qapi: dealloc visitor, fix premature free and iteration logic
[qemu.git] / gdbstub.c
blob12dd100af47291915efe7894cb958dcb052f9de1
1 /*
2 * gdb server stub
4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, see <http://www.gnu.org/licenses/>.
19 #include "config.h"
20 #include "qemu-common.h"
21 #ifdef CONFIG_USER_ONLY
22 #include <stdlib.h>
23 #include <stdio.h>
24 #include <stdarg.h>
25 #include <string.h>
26 #include <errno.h>
27 #include <unistd.h>
28 #include <fcntl.h>
30 #include "qemu.h"
31 #else
32 #include "monitor.h"
33 #include "qemu-char.h"
34 #include "sysemu.h"
35 #include "gdbstub.h"
36 #endif
38 #define MAX_PACKET_LENGTH 4096
40 #include "cpu.h"
41 #include "qemu_socket.h"
42 #include "kvm.h"
44 #ifndef TARGET_CPU_MEMORY_RW_DEBUG
45 static inline int target_memory_rw_debug(CPUState *env, target_ulong addr,
46 uint8_t *buf, int len, int is_write)
48 return cpu_memory_rw_debug(env, addr, buf, len, is_write);
50 #else
51 /* target_memory_rw_debug() defined in cpu.h */
52 #endif
54 enum {
55 GDB_SIGNAL_0 = 0,
56 GDB_SIGNAL_INT = 2,
57 GDB_SIGNAL_QUIT = 3,
58 GDB_SIGNAL_TRAP = 5,
59 GDB_SIGNAL_ABRT = 6,
60 GDB_SIGNAL_ALRM = 14,
61 GDB_SIGNAL_IO = 23,
62 GDB_SIGNAL_XCPU = 24,
63 GDB_SIGNAL_UNKNOWN = 143
66 #ifdef CONFIG_USER_ONLY
68 /* Map target signal numbers to GDB protocol signal numbers and vice
69 * versa. For user emulation's currently supported systems, we can
70 * assume most signals are defined.
73 static int gdb_signal_table[] = {
75 TARGET_SIGHUP,
76 TARGET_SIGINT,
77 TARGET_SIGQUIT,
78 TARGET_SIGILL,
79 TARGET_SIGTRAP,
80 TARGET_SIGABRT,
81 -1, /* SIGEMT */
82 TARGET_SIGFPE,
83 TARGET_SIGKILL,
84 TARGET_SIGBUS,
85 TARGET_SIGSEGV,
86 TARGET_SIGSYS,
87 TARGET_SIGPIPE,
88 TARGET_SIGALRM,
89 TARGET_SIGTERM,
90 TARGET_SIGURG,
91 TARGET_SIGSTOP,
92 TARGET_SIGTSTP,
93 TARGET_SIGCONT,
94 TARGET_SIGCHLD,
95 TARGET_SIGTTIN,
96 TARGET_SIGTTOU,
97 TARGET_SIGIO,
98 TARGET_SIGXCPU,
99 TARGET_SIGXFSZ,
100 TARGET_SIGVTALRM,
101 TARGET_SIGPROF,
102 TARGET_SIGWINCH,
103 -1, /* SIGLOST */
104 TARGET_SIGUSR1,
105 TARGET_SIGUSR2,
106 #ifdef TARGET_SIGPWR
107 TARGET_SIGPWR,
108 #else
110 #endif
111 -1, /* SIGPOLL */
123 #ifdef __SIGRTMIN
124 __SIGRTMIN + 1,
125 __SIGRTMIN + 2,
126 __SIGRTMIN + 3,
127 __SIGRTMIN + 4,
128 __SIGRTMIN + 5,
129 __SIGRTMIN + 6,
130 __SIGRTMIN + 7,
131 __SIGRTMIN + 8,
132 __SIGRTMIN + 9,
133 __SIGRTMIN + 10,
134 __SIGRTMIN + 11,
135 __SIGRTMIN + 12,
136 __SIGRTMIN + 13,
137 __SIGRTMIN + 14,
138 __SIGRTMIN + 15,
139 __SIGRTMIN + 16,
140 __SIGRTMIN + 17,
141 __SIGRTMIN + 18,
142 __SIGRTMIN + 19,
143 __SIGRTMIN + 20,
144 __SIGRTMIN + 21,
145 __SIGRTMIN + 22,
146 __SIGRTMIN + 23,
147 __SIGRTMIN + 24,
148 __SIGRTMIN + 25,
149 __SIGRTMIN + 26,
150 __SIGRTMIN + 27,
151 __SIGRTMIN + 28,
152 __SIGRTMIN + 29,
153 __SIGRTMIN + 30,
154 __SIGRTMIN + 31,
155 -1, /* SIGCANCEL */
156 __SIGRTMIN,
157 __SIGRTMIN + 32,
158 __SIGRTMIN + 33,
159 __SIGRTMIN + 34,
160 __SIGRTMIN + 35,
161 __SIGRTMIN + 36,
162 __SIGRTMIN + 37,
163 __SIGRTMIN + 38,
164 __SIGRTMIN + 39,
165 __SIGRTMIN + 40,
166 __SIGRTMIN + 41,
