4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
33 #include "qemu-char.h"
38 #define MAX_PACKET_LENGTH 4096
41 #include "qemu_socket.h"
44 #ifndef TARGET_CPU_MEMORY_RW_DEBUG
45 static inline int target_memory_rw_debug(CPUState
*env
, target_ulong addr
,
46 uint8_t *buf
, int len
, int is_write
)
48 return cpu_memory_rw_debug(env
, addr
, buf
, len
, is_write
);
51 /* target_memory_rw_debug() defined in cpu.h */
63 GDB_SIGNAL_UNKNOWN
= 143
66 #ifdef CONFIG_USER_ONLY
68 /* Map target signal numbers to GDB protocol signal numbers and vice
69 * versa. For user emulation's currently supported systems, we can
70 * assume most signals are defined.
73 static int gdb_signal_table
[] = {
233 /* In system mode we only need SIGINT and SIGTRAP; other signals
234 are not yet supported. */
241 static int gdb_signal_table
[] = {
251 #ifdef CONFIG_USER_ONLY
252 static int target_signal_to_gdb (int sig
)
255 for (i
= 0; i
< ARRAY_SIZE (gdb_signal_table
); i
++)
256 if (gdb_signal_table
[i
] == sig
)
258 return GDB_SIGNAL_UNKNOWN
;
262 static int gdb_signal_to_target (int sig
)
264 if (sig
< ARRAY_SIZE (gdb_signal_table
))
265 return gdb_signal_table
[sig
];
272 typedef struct GDBRegisterState
{
278 struct GDBRegisterState
*next
;
289 typedef struct GDBState
{
290 CPUState
*c_cpu
; /* current CPU for step/continue ops */
291 CPUState
*g_cpu
; /* current CPU for other ops */
292 CPUState
*query_cpu
; /* for q{f|s}ThreadInfo */
293 enum RSState state
; /* parsing state */
294 char line_buf
[MAX_PACKET_LENGTH
];
297 uint8_t last_packet
[MAX_PACKET_LENGTH
+ 4];
300 #ifdef CONFIG_USER_ONLY
304 CharDriverState
*chr
;
305 CharDriverState
*mon_chr
;
309 /* By default use no IRQs and no timers while single stepping so as to
310 * make single stepping like an ICE HW step.
312 static int sstep_flags
= SSTEP_ENABLE
|SSTEP_NOIRQ
|SSTEP_NOTIMER
;
314 static GDBState
*gdbserver_state
;
316 /* This is an ugly hack to cope with both new and old gdb.
317 If gdb sends qXfer:features:read then assume we're talking to a newish
318 gdb that understands target descriptions. */
319 static int gdb_has_xml
;
321 #ifdef CONFIG_USER_ONLY
322 /* XXX: This is not thread safe. Do we care? */
323 static int gdbserver_fd
= -1;
325 static int get_char(GDBState
*s
)
331 ret
= qemu_recv(s
->fd
, &ch
, 1, 0);
333 if (errno
== ECONNRESET
)
335 if (errno
!= EINTR
&& errno
!= EAGAIN
)
337 } else if (ret
== 0) {
349 static gdb_syscall_complete_cb gdb_current_syscall_cb
;
357 /* If gdb is connected when the first semihosting syscall occurs then use
358 remote gdb syscalls. Otherwise use native file IO. */
359 int use_gdb_syscalls(void)
361 if (gdb_syscall_mode
== GDB_SYS_UNKNOWN
) {
362 gdb_syscall_mode
= (gdbserver_state
? GDB_SYS_ENABLED
365 return gdb_syscall_mode
== GDB_SYS_ENABLED
;
368 /* Resume execution. */
369 static inline void gdb_continue(GDBState
*s
)
371 #ifdef CONFIG_USER_ONLY
372 s
->running_state
= 1;
378 static void put_buffer(GDBState
*s
, const uint8_t *buf
, int len
)
380 #ifdef CONFIG_USER_ONLY
384 ret
= send(s
->fd
, buf
, len
, 0);
386 if (errno
!= EINTR
&& errno
!= EAGAIN
)
394 qemu_chr_fe_write(s
->chr
, buf
, len
);
398 static inline int fromhex(int v
)
400 if (v
>= '0' && v
<= '9')
402 else if (v
>= 'A' && v
<= 'F')
404 else if (v
>= 'a' && v
<= 'f')
410 static inline int tohex(int v
)
418 static void memtohex(char *buf
, const uint8_t *mem
, int len
)
423 for(i
= 0; i
< len
; i
++) {
425 *q
++ = tohex(c
>> 4);
426 *q
++ = tohex(c
& 0xf);
431 static void hextomem(uint8_t *mem
, const char *buf
, int len
)
435 for(i
= 0; i
< len
; i
++) {
436 mem
[i
] = (fromhex(buf
[0]) << 4) | fromhex(buf
[1]);
441 /* return -1 if error, 0 if OK */
442 static int put_packet_binary(GDBState
*s
, const char *buf
, int len
)
453 for(i
= 0; i
< len
; i
++) {
457 *(p
++) = tohex((csum
>> 4) & 0xf);
458 *(p
++) = tohex((csum
) & 0xf);
460 s
->last_packet_len
= p
- s
->last_packet
;
461 put_buffer(s
, (uint8_t *)s
->last_packet
, s
->last_packet_len
);
463 #ifdef CONFIG_USER_ONLY
476 /* return -1 if error, 0 if OK */
477 static int put_packet(GDBState
*s
, const char *buf
)
480 printf("reply='%s'\n", buf
);
483 return put_packet_binary(s
, buf
, strlen(buf
));
486 /* The GDB remote protocol transfers values in target byte order. This means
487 we can use the raw memory access routines to access the value buffer.
488 Conveniently, these also handle the case where the buffer is mis-aligned.
490 #define GET_REG8(val) do { \
491 stb_p(mem_buf, val); \
494 #define GET_REG16(val) do { \
495 stw_p(mem_buf, val); \
498 #define GET_REG32(val) do { \
499 stl_p(mem_buf, val); \
502 #define GET_REG64(val) do { \
503 stq_p(mem_buf, val); \
507 #if TARGET_LONG_BITS == 64
508 #define GET_REGL(val) GET_REG64(val)
509 #define ldtul_p(addr) ldq_p(addr)
511 #define GET_REGL(val) GET_REG32(val)
512 #define ldtul_p(addr) ldl_p(addr)
515 #if defined(TARGET_I386)
518 static const int gpr_map
[16] = {
519 R_EAX
, R_EBX
, R_ECX
, R_EDX
, R_ESI
, R_EDI
, R_EBP
, R_ESP
,
520 8, 9, 10, 11, 12, 13, 14, 15
523 #define gpr_map gpr_map32
525 static const int gpr_map32
[8] = { 0, 1, 2, 3, 4, 5, 6, 7 };
527 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
529 #define IDX_IP_REG CPU_NB_REGS
530 #define IDX_FLAGS_REG (IDX_IP_REG + 1)
531 #define IDX_SEG_REGS (IDX_FLAGS_REG + 1)
532 #define IDX_FP_REGS (IDX_SEG_REGS + 6)
533 #define IDX_XMM_REGS (IDX_FP_REGS + 16)
534 #define IDX_MXCSR_REG (IDX_XMM_REGS + CPU_NB_REGS)
536 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
538 if (n
< CPU_NB_REGS
) {
539 if (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
) {
540 GET_REG64(env
->regs
[gpr_map
[n
]]);
541 } else if (n
< CPU_NB_REGS32
) {
542 GET_REG32(env
->regs
[gpr_map32
[n
]]);
544 } else if (n
>= IDX_FP_REGS
&& n
< IDX_FP_REGS
+ 8) {
545 #ifdef USE_X86LDOUBLE
546 /* FIXME: byteswap float values - after fixing fpregs layout. */
547 memcpy(mem_buf
, &env
->fpregs
[n
- IDX_FP_REGS
], 10);
549 memset(mem_buf
, 0, 10);
552 } else if (n
>= IDX_XMM_REGS
&& n
< IDX_XMM_REGS
+ CPU_NB_REGS
) {
554 if (n
< CPU_NB_REGS32
||
555 (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
)) {
556 stq_p(mem_buf
