4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
33 #include "qemu-char.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu_socket.h"
49 GDB_SIGNAL_UNKNOWN = 143
52 #ifdef CONFIG_USER_ONLY
54 /* Map target signal numbers to GDB protocol signal numbers and vice
55 * versa. For user emulation's currently supported systems, we can
56 * assume most signals are defined.
59 static int gdb_signal_table[] = {
219 /* In system mode we only need SIGINT and SIGTRAP; other signals
220 are not yet supported. */
227 static int gdb_signal_table[] = {
237 #ifdef CONFIG_USER_ONLY
238 static int target_signal_to_gdb (int sig)
241 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
242 if (gdb_signal_table[i] == sig)
244 return GDB_SIGNAL_UNKNOWN;
248 static int gdb_signal_to_target (int sig)
250 if (sig < ARRAY_SIZE (gdb_signal_table))
251 return gdb_signal_table[sig];
258 typedef struct GDBRegisterState {
264 struct GDBRegisterState *next;
275 typedef struct GDBState {
276 CPUState *c_cpu; /* current CPU for step/continue ops */
277 CPUState *g_cpu; /* current CPU for other ops */
278 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
279 enum RSState state; /* parsing state */
280 char line_buf[MAX_PACKET_LENGTH];
283 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
286 #ifdef CONFIG_USER_ONLY
290 CharDriverState *chr;
291 CharDriverState *mon_chr;
295 /* By default use no IRQs and no timers while single stepping so as to
296 * make single stepping like an ICE HW step.
298 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
300 static GDBState *gdbserver_state;
302 /* This is an ugly hack to cope with both new and old gdb.
303 If gdb sends qXfer:features:read then assume we're talking to a newish
304 gdb that understands target descriptions. */
305 static int gdb_has_xml;
307 #ifdef CONFIG_USER_ONLY
308 /* XXX: This is not thread safe. Do we care? */
309 static int gdbserver_fd = -1;
311 static int get_char(GDBState *s)
317 ret = recv(s->fd, &ch, 1, 0);
319 if (errno == ECONNRESET)
321 if (errno != EINTR && errno != EAGAIN)
323 } else if (ret == 0) {
335 static gdb_syscall_complete_cb gdb_current_syscall_cb;
343 /* If gdb is connected when the first semihosting syscall occurs then use
344 remote gdb syscalls. Otherwise use native file IO. */
345 int use_gdb_syscalls(void)
347 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
348 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
351 return gdb_syscall_mode == GDB_SYS_ENABLED;
354 /* Resume execution. */
355 static inline void gdb_continue(GDBState *s)
357 #ifdef CONFIG_USER_ONLY
358 s->running_state = 1;
364 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
366 #ifdef CONFIG_USER_ONLY
370 ret = send(s->fd, buf, len, 0);
372 if (errno != EINTR && errno != EAGAIN)
380 qemu_chr_write(s->chr, buf, len);
384 static inline int fromhex(int v)
386 if (v >= '0' && v <= '9')
388 else if (v >= 'A' && v <= 'F')
390 else if (v >= 'a' && v <= 'f')
396 static inline int tohex(int v)
404 static void memtohex(char *buf, const uint8_t *mem, int len)
409 for(i = 0; i < len; i++) {
411 *q++ = tohex(c >> 4);
412 *q++ = tohex(c & 0xf);
417 static void hextomem(uint8_t *mem, const char *buf, int len)
421 for(i = 0; i < len; i++) {
422 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
427 /* return -1 if error, 0 if OK */
428 static int put_packet_binary(GDBState *s, const char *buf, int len)
439 for(i = 0; i < len; i++) {
443 *(p++) = tohex((csum >> 4) & 0xf);
444 *(p++) = tohex((csum) & 0xf);
446 s->last_packet_len = p - s->last_packet;
447 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
449 #ifdef CONFIG_USER_ONLY
462 /* return -1 if error, 0 if OK */
463 static int put_packet(GDBState *s, const char *buf)
466 printf("reply='%s'\n", buf);
469 return put_packet_binary(s, buf, strlen(buf));
472 /* The GDB remote protocol transfers values in target byte order. This means
473 we can use the raw memory access routines to access the value buffer.
474 Conveniently, these also handle the case where the buffer is mis-aligned.
476 #define GET_REG8(val) do { \
477 stb_p(mem_buf, val); \
480 #define GET_REG16(val) do { \
481 stw_p(mem_buf, val); \
484 #define GET_REG32(val) do { \
485 stl_p(mem_buf, val); \
488 #define GET_REG64(val) do { \
489 stq_p(mem_buf, val); \
493 #if TARGET_LONG_BITS == 64
494 #define GET_REGL(val) GET_REG64(val)
495 #define ldtul_p(addr) ldq_p(addr)
497 #define GET_REGL(val) GET_REG32(val)
498 #define ldtul_p(addr) ldl_p(addr)
501 #if defined(TARGET_I386)
504 static const int gpr_map[16] = {
505 R_EAX, R_EBX, R_ECX, R_EDX, R_ESI, R_EDI, R_EBP, R_ESP,
506 8, 9, 10, 11, 12, 13, 14, 15
509 #define gpr_map gpr_map32
511 static const int gpr_map32[8] = { 0, 1, 2, 3, 4, 5, 6, 7 };
513 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
515 #define IDX_IP_REG CPU_NB_REGS
516 #define IDX_FLAGS_REG (IDX_IP_REG + 1)
517 #define IDX_SEG_REGS (IDX_FLAGS_REG + 1)
518 #define IDX_FP_REGS (IDX_SEG_REGS + 6)
519 #define IDX_XMM_REGS (IDX_FP_REGS + 16)
520 #define IDX_MXCSR_REG (IDX_XMM_REGS + CPU_NB_REGS)
522 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
524 if (n < CPU_NB_REGS) {
525 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
526 GET_REG64(env->regs[gpr_map[n]]);
527 } else if (n < CPU_NB_REGS32) {