167 __SIGRTMIN + 42,
168 __SIGRTMIN + 43,
169 __SIGRTMIN + 44,
170 __SIGRTMIN + 45,
171 __SIGRTMIN + 46,
172 __SIGRTMIN + 47,
173 __SIGRTMIN + 48,
174 __SIGRTMIN + 49,
175 __SIGRTMIN + 50,
176 __SIGRTMIN + 51,
177 __SIGRTMIN + 52,
178 __SIGRTMIN + 53,
179 __SIGRTMIN + 54,
180 __SIGRTMIN + 55,
181 __SIGRTMIN + 56,
182 __SIGRTMIN + 57,
183 __SIGRTMIN + 58,
184 __SIGRTMIN + 59,
185 __SIGRTMIN + 60,
186 __SIGRTMIN + 61,
187 __SIGRTMIN + 62,
188 __SIGRTMIN + 63,
189 __SIGRTMIN + 64,
190 __SIGRTMIN + 65,
191 __SIGRTMIN + 66,
192 __SIGRTMIN + 67,
193 __SIGRTMIN + 68,
194 __SIGRTMIN + 69,
195 __SIGRTMIN + 70,
196 __SIGRTMIN + 71,
197 __SIGRTMIN + 72,
198 __SIGRTMIN + 73,
199 __SIGRTMIN + 74,
200 __SIGRTMIN + 75,
201 __SIGRTMIN + 76,
202 __SIGRTMIN + 77,
203 __SIGRTMIN + 78,
204 __SIGRTMIN + 79,
205 __SIGRTMIN + 80,
206 __SIGRTMIN + 81,
207 __SIGRTMIN + 82,
208 __SIGRTMIN + 83,
209 __SIGRTMIN + 84,
210 __SIGRTMIN + 85,
211 __SIGRTMIN + 86,
212 __SIGRTMIN + 87,
213 __SIGRTMIN + 88,
214 __SIGRTMIN + 89,
215 __SIGRTMIN + 90,
216 __SIGRTMIN + 91,
217 __SIGRTMIN + 92,
218 __SIGRTMIN + 93,
219 __SIGRTMIN + 94,
220 __SIGRTMIN + 95,
221 -1, /* SIGINFO */
222 -1, /* UNKNOWN */
223 -1, /* DEFAULT */
230 #endif
232 #else
233 /* In system mode we only need SIGINT and SIGTRAP; other signals
234 are not yet supported. */
236 enum {
237 TARGET_SIGINT = 2,
238 TARGET_SIGTRAP = 5
241 static int gdb_signal_table[] = {
244 TARGET_SIGINT,
247 TARGET_SIGTRAP
249 #endif
251 #ifdef CONFIG_USER_ONLY
252 static int target_signal_to_gdb (int sig)
254 int i;
255 for (i = 0; i < ARRAY_SIZE (gdb_signal_table); i++)
256 if (gdb_signal_table[i] == sig)
257 return i;
258 return GDB_SIGNAL_UNKNOWN;
260 #endif
262 static int gdb_signal_to_target (int sig)
264 if (sig < ARRAY_SIZE (gdb_signal_table))
265 return gdb_signal_table[sig];
266 else
267 return -1;
270 //#define DEBUG_GDB
272 typedef struct GDBRegisterState {
273 int base_reg;
274 int num_regs;
275 gdb_reg_cb get_reg;
276 gdb_reg_cb set_reg;
277 const char *xml;
278 struct GDBRegisterState *next;
279 } GDBRegisterState;
281 enum RSState {
282 RS_INACTIVE,
283 RS_IDLE,
284 RS_GETLINE,
285 RS_CHKSUM1,
286 RS_CHKSUM2,
287 RS_SYSCALL,
289 typedef struct GDBState {
290 CPUState *c_cpu; /* current CPU for step/continue ops */
291 CPUState *g_cpu; /* current CPU for other ops */
292 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
293 enum RSState state; /* parsing state */
294 char line_buf[MAX_PACKET_LENGTH];
295 int line_buf_index;
296 int line_csum;
297 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
298 int last_packet_len;
299 int signal;
300 #ifdef CONFIG_USER_ONLY
301 int fd;
302 int running_state;
303 #else
304 CharDriverState *chr;
305 CharDriverState *mon_chr;
306 #endif
307 } GDBState;
309 /* By default use no IRQs and no timers while single stepping so as to
310 * make single stepping like an ICE HW step.
312 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
314 static GDBState *gdbserver_state;
316 /* This is an ugly hack to cope with both new and old gdb.
