4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
33 #include "qemu-char.h"
39 #define MAX_PACKET_LENGTH 4096
42 #include "qemu_socket.h"
55 GDB_SIGNAL_UNKNOWN
= 143
58 #ifdef CONFIG_USER_ONLY
60 /* Map target signal numbers to GDB protocol signal numbers and vice
61 * versa. For user emulation's currently supported systems, we can
62 * assume most signals are defined.
65 static int gdb_signal_table
[] = {
225 /* In system mode we only need SIGINT and SIGTRAP; other signals
226 are not yet supported. */
233 static int gdb_signal_table
[] = {
243 #ifdef CONFIG_USER_ONLY
244 static int target_signal_to_gdb (int sig
)
247 for (i
= 0; i
< ARRAY_SIZE (gdb_signal_table
); i
++)
248 if (gdb_signal_table
[i
] == sig
)
250 return GDB_SIGNAL_UNKNOWN
;
254 static int gdb_signal_to_target (int sig
)
256 if (sig
< ARRAY_SIZE (gdb_signal_table
))
257 return gdb_signal_table
[sig
];
264 typedef struct GDBRegisterState
{
270 struct GDBRegisterState
*next
;
281 typedef struct GDBState
{
282 CPUState
*c_cpu
; /* current CPU for step/continue ops */
283 CPUState
*g_cpu
; /* current CPU for other ops */
284 CPUState
*query_cpu
; /* for q{f|s}ThreadInfo */
285 enum RSState state
; /* parsing state */
286 char line_buf
[MAX_PACKET_LENGTH
];
289 uint8_t last_packet
[MAX_PACKET_LENGTH
+ 4];
292 #ifdef CONFIG_USER_ONLY
296 CharDriverState
*chr
;
297 CharDriverState
*mon_chr
;
301 /* By default use no IRQs and no timers while single stepping so as to
302 * make single stepping like an ICE HW step.
304 static int sstep_flags
= SSTEP_ENABLE
|SSTEP_NOIRQ
|SSTEP_NOTIMER
;
306 static GDBState
*gdbserver_state
;
308 /* This is an ugly hack to cope with both new and old gdb.
309 If gdb sends qXfer:features:read then assume we're talking to a newish
310 gdb that understands target descriptions. */
311 static int gdb_has_xml
;
313 #ifdef CONFIG_USER_ONLY
314 /* XXX: This is not thread safe. Do we care? */
315 static int gdbserver_fd
= -1;
317 static int get_char(GDBState
*s
)
323 ret
= recv(s
->fd
, &ch
, 1, 0);
325 if (errno
== ECONNRESET
)
327 if (errno
!= EINTR
&& errno
!= EAGAIN
)
329 } else if (ret
== 0) {
341 static gdb_syscall_complete_cb gdb_current_syscall_cb
;
349 /* If gdb is connected when the first semihosting syscall occurs then use
350 remote gdb syscalls. Otherwise use native file IO. */
351 int use_gdb_syscalls(void)
353 if (gdb_syscall_mode
== GDB_SYS_UNKNOWN
) {
354 gdb_syscall_mode
= (gdbserver_state
? GDB_SYS_ENABLED
357 return gdb_syscall_mode
== GDB_SYS_ENABLED
;
360 /* Resume execution. */
361 static inline void gdb_continue(GDBState
*s
)
363 #ifdef CONFIG_USER_ONLY
364 s
->running_state
= 1;
370 static void put_buffer(GDBState
*s
, const uint8_t *buf
, int len
)
372 #ifdef CONFIG_USER_ONLY
376 ret
= send(s
->fd
, buf
, len
, 0);
378 if (errno
!= EINTR
&& errno
!= EAGAIN
)
386 qemu_chr_write(s
->chr
, buf
, len
);
390 static inline int fromhex(int v
)
392 if (v
>= '0' && v
<= '9')
394 else if (v
>= 'A' && v
<= 'F')
396 else if (v
>= 'a' && v
<= 'f')
402 static inline int tohex(int v
)
410 static void memtohex(char *buf
, const uint8_t *mem
, int len
)
415 for(i
= 0; i
< len
; i
++) {
417 *q
++ = tohex(c
>> 4);
418 *q
++ = tohex(c
& 0xf);
423 static void hextomem(uint8_t *mem
, const char *buf
, int len
)
427 for(i
= 0; i
< len
; i
++) {
428 mem
[i
] = (fromhex(buf
[0]) << 4) | fromhex(buf
[1]);
433 /* return -1 if error, 0 if OK */
434 static int put_packet_binary(GDBState
*s
, const char *buf
, int len
)
445 for(i
= 0; i
< len
; i
++) {
449 *(p
++) = tohex((csum
>> 4) & 0xf);
450 *(p
++) = tohex((csum
) & 0xf);
452 s
->last_packet_len
= p
- s
->last_packet
;
453 put_buffer(s
, (uint8_t *)s
->last_packet
, s
->last_packet_len
);
455 #ifdef CONFIG_USER_ONLY
468 /* return -1 if error, 0 if OK */
469 static int put_packet(GDBState
*s
, const char *buf
)
472 printf("reply='%s'\n", buf
);
475 return put_packet_binary(s
, buf
, strlen(buf
));
478 /* The GDB remote protocol transfers values in target byte order. This means
479 we can use the raw memory access routines to access the value buffer.
480 Conveniently, these also handle the case where the buffer is mis-aligned.
482 #define GET_REG8(val) do { \
483 stb_p(mem_buf, val); \
486 #define GET_REG16(val) do { \
487 stw_p(mem_buf, val); \
490 #define GET_REG32(val) do { \
491 stl_p(mem_buf, val); \
494 #define GET_REG64(val) do { \
495 stq_p(mem_buf, val); \
499 #if TARGET_LONG_BITS == 64
500 #define GET_REGL(val) GET_REG64(val)
501 #define ldtul_p(addr) ldq_p(addr)
503 #define GET_REGL(val) GET_REG32(val)
504 #define ldtul_p(addr) ldl_p(addr)
507 #if defined(TARGET_I386)
510 static const int gpr_map
[16] = {
511 R_EAX
, R_EBX
, R_ECX
, R_EDX
, R_ESI
, R_EDI
, R_EBP
, R_ESP
,
512 8, 9, 10, 11, 12, 13, 14, 15
515 #define gpr_map gpr_map32
517 static const int gpr_map32
[8] = { 0, 1, 2, 3, 4, 5, 6, 7 };
519 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
521 #define IDX_IP_REG CPU_NB_REGS
522 #define IDX_FLAGS_REG (IDX_IP_REG + 1)
523 #define IDX_SEG_REGS (IDX_FLAGS_REG + 1)
524 #define IDX_FP_REGS (IDX_SEG_REGS + 6)
525 #define IDX_XMM_REGS (IDX_FP_REGS + 16)
526 #define IDX_MXCSR_REG (IDX_XMM_REGS + CPU_NB_REGS)
528 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
530 if (n
< CPU_NB_REGS
) {
531 if (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
) {
532 GET_REG64(env
->regs
[gpr_map
[n
]]);
533 } else if (n
< CPU_NB_REGS32
) {
534 GET_REG32(env
->regs
[gpr_map32
[n
]]);
536 } else if (n
>= IDX_FP_REGS
&& n
< IDX_FP_REGS
+ 8) {
537 #ifdef USE_X86LDOUBLE
538 /* FIXME: byteswap float values - after fixing fpregs layout. */
539 memcpy(mem_buf
, &env
->fpregs
[n
- IDX_FP_REGS
], 10);
541 memset(mem_buf
, 0, 10);
544 } else if (n
>= IDX_XMM_REGS
&& n
< IDX_XMM_REGS
+ CPU_NB_REGS
) {
546 if (n
< CPU_NB_REGS32
||
547 (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
)) {
548 stq_p(mem_buf
, env
->xmm_regs
[n
].XMM_Q(0));
549 stq_p(mem_buf
+ 8, env
->xmm_regs
[n
].XMM_Q(1));
555 if (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
) {
560 case IDX_FLAGS_REG
: GET_REG32(env
->eflags
);
562 case IDX_SEG_REGS
: GET_REG32(env
->segs
[R_CS
].selector
);
563 case IDX_SEG_REGS
