4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 #include "qemu-common.h"
22 #ifdef CONFIG_USER_ONLY
33 #include "qemu-char.h"
38 #define MAX_PACKET_LENGTH 4096
40 #include "qemu_socket.h"
42 /* XXX: these constants may be independent of the host ones even for Unix */
55 typedef struct GDBRegisterState {
61 struct GDBRegisterState *next;
71 typedef struct GDBState {
72 CPUState *env; /* current CPU */
73 enum RSState state; /* parsing state */
74 char line_buf[MAX_PACKET_LENGTH];
77 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
80 #ifdef CONFIG_USER_ONLY
88 /* By default use no IRQs and no timers while single stepping so as to
89 * make single stepping like an ICE HW step.
91 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
93 /* This is an ugly hack to cope with both new and old gdb.
94 If gdb sends qXfer:features:read then assume we're talking to a newish
95 gdb that understands target descriptions. */
96 static int gdb_has_xml;
98 #ifdef CONFIG_USER_ONLY
99 /* XXX: This is not thread safe. Do we care? */
100 static int gdbserver_fd = -1;
102 /* XXX: remove this hack. */
103 static GDBState gdbserver_state;
105 static int get_char(GDBState *s)
111 ret = recv(s->fd, &ch, 1, 0);
113 if (errno == ECONNRESET)
115 if (errno != EINTR && errno != EAGAIN)
117 } else if (ret == 0) {
129 /* GDB stub state for use by semihosting syscalls. */
130 static GDBState *gdb_syscall_state;
131 static gdb_syscall_complete_cb gdb_current_syscall_cb;
139 /* If gdb is connected when the first semihosting syscall occurs then use
140 remote gdb syscalls. Otherwise use native file IO. */
141 int use_gdb_syscalls(void)
143 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
144 gdb_syscall_mode = (gdb_syscall_state ? GDB_SYS_ENABLED
147 return gdb_syscall_mode == GDB_SYS_ENABLED;
150 /* Resume execution. */
151 static inline void gdb_continue(GDBState *s)
153 #ifdef CONFIG_USER_ONLY
154 s->running_state = 1;
160 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
162 #ifdef CONFIG_USER_ONLY
166 ret = send(s->fd, buf, len, 0);
168 if (errno != EINTR && errno != EAGAIN)
176 qemu_chr_write(s->chr, buf, len);
180 static inline int fromhex(int v)
182 if (v >= '0' && v <= '9')
184 else if (v >= 'A' && v <= 'F')
186 else if (v >= 'a' && v <= 'f')
192 static inline int tohex(int v)
200 static void memtohex(char *buf, const uint8_t *mem, int len)
205 for(i = 0; i < len; i++) {
207 *q++ = tohex(c >> 4);
208 *q++ = tohex(c & 0xf);
213 static void hextomem(uint8_t *mem, const char *buf, int len)
217 for(i = 0; i < len; i++) {
218 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
223 /* return -1 if error, 0 if OK */
224 static int put_packet_binary(GDBState *s, const char *buf, int len)
235 for(i = 0; i < len; i++) {
239 *(p++) = tohex((csum >> 4) & 0xf);
240 *(p++) = tohex((csum) & 0xf);
242 s->last_packet_len = p - s->last_packet;
243 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
245 #ifdef CONFIG_USER_ONLY
258 /* return -1 if error, 0 if OK */
259 static int put_packet(GDBState *s, const char *buf)
262 printf("reply='%s'\n", buf);
265 return put_packet_binary(s, buf, strlen(buf));
268 /* The GDB remote protocol transfers values in target byte order. This means
269 we can use the raw memory access routines to access the value buffer.