317 If gdb sends qXfer:features:read then assume we're talking to a newish
318 gdb that understands target descriptions. */
319 static int gdb_has_xml;
321 #ifdef CONFIG_USER_ONLY
322 /* XXX: This is not thread safe. Do we care? */
323 static int gdbserver_fd = -1;
325 static int get_char(GDBState *s)
327 uint8_t ch;
328 int ret;
330 for(;;) {
331 ret = qemu_recv(s->fd, &ch, 1, 0);
332 if (ret < 0) {
333 if (errno == ECONNRESET)
334 s->fd = -1;
335 if (errno != EINTR && errno != EAGAIN)
336 return -1;
337 } else if (ret == 0) {
338 close(s->fd);
339 s->fd = -1;
340 return -1;
341 } else {
342 break;
345 return ch;
347 #endif
349 static gdb_syscall_complete_cb gdb_current_syscall_cb;
351 static enum {
352 GDB_SYS_UNKNOWN,
353 GDB_SYS_ENABLED,
354 GDB_SYS_DISABLED,
355 } gdb_syscall_mode;
357 /* If gdb is connected when the first semihosting syscall occurs then use
358 remote gdb syscalls. Otherwise use native file IO. */
359 int use_gdb_syscalls(void)
361 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
362 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
363 : GDB_SYS_DISABLED);
365 return gdb_syscall_mode == GDB_SYS_ENABLED;
368 /* Resume execution. */
369 static inline void gdb_continue(GDBState *s)
371 #ifdef CONFIG_USER_ONLY
372 s->running_state = 1;
373 #else
374 vm_start();
375 #endif
378 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
380 #ifdef CONFIG_USER_ONLY
381 int ret;
383 while (len > 0) {
384 ret = send(s->fd, buf, len, 0);
385 if (ret < 0) {
386 if (errno != EINTR && errno != EAGAIN)
387 return;
388 } else {
389 buf += ret;
390 len -= ret;
393 #else
394 qemu_chr_fe_write(s->chr, buf, len);
395 #endif
398 static inline int fromhex(int v)
400 if (v >= '0' && v <= '9')
401 return v - '0';
402 else if (v >= 'A' && v <= 'F')
403 return v - 'A' + 10;
404 else if (v >= 'a' && v <= 'f')
405 return v - 'a' + 10;
406 else
407 return 0;
410 static inline int tohex(int v)
412 if (v < 10)
413 return v + '0';
414 else
415 return v - 10 + 'a';
418 static void memtohex(char *buf, const uint8_t *mem, int len)
420 int i, c;
421 char *q;
422 q = buf;
423 for(i = 0; i < len; i++) {
424 c = mem[i];
425 *q++ = tohex(c >> 4);
426 *q++ = tohex(c & 0xf);
428 *q = '\0';
431 static void hextomem(uint8_t *mem, const char *buf, int len)
433 int i;
435 for(i = 0; i < len; i++) {
436 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
437 buf += 2;
441 /* return -1 if error, 0 if OK */
442 static int put_packet_binary(GDBState *s, const char *buf, int len)
444 int csum, i;
445 uint8_t *p;
447 for(;;) {
448 p = s->last_packet;
449 *(p++) = '$';
450 memcpy(p, buf, len);
451 p += len;
452 csum = 0;
453 for(i = 0; i < len; i++) {
454 csum += buf[i];
456 *(p++) = '#';
457 *(p++) = tohex((csum >> 4) & 0xf);
458 *(p++) = tohex((csum) & 0xf);
460 s->last_packet_len = p - s->last_packet;
461 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
463 #ifdef CONFIG_USER_ONLY
464 i = get_char(s);
465 if (i < 0)
466 return -1;
467 if (i == '+')
468 break;
469 #else
470 break;
471 #endif
473 return 0;
476 /* return -1 if error, 0 if OK */