528 GET_REG32(env->regs[gpr_map32[n]]);
530 } else if (n >= IDX_FP_REGS && n < IDX_FP_REGS + 8) {
531 #ifdef USE_X86LDOUBLE
532 /* FIXME: byteswap float values - after fixing fpregs layout. */
533 memcpy(mem_buf, &env->fpregs[n - IDX_FP_REGS], 10);
535 memset(mem_buf, 0, 10);
538 } else if (n >= IDX_XMM_REGS && n < IDX_XMM_REGS + CPU_NB_REGS) {
540 if (n < CPU_NB_REGS32 ||
541 (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK)) {
542 stq_p(mem_buf, env->xmm_regs[n].XMM_Q(0));
543 stq_p(mem_buf + 8, env->xmm_regs[n].XMM_Q(1));
549 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
554 case IDX_FLAGS_REG: GET_REG32(env->eflags);
556 case IDX_SEG_REGS: GET_REG32(env->segs[R_CS].selector);
557 case IDX_SEG_REGS + 1: GET_REG32(env->segs[R_SS].selector);
558 case IDX_SEG_REGS + 2: GET_REG32(env->segs[R_DS].selector);
559 case IDX_SEG_REGS + 3: GET_REG32(env->segs[R_ES].selector);
560 case IDX_SEG_REGS + 4: GET_REG32(env->segs[R_FS].selector);
561 case IDX_SEG_REGS + 5: GET_REG32(env->segs[R_GS].selector);
563 case IDX_FP_REGS + 8: GET_REG32(env->fpuc);
564 case IDX_FP_REGS + 9: GET_REG32((env->fpus & ~0x3800) |
565 (env->fpstt & 0x7) << 11);
566 case IDX_FP_REGS + 10: GET_REG32(0); /* ftag */
567 case IDX_FP_REGS + 11: GET_REG32(0); /* fiseg */
568 case IDX_FP_REGS + 12: GET_REG32(0); /* fioff */
569 case IDX_FP_REGS + 13: GET_REG32(0); /* foseg */
570 case IDX_FP_REGS + 14: GET_REG32(0); /* fooff */
571 case IDX_FP_REGS + 15: GET_REG32(0); /* fop */
573 case IDX_MXCSR_REG: GET_REG32(env->mxcsr);
579 static int cpu_x86_gdb_load_seg(CPUState *env, int sreg, uint8_t *mem_buf)
581 uint16_t selector = ldl_p(mem_buf);
583 if (selector != env->segs[sreg].selector) {
584 #if defined(CONFIG_USER_ONLY)
585 cpu_x86_load_seg(env, sreg, selector);
587 unsigned int limit, flags;
590 if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK)) {
591 base = selector << 4;
595 if (!cpu_x86_get_descr_debug(env, selector, &base, &limit, &flags))
598 cpu_x86_load_seg_cache(env, sreg, selector, base, limit, flags);
604 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
608 if (n < CPU_NB_REGS) {
609 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
610 env->regs[gpr_map[n]] = ldtul_p(mem_buf);
611 return sizeof(target_ulong);
612 } else if (n < CPU_NB_REGS32) {
614 env->regs[n] &= ~0xffffffffUL;
615 env->regs[n] |= (uint32_t)ldl_p(mem_buf);
618 } else if (n >= IDX_FP_REGS && n < IDX_FP_REGS + 8) {
619 #ifdef USE_X86LDOUBLE
620 /* FIXME: byteswap float values - after fixing fpregs layout. */
621 memcpy(&env->fpregs[n - IDX_FP_REGS], mem_buf, 10);
624 } else if (n >= IDX_XMM_REGS && n < IDX_XMM_REGS + CPU_NB_REGS) {
626 if (n < CPU_NB_REGS32 ||
627 (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK)) {
628 env->xmm_regs[n].XMM_Q(0) = ldq_p(mem_buf);
629 env->xmm_regs[n].XMM_Q(1) = ldq_p(mem_buf + 8);
635 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
636 env->eip = ldq_p(mem_buf);
639 env->eip &= ~0xffffffffUL;
640 env->eip |= (uint32_t)ldl_p(mem_buf);
644 env->eflags = ldl_p(mem_buf);
647 case IDX_SEG_REGS: return cpu_x86_gdb_load_seg(env, R_CS, mem_buf);
648 case IDX_SEG_REGS + 1: return cpu_x86_gdb_load_seg(env, R_SS, mem_buf);
649 case IDX_SEG_REGS + 2: return cpu_x86_gdb_load_seg(env, R_DS, mem_buf);
650 case IDX_SEG_REGS + 3: return cpu_x86_gdb_load_seg(env, R_ES, mem_buf);
651 case IDX_SEG_REGS + 4: return cpu_x86_gdb_load_seg(env, R_FS, mem_buf);
652 case IDX_SEG_REGS + 5: return cpu_x86_gdb_load_seg(env, R_GS, mem_buf);
654 case IDX_FP_REGS + 8:
655 env->fpuc = ldl_p(mem_buf);
657 case IDX_FP_REGS + 9:
658 tmp = ldl_p(mem_buf);
659 env->fpstt = (tmp >> 11) & 7;
660 env->fpus = tmp & ~0x3800;
662 case IDX_FP_REGS + 10: /* ftag */ return 4;
663 case IDX_FP_REGS + 11: /* fiseg */ return 4;
664 case IDX_FP_REGS + 12: /* fioff */ return 4;
665 case IDX_FP_REGS + 13: /* foseg */ return 4;
666 case IDX_FP_REGS + 14: /* fooff */ return 4;
667 case IDX_FP_REGS + 15: /* fop */ return 4;
670 env->mxcsr = ldl_p(mem_buf);
674 /* Unrecognised register. */
678 #elif defined (TARGET_PPC)
680 /* Old gdb always expects FP registers. Newer (xml-aware) gdb only
681 expects whatever the target description contains. Due to a
682 historical mishap the FP registers appear in between core integer
683 regs and PC, MSR, CR, and so forth. We hack round this by giving the
684 FP regs zero size when talking to a newer gdb. */
685 #define NUM_CORE_REGS 71
686 #if defined (TARGET_PPC64)
687 #define GDB_CORE_XML "power64-core.xml"
689 #define GDB_CORE_XML "power-core.xml"
692 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
696 GET_REGL(env->gpr[n]);
701 stfq_p(mem_buf, env->fpr[n-32]);
705 case 64: GET_REGL(env->nip);
706 case 65: GET_REGL(env->msr);
711 for (i = 0; i < 8; i++)
712 cr |= env->crf[i] << (32 - ((i + 1) * 4));
715 case 67: GET_REGL(env->lr);
716 case 68: GET_REGL(env->ctr);
717 case 69: GET_REGL(env->xer);
722 GET_REG32(0); /* fpscr */
729 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
733 env->gpr[n] = ldtul_p(mem_buf);
734 return sizeof(target_ulong);
739 env->fpr[n-32] = ldfq_p(mem_buf);
744 env->nip = ldtul_p(mem_buf);
745 return sizeof(target_ulong);
747 ppc_store_msr(env, ldtul_p(mem_buf));
748 return sizeof(target_ulong);
751 uint32_t cr = ldl_p(mem_buf);
753 for (i = 0; i < 8; i++)
