents_cache)
1120 char *contents_cache;
1122 return target_write_memory (addr, contents_cache, sizeof break_insn);
1125 /* Define the target subroutine names */
1127 struct target_ops remote_ops = {
1128 "remote", /* to_shortname */
1129 "Remote serial target in gdb-specific protocol", /* to_longname */
1130 "Use a remote computer via a serial line, using a gdb-specific protocol.\n\
1131 Specify the serial device it is connected to (e.g. /dev/ttya).", /* to_doc */
1132 remote_open, /* to_open */
1133 remote_close, /* to_close */
1134 NULL, /* to_attach */
1135 remote_detach, /* to_detach */
1136 remote_resume, /* to_resume */
1137 remote_wait, /* to_wait */
1138 remote_fetch_registers, /* to_fetch_registers */
1139 remote_store_registers, /* to_store_registers */
1140 remote_prepare_to_store, /* to_prepare_to_store */
1141 remote_xfer_memory, /* to_xfer_memory */
1142 remote_files_info, /* to_files_info */
1144 remote_insert_breakpoint, /* to_insert_breakpoint */
1145 remote_remove_breakpoint, /* to_remove_breakpoint */
1147 NULL, /* to_terminal_init */
1148 NULL, /* to_terminal_inferior */
1149 NULL, /* to_terminal_ours_for_output */
1150 NULL, /* to_terminal_ours */
1151 NULL, /* to_terminal_info */
1152 remote_kill, /* to_kill */
1153 generic_load, /* to_load */
1154 NULL, /* to_lookup_symbol */
1155 NULL, /* to_create_inferior */
1156 remote_mourn, /* to_mourn_inferior */
1158 0, /* to_notice_signals */
1159 process_stratum, /* to_stratum */
1161 1, /* to_has_all_memory */
1162 1, /* to_has_memory */
1163 1, /* to_has_stack */
1164 1, /* to_has_registers */
1165 1, /* to_has_execution */
1166 NULL, /* sections */
1167 NULL, /* sections_end */
1168 OPS_MAGIC /* to_magic */
1172 _initialize_remote ()
1174 add_target (&remote_ops);
1177 add_set_cmd ("remotedebug", no_class, var_boolean, (char *)&kiodebug,
1178 "Set debugging of remote serial I/O.\n\
1179 When enabled, each packet sent or received with the remote target\n\
1180 is displayed.", &setlist),
projects / binutils.git / blob