, env
->xmm_regs
[n
].XMM_Q(0));
557 stq_p(mem_buf
+ 8, env
->xmm_regs
[n
].XMM_Q(1));
563 if (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
) {
568 case IDX_FLAGS_REG
: GET_REG32(env
->eflags
);
570 case IDX_SEG_REGS
: GET_REG32(env
->segs
[R_CS
].selector
);
571 case IDX_SEG_REGS
+ 1: GET_REG32(env
->segs
[R_SS
].selector
);
572 case IDX_SEG_REGS
+ 2: GET_REG32(env
->segs
[R_DS
].selector
);
573 case IDX_SEG_REGS
+ 3: GET_REG32(env
->segs
[R_ES
].selector
);
574 case IDX_SEG_REGS
+ 4: GET_REG32(env
->segs
[R_FS
].selector
);
575 case IDX_SEG_REGS
+ 5: GET_REG32(env
->segs
[R_GS
].selector
);
577 case IDX_FP_REGS
+ 8: GET_REG32(env
->fpuc
);
578 case IDX_FP_REGS
+ 9: GET_REG32((env
->fpus
& ~0x3800) |
579 (env
->fpstt
& 0x7) << 11);
580 case IDX_FP_REGS
+ 10: GET_REG32(0); /* ftag */
581 case IDX_FP_REGS
+ 11: GET_REG32(0); /* fiseg */
582 case IDX_FP_REGS
+ 12: GET_REG32(0); /* fioff */
583 case IDX_FP_REGS
+ 13: GET_REG32(0); /* foseg */
584 case IDX_FP_REGS
+ 14: GET_REG32(0); /* fooff */
585 case IDX_FP_REGS
+ 15: GET_REG32(0); /* fop */
587 case IDX_MXCSR_REG
: GET_REG32(env
->mxcsr
);
593 static int cpu_x86_gdb_load_seg(CPUState
*env
, int sreg
, uint8_t *mem_buf
)
595 uint16_t selector
= ldl_p(mem_buf
);
597 if (selector
!= env
->segs
[sreg
].selector
) {
598 #if defined(CONFIG_USER_ONLY)
599 cpu_x86_load_seg(env
, sreg
, selector
);
601 unsigned int limit
, flags
;
604 if (!(env
->cr
[0] & CR0_PE_MASK
) || (env
->eflags
& VM_MASK
)) {
605 base
= selector
<< 4;
609 if (!cpu_x86_get_descr_debug(env
, selector
, &base
, &limit
, &flags
))
612 cpu_x86_load_seg_cache(env
, sreg
, selector
, base
, limit
, flags
);
618 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
622 if (n
< CPU_NB_REGS
) {
623 if (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
) {
624 env
->regs
[gpr_map
[n
]] = ldtul_p(mem_buf
);
625 return sizeof(target_ulong
);
626 } else if (n
< CPU_NB_REGS32
) {
628 env
->regs
[n
] &= ~0xffffffffUL
;
629 env
->regs
[n
] |= (uint32_t)ldl_p(mem_buf
);
632 } else if (n
>= IDX_FP_REGS
&& n
< IDX_FP_REGS
+ 8) {
633 #ifdef USE_X86LDOUBLE
634 /* FIXME: byteswap float values - after fixing fpregs layout. */
635 memcpy(&env
->fpregs
[n
- IDX_FP_REGS
], mem_buf
, 10);
638 } else if (n
>= IDX_XMM_REGS
&& n
< IDX_XMM_REGS
+ CPU_NB_REGS
) {
640 if (n
< CPU_NB_REGS32
||
641 (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
)) {
642 env
->xmm_regs
[n
].XMM_Q(0) = ldq_p(mem_buf
);
643 env
->xmm_regs
[n
].XMM_Q(1) = ldq_p(mem_buf
+ 8);
649 if (TARGET_LONG_BITS
== 64 && env
->hflags
& HF_CS64_MASK
) {
650 env
->eip
= ldq_p(mem_buf
);
653 env
->eip
&= ~0xffffffffUL
;
654 env
->eip
|= (uint32_t)ldl_p(mem_buf
);
658 env
->eflags
= ldl_p(mem_buf
);
661 case IDX_SEG_REGS
: return cpu_x86_gdb_load_seg(env
, R_CS
, mem_buf
);
662 case IDX_SEG_REGS
+ 1: return cpu_x86_gdb_load_seg(env
, R_SS
, mem_buf
);
663 case IDX_SEG_REGS
+ 2: return cpu_x86_gdb_load_seg(env
, R_DS
, mem_buf
);
664 case IDX_SEG_REGS
+ 3: return cpu_x86_gdb_load_seg(env
, R_ES
, mem_buf
);
665 case IDX_SEG_REGS
+ 4: return cpu_x86_gdb_load_seg(env
, R_FS
, mem_buf
);
666 case IDX_SEG_REGS
+ 5: return cpu_x86_gdb_load_seg(env
, R_GS
, mem_buf
);
668 case IDX_FP_REGS
+ 8:
669 env
->fpuc
= ldl_p(mem_buf
);
671 case IDX_FP_REGS
+ 9:
672 tmp
= ldl_p(mem_buf
);
673 env
->fpstt
= (tmp
>> 11) & 7;
674 env
->fpus
= tmp
& ~0x3800;
676 case IDX_FP_REGS
+ 10: /* ftag */ return 4;
677 case IDX_FP_REGS
+ 11: /* fiseg */ return 4;
678 case IDX_FP_REGS
+ 12: /* fioff */ return 4;
679 case IDX_FP_REGS
+ 13: /* foseg */ return 4;
680 case IDX_FP_REGS
+ 14: /* fooff */ return 4;
681 case IDX_FP_REGS
+ 15: /* fop */ return 4;
684 env
->mxcsr
= ldl_p(mem_buf
);
688 /* Unrecognised register. */
692 #elif defined (TARGET_PPC)
694 /* Old gdb always expects FP registers. Newer (xml-aware) gdb only
695 expects whatever the target description contains. Due to a
696 historical mishap the FP registers appear in between core integer
697 regs and PC, MSR, CR, and so forth. We hack round this by giving the
698 FP regs zero size when talking to a newer gdb. */
699 #define NUM_CORE_REGS 71
700 #if defined (TARGET_PPC64)
701 #define GDB_CORE_XML "power64-core.xml"
703 #define GDB_CORE_XML "power-core.xml"
706 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
710 GET_REGL(env
->gpr
[n
]);
715 stfq_p(mem_buf
, env
->fpr
[n
-32]);
719 case 64: GET_REGL(env
->nip
);
720 case 65: GET_REGL(env
->msr
);
725 for (i
= 0; i
< 8; i
++)
726 cr
|= env
->crf
[i
] << (32 - ((i
+ 1) * 4));
729 case 67: GET_REGL(env
->lr
);
730 case 68: GET_REGL(env
->ctr
);
731 case 69: GET_REGL(env
->xer
);
736 GET_REG32(env
->fpscr
);
743 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
747 env
->gpr
[n
] = ldtul_p(mem_buf
);
748 return sizeof(target_ulong
);
753 env
->fpr
[n
-32] = ldfq_p(mem_buf
);
758 env
->nip
= ldtul_p(mem_buf
);
759 return sizeof(target_ulong
);
761 ppc_store_msr(env
, ldtul_p(mem_buf
));
762 return sizeof(target_ulong
);
765 uint32_t cr
= ldl_p(mem_buf
);
767 for (i
= 0; i
< 8; i
++)
768 env
->crf
[i
] = (cr
>> (32 - ((i
+ 1) * 4))) & 0xF;
772 env
->lr
= ldtul_p(mem_buf
);
773 return sizeof(target_ulong
);
775 env
->ctr
= ldtul_p(mem_buf
);
776 return sizeof(target_ulong
);
778 env
->xer
= ldtul_p(mem_buf
);
779 return sizeof(target_ulong
);
790 #elif defined (TARGET_SPARC)
792 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
793 #define NUM_CORE_REGS 86
795 #define NUM_CORE_REGS 72
799 #define GET_REGA(val) GET_REG32(val)
801 #define GET_REGA(val) GET_REGL(val)
804 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
808 GET_REGA(env
->gregs
[n
]);
811 /* register window */
812 GET_REGA(env
->regwptr
[n
- 8]);
814 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
817 GET_REG32(*((uint32_t *)&env
->fpr
[n
- 32]));
819 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
821 case 64: GET_REGA(env
->y
);
822 case 65: GET_REGA(cpu_get_psr(env
));
823 case 66: GET_REGA(env
->wim
);
824 case 67: GET_REGA(env
->tbr
);
825 case 68: GET_REGA(env
->pc
);
826 case 69: GET_REGA(env
->npc
);
827 case 70: GET_REGA(env
->fsr
);
828 case 71: GET_REGA(0); /* csr */
