4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
33 #include "qemu-char.h"
38 #define MAX_PACKET_LENGTH 4096
40 #include "qemu_socket.h"
48 GDB_SIGNAL_UNKNOWN = 143
51 #ifdef CONFIG_USER_ONLY
53 /* Map target signal numbers to GDB protocol signal numbers and vice
54 * versa. For user emulation's currently supported systems, we can
55 * assume most signals are defined.
58 static int gdb_signal_table[] = {
218 /* In system mode we only need SIGINT and SIGTRAP; other signals
219 are not yet supported. */
226 static int gdb_signal_table[] = {
236 #ifdef CONFIG_USER_ONLY
237 static int target_signal_to_gdb (int sig)
240 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
241 if (gdb_signal_table[i] == sig)
243 return GDB_SIGNAL_UNKNOWN;
247 static int gdb_signal_to_target (int sig)
249 if (sig < ARRAY_SIZE (gdb_signal_table))
250 return gdb_signal_table[sig];
257 typedef struct GDBRegisterState {
263 struct GDBRegisterState *next;
274 typedef struct GDBState {
275 CPUState *c_cpu; /* current CPU for step/continue ops */
276 CPUState *g_cpu; /* current CPU for other ops */
277 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
278 enum RSState state; /* parsing state */
279 char line_buf[MAX_PACKET_LENGTH];
282 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
285 #ifdef CONFIG_USER_ONLY
289 CharDriverState *chr;
290 CharDriverState *mon_chr;
294 /* By default use no IRQs and no timers while single stepping so as to
295 * make single stepping like an ICE HW step.
297 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
299 static GDBState *gdbserver_state;
301 /* This is an ugly hack to cope with both new and old gdb.
302 If gdb sends qXfer:features:read then assume we're talking to a newish
303 gdb that understands target descriptions. */
304 static int gdb_has_xml;
306 #ifdef CONFIG_USER_ONLY
307 /* XXX: This is not thread safe. Do we care? */
308 static int gdbserver_fd = -1;
310 static int get_char(GDBState *s)
316 ret = recv(s->fd, &ch, 1, 0);
318 if (errno == ECONNRESET)
320 if (errno != EINTR && errno != EAGAIN)
322 } else if (ret == 0) {
334 static gdb_syscall_complete_cb gdb_current_syscall_cb;
342 /* If gdb is connected when the first semihosting syscall occurs then use
343 remote gdb syscalls. Otherwise use native file IO. */
344 int use_gdb_syscalls(void)
346 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
347 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
350 return gdb_syscall_mode == GDB_SYS_ENABLED;
353 /* Resume execution. */
354 static inline void gdb_continue(GDBState *s)
356 #ifdef CONFIG_USER_ONLY
357 s->running_state = 1;
363 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
365 #ifdef CONFIG_USER_ONLY
369 ret = send(s->fd, buf, len, 0);
371 if (errno != EINTR && errno != EAGAIN)
379 qemu_chr_write(s->chr, buf, len);
383 static inline int fromhex(int v)
385 if (v >= '0' && v <= '9')
387 else if (v >= 'A' && v <= 'F')
389 else if (v >= 'a' && v <= 'f')
395 static inline int tohex(int v)
403 static void memtohex(char *buf, const uint8_t *mem, int len)
408 for(i = 0; i < len; i++) {
410 *q++ = tohex(c >> 4);
411 *q++ = tohex(c & 0xf);
416 static void hextomem(uint8_t *mem, const char *buf, int len)
420 for(i = 0; i < len; i++) {
421 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
426 /* return -1 if error, 0 if OK */
427 static int put_packet_binary(GDBState *s, const char *buf, int len)
438 for(i = 0; i < len; i++) {
442 *(p++) = tohex((csum >> 4) & 0xf);
443 *(p++) = tohex((csum) & 0xf);
445 s->last_packet_len = p - s->last_packet;
446 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
448 #ifdef CONFIG_USER_ONLY
461 /* return -1 if error, 0 if OK */
462 static int put_packet(GDBState *s, const char *buf)
465 printf("reply='%s'\n", buf);
468 return put_packet_binary(s, buf, strlen(buf));
471 /* The GDB remote protocol transfers values in target byte order. This means
472 we can use the raw memory access routines to access the value buffer.
473 Conveniently, these also handle the case where the buffer is mis-aligned.
475 #define GET_REG8(val) do { \
476 stb_p(mem_buf, val); \
479 #define GET_REG16(val) do { \
480 stw_p(mem_buf, val); \
483 #define GET_REG32(val) do { \
484 stl_p(mem_buf, val); \
487 #define GET_REG64(val) do { \
488 stq_p(mem_buf, val); \
492 #if TARGET_LONG_BITS == 64
493 #define GET_REGL(val) GET_REG64(val)
494 #define ldtul_p(addr) ldq_p(addr)
496 #define GET_REGL(val) GET_REG32(val)
497 #define ldtul_p(addr) ldl_p(addr)
500 #if defined(TARGET_I386)
503 static const int gpr_map[16] = {
504 R_EAX, R_EBX, R_ECX, R_EDX, R_ESI, R_EDI, R_EBP, R_ESP,
505 8, 9, 10, 11, 12, 13, 14, 15
508 #define gpr_map gpr_map32
510 static const int gpr_map32[8] = { 0, 1, 2, 3, 4, 5, 6, 7 };
512 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
514 #define IDX_IP_REG CPU_NB_REGS
515 #define IDX_FLAGS_REG (IDX_IP_REG + 1)
516 #define IDX_SEG_REGS (IDX_FLAGS_REG + 1)
517 #define IDX_FP_REGS (IDX_SEG_REGS + 6)
518 #define IDX_XMM_REGS (IDX_FP_REGS + 16)
519 #define IDX_MXCSR_REG (IDX_XMM_REGS + CPU_NB_REGS)
521 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