477 static int put_packet(GDBState *s, const char *buf)
479 #ifdef DEBUG_GDB
480 printf("reply='%s'\n", buf);
481 #endif
483 return put_packet_binary(s, buf, strlen(buf));
486 /* The GDB remote protocol transfers values in target byte order. This means
487 we can use the raw memory access routines to access the value buffer.
488 Conveniently, these also handle the case where the buffer is mis-aligned.
490 #define GET_REG8(val) do { \
491 stb_p(mem_buf, val); \
492 return 1; \
493 } while(0)
494 #define GET_REG16(val) do { \
495 stw_p(mem_buf, val); \
496 return 2; \
497 } while(0)
498 #define GET_REG32(val) do { \
499 stl_p(mem_buf, val); \
500 return 4; \
501 } while(0)
502 #define GET_REG64(val) do { \
503 stq_p(mem_buf, val); \
504 return 8; \
505 } while(0)
507 #if TARGET_LONG_BITS == 64
508 #define GET_REGL(val) GET_REG64(val)
509 #define ldtul_p(addr) ldq_p(addr)
510 #else
511 #define GET_REGL(val) GET_REG32(val)
512 #define ldtul_p(addr) ldl_p(addr)
513 #endif
515 #if defined(TARGET_I386)
517 #ifdef TARGET_X86_64
518 static const int gpr_map[16] = {
519 R_EAX, R_EBX, R_ECX, R_EDX, R_ESI, R_EDI, R_EBP, R_ESP,
520 8, 9, 10, 11, 12, 13, 14, 15
522 #else
523 #define gpr_map gpr_map32
524 #endif
525 static const int gpr_map32[8] = { 0, 1, 2, 3, 4, 5, 6, 7 };
527 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
529 #define IDX_IP_REG CPU_NB_REGS
530 #define IDX_FLAGS_REG (IDX_IP_REG + 1)
531 #define IDX_SEG_REGS (IDX_FLAGS_REG + 1)
532 #define IDX_FP_REGS (IDX_SEG_REGS + 6)
533 #define IDX_XMM_REGS (IDX_FP_REGS + 16)
534 #define IDX_MXCSR_REG (IDX_XMM_REGS + CPU_NB_REGS)
536 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
538 if (n < CPU_NB_REGS) {
539 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
540 GET_REG64(env->regs[gpr_map[n]]);
541 } else if (n < CPU_NB_REGS32) {
542 GET_REG32(env->regs[gpr_map32[n]]);
544 } else if (n >= IDX_FP_REGS && n < IDX_FP_REGS + 8) {
545 #ifdef USE_X86LDOUBLE
546 /* FIXME: byteswap float values - after fixing fpregs layout. */
547 memcpy(mem_buf, &env->fpregs[n - IDX_FP_REGS], 10);
548 #else
549 memset(mem_buf, 0, 10);
550 #endif
551 return 10;
552 } else if (n >= IDX_XMM_REGS && n < IDX_XMM_REGS + CPU_NB_REGS) {
553 n -= IDX_XMM_REGS;
554 if (n < CPU_NB_REGS32 ||
555 (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK)) {
556 stq_p(mem_buf, env->xmm_regs[n].XMM_Q(0));
557 stq_p(mem_buf + 8, env->xmm_regs[n].XMM_Q(1));
558 return 16;
560 } else {
561 switch (n) {
562 case IDX_IP_REG:
563 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
564 GET_REG64(env->eip);
565 } else {
566 GET_REG32(env->eip);
568 case IDX_FLAGS_REG: GET_REG32(env->eflags);
570 case IDX_SEG_REGS: GET_REG32(env->segs[R_CS].selector);
571 case IDX_SEG_REGS + 1: GET_REG32(env->segs[R_SS].selector);
572 case IDX_SEG_REGS + 2: GET_REG32(env->segs[R_DS].selector);
573 case IDX_SEG_REGS + 3: GET_REG32(env->segs[R_ES].selector);
574 case IDX_SEG_REGS + 4: GET_REG32(env->segs[R_FS].selector);
575 case IDX_SEG_REGS + 5: GET_REG32(env->segs[R_GS].selector);