+ 1: GET_REG32(env
->segs
[R_SS
].selector
);
564 case IDX_SEG_REGS
+ 2: GET_REG32(env
->segs
[R_DS
].selector
);
565 case IDX_SEG_REGS
+ 3: GET_REG32(env
->segs
[R_ES
].selector
);
566 case IDX_SEG_REGS
+ 4: GET_REG32(env
->segs
[R_FS
].selector
);
567 case IDX_SEG_REGS
+ 5: GET_REG32(env
->segs
[R_GS
].selector
);
569 case IDX_FP_REGS
+ 8: GET_REG32(env
->fpuc
);
570 case IDX_FP_REGS
+ 9: GET_REG32((env
->fpus
& ~0x3800) |
571 (env
->fpstt
& 0x7) << 11);
572 case IDX_FP_REGS
+ 10: GET_REG32(0); /* ftag */
573 case IDX_FP_REGS
+ 11: GET_REG32(0); /* fiseg */
574 case IDX_FP_REGS
+ 12: GET_REG32(0); /* fioff */
575 case IDX_FP_REGS
+ 13: GET_REG32(0); /* foseg */
576 case IDX_FP_REGS
+ 14: GET_REG32(0); /* fooff */
577 case IDX_FP_REGS
+ 15: GET_REG32(0); /* fop */
579 case IDX_MXCSR_REG
: GET_REG32(env
->mxcsr
);
585 static int cpu_x86_gdb_load_seg(CPUState
*env
, int sreg
, uint8_t *mem_buf
)
587 uint16_t selector
= ldl_p(mem_buf
);
589 if (selector
!= env
->segs
[sreg
].selector
) {
590 #if defined(CONFIG_USER_ONLY)
591 cpu_x86_load_seg(env
, sreg
, selector
);
593 unsigned int limit
, flags
;
596 if (!(env
->cr
[0] & CR0_PE_MASK
) || (env
->eflags
& VM_MASK
)) {
597 base
= selector
<< 4;
601 if (!cpu_x86_get_descr_debug(env
, selector
, &base
, &limit
, &flags
))
604 cpu_x86_load_seg_cache(env
, sreg
, selector
, base
, limit
, flags
);
610 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
614 if (n
< CPU_NB_REGS
) {
615 if (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
) {
616 env
->regs
[gpr_map
[n
]] = ldtul_p(mem_buf
);
617 return sizeof(target_ulong
);
618 } else if (n
< CPU_NB_REGS32
) {
620 env
->regs
[n
] &= ~0xffffffffUL
;
621 env
->regs
[n
] |= (uint32_t)ldl_p(mem_buf
);
624 } else if (n
>= IDX_FP_REGS
&& n
< IDX_FP_REGS
+ 8) {
625 #ifdef USE_X86LDOUBLE
626 /* FIXME: byteswap float values - after fixing fpregs layout. */
627 memcpy(&env
->fpregs
[n
- IDX_FP_REGS
], mem_buf
, 10);
630 } else if (n
>= IDX_XMM_REGS
&& n
< IDX_XMM_REGS
+ CPU_NB_REGS
) {
632 if (n
< CPU_NB_REGS32
||
633 (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
)) {
634 env
->xmm_regs
[n
].XMM_Q(0) = ldq_p(mem_buf
);
635 env
->xmm_regs
[n
].XMM_Q(1) = ldq_p(mem_buf
+ 8);
641 if (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
) {
642 env
->eip
= ldq_p(mem_buf
);
645 env
->eip
&= ~0xffffffffUL
;
646 env
->eip
|= (uint32_t)ldl_p(mem_buf
);
650 env
->eflags
= ldl_p(mem_buf
);
653 case IDX_SEG_REGS
: return cpu_x86_gdb_load_seg(env
, R_CS
, mem_buf
);
654 case IDX_SEG_REGS
+ 1: return cpu_x86_gdb_load_seg(env
, R_SS
, mem_buf
);
655 case IDX_SEG_REGS
+ 2: return cpu_x86_gdb_load_seg(env
, R_DS
, mem_buf
);
656 case IDX_SEG_REGS
+ 3: return cpu_x86_gdb_load_seg(env
, R_ES
, mem_buf
);
657 case IDX_SEG_REGS
+ 4: return cpu_x86_gdb_load_seg(env
, R_FS
, mem_buf
);
658 case IDX_SEG_REGS
+ 5: return cpu_x86_gdb_load_seg(env
, R_GS
, mem_buf
);
660 case IDX_FP_REGS
+ 8:
661 env
->fpuc
= ldl_p(mem_buf
);
663 case IDX_FP_REGS
+ 9:
664 tmp
= ldl_p(mem_buf
);
665 env
->fpstt
= (tmp
>> 11) & 7;
666 env
->fpus
= tmp
& ~0x3800;
668 case IDX_FP_REGS
+ 10: /* ftag */ return 4;
669 case IDX_FP_REGS
+ 11: /* fiseg */ return 4;
670 case IDX_FP_REGS
+ 12: /* fioff */ return 4;
671 case IDX_FP_REGS
+ 13: /* foseg */ return 4;
672 case IDX_FP_REGS
+ 14: /* fooff */ return 4;
673 case IDX_FP_REGS
+ 15: /* fop */ return 4;
676 env
->mxcsr
= ldl_p(mem_buf
);
680 /* Unrecognised register. */
684 #elif defined (TARGET_PPC)
686 /* Old gdb always expects FP registers. Newer (xml-aware) gdb only
687 expects whatever the target description contains. Due to a
688 historical mishap the FP registers appear in between core integer
689 regs and PC, MSR, CR, and so forth. We hack round this by giving the
690 FP regs zero size when talking to a newer gdb. */
691 #define NUM_CORE_REGS 71
692 #if defined (TARGET_PPC64)
693 #define GDB_CORE_XML "power64-core.xml"
695 #define GDB_CORE_XML "power-core.xml"
698 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
702 GET_REGL(env
->gpr
[n
]);
707 stfq_p(mem_buf
, env
->fpr
[n
-32]);
711 case 64: GET_REGL(env
->nip
);
712 case 65: GET_REGL(env
->msr
);
717 for (i
= 0; i
< 8; i
++)
718 cr
|= env
->crf
[i
] << (32 - ((i
+ 1) * 4));
721 case 67: GET_REGL(env
->lr
);
722 case 68: GET_REGL(env
->ctr
);
723 case 69: GET_REGL(env
->xer
);
728 GET_REG32(0); /* fpscr */
735 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
739 env
->gpr
[n
] = ldtul_p(mem_buf
);
740 return sizeof(target_ulong
);
745 env
->fpr
[n
-32] = ldfq_p(mem_buf
);
750 env
->nip
= ldtul_p(mem_buf
);
751 return sizeof(target_ulong
);
753 ppc_store_msr(env
, ldtul_p(mem_buf
));
754 return sizeof(target_ulong
);
757 uint32_t cr
= ldl_p(mem_buf
);
759 for (i
= 0; i
< 8; i
++)
760 env
->crf
[i
] = (cr
>> (32 - ((i
+ 1) * 4))) & 0xF;
764 env
->lr
= ldtul_p(mem_buf
);
765 return sizeof(target_ulong
);
767 env
->ctr
= ldtul_p(mem_buf
);
768 return sizeof(target_ulong
);
770 env
->xer
= ldtul_p(mem_buf
);
771 return sizeof(target_ulong
);
782 #elif defined (TARGET_SPARC)
784 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
785 #define NUM_CORE_REGS 86
787 #define NUM_CORE_REGS 72
791 #define GET_REGA(val) GET_REG32(val)
793 #define GET_REGA(val) GET_REGL(val)
796 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
800 GET_REGA(env
->gregs
[n
]);
803 /* register window */
804 GET_REGA(env
->regwptr
[n
- 8]);
806 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
809 GET_REG32(*((uint32_t *)&env
->fpr
[n
- 32]));
811 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
813 case 64: GET_REGA(env
->y
);
814 case 65: GET_REGA(cpu_get_psr(env
));
815 case 66: GET_REGA(env
->wim
);
816 case 67: GET_REGA(env
->tbr
);
817 case 68: GET_REGA(env
->pc
);
818 case 69: GET_REGA(env
->npc
);
819 case 70: GET_REGA(env
->fsr
);
820 case 71: GET_REGA(0); /* csr */
821 default: GET_REGA(0);
826 GET_REG32(*((uint32_t *)&env
->fpr
[n
- 32]));
829 /* f32-f62 (double width, even numbers only) */
832 val
= (uint64_t)*((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 32]) << 32;
833 val
|= *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 33]);
837 case 80: GET_REGL(env