523 if (n < CPU_NB_REGS) {
524 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
525 GET_REG64(env->regs[gpr_map[n]]);
526 } else if (n < CPU_NB_REGS32) {
527 GET_REG32(env->regs[gpr_map32[n]]);
529 } else if (n >= IDX_FP_REGS && n < IDX_FP_REGS + 8) {
530 #ifdef USE_X86LDOUBLE
531 /* FIXME: byteswap float values - after fixing fpregs layout. */
532 memcpy(mem_buf, &env->fpregs[n - IDX_FP_REGS], 10);
534 memset(mem_buf, 0, 10);
537 } else if (n >= IDX_XMM_REGS && n < IDX_XMM_REGS + CPU_NB_REGS) {
539 if (n < CPU_NB_REGS32 ||
540 (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK)) {
541 stq_p(mem_buf, env->xmm_regs[n].XMM_Q(0));
542 stq_p(mem_buf + 8, env->xmm_regs[n].XMM_Q(1));
548 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
553 case IDX_FLAGS_REG: GET_REG32(env->eflags);
555 case IDX_SEG_REGS: GET_REG32(env->segs[R_CS].selector);
556 case IDX_SEG_REGS + 1: GET_REG32(env->segs[R_SS].selector);
557 case IDX_SEG_REGS + 2: GET_REG32(env->segs[R_DS].selector);
558 case IDX_SEG_REGS + 3: GET_REG32(env->segs[R_ES].selector);
559 case IDX_SEG_REGS + 4: GET_REG32(env->segs[R_FS].selector);
560 case IDX_SEG_REGS + 5: GET_REG32(env->segs[R_GS].selector);
562 case IDX_FP_REGS + 8: GET_REG32(env->fpuc);
563 case IDX_FP_REGS + 9: GET_REG32((env->fpus & ~0x3800) |
564 (env->fpstt & 0x7) << 11);
565 case IDX_FP_REGS + 10: GET_REG32(0); /* ftag */
566 case IDX_FP_REGS + 11: GET_REG32(0); /* fiseg */
567 case IDX_FP_REGS + 12: GET_REG32(0); /* fioff */
568 case IDX_FP_REGS + 13: GET_REG32(0); /* foseg */
569 case IDX_FP_REGS + 14: GET_REG32(0); /* fooff */
570 case IDX_FP_REGS + 15: GET_REG32(0); /* fop */
572 case IDX_MXCSR_REG: GET_REG32(env->mxcsr);
578 static int cpu_x86_gdb_load_seg(CPUState *env, int sreg, uint8_t *mem_buf)
580 uint16_t selector = ldl_p(mem_buf);
582 if (selector != env->segs[sreg].selector) {
583 #if defined(CONFIG_USER_ONLY)
584 cpu_x86_load_seg(env, sreg, selector);
586 unsigned int limit, flags;
589 if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK)) {
590 base = selector << 4;
594 if (!cpu_x86_get_descr_debug(env, selector, &base, &limit, &flags))
597 cpu_x86_load_seg_cache(env, sreg, selector, base, limit, flags);
603 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
607 if (n < CPU_NB_REGS) {
608 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
609 env->regs[gpr_map[n]] = ldtul_p(mem_buf);
610 return sizeof(target_ulong);
611 } else if (n < CPU_NB_REGS32) {
613 env->regs[n] &= ~0xffffffffUL;
614 env->regs[n] |= (uint32_t)ldl_p(mem_buf);
617 } else if (n >= IDX_FP_REGS && n < IDX_FP_REGS + 8) {
618 #ifdef USE_X86LDOUBLE
619 /* FIXME: byteswap float values - after fixing fpregs layout. */
620 memcpy(&env->fpregs[n - IDX_FP_REGS], mem_buf, 10);
623 } else if (n >= IDX_XMM_REGS && n < IDX_XMM_REGS + CPU_NB_REGS) {
625 if (n < CPU_NB_REGS32 ||
626 (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK)) {
627 env->xmm_regs[n].XMM_Q(0) = ldq_p(mem_buf);
628 env->xmm_regs[n].XMM_Q(1) = ldq_p(mem_buf + 8);
634 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
635 env->eip = ldq_p(mem_buf);
638 env->eip &= ~0xffffffffUL;
639 env->eip |= (uint32_t)ldl_p(mem_buf);
643 env->eflags = ldl_p(mem_buf);
646 case IDX_SEG_REGS: return cpu_x86_gdb_load_seg(env, R_CS, mem_buf);
647 case IDX_SEG_REGS + 1: return cpu_x86_gdb_load_seg(env, R_SS, mem_buf);
648 case IDX_SEG_REGS + 2: return cpu_x86_gdb_load_seg(env, R_DS, mem_buf);
649 case IDX_SEG_REGS + 3: return cpu_x86_gdb_load_seg(env, R_ES, mem_buf);
650 case IDX_SEG_REGS + 4: return cpu_x86_gdb_load_seg(env, R_FS, mem_buf);
651 case IDX_SEG_REGS + 5: return cpu_x86_gdb_load_seg(env, R_GS, mem_buf);
653 case IDX_FP_REGS + 8:
654 env->fpuc = ldl_p(mem_buf);
656 case IDX_FP_REGS + 9:
657 tmp = ldl_p(mem_buf);
658 env->fpstt = (tmp >> 11) & 7;
659 env->fpus = tmp & ~0x3800;
661 case IDX_FP_REGS + 10: /* ftag */ return 4;
662 case IDX_FP_REGS + 11: /* fiseg */ return 4;
663 case IDX_FP_REGS + 12: /* fioff */ return 4;
664 case IDX_FP_REGS + 13: /* foseg */ return 4;
665 case IDX_FP_REGS + 14: /* fooff */ return 4;
666 case IDX_FP_REGS + 15: /* fop */ return 4;
669 env->mxcsr = ldl_p(mem_buf);
673 /* Unrecognised register. */
677 #elif defined (TARGET_PPC)
679 /* Old gdb always expects FP registers. Newer (xml-aware) gdb only
680 expects whatever the target description contains. Due to a
681 historical mishap the FP registers appear in between core integer
682 regs and PC, MSR, CR, and so forth. We hack round this by giving the
683 FP regs zero size when talking to a newer gdb. */
684 #define NUM_CORE_REGS 71
685 #if defined (TARGET_PPC64)
686 #define GDB_CORE_XML "power64-core.xml"
688 #define GDB_CORE_XML "power-core.xml"
691 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
695 GET_REGL(env->gpr[n]);
700 stfq_p(mem_buf, env->fpr[n-32]);
704 case 64: GET_REGL(env->nip);
705 case 65: GET_REGL(env->msr);
710 for (i = 0; i < 8; i++)
711 cr |= env->crf[i] << (32 - ((i + 1) * 4));
714 case 67: GET_REGL(env->lr);
715 case 68: GET_REGL(env->ctr);
716 case 69: GET_REGL(env->xer);
721 GET_REG32(0); /* fpscr */
