1 /* Remote target communications for serial-line targets in custom GDB protocol
2 Copyright 1988, 1991, 1992, 1993 Free Software Foundation, Inc.
4 This file is part of GDB.
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
20 /* Remote communication protocol.
21 All values are encoded in ascii hex digits.
26 reply XX....X Each byte of register data
27 is described by two hex digits.
28 Registers are in the internal order
29 for GDB, and the bytes in a register
30 are in the same order the machine uses.
33 write regs GXX..XX Each byte of register data
34 is described by two hex digits.
38 read mem mAA..AA,LLLL AA..AA is address, LLLL is length.
39 reply XX..XX XX..XX is mem contents
42 write mem MAA..AA,LLLL:XX..XX
44 LLLL is number of bytes,
49 cont cAA..AA AA..AA is address to resume
51 resume at same address.
53 step sAA..AA AA..AA is address to resume
55 resume at same address.
57 last signal ? Reply the current reason for stopping.
58 This is the same reply as is generated
59 for step or cont : SAA where AA is the
62 There is no immediate reply to step or cont.
63 The reply comes when the machine stops.
64 It is SAA AA is the "signal number"
66 or... TAAPPPPPPPPFFFFFFFF
67 where AA is the signal number,
68 PPPPPPPP is the PC (PC_REGNUM), and
69 FFFFFFFF is the frame ptr (FP_REGNUM).
85 #if !defined(DONT_USE_REMOTE)
87 #include <sys/types.h>
93 /* Prototypes for local functions */
96 remote_write_bytes PARAMS ((CORE_ADDR, char *, int));
99 remote_read_bytes PARAMS ((CORE_ADDR, char *, int));
102 remote_files_info PARAMS ((struct target_ops *));
105 remote_xfer_memory PARAMS ((CORE_ADDR, char *, int, int, struct target_ops *));
108 remote_prepare_to_store PARAMS ((void));
111 remote_fetch_registers PARAMS ((int));
114 remote_resume PARAMS ((int, int));
117 remote_start_remote PARAMS ((char *));
120 remote_open PARAMS ((char *, int));
123 remote_close PARAMS ((int));
126 remote_store_registers PARAMS ((int));
129 getpkt PARAMS ((char *, int));
132 putpkt PARAMS ((char *));
135 remote_send PARAMS ((char *));
138 readchar PARAMS ((void));
141 remote_wait PARAMS ((WAITTYPE *));
144 tohex PARAMS ((int));
147 fromhex PARAMS ((int));
150 remote_detach PARAMS ((char *, int));
152 extern struct target_ops remote_ops; /* Forward decl */
154 static int kiodebug = 0;
155 /* This was 5 seconds, which is a long time to sit and wait.
156 Unless this is going though some terminal server or multiplexer or
157 other form of hairy serial connection, I would think 2 seconds would
159 static int timeout = 2;
165 /* Descriptor for I/O to remote machine. Initialize it to -1 so that
166 remote_open knows that we don't have a file open when the program
168 serial_t remote_desc = NULL;
172 /* Maximum number of bytes to read/write at once. The value here
173 is chosen to fill up a packet (the headers account for the 32). */
174 #define MAXBUFBYTES ((PBUFSIZ-32)/2)
176 /* Round up PBUFSIZ to hold all the registers, at least. */
177 #if REGISTER_BYTES > MAXBUFBYTES
179 #define PBUFSIZ (REGISTER_BYTES * 2 + 32)
182 /* Clean up connection to a remote debugger. */
186 remote_close (quitting)
190 SERIAL_CLOSE (remote_desc);
194 /* Stub for catch_errors. */
197 remote_start_remote (dummy)
200 /* Ack any packet which the remote side has already sent. */
201 SERIAL_WRITE (remote_desc, "+\r", 2);
202 putpkt ("?"); /* initiate a query from remote machine */
204 start_remote (); /* Initialize gdb process mechanisms */
208 /* Open a connection to a remote debugger.