->pc
);
838 case 81: GET_REGL(env
->npc
);
839 case 82: GET_REGL((cpu_get_ccr(env
) << 32) |
840 ((env
->asi
& 0xff) << 24) |
841 ((env
->pstate
& 0xfff) << 8) |
843 case 83: GET_REGL(env
->fsr
);
844 case 84: GET_REGL(env
->fprs
);
845 case 85: GET_REGL(env
->y
);
851 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
853 #if defined(TARGET_ABI32)
856 tmp
= ldl_p(mem_buf
);
860 tmp
= ldtul_p(mem_buf
);
867 /* register window */
868 env
->regwptr
[n
- 8] = tmp
;
870 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
873 *((uint32_t *)&env
->fpr
[n
- 32]) = tmp
;
875 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
877 case 64: env
->y
= tmp
; break;
878 case 65: cpu_put_psr(env
, tmp
); break;
879 case 66: env
->wim
= tmp
; break;
880 case 67: env
->tbr
= tmp
; break;
881 case 68: env
->pc
= tmp
; break;
882 case 69: env
->npc
= tmp
; break;
883 case 70: env
->fsr
= tmp
; break;
891 env
->fpr
[n
] = ldfl_p(mem_buf
);
894 /* f32-f62 (double width, even numbers only) */
895 *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 32]) = tmp
>> 32;
896 *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 33]) = tmp
;
899 case 80: env
->pc
= tmp
; break;
900 case 81: env
->npc
= tmp
; break;
902 cpu_put_ccr(env
, tmp
>> 32);
903 env
->asi
= (tmp
>> 24) & 0xff;
904 env
->pstate
= (tmp
>> 8) & 0xfff;
905 cpu_put_cwp64(env
, tmp
& 0xff);
907 case 83: env
->fsr
= tmp
; break;
908 case 84: env
->fprs
= tmp
; break;
909 case 85: env
->y
= tmp
; break;
916 #elif defined (TARGET_ARM)
918 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
919 whatever the target description contains. Due to a historical mishap
920 the FPA registers appear in between core integer regs and the CPSR.
921 We hack round this by giving the FPA regs zero size when talking to a
923 #define NUM_CORE_REGS 26
924 #define GDB_CORE_XML "arm-core.xml"
926 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
929 /* Core integer register. */
930 GET_REG32(env
->regs
[n
]);
936 memset(mem_buf
, 0, 12);
941 /* FPA status register. */
947 GET_REG32(cpsr_read(env
));
949 /* Unknown register. */
953 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
957 tmp
= ldl_p(mem_buf
);
959 /* Mask out low bit of PC to workaround gdb bugs. This will probably
960 cause problems if we ever implement the Jazelle DBX extensions. */
965 /* Core integer register. */
969 if (n
< 24) { /* 16-23 */
970 /* FPA registers (ignored). */
977 /* FPA status register (ignored). */
983 cpsr_write (env
, tmp
, 0xffffffff);
986 /* Unknown register. */
990 #elif defined (TARGET_M68K)
992 #define NUM_CORE_REGS 18
994 #define GDB_CORE_XML "cf-core.xml"
996 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1000 GET_REG32(env
->dregs
[n
]);
1001 } else if (n
< 16) {
1003 GET_REG32(env
->aregs
[n
- 8]);
1006 case 16: GET_REG32(env
->sr
);
1007 case 17: GET_REG32(env
->pc
);
1010 /* FP registers not included here because they vary between
1011 ColdFire and m68k. Use XML bits for these. */
1015 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1019 tmp
= ldl_p(mem_buf
);
1023 env
->dregs
[n
] = tmp
;
1024 } else if (n
< 16) {
1026 env
->aregs
[n
- 8] = tmp
;
1029 case 16: env
->sr
= tmp
; break;
1030 case 17: env
->pc
= tmp
; break;
1036 #elif defined (TARGET_MIPS)
1038 #define NUM_CORE_REGS 73
1040 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1043 GET_REGL(env
->active_tc
.gpr
[n
]);
1045 if (env
->CP0_Config1
& (1 << CP0C1_FP
)) {
1046 if (n
>= 38 && n
< 70) {
1047 if (env
->CP0_Status
& (1 << CP0St_FR
))
1048 GET_REGL(env
->active_fpu
.fpr
[n
- 38].d
);
1050 GET_REGL(env
->active_fpu
.fpr
[n
- 38].w
[FP_ENDIAN_IDX
]);
1053 case 70: GET_REGL((int32_t)env
->active_fpu
.fcr31
);
1054 case 71: GET_REGL((int32_t)env
->active_fpu
.fcr0
);
1058 case 32: GET_REGL((int32_t)env
->CP0_Status
);
1059 case 33: GET_REGL(env
->active_tc
.LO
[0]);
1060 case 34: GET_REGL(env
->active_tc
.HI
[0]);
1061 case 35: GET_REGL(env
->CP0_BadVAddr
);
1062 case 36: GET_REGL((int32_t)env
->CP0_Cause
);
1063 case 37: GET_REGL(env
->active_tc
.PC
| !!(env
->hflags
& MIPS_HFLAG_M16
));
1064 case 72: GET_REGL(0); /* fp */
1065 case 89: GET_REGL((int32_t)env
->CP0_PRid
);
1067 if (n
>= 73 && n
<= 88) {
1068 /* 16 embedded regs. */
1075 /* convert MIPS rounding mode in FCR31 to IEEE library */
1076 static unsigned int ieee_rm
[] =
1078 float_round_nearest_even
,
1079 float_round_to_zero
,
1083 #define RESTORE_ROUNDING_MODE \
1084 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
1086 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1090 tmp
= ldtul_p(mem_buf
);
1093 env
->active_tc
.gpr
[n
] = tmp
;
1094 return sizeof(target_ulong
);
1096 if (env
->CP0_Config1
& (1 << CP0C1_FP
)
1097 && n
>= 38 && n
< 73) {
1099 if (env
->CP0_Status
& (1 << CP0St_FR
))
1100 env
->active_fpu
.fpr
[n
- 38].d
= tmp
;
1102 env
->active_fpu
.fpr
[n
- 38].w
[FP_ENDIAN_IDX
] = tmp
;
1106 env
->active_fpu
.fcr31
= tmp
& 0xFF83FFFF;
1107 /* set rounding mode */
1108 RESTORE_ROUNDING_MODE
;
1109 #ifndef CONFIG_SOFTFLOAT
1110 /* no floating point exception for native float */
1111 SET_FP_ENABLE(env
->active_fpu
.fcr31
, 0);
1114 case 71: env
->active_fpu
.fcr0
= tmp
; break;
1116 return sizeof(target_ulong
);
1119 case 32: env
->CP0_Status
= tmp
; break;
1120 case 33: env
->active_tc
.LO
[0] = tmp
; break;
1121 case 34: env
->active_tc
.HI
[0] = tmp
; break;
1122 case 35: env
->CP0_BadVAddr
= tmp
; break;
1123 case 36: env
->CP0_Cause
= tmp
; break;
1125 env
->active_tc
.PC
= tmp
& ~(target_ulong
)1;
1127 env
->hflags
|= MIPS_HFLAG_M16
;
1129 env
->hflags
&= ~(MIPS_HFLAG_M16
);
1132 case 72: /* fp, ignored */ break;
1136 /* Other registers are readonly. Ignore writes. */
1140 return sizeof(target_ulong
);
1142 #elif defined (TARGET_SH4)
1144 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
1145 /* FIXME: We should use XML for this. */
1147 #define NUM_CORE_REGS 59
1149 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1152 if ((env
->sr
& (SR_MD
| SR_RB
)) == (SR_MD
| SR_RB
)) {
1153 GET_REGL(env
->gregs
[n
+ 16]);
1155 GET_REGL(env
->gregs
[n
]);
1157 } else if (n
< 16) {
1158 GET_REGL(env
->gregs
[n
]);
1159 } else if (n