728 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
732 env->gpr[n] = ldtul_p(mem_buf);
733 return sizeof(target_ulong);
738 env->fpr[n-32] = ldfq_p(mem_buf);
743 env->nip = ldtul_p(mem_buf);
744 return sizeof(target_ulong);
746 ppc_store_msr(env, ldtul_p(mem_buf));
747 return sizeof(target_ulong);
750 uint32_t cr = ldl_p(mem_buf);
752 for (i = 0; i < 8; i++)
753 env->crf[i] = (cr >> (32 - ((i + 1) * 4))) & 0xF;
757 env->lr = ldtul_p(mem_buf);
758 return sizeof(target_ulong);
760 env->ctr = ldtul_p(mem_buf);
761 return sizeof(target_ulong);
763 env->xer = ldtul_p(mem_buf);
764 return sizeof(target_ulong);
775 #elif defined (TARGET_SPARC)
777 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
778 #define NUM_CORE_REGS 86
780 #define NUM_CORE_REGS 72
784 #define GET_REGA(val) GET_REG32(val)
786 #define GET_REGA(val) GET_REGL(val)
789 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
793 GET_REGA(env->gregs[n]);
796 /* register window */
797 GET_REGA(env->regwptr[n - 8]);
799 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
802 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
804 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
806 case 64: GET_REGA(env->y);
807 case 65: GET_REGA(GET_PSR(env));
808 case 66: GET_REGA(env->wim);
809 case 67: GET_REGA(env->tbr);
810 case 68: GET_REGA(env->pc);
811 case 69: GET_REGA(env->npc);
812 case 70: GET_REGA(env->fsr);
813 case 71: GET_REGA(0); /* csr */
814 default: GET_REGA(0);
819 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
822 /* f32-f62 (double width, even numbers only) */
825 val = (uint64_t)*((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) << 32;
826 val |= *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]);
830 case 80: GET_REGL(env->pc);
831 case 81: GET_REGL(env->npc);
832 case 82: GET_REGL(((uint64_t)GET_CCR(env) << 32) |
833 ((env->asi & 0xff) << 24) |
834 ((env->pstate & 0xfff) << 8) |
836 case 83: GET_REGL(env->fsr);
837 case 84: GET_REGL(env->fprs);
838 case 85: GET_REGL(env->y);
844 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
846 #if defined(TARGET_ABI32)
849 tmp = ldl_p(mem_buf);
853 tmp = ldtul_p(mem_buf);
860 /* register window */
861 env->regwptr[n - 8] = tmp;
863 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
866 *((uint32_t *)&env->fpr[n - 32]) = tmp;
868 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
870 case 64: env->y = tmp; break;
871 case 65: PUT_PSR(env, tmp); break;
872 case 66: env->wim = tmp; break;
873 case 67: env->tbr = tmp; break;
874 case 68: env->pc = tmp; break;
875 case 69: env->npc = tmp; break;
876 case 70: env->fsr = tmp; break;
884 env->fpr[n] = ldfl_p(mem_buf);
887 /* f32-f62 (double width, even numbers only) */
888 *((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) = tmp >> 32;
889 *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]) = tmp;
892 case 80: env->pc = tmp; break;
893 case 81: env->npc = tmp; break;
895 PUT_CCR(env, tmp >> 32);
896 env->asi = (tmp >> 24) & 0xff;
897 env->pstate = (tmp >> 8) & 0xfff;
898 PUT_CWP64(env, tmp & 0xff);
900 case 83: env->fsr = tmp; break;
901 case 84: env->fprs = tmp; break;
902 case 85: env->y = tmp; break;
909 #elif defined (TARGET_ARM)
911 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
912 whatever the target description contains. Due to a historical mishap
913 the FPA registers appear in between core integer regs and the CPSR.
914 We hack round this by giving the FPA regs zero size when talking to a
916 #define NUM_CORE_REGS 26
917 #define GDB_CORE_XML "arm-core.xml"
919 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
922 /* Core integer register. */
923 GET_REG32(env->regs[n]);
929 memset(mem_buf, 0, 12);
934 /* FPA status register. */
940 GET_REG32(cpsr_read(env));
942 /* Unknown register. */
946 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
950 tmp = ldl_p(mem_buf);
952 /* Mask out low bit of PC to workaround gdb bugs. This will probably
953 cause problems if we ever implement the Jazelle DBX extensions. */
958 /* Core integer register. */
962 if (n < 24) { /* 16-23 */
963 /* FPA registers (ignored). */
970 /* FPA status register (ignored). */
976 cpsr_write (env, tmp, 0xffffffff);
979 /* Unknown register. */
983 #elif defined (TARGET_M68K)
985 #define NUM_CORE_REGS 18
987 #define GDB_CORE_XML "cf-core.xml"
989 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
993 GET_REG32(env->dregs[n]);
996 GET_REG32(env->aregs[n - 8]);
999 case 16: GET_REG32(env->sr);
1000 case 17: GET_REG32(env->pc);
1003 /* FP registers not included here because they vary between
1004 ColdFire and m68k. Use XML bits for these. */
1008 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1012 tmp = ldl_p(mem_buf);
1016 env->dregs[n] = tmp;
1017 } else if (n < 16) {
1019 env->aregs[n - 8] = tmp;
1022 case 16: env->sr = tmp; break;
1023 case 17: env->pc = tmp; break;
1029 #elif defined (TARGET_MIPS)
1031 #define NUM_CORE_REGS 73
1033 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1036 GET_REGL(env->active_tc.gpr[n]);
1038 if (env->CP0_Config1 & (1 << CP0C1_FP)) {
1039 if (n >= 38 && n < 70) {
1040 if (env->CP0_Status & (1 << CP0St_FR))