829 default: GET_REGA(0);
834 GET_REG32(*((uint32_t *)&env
->fpr
[n
- 32]));
837 /* f32-f62 (double width, even numbers only) */
840 val
= (uint64_t)*((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 32]) << 32;
841 val
|= *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 33]);
845 case 80: GET_REGL(env
->pc
);
846 case 81: GET_REGL(env
->npc
);
847 case 82: GET_REGL((cpu_get_ccr(env
) << 32) |
848 ((env
->asi
& 0xff) << 24) |
849 ((env
->pstate
& 0xfff) << 8) |
851 case 83: GET_REGL(env
->fsr
);
852 case 84: GET_REGL(env
->fprs
);
853 case 85: GET_REGL(env
->y
);
859 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
861 #if defined(TARGET_ABI32)
864 tmp
= ldl_p(mem_buf
);
868 tmp
= ldtul_p(mem_buf
);
875 /* register window */
876 env
->regwptr
[n
- 8] = tmp
;
878 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
881 *((uint32_t *)&env
->fpr
[n
- 32]) = tmp
;
883 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
885 case 64: env
->y
= tmp
; break;
886 case 65: cpu_put_psr(env
, tmp
); break;
887 case 66: env
->wim
= tmp
; break;
888 case 67: env
->tbr
= tmp
; break;
889 case 68: env
->pc
= tmp
; break;
890 case 69: env
->npc
= tmp
; break;
891 case 70: env
->fsr
= tmp
; break;
899 env
->fpr
[n
] = ldfl_p(mem_buf
);
902 /* f32-f62 (double width, even numbers only) */
903 *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 32]) = tmp
>> 32;
904 *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 33]) = tmp
;
907 case 80: env
->pc
= tmp
; break;
908 case 81: env
->npc
= tmp
; break;
910 cpu_put_ccr(env
, tmp
>> 32);
911 env
->asi
= (tmp
>> 24) & 0xff;
912 env
->pstate
= (tmp
>> 8) & 0xfff;
913 cpu_put_cwp64(env
, tmp
& 0xff);
915 case 83: env
->fsr
= tmp
; break;
916 case 84: env
->fprs
= tmp
; break;
917 case 85: env
->y
= tmp
; break;
924 #elif defined (TARGET_ARM)
926 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
927 whatever the target description contains. Due to a historical mishap
928 the FPA registers appear in between core integer regs and the CPSR.
929 We hack round this by giving the FPA regs zero size when talking to a
931 #define NUM_CORE_REGS 26
932 #define GDB_CORE_XML "arm-core.xml"
934 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
937 /* Core integer register. */
938 GET_REG32(env
->regs
[n
]);
944 memset(mem_buf
, 0, 12);
949 /* FPA status register. */
955 GET_REG32(cpsr_read(env
));
957 /* Unknown register. */
961 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
965 tmp
= ldl_p(mem_buf
);
967 /* Mask out low bit of PC to workaround gdb bugs. This will probably
968 cause problems if we ever implement the Jazelle DBX extensions. */
973 /* Core integer register. */
977 if (n
< 24) { /* 16-23 */
978 /* FPA registers (ignored). */
985 /* FPA status register (ignored). */
991 cpsr_write (env
, tmp
, 0xffffffff);
994 /* Unknown register. */
998 #elif defined (TARGET_M68K)
1000 #define NUM_CORE_REGS 18
1002 #define GDB_CORE_XML "cf-core.xml"
1004 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1008 GET_REG32(env
->dregs
[n
]);
1009 } else if (n
< 16) {
1011 GET_REG32(env
->aregs
[n
- 8]);
1014 case 16: GET_REG32(env
->sr
);
1015 case 17: GET_REG32(env
->pc
);
1018 /* FP registers not included here because they vary between
1019 ColdFire and m68k. Use XML bits for these. */
1023 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1027 tmp
= ldl_p(mem_buf
);
1031 env
->dregs
[n
] = tmp
;
1032 } else if (n
< 16) {
1034 env
->aregs
[n
- 8] = tmp
;
1037 case 16: env
->sr
= tmp
; break;
1038 case 17: env
->pc
= tmp
; break;
1044 #elif defined (TARGET_MIPS)
1046 #define NUM_CORE_REGS 73
1048 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1051 GET_REGL(env
->active_tc
.gpr
[n
]);
1053 if (env
->CP0_Config1
& (1 << CP0C1_FP
)) {
1054 if (n
>= 38 && n
< 70) {
1055 if (env
->CP0_Status
& (1 << CP0St_FR
))
1056 GET_REGL(env
->active_fpu
.fpr
[n
- 38].d
);
1058 GET_REGL(env
->active_fpu
.fpr
[n
- 38].w
[FP_ENDIAN_IDX
]);
1061 case 70: GET_REGL((int32_t)env
->active_fpu
.fcr31
);
1062 case 71: GET_REGL((int32_t)env
->active_fpu
.fcr0
);
1066 case 32: GET_REGL((int32_t)env
->CP0_Status
);
1067 case 33: GET_REGL(env
->active_tc
.LO
[0]);
1068 case 34: GET_REGL(env
->active_tc
.HI
[0]);
1069 case 35: GET_REGL(env
->CP0_BadVAddr
);
1070 case 36: GET_REGL((int32_t)env
->CP0_Cause
);
1071 case 37: GET_REGL(env
->active_tc
.PC
| !!(env
->hflags
& MIPS_HFLAG_M16
));
1072 case 72: GET_REGL(0); /* fp */
1073 case 89: GET_REGL((int32_t)env
->CP0_PRid
);
1075 if (n
>= 73 && n
<= 88) {
1076 /* 16 embedded regs. */
1083 /* convert MIPS rounding mode in FCR31 to IEEE library */
1084 static unsigned int ieee_rm
[] =
1086 float_round_nearest_even
,
1087 float_round_to_zero
,
1091 #define RESTORE_ROUNDING_MODE \
1092 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
1094 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1098 tmp
= ldtul_p(mem_buf
);
1101 env
->active_tc
.gpr
[n
] = tmp
;
1102 return sizeof(target_ulong
);
1104 if (env
->CP0_Config1
& (1 << CP0C1_FP
)
1105 && n
>= 38 && n
< 73) {
1107 if (env
->CP0_Status
& (1 << CP0St_FR
))
1108 env
->active_fpu
.fpr
[n
- 38].d
= tmp
;
1110 env
->active_fpu
.fpr
[n
- 38].w
[FP_ENDIAN_IDX
] = tmp
;
1114 env
->active_fpu
.fcr31
= tmp
& 0xFF83FFFF;
1115 /* set rounding mode */
1116 RESTORE_ROUNDING_MODE
;
1118 case 71: env
->active_fpu
.fcr0
= tmp
; break;
1120 return sizeof(target_ulong
);
1123 case 32: env
->CP0_Status
= tmp
; break;
1124 case 33: env
->active_tc
.LO
[0] = tmp
; break;
1125 case 34: env
->active_tc
.HI
[0] = tmp
; break;
1126 case 35: env
->CP0_BadVAddr
= tmp
; break;
1127 case 36: env
->CP0_Cause
= tmp
; break;
1129 env
->active_tc
.PC
= tmp
& ~(target_ulong
)1;
1131 env
->hflags
|= MIPS_HFLAG_M16
;
1133 env
->hflags
&= ~(MIPS_HFLAG_M16
);
1136 case 72: /* fp, ignored */ break;
1140 /* Other registers are readonly. Ignore writes. */
1144 return sizeof(target_ulong
);
1146 #elif defined (TARGET_SH4)
1148 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
1149 /* FIXME: We should use XML for this. */
1151 #define NUM_CORE_REGS 59
1153 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1156 if ((env
->sr
& (SR_MD