754 env->crf[i] = (cr >> (32 - ((i + 1) * 4))) & 0xF;
758 env->lr = ldtul_p(mem_buf);
759 return sizeof(target_ulong);
761 env->ctr = ldtul_p(mem_buf);
762 return sizeof(target_ulong);
764 env->xer = ldtul_p(mem_buf);
765 return sizeof(target_ulong);
776 #elif defined (TARGET_SPARC)
778 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
779 #define NUM_CORE_REGS 86
781 #define NUM_CORE_REGS 72
785 #define GET_REGA(val) GET_REG32(val)
787 #define GET_REGA(val) GET_REGL(val)
790 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
794 GET_REGA(env->gregs[n]);
797 /* register window */
798 GET_REGA(env->regwptr[n - 8]);
800 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
803 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
805 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
807 case 64: GET_REGA(env->y);
808 case 65: GET_REGA(cpu_get_psr(env));
809 case 66: GET_REGA(env->wim);
810 case 67: GET_REGA(env->tbr);
811 case 68: GET_REGA(env->pc);
812 case 69: GET_REGA(env->npc);
813 case 70: GET_REGA(env->fsr);
814 case 71: GET_REGA(0); /* csr */
815 default: GET_REGA(0);
820 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
823 /* f32-f62 (double width, even numbers only) */
826 val = (uint64_t)*((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) << 32;
827 val |= *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]);
831 case 80: GET_REGL(env->pc);
832 case 81: GET_REGL(env->npc);
833 case 82: GET_REGL((cpu_get_ccr(env) << 32) |
834 ((env->asi & 0xff) << 24) |
835 ((env->pstate & 0xfff) << 8) |
837 case 83: GET_REGL(env->fsr);
838 case 84: GET_REGL(env->fprs);
839 case 85: GET_REGL(env->y);
845 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
847 #if defined(TARGET_ABI32)
850 tmp = ldl_p(mem_buf);
854 tmp = ldtul_p(mem_buf);
861 /* register window */
862 env->regwptr[n - 8] = tmp;
864 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
867 *((uint32_t *)&env->fpr[n - 32]) = tmp;
869 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
871 case 64: env->y = tmp; break;
872 case 65: cpu_put_psr(env, tmp); break;
873 case 66: env->wim = tmp; break;
874 case 67: env->tbr = tmp; break;
875 case 68: env->pc = tmp; break;
876 case 69: env->npc = tmp; break;
877 case 70: env->fsr = tmp; break;
885 env->fpr[n] = ldfl_p(mem_buf);
888 /* f32-f62 (double width, even numbers only) */
889 *((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) = tmp >> 32;
890 *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]) = tmp;
893 case 80: env->pc = tmp; break;
894 case 81: env->npc = tmp; break;
896 cpu_put_ccr(env, tmp >> 32);
897 env->asi = (tmp >> 24) & 0xff;
898 env->pstate = (tmp >> 8) & 0xfff;
899 cpu_put_cwp64(env, tmp & 0xff);
901 case 83: env->fsr = tmp; break;
902 case 84: env->fprs = tmp; break;
903 case 85: env->y = tmp; break;
910 #elif defined (TARGET_ARM)
912 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
913 whatever the target description contains. Due to a historical mishap
914 the FPA registers appear in between core integer regs and the CPSR.
915 We hack round this by giving the FPA regs zero size when talking to a
917 #define NUM_CORE_REGS 26
918 #define GDB_CORE_XML "arm-core.xml"
920 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
923 /* Core integer register. */
924 GET_REG32(env->regs[n]);
930 memset(mem_buf, 0, 12);
935 /* FPA status register. */
941 GET_REG32(cpsr_read(env));
943 /* Unknown register. */
947 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
951 tmp = ldl_p(mem_buf);
953 /* Mask out low bit of PC to workaround gdb bugs. This will probably
954 cause problems if we ever implement the Jazelle DBX extensions. */
959 /* Core integer register. */
963 if (n < 24) { /* 16-23 */
964 /* FPA registers (ignored). */
971 /* FPA status register (ignored). */
977 cpsr_write (env, tmp, 0xffffffff);
980 /* Unknown register. */
984 #elif defined (TARGET_M68K)
986 #define NUM_CORE_REGS 18
988 #define GDB_CORE_XML "cf-core.xml"
990 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
994 GET_REG32(env->dregs[n]);
997 GET_REG32(env->aregs[n - 8]);
1000 case 16: GET_REG32(env->sr);
1001 case 17: GET_REG32(env->pc);
1004 /* FP registers not included here because they vary between
1005 ColdFire and m68k. Use XML bits for these. */
1009 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1013 tmp = ldl_p(mem_buf);
1017 env->dregs[n] = tmp;
1018 } else if (n < 16) {
1020 env->aregs[n - 8] = tmp;
1023 case 16: env->sr = tmp; break;
1024 case 17: env->pc = tmp; break;
1030 #elif defined (TARGET_MIPS)
1032 #define NUM_CORE_REGS 73
1034 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1037 GET_REGL(env->active_tc.gpr[n]);
1039 if (env->CP0_Config1 & (1 << CP0C1_FP)) {
1040 if (n >= 38 && n < 70) {
1041 if (env->CP0_Status & (1 << CP0St_FR))
1042 GET_REGL(env->active_fpu.fpr[n - 38].d);
1044 GET_REGL(env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX]);
1047 case 70: GET_REGL((int32_t)env->active_fpu.fcr31);
1048 case 71: GET_REGL((int32_t)env->active_fpu.fcr0);
1052 case 32: GET_REGL((int32_t)env->CP0_Status);
1053 case 33: GET_REGL(env->active_tc.LO[0]);
1054 case 34: GET_REGL(env->active_tc.HI[0]);
1055 case 35: GET_REGL(env->CP0_BadVAddr);
1056 case 36: GET_REGL((int32_t)env->CP0_Cause);
1057 case 37: GET_REGL(env->active_tc.PC | !!(env->hflags & MIPS_HFLAG_M16));