>= 25 && n
< 41) {
1160 GET_REGL(env
->fregs
[(n
- 25) + ((env
->fpscr
& FPSCR_FR
) ? 16 : 0)]);
1161 } else if (n
>= 43 && n
< 51) {
1162 GET_REGL(env
->gregs
[n
- 43]);
1163 } else if (n
>= 51 && n
< 59) {
1164 GET_REGL(env
->gregs
[n
- (51 - 16)]);
1167 case 16: GET_REGL(env
->pc
);
1168 case 17: GET_REGL(env
->pr
);
1169 case 18: GET_REGL(env
->gbr
);
1170 case 19: GET_REGL(env
->vbr
);
1171 case 20: GET_REGL(env
->mach
);
1172 case 21: GET_REGL(env
->macl
);
1173 case 22: GET_REGL(env
->sr
);
1174 case 23: GET_REGL(env
->fpul
);
1175 case 24: GET_REGL(env
->fpscr
);
1176 case 41: GET_REGL(env
->ssr
);
1177 case 42: GET_REGL(env
->spc
);
1183 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1187 tmp
= ldl_p(mem_buf
);
1190 if ((env
->sr
& (SR_MD
| SR_RB
)) == (SR_MD
| SR_RB
)) {
1191 env
->gregs
[n
+ 16] = tmp
;
1193 env
->gregs
[n
] = tmp
;
1196 } else if (n
< 16) {
1197 env
->gregs
[n
] = tmp
;
1199 } else if (n
>= 25 && n
< 41) {
1200 env
->fregs
[(n
- 25) + ((env
->fpscr
& FPSCR_FR
) ? 16 : 0)] = tmp
;
1202 } else if (n
>= 43 && n
< 51) {
1203 env
->gregs
[n
- 43] = tmp
;
1205 } else if (n
>= 51 && n
< 59) {
1206 env
->gregs
[n
- (51 - 16)] = tmp
;
1210 case 16: env
->pc
= tmp
; break;
1211 case 17: env
->pr
= tmp
; break;
1212 case 18: env
->gbr
= tmp
; break;
1213 case 19: env
->vbr
= tmp
; break;
1214 case 20: env
->mach
= tmp
; break;
1215 case 21: env
->macl
= tmp
; break;
1216 case 22: env
->sr
= tmp
; break;
1217 case 23: env
->fpul
= tmp
; break;
1218 case 24: env
->fpscr
= tmp
; break;
1219 case 41: env
->ssr
= tmp
; break;
1220 case 42: env
->spc
= tmp
; break;
1226 #elif defined (TARGET_MICROBLAZE)
1228 #define NUM_CORE_REGS (32 + 5)
1230 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1233 GET_REG32(env
->regs
[n
]);
1235 GET_REG32(env
->sregs
[n
- 32]);
1240 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1244 if (n
> NUM_CORE_REGS
)
1247 tmp
= ldl_p(mem_buf
);
1252 env
->sregs
[n
- 32] = tmp
;
1256 #elif defined (TARGET_CRIS)
1258 #define NUM_CORE_REGS 49
1261 read_register_crisv10(CPUState
*env
, uint8_t *mem_buf
, int n
)
1264 GET_REG32(env
->regs
[n
]);
1274 GET_REG8(env
->pregs
[n
- 16]);
1277 GET_REG8(env
->pregs
[n
- 16]);
1281 GET_REG16(env
->pregs
[n
- 16]);
1285 GET_REG32(env
->pregs
[n
- 16]);
1293 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1297 if (env
->pregs
[PR_VR
] < 32)
1298 return read_register_crisv10(env
, mem_buf
, n
);
1300 srs
= env
->pregs
[PR_SRS
];
1302 GET_REG32(env
->regs
[n
]);
1305 if (n
>= 21 && n
< 32) {
1306 GET_REG32(env
->pregs
[n
- 16]);
1308 if (n
>= 33 && n
< 49) {
1309 GET_REG32(env
->sregs
[srs
][n
- 33]);
1312 case 16: GET_REG8(env
->pregs
[0]);
1313 case 17: GET_REG8(env
->pregs
[1]);
1314 case 18: GET_REG32(env
->pregs
[2]);
1315 case 19: GET_REG8(srs
);
1316 case 20: GET_REG16(env
->pregs
[4]);
1317 case 32: GET_REG32(env
->pc
);
1323 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1330 tmp
= ldl_p(mem_buf
);
1336 if (n
>= 21 && n
< 32) {
1337 env
->pregs
[n
- 16] = tmp
;
1340 /* FIXME: Should support function regs be writable? */
1344 case 18: env
->pregs
[PR_PID
] = tmp
; break;
1347 case 32: env
->pc
= tmp
; break;
1352 #elif defined (TARGET_ALPHA)
1354 #define NUM_CORE_REGS 67
1356 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1366 d
.d
= env
->fir
[n
- 32];
1370 val
= cpu_alpha_load_fpcr(env
);
1380 /* 31 really is the zero register; 65 is unassigned in the
1381 gdb protocol, but is still required to occupy 8 bytes. */
1390 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1392 target_ulong tmp
= ldtul_p(mem_buf
);
1401 env
->fir
[n
- 32] = d
.d
;
1404 cpu_alpha_store_fpcr(env
, tmp
);
1414 /* 31 really is the zero register; 65 is unassigned in the
1415 gdb protocol, but is still required to occupy 8 bytes. */
1422 #elif defined (TARGET_S390X)
1424 #define NUM_CORE_REGS S390_NUM_TOTAL_REGS
1426 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1429 case S390_PSWM_REGNUM
: GET_REGL(env
->psw
.mask
); break;
1430 case S390_PSWA_REGNUM
: GET_REGL(env
->psw
.addr
); break;
1431 case S390_R0_REGNUM
... S390_R15_REGNUM
:
1432 GET_REGL(env
->regs
[n
-S390_R0_REGNUM
]); break;
1433 case S390_A0_REGNUM
... S390_A15_REGNUM
:
1434 GET_REG32(env
->aregs
[n
-S390_A0_REGNUM
]); break;
1435 case S390_FPC_REGNUM
: GET_REG32(env
->fpc
); break;
1436 case S390_F0_REGNUM
... S390_F15_REGNUM
:
1439 case S390_PC_REGNUM
: GET_REGL(env
->psw
.addr
); break;
1440 case S390_CC_REGNUM
: GET_REG32(env
->cc
); break;
1446 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1451 tmpl
= ldtul_p(mem_buf
);
1452 tmp32
= ldl_p(mem_buf
);
1455 case S390_PSWM_REGNUM
: env
->psw
.mask
= tmpl
; break;
1456 case S390_PSWA_REGNUM
: env
->psw
.addr
= tmpl
; break;
1457 case S390_R0_REGNUM
... S390_R15_REGNUM
:
1458 env
->regs
[n
-S390_R0_REGNUM
] = tmpl
; break;
1459 case S390_A0_REGNUM
... S390_A15_REGNUM
:
1460 env
->aregs
[n
-S390_A0_REGNUM
] = tmp32
; r
=4; break;
1461 case S390_FPC_REGNUM
: env
->fpc
= tmp32
; r
=4; break;
1462 case S390_F0_REGNUM
... S390_F15_REGNUM
:
1465 case S390_PC_REGNUM
: env
->psw
.addr
= tmpl
; break;
1466 case S390_CC_REGNUM
: env
->cc
= tmp32
; r
=4; break;
1471 #elif defined (TARGET_LM32)
1473 #include "hw/lm32_pic.h"
1474 #define NUM_CORE_REGS (32 + 7)
1476 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1479 GET_REG32(env
->regs
[n
]);
1485 /* FIXME: put in right exception ID */
1490 GET_REG32(env
->eba
);
1493 GET_REG32(env
->deba
);
1499 GET_REG32(lm32_pic_get_im(env
->pic_state
));
1502 GET_REG32(lm32_pic_get_ip(env
->pic_state
));
1509 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1513 if (n
> NUM_CORE_REGS
) {
1517 tmp
= ldl_p(mem_buf
);
1536 lm32_pic_set_im(env
->pic_state
, tmp
);
1539 lm32_pic_set_ip(env
->pic_state
, tmp
);
1547 #define NUM_CORE_REGS 0
1549 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1554 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1561 static int num_g_regs
= NUM_CORE_REGS
;
1564 /* Encode data using the encoding for 'x' packets. */
1565 static int memtox(char *buf
, const char *mem
, int len
)
1573 case '#': case '$': case '*': case '}':