| SR_RB
)) == (SR_MD
| SR_RB
)) {
1157 GET_REGL(env
->gregs
[n
+ 16]);
1159 GET_REGL(env
->gregs
[n
]);
1161 } else if (n
< 16) {
1162 GET_REGL(env
->gregs
[n
]);
1163 } else if (n
>= 25 && n
< 41) {
1164 GET_REGL(env
->fregs
[(n
- 25) + ((env
->fpscr
& FPSCR_FR
) ? 16 : 0)]);
1165 } else if (n
>= 43 && n
< 51) {
1166 GET_REGL(env
->gregs
[n
- 43]);
1167 } else if (n
>= 51 && n
< 59) {
1168 GET_REGL(env
->gregs
[n
- (51 - 16)]);
1171 case 16: GET_REGL(env
->pc
);
1172 case 17: GET_REGL(env
->pr
);
1173 case 18: GET_REGL(env
->gbr
);
1174 case 19: GET_REGL(env
->vbr
);
1175 case 20: GET_REGL(env
->mach
);
1176 case 21: GET_REGL(env
->macl
);
1177 case 22: GET_REGL(env
->sr
);
1178 case 23: GET_REGL(env
->fpul
);
1179 case 24: GET_REGL(env
->fpscr
);
1180 case 41: GET_REGL(env
->ssr
);
1181 case 42: GET_REGL(env
->spc
);
1187 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1191 tmp
= ldl_p(mem_buf
);
1194 if ((env
->sr
& (SR_MD
| SR_RB
)) == (SR_MD
| SR_RB
)) {
1195 env
->gregs
[n
+ 16] = tmp
;
1197 env
->gregs
[n
] = tmp
;
1200 } else if (n
< 16) {
1201 env
->gregs
[n
] = tmp
;
1203 } else if (n
>= 25 && n
< 41) {
1204 env
->fregs
[(n
- 25) + ((env
->fpscr
& FPSCR_FR
) ? 16 : 0)] = tmp
;
1206 } else if (n
>= 43 && n
< 51) {
1207 env
->gregs
[n
- 43] = tmp
;
1209 } else if (n
>= 51 && n
< 59) {
1210 env
->gregs
[n
- (51 - 16)] = tmp
;
1214 case 16: env
->pc
= tmp
; break;
1215 case 17: env
->pr
= tmp
; break;
1216 case 18: env
->gbr
= tmp
; break;
1217 case 19: env
->vbr
= tmp
; break;
1218 case 20: env
->mach
= tmp
; break;
1219 case 21: env
->macl
= tmp
; break;
1220 case 22: env
->sr
= tmp
; break;
1221 case 23: env
->fpul
= tmp
; break;
1222 case 24: env
->fpscr
= tmp
; break;
1223 case 41: env
->ssr
= tmp
; break;
1224 case 42: env
->spc
= tmp
; break;
1230 #elif defined (TARGET_MICROBLAZE)
1232 #define NUM_CORE_REGS (32 + 5)
1234 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1237 GET_REG32(env
->regs
[n
]);
1239 GET_REG32(env
->sregs
[n
- 32]);
1244 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1248 if (n
> NUM_CORE_REGS
)
1251 tmp
= ldl_p(mem_buf
);
1256 env
->sregs
[n
- 32] = tmp
;
1260 #elif defined (TARGET_CRIS)
1262 #define NUM_CORE_REGS 49
1265 read_register_crisv10(CPUState
*env
, uint8_t *mem_buf
, int n
)
1268 GET_REG32(env
->regs
[n
]);
1278 GET_REG8(env
->pregs
[n
- 16]);
1281 GET_REG8(env
->pregs
[n
- 16]);
1285 GET_REG16(env
->pregs
[n
- 16]);
1289 GET_REG32(env
->pregs
[n
- 16]);
1297 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1301 if (env
->pregs
[PR_VR
] < 32)
1302 return read_register_crisv10(env
, mem_buf
, n
);
1304 srs
= env
->pregs
[PR_SRS
];
1306 GET_REG32(env
->regs
[n
]);
1309 if (n
>= 21 && n
< 32) {
1310 GET_REG32(env
->pregs
[n
- 16]);
1312 if (n
>= 33 && n
< 49) {
1313 GET_REG32(env
->sregs
[srs
][n
- 33]);
1316 case 16: GET_REG8(env
->pregs
[0]);
1317 case 17: GET_REG8(env
->pregs
[1]);
1318 case 18: GET_REG32(env
->pregs
[2]);
1319 case 19: GET_REG8(srs
);
1320 case 20: GET_REG16(env
->pregs
[4]);
1321 case 32: GET_REG32(env
->pc
);
1327 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1334 tmp
= ldl_p(mem_buf
);
1340 if (n
>= 21 && n
< 32) {
1341 env
->pregs
[n
- 16] = tmp
;
1344 /* FIXME: Should support function regs be writable? */
1348 case 18: env
->pregs
[PR_PID
] = tmp
; break;
1351 case 32: env
->pc
= tmp
; break;
1356 #elif defined (TARGET_ALPHA)
1358 #define NUM_CORE_REGS 67
1360 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1370 d
.d
= env
->fir
[n
- 32];
1374 val
= cpu_alpha_load_fpcr(env
);
1384 /* 31 really is the zero register; 65 is unassigned in the
1385 gdb protocol, but is still required to occupy 8 bytes. */
1394 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1396 target_ulong tmp
= ldtul_p(mem_buf
);
1405 env
->fir
[n
- 32] = d
.d
;
1408 cpu_alpha_store_fpcr(env
, tmp
);
1418 /* 31 really is the zero register; 65 is unassigned in the
1419 gdb protocol, but is still required to occupy 8 bytes. */
1426 #elif defined (TARGET_S390X)
1428 #define NUM_CORE_REGS S390_NUM_TOTAL_REGS
1430 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1433 case S390_PSWM_REGNUM
: GET_REGL(env
->psw
.mask
); break;
1434 case S390_PSWA_REGNUM
: GET_REGL(env
->psw
.addr
); break;
1435 case S390_R0_REGNUM
... S390_R15_REGNUM
:
1436 GET_REGL(env
->regs
[n
-S390_R0_REGNUM
]); break;
1437 case S390_A0_REGNUM
... S390_A15_REGNUM
:
1438 GET_REG32(env
->aregs
[n
-S390_A0_REGNUM
]); break;
1439 case S390_FPC_REGNUM
: GET_REG32(env
->fpc
); break;
1440 case S390_F0_REGNUM
... S390_F15_REGNUM
:
1443 case S390_PC_REGNUM
: GET_REGL(env
->psw
.addr
); break;
1444 case S390_CC_REGNUM
:
1445 env
->cc_op
= calc_cc(env
, env
->cc_op
, env
->cc_src
, env
->cc_dst
,
1447 GET_REG32(env
->cc_op
);
1454 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1459 tmpl
= ldtul_p(mem_buf
);
1460 tmp32
= ldl_p(mem_buf
);
1463 case S390_PSWM_REGNUM
: env
->psw
.mask
= tmpl
; break;
1464 case S390_PSWA_REGNUM
: env
->psw
.addr
= tmpl
; break;
1465 case S390_R0_REGNUM
... S390_R15_REGNUM
:
1466 env
->regs
[n
-S390_R0_REGNUM
] = tmpl
; break;
1467 case S390_A0_REGNUM
... S390_A15_REGNUM
:
1468 env
->aregs
[n
-S390_A0_REGNUM
] = tmp32
; r
=4; break;
1469 case S390_FPC_REGNUM
: env
->fpc
= tmp32
; r
=4; break;
1470 case S390_F0_REGNUM
... S390_F15_REGNUM
:
1473 case S390_PC_REGNUM
: env
->psw
.addr
= tmpl
; break;
1474 case S390_CC_REGNUM
: env
->cc_op
= tmp32
; r
=4; break;
1479 #elif defined (TARGET_LM32)
1481 #include "hw/lm32_pic.h"
1482 #define NUM_CORE_REGS (32 + 7)
1484 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1487 GET_REG32(env
->regs
[n
]);
1493 /* FIXME: put in right exception ID */
1498 GET_REG32(env
->eba
);
1501 GET_REG32(env
->deba
);
1507 GET_REG32(lm32_pic_get_im(env
->pic_state
));
1510 GET_REG32(lm32_pic_get_ip(env
->pic_state
));
1517 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1521 if (n
> NUM_CORE_REGS
) {
1525 tmp
= ldl_p(mem_buf
);
1544 lm32_pic_set_im(env
->pic_state
, tmp
);
1547 lm32_pic_set_ip(env
->pic_state
, tmp
);
1553 #elif defined(TARGET_XTENSA)
1555 /* Use num_core_regs to see only non-privileged registers in an unmodified gdb.