1058 case 72: GET_REGL(0); /* fp */
1059 case 89: GET_REGL((int32_t)env->CP0_PRid);
1061 if (n >= 73 && n <= 88) {
1062 /* 16 embedded regs. */
1069 /* convert MIPS rounding mode in FCR31 to IEEE library */
1070 static unsigned int ieee_rm[] =
1072 float_round_nearest_even,
1073 float_round_to_zero,
1077 #define RESTORE_ROUNDING_MODE \
1078 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
1080 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1084 tmp = ldtul_p(mem_buf);
1087 env->active_tc.gpr[n] = tmp;
1088 return sizeof(target_ulong);
1090 if (env->CP0_Config1 & (1 << CP0C1_FP)
1091 && n >= 38 && n < 73) {
1093 if (env->CP0_Status & (1 << CP0St_FR))
1094 env->active_fpu.fpr[n - 38].d = tmp;
1096 env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX] = tmp;
1100 env->active_fpu.fcr31 = tmp & 0xFF83FFFF;
1101 /* set rounding mode */
1102 RESTORE_ROUNDING_MODE;
1103 #ifndef CONFIG_SOFTFLOAT
1104 /* no floating point exception for native float */
1105 SET_FP_ENABLE(env->active_fpu.fcr31, 0);
1108 case 71: env->active_fpu.fcr0 = tmp; break;
1110 return sizeof(target_ulong);
1113 case 32: env->CP0_Status = tmp; break;
1114 case 33: env->active_tc.LO[0] = tmp; break;
1115 case 34: env->active_tc.HI[0] = tmp; break;
1116 case 35: env->CP0_BadVAddr = tmp; break;
1117 case 36: env->CP0_Cause = tmp; break;
1119 env->active_tc.PC = tmp & ~(target_ulong)1;
1121 env->hflags |= MIPS_HFLAG_M16;
1123 env->hflags &= ~(MIPS_HFLAG_M16);
1126 case 72: /* fp, ignored */ break;
1130 /* Other registers are readonly. Ignore writes. */
1134 return sizeof(target_ulong);
1136 #elif defined (TARGET_SH4)
1138 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
1139 /* FIXME: We should use XML for this. */
1141 #define NUM_CORE_REGS 59
1143 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1146 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
1147 GET_REGL(env->gregs[n + 16]);
1149 GET_REGL(env->gregs[n]);
1151 } else if (n < 16) {
1152 GET_REGL(env->gregs[n]);
1153 } else if (n >= 25 && n < 41) {
1154 GET_REGL(env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)]);
1155 } else if (n >= 43 && n < 51) {
1156 GET_REGL(env->gregs[n - 43]);
1157 } else if (n >= 51 && n < 59) {
1158 GET_REGL(env->gregs[n - (51 - 16)]);
1161 case 16: GET_REGL(env->pc);
1162 case 17: GET_REGL(env->pr);
1163 case 18: GET_REGL(env->gbr);
1164 case 19: GET_REGL(env->vbr);
1165 case 20: GET_REGL(env->mach);
1166 case 21: GET_REGL(env->macl);
1167 case 22: GET_REGL(env->sr);
1168 case 23: GET_REGL(env->fpul);
1169 case 24: GET_REGL(env->fpscr);
1170 case 41: GET_REGL(env->ssr);
1171 case 42: GET_REGL(env->spc);
1177 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1181 tmp = ldl_p(mem_buf);
1184 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
1185 env->gregs[n + 16] = tmp;
1187 env->gregs[n] = tmp;
1190 } else if (n < 16) {
1191 env->gregs[n] = tmp;
1193 } else if (n >= 25 && n < 41) {
1194 env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)] = tmp;
1196 } else if (n >= 43 && n < 51) {
1197 env->gregs[n - 43] = tmp;
1199 } else if (n >= 51 && n < 59) {
1200 env->gregs[n - (51 - 16)] = tmp;
1204 case 16: env->pc = tmp; break;
1205 case 17: env->pr = tmp; break;
1206 case 18: env->gbr = tmp; break;
1207 case 19: env->vbr = tmp; break;
1208 case 20: env->mach = tmp; break;
1209 case 21: env->macl = tmp; break;
1210 case 22: env->sr = tmp; break;
1211 case 23: env->fpul = tmp; break;
1212 case 24: env->fpscr = tmp; break;
1213 case 41: env->ssr = tmp; break;
1214 case 42: env->spc = tmp; break;
1220 #elif defined (TARGET_MICROBLAZE)
1222 #define NUM_CORE_REGS (32 + 5)
1224 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1227 GET_REG32(env->regs[n]);
1229 GET_REG32(env->sregs[n - 32]);
1234 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1238 if (n > NUM_CORE_REGS)
1241 tmp = ldl_p(mem_buf);
1246 env->sregs[n - 32] = tmp;
1250 #elif defined (TARGET_CRIS)
1252 #define NUM_CORE_REGS 49
1255 read_register_crisv10(CPUState *env, uint8_t *mem_buf, int n)
1258 GET_REG32(env->regs[n]);
1268 GET_REG8(env->pregs[n - 16]);
1271 GET_REG8(env->pregs[n - 16]);
1275 GET_REG16(env->pregs[n - 16]);
1279 GET_REG32(env->pregs[n - 16]);
1287 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1291 if (env->pregs[PR_VR] < 32)
1292 return read_register_crisv10(env, mem_buf, n);
1294 srs = env->pregs[PR_SRS];
1296 GET_REG32(env->regs[n]);
1299 if (n >= 21 && n < 32) {
1300 GET_REG32(env->pregs[n - 16]);
1302 if (n >= 33 && n < 49) {
1303 GET_REG32(env->sregs[srs][n - 33]);
1306 case 16: GET_REG8(env->pregs[0]);
1307 case 17: GET_REG8(env->pregs[1]);
1308 case 18: GET_REG32(env->pregs[2]);
1309 case 19: GET_REG8(srs);
1310 case 20: GET_REG16(env->pregs[4]);
1311 case 32: GET_REG32(env->pc);
1317 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1324 tmp = ldl_p(mem_buf);
1330 if (n >= 21 && n < 32) {
1331 env->pregs[n - 16] = tmp;
1334 /* FIXME: Should support function regs be writable? */
1338 case 18: env->pregs[PR_PID] = tmp; break;
1341 case 32: env->pc = tmp; break;
1346 #elif defined (TARGET_ALPHA)
1348 #define NUM_CORE_REGS 67
1350 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1360 d.d = env->fir[n - 32];
1364 val = cpu_alpha_load_fpcr(env);