209 NAME is the filename used for communication. */
212 remote_open (name, from_tty)
218 "To open a remote debug connection, you need to specify what serial\n\
219 device is attached to the remote system (e.g. /dev/ttya).");
221 target_preopen (from_tty);
223 unpush_target (&remote_ops);
229 remote_desc = SERIAL_OPEN (name);
231 perror_with_name (name);
237 if (sscanf (baud_rate, "%d", &rate) == 1)
238 if (SERIAL_SETBAUDRATE (remote_desc, rate))
240 SERIAL_CLOSE (remote_desc);
241 perror_with_name (name);
245 SERIAL_RAW (remote_desc);
249 puts_filtered ("Remote debugging using ");
250 puts_filtered (name);
251 puts_filtered ("\n");
253 push_target (&remote_ops); /* Switch to using remote target now */
255 /* Start the remote connection; if error (0), discard this target. */
256 immediate_quit++; /* Allow user to interrupt it */
257 if (!catch_errors (remote_start_remote, (char *)0,
258 "Couldn't establish connection to remote target\n"))
263 takes a program previously attached to and detaches it.
264 We better not have left any breakpoints
265 in the program or it'll die when it hits one.
266 Close the open connection to the remote debugger.
267 Use this when you want to detach and do something else
271 remote_detach (args, from_tty)
276 error ("Argument given to \"detach\" when remotely debugging.");
280 puts_filtered ("Ending remote debugging.\n");
283 /* Convert hex digit A to a number. */
289 if (a >= '0' && a <= '9')
291 else if (a >= 'a' && a <= 'f')
294 error ("Reply contains invalid hex digit");
298 /* Convert number NIB to a hex digit. */
310 /* Tell the remote machine to resume. */
313 remote_resume (step, siggnal)
321 target_terminal_ours_for_output ();
322 printf_filtered ("Can't send signals to a remote system. ");
323 name = strsigno (siggnal);
325 printf_filtered (name);
327 printf_filtered ("Signal %d", siggnal);
328 printf_filtered (" not sent.\n");
329 target_terminal_inferior ();
336 strcpy (buf, step ? "s": "c");
341 static void remote_interrupt_twice PARAMS ((int));
342 static void (*ofunc)();
344 /* Send ^C to target to halt it. Target will respond, and send us a
347 void remote_interrupt(signo)
350 /* If this doesn't work, try more severe steps. */
351 signal (signo, remote_interrupt_twice);
354 printf ("remote_interrupt called\n");
356 SERIAL_WRITE (remote_desc, "\003", 1); /* Send a ^C */
359 /* The user typed ^C twice. */
361 remote_interrupt_twice (signo)
364 signal (signo, ofunc);
366 target_terminal_ours ();
367 if (query ("Interrupted while waiting for the program.\n\
368 Give up (and stop debugging it)? "))
370 target_mourn_inferior ();
371 return_to_top_level ();
375 signal (signo, remote_interrupt);
376 target_terminal_inferior ();
380 /* Wait until the remote machine stops, then return,
381 storing status in STATUS just as `wait' would.
382 Returns "pid" (though it's not clear what, if anything, that
383 means in the case of this target). */
389 unsigned char buf[PBUFSIZ];
393 char regs[MAX_REGISTER_RAW_SIZE];
395 WSETEXIT ((*status), 0);
397 ofunc = (void (*)()) signal (SIGINT, remote_interrupt);
398 getpkt ((char *) buf, 1);
399 signal (SIGINT, ofunc);
402 error ("Remote failure reply: %s", buf);
405 /* Expedited reply, containing Signal, {regno, reg} repeat */
406 /* format is: 'Tssn...:r...;n...:r...;n...:r...;#cc', where
408 n... = register number
409 r... = register contents
412 p = &buf[3]; /* after Txx */
416 regno = strtol (p, &p, 16); /* Read the register number */
419 || regno >= NUM_REGS)
420 error ("Remote sent bad register number %s", buf);
422 for (i = 0; i < REGISTER_RAW_SIZE (regno); i++)
424 if (p[0] == 0 || p[1] == 0)
425 error ("Remote reply is too short: %s", buf);
426 regs[i] = fromhex (p[0]) * 16 + fromhex (p[1]);
431 error("Remote register badly formatted: %s", buf);
433 supply_register (regno, regs);
436 else if (buf[0] != 'S')
437 error ("Invalid remote reply: %s", buf);
439 WSETSTOP ((*status), (((fromhex (buf[1])) << 4) + (fromhex (buf[2]))));
444 /* Read the remote registers into the block REGS. */
445 /* Currently we just read all the registers, so we don't use regno. */
448 remote_fetch_registers (regno)
454 char regs[REGISTER_BYTES];
459 /* Reply describes registers byte by byte, each byte encoded as two
460 hex characters. Suck them all up, then supply them to the
461 register cacheing/storage mechanism. */
464 for (i = 0; i < REGISTER_BYTES; i++)
466 if (p[0] == 0 || p[1] == 0)
467 error ("Remote reply is too short: %s", buf);
468 regs[i] = fromhex (p[0]) * 16 + fromhex (p[1]);
471 for (i = 0; i < NUM_REGS; i++)
472 supply_register (i, ®s[REGISTER_BYTE(i)]);
475 /* Prepare to store registers. Since we send them all, we have to
476 read out the ones we don't want to change first. */
479 remote_prepare_to_store ()
481 /* Make sure the entire registers array is valid. */
482 read_register_bytes (0, (char *)NULL, REGISTER_BYTES);
485 /* Store the remote registers from the contents of the block REGISTERS.