270 Conveniently, these also handle the case where the buffer is mis-aligned.
272 #define GET_REG8(val) do { \
273 stb_p(mem_buf, val); \
276 #define GET_REG16(val) do { \
277 stw_p(mem_buf, val); \
280 #define GET_REG32(val) do { \
281 stl_p(mem_buf, val); \
284 #define GET_REG64(val) do { \
285 stq_p(mem_buf, val); \
289 #if TARGET_LONG_BITS == 64
290 #define GET_REGL(val) GET_REG64(val)
291 #define ldtul_p(addr) ldq_p(addr)
293 #define GET_REGL(val) GET_REG32(val)
294 #define ldtul_p(addr) ldl_p(addr)
297 #if defined(TARGET_I386)
300 static const int gpr_map[16] = {
301 R_EAX, R_EBX, R_ECX, R_EDX, R_ESI, R_EDI, R_EBP, R_ESP,
302 8, 9, 10, 11, 12, 13, 14, 15
305 static const int gpr_map[8] = {0, 1, 2, 3, 4, 5, 6, 7};
308 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
310 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
312 if (n < CPU_NB_REGS) {
313 GET_REGL(env->regs[gpr_map[n]]);
314 } else if (n >= CPU_NB_REGS + 8 && n < CPU_NB_REGS + 16) {
315 /* FIXME: byteswap float values. */
316 #ifdef USE_X86LDOUBLE
317 memcpy(mem_buf, &env->fpregs[n - (CPU_NB_REGS + 8)], 10);
319 memset(mem_buf, 0, 10);
322 } else if (n >= CPU_NB_REGS + 24) {
323 n -= CPU_NB_REGS + 24;
324 if (n < CPU_NB_REGS) {
325 stq_p(mem_buf, env->xmm_regs[n].XMM_Q(0));
326 stq_p(mem_buf + 8, env->xmm_regs[n].XMM_Q(1));
328 } else if (n == CPU_NB_REGS) {
329 GET_REG32(env->mxcsr);
334 case 0: GET_REGL(env->eip);
335 case 1: GET_REG32(env->eflags);
336 case 2: GET_REG32(env->segs[R_CS].selector);
337 case 3: GET_REG32(env->segs[R_SS].selector);
338 case 4: GET_REG32(env->segs[R_DS].selector);
339 case 5: GET_REG32(env->segs[R_ES].selector);
340 case 6: GET_REG32(env->segs[R_FS].selector);
341 case 7: GET_REG32(env->segs[R_GS].selector);
342 /* 8...15 x87 regs. */
343 case 16: GET_REG32(env->fpuc);
344 case 17: GET_REG32((env->fpus & ~0x3800) | (env->fpstt & 0x7) << 11);
345 case 18: GET_REG32(0); /* ftag */
346 case 19: GET_REG32(0); /* fiseg */
347 case 20: GET_REG32(0); /* fioff */
348 case 21: GET_REG32(0); /* foseg */
349 case 22: GET_REG32(0); /* fooff */
350 case 23: GET_REG32(0); /* fop */
357 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int i)
361 if (i < CPU_NB_REGS) {
362 env->regs[gpr_map[i]] = ldtul_p(mem_buf);
363 return sizeof(target_ulong);
364 } else if (i >= CPU_NB_REGS + 8 && i < CPU_NB_REGS + 16) {
365 i -= CPU_NB_REGS + 8;
366 #ifdef USE_X86LDOUBLE
367 memcpy(&env->fpregs[i], mem_buf, 10);
370 } else if (i >= CPU_NB_REGS + 24) {
371 i -= CPU_NB_REGS + 24;
372 if (i < CPU_NB_REGS) {
373 env->xmm_regs[i].XMM_Q(0) = ldq_p(mem_buf);
374 env->xmm_regs[i].XMM_Q(1) = ldq_p(mem_buf + 8);
376 } else if (i == CPU_NB_REGS) {
377 env->mxcsr = ldl_p(mem_buf);
383 case 0: env->eip = ldtul_p(mem_buf); return sizeof(target_ulong);
384 case 1: env->eflags = ldl_p(mem_buf); return 4;
385 #if defined(CONFIG_USER_ONLY)
386 #define LOAD_SEG(index, sreg)\
387 tmp = ldl_p(mem_buf);\
388 if (tmp != env->segs[sreg].selector)\
389 cpu_x86_load_seg(env, sreg, tmp);
391 /* FIXME: Honor segment registers. Needs to avoid raising an exception
392 when the selector is invalid. */
393 #define LOAD_SEG(index, sreg) do {} while(0)
395 case 2: LOAD_SEG(10, R_CS); return 4;
396 case 3: LOAD_SEG(11, R_SS); return 4;
397 case 4: LOAD_SEG(12, R_DS); return 4;
398 case 5: LOAD_SEG(13, R_ES); return 4;
399 case 6: LOAD_SEG(14, R_FS); return 4;
400 case 7: LOAD_SEG(15, R_GS); return 4;
401 /* 8...15 x87 regs. */
402 case 16: env->fpuc = ldl_p(mem_buf); return 4;
404 tmp = ldl_p(mem_buf);
405 env->fpstt = (tmp >> 11) & 7;
406 env->fpus = tmp & ~0x3800;
408 case 18: /* ftag */ return 4;
409 case 19: /* fiseg */ return 4;
410 case 20: /* fioff */ return 4;
411 case 21: /* foseg */ return 4;
412 case 22: /* fooff */ return 4;
413 case 23: /* fop */ return 4;
417 /* Unrecognised register. */