1041 GET_REGL(env->active_fpu.fpr[n - 38].d);
1043 GET_REGL(env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX]);
1046 case 70: GET_REGL((int32_t)env->active_fpu.fcr31);
1047 case 71: GET_REGL((int32_t)env->active_fpu.fcr0);
1051 case 32: GET_REGL((int32_t)env->CP0_Status);
1052 case 33: GET_REGL(env->active_tc.LO[0]);
1053 case 34: GET_REGL(env->active_tc.HI[0]);
1054 case 35: GET_REGL(env->CP0_BadVAddr);
1055 case 36: GET_REGL((int32_t)env->CP0_Cause);
1056 case 37: GET_REGL(env->active_tc.PC | !!(env->hflags & MIPS_HFLAG_M16));
1057 case 72: GET_REGL(0); /* fp */
1058 case 89: GET_REGL((int32_t)env->CP0_PRid);
1060 if (n >= 73 && n <= 88) {
1061 /* 16 embedded regs. */
1068 /* convert MIPS rounding mode in FCR31 to IEEE library */
1069 static unsigned int ieee_rm[] =
1071 float_round_nearest_even,
1072 float_round_to_zero,
1076 #define RESTORE_ROUNDING_MODE \
1077 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
1079 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1083 tmp = ldtul_p(mem_buf);
1086 env->active_tc.gpr[n] = tmp;
1087 return sizeof(target_ulong);
1089 if (env->CP0_Config1 & (1 << CP0C1_FP)
1090 && n >= 38 && n < 73) {
1092 if (env->CP0_Status & (1 << CP0St_FR))
1093 env->active_fpu.fpr[n - 38].d = tmp;
1095 env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX] = tmp;
1099 env->active_fpu.fcr31 = tmp & 0xFF83FFFF;
1100 /* set rounding mode */
1101 RESTORE_ROUNDING_MODE;
1102 #ifndef CONFIG_SOFTFLOAT
1103 /* no floating point exception for native float */
1104 SET_FP_ENABLE(env->active_fpu.fcr31, 0);
1107 case 71: env->active_fpu.fcr0 = tmp; break;
1109 return sizeof(target_ulong);
1112 case 32: env->CP0_Status = tmp; break;
1113 case 33: env->active_tc.LO[0] = tmp; break;
1114 case 34: env->active_tc.HI[0] = tmp; break;
1115 case 35: env->CP0_BadVAddr = tmp; break;
1116 case 36: env->CP0_Cause = tmp; break;
1118 env->active_tc.PC = tmp & ~(target_ulong)1;
1120 env->hflags |= MIPS_HFLAG_M16;
1122 env->hflags &= ~(MIPS_HFLAG_M16);
1125 case 72: /* fp, ignored */ break;
1129 /* Other registers are readonly. Ignore writes. */
1133 return sizeof(target_ulong);
1135 #elif defined (TARGET_SH4)
1137 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
1138 /* FIXME: We should use XML for this. */
1140 #define NUM_CORE_REGS 59
1142 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1145 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
1146 GET_REGL(env->gregs[n + 16]);
1148 GET_REGL(env->gregs[n]);
1150 } else if (n < 16) {
1151 GET_REGL(env->gregs[n - 8]);
1152 } else if (n >= 25 && n < 41) {
1153 GET_REGL(env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)]);
1154 } else if (n >= 43 && n < 51) {
1155 GET_REGL(env->gregs[n - 43]);
1156 } else if (n >= 51 && n < 59) {
1157 GET_REGL(env->gregs[n - (51 - 16)]);
1160 case 16: GET_REGL(env->pc);
1161 case 17: GET_REGL(env->pr);
1162 case 18: GET_REGL(env->gbr);
1163 case 19: GET_REGL(env->vbr);
1164 case 20: GET_REGL(env->mach);
1165 case 21: GET_REGL(env->macl);
1166 case 22: GET_REGL(env->sr);
1167 case 23: GET_REGL(env->fpul);
1168 case 24: GET_REGL(env->fpscr);
1169 case 41: GET_REGL(env->ssr);
1170 case 42: GET_REGL(env->spc);
1176 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1180 tmp = ldl_p(mem_buf);
1183 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
1184 env->gregs[n + 16] = tmp;
1186 env->gregs[n] = tmp;
1189 } else if (n < 16) {
1190 env->gregs[n - 8] = tmp;
1192 } else if (n >= 25 && n < 41) {
1193 env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)] = tmp;
1194 } else if (n >= 43 && n < 51) {
1195 env->gregs[n - 43] = tmp;
1197 } else if (n >= 51 && n < 59) {
1198 env->gregs[n - (51 - 16)] = tmp;
1202 case 16: env->pc = tmp;
1203 case 17: env->pr = tmp;
1204 case 18: env->gbr = tmp;
1205 case 19: env->vbr = tmp;
1206 case 20: env->mach = tmp;
1207 case 21: env->macl = tmp;
1208 case 22: env->sr = tmp;
1209 case 23: env->fpul = tmp;
1210 case 24: env->fpscr = tmp;
1211 case 41: env->ssr = tmp;
1212 case 42: env->spc = tmp;
1218 #elif defined (TARGET_MICROBLAZE)
1220 #define NUM_CORE_REGS (32 + 5)
1222 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1225 GET_REG32(env->regs[n]);
1227 GET_REG32(env->sregs[n - 32]);
1232 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1236 if (n > NUM_CORE_REGS)
1239 tmp = ldl_p(mem_buf);
1244 env->sregs[n - 32] = tmp;
1248 #elif defined (TARGET_CRIS)
1250 #define NUM_CORE_REGS 49
1252 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1256 srs = env->pregs[PR_SRS];
1258 GET_REG32(env->regs[n]);
1261 if (n >= 21 && n < 32) {
1262 GET_REG32(env->pregs[n - 16]);
1264 if (n >= 33 && n < 49) {
1265 GET_REG32(env->sregs[srs][n - 33]);
1268 case 16: GET_REG8(env->pregs[0]);
1269 case 17: GET_REG8(env->pregs[1]);
1270 case 18: GET_REG32(env->pregs[2]);
1271 case 19: GET_REG8(srs);
1272 case 20: GET_REG16(env->pregs[4]);
1273 case 32: GET_REG32(env->pc);
1279 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1286 tmp = ldl_p(mem_buf);
1292 if (n >= 21 && n < 32) {
1293 env->pregs[n - 16] = tmp;
1296 /* FIXME: Should support function regs be writable? */