1585 static const char *get_feature_xml(const char *p
, const char **newp
)
1590 static char target_xml
[1024];
1593 while (p
[len
] && p
[len
] != ':')
1598 if (strncmp(p
, "target.xml", len
) == 0) {
1599 /* Generate the XML description for this CPU. */
1600 if (!target_xml
[0]) {
1601 GDBRegisterState
*r
;
1603 snprintf(target_xml
, sizeof(target_xml
),
1604 "<?xml version=\"1.0\"?>"
1605 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1607 "<xi:include href=\"%s\"/>",
1610 for (r
= first_cpu
->gdb_regs
; r
; r
= r
->next
) {
1611 pstrcat(target_xml
, sizeof(target_xml
), "<xi:include href=\"");
1612 pstrcat(target_xml
, sizeof(target_xml
), r
->xml
);
1613 pstrcat(target_xml
, sizeof(target_xml
), "\"/>");
1615 pstrcat(target_xml
, sizeof(target_xml
), "</target>");
1619 for (i
= 0; ; i
++) {
1620 name
= xml_builtin
[i
][0];
1621 if (!name
|| (strncmp(name
, p
, len
) == 0 && strlen(name
) == len
))
1624 return name
? xml_builtin
[i
][1] : NULL
;
1628 static int gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int reg
)
1630 GDBRegisterState
*r
;
1632 if (reg
< NUM_CORE_REGS
)
1633 return cpu_gdb_read_register(env
, mem_buf
, reg
);
1635 for (r
= env
->gdb_regs
; r
; r
= r
->next
) {
1636 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
1637 return r
->get_reg(env
, mem_buf
, reg
- r
->base_reg
);
1643 static int gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int reg
)
1645 GDBRegisterState
*r
;
1647 if (reg
< NUM_CORE_REGS
)
1648 return cpu_gdb_write_register(env
, mem_buf
, reg
);
1650 for (r
= env
->gdb_regs
; r
; r
= r
->next
) {
1651 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
1652 return r
->set_reg(env
, mem_buf
, reg
- r
->base_reg
);
1658 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1659 specifies the first register number and these registers are included in
1660 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1661 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1664 void gdb_register_coprocessor(CPUState
* env
,
1665 gdb_reg_cb get_reg
, gdb_reg_cb set_reg
,
1666 int num_regs
, const char *xml
, int g_pos
)
1668 GDBRegisterState
*s
;
1669 GDBRegisterState
**p
;
1670 static int last_reg
= NUM_CORE_REGS
;
1672 s
= (GDBRegisterState
*)qemu_mallocz(sizeof(GDBRegisterState
));
1673 s
->base_reg
= last_reg
;
1674 s
->num_regs
= num_regs
;
1675 s
->get_reg
= get_reg
;
1676 s
->set_reg
= set_reg
;
1680 /* Check for duplicates. */
1681 if (strcmp((*p
)->xml
, xml
) == 0)
1685 /* Add to end of list. */
1686 last_reg
+= num_regs
;
1689 if (g_pos
!= s
->base_reg
) {
1690 fprintf(stderr
, "Error: Bad gdb register numbering for '%s'\n"
1691 "Expected %d got %d\n", xml
, g_pos
, s
->base_reg
);
1693 num_g_regs
= last_reg
;
1698 #ifndef CONFIG_USER_ONLY
1699 static const int xlat_gdb_type
[] = {
1700 [GDB_WATCHPOINT_WRITE
] = BP_GDB
| BP_MEM_WRITE
,
1701 [GDB_WATCHPOINT_READ
] = BP_GDB
| BP_MEM_READ
,
1702 [GDB_WATCHPOINT_ACCESS
] = BP_GDB
| BP_MEM_ACCESS
,
1706 static int gdb_breakpoint_insert(target_ulong addr
, target_ulong len
, int type
)
1712 return kvm_insert_breakpoint(gdbserver_state
->c_cpu
, addr
, len
, type
);
1715 case GDB_BREAKPOINT_SW
:
1716 case GDB_BREAKPOINT_HW
:
1717 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1718 err
= cpu_breakpoint_insert(env
, addr
, BP_GDB
, NULL
);
1723 #ifndef CONFIG_USER_ONLY
1724 case GDB_WATCHPOINT_WRITE
:
1725 case GDB_WATCHPOINT_READ
:
1726 case GDB_WATCHPOINT_ACCESS
:
1727 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1728 err
= cpu_watchpoint_insert(env
, addr
, len
, xlat_gdb_type
[type
],
1740 static int gdb_breakpoint_remove(target_ulong addr
, target_ulong len
, int type
)
1746 return kvm_remove_breakpoint(gdbserver_state
->c_cpu
, addr
, len
, type
);
1749 case GDB_BREAKPOINT_SW
:
1750 case GDB_BREAKPOINT_HW
:
1751 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1752 err
= cpu_breakpoint_remove(env
, addr
, BP_GDB
);
1757 #ifndef CONFIG_USER_ONLY
1758 case GDB_WATCHPOINT_WRITE
:
1759 case GDB_WATCHPOINT_READ
:
1760 case GDB_WATCHPOINT_ACCESS
:
1761 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1762 err
= cpu_watchpoint_remove(env
, addr
, len
, xlat_gdb_type
[type
]);
1773 static void gdb_breakpoint_remove_all(void)
1777 if (kvm_enabled()) {
1778 kvm_remove_all_breakpoints(gdbserver_state
->c_cpu
);
1782 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1783 cpu_breakpoint_remove_all(env
, BP_GDB
);
1784 #ifndef CONFIG_USER_ONLY
1785 cpu_watchpoint_remove_all(env
, BP_GDB
);
1790 static void gdb_set_cpu_pc(GDBState
*s
, target_ulong pc
)
1792 #if defined(TARGET_I386)
1793 cpu_synchronize_state(s
->c_cpu
);
1795 #elif defined (TARGET_PPC)
1797 #elif defined (TARGET_SPARC)
1799 s
->c_cpu
->npc
= pc
+ 4;
1800 #elif defined (TARGET_ARM)
1801 s
->c_cpu
->regs
[15] = pc
;
1802 #elif defined (TARGET_SH4)
1804 #elif defined (TARGET_MIPS)
1805 s
->c_cpu
->active_tc
.PC
= pc
& ~(target_ulong
)1;
1807 s
->c_cpu
->hflags
|= MIPS_HFLAG_M16
;
1809 s
->c_cpu
->hflags
&= ~(MIPS_HFLAG_M16
);
1811 #elif defined (TARGET_MICROBLAZE)
1812 s
->c_cpu
->sregs
[SR_PC
] = pc
;
1813 #elif defined (TARGET_CRIS)
1815 #elif defined (TARGET_ALPHA)
1817 #elif defined (TARGET_S390X)
1818 cpu_synchronize_state(s
->c_cpu
);
1819 s
->c_cpu
->psw
.addr
= pc
;
1820 #elif defined (TARGET_LM32)
1825 static inline int gdb_id(CPUState
*env
)
1827 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_USE_NPTL)
1828 return env
->host_tid
;
1830 return env
->cpu_index
+ 1;
1834 static CPUState
*find_cpu(uint32_t thread_id
)
1838 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1839 if (gdb_id(env
) == thread_id
) {
1847 static int gdb_handle_packet(GDBState
*s
, const char *line_buf
)
1852 int ch
, reg_size
, type
, res
;
1853 char buf
[MAX_PACKET_LENGTH
];
1854 uint8_t mem_buf
[MAX_PACKET_LENGTH
];
1856 target_ulong addr
, len
;
1859 printf("command='%s'\n", line_buf
);
1865 /* TODO: Make this return the correct value for user-mode. */
1866 snprintf(buf
, sizeof(buf
), "T%02xthread:%02x;", GDB_SIGNAL_TRAP
,
1869 /* Remove all the breakpoints when this query is issued,
1870 * because gdb is doing and initial connect and the state
1871 * should be cleaned up.