1556 * Use num_regs to see all registers. gdb modification is required for that:
1557 * reset bit 0 in the 'flags' field of the registers definitions in the
1558 * gdb/xtensa-config.c inside gdb source tree or inside gdb overlay.
1560 #define NUM_CORE_REGS (env->config->gdb_regmap.num_regs)
1561 #define num_g_regs NUM_CORE_REGS
1563 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1565 const XtensaGdbReg
*reg
= env
->config
->gdb_regmap
.reg
+ n
;
1567 if (n
< 0 || n
>= env
->config
->gdb_regmap
.num_regs
) {
1571 switch (reg
->type
) {
1577 xtensa_sync_phys_from_window(env
);
1578 GET_REG32(env
->phys_regs
[(reg
->targno
& 0xff) % env
->config
->nareg
]);
1582 GET_REG32(env
->sregs
[reg
->targno
& 0xff]);
1586 GET_REG32(env
->uregs
[reg
->targno
& 0xff]);
1590 GET_REG32(env
->regs
[reg
->targno
& 0x0f]);
1594 qemu_log("%s from reg %d of unsupported type %d\n",
1595 __func__
, n
, reg
->type
);
1600 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1603 const XtensaGdbReg
*reg
= env
->config
->gdb_regmap
.reg
+ n
;
1605 if (n
< 0 || n
>= env
->config
->gdb_regmap
.num_regs
) {
1609 tmp
= ldl_p(mem_buf
);
1611 switch (reg
->type
) {
1617 env
->phys_regs
[(reg
->targno
& 0xff) % env
->config
->nareg
] = tmp
;
1618 xtensa_sync_window_from_phys(env
);
1622 env
->sregs
[reg
->targno
& 0xff] = tmp
;
1626 env
->uregs
[reg
->targno
& 0xff] = tmp
;
1630 env
->regs
[reg
->targno
& 0x0f] = tmp
;
1634 qemu_log("%s to reg %d of unsupported type %d\n",
1635 __func__
, n
, reg
->type
);
1643 #define NUM_CORE_REGS 0
1645 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1650 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1657 #if !defined(TARGET_XTENSA)
1658 static int num_g_regs
= NUM_CORE_REGS
;
1662 /* Encode data using the encoding for 'x' packets. */
1663 static int memtox(char *buf
, const char *mem
, int len
)
1671 case '#': case '$': case '*': case '}':
1683 static const char *get_feature_xml(const char *p
, const char **newp
)
1688 static char target_xml
[1024];
1691 while (p
[len
] && p
[len
] != ':')
1696 if (strncmp(p
, "target.xml", len
) == 0) {
1697 /* Generate the XML description for this CPU. */
1698 if (!target_xml
[0]) {
1699 GDBRegisterState
*r
;
1701 snprintf(target_xml
, sizeof(target_xml
),
1702 "<?xml version=\"1.0\"?>"
1703 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1705 "<xi:include href=\"%s\"/>",
1708 for (r
= first_cpu
->gdb_regs
; r
; r
= r
->next
) {
1709 pstrcat(target_xml
, sizeof(target_xml
), "<xi:include href=\"");
1710 pstrcat(target_xml
, sizeof(target_xml
), r
->xml
);
1711 pstrcat(target_xml
, sizeof(target_xml
), "\"/>");
1713 pstrcat(target_xml
, sizeof(target_xml
), "</target>");
1717 for (i
= 0; ; i
++) {
1718 name
= xml_builtin
[i
][0];
1719 if (!name
|| (strncmp(name
, p
, len
) == 0 && strlen(name
) == len
))
1722 return name
? xml_builtin
[i
][1] : NULL
;
1726 static int gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int reg
)
1728 GDBRegisterState
*r
;
1730 if (reg
< NUM_CORE_REGS
)
1731 return cpu_gdb_read_register(env
, mem_buf
, reg
);
1733 for (r
= env
->gdb_regs
; r
; r
= r
->next
) {
1734 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
1735 return r
->get_reg(env
, mem_buf
, reg
- r
->base_reg
);
1741 static int gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int reg
)
1743 GDBRegisterState
*r
;
1745 if (reg
< NUM_CORE_REGS
)
1746 return cpu_gdb_write_register(env
, mem_buf
, reg
);
1748 for (r
= env
->gdb_regs
; r
; r
= r
->next
) {
1749 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
1750 return r
->set_reg(env
, mem_buf
, reg
- r
->base_reg
);
1756 #if !defined(TARGET_XTENSA)
1757 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1758 specifies the first register number and these registers are included in
1759 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1760 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1763 void gdb_register_coprocessor(CPUState
* env
,
1764 gdb_reg_cb get_reg
, gdb_reg_cb set_reg
,
1765 int num_regs
, const char *xml
, int g_pos
)
1767 GDBRegisterState
*s
;
1768 GDBRegisterState
**p
;
1769 static int last_reg
= NUM_CORE_REGS
;
1771 s
= (GDBRegisterState
*)g_malloc0(sizeof(GDBRegisterState
));
1772 s
->base_reg
= last_reg
;
1773 s
->num_regs
= num_regs
;
1774 s
->get_reg
= get_reg
;
1775 s
->set_reg
= set_reg
;
1779 /* Check for duplicates. */
1780 if (strcmp((*p
)->xml
, xml
) == 0)
1784 /* Add to end of list. */
1785 last_reg
+= num_regs
;
1788 if (g_pos
!= s
->base_reg
) {
1789 fprintf(stderr
, "Error: Bad gdb register numbering for '%s'\n"
1790 "Expected %d got %d\n", xml
, g_pos
, s
->base_reg
);
1792 num_g_regs
= last_reg
;
1798 #ifndef CONFIG_USER_ONLY
1799 static const int xlat_gdb_type
[] = {
1800 [GDB_WATCHPOINT_WRITE
] = BP_GDB
| BP_MEM_WRITE
,
1801 [GDB_WATCHPOINT_READ
] = BP_GDB
| BP_MEM_READ
,
1802 [GDB_WATCHPOINT_ACCESS
] = BP_GDB
| BP_MEM_ACCESS
,
1806 static int gdb_breakpoint_insert(target_ulong addr
, target_ulong len
, int type
)
1812 return kvm_insert_breakpoint(gdbserver_state
->c_cpu
, addr
, len
, type
);
1815 case GDB_BREAKPOINT_SW
:
1816 case GDB_BREAKPOINT_HW
:
1817 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1818 err
= cpu_breakpoint_insert(env
, addr
, BP_GDB
, NULL
);
1823 #ifndef CONFIG_USER_ONLY
1824 case GDB_WATCHPOINT_WRITE
:
1825 case GDB_WATCHPOINT_READ
:
1826 case GDB_WATCHPOINT_ACCESS
:
1827 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1828 err
= cpu_watchpoint_insert(env