1374 /* 31 really is the zero register; 65 is unassigned in the
1375 gdb protocol, but is still required to occupy 8 bytes. */
1384 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1386 target_ulong tmp = ldtul_p(mem_buf);
1395 env->fir[n - 32] = d.d;
1398 cpu_alpha_store_fpcr(env, tmp);
1408 /* 31 really is the zero register; 65 is unassigned in the
1409 gdb protocol, but is still required to occupy 8 bytes. */
1416 #elif defined (TARGET_S390X)
1418 #define NUM_CORE_REGS S390_NUM_TOTAL_REGS
1420 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1423 case S390_PSWM_REGNUM: GET_REGL(env->psw.mask); break;
1424 case S390_PSWA_REGNUM: GET_REGL(env->psw.addr); break;
1425 case S390_R0_REGNUM ... S390_R15_REGNUM:
1426 GET_REGL(env->regs[n-S390_R0_REGNUM]); break;
1427 case S390_A0_REGNUM ... S390_A15_REGNUM:
1428 GET_REG32(env->aregs[n-S390_A0_REGNUM]); break;
1429 case S390_FPC_REGNUM: GET_REG32(env->fpc); break;
1430 case S390_F0_REGNUM ... S390_F15_REGNUM:
1433 case S390_PC_REGNUM: GET_REGL(env->psw.addr); break;
1434 case S390_CC_REGNUM: GET_REG32(env->cc); break;
1440 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1445 tmpl = ldtul_p(mem_buf);
1446 tmp32 = ldl_p(mem_buf);
1449 case S390_PSWM_REGNUM: env->psw.mask = tmpl; break;
1450 case S390_PSWA_REGNUM: env->psw.addr = tmpl; break;
1451 case S390_R0_REGNUM ... S390_R15_REGNUM:
1452 env->regs[n-S390_R0_REGNUM] = tmpl; break;
1453 case S390_A0_REGNUM ... S390_A15_REGNUM:
1454 env->aregs[n-S390_A0_REGNUM] = tmp32; r=4; break;
1455 case S390_FPC_REGNUM: env->fpc = tmp32; r=4; break;
1456 case S390_F0_REGNUM ... S390_F15_REGNUM:
1459 case S390_PC_REGNUM: env->psw.addr = tmpl; break;
1460 case S390_CC_REGNUM: env->cc = tmp32; r=4; break;
1465 #elif defined (TARGET_LM32)
1467 #include "hw/lm32_pic.h"
1468 #define NUM_CORE_REGS (32 + 7)
1470 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1473 GET_REG32(env->regs[n]);
1479 /* FIXME: put in right exception ID */
1484 GET_REG32(env->eba);
1487 GET_REG32(env->deba);
1493 GET_REG32(lm32_pic_get_im(env->pic_state));
1496 GET_REG32(lm32_pic_get_ip(env->pic_state));
1503 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1507 if (n > NUM_CORE_REGS) {
1511 tmp = ldl_p(mem_buf);
1530 lm32_pic_set_im(env->pic_state, tmp);
1533 lm32_pic_set_ip(env->pic_state, tmp);
1541 #define NUM_CORE_REGS 0
1543 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1548 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1555 static int num_g_regs = NUM_CORE_REGS;
1558 /* Encode data using the encoding for 'x' packets. */
1559 static int memtox(char *buf, const char *mem, int len)
1567 case '#': case '$': case '*': case '}':
1579 static const char *get_feature_xml(const char *p, const char **newp)
1584 static char target_xml[1024];
1587 while (p[len] && p[len] != ':')
1592 if (strncmp(p, "target.xml", len) == 0) {
1593 /* Generate the XML description for this CPU. */
1594 if (!target_xml[0]) {
1595 GDBRegisterState *r;
1597 snprintf(target_xml, sizeof(target_xml),
1598 "<?xml version=\"1.0\"?>"
1599 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1601 "<xi:include href=\"%s\"/>",
1604 for (r = first_cpu->gdb_regs; r; r = r->next) {
1605 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
1606 pstrcat(target_xml, sizeof(target_xml), r->xml);
1607 pstrcat(target_xml, sizeof(target_xml), "\"/>");
1609 pstrcat(target_xml, sizeof(target_xml), "</target>");
1613 for (i = 0; ; i++) {
1614 name = xml_builtin[i][0];
1615 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
1618 return name ? xml_builtin[i][1] : NULL;
1622 static int gdb_read_register(CPUState *env, uint8_t *mem_buf, int reg)
1624 GDBRegisterState *r;
1626 if (reg < NUM_CORE_REGS)
1627 return cpu_gdb_read_register(env, mem_buf, reg);
1629 for (r = env->gdb_regs; r; r = r->next) {
1630 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1631 return r->get_reg(env, mem_buf, reg - r->base_reg);
1637 static int gdb_write_register(CPUState *env, uint8_t *mem_buf, int reg)
1639 GDBRegisterState *r;
1641 if (reg < NUM_CORE_REGS)
1642 return cpu_gdb_write_register(env, mem_buf, reg);
1644 for (r = env->gdb_regs; r; r = r->next) {
1645 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1646 return r->set_reg(env, mem_buf, reg - r->base_reg);
1652 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1653 specifies the first register number and these registers are included in
1654 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1655 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1658 void gdb_register_coprocessor(CPUState * env,
1659 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
1660 int num_regs, const char *xml, int g_pos)
1662 GDBRegisterState *s;
1663 GDBRegisterState **p;
1664 static int last_reg = NUM_CORE_REGS;
1666 s = (GDBRegisterState *)qemu_mallocz(sizeof(GDBRegisterState));
1667 s->base_reg = last_reg;
1668 s->num_regs = num_regs;
1669 s->get_reg = get_reg;
1670 s->set_reg = set_reg;
1674 /* Check for duplicates. */
1675 if (strcmp((*p)->xml, xml) == 0)
1679 /* Add to end of list. */
1680 last_reg += num_regs;
1683 if (g_pos != s->base_reg) {
1684 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
1685 "Expected %d got %d\n", xml, g_pos, s->base_reg);
1687 num_g_regs = last_reg;
1692 #ifndef CONFIG_USER_ONLY