577 case IDX_FP_REGS + 8: GET_REG32(env->fpuc);
578 case IDX_FP_REGS + 9: GET_REG32((env->fpus & ~0x3800) |
579 (env->fpstt & 0x7) << 11);
580 case IDX_FP_REGS + 10: GET_REG32(0); /* ftag */
581 case IDX_FP_REGS + 11: GET_REG32(0); /* fiseg */
582 case IDX_FP_REGS + 12: GET_REG32(0); /* fioff */
583 case IDX_FP_REGS + 13: GET_REG32(0); /* foseg */
584 case IDX_FP_REGS + 14: GET_REG32(0); /* fooff */
585 case IDX_FP_REGS + 15: GET_REG32(0); /* fop */
587 case IDX_MXCSR_REG: GET_REG32(env->mxcsr);
590 return 0;
593 static int cpu_x86_gdb_load_seg(CPUState *env, int sreg, uint8_t *mem_buf)
595 uint16_t selector = ldl_p(mem_buf);
597 if (selector != env->segs[sreg].selector) {
598 #if defined(CONFIG_USER_ONLY)
599 cpu_x86_load_seg(env, sreg, selector);
600 #else
601 unsigned int limit, flags;
602 target_ulong base;
604 if (!(env->cr[0] & CR0_PE_MASK) || (env->eflags & VM_MASK)) {
605 base = selector << 4;
606 limit = 0xffff;
607 flags = 0;
608 } else {
609 if (!cpu_x86_get_descr_debug(env, selector, &base, &limit, &flags))
610 return 4;
612 cpu_x86_load_seg_cache(env, sreg, selector, base, limit, flags);
613 #endif
615 return 4;
618 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
620 uint32_t tmp;
622 if (n < CPU_NB_REGS) {
623 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
624 env->regs[gpr_map[n]] = ldtul_p(mem_buf);
625 return sizeof(target_ulong);
626 } else if (n < CPU_NB_REGS32) {
627 n = gpr_map32[n];
628 env->regs[n] &= ~0xffffffffUL;
629 env->regs[n] |= (uint32_t)ldl_p(mem_buf);
630 return 4;
632 } else if (n >= IDX_FP_REGS && n < IDX_FP_REGS + 8) {
633 #ifdef USE_X86LDOUBLE
634 /* FIXME: byteswap float values - after fixing fpregs layout. */
635 memcpy(&env->fpregs[n - IDX_FP_REGS], mem_buf, 10);
636 #endif
637 return 10;
638 } else if (n >= IDX_XMM_REGS && n < IDX_XMM_REGS + CPU_NB_REGS) {
639 n -= IDX_XMM_REGS;
640 if (n < CPU_NB_REGS32 ||
641 (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK)) {
642 env->xmm_regs[n].XMM_Q(0) = ldq_p(mem_buf);
643 env->xmm_regs[n].XMM_Q(1) = ldq_p(mem_buf + 8);
644 return 16;
646 } else {
647 switch (n) {
648 case IDX_IP_REG:
649 if (TARGET_LONG_BITS == 64 && env->hflags & HF_CS64_MASK) {
650 env->eip = ldq_p(mem_buf);
651 return 8;
652 } else {
653 env->eip &= ~0xffffffffUL;
654 env->eip |= (uint32_t)ldl_p(mem_buf);
655 return 4;
657 case IDX_FLAGS_REG:
658 env->eflags = ldl_p(mem_buf);
659 return 4;
661 case IDX_SEG_REGS: return cpu_x86_gdb_load_seg(env, R_CS, mem_buf);
662 case IDX_SEG_REGS + 1: return cpu_x86_gdb_load_seg(env, R_SS, mem_buf);
663 case IDX_SEG_REGS + 2: return cpu_x86_gdb_load_seg(env, R_DS, mem_buf);
664 case IDX_SEG_REGS + 3: return cpu_x86_gdb_load_seg(env, R_ES, mem_buf);
665 case IDX_SEG_REGS + 4: return cpu_x86_gdb_load_seg(env, R_FS, mem_buf);
666 case IDX_SEG_REGS + 5: return cpu_x86_gdb_load_seg(env, R_GS, mem_buf);
668 case IDX_FP_REGS + 8:
669 env->fpuc = ldl_p(mem_buf);
670 return 4;
671 case IDX_FP_REGS + 9:
672 tmp = ldl_p(mem_buf);
673 env->fpstt = (tmp >> 11) & 7;
674 env->fpus = tmp & ~0x3800;
675 return 4;