1873 gdb_breakpoint_remove_all();
1877 addr
= strtoull(p
, (char **)&p
, 16);
1878 gdb_set_cpu_pc(s
, addr
);
1884 s
->signal
= gdb_signal_to_target (strtoul(p
, (char **)&p
, 16));
1885 if (s
->signal
== -1)
1890 if (strncmp(p
, "Cont", 4) == 0) {
1891 int res_signal
, res_thread
;
1895 put_packet(s
, "vCont;c;C;s;S");
1910 if (action
== 'C' || action
== 'S') {
1911 signal
= strtoul(p
, (char **)&p
, 16);
1912 } else if (action
!= 'c' && action
!= 's') {
1918 thread
= strtoull(p
+1, (char **)&p
, 16);
1920 action
= tolower(action
);
1921 if (res
== 0 || (res
== 'c' && action
== 's')) {
1923 res_signal
= signal
;
1924 res_thread
= thread
;
1928 if (res_thread
!= -1 && res_thread
!= 0) {
1929 env
= find_cpu(res_thread
);
1931 put_packet(s
, "E22");
1937 cpu_single_step(s
->c_cpu
, sstep_flags
);
1939 s
->signal
= res_signal
;
1945 goto unknown_command
;
1948 /* Kill the target */
1949 fprintf(stderr
, "\nQEMU: Terminated via GDBstub\n");
1953 gdb_breakpoint_remove_all();
1954 gdb_syscall_mode
= GDB_SYS_DISABLED
;
1956 put_packet(s
, "OK");
1960 addr
= strtoull(p
, (char **)&p
, 16);
1961 gdb_set_cpu_pc(s
, addr
);
1963 cpu_single_step(s
->c_cpu
, sstep_flags
);
1971 ret
= strtoull(p
, (char **)&p
, 16);
1974 err
= strtoull(p
, (char **)&p
, 16);
1981 if (gdb_current_syscall_cb
)
1982 gdb_current_syscall_cb(s
->c_cpu
, ret
, err
);
1984 put_packet(s
, "T02");
1991 cpu_synchronize_state(s
->g_cpu
);
1993 for (addr
= 0; addr
< num_g_regs
; addr
++) {
1994 reg_size
= gdb_read_register(s
->g_cpu
, mem_buf
+ len
, addr
);
1997 memtohex(buf
, mem_buf
, len
);
2001 cpu_synchronize_state(s
->g_cpu
);
2002 registers
= mem_buf
;
2003 len
= strlen(p
) / 2;
2004 hextomem((uint8_t *)registers
, p
, len
);
2005 for (addr
= 0; addr
< num_g_regs
&& len
> 0; addr
++) {
2006 reg_size
= gdb_write_register(s
->g_cpu
, registers
, addr
);
2008 registers
+= reg_size
;
2010 put_packet(s
, "OK");
2013 addr
= strtoull(p
, (char **)&p
, 16);
2016 len
= strtoull(p
, NULL
, 16);
2017 if (cpu_memory_rw_debug(s
->g_cpu
, addr
, mem_buf
, len
, 0) != 0) {
2018 put_packet (s
, "E14");
2020 memtohex(buf
, mem_buf
, len
);
2025 addr
= strtoull(p
, (char **)&p
, 16);
2028 len
= strtoull(p
, (char **)&p
, 16);
2031 hextomem(mem_buf
, p
, len
);
2032 if (cpu_memory_rw_debug(s
->g_cpu
, addr
, mem_buf
, len
, 1) != 0)
2033 put_packet(s
, "E14");
2035 put_packet(s
, "OK");
2038 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
2039 This works, but can be very slow. Anything new enough to
2040 understand XML also knows how to use this properly. */
2042 goto unknown_command
;
2043 addr
= strtoull(p
, (char **)&p
, 16);
2044 reg_size
= gdb_read_register(s
->g_cpu
, mem_buf
, addr
);
2046 memtohex(buf
, mem_buf
, reg_size
);
2049 put_packet(s
, "E14");
2054 goto unknown_command
;
2055 addr
= strtoull(p
, (char **)&p
, 16);
2058 reg_size
= strlen(p
) / 2;
2059 hextomem(mem_buf
, p
, reg_size
);
2060 gdb_write_register(s
->g_cpu
, mem_buf
, addr
);
2061 put_packet(s
, "OK");
2065 type
= strtoul(p
, (char **)&p
, 16);
2068 addr
= strtoull(p
, (char **)&p
, 16);
2071 len
= strtoull(p
, (char **)&p
, 16);
2073 res
= gdb_breakpoint_insert(addr
, len
, type
);
2075 res
= gdb_breakpoint_remove(addr
, len
, type
);
2077 put_packet(s
, "OK");
2078 else if (res
== -ENOSYS
)
2081 put_packet(s
, "E22");
2085 thread
= strtoull(p
, (char **)&p
, 16);
2086 if (thread
== -1 || thread
== 0) {
2087 put_packet(s
, "OK");
2090 env
= find_cpu(thread
);
2092 put_packet(s
, "E22");
2098 put_packet(s
, "OK");
2102 put_packet(s
, "OK");
2105 put_packet(s
, "E22");
2110 thread
= strtoull(p
, (char **)&p
, 16);
2111 env
= find_cpu(thread
);
2114 put_packet(s
, "OK");
2116 put_packet(s
, "E22");
2121 /* parse any 'q' packets here */
2122 if (!strcmp(p
,"qemu.sstepbits")) {
2123 /* Query Breakpoint bit definitions */
2124 snprintf(buf
, sizeof(buf
), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2130 } else if (strncmp(p
,"qemu.sstep",10) == 0) {
2131 /* Display or change the sstep_flags */
2134 /* Display current setting */