1300 case 18: env->pregs[PR_PID] = tmp; break;
1303 case 32: env->pc = tmp; break;
1308 #elif defined (TARGET_ALPHA)
1310 #define NUM_CORE_REGS 65
1312 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1315 GET_REGL(env->ir[n]);
1323 val = *((uint64_t *)&env->fir[n-32]);
1327 GET_REGL(env->fpcr);
1339 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1342 tmp = ldtul_p(mem_buf);
1348 if (n > 31 && n < 63) {
1349 env->fir[n - 32] = ldfl_p(mem_buf);
1358 #elif defined (TARGET_S390X)
1360 #define NUM_CORE_REGS S390_NUM_TOTAL_REGS
1362 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1365 case S390_PSWM_REGNUM: GET_REGL(env->psw.mask); break;
1366 case S390_PSWA_REGNUM: GET_REGL(env->psw.addr); break;
1367 case S390_R0_REGNUM ... S390_R15_REGNUM:
1368 GET_REGL(env->regs[n-S390_R0_REGNUM]); break;
1369 case S390_A0_REGNUM ... S390_A15_REGNUM:
1370 GET_REG32(env->aregs[n-S390_A0_REGNUM]); break;
1371 case S390_FPC_REGNUM: GET_REG32(env->fpc); break;
1372 case S390_F0_REGNUM ... S390_F15_REGNUM:
1375 case S390_PC_REGNUM: GET_REGL(env->psw.addr); break;
1376 case S390_CC_REGNUM: GET_REG32(env->cc); break;
1382 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1387 tmpl = ldtul_p(mem_buf);
1388 tmp32 = ldl_p(mem_buf);
1391 case S390_PSWM_REGNUM: env->psw.mask = tmpl; break;
1392 case S390_PSWA_REGNUM: env->psw.addr = tmpl; break;
1393 case S390_R0_REGNUM ... S390_R15_REGNUM:
1394 env->regs[n-S390_R0_REGNUM] = tmpl; break;
1395 case S390_A0_REGNUM ... S390_A15_REGNUM:
1396 env->aregs[n-S390_A0_REGNUM] = tmp32; r=4; break;
1397 case S390_FPC_REGNUM: env->fpc = tmp32; r=4; break;
1398 case S390_F0_REGNUM ... S390_F15_REGNUM:
1401 case S390_PC_REGNUM: env->psw.addr = tmpl; break;
1402 case S390_CC_REGNUM: env->cc = tmp32; r=4; break;
1409 #define NUM_CORE_REGS 0
1411 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1416 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1423 static int num_g_regs = NUM_CORE_REGS;
1426 /* Encode data using the encoding for 'x' packets. */
1427 static int memtox(char *buf, const char *mem, int len)
1435 case '#': case '$': case '*': case '}':
1447 static const char *get_feature_xml(const char *p, const char **newp)
1449 extern const char *const xml_builtin[][2];
1453 static char target_xml[1024];
1456 while (p[len] && p[len] != ':')
1461 if (strncmp(p, "target.xml", len) == 0) {
1462 /* Generate the XML description for this CPU. */
1463 if (!target_xml[0]) {
1464 GDBRegisterState *r;
1466 snprintf(target_xml, sizeof(target_xml),
1467 "<?xml version=\"1.0\"?>"
1468 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1470 "<xi:include href=\"%s\"/>",
1473 for (r = first_cpu->gdb_regs; r; r = r->next) {
1474 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
1475 pstrcat(target_xml, sizeof(target_xml), r->xml);
1476 pstrcat(target_xml, sizeof(target_xml), "\"/>");
1478 pstrcat(target_xml, sizeof(target_xml), "</target>");
1482 for (i = 0; ; i++) {
1483 name = xml_builtin[i][0];
1484 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
1487 return name ? xml_builtin[i][1] : NULL;
1491 static int gdb_read_register(CPUState *env, uint8_t *mem_buf, int reg)
1493 GDBRegisterState *r;
1495 if (reg < NUM_CORE_REGS)
1496 return cpu_gdb_read_register(env, mem_buf, reg);
1498 for (r = env->gdb_regs; r; r = r->next) {
1499 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1500 return r->get_reg(env, mem_buf, reg - r->base_reg);
1506 static int gdb_write_register(CPUState *env, uint8_t *mem_buf, int reg)
1508 GDBRegisterState *r;
1510 if (reg < NUM_CORE_REGS)
1511 return cpu_gdb_write_register(env, mem_buf, reg);
1513 for (r = env->gdb_regs; r; r = r->next) {
1514 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1515 return r->set_reg(env, mem_buf, reg - r->base_reg);
1521 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1522 specifies the first register number and these registers are included in
1523 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1524 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1527 void gdb_register_coprocessor(CPUState * env,
1528 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
1529 int num_regs, const char *xml, int g_pos)
1531 GDBRegisterState *s;
1532 GDBRegisterState **p;
1533 static int last_reg = NUM_CORE_REGS;
1535 s = (GDBRegisterState *)qemu_mallocz(sizeof(GDBRegisterState));
1536 s->base_reg = last_reg;
1537 s->num_regs = num_regs;
1538 s->get_reg = get_reg;
1539 s->set_reg = set_reg;
1543 /* Check for duplicates. */
1544 if (strcmp((*p)->xml, xml) == 0)
1548 /* Add to end of list. */
1549 last_reg += num_regs;
1552 if (g_pos != s->base_reg) {
1553 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
1554 "Expected %d got %d\n", xml, g_pos, s->base_reg);
1556 num_g_regs = last_reg;
1561 #ifndef CONFIG_USER_ONLY
1562 static const int xlat_gdb_type[] = {
1563 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1564 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1565 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1569 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