421 #elif defined (TARGET_PPC)
423 #define NUM_CORE_REGS 71
425 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
429 GET_REGL(env->gpr[n]);
432 stfq_p(mem_buf, env->fpr[n]);
436 case 64: GET_REGL(env->nip);
437 case 65: GET_REGL(env->msr);
442 for (i = 0; i < 8; i++)
443 cr |= env->crf[i] << (32 - ((i + 1) * 4));
446 case 67: GET_REGL(env->lr);
447 case 68: GET_REGL(env->ctr);
448 case 69: GET_REG32(ppc_load_xer(env));
449 case 70: GET_REG32(0); /* fpscr */
455 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
459 env->gpr[n] = ldtul_p(mem_buf);
460 return sizeof(target_ulong);
463 env->fpr[n] = ldfq_p(mem_buf);
468 env->nip = ldtul_p(mem_buf);
469 return sizeof(target_ulong);
471 ppc_store_msr(env, ldtul_p(mem_buf));
472 return sizeof(target_ulong);
475 uint32_t cr = ldl_p(mem_buf);
477 for (i = 0; i < 8; i++)
478 env->crf[i] = (cr >> (32 - ((i + 1) * 4))) & 0xF;
482 env->lr = ldtul_p(mem_buf);
483 return sizeof(target_ulong);
485 env->ctr = ldtul_p(mem_buf);
486 return sizeof(target_ulong);
488 ppc_store_xer(env, ldl_p(mem_buf));
498 #elif defined (TARGET_SPARC)
500 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
501 #define NUM_CORE_REGS 86
503 #define NUM_CORE_REGS 73
507 #define GET_REGA(val) GET_REG32(val)
509 #define GET_REGA(val) GET_REGL(val)
512 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
516 GET_REGA(env->gregs[n]);
519 /* register window */
520 GET_REGA(env->regwptr[n - 8]);
522 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
525 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
527 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
529 case 64: GET_REGA(env->y);
530 case 65: GET_REGA(GET_PSR(env));
531 case 66: GET_REGA(env->wim);
532 case 67: GET_REGA(env->tbr);
533 case 68: GET_REGA(env->pc);
534 case 69: GET_REGA(env->npc);
535 case 70: GET_REGA(env->fsr);
536 case 71: GET_REGA(0); /* csr */
537 case 72: GET_REGA(0);
542 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
545 /* f32-f62 (double width, even numbers only) */
548 val = (uint64_t)*((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) << 32;
549 val |= *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]);
553 case 80: GET_REGL(env->pc);
554 case 81: GET_REGL(env->npc);
555 case 82: GET_REGL(((uint64_t)GET_CCR(env) << 32) |
556 ((env->asi & 0xff) << 24) |
557 ((env->pstate & 0xfff) << 8) |
559 case 83: GET_REGL(env->fsr);
560 case 84: GET_REGL(env->fprs);
561 case 85: GET_REGL(env->y);
567 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
569 #if defined(TARGET_ABI32)
572 tmp = ldl_p(mem_buf);
576 tmp = ldtul_p(mem_buf);
583 /* register window */
584 env->regwptr[n - 8] = tmp;
586 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
589 *((uint32_t *)&env->fpr[n - 32]) = tmp;
591 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
593 case 64: env->y = tmp; break;
594 case 65: PUT_PSR(env, tmp); break;
595 case 66: env->wim = tmp; break;
596 case 67: env->tbr = tmp; break;
597 case 68: env->pc = tmp; break;
598 case 69: env->npc = tmp; break;
599 case 70: env->fsr = tmp; break;
609 env->fpr[n] = ldfl_p(mem_buf);
612 /* f32-f62 (double width, even numbers only) */
613 *((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) = tmp >> 32;
614 *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]) = tmp;
617 case 80: env->pc = tmp; break;
618 case 81: env->npc = tmp; break;
620 PUT_CCR(env, tmp >> 32);
621 env->asi = (tmp >> 24) & 0xff;
622 env->pstate = (tmp >> 8) & 0xfff;
623 PUT_CWP64(env, tmp & 0xff);
625 case 83: env->fsr = tmp; break;
626 case 84: env->fprs = tmp; break;
627 case 85: env->y = tmp; break;
634 #elif defined (TARGET_ARM)
636 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
637 whatever the target description contains. Due to a historical mishap
638 the FPA registers appear in between core integer regs and the CPSR.