1693 static const int xlat_gdb_type[] = {
1694 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1695 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1696 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1700 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
1706 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1709 case GDB_BREAKPOINT_SW:
1710 case GDB_BREAKPOINT_HW:
1711 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1712 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
1717 #ifndef CONFIG_USER_ONLY
1718 case GDB_WATCHPOINT_WRITE:
1719 case GDB_WATCHPOINT_READ:
1720 case GDB_WATCHPOINT_ACCESS:
1721 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1722 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
1734 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
1740 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1743 case GDB_BREAKPOINT_SW:
1744 case GDB_BREAKPOINT_HW:
1745 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1746 err = cpu_breakpoint_remove(env, addr, BP_GDB);
1751 #ifndef CONFIG_USER_ONLY
1752 case GDB_WATCHPOINT_WRITE:
1753 case GDB_WATCHPOINT_READ:
1754 case GDB_WATCHPOINT_ACCESS:
1755 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1756 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
1767 static void gdb_breakpoint_remove_all(void)
1771 if (kvm_enabled()) {
1772 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1776 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1777 cpu_breakpoint_remove_all(env, BP_GDB);
1778 #ifndef CONFIG_USER_ONLY
1779 cpu_watchpoint_remove_all(env, BP_GDB);
1784 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1786 #if defined(TARGET_I386)
1787 cpu_synchronize_state(s->c_cpu);
1789 #elif defined (TARGET_PPC)
1791 #elif defined (TARGET_SPARC)
1793 s->c_cpu->npc = pc + 4;
1794 #elif defined (TARGET_ARM)
1795 s->c_cpu->regs[15] = pc;
1796 #elif defined (TARGET_SH4)
1798 #elif defined (TARGET_MIPS)
1799 s->c_cpu->active_tc.PC = pc & ~(target_ulong)1;
1801 s->c_cpu->hflags |= MIPS_HFLAG_M16;
1803 s->c_cpu->hflags &= ~(MIPS_HFLAG_M16);
1805 #elif defined (TARGET_MICROBLAZE)
1806 s->c_cpu->sregs[SR_PC] = pc;
1807 #elif defined (TARGET_CRIS)
1809 #elif defined (TARGET_ALPHA)
1811 #elif defined (TARGET_S390X)
1812 cpu_synchronize_state(s->c_cpu);
1813 s->c_cpu->psw.addr = pc;
1814 #elif defined (TARGET_LM32)
1819 static inline int gdb_id(CPUState *env)
1821 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_USE_NPTL)
1822 return env->host_tid;
1824 return env->cpu_index + 1;
1828 static CPUState *find_cpu(uint32_t thread_id)
1832 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1833 if (gdb_id(env) == thread_id) {
1841 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1846 int ch, reg_size, type, res;
1847 char buf[MAX_PACKET_LENGTH];
1848 uint8_t mem_buf[MAX_PACKET_LENGTH];
1850 target_ulong addr, len;
1853 printf("command='%s'\n", line_buf);
1859 /* TODO: Make this return the correct value for user-mode. */
1860 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
1863 /* Remove all the breakpoints when this query is issued,
1864 * because gdb is doing and initial connect and the state
1865 * should be cleaned up.
1867 gdb_breakpoint_remove_all();
1871 addr = strtoull(p, (char **)&p, 16);
1872 gdb_set_cpu_pc(s, addr);
1878 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1879 if (s->signal == -1)
1884 if (strncmp(p, "Cont", 4) == 0) {
1885 int res_signal, res_thread;
1889 put_packet(s, "vCont;c;C;s;S");
1904 if (action == 'C' || action == 'S') {
1905 signal = strtoul(p, (char **)&p, 16);
1906 } else if (action != 'c' && action != 's') {
1912 thread = strtoull(p+1, (char **)&p, 16);
1914 action = tolower(action);
1915 if (res == 0 || (res == 'c' && action == 's')) {
1917 res_signal = signal;
1918 res_thread = thread;
1922 if (res_thread != -1 && res_thread != 0) {
1923 env = find_cpu(res_thread);
1925 put_packet(s, "E22");
1931 cpu_single_step(s->c_cpu, sstep_flags);
1933 s->signal = res_signal;
1939 goto unknown_command;
1942 /* Kill the target */
1943 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
1947 gdb_breakpoint_remove_all();
1948 gdb_syscall_mode = GDB_SYS_DISABLED;
1950 put_packet(s, "OK");
1954 addr = strtoull(p, (char **)&p, 16);
1955 gdb_set_cpu_pc(s, addr);
1957 cpu_single_step(s->c_cpu, sstep_flags);
1965 ret = strtoull(p, (char **)&p, 16);
1968 err = strtoull(p, (char **)&p, 16);
1975 if (gdb_current_syscall_cb)
1976 gdb_current_syscall_cb(s->c_cpu, ret, err);
1978 put_packet(s, "T02");
1985 cpu_synchronize_state(s->g_cpu);
1987 for (addr = 0; addr < num_g_regs; addr++) {
1988 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1991 memtohex(buf, mem_buf, len);
1995 cpu_synchronize_state(s->g_cpu);
1996 registers = mem_buf;
1997 len = strlen(p) / 2;
1998 hextomem((uint8_t *)registers, p, len);
1999 for (addr = 0; addr < num_g_regs && len > 0; addr++) {
2000 reg_size = gdb_write_register(s->g_cpu, registers, addr);
2002 registers += reg_size;
2004 put_packet(s, "OK");
2007 addr = strtoull(p, (char **)&p, 16);
2010 len = strtoull(p, NULL, 16);
2011 if (cpu_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 0) != 0) {
2012 put_packet (s, "E14");
2014 memtohex(buf, mem_buf, len);
2019 addr = strtoull(p, (char **)&p, 16);
2022 len = strtoull(p, (char **)&p, 16);