1575 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1578 case GDB_BREAKPOINT_SW:
1579 case GDB_BREAKPOINT_HW:
1580 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1581 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
1586 #ifndef CONFIG_USER_ONLY
1587 case GDB_WATCHPOINT_WRITE:
1588 case GDB_WATCHPOINT_READ:
1589 case GDB_WATCHPOINT_ACCESS:
1590 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1591 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
1603 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
1609 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1612 case GDB_BREAKPOINT_SW:
1613 case GDB_BREAKPOINT_HW:
1614 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1615 err = cpu_breakpoint_remove(env, addr, BP_GDB);
1620 #ifndef CONFIG_USER_ONLY
1621 case GDB_WATCHPOINT_WRITE:
1622 case GDB_WATCHPOINT_READ:
1623 case GDB_WATCHPOINT_ACCESS:
1624 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1625 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
1636 static void gdb_breakpoint_remove_all(void)
1640 if (kvm_enabled()) {
1641 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1645 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1646 cpu_breakpoint_remove_all(env, BP_GDB);
1647 #ifndef CONFIG_USER_ONLY
1648 cpu_watchpoint_remove_all(env, BP_GDB);
1653 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1655 #if defined(TARGET_I386)
1656 cpu_synchronize_state(s->c_cpu);
1658 #elif defined (TARGET_PPC)
1660 #elif defined (TARGET_SPARC)
1662 s->c_cpu->npc = pc + 4;
1663 #elif defined (TARGET_ARM)
1664 s->c_cpu->regs[15] = pc;
1665 #elif defined (TARGET_SH4)
1667 #elif defined (TARGET_MIPS)
1668 s->c_cpu->active_tc.PC = pc & ~(target_ulong)1;
1670 s->c_cpu->hflags |= MIPS_HFLAG_M16;
1672 s->c_cpu->hflags &= ~(MIPS_HFLAG_M16);
1674 #elif defined (TARGET_MICROBLAZE)
1675 s->c_cpu->sregs[SR_PC] = pc;
1676 #elif defined (TARGET_CRIS)
1678 #elif defined (TARGET_ALPHA)
1680 #elif defined (TARGET_S390X)
1681 cpu_synchronize_state(s->c_cpu);
1682 s->c_cpu->psw.addr = pc;
1686 static inline int gdb_id(CPUState *env)
1688 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_USE_NPTL)
1689 return env->host_tid;
1691 return env->cpu_index + 1;
1695 static CPUState *find_cpu(uint32_t thread_id)
1699 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1700 if (gdb_id(env) == thread_id) {
1708 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1713 int ch, reg_size, type, res;
1714 char buf[MAX_PACKET_LENGTH];
1715 uint8_t mem_buf[MAX_PACKET_LENGTH];
1717 target_ulong addr, len;
1720 printf("command='%s'\n", line_buf);
1726 /* TODO: Make this return the correct value for user-mode. */
1727 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
1730 /* Remove all the breakpoints when this query is issued,
1731 * because gdb is doing and initial connect and the state
1732 * should be cleaned up.
1734 gdb_breakpoint_remove_all();
1738 addr = strtoull(p, (char **)&p, 16);
1739 gdb_set_cpu_pc(s, addr);
1745 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1746 if (s->signal == -1)
1751 if (strncmp(p, "Cont", 4) == 0) {
1752 int res_signal, res_thread;
1756 put_packet(s, "vCont;c;C;s;S");
1771 if (action == 'C' || action == 'S') {
1772 signal = strtoul(p, (char **)&p, 16);
1773 } else if (action != 'c' && action != 's') {
1779 thread = strtoull(p+1, (char **)&p, 16);
1781 action = tolower(action);
1782 if (res == 0 || (res == 'c' && action == 's')) {
1784 res_signal = signal;
1785 res_thread = thread;
1789 if (res_thread != -1 && res_thread != 0) {
1790 env = find_cpu(res_thread);
1792 put_packet(s, "E22");
1798 cpu_single_step(s->c_cpu, sstep_flags);
1800 s->signal = res_signal;
1806 goto unknown_command;
1809 /* Kill the target */
1810 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
1814 gdb_breakpoint_remove_all();
1816 put_packet(s, "OK");
1820 addr = strtoull(p, (char **)&p, 16);
1821 gdb_set_cpu_pc(s, addr);
1823 cpu_single_step(s->c_cpu, sstep_flags);
1831 ret = strtoull(p, (char **)&p, 16);
1834 err = strtoull(p, (char **)&p, 16);
1841 if (gdb_current_syscall_cb)
1842 gdb_current_syscall_cb(s->c_cpu, ret, err);
1844 put_packet(s, "T02");
1851 cpu_synchronize_state(s->g_cpu);
1853 for (addr = 0; addr < num_g_regs; addr++) {
1854 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1857 memtohex(buf, mem_buf, len);
1861 cpu_synchronize_state(s->g_cpu);
1862 registers = mem_buf;
1863 len = strlen(p) / 2;
1864 hextomem((uint8_t *)registers, p, len);
1865 for (addr = 0; addr < num_g_regs && len > 0; addr++) {
1866 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1868 registers += reg_size;
1870 put_packet(s, "OK");
1873 addr = strtoull(p, (char **)&p, 16);
1876 len = strtoull(p, NULL, 16);
1877 if (cpu_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 0) != 0) {
1878 put_packet (s, "E14");
1880 memtohex(buf, mem_buf, len);
1885 addr = strtoull(p, (char **)&p, 16);
1888 len = strtoull(p, (char **)&p, 16);
1891 hextomem(mem_buf, p, len);
1892 if (cpu_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 1) != 0)
1893 put_packet(s, "E14");
1895 put_packet(s, "OK");