639 We hack round this by giving the FPA regs zero size when talking to a
641 #define NUM_CORE_REGS 26
642 #define GDB_CORE_XML "arm-core.xml"
644 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
647 /* Core integer register. */
648 GET_REG32(env->regs[n]);
654 memset(mem_buf, 0, 12);
659 /* FPA status register. */
665 GET_REG32(cpsr_read(env));
667 /* Unknown register. */
671 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
675 tmp = ldl_p(mem_buf);
677 /* Mask out low bit of PC to workaround gdb bugs. This will probably
678 cause problems if we ever implement the Jazelle DBX extensions. */
683 /* Core integer register. */
687 if (n < 24) { /* 16-23 */
688 /* FPA registers (ignored). */
695 /* FPA status register (ignored). */
701 cpsr_write (env, tmp, 0xffffffff);
704 /* Unknown register. */
708 #elif defined (TARGET_M68K)
710 #define NUM_CORE_REGS 18
712 #define GDB_CORE_XML "cf-core.xml"
714 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
718 GET_REG32(env->dregs[n]);
721 GET_REG32(env->aregs[n - 8]);
724 case 16: GET_REG32(env->sr);
725 case 17: GET_REG32(env->pc);
728 /* FP registers not included here because they vary between
729 ColdFire and m68k. Use XML bits for these. */
733 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
737 tmp = ldl_p(mem_buf);
744 env->aregs[n - 8] = tmp;
747 case 16: env->sr = tmp; break;
748 case 17: env->pc = tmp; break;
754 #elif defined (TARGET_MIPS)
756 #define NUM_CORE_REGS 73
758 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
761 GET_REGL(env->active_tc.gpr[n]);
763 if (env->CP0_Config1 & (1 << CP0C1_FP)) {
764 if (n >= 38 && n < 70) {
765 if (env->CP0_Status & (1 << CP0St_FR))
766 GET_REGL(env->active_fpu.fpr[n - 38].d);
768 GET_REGL(env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX]);
771 case 70: GET_REGL((int32_t)env->active_fpu.fcr31);
772 case 71: GET_REGL((int32_t)env->active_fpu.fcr0);
776 case 32: GET_REGL((int32_t)env->CP0_Status);
777 case 33: GET_REGL(env->active_tc.LO[0]);
778 case 34: GET_REGL(env->active_tc.HI[0]);
779 case 35: GET_REGL(env->CP0_BadVAddr);
780 case 36: GET_REGL((int32_t)env->CP0_Cause);
781 case 37: GET_REGL(env->active_tc.PC);
782 case 72: GET_REGL(0); /* fp */
783 case 89: GET_REGL((int32_t)env->CP0_PRid);
785 if (n >= 73 && n <= 88) {
786 /* 16 embedded regs. */
793 /* convert MIPS rounding mode in FCR31 to IEEE library */
794 static unsigned int ieee_rm[] =
796 float_round_nearest_even,
801 #define RESTORE_ROUNDING_MODE \
802 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
804 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
808 tmp = ldtul_p(mem_buf);
811 env->active_tc.gpr[n] = tmp;
812 return sizeof(target_ulong);
814 if (env->CP0_Config1 & (1 << CP0C1_FP)
815 && n >= 38 && n < 73) {
817 if (env->CP0_Status & (1 << CP0St_FR))
818 env->active_fpu.fpr[n - 38].d = tmp;
820 env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX] = tmp;
824 env->active_fpu.fcr31 = tmp & 0xFF83FFFF;
825 /* set rounding mode */
826 RESTORE_ROUNDING_MODE;
827 #ifndef CONFIG_SOFTFLOAT
828 /* no floating point exception for native float */
829 SET_FP_ENABLE(env->active_fpu.fcr31, 0);
832 case 71: env->active_fpu.fcr0 = tmp; break;
834 return sizeof(target_ulong);
837 case 32: env->CP0_Status = tmp; break;
838 case 33: env->active_tc.LO[0] = tmp; break;
839 case 34: env->active_tc.HI[0] = tmp; break;
840 case 35: env->CP0_BadVAddr = tmp; break;
841 case 36: env->CP0_Cause = tmp; break;
842 case 37: env->active_tc.PC = tmp; break;
843 case 72: /* fp, ignored */ break;
847 /* Other registers are readonly. Ignore writes. */
851 return sizeof(target_ulong);
853 #elif defined (TARGET_SH4)
855 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
856 /* FIXME: We should use XML for this. */
858 #define NUM_CORE_REGS 59
860 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
863 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
864 GET_REGL(env->gregs[n + 16]);
866 GET_REGL(env->gregs[n]);
869 GET_REGL(env->gregs[n - 8]);
870 } else if (n >= 25 && n < 41) {
871 GET_REGL(env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)]);
872 } else if (n >= 43 && n < 51) {
873 GET_REGL(env->gregs[n - 43]);
874 } else if (n >= 51 && n < 59) {
875 GET_REGL(env->gregs[n - (51 - 16)]);
878 case 16: GET_REGL(env->pc);
879 case 17: GET_REGL(env->pr);
880 case 18: GET_REGL(env->gbr);
881 case 19: GET_REGL(env->vbr);
882 case 20: GET_REGL(env->mach);
883 case 21: GET_REGL(env->macl);
884 case 22: GET_REGL(env->sr);
885 case 23: GET_REGL(env->fpul);
886 case 24: GET_REGL(env->fpscr);
887 case 41: GET_REGL(env->ssr);
888 case 42: GET_REGL(env->spc);
894 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
898 tmp = ldl_p(mem_buf);
901 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
902 env->gregs[n + 16] = tmp;