, addr
, len
, xlat_gdb_type
[type
],
1840 static int gdb_breakpoint_remove(target_ulong addr
, target_ulong len
, int type
)
1846 return kvm_remove_breakpoint(gdbserver_state
->c_cpu
, addr
, len
, type
);
1849 case GDB_BREAKPOINT_SW
:
1850 case GDB_BREAKPOINT_HW
:
1851 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1852 err
= cpu_breakpoint_remove(env
, addr
, BP_GDB
);
1857 #ifndef CONFIG_USER_ONLY
1858 case GDB_WATCHPOINT_WRITE
:
1859 case GDB_WATCHPOINT_READ
:
1860 case GDB_WATCHPOINT_ACCESS
:
1861 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1862 err
= cpu_watchpoint_remove(env
, addr
, len
, xlat_gdb_type
[type
]);
1873 static void gdb_breakpoint_remove_all(void)
1877 if (kvm_enabled()) {
1878 kvm_remove_all_breakpoints(gdbserver_state
->c_cpu
);
1882 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1883 cpu_breakpoint_remove_all(env
, BP_GDB
);
1884 #ifndef CONFIG_USER_ONLY
1885 cpu_watchpoint_remove_all(env
, BP_GDB
);
1890 static void gdb_set_cpu_pc(GDBState
*s
, target_ulong pc
)
1892 #if defined(TARGET_I386)
1893 cpu_synchronize_state(s
->c_cpu
);
1895 #elif defined (TARGET_PPC)
1897 #elif defined (TARGET_SPARC)
1899 s
->c_cpu
->npc
= pc
+ 4;
1900 #elif defined (TARGET_ARM)
1901 s
->c_cpu
->regs
[15] = pc
;
1902 #elif defined (TARGET_SH4)
1904 #elif defined (TARGET_MIPS)
1905 s
->c_cpu
->active_tc
.PC
= pc
& ~(target_ulong
)1;
1907 s
->c_cpu
->hflags
|= MIPS_HFLAG_M16
;
1909 s
->c_cpu
->hflags
&= ~(MIPS_HFLAG_M16
);
1911 #elif defined (TARGET_MICROBLAZE)
1912 s
->c_cpu
->sregs
[SR_PC
] = pc
;
1913 #elif defined (TARGET_CRIS)
1915 #elif defined (TARGET_ALPHA)
1917 #elif defined (TARGET_S390X)
1918 cpu_synchronize_state(s
->c_cpu
);
1919 s
->c_cpu
->psw
.addr
= pc
;
1920 #elif defined (TARGET_LM32)
1922 #elif defined(TARGET_XTENSA)
1927 static inline int gdb_id(CPUState
*env
)
1929 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_USE_NPTL)
1930 return env
->host_tid
;
1932 return env
->cpu_index
+ 1;
1936 static CPUState
*find_cpu(uint32_t thread_id
)
1940 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1941 if (gdb_id(env
) == thread_id
) {
1949 static int gdb_handle_packet(GDBState
*s
, const char *line_buf
)
1954 int ch
, reg_size
, type
, res
;
1955 char buf
[MAX_PACKET_LENGTH
];
1956 uint8_t mem_buf
[MAX_PACKET_LENGTH
];
1958 target_ulong addr
, len
;
1961 printf("command='%s'\n", line_buf
);
1967 /* TODO: Make this return the correct value for user-mode. */
1968 snprintf(buf
, sizeof(buf
), "T%02xthread:%02x;", GDB_SIGNAL_TRAP
,
1971 /* Remove all the breakpoints when this query is issued,
1972 * because gdb is doing and initial connect and the state
1973 * should be cleaned up.
1975 gdb_breakpoint_remove_all();
1979 addr
= strtoull(p
, (char **)&p
, 16);
1980 gdb_set_cpu_pc(s
, addr
);
1986 s
->signal
= gdb_signal_to_target (strtoul(p
, (char **)&p
, 16));
1987 if (s
->signal
== -1)
1992 if (strncmp(p
, "Cont", 4) == 0) {
1993 int res_signal
, res_thread
;
1997 put_packet(s
, "vCont;c;C;s;S");
2012 if (action
== 'C' || action
== 'S') {
2013 signal
= strtoul(p
, (char **)&p
, 16);
2014 } else if (action
!= 'c' && action
!= 's') {
2020 thread
= strtoull(p
+1, (char **)&p
, 16);
2022 action
= tolower(action
);
2023 if (res
== 0 || (res
== 'c' && action
== 's')) {
2025 res_signal
= signal
;
2026 res_thread
= thread
;
2030 if (res_thread
!= -1 && res_thread
!= 0) {
2031 env
= find_cpu(res_thread
);
2033 put_packet(s
, "E22");
2039 cpu_single_step(s
->c_cpu
, sstep_flags
);
2041 s
->signal
= res_signal
;
2047 goto unknown_command
;
2050 /* Kill the target */
2051 fprintf(stderr
, "\nQEMU: Terminated via GDBstub\n");
2055 gdb_breakpoint_remove_all();
2056 gdb_syscall_mode
= GDB_SYS_DISABLED
;
2058 put_packet(s
, "OK");
2062 addr
= strtoull(p
, (char **)&p
, 16);
2063 gdb_set_cpu_pc(s
, addr
);
2065 cpu_single_step(s
->c_cpu
, sstep_flags
);
2073 ret
= strtoull(p
, (char **)&p
, 16);
2076 err
= strtoull(p
, (char **)&p
, 16);
2083 if (gdb_current_syscall_cb
)
2084 gdb_current_syscall_cb(s
->c_cpu
, ret
, err
);
2086 put_packet(s
, "T02");
2093 cpu_synchronize_state(s
->g_cpu
);
2096 for (addr
= 0; addr
< num_g_regs
; addr
++) {
2097 reg_size
= gdb_read_register(s
->g_cpu
, mem_buf
+ len
, addr
);
2100 memtohex(buf
, mem_buf
, len
);
2104 cpu_synchronize_state(s
->g_cpu
);
2106 registers
= mem_buf
;
2107 len
= strlen(p
) / 2;
2108 hextomem((uint8_t *)registers
, p
, len
);
2109 for (addr
= 0; addr
< num_g_regs
&& len
> 0; addr
++) {
2110 reg_size
= gdb_write_register(s
->g_cpu
, registers
, addr
);
2112 registers
+= reg_size
;
2114 put_packet(s
, "OK");
2117 addr
= strtoull(p
, (char **)&p
, 16);
2120 len
= strtoull(p
, NULL
, 16);
2121 if (target_memory_rw_debug(s
->g_cpu
, addr
, mem_buf
, len
, 0) != 0) {
2122 put_packet (s
, "E14");
2124 memtohex(buf
, mem_buf
, len
);
2129 addr
= strtoull(p
, (char **)&p
, 16);
2132 len
= strtoull(p
, (char **)&p
, 16);
2135 hextomem(mem_buf
, p
, len
);
2136 if (target_memory_rw_debug(s
->g_cpu
, addr
, mem_buf
, len
, 1) != 0) {
2137 put_packet(s
, "E14");
2139 put_packet(s
, "OK");
2143 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
2144 This works, but can be very slow. Anything new enough to
2145 understand XML also knows how to use this properly. */
2147 goto unknown_command
;
2148 addr
= strtoull(p
, (char **)&p
, 16);
2149 reg_size
= gdb_read_register(s
->g_cpu
, mem_buf
, addr
);
2151 memtohex(buf
, mem_buf
, reg_size
);
2154 put_packet(s
, "E14");