676 case IDX_FP_REGS + 10: /* ftag */ return 4;
677 case IDX_FP_REGS + 11: /* fiseg */ return 4;
678 case IDX_FP_REGS + 12: /* fioff */ return 4;
679 case IDX_FP_REGS + 13: /* foseg */ return 4;
680 case IDX_FP_REGS + 14: /* fooff */ return 4;
681 case IDX_FP_REGS + 15: /* fop */ return 4;
683 case IDX_MXCSR_REG:
684 env->mxcsr = ldl_p(mem_buf);
685 return 4;
688 /* Unrecognised register. */
689 return 0;
692 #elif defined (TARGET_PPC)
694 /* Old gdb always expects FP registers. Newer (xml-aware) gdb only
695 expects whatever the target description contains. Due to a
696 historical mishap the FP registers appear in between core integer
697 regs and PC, MSR, CR, and so forth. We hack round this by giving the
698 FP regs zero size when talking to a newer gdb. */
699 #define NUM_CORE_REGS 71
700 #if defined (TARGET_PPC64)
701 #define GDB_CORE_XML "power64-core.xml"
702 #else
703 #define GDB_CORE_XML "power-core.xml"
704 #endif
706 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
708 if (n < 32) {
709 /* gprs */
710 GET_REGL(env->gpr[n]);
711 } else if (n < 64) {
712 /* fprs */
713 if (gdb_has_xml)
714 return 0;
715 stfq_p(mem_buf, env->fpr[n-32]);
716 return 8;
717 } else {
718 switch (n) {
719 case 64: GET_REGL(env->nip);
720 case 65: GET_REGL(env->msr);
721 case 66:
723 uint32_t cr = 0;
724 int i;
725 for (i = 0; i < 8; i++)
726 cr |= env->crf[i] << (32 - ((i + 1) * 4));
727 GET_REG32(cr);
729 case 67: GET_REGL(env->lr);
730 case 68: GET_REGL(env->ctr);
731 case 69: GET_REGL(env->xer);
732 case 70:
734 if (gdb_has_xml)
735 return 0;
736 GET_REG32(0); /* fpscr */
740 return 0;
743 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
745 if (n < 32) {
746 /* gprs */
747 env->gpr[n] = ldtul_p(mem_buf);
748 return sizeof(target_ulong);
749 } else if (n < 64) {
750 /* fprs */
751 if (gdb_has_xml)
752 return 0;
753 env->fpr[n-32] = ldfq_p(mem_buf);
754 return 8;
755 } else {
756 switch (n) {
757 case 64:
758 env->nip = ldtul_p(mem_buf);
759 return sizeof(target_ulong);
760 case 65:
761 ppc_store_msr(env, ldtul_p(mem_buf));
762 return sizeof(target_ulong);
763 case 66:
765 uint32_t cr = ldl_p(mem_buf);
766 int i;
767 for (i = 0; i < 8; i++)
768 env->crf[i] = (cr >> (32 - ((i + 1) * 4))) & 0xF;
769 return 4;
771 case 67:
772 env->lr = ldtul_p(mem_buf);
773 return sizeof(target_ulong);
774 case 68:
775 env->ctr = ldtul_p(mem_buf);
776 return sizeof(target_ulong);
777 case 69:
778 env->xer = ldtul_p(mem_buf);
779 return sizeof(target_ulong);
780 case 70:
781 /* fpscr */
782 if (gdb_has_xml)
783 return 0;
784 return 4;
787 return 0;
790 #elif defined (TARGET_SPARC)
792 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
793 #define NUM_CORE_REGS 86
794 #else
795 #define NUM_CORE_REGS 72
796 #endif
798 #ifdef TARGET_ABI32
799 #define GET_REGA(val) GET_REG32(val)
800 #else
801 #define GET_REGA(val) GET_REGL(val)
802 #endif
804 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
806 if (n < 8) {
807 /* g0..g7 */
808 GET_REGA(env->gregs[n]);
810 if (n < 32) {
811 /* register window */
812 GET_REGA(env->regwptr[n - 8]);