486 FIXME, eventually just store one register if that's all that is needed. */
490 remote_store_registers (regno)
499 /* Command describes registers byte by byte,
500 each byte encoded as two hex characters. */
503 for (i = 0; i < REGISTER_BYTES; i++)
505 *p++ = tohex ((registers[i] >> 4) & 0xf);
506 *p++ = tohex (registers[i] & 0xf);
514 /* Read a word from remote address ADDR and return it.
515 This goes through the data cache. */
518 remote_fetch_word (addr)
523 extern CORE_ADDR text_start, text_end;
525 if (addr >= text_start && addr < text_end)
528 xfer_core_file (addr, &buffer, sizeof (int));
532 return dcache_fetch (addr);
535 /* Write a word WORD into remote address ADDR.
536 This goes through the data cache. */
539 remote_store_word (addr, word)
543 dcache_poke (addr, word);
547 /* Write memory data directly to the remote machine.
548 This does not inform the data cache; the data cache uses this.
549 MEMADDR is the address in the remote memory space.
550 MYADDR is the address of the buffer in our space.
551 LEN is the number of bytes. */
554 remote_write_bytes (memaddr, myaddr, len)
563 if (len > PBUFSIZ / 2 - 20)
566 sprintf (buf, "M%x,%x:", memaddr, len);
568 /* We send target system values byte by byte, in increasing byte addresses,
569 each byte encoded as two hex characters. */
571 p = buf + strlen (buf);
572 for (i = 0; i < len; i++)
574 *p++ = tohex ((myaddr[i] >> 4) & 0xf);
575 *p++ = tohex (myaddr[i] & 0xf);
582 /* Read memory data directly from the remote machine.
583 This does not use the data cache; the data cache uses this.
584 MEMADDR is the address in the remote memory space.
585 MYADDR is the address of the buffer in our space.
586 LEN is the number of bytes. */
589 remote_read_bytes (memaddr, myaddr, len)
598 if (len > PBUFSIZ / 2 - 1)
601 sprintf (buf, "m%x,%x", memaddr, len);
604 /* Reply describes memory byte by byte,
605 each byte encoded as two hex characters. */
608 for (i = 0; i < len; i++)
610 if (p[0] == 0 || p[1] == 0)
611 error ("Remote reply is too short: %s", buf);
612 myaddr[i] = fromhex (p[0]) * 16 + fromhex (p[1]);
617 /* Read or write LEN bytes from inferior memory at MEMADDR, transferring
618 to or from debugger address MYADDR. Write to inferior if SHOULD_WRITE is
619 nonzero. Returns length of data written or read; 0 for error. */
623 remote_xfer_memory(memaddr, myaddr, len, should_write, target)
628 struct target_ops *target; /* ignored */
634 if (len > MAXBUFBYTES)
635 xfersize = MAXBUFBYTES;
640 remote_write_bytes(memaddr, myaddr, xfersize);
642 remote_read_bytes (memaddr, myaddr, xfersize);
647 return origlen; /* no error possible */
651 remote_files_info (ignore)
652 struct target_ops *ignore;
654 puts_filtered ("Debugging a target over a serial line.\n");
659 A debug packet whose contents are <data>
660 is encapsulated for transmission in the form:
662 $ <data> # CSUM1 CSUM2
664 <data> must be ASCII alphanumeric and cannot include characters
667 CSUM1 and CSUM2 are ascii hex representation of an 8-bit
668 checksum of <data>, the most significant nibble is sent first.
669 the hex digits 0-9,a-f are used.
671 Receiver responds with:
673 + - if CSUM is correct and ready for next packet
674 - - if CSUM is incorrect
678 /* Read a single character from the remote end, masking it down to 7 bits. */
685 ch = SERIAL_READCHAR (remote_desc, timeout);
693 /* Send the command in BUF to the remote machine,
694 and read the reply into BUF.
695 Report an error if we get an error reply. */
706 error ("Remote failure reply: %s", buf);
709 /* Send a packet to the remote machine, with error checking.