2159 goto unknown_command
;
2160 addr
= strtoull(p
, (char **)&p
, 16);
2163 reg_size
= strlen(p
) / 2;
2164 hextomem(mem_buf
, p
, reg_size
);
2165 gdb_write_register(s
->g_cpu
, mem_buf
, addr
);
2166 put_packet(s
, "OK");
2170 type
= strtoul(p
, (char **)&p
, 16);
2173 addr
= strtoull(p
, (char **)&p
, 16);
2176 len
= strtoull(p
, (char **)&p
, 16);
2178 res
= gdb_breakpoint_insert(addr
, len
, type
);
2180 res
= gdb_breakpoint_remove(addr
, len
, type
);
2182 put_packet(s
, "OK");
2183 else if (res
== -ENOSYS
)
2186 put_packet(s
, "E22");
2190 thread
= strtoull(p
, (char **)&p
, 16);
2191 if (thread
== -1 || thread
== 0) {
2192 put_packet(s
, "OK");
2195 env
= find_cpu(thread
);
2197 put_packet(s
, "E22");
2203 put_packet(s
, "OK");
2207 put_packet(s
, "OK");
2210 put_packet(s
, "E22");
2215 thread
= strtoull(p
, (char **)&p
, 16);
2216 env
= find_cpu(thread
);
2219 put_packet(s
, "OK");
2221 put_packet(s
, "E22");
2226 /* parse any 'q' packets here */
2227 if (!strcmp(p
,"qemu.sstepbits")) {
2228 /* Query Breakpoint bit definitions */
2229 snprintf(buf
, sizeof(buf
), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2235 } else if (strncmp(p
,"qemu.sstep",10) == 0) {
2236 /* Display or change the sstep_flags */
2239 /* Display current setting */
2240 snprintf(buf
, sizeof(buf
), "0x%x", sstep_flags
);
2245 type
= strtoul(p
, (char **)&p
, 16);
2247 put_packet(s
, "OK");
2249 } else if (strcmp(p
,"C") == 0) {
2250 /* "Current thread" remains vague in the spec, so always return
2251 * the first CPU (gdb returns the first thread). */
2252 put_packet(s
, "QC1");
2254 } else if (strcmp(p
,"fThreadInfo") == 0) {
2255 s
->query_cpu
= first_cpu
;
2256 goto report_cpuinfo
;
2257 } else if (strcmp(p
,"sThreadInfo") == 0) {
2260 snprintf(buf
, sizeof(buf
), "m%x", gdb_id(s
->query_cpu
));
2262 s
->query_cpu
= s
->query_cpu
->next_cpu
;
2266 } else if (strncmp(p
,"ThreadExtraInfo,", 16) == 0) {
2267 thread
= strtoull(p
+16, (char **)&p
, 16);
2268 env
= find_cpu(thread
);
2270 cpu_synchronize_state(env
);
2271 len
= snprintf((char *)mem_buf
, sizeof(mem_buf
),
2272 "CPU#%d [%s]", env
->cpu_index
,
2273 env
->halted
? "halted " : "running");
2274 memtohex(buf
, mem_buf
, len
);
2279 #ifdef CONFIG_USER_ONLY
2280 else if (strncmp(p
, "Offsets", 7) == 0) {
2281 TaskState
*ts
= s
->c_cpu
->opaque
;
2283 snprintf(buf
, sizeof(buf
),
2284 "Text=" TARGET_ABI_FMT_lx
";Data=" TARGET_ABI_FMT_lx
2285 ";Bss=" TARGET_ABI_FMT_lx
,
2286 ts
->info
->code_offset
,
2287 ts
->info
->data_offset
,
2288 ts
->info
->data_offset
);
2292 #else /* !CONFIG_USER_ONLY */
2293 else if (strncmp(p
, "Rcmd,", 5) == 0) {
2294 int len
= strlen(p
+ 5);
2296 if ((len
% 2) != 0) {
2297 put_packet(s
, "E01");
2300 hextomem(mem_buf
, p
+ 5, len
);
2303 qemu_chr_be_write(s
->mon_chr
, mem_buf
, len
);
2304 put_packet(s
, "OK");
2307 #endif /* !CONFIG_USER_ONLY */
2308 if (strncmp(p
, "Supported", 9) == 0) {
2309 snprintf(buf
, sizeof(buf
), "PacketSize=%x", MAX_PACKET_LENGTH
);
2311 pstrcat(buf
, sizeof(buf
), ";qXfer:features:read+");
2317 if (strncmp(p
, "Xfer:features:read:", 19) == 0) {
2319 target_ulong total_len
;
2323 xml
= get_feature_xml(p
, &p
);
2325 snprintf(buf
, sizeof(buf
), "E00");
2332 addr
= strtoul(p
, (char **)&p
, 16);
2335 len
= strtoul(p
, (char **)&p
, 16);
2337 total_len
= strlen(xml
);
2338 if (addr
> total_len
) {
2339 snprintf(buf
, sizeof(buf
), "E00");
2343 if (len
> (MAX_PACKET_LENGTH
- 5) / 2)
2344 len
= (MAX_PACKET_LENGTH
- 5) / 2;
2345 if (len
< total_len
- addr
) {
2347 len
= memtox(buf
+ 1, xml
+ addr
, len
);
2350 len
= memtox(buf
+ 1, xml
+ addr
, total_len
- addr
);
2352 put_packet_binary(s
, buf
, len
+ 1);
2356 /* Unrecognised 'q' command. */
2357 goto unknown_command
;
2361 /* put empty packet */
2369 void gdb_set_stop_cpu(CPUState
*env
)
2371 gdbserver_state
->c_cpu
= env
;
2372 gdbserver_state
->g_cpu
= env
;
2375 #ifndef CONFIG_USER_ONLY
2376 static void gdb_vm_state_change(void *opaque
, int running
, RunState state
)
2378 GDBState
*s
= gdbserver_state
;
2379 CPUState
*env
= s
->c_cpu
;
2384 if (running
|| s
->state
== RS_INACTIVE
|| s
->state
== RS_SYSCALL
) {
2388 case RUN_STATE_DEBUG
:
2389 if (env
->watchpoint_hit
) {
2390 switch (env
->watchpoint_hit
->flags
& BP_MEM_ACCESS
) {
2401 snprintf(buf
, sizeof(buf
),
2402 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx
";",
2403 GDB_SIGNAL_TRAP
, gdb_id(env
), type
,
2404 env
->watchpoint_hit
->vaddr
);
2405 env
->watchpoint_hit
= NULL
;
2409 ret
= GDB_SIGNAL_TRAP
;
2411 case RUN_STATE_PAUSED
:
2412 ret
= GDB_SIGNAL_INT
;
2414 case RUN_STATE_SHUTDOWN
:
2415 ret
= GDB_SIGNAL_QUIT
;
2417 case RUN_STATE_IO_ERROR
:
2418 ret
= GDB_SIGNAL_IO
;
2420 case RUN_STATE_WATCHDOG
:
2421 ret
= GDB_SIGNAL_ALRM
;
2423 case RUN_STATE_INTERNAL_ERROR
:
2424 ret
= GDB_SIGNAL_ABRT
;
2426 case RUN_STATE_SAVE_VM
:
2427 case RUN_STATE_RESTORE_VM
:
2429 case RUN_STATE_FINISH_MIGRATE
:
2430 ret
= GDB_SIGNAL_XCPU
;
2433 ret
= GDB_SIGNAL_UNKNOWN
;
2436 snprintf(buf
, sizeof(buf
), "T%02xthread:%02x;", ret
, gdb_id(env
));
2441 /* disable single step if it was enabled */
2442 cpu_single_step(env
, 0);
2446 /* Send a gdb syscall request.
2447 This accepts limited printf-style format specifiers, specifically:
2448 %x - target_ulong argument printed in hex.
2449 %lx - 64-bit argument printed in hex.
2450 %s - string pointer (target_ulong) and length (int) pair. */
2451 void gdb_do_syscall(gdb_syscall_complete_cb cb
, const char *fmt
, ...)