2135 snprintf(buf
, sizeof(buf
), "0x%x", sstep_flags
);
2140 type
= strtoul(p
, (char **)&p
, 16);
2142 put_packet(s
, "OK");
2144 } else if (strcmp(p
,"C") == 0) {
2145 /* "Current thread" remains vague in the spec, so always return
2146 * the first CPU (gdb returns the first thread). */
2147 put_packet(s
, "QC1");
2149 } else if (strcmp(p
,"fThreadInfo") == 0) {
2150 s
->query_cpu
= first_cpu
;
2151 goto report_cpuinfo
;
2152 } else if (strcmp(p
,"sThreadInfo") == 0) {
2155 snprintf(buf
, sizeof(buf
), "m%x", gdb_id(s
->query_cpu
));
2157 s
->query_cpu
= s
->query_cpu
->next_cpu
;
2161 } else if (strncmp(p
,"ThreadExtraInfo,", 16) == 0) {
2162 thread
= strtoull(p
+16, (char **)&p
, 16);
2163 env
= find_cpu(thread
);
2165 cpu_synchronize_state(env
);
2166 len
= snprintf((char *)mem_buf
, sizeof(mem_buf
),
2167 "CPU#%d [%s]", env
->cpu_index
,
2168 env
->halted
? "halted " : "running");
2169 memtohex(buf
, mem_buf
, len
);
2174 #ifdef CONFIG_USER_ONLY
2175 else if (strncmp(p
, "Offsets", 7) == 0) {
2176 TaskState
*ts
= s
->c_cpu
->opaque
;
2178 snprintf(buf
, sizeof(buf
),
2179 "Text=" TARGET_ABI_FMT_lx
";Data=" TARGET_ABI_FMT_lx
2180 ";Bss=" TARGET_ABI_FMT_lx
,
2181 ts
->info
->code_offset
,
2182 ts
->info
->data_offset
,
2183 ts
->info
->data_offset
);
2187 #else /* !CONFIG_USER_ONLY */
2188 else if (strncmp(p
, "Rcmd,", 5) == 0) {
2189 int len
= strlen(p
+ 5);
2191 if ((len
% 2) != 0) {
2192 put_packet(s
, "E01");
2195 hextomem(mem_buf
, p
+ 5, len
);
2198 qemu_chr_read(s
->mon_chr
, mem_buf
, len
);
2199 put_packet(s
, "OK");
2202 #endif /* !CONFIG_USER_ONLY */
2203 if (strncmp(p
, "Supported", 9) == 0) {
2204 snprintf(buf
, sizeof(buf
), "PacketSize=%x", MAX_PACKET_LENGTH
);
2206 pstrcat(buf
, sizeof(buf
), ";qXfer:features:read+");
2212 if (strncmp(p
, "Xfer:features:read:", 19) == 0) {
2214 target_ulong total_len
;
2218 xml
= get_feature_xml(p
, &p
);
2220 snprintf(buf
, sizeof(buf
), "E00");
2227 addr
= strtoul(p
, (char **)&p
, 16);
2230 len
= strtoul(p
, (char **)&p
, 16);
2232 total_len
= strlen(xml
);
2233 if (addr
> total_len
) {
2234 snprintf(buf
, sizeof(buf
), "E00");
2238 if (len
> (MAX_PACKET_LENGTH
- 5) / 2)
2239 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2240 if (len
< total_len
- addr
) {
2242 len
= memtox(buf
+ 1, xml
+ addr
, len
);
2245 len
= memtox(buf
+ 1, xml
+ addr
, total_len
- addr
);
2247 put_packet_binary(s
, buf
, len
+ 1);
2251 /* Unrecognised 'q' command. */
2252 goto unknown_command
;
2256 /* put empty packet */
2264 void gdb_set_stop_cpu(CPUState
*env
)
2266 gdbserver_state
->c_cpu
= env
;
2267 gdbserver_state
->g_cpu
= env
;
2270 #ifndef CONFIG_USER_ONLY
2271 static void gdb_vm_state_change(void *opaque
, int running
, int reason
)
2273 GDBState
*s
= gdbserver_state
;
2274 CPUState
*env
= s
->c_cpu
;
2279 if (running
|| s
->state
== RS_INACTIVE
|| s
->state
== RS_SYSCALL
) {
2284 if (env
->watchpoint_hit
) {
2285 switch (env
->watchpoint_hit
->flags
& BP_MEM_ACCESS
) {
2296 snprintf(buf
, sizeof(buf
),
2297 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx
";",
2298 GDB_SIGNAL_TRAP
, gdb_id(env
), type
,
2299 env
->watchpoint_hit
->vaddr
);
2300 env
->watchpoint_hit
= NULL
;
2304 ret
= GDB_SIGNAL_TRAP
;
2307 ret
= GDB_SIGNAL_INT
;
2309 case VMSTOP_SHUTDOWN
:
2310 ret
= GDB_SIGNAL_QUIT
;
2312 case VMSTOP_DISKFULL
:
2313 ret
= GDB_SIGNAL_IO
;
2315 case VMSTOP_WATCHDOG
:
2316 ret
= GDB_SIGNAL_ALRM
;
2319 ret
= GDB_SIGNAL_ABRT
;
2324 case VMSTOP_MIGRATE
:
2325 ret
= GDB_SIGNAL_XCPU
;
2328 ret
= GDB_SIGNAL_UNKNOWN
;
2331 snprintf(buf
, sizeof(buf
), "T%02xthread:%02x;", ret
, gdb_id(env
));
2336 /* disable single step if it was enabled */
2337 cpu_single_step(env
, 0);
2341 /* Send a gdb syscall request.
2342 This accepts limited printf-style format specifiers, specifically:
2343 %x - target_ulong argument printed in hex.
2344 %lx - 64-bit argument printed in hex.
2345 %s - string pointer (target_ulong) and length (int) pair. */
2346 void gdb_do_syscall(gdb_syscall_complete_cb cb
, const char *fmt
, ...)