908 env->gregs[n - 8] = tmp;
910 } else if (n >= 25 && n < 41) {
911 env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)] = tmp;
912 } else if (n >= 43 && n < 51) {
913 env->gregs[n - 43] = tmp;
915 } else if (n >= 51 && n < 59) {
916 env->gregs[n - (51 - 16)] = tmp;
920 case 16: env->pc = tmp;
921 case 17: env->pr = tmp;
922 case 18: env->gbr = tmp;
923 case 19: env->vbr = tmp;
924 case 20: env->mach = tmp;
925 case 21: env->macl = tmp;
926 case 22: env->sr = tmp;
927 case 23: env->fpul = tmp;
928 case 24: env->fpscr = tmp;
929 case 41: env->ssr = tmp;
930 case 42: env->spc = tmp;
936 #elif defined (TARGET_CRIS)
938 #define NUM_CORE_REGS 49
940 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
944 srs = env->pregs[PR_SRS];
946 GET_REG32(env->regs[n]);
949 if (n >= 21 && n < 32) {
950 GET_REG32(env->pregs[n - 16]);
952 if (n >= 33 && n < 49) {
953 GET_REG32(env->sregs[srs][n - 33]);
956 case 16: GET_REG8(env->pregs[0]);
957 case 17: GET_REG8(env->pregs[1]);
958 case 18: GET_REG32(env->pregs[2]);
959 case 19: GET_REG8(srs);
960 case 20: GET_REG16(env->pregs[4]);
961 case 32: GET_REG32(env->pc);
967 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
974 tmp = ldl_p(mem_buf);
980 if (n >= 21 && n < 32) {
981 env->pregs[n - 16] = tmp;
984 /* FIXME: Should support function regs be writable? */
988 case 18: env->pregs[PR_PID] = tmp; break;
991 case 32: env->pc = tmp; break;
998 #define NUM_CORE_REGS 0
1000 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1005 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1012 static int num_g_regs = NUM_CORE_REGS;
1015 /* Encode data using the encoding for 'x' packets. */
1016 static int memtox(char *buf, const char *mem, int len)
1024 case '#': case '$': case '*': case '}':
1036 const char *get_feature_xml(CPUState *env, const char *p, const char **newp)
1038 extern const char *const xml_builtin[][2];
1042 static char target_xml[1024];
1045 while (p[len] && p[len] != ':')
1050 if (strncmp(p, "target.xml", len) == 0) {
1051 /* Generate the XML description for this CPU. */
1052 if (!target_xml[0]) {
1053 GDBRegisterState *r;
1056 "<?xml version=\"1.0\"?>"
1057 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1059 "<xi:include href=\"%s\"/>",
1062 for (r = env->gdb_regs; r; r = r->next) {
1063 strcat(target_xml, "<xi:include href=\"");
1064 strcat(target_xml, r->xml);
1065 strcat(target_xml, "\"/>");
1067 strcat(target_xml, "</target>");
1071 for (i = 0; ; i++) {
1072 name = xml_builtin[i][0];
1073 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
1076 return name ? xml_builtin[i][1] : NULL;
1080 static int gdb_read_register(CPUState *env, uint8_t *mem_buf, int reg)
1082 GDBRegisterState *r;
1084 if (reg < NUM_CORE_REGS)
1085 return cpu_gdb_read_register(env, mem_buf, reg);
1087 for (r = env->gdb_regs; r; r = r->next) {
1088 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1089 return r->get_reg(env, mem_buf, reg - r->base_reg);
1095 static int gdb_write_register(CPUState *env, uint8_t *mem_buf, int reg)
1097 GDBRegisterState *r;
1099 if (reg < NUM_CORE_REGS)
1100 return cpu_gdb_write_register(env, mem_buf, reg);
1102 for (r = env->gdb_regs; r; r = r->next) {
1103 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1104 return r->set_reg(env, mem_buf, reg - r->base_reg);
1110 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1111 specifies the first register number and these registers are included in
1112 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1113 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1116 void gdb_register_coprocessor(CPUState * env,
1117 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
1118 int num_regs, const char *xml, int g_pos)
1120 GDBRegisterState *s;
1121 GDBRegisterState **p;
1122 static int last_reg = NUM_CORE_REGS;
1124 s = (GDBRegisterState *)qemu_mallocz(sizeof(GDBRegisterState));
1125 s->base_reg = last_reg;
1126 s->num_regs = num_regs;
1127 s->get_reg = get_reg;
1128 s->set_reg = set_reg;
1132 /* Check for duplicates. */
1133 if (strcmp((*p)->xml, xml) == 0)
1137 /* Add to end of list. */
1138 last_reg += num_regs;
1141 if (g_pos != s->base_reg) {
1142 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
1143 "Expected %d got %d\n", xml, g_pos, s->base_reg);
1145 num_g_regs = last_reg;
1150 static int gdb_handle_packet(GDBState *s, CPUState *env, const char *line_buf)
1153 int ch, reg_size, type;
1154 char buf[MAX_PACKET_LENGTH];
1155 uint8_t mem_buf[MAX_PACKET_LENGTH];
1157 target_ulong addr, len;
1160 printf("command='%s'\n", line_buf);
1166 /* TODO: Make this return the correct value for user-mode. */
1167 snprintf(buf, sizeof(buf), "S%02x", SIGTRAP);
1169 /* Remove all the breakpoints when this query is issued,
1170 * because gdb is doing and initial connect and the state
1171 * should be cleaned up.