814 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
815 if (n < 64) {
816 /* fprs */
817 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
819 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
820 switch (n) {
821 case 64: GET_REGA(env->y);
822 case 65: GET_REGA(cpu_get_psr(env));
823 case 66: GET_REGA(env->wim);
824 case 67: GET_REGA(env->tbr);
825 case 68: GET_REGA(env->pc);
826 case 69: GET_REGA(env->npc);
827 case 70: GET_REGA(env->fsr);
828 case 71: GET_REGA(0); /* csr */
829 default: GET_REGA(0);
831 #else
832 if (n < 64) {
833 /* f0-f31 */
834 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
836 if (n < 80) {
837 /* f32-f62 (double width, even numbers only) */
838 uint64_t val;
840 val = (uint64_t)*((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) << 32;
841 val |= *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]);
842 GET_REG64(val);
844 switch (n) {
845 case 80: GET_REGL(env->pc);
846 case 81: GET_REGL(env->npc);
847 case 82: GET_REGL((cpu_get_ccr(env) << 32) |
848 ((env->asi & 0xff) << 24) |
849 ((env->pstate & 0xfff) << 8) |
850 cpu_get_cwp64(env));
851 case 83: GET_REGL(env->fsr);
852 case 84: GET_REGL(env->fprs);
853 case 85: GET_REGL(env->y);
855 #endif
856 return 0;
859 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
861 #if defined(TARGET_ABI32)
862 abi_ulong tmp;
864 tmp = ldl_p(mem_buf);
865 #else
866 target_ulong tmp;
868 tmp = ldtul_p(mem_buf);
869 #endif
871 if (n < 8) {
872 /* g0..g7 */
873 env->gregs[n] = tmp;
874 } else if (n < 32) {
875 /* register window */
876 env->regwptr[n - 8] = tmp;
878 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
879 else if (n < 64) {
880 /* fprs */
881 *((uint32_t *)&env->fpr[n - 32]) = tmp;
882 } else {
883 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
884 switch (n) {
885 case 64: env->y = tmp; break;
886 case 65: cpu_put_psr(env, tmp); break;
887 case 66: env->wim = tmp; break;
888 case 67: env->tbr = tmp; break;
889 case 68: env->pc = tmp; break;
890 case 69: env->npc = tmp; break;
891 case 70: env->fsr = tmp; break;
892 default: return 0;
895 return 4;
896 #else
897 else if (n < 64) {
898 /* f0-f31 */
899 env->fpr[n] = ldfl_p(mem_buf);
900 return 4;
901 } else if (n < 80) {
902 /* f32-f62 (double width, even numbers only) */
903 *((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) = tmp >> 32;
904 *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]) = tmp;
905 } else {
906 switch (n) {
907 case 80: env->pc = tmp; break;
908 case 81: env->npc = tmp; break;
909 case 82:
910 cpu_put_ccr(env, tmp >> 32);
911 env->asi = (tmp >> 24) & 0xff;
912 env->pstate = (tmp >> 8) & 0xfff;
913 cpu_put_cwp64(env, tmp & 0xff);
914 break;
915 case 83: env->fsr = tmp; break;
916 case 84: env->fprs = tmp; break;
917 case 85: env->y = tmp; break;
918 default: return 0;
921 return 8;
922 #endif
924 #elif defined (TARGET_ARM)
926 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
927 whatever the target description contains. Due to a historical mishap
928 the FPA registers appear in between core integer regs and the CPSR.