2355 s
= gdbserver_state
;
2358 gdb_current_syscall_cb
= cb
;
2359 s
->state
= RS_SYSCALL
;
2360 #ifndef CONFIG_USER_ONLY
2361 vm_stop(VMSTOP_DEBUG
);
2372 addr
= va_arg(va
, target_ulong
);
2373 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, TARGET_FMT_lx
, addr
);
2376 if (*(fmt
++) != 'x')
2378 i64
= va_arg(va
, uint64_t);
2379 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, "%" PRIx64
, i64
);
2382 addr
= va_arg(va
, target_ulong
);
2383 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, TARGET_FMT_lx
"/%x",
2384 addr
, va_arg(va
, int));
2388 fprintf(stderr
, "gdbstub: Bad syscall format string '%s'\n",
2399 #ifdef CONFIG_USER_ONLY
2400 gdb_handlesig(s
->c_cpu
, 0);
2406 static void gdb_read_byte(GDBState
*s
, int ch
)
2411 #ifndef CONFIG_USER_ONLY
2412 if (s
->last_packet_len
) {
2413 /* Waiting for a response to the last packet. If we see the start
2414 of a new command then abandon the previous response. */
2417 printf("Got NACK, retransmitting\n");
2419 put_buffer(s
, (uint8_t *)s
->last_packet
, s
->last_packet_len
);
2423 printf("Got ACK\n");
2425 printf("Got '%c' when expecting ACK/NACK\n", ch
);
2427 if (ch
== '+' || ch
== '$')
2428 s
->last_packet_len
= 0;
2433 /* when the CPU is running, we cannot do anything except stop
2434 it when receiving a char */
2435 vm_stop(VMSTOP_USER
);
2442 s
->line_buf_index
= 0;
2443 s
->state
= RS_GETLINE
;
2448 s
->state
= RS_CHKSUM1
;
2449 } else if (s
->line_buf_index
>= sizeof(s
->line_buf
) - 1) {
2452 s
->line_buf
[s
->line_buf_index
++] = ch
;
2456 s
->line_buf
[s
->line_buf_index
] = '\0';
2457 s
->line_csum
= fromhex(ch
) << 4;
2458 s
->state
= RS_CHKSUM2
;
2461 s
->line_csum
|= fromhex(ch
);
2463 for(i
= 0; i
< s
->line_buf_index
; i
++) {
2464 csum
+= s
->line_buf
[i
];
2466 if (s
->line_csum
!= (csum
& 0xff)) {
2468 put_buffer(s
, &reply
, 1);
2472 put_buffer(s
, &reply
, 1);
2473 s
->state
= gdb_handle_packet(s
, s
->line_buf
);
2482 /* Tell the remote gdb that the process has exited. */
2483 void gdb_exit(CPUState
*env
, int code
)
2488 s
= gdbserver_state
;
2492 #ifdef CONFIG_USER_ONLY
2493 if (gdbserver_fd
< 0 || s
->fd
< 0) {
2498 snprintf(buf
, sizeof(buf
), "W%02x", (uint8_t)code
);
2501 #ifndef CONFIG_USER_ONLY
2503 qemu_chr_close(s
->chr
);
2508 #ifdef CONFIG_USER_ONLY
2514 s
= gdbserver_state
;
2516 if (gdbserver_fd
< 0 || s
->fd
< 0)
2523 gdb_handlesig (CPUState
*env
, int sig
)
2529 s
= gdbserver_state
;
2530 if (gdbserver_fd
< 0 || s
->fd
< 0)
2533 /* disable single step if it was enabled */
2534 cpu_single_step(env
, 0);
2539 snprintf(buf
, sizeof(buf
), "S%02x", target_signal_to_gdb (sig
));
2542 /* put_packet() might have detected that the peer terminated the
2549 s
->running_state
= 0;
2550 while (s
->running_state
== 0) {
2551 n
= read (s
->fd
, buf
, 256);
2556 for (i
= 0; i
< n
; i
++)
2557 gdb_read_byte (s
, buf
[i
]);
2559 else if (n
== 0 || errno
!= EAGAIN
)
2561 /* XXX: Connection closed. Should probably wait for annother
2562 connection before continuing. */
2571 /* Tell the remote gdb that the process has exited due to SIG. */
2572 void gdb_signalled(CPUState
*env
, int sig
)
2577 s
= gdbserver_state
;
2578 if (gdbserver_fd
< 0 || s
->fd
< 0)
2581 snprintf(buf
, sizeof(buf
), "X%02x", target_signal_to_gdb (sig
));
2585 static void gdb_accept(void)
2588 struct sockaddr_in sockaddr
;
2593 len
= sizeof(sockaddr
);
2594 fd
= accept(gdbserver_fd
, (struct sockaddr
*)&sockaddr
, &len
);
2595 if (fd
< 0 && errno
!= EINTR
) {
2598 } else if (fd
>= 0) {
2600 fcntl(fd
, F_SETFD
, FD_CLOEXEC
);
2606 /* set short latency */
2608 setsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, (char *)&val
, sizeof(val
));
2610 s
= qemu_mallocz(sizeof(GDBState
));
2611 s
->c_cpu
= first_cpu
;
2612 s
->g_cpu
= first_cpu
;
2616 gdbserver_state
= s
;
2618 fcntl(fd
, F_SETFL
, O_NONBLOCK
);
2621 static int gdbserver_open(int port
)
2623 struct sockaddr_in sockaddr
;
2626 fd
= socket(PF_INET
, SOCK_STREAM
, 0);
2632 fcntl(fd
, F_SETFD
, FD_CLOEXEC
);
2635 /* allow fast reuse */
2637 setsockopt(fd
, SOL_SOCKET
, SO_REUSEADDR
, (char *)&val
, sizeof(val
));
2639 sockaddr
.sin_family
= AF_INET
;
2640 sockaddr
.sin_port
= htons(port
);
2641 sockaddr
.sin_addr
.s_addr
= 0;
2642 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
2647 ret
= listen(fd
, 0);
2655 int gdbserver_start(int port
)
2657 gdbserver_fd
= gdbserver_open(port
);
2658 if (gdbserver_fd
< 0)
2660 /* accept connections */
2665 /* Disable gdb stub for child processes. */
2666 void gdbserver_fork(CPUState
*env
)
2668 GDBState
*s
= gdbserver_state
;
2669 if (gdbserver_fd
< 0 || s
->fd
< 0)
2673 cpu_breakpoint_remove_all(env
, BP_GDB
);
2674 cpu_watchpoint_remove_all(env
, BP_GDB
);
2677 static int gdb_chr_can_receive(void *opaque
)
2679 /* We can handle an arbitrarily large amount of data.
2680 Pick the maximum packet size, which is as good as anything. */
2681 return MAX_PACKET_LENGTH
;
2684 static void gdb_chr_receive(void *opaque
, const uint8_t *buf
, int size
)
2688 for (i
= 0; i
< size
; i
++) {
2689 gdb_read_byte(gdbserver_state
, buf
[i
]);
2693 static void gdb_chr_event(void *opaque
, int event
)
2696 case CHR_EVENT_OPENED
:
2697 vm_stop(VMSTOP_USER
);
2705 static void gdb_monitor_output(GDBState
*s
, const char *msg
, int len
)
2707 char buf
[MAX_PACKET_LENGTH
];
2710 if (len
> (MAX_PACKET_LENGTH
/2) - 1)
2711 len
= (MAX_PACKET_LENGTH
/2) - 1;
2712 memtohex(buf
+ 1, (uint8_t *)msg
, len
);
2716 static int gdb_monitor_write(CharDriverState
*chr
, const uint8_t *buf
, int len
)
2718 const char *p
= (const char *)buf
;
2721 max_sz
= (sizeof(gdbserver_state
->last_packet
) - 2) / 2;
2723 if (len
<= max_sz
) {
2724 gdb_monitor_output(gdbserver_state
, p
, len
);
2727 gdb_monitor_output(gdbserver_state
, p
, max_sz
);
2735 static void gdb_sigterm_handler(int signal
)
2738 vm_stop(VMSTOP_USER
);
2743 int gdbserver_start(const char *device
)
2746 char gdbstub_device_name
[128];
2747 CharDriverState
*chr
= NULL
;
2748 CharDriverState
*mon_chr
;
2752 if (strcmp(device
, "none") != 0) {
2753 if (strstart(device
, "tcp:", NULL
)) {
2754 /* enforce required TCP attributes */
2755 snprintf(gdbstub_device_name
, sizeof(gdbstub_device_name
),
2756 "%s,nowait,nodelay,server", device
);
2757 device
= gdbstub_device_name
;
2760 else if (strcmp(device
, "stdio") == 0) {
2761 struct sigaction act
;
2763 memset(&act
, 0, sizeof(act
));
2764 act
.sa_handler
= gdb_sigterm_handler
;
2765 sigaction(SIGINT
, &act
, NULL
);
2768 chr
= qemu_chr_open("gdb", device
, NULL
);
2772 qemu_chr_add_handlers(chr
, gdb_chr_can_receive
, gdb_chr_receive
,
2773 gdb_chr_event
, NULL
);
2776 s
= gdbserver_state
;
2778 s
= qemu_mallocz(sizeof(GDBState
));
2779 gdbserver_state
= s
;
2781 qemu_add_vm_change_state_handler(gdb_vm_state_change
, NULL
);
2783 /* Initialize a monitor terminal for gdb */
2784 mon_chr
= qemu_mallocz(sizeof(*mon_chr
));
2785 mon_chr
->chr_write
= gdb_monitor_write
;
2786 monitor_init(mon_chr
, 0);
2789 qemu_chr_close(s
->chr
);
2790 mon_chr
= s
->mon_chr
;
2791 memset(s
, 0, sizeof(GDBState
));
2793 s
->c_cpu
= first_cpu
;
2794 s
->g_cpu
= first_cpu
;
2796 s
->state
= chr
? RS_IDLE
: RS_INACTIVE
;
2797 s
->mon_chr
= mon_chr
;