1173 cpu_breakpoint_remove_all(env);
1174 cpu_watchpoint_remove_all(env);
1178 addr = strtoull(p, (char **)&p, 16);
1179 #if defined(TARGET_I386)
1181 #elif defined (TARGET_PPC)
1183 #elif defined (TARGET_SPARC)
1185 env->npc = addr + 4;
1186 #elif defined (TARGET_ARM)
1187 env->regs[15] = addr;
1188 #elif defined (TARGET_SH4)
1190 #elif defined (TARGET_MIPS)
1191 env->active_tc.PC = addr;
1192 #elif defined (TARGET_CRIS)
1199 s->signal = strtoul(p, (char **)&p, 16);
1203 /* Kill the target */
1204 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
1208 cpu_breakpoint_remove_all(env);
1209 cpu_watchpoint_remove_all(env);
1211 put_packet(s, "OK");
1215 addr = strtoull(p, (char **)&p, 16);
1216 #if defined(TARGET_I386)
1218 #elif defined (TARGET_PPC)
1220 #elif defined (TARGET_SPARC)
1222 env->npc = addr + 4;
1223 #elif defined (TARGET_ARM)
1224 env->regs[15] = addr;
1225 #elif defined (TARGET_SH4)
1227 #elif defined (TARGET_MIPS)
1228 env->active_tc.PC = addr;
1229 #elif defined (TARGET_CRIS)
1233 cpu_single_step(env, sstep_flags);
1241 ret = strtoull(p, (char **)&p, 16);
1244 err = strtoull(p, (char **)&p, 16);
1251 if (gdb_current_syscall_cb)
1252 gdb_current_syscall_cb(s->env, ret, err);
1254 put_packet(s, "T02");
1262 for (addr = 0; addr < num_g_regs; addr++) {
1263 reg_size = gdb_read_register(env, mem_buf + len, addr);
1266 memtohex(buf, mem_buf, len);
1270 registers = mem_buf;
1271 len = strlen(p) / 2;
1272 hextomem((uint8_t *)registers, p, len);
1273 for (addr = 0; addr < num_g_regs && len > 0; addr++) {
1274 reg_size = gdb_write_register(env, registers, addr);
1276 registers += reg_size;
1278 put_packet(s, "OK");
1281 addr = strtoull(p, (char **)&p, 16);
1284 len = strtoull(p, NULL, 16);
1285 if (cpu_memory_rw_debug(env, addr, mem_buf, len, 0) != 0) {
1286 put_packet (s, "E14");
1288 memtohex(buf, mem_buf, len);
1293 addr = strtoull(p, (char **)&p, 16);
1296 len = strtoull(p, (char **)&p, 16);
1299 hextomem(mem_buf, p, len);
1300 if (cpu_memory_rw_debug(env, addr, mem_buf, len, 1) != 0)
1301 put_packet(s, "E14");
1303 put_packet(s, "OK");
1306 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1307 This works, but can be very slow. Anything new enough to
1308 understand XML also knows how to use this properly. */
1310 goto unknown_command;
1311 addr = strtoull(p, (char **)&p, 16);
1312 reg_size = gdb_read_register(env, mem_buf, addr);
1314 memtohex(buf, mem_buf, reg_size);
1317 put_packet(s, "E14");
1322 goto unknown_command;
1323 addr = strtoull(p, (char **)&p, 16);
1326 reg_size = strlen(p) / 2;
1327 hextomem(mem_buf, p, reg_size);
1328 gdb_write_register(env, mem_buf, addr);
1329 put_packet(s, "OK");
1332 type = strtoul(p, (char **)&p, 16);
1335 addr = strtoull(p, (char **)&p, 16);
1338 len = strtoull(p, (char **)&p, 16);
1342 if (cpu_breakpoint_insert(env, addr) < 0)
1343 goto breakpoint_error;
1344 put_packet(s, "OK");
1346 #ifndef CONFIG_USER_ONLY
1349 goto insert_watchpoint;