710 The data of the packet is in BUF. */
717 unsigned char csum = 0;
719 int cnt = strlen (buf);
723 /* Copy the packet into buffer BUF2, encapsulating it
724 and giving it a checksum. */
726 if (cnt > sizeof(buf2) - 5) /* Prosanity check */
732 for (i = 0; i < cnt; i++)
738 *p++ = tohex ((csum >> 4) & 0xf);
739 *p++ = tohex (csum & 0xf);
741 /* Send it over and over until we get a positive ack. */
748 printf ("Sending packet: %s...", buf2); fflush(stdout);
750 if (SERIAL_WRITE (remote_desc, buf2, p - buf2))
751 perror_with_name ("putpkt: write failed");
753 /* read until either a timeout occurs (-2) or '+' is read */
765 break; /* Retransmit buffer */
767 perror_with_name ("putpkt: couldn't read ACK");
769 error ("putpkt: EOF while trying to read ACK");
772 printf ("%02X %c ", ch&0xFF, ch);
775 break; /* Here to retransmit */
780 /* Read a packet from the remote machine, with error checking,
781 and store it in BUF. BUF is expected to be of size PBUFSIZ.
782 If FOREVER, wait forever rather than timing out; this is used
783 while the target is executing user code. */
786 getpkt (buf, forever)
793 unsigned char c1, c2;
795 #define MAX_RETRIES 10
799 /* This can loop forever if the remote side sends us characters
800 continuously, but if it pauses, we'll get a zero from readchar
801 because of timeout. Then we'll count that as a retry. */
804 if (c > 0 && c != '$')
807 if (c == SERIAL_TIMEOUT)
811 if (++retries >= MAX_RETRIES)
812 if (kiodebug) puts_filtered ("Timed out.\n");
817 error ("Remote connection closed");
818 if (c == SERIAL_ERROR)
819 perror_with_name ("Remote communication error");
821 /* Force csum to be zero here because of possible error retry. */
828 if (c == SERIAL_TIMEOUT)
831 puts_filtered ("Timeout in mid-packet, retrying\n");
832 goto whole; /* Start a new packet, count retries */
837 puts_filtered ("Saw new packet start in middle of old one\n");
838 goto whole; /* Start a new packet, count retries */
842 if (bp >= buf+PBUFSIZ-1)
845 puts_filtered ("Remote packet too long: ");
847 puts_filtered ("\n");
855 c1 = fromhex (readchar ());
856 c2 = fromhex (readchar ());
857 if ((csum & 0xff) == (c1 << 4) + c2)
859 printf_filtered ("Bad checksum, sentsum=0x%x, csum=0x%x, buf=",
860 (c1 << 4) + c2, csum & 0xff);
862 puts_filtered ("\n");
864 /* Try the whole thing again. */
866 if (++retries < MAX_RETRIES)
868 SERIAL_WRITE (remote_desc, "-", 1);
872 printf ("Ignoring packet error, continuing...\n");
879 SERIAL_WRITE (remote_desc, "+", 1);
882 fprintf (stderr,"Packet received: %s\n", buf);
885 /* The data cache leads to incorrect results because it doesn't know about
886 volatile variables, thus making it impossible to debug functions which
887 use hardware registers. Therefore it is #if 0'd out. Effect on
888 performance is some, for backtraces of functions with a few
889 arguments each. For functions with many arguments, the stack
890 frames don't fit in the cache blocks, which makes the cache less
891 helpful. Disabling the cache is a big performance win for fetching
892 large structures, because the cache code fetched data in 16-byte
895 /* The data cache records all the data read from the remote machine
896 since the last time it stopped.