1898 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1899 This works, but can be very slow. Anything new enough to
1900 understand XML also knows how to use this properly. */
1902 goto unknown_command;
1903 addr = strtoull(p, (char **)&p, 16);
1904 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1906 memtohex(buf, mem_buf, reg_size);
1909 put_packet(s, "E14");
1914 goto unknown_command;
1915 addr = strtoull(p, (char **)&p, 16);
1918 reg_size = strlen(p) / 2;
1919 hextomem(mem_buf, p, reg_size);
1920 gdb_write_register(s->g_cpu, mem_buf, addr);
1921 put_packet(s, "OK");
1925 type = strtoul(p, (char **)&p, 16);
1928 addr = strtoull(p, (char **)&p, 16);
1931 len = strtoull(p, (char **)&p, 16);
1933 res = gdb_breakpoint_insert(addr, len, type);
1935 res = gdb_breakpoint_remove(addr, len, type);
1937 put_packet(s, "OK");
1938 else if (res == -ENOSYS)
1941 put_packet(s, "E22");
1945 thread = strtoull(p, (char **)&p, 16);
1946 if (thread == -1 || thread == 0) {
1947 put_packet(s, "OK");
1950 env = find_cpu(thread);
1952 put_packet(s, "E22");
1958 put_packet(s, "OK");
1962 put_packet(s, "OK");
1965 put_packet(s, "E22");
1970 thread = strtoull(p, (char **)&p, 16);
1971 env = find_cpu(thread);
1974 put_packet(s, "OK");
1976 put_packet(s, "E22");
1981 /* parse any 'q' packets here */
1982 if (!strcmp(p,"qemu.sstepbits")) {
1983 /* Query Breakpoint bit definitions */
1984 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1990 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1991 /* Display or change the sstep_flags */
1994 /* Display current setting */
1995 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
2000 type = strtoul(p, (char **)&p, 16);
2002 put_packet(s, "OK");
2004 } else if (strcmp(p,"C") == 0) {
2005 /* "Current thread" remains vague in the spec, so always return
2006 * the first CPU (gdb returns the first thread). */
2007 put_packet(s, "QC1");
2009 } else if (strcmp(p,"fThreadInfo") == 0) {
2010 s->query_cpu = first_cpu;
2011 goto report_cpuinfo;
2012 } else if (strcmp(p,"sThreadInfo") == 0) {
2015 snprintf(buf, sizeof(buf), "m%x", gdb_id(s->query_cpu));
2017 s->query_cpu = s->query_cpu->next_cpu;
2021 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
2022 thread = strtoull(p+16, (char **)&p, 16);
2023 env = find_cpu(thread);
2025 cpu_synchronize_state(env);
2026 len = snprintf((char *)mem_buf, sizeof(mem_buf),
2027 "CPU#%d [%s]", env->cpu_index,
2028 env->halted ? "halted " : "running");
2029 memtohex(buf, mem_buf, len);
2034 #ifdef CONFIG_USER_ONLY
2035 else if (strncmp(p, "Offsets", 7) == 0) {
2036 TaskState *ts = s->c_cpu->opaque;
2038 snprintf(buf, sizeof(buf),
2039 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
2040 ";Bss=" TARGET_ABI_FMT_lx,
2041 ts->info->code_offset,
2042 ts->info->data_offset,
2043 ts->info->data_offset);
2047 #else /* !CONFIG_USER_ONLY */
2048 else if (strncmp(p, "Rcmd,", 5) == 0) {
2049 int len = strlen(p + 5);
2051 if ((len % 2) != 0) {
2052 put_packet(s, "E01");
2055 hextomem(mem_buf, p + 5, len);
2058 qemu_chr_read(s->mon_chr, mem_buf, len);
2059 put_packet(s, "OK");
2062 #endif /* !CONFIG_USER_ONLY */
2063 if (strncmp(p, "Supported", 9) == 0) {
2064 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
2066 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
2072 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
2074 target_ulong total_len;
2078 xml = get_feature_xml(p, &p);
2080 snprintf(buf, sizeof(buf), "E00");
2087 addr = strtoul(p, (char **)&p, 16);
2090 len = strtoul(p, (char **)&p, 16);
2092 total_len = strlen(xml);
2093 if (addr > total_len) {
2094 snprintf(buf, sizeof(buf), "E00");
2098 if (len > (MAX_PACKET_LENGTH - 5) / 2)
2099 len = (MAX_PACKET_LENGTH - 5) / 2;
2100 if (len < total_len - addr) {
2102 len = memtox(buf + 1, xml + addr, len);
2105 len = memtox(buf + 1, xml + addr, total_len - addr);
2107 put_packet_binary(s, buf, len + 1);
2111 /* Unrecognised 'q' command. */
2112 goto unknown_command;
2116 /* put empty packet */
2124 void gdb_set_stop_cpu(CPUState *env)
2126 gdbserver_state->c_cpu = env;
2127 gdbserver_state->g_cpu = env;
2130 #ifndef CONFIG_USER_ONLY
2131 static void gdb_vm_state_change(void *opaque, int running, int reason)
2133 GDBState *s = gdbserver_state;
2134 CPUState *env = s->c_cpu;
2139 if (running || (reason != EXCP_DEBUG && reason != EXCP_INTERRUPT) ||
2140 s->state == RS_INACTIVE || s->state == RS_SYSCALL)
2143 /* disable single step if it was enable */
2144 cpu_single_step(env, 0);
2146 if (reason == EXCP_DEBUG) {
2147 if (env->watchpoint_hit) {
2148 switch (env->watchpoint_hit->flags & BP_MEM_ACCESS) {
2159 snprintf(buf, sizeof(buf),
2160 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
2161 GDB_SIGNAL_TRAP, gdb_id(env), type,
2162 env->watchpoint_hit->vaddr);
2164 env->watchpoint_hit = NULL;
2168 ret = GDB_SIGNAL_TRAP;
2170 ret = GDB_SIGNAL_INT;
2172 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, gdb_id(env));
2177 /* Send a gdb syscall request.
2178 This accepts limited printf-style format specifiers, specifically:
2179 %x - target_ulong argument printed in hex.
2180 %lx - 64-bit argument printed in hex.