1352 goto insert_watchpoint;
1354 type = PAGE_READ | PAGE_WRITE;
1356 if (cpu_watchpoint_insert(env, addr, type) < 0)
1357 goto breakpoint_error;
1358 put_packet(s, "OK");
1367 put_packet(s, "E22");
1371 type = strtoul(p, (char **)&p, 16);
1374 addr = strtoull(p, (char **)&p, 16);
1377 len = strtoull(p, (char **)&p, 16);
1378 if (type == 0 || type == 1) {
1379 cpu_breakpoint_remove(env, addr);
1380 put_packet(s, "OK");
1381 #ifndef CONFIG_USER_ONLY
1382 } else if (type >= 2 || type <= 4) {
1383 cpu_watchpoint_remove(env, addr);
1384 put_packet(s, "OK");
1392 /* parse any 'q' packets here */
1393 if (!strcmp(p,"qemu.sstepbits")) {
1394 /* Query Breakpoint bit definitions */
1395 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1401 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1402 /* Display or change the sstep_flags */
1405 /* Display current setting */
1406 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1411 type = strtoul(p, (char **)&p, 16);
1413 put_packet(s, "OK");
1416 #ifdef CONFIG_LINUX_USER
1417 else if (strncmp(p, "Offsets", 7) == 0) {
1418 TaskState *ts = env->opaque;
1420 snprintf(buf, sizeof(buf),
1421 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1422 ";Bss=" TARGET_ABI_FMT_lx,
1423 ts->info->code_offset,
1424 ts->info->data_offset,
1425 ts->info->data_offset);
1430 if (strncmp(p, "Supported", 9) == 0) {
1431 sprintf(buf, "PacketSize=%x", MAX_PACKET_LENGTH);
1433 strcat(buf, ";qXfer:features:read+");
1439 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1441 target_ulong total_len;
1445 xml = get_feature_xml(env, p, &p);
1447 sprintf(buf, "E00");
1454 addr = strtoul(p, (char **)&p, 16);
1457 len = strtoul(p, (char **)&p, 16);
1459 total_len = strlen(xml);
1460 if (addr > total_len) {
1461 sprintf(buf, "E00");
1465 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1466 len = (MAX_PACKET_LENGTH - 5) / 2;
1467 if (len < total_len - addr) {
1469 len = memtox(buf + 1, xml + addr, len);
1472 len = memtox(buf + 1, xml + addr, total_len - addr);
1474 put_packet_binary(s, buf, len + 1);
1478 /* Unrecognised 'q' command. */
1479 goto unknown_command;
1483 /* put empty packet */
1491 extern void tb_flush(CPUState *env);
1493 #ifndef CONFIG_USER_ONLY
1494 static void gdb_vm_stopped(void *opaque, int reason)
1496 GDBState *s = opaque;
1500 if (s->state == RS_SYSCALL)
1503 /* disable single step if it was enable */
1504 cpu_single_step(s->env, 0);
1506 if (reason == EXCP_DEBUG) {
1507 if (s->env->watchpoint_hit) {
1508 snprintf(buf, sizeof(buf), "T%02xwatch:" TARGET_FMT_lx ";",
1510 s->env->watchpoint[s->env->watchpoint_hit - 1].vaddr);
1512 s->env->watchpoint_hit = 0;
1517 } else if (reason == EXCP_INTERRUPT) {
1522 snprintf(buf, sizeof(buf), "S%02x", ret);
1527 /* Send a gdb syscall request.
1528 This accepts limited printf-style format specifiers, specifically:
1529 %x - target_ulong argument printed in hex.
1530 %lx - 64-bit argument printed in hex.