2025 hextomem(mem_buf, p, len);
2026 if (cpu_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 1) != 0)
2027 put_packet(s, "E14");
2029 put_packet(s, "OK");
2032 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
2033 This works, but can be very slow. Anything new enough to
2034 understand XML also knows how to use this properly. */
2036 goto unknown_command;
2037 addr = strtoull(p, (char **)&p, 16);
2038 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
2040 memtohex(buf, mem_buf, reg_size);
2043 put_packet(s, "E14");
2048 goto unknown_command;
2049 addr = strtoull(p, (char **)&p, 16);
2052 reg_size = strlen(p) / 2;
2053 hextomem(mem_buf, p, reg_size);
2054 gdb_write_register(s->g_cpu, mem_buf, addr);
2055 put_packet(s, "OK");
2059 type = strtoul(p, (char **)&p, 16);
2062 addr = strtoull(p, (char **)&p, 16);
2065 len = strtoull(p, (char **)&p, 16);
2067 res = gdb_breakpoint_insert(addr, len, type);
2069 res = gdb_breakpoint_remove(addr, len, type);
2071 put_packet(s, "OK");
2072 else if (res == -ENOSYS)
2075 put_packet(s, "E22");
2079 thread = strtoull(p, (char **)&p, 16);
2080 if (thread == -1 || thread == 0) {
2081 put_packet(s, "OK");
2084 env = find_cpu(thread);
2086 put_packet(s, "E22");
2092 put_packet(s, "OK");
2096 put_packet(s, "OK");
2099 put_packet(s, "E22");
2104 thread = strtoull(p, (char **)&p, 16);
2105 env = find_cpu(thread);
2108 put_packet(s, "OK");
2110 put_packet(s, "E22");
2115 /* parse any 'q' packets here */
2116 if (!strcmp(p,"qemu.sstepbits")) {
2117 /* Query Breakpoint bit definitions */
2118 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2124 } else if (strncmp(p,"qemu.sstep",10) == 0) {
2125 /* Display or change the sstep_flags */
2128 /* Display current setting */
2129 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
2134 type = strtoul(p, (char **)&p, 16);
2136 put_packet(s, "OK");
2138 } else if (strcmp(p,"C") == 0) {
2139 /* "Current thread" remains vague in the spec, so always return
2140 * the first CPU (gdb returns the first thread). */
2141 put_packet(s, "QC1");
2143 } else if (strcmp(p,"fThreadInfo") == 0) {
2144 s->query_cpu = first_cpu;
2145 goto report_cpuinfo;
2146 } else if (strcmp(p,"sThreadInfo") == 0) {
2149 snprintf(buf, sizeof(buf), "m%x", gdb_id(s->query_cpu));
2151 s->query_cpu = s->query_cpu->next_cpu;
2155 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
2156 thread = strtoull(p+16, (char **)&p, 16);
2157 env = find_cpu(thread);
2159 cpu_synchronize_state(env);
2160 len = snprintf((char *)mem_buf, sizeof(mem_buf),
2161 "CPU#%d [%s]", env->cpu_index,
2162 env->halted ? "halted " : "running");
2163 memtohex(buf, mem_buf, len);
2168 #ifdef CONFIG_USER_ONLY
2169 else if (strncmp(p, "Offsets", 7) == 0) {
2170 TaskState *ts = s->c_cpu->opaque;
2172 snprintf(buf, sizeof(buf),
2173 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
2174 ";Bss=" TARGET_ABI_FMT_lx,
2175 ts->info->code_offset,
2176 ts->info->data_offset,
2177 ts->info->data_offset);
2181 #else /* !CONFIG_USER_ONLY */
2182 else if (strncmp(p, "Rcmd,", 5) == 0) {
2183 int len = strlen(p + 5);
2185 if ((len % 2) != 0) {
2186 put_packet(s, "E01");
2189 hextomem(mem_buf, p + 5, len);
2192 qemu_chr_read(s->mon_chr, mem_buf, len);
2193 put_packet(s, "OK");
2196 #endif /* !CONFIG_USER_ONLY */
2197 if (strncmp(p, "Supported", 9) == 0) {
2198 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
2200 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
2206 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
2208 target_ulong total_len;
2212 xml = get_feature_xml(p, &p);
2214 snprintf(buf, sizeof(buf), "E00");
2221 addr = strtoul(p, (char **)&p, 16);
2224 len = strtoul(p, (char **)&p, 16);
2226 total_len = strlen(xml);
2227 if (addr > total_len) {
2228 snprintf(buf, sizeof(buf), "E00");
2232 if (len > (MAX_PACKET_LENGTH - 5) / 2)
2233 len = (MAX_PACKET_LENGTH - 5) / 2;
2234 if (len < total_len - addr) {
2236 len = memtox(buf + 1, xml + addr, len);
2239 len = memtox(buf + 1, xml + addr, total_len - addr);
2241 put_packet_binary(s, buf, len + 1);
2245 /* Unrecognised 'q' command. */
2246 goto unknown_command;
2250 /* put empty packet */
2258 void gdb_set_stop_cpu(CPUState *env)
2260 gdbserver_state->c_cpu = env;
2261 gdbserver_state->g_cpu = env;
2264 #ifndef CONFIG_USER_ONLY
2265 static void gdb_vm_state_change(void *opaque, int running, int reason)
2267 GDBState *s = gdbserver_state;
2268 CPUState *env = s->c_cpu;
2273 if (running || (reason != VMSTOP_DEBUG && reason != VMSTOP_USER) ||
2274 s->state == RS_INACTIVE || s->state == RS_SYSCALL) {
2277 /* disable single step if it was enable */
2278 cpu_single_step(env, 0);
2280 if (reason == VMSTOP_DEBUG) {
2281 if (env->watchpoint_hit) {
2282 switch (env->watchpoint_hit->flags & BP_MEM_ACCESS) {
2293 snprintf(buf, sizeof(buf),
2294 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
2295 GDB_SIGNAL_TRAP, gdb_id(env), type,
2296 env->watchpoint_hit->vaddr);
2298 env->watchpoint_hit = NULL;
2302 ret = GDB_SIGNAL_TRAP;
2304 ret = GDB_SIGNAL_INT;
2306 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, gdb_id(env));
2311 /* Send a gdb syscall request.
2312 This accepts limited printf-style format specifiers, specifically:
2313 %x - target_ulong argument printed in hex.
2314 %lx - 64-bit argument printed in hex.