2460 s
= gdbserver_state
;
2463 gdb_current_syscall_cb
= cb
;
2464 s
->state
= RS_SYSCALL
;
2465 #ifndef CONFIG_USER_ONLY
2466 vm_stop(RUN_STATE_DEBUG
);
2477 addr
= va_arg(va
, target_ulong
);
2478 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, TARGET_FMT_lx
, addr
);
2481 if (*(fmt
++) != 'x')
2483 i64
= va_arg(va
, uint64_t);
2484 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, "%" PRIx64
, i64
);
2487 addr
= va_arg(va
, target_ulong
);
2488 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, TARGET_FMT_lx
"/%x",
2489 addr
, va_arg(va
, int));
2493 fprintf(stderr
, "gdbstub: Bad syscall format string '%s'\n",
2504 #ifdef CONFIG_USER_ONLY
2505 gdb_handlesig(s
->c_cpu
, 0);
2511 static void gdb_read_byte(GDBState
*s
, int ch
)
2516 #ifndef CONFIG_USER_ONLY
2517 if (s
->last_packet_len
) {
2518 /* Waiting for a response to the last packet. If we see the start
2519 of a new command then abandon the previous response. */
2522 printf("Got NACK, retransmitting\n");
2524 put_buffer(s
, (uint8_t *)s
->last_packet
, s
->last_packet_len
);
2528 printf("Got ACK\n");
2530 printf("Got '%c' when expecting ACK/NACK\n", ch
);
2532 if (ch
== '+' || ch
== '$')
2533 s
->last_packet_len
= 0;
2537 if (runstate_is_running()) {
2538 /* when the CPU is running, we cannot do anything except stop
2539 it when receiving a char */
2540 vm_stop(RUN_STATE_PAUSED
);
2547 s
->line_buf_index
= 0;
2548 s
->state
= RS_GETLINE
;
2553 s
->state
= RS_CHKSUM1
;
2554 } else if (s
->line_buf_index
>= sizeof(s
->line_buf
) - 1) {
2557 s
->line_buf
[s
->line_buf_index
++] = ch
;
2561 s
->line_buf
[s
->line_buf_index
] = '\0';
2562 s
->line_csum
= fromhex(ch
) << 4;
2563 s
->state
= RS_CHKSUM2
;
2566 s
->line_csum
|= fromhex(ch
);
2568 for(i
= 0; i
< s
->line_buf_index
; i
++) {
2569 csum
+= s
->line_buf
[i
];
2571 if (s
->line_csum
!= (csum
& 0xff)) {
2573 put_buffer(s
, &reply
, 1);
2577 put_buffer(s
, &reply
, 1);
2578 s
->state
= gdb_handle_packet(s
, s
->line_buf
);
2587 /* Tell the remote gdb that the process has exited. */
2588 void gdb_exit(CPUState
*env
, int code
)
2593 s
= gdbserver_state
;
2597 #ifdef CONFIG_USER_ONLY
2598 if (gdbserver_fd
< 0 || s
->fd
< 0) {
2603 snprintf(buf
, sizeof(buf
), "W%02x", (uint8_t)code
);
2606 #ifndef CONFIG_USER_ONLY
2608 qemu_chr_delete(s
->chr
);
2613 #ifdef CONFIG_USER_ONLY
2619 s
= gdbserver_state
;
2621 if (gdbserver_fd
< 0 || s
->fd
< 0)
2628 gdb_handlesig (CPUState
*env
, int sig
)
2634 s
= gdbserver_state
;
2635 if (gdbserver_fd
< 0 || s
->fd
< 0)
2638 /* disable single step if it was enabled */
2639 cpu_single_step(env
, 0);
2644 snprintf(buf
, sizeof(buf
), "S%02x", target_signal_to_gdb (sig
));
2647 /* put_packet() might have detected that the peer terminated the
2654 s
->running_state
= 0;
2655 while (s
->running_state
== 0) {
2656 n
= read (s
->fd
, buf
, 256);
2661 for (i
= 0; i
< n
; i
++)
2662 gdb_read_byte (s
, buf
[i
]);
2664 else if (n
== 0 || errno
!= EAGAIN
)
2666 /* XXX: Connection closed. Should probably wait for annother
2667 connection before continuing. */
2676 /* Tell the remote gdb that the process has exited due to SIG. */
2677 void gdb_signalled(CPUState
*env
, int sig
)
2682 s
= gdbserver_state
;
2683 if (gdbserver_fd
< 0 || s
->fd
< 0)
2686 snprintf(buf
, sizeof(buf
), "X%02x", target_signal_to_gdb (sig
));
2690 static void gdb_accept(void)
2693 struct sockaddr_in sockaddr
;
2698 len
= sizeof(sockaddr
);
2699 fd
= accept(gdbserver_fd
, (struct sockaddr
*)&sockaddr
, &len
);
2700 if (fd
< 0 && errno
!= EINTR
) {
2703 } else if (fd
>= 0) {
2705 fcntl(fd
, F_SETFD
, FD_CLOEXEC
);
2711 /* set short latency */
2713 setsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, (char *)&val
, sizeof(val
));
2715 s
= g_malloc0(sizeof(GDBState
));
2716 s
->c_cpu
= first_cpu
;
2717 s
->g_cpu
= first_cpu
;
2721 gdbserver_state
= s
;
2723 fcntl(fd
, F_SETFL
, O_NONBLOCK
);
2726 static int gdbserver_open(int port
)
2728 struct sockaddr_in sockaddr
;
2731 fd
= socket(PF_INET
, SOCK_STREAM
, 0);
2737 fcntl(fd
, F_SETFD
, FD_CLOEXEC
);
2740 /* allow fast reuse */
2742 setsockopt(fd
, SOL_SOCKET
, SO_REUSEADDR
, (char *)&val
, sizeof(val
));
2744 sockaddr
.sin_family
= AF_INET
;
2745 sockaddr
.sin_port
= htons(port
);
2746 sockaddr
.sin_addr
.s_addr
= 0;
2747 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
2752 ret
= listen(fd
, 0);
2760 int gdbserver_start(int port
)
2762 gdbserver_fd
= gdbserver_open(port
);
2763 if (gdbserver_fd
< 0)
2765 /* accept connections */
2770 /* Disable gdb stub for child processes. */
2771 void gdbserver_fork(CPUState
*env
)
2773 GDBState
*s
= gdbserver_state
;
2774 if (gdbserver_fd
< 0 || s
->fd
< 0)
2778 cpu_breakpoint_remove_all(env
, BP_GDB
);
2779 cpu_watchpoint_remove_all(env
, BP_GDB
);
2782 static int gdb_chr_can_receive(void *opaque
)
2784 /* We can handle an arbitrarily large amount of data.
2785 Pick the maximum packet size, which is as good as anything. */
2786 return MAX_PACKET_LENGTH
;
2789 static void gdb_chr_receive(void *opaque
, const uint8_t *buf
, int size
)
2793 for (i
= 0; i
< size
; i
++) {
2794 gdb_read_byte(gdbserver_state
, buf
[i
]);
2798 static void gdb_chr_event(void *opaque
, int event
)
2801 case CHR_EVENT_OPENED
:
2802 vm_stop(RUN_STATE_PAUSED
);
2810 static void gdb_monitor_output(GDBState
*s
, const char *msg
, int len
)
2812 char buf
[MAX_PACKET_LENGTH
];
2815 if (len
> (MAX_PACKET_LENGTH
/2) - 1)
2816 len
= (MAX_PACKET_LENGTH
/2) - 1;
2817 memtohex(buf
+ 1, (uint8_t *)msg
, len
);
2821 static int gdb_monitor_write(CharDriverState
*chr
, const uint8_t *buf
, int len
)
2823 const char *p
= (const char *)buf
;
2826 max_sz
= (sizeof(gdbserver_state
->last_packet
) - 2) / 2;
2828 if (len
<= max_sz
) {
2829 gdb_monitor_output(gdbserver_state
, p
, len
);
2832 gdb_monitor_output(gdbserver_state
, p
, max_sz
);
2840 static void gdb_sigterm_handler(int signal
)
2842 if (runstate_is_running()) {
2843 vm_stop(RUN_STATE_PAUSED
);
2848 int gdbserver_start(const char *device
)
2851 char gdbstub_device_name
[128];
2852 CharDriverState
*chr
= NULL
;
2853 CharDriverState
*mon_chr
;
2857 if (strcmp(device
, "none") != 0) {
2858 if (strstart(device
, "tcp:", NULL
)) {
2859 /* enforce required TCP attributes */
2860 snprintf(gdbstub_device_name
, sizeof(gdbstub_device_name
),
2861 "%s,nowait,nodelay,server", device
);
2862 device
= gdbstub_device_name
;
2865 else if (strcmp(device
, "stdio") == 0) {
2866 struct sigaction act
;
2868 memset(&act
, 0, sizeof(act
));
2869 act
.sa_handler
= gdb_sigterm_handler
;
2870 sigaction(SIGINT
, &act
, NULL
);
2873 chr
= qemu_chr_new("gdb", device
, NULL
);
2877 qemu_chr_add_handlers(chr
, gdb_chr_can_receive
, gdb_chr_receive
,
2878 gdb_chr_event
, NULL
);
2881 s
= gdbserver_state
;
2883 s
= g_malloc0(sizeof(GDBState
));
2884 gdbserver_state
= s
;
2886 qemu_add_vm_change_state_handler(gdb_vm_state_change
, NULL
);
2888 /* Initialize a monitor terminal for gdb */
2889 mon_chr
= g_malloc0(sizeof(*mon_chr
));
2890 mon_chr
->chr_write
= gdb_monitor_write
;
2891 monitor_init(mon_chr
, 0);
2894 qemu_chr_delete(s
->chr
);
2895 mon_chr
= s
->mon_chr
;
2896 memset(s
, 0, sizeof(GDBState
));
2898 s
->c_cpu
= first_cpu
;
2899 s
->g_cpu
= first_cpu
;
2901 s
->state
= chr
? RS_IDLE
: RS_INACTIVE
;
2902 s
->mon_chr
= mon_chr
;