1531 %s - string pointer (target_ulong) and length (int) pair. */
1532 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1541 s = gdb_syscall_state;
1544 gdb_current_syscall_cb = cb;
1545 s->state = RS_SYSCALL;
1546 #ifndef CONFIG_USER_ONLY
1547 vm_stop(EXCP_DEBUG);
1558 addr = va_arg(va, target_ulong);
1559 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx, addr);
1562 if (*(fmt++) != 'x')
1564 i64 = va_arg(va, uint64_t);
1565 p += snprintf(p, &buf[sizeof(buf)] - p, "%" PRIx64, i64);
1568 addr = va_arg(va, target_ulong);
1569 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx "/%x",
1570 addr, va_arg(va, int));
1574 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1585 #ifdef CONFIG_USER_ONLY
1586 gdb_handlesig(s->env, 0);
1588 cpu_interrupt(s->env, CPU_INTERRUPT_EXIT);
1592 static void gdb_read_byte(GDBState *s, int ch)
1594 CPUState *env = s->env;
1598 #ifndef CONFIG_USER_ONLY
1599 if (s->last_packet_len) {
1600 /* Waiting for a response to the last packet. If we see the start
1601 of a new command then abandon the previous response. */
1604 printf("Got NACK, retransmitting\n");
1606 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1610 printf("Got ACK\n");
1612 printf("Got '%c' when expecting ACK/NACK\n", ch);
1614 if (ch == '+' || ch == '$')
1615 s->last_packet_len = 0;
1620 /* when the CPU is running, we cannot do anything except stop
1621 it when receiving a char */
1622 vm_stop(EXCP_INTERRUPT);
1629 s->line_buf_index = 0;
1630 s->state = RS_GETLINE;
1635 s->state = RS_CHKSUM1;
1636 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1639 s->line_buf[s->line_buf_index++] = ch;
1643 s->line_buf[s->line_buf_index] = '\0';
1644 s->line_csum = fromhex(ch) << 4;
1645 s->state = RS_CHKSUM2;
1648 s->line_csum |= fromhex(ch);
1650 for(i = 0; i < s->line_buf_index; i++) {
1651 csum += s->line_buf[i];
1653 if (s->line_csum != (csum & 0xff)) {
1655 put_buffer(s, &reply, 1);
1659 put_buffer(s, &reply, 1);
1660 s->state = gdb_handle_packet(s, env, s->line_buf);
1669 #ifdef CONFIG_USER_ONLY
1671 gdb_handlesig (CPUState *env, int sig)
1677 s = &gdbserver_state;
1678 if (gdbserver_fd < 0 || s->fd < 0)
1681 /* disable single step if it was enabled */
1682 cpu_single_step(env, 0);
1687 snprintf(buf, sizeof(buf), "S%02x", sig);
1690 /* put_packet() might have detected that the peer terminated the
1697 s->running_state = 0;
1698 while (s->running_state == 0) {
1699 n = read (s->fd, buf, 256);
1704 for (i = 0; i < n; i++)
1705 gdb_read_byte (s, buf[i]);
1707 else if (n == 0 || errno != EAGAIN)
1709 /* XXX: Connection closed. Should probably wait for annother
1710 connection before continuing. */
1719 /* Tell the remote gdb that the process has exited. */
1720 void gdb_exit(CPUState *env, int code)
1725 s = &gdbserver_state;
1726 if (gdbserver_fd < 0 || s->fd < 0)
1729 snprintf(buf, sizeof(buf), "W%02x", code);
1734 static void gdb_accept(void *opaque)
1737 struct sockaddr_in sockaddr;
1742 len = sizeof(sockaddr);
1743 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1744 if (fd < 0 && errno != EINTR) {
1747 } else if (fd >= 0) {
1752 /* set short latency */
1754 setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val));
1756 s = &gdbserver_state;
1757 memset (s, 0, sizeof (GDBState));
1758 s->env = first_cpu; /* XXX: allow to change CPU */
1762 gdb_syscall_state = s;
1764 fcntl(fd, F_SETFL, O_NONBLOCK);
1767 static int gdbserver_open(int port)
1769 struct sockaddr_in sockaddr;
1772 fd = socket(PF_INET, SOCK_STREAM, 0);
1778 /* allow fast reuse */
1780 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val));
1782 sockaddr.sin_family = AF_INET;
1783 sockaddr.sin_port = htons(port);
1784 sockaddr.sin_addr.s_addr = 0;
1785 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1790 ret = listen(fd, 0);
1798 int gdbserver_start(int port)
1800 gdbserver_fd = gdbserver_open(port);
1801 if (gdbserver_fd < 0)
1803 /* accept connections */
1808 static int gdb_chr_can_receive(void *opaque)
1810 /* We can handle an arbitrarily large amount of data.
1811 Pick the maximum packet size, which is as good as anything. */
1812 return MAX_PACKET_LENGTH;
1815 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1817 GDBState *s = opaque;
1820 for (i = 0; i < size; i++) {
1821 gdb_read_byte(s, buf[i]);
1825 static void gdb_chr_event(void *opaque, int event)
1828 case CHR_EVENT_RESET:
1829 vm_stop(EXCP_INTERRUPT);
1830 gdb_syscall_state = opaque;
1838 int gdbserver_start(const char *port)
1841 char gdbstub_port_name[128];
1844 CharDriverState *chr;
1846 if (!port || !*port)
1849 port_num = strtol(port, &p, 10);
1851 /* A numeric value is interpreted as a port number. */
1852 snprintf(gdbstub_port_name, sizeof(gdbstub_port_name),
1853 "tcp::%d,nowait,nodelay,server", port_num);
1854 port = gdbstub_port_name;
1857 chr = qemu_chr_open(port);
1861 s = qemu_mallocz(sizeof(GDBState));
1865 s->env = first_cpu; /* XXX: allow to change CPU */
1867 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
1869 qemu_add_vm_stop_handler(gdb_vm_stopped, s);
projects / qemu.git / blob