2315 %s - string pointer (target_ulong) and length (int) pair. */
2316 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2325 s = gdbserver_state;
2328 gdb_current_syscall_cb = cb;
2329 s->state = RS_SYSCALL;
2330 #ifndef CONFIG_USER_ONLY
2331 vm_stop(VMSTOP_DEBUG);
2342 addr = va_arg(va, target_ulong);
2343 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx, addr);
2346 if (*(fmt++) != 'x')
2348 i64 = va_arg(va, uint64_t);
2349 p += snprintf(p, &buf[sizeof(buf)] - p, "%" PRIx64, i64);
2352 addr = va_arg(va, target_ulong);
2353 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx "/%x",
2354 addr, va_arg(va, int));
2358 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
2369 #ifdef CONFIG_USER_ONLY
2370 gdb_handlesig(s->c_cpu, 0);
2376 static void gdb_read_byte(GDBState *s, int ch)
2381 #ifndef CONFIG_USER_ONLY
2382 if (s->last_packet_len) {
2383 /* Waiting for a response to the last packet. If we see the start
2384 of a new command then abandon the previous response. */
2387 printf("Got NACK, retransmitting\n");
2389 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
2393 printf("Got ACK\n");
2395 printf("Got '%c' when expecting ACK/NACK\n", ch);
2397 if (ch == '+' || ch == '$')
2398 s->last_packet_len = 0;
2403 /* when the CPU is running, we cannot do anything except stop
2404 it when receiving a char */
2405 vm_stop(VMSTOP_USER);
2412 s->line_buf_index = 0;
2413 s->state = RS_GETLINE;
2418 s->state = RS_CHKSUM1;
2419 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2422 s->line_buf[s->line_buf_index++] = ch;
2426 s->line_buf[s->line_buf_index] = '\0';
2427 s->line_csum = fromhex(ch) << 4;
2428 s->state = RS_CHKSUM2;
2431 s->line_csum |= fromhex(ch);
2433 for(i = 0; i < s->line_buf_index; i++) {
2434 csum += s->line_buf[i];
2436 if (s->line_csum != (csum & 0xff)) {
2438 put_buffer(s, &reply, 1);
2442 put_buffer(s, &reply, 1);
2443 s->state = gdb_handle_packet(s, s->line_buf);
2452 /* Tell the remote gdb that the process has exited. */
2453 void gdb_exit(CPUState *env, int code)
2458 s = gdbserver_state;
2462 #ifdef CONFIG_USER_ONLY
2463 if (gdbserver_fd < 0 || s->fd < 0) {
2468 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2471 #ifndef CONFIG_USER_ONLY
2473 qemu_chr_close(s->chr);
2478 #ifdef CONFIG_USER_ONLY
2484 s = gdbserver_state;
2486 if (gdbserver_fd < 0 || s->fd < 0)
2493 gdb_handlesig (CPUState *env, int sig)
2499 s = gdbserver_state;
2500 if (gdbserver_fd < 0 || s->fd < 0)
2503 /* disable single step if it was enabled */
2504 cpu_single_step(env, 0);
2509 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb (sig));
2512 /* put_packet() might have detected that the peer terminated the
2519 s->running_state = 0;
2520 while (s->running_state == 0) {
2521 n = read (s->fd, buf, 256);
2526 for (i = 0; i < n; i++)
2527 gdb_read_byte (s, buf[i]);
2529 else if (n == 0 || errno != EAGAIN)
2531 /* XXX: Connection closed. Should probably wait for annother
2532 connection before continuing. */
2541 /* Tell the remote gdb that the process has exited due to SIG. */
2542 void gdb_signalled(CPUState *env, int sig)
2547 s = gdbserver_state;
2548 if (gdbserver_fd < 0 || s->fd < 0)
2551 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb (sig));
2555 static void gdb_accept(void)
2558 struct sockaddr_in sockaddr;
2563 len = sizeof(sockaddr);
2564 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
2565 if (fd < 0 && errno != EINTR) {
2568 } else if (fd >= 0) {
2570 fcntl(fd, F_SETFD, FD_CLOEXEC);
2576 /* set short latency */
2578 setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val));
2580 s = qemu_mallocz(sizeof(GDBState));
2581 s->c_cpu = first_cpu;
2582 s->g_cpu = first_cpu;
2586 gdbserver_state = s;
2588 fcntl(fd, F_SETFL, O_NONBLOCK);
2591 static int gdbserver_open(int port)
2593 struct sockaddr_in sockaddr;
2596 fd = socket(PF_INET, SOCK_STREAM, 0);
2602 fcntl(fd, F_SETFD, FD_CLOEXEC);
2605 /* allow fast reuse */
2607 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val));
2609 sockaddr.sin_family = AF_INET;
2610 sockaddr.sin_port = htons(port);
2611 sockaddr.sin_addr.s_addr = 0;
2612 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
2617 ret = listen(fd, 0);
2625 int gdbserver_start(int port)
2627 gdbserver_fd = gdbserver_open(port);
2628 if (gdbserver_fd < 0)
2630 /* accept connections */
2635 /* Disable gdb stub for child processes. */
2636 void gdbserver_fork(CPUState *env)
2638 GDBState *s = gdbserver_state;
2639 if (gdbserver_fd < 0 || s->fd < 0)
2643 cpu_breakpoint_remove_all(env, BP_GDB);
2644 cpu_watchpoint_remove_all(env, BP_GDB);
2647 static int gdb_chr_can_receive(void *opaque)
2649 /* We can handle an arbitrarily large amount of data.
2650 Pick the maximum packet size, which is as good as anything. */
2651 return MAX_PACKET_LENGTH;
2654 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
2658 for (i = 0; i < size; i++) {
2659 gdb_read_byte(gdbserver_state, buf[i]);
2663 static void gdb_chr_event(void *opaque, int event)
2666 case CHR_EVENT_OPENED:
2667 vm_stop(VMSTOP_USER);
2675 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
2677 char buf[MAX_PACKET_LENGTH];
2680 if (len > (MAX_PACKET_LENGTH/2) - 1)
2681 len = (MAX_PACKET_LENGTH/2) - 1;
2682 memtohex(buf + 1, (uint8_t *)msg, len);
2686 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
2688 const char *p = (const char *)buf;
2691 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
2693 if (len <= max_sz) {
2694 gdb_monitor_output(gdbserver_state, p, len);
2697 gdb_monitor_output(gdbserver_state, p, max_sz);
2705 static void gdb_sigterm_handler(int signal)
2708 vm_stop(VMSTOP_USER);
2713 int gdbserver_start(const char *device)
2716 char gdbstub_device_name[128];
2717 CharDriverState *chr = NULL;
2718 CharDriverState *mon_chr;
2722 if (strcmp(device, "none") != 0) {
2723 if (strstart(device, "tcp:", NULL)) {
2724 /* enforce required TCP attributes */
2725 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2726 "%s,nowait,nodelay,server", device);
2727 device = gdbstub_device_name;
2730 else if (strcmp(device, "stdio") == 0) {
2731 struct sigaction act;
2733 memset(&act, 0, sizeof(act));
2734 act.sa_handler = gdb_sigterm_handler;
2735 sigaction(SIGINT, &act, NULL);
2738 chr = qemu_chr_open("gdb", device, NULL);
2742 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
2743 gdb_chr_event, NULL);
2746 s = gdbserver_state;
2748 s = qemu_mallocz(sizeof(GDBState));
2749 gdbserver_state = s;
2751 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2753 /* Initialize a monitor terminal for gdb */
2754 mon_chr = qemu_mallocz(sizeof(*mon_chr));
2755 mon_chr->chr_write = gdb_monitor_write;
2756 monitor_init(mon_chr, 0);
2759 qemu_chr_close(s->chr);
2760 mon_chr = s->mon_chr;
2761 memset(s, 0, sizeof(GDBState));
2763 s->c_cpu = first_cpu;
2764 s->g_cpu = first_cpu;
2766 s->state = chr ? RS_IDLE : RS_INACTIVE;
2767 s->mon_chr = mon_chr;
projects / qemu.git / blob