898 Each cache block holds 16 bytes of data
899 starting at a multiple-of-16 address. */
901 #define DCACHE_SIZE 64 /* Number of cache blocks */
903 struct dcache_block {
904 struct dcache_block *next, *last;
905 unsigned int addr; /* Address for which data is recorded. */
909 struct dcache_block dcache_free, dcache_valid;
911 /* Free all the data cache blocks, thus discarding all cached data. */
916 register struct dcache_block *db;
918 while ((db = dcache_valid.next) != &dcache_valid)
921 insque (db, &dcache_free);
926 * If addr is present in the dcache, return the address of the block
930 struct dcache_block *
933 register struct dcache_block *db;
938 /* Search all cache blocks for one that is at this address. */
939 db = dcache_valid.next;
940 while (db != &dcache_valid)
942 if ((addr & 0xfffffff0) == db->addr)
949 /* Return the int data at address ADDR in dcache block DC. */
952 dcache_value (db, addr)
953 struct dcache_block *db;
958 return (db->data[(addr>>2)&3]);
961 /* Get a free cache block, put it on the valid list,
962 and return its address. The caller should store into the block
963 the address and data that it describes. */
965 struct dcache_block *
968 register struct dcache_block *db;
970 if ((db = dcache_free.next) == &dcache_free)
971 /* If we can't get one from the free list, take last valid */
972 db = dcache_valid.last;
975 insque (db, &dcache_valid);
979 /* Return the contents of the word at address ADDR in the remote machine,
980 using the data cache. */
986 register struct dcache_block *db;
988 db = dcache_hit (addr);
991 db = dcache_alloc ();
992 remote_read_bytes (addr & ~0xf, db->data, 16);
993 db->addr = addr & ~0xf;
995 return (dcache_value (db, addr));
998 /* Write the word at ADDR both in the data cache and in the remote machine. */
1000 dcache_poke (addr, data)
1004 register struct dcache_block *db;
1006 /* First make sure the word is IN the cache. DB is its cache block. */
1007 db = dcache_hit (addr);
1010 db = dcache_alloc ();
1011 remote_read_bytes (addr & ~0xf, db->data, 16);
1012 db->addr = addr & ~0xf;
1015 /* Modify the word in the cache. */
1016 db->data[(addr>>2)&3] = data;
1018 /* Send the changed word. */
1019 remote_write_bytes (addr, &data, 4);
1022 /* Initialize the data cache. */
1027 register struct dcache_block *db;
1029 db = (struct dcache_block *) xmalloc (sizeof (struct dcache_block) *
1031 dcache_free.next = dcache_free.last = &dcache_free;
1032 dcache_valid.next = dcache_valid.last = &dcache_valid;
1033 for (i=0;i<DCACHE_SIZE;i++,db++)
1034 insque (db, &dcache_free);
1042 /* Don't wait for it to die. I'm not really sure it matters whether
1043 we do or not. For the existing stubs, kill is a noop. */
1044 target_mourn_inferior ();
1050 unpush_target (&remote_ops);
1051 generic_mourn_inferior ();
1054 /* Define the target subroutine names */
1056 struct target_ops remote_ops = {
1057 "remote", /* to_shortname */
1058 "Remote serial target in gdb-specific protocol", /* to_longname */
1059 "Use a remote computer via a serial line, using a gdb-specific protocol.\n\
1060 Specify the serial device it is connected to (e.g. /dev/ttya).", /* to_doc */
1061 remote_open, /* to_open */
1062 remote_close, /* to_close */
1063 NULL, /* to_attach */
1064 remote_detach, /* to_detach */
1065 remote_resume, /* to_resume */
1066 remote_wait, /* to_wait */
1067 remote_fetch_registers, /* to_fetch_registers */
1068 remote_store_registers, /* to_store_registers */
1069 remote_prepare_to_store, /* to_prepare_to_store */
1070 remote_xfer_memory, /* to_xfer_memory */
1071 remote_files_info, /* to_files_info */
1072 NULL, /* to_insert_breakpoint */
1073 NULL, /* to_remove_breakpoint */
1074 NULL, /* to_terminal_init */
1075 NULL, /* to_terminal_inferior */
1076 NULL, /* to_terminal_ours_for_output */
1077 NULL, /* to_terminal_ours */
1078 NULL, /* to_terminal_info */
1079 remote_kill, /* to_kill */
1080 generic_load, /* to_load */
1081 NULL, /* to_lookup_symbol */
1082 NULL, /* to_create_inferior */
1083 remote_mourn, /* to_mourn_inferior */
1085 0, /* to_notice_signals */
1086 process_stratum, /* to_stratum */
1088 1, /* to_has_all_memory */
1089 1, /* to_has_memory */
1090 1, /* to_has_stack */
1091 1, /* to_has_registers */
1092 1, /* to_has_execution */
1093 NULL, /* sections */
1094 NULL, /* sections_end */
1095 OPS_MAGIC /* to_magic */
1099 _initialize_remote ()
1101 add_target (&remote_ops);
1104 add_set_cmd ("remotedebug", no_class, var_boolean, (char *)&kiodebug,
1105 "Set debugging of remote serial I/O.\n\
1106 When enabled, each packet sent or received with the remote target\n\
1107 is displayed.", &setlist),
projects / binutils.git / blob