2181 %s - string pointer (target_ulong) and length (int) pair. */
2182 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2191 s = gdbserver_state;
2194 gdb_current_syscall_cb = cb;
2195 s->state = RS_SYSCALL;
2196 #ifndef CONFIG_USER_ONLY
2197 vm_stop(EXCP_DEBUG);
2208 addr = va_arg(va, target_ulong);
2209 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx, addr);
2212 if (*(fmt++) != 'x')
2214 i64 = va_arg(va, uint64_t);
2215 p += snprintf(p, &buf[sizeof(buf)] - p, "%" PRIx64, i64);
2218 addr = va_arg(va, target_ulong);
2219 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx "/%x",
2220 addr, va_arg(va, int));
2224 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
2235 #ifdef CONFIG_USER_ONLY
2236 gdb_handlesig(s->c_cpu, 0);
2242 static void gdb_read_byte(GDBState *s, int ch)
2247 #ifndef CONFIG_USER_ONLY
2248 if (s->last_packet_len) {
2249 /* Waiting for a response to the last packet. If we see the start
2250 of a new command then abandon the previous response. */
2253 printf("Got NACK, retransmitting\n");
2255 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
2259 printf("Got ACK\n");
2261 printf("Got '%c' when expecting ACK/NACK\n", ch);
2263 if (ch == '+' || ch == '$')
2264 s->last_packet_len = 0;
2269 /* when the CPU is running, we cannot do anything except stop
2270 it when receiving a char */
2271 vm_stop(EXCP_INTERRUPT);
2278 s->line_buf_index = 0;
2279 s->state = RS_GETLINE;
2284 s->state = RS_CHKSUM1;
2285 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2288 s->line_buf[s->line_buf_index++] = ch;
2292 s->line_buf[s->line_buf_index] = '\0';
2293 s->line_csum = fromhex(ch) << 4;
2294 s->state = RS_CHKSUM2;
2297 s->line_csum |= fromhex(ch);
2299 for(i = 0; i < s->line_buf_index; i++) {
2300 csum += s->line_buf[i];
2302 if (s->line_csum != (csum & 0xff)) {
2304 put_buffer(s, &reply, 1);
2308 put_buffer(s, &reply, 1);
2309 s->state = gdb_handle_packet(s, s->line_buf);
2318 #ifdef CONFIG_USER_ONLY
2324 s = gdbserver_state;
2326 if (gdbserver_fd < 0 || s->fd < 0)
2333 gdb_handlesig (CPUState *env, int sig)
2339 s = gdbserver_state;
2340 if (gdbserver_fd < 0 || s->fd < 0)
2343 /* disable single step if it was enabled */
2344 cpu_single_step(env, 0);
2349 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb (sig));
2352 /* put_packet() might have detected that the peer terminated the
2359 s->running_state = 0;
2360 while (s->running_state == 0) {
2361 n = read (s->fd, buf, 256);
2366 for (i = 0; i < n; i++)
2367 gdb_read_byte (s, buf[i]);
2369 else if (n == 0 || errno != EAGAIN)
2371 /* XXX: Connection closed. Should probably wait for annother
2372 connection before continuing. */
2381 /* Tell the remote gdb that the process has exited. */
2382 void gdb_exit(CPUState *env, int code)
2387 s = gdbserver_state;
2388 if (gdbserver_fd < 0 || s->fd < 0)
2391 snprintf(buf, sizeof(buf), "W%02x", code);
2395 /* Tell the remote gdb that the process has exited due to SIG. */
2396 void gdb_signalled(CPUState *env, int sig)
2401 s = gdbserver_state;
2402 if (gdbserver_fd < 0 || s->fd < 0)
2405 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb (sig));
2409 static void gdb_accept(void)
2412 struct sockaddr_in sockaddr;
2417 len = sizeof(sockaddr);
2418 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
2419 if (fd < 0 && errno != EINTR) {
2422 } else if (fd >= 0) {
2424 fcntl(fd, F_SETFD, FD_CLOEXEC);
2430 /* set short latency */
2432 setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val));
2434 s = qemu_mallocz(sizeof(GDBState));
2435 s->c_cpu = first_cpu;
2436 s->g_cpu = first_cpu;
2440 gdbserver_state = s;
2442 fcntl(fd, F_SETFL, O_NONBLOCK);
2445 static int gdbserver_open(int port)
2447 struct sockaddr_in sockaddr;
2450 fd = socket(PF_INET, SOCK_STREAM, 0);
2456 fcntl(fd, F_SETFD, FD_CLOEXEC);
2459 /* allow fast reuse */
2461 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val));
2463 sockaddr.sin_family = AF_INET;
2464 sockaddr.sin_port = htons(port);
2465 sockaddr.sin_addr.s_addr = 0;
2466 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
2471 ret = listen(fd, 0);
2479 int gdbserver_start(int port)
2481 gdbserver_fd = gdbserver_open(port);
2482 if (gdbserver_fd < 0)
2484 /* accept connections */
2489 /* Disable gdb stub for child processes. */
2490 void gdbserver_fork(CPUState *env)
2492 GDBState *s = gdbserver_state;
2493 if (gdbserver_fd < 0 || s->fd < 0)
2497 cpu_breakpoint_remove_all(env, BP_GDB);
2498 cpu_watchpoint_remove_all(env, BP_GDB);
2501 static int gdb_chr_can_receive(void *opaque)
2503 /* We can handle an arbitrarily large amount of data.
2504 Pick the maximum packet size, which is as good as anything. */
2505 return MAX_PACKET_LENGTH;
2508 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
2512 for (i = 0; i < size; i++) {
2513 gdb_read_byte(gdbserver_state, buf[i]);
2517 static void gdb_chr_event(void *opaque, int event)
2520 case CHR_EVENT_OPENED:
2521 vm_stop(EXCP_INTERRUPT);
2529 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
2531 char buf[MAX_PACKET_LENGTH];
2534 if (len > (MAX_PACKET_LENGTH/2) - 1)
2535 len = (MAX_PACKET_LENGTH/2) - 1;
2536 memtohex(buf + 1, (uint8_t *)msg, len);
2540 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
2542 const char *p = (const char *)buf;
2545 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
2547 if (len <= max_sz) {
2548 gdb_monitor_output(gdbserver_state, p, len);
2551 gdb_monitor_output(gdbserver_state, p, max_sz);
2559 static void gdb_sigterm_handler(int signal)
2562 vm_stop(EXCP_INTERRUPT);
2566 int gdbserver_start(const char *device)
2569 char gdbstub_device_name[128];
2570 CharDriverState *chr = NULL;
2571 CharDriverState *mon_chr;
2575 if (strcmp(device, "none") != 0) {
2576 if (strstart(device, "tcp:", NULL)) {
2577 /* enforce required TCP attributes */
2578 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2579 "%s,nowait,nodelay,server", device);
2580 device = gdbstub_device_name;
2583 else if (strcmp(device, "stdio") == 0) {
2584 struct sigaction act;
2586 memset(&act, 0, sizeof(act));
2587 act.sa_handler = gdb_sigterm_handler;
2588 sigaction(SIGINT, &act, NULL);
2591 chr = qemu_chr_open("gdb", device, NULL);
2595 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
2596 gdb_chr_event, NULL);
2599 s = gdbserver_state;
2601 s = qemu_mallocz(sizeof(GDBState));
2602 gdbserver_state = s;
2604 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2606 /* Initialize a monitor terminal for gdb */
2607 mon_chr = qemu_mallocz(sizeof(*mon_chr));
2608 mon_chr->chr_write = gdb_monitor_write;
2609 monitor_init(mon_chr, 0);
2612 qemu_chr_close(s->chr);
2613 mon_chr = s->mon_chr;
2614 memset(s, 0, sizeof(GDBState));
2616 s->c_cpu = first_cpu;
2617 s->g_cpu = first_cpu;
2619 s->state = chr ? RS_IDLE : RS_INACTIVE;
2620 s->mon_chr = mon_chr;
projects / qemu.git / blob