929 We hack round this by giving the FPA regs zero size when talking to a
930 newer gdb. */
931 #define NUM_CORE_REGS 26
932 #define GDB_CORE_XML "arm-core.xml"
934 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
936 if (n < 16) {
937 /* Core integer register. */
938 GET_REG32(env->regs[n]);
940 if (n < 24) {
941 /* FPA registers. */
942 if (gdb_has_xml)
943 return 0;
944 memset(mem_buf, 0, 12);
945 return 12;
947 switch (n) {
948 case 24:
949 /* FPA status register. */
950 if (gdb_has_xml)
951 return 0;
952 GET_REG32(0);
953 case 25:
954 /* CPSR */
955 GET_REG32(cpsr_read(env));
957 /* Unknown register. */
958 return 0;
961 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
963 uint32_t tmp;
965 tmp = ldl_p(mem_buf);
967 /* Mask out low bit of PC to workaround gdb bugs. This will probably
968 cause problems if we ever implement the Jazelle DBX extensions. */
969 if (n == 15)
970 tmp &= ~1;
972 if (n < 16) {
973 /* Core integer register. */
974 env->regs[n] = tmp;
975 return 4;
977 if (n < 24) { /* 16-23 */
978 /* FPA registers (ignored). */
979 if (gdb_has_xml)
980 return 0;
981 return 12;
983 switch (n) {
984 case 24:
985 /* FPA status register (ignored). */
986 if (gdb_has_xml)
987 return 0;
988 return 4;
989 case 25:
990 /* CPSR */
991 cpsr_write (env, tmp, 0xffffffff);
992 return 4;
994 /* Unknown register. */
995 return 0;
998 #elif defined (TARGET_M68K)
1000 #define NUM_CORE_REGS 18
1002 #define GDB_CORE_XML "cf-core.xml"
1004 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1006 if (n < 8) {
1007 /* D0-D7 */
1008 GET_REG32(env->dregs[n]);
1009 } else if (n < 16) {
1010 /* A0-A7 */
1011 GET_REG32(env->aregs[n - 8]);
1012 } else {
1013 switch (n) {
1014 case 16: GET_REG32(env->sr);
1015 case 17: GET_REG32(env->pc);
1018 /* FP registers not included here because they vary between
1019 ColdFire and m68k. Use XML bits for these. */
1020 return 0;
1023 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1025 uint32_t tmp;
1027 tmp = ldl_p(mem_buf);
1029 if (n < 8) {
1030 /* D0-D7 */
1031 env->dregs[n] = tmp;
1032 } else if (n < 16) {
1033 /* A0-A7 */
1034 env->aregs[n - 8] = tmp;
1035 } else {
1036 switch (n) {
1037 case 16: env->sr = tmp; break;
1038 case 17: env->pc = tmp; break;
1039 default: return 0;
1042 return 4;
1044 #elif defined (TARGET_MIPS)
1046 #define NUM_CORE_REGS 73
1048 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1050 if (n < 32) {
1051 GET_REGL(env->active_tc.gpr[n]);
1053 if (env->CP0_Config1 & (1 << CP0C1_FP)) {
1054 if (n >= 38 && n < 70) {
1055 if (env->CP0_Status & (1 << CP0St_FR))
1056 GET_REGL(env->active_fpu.fpr[n - 38].d);
1057 else
1058 GET_REGL(env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX]);
1060 switch (n) {
1061 case 70: GET_REGL((int32_t)env->active_fpu.fcr31);
1062 case 71: GET_REGL((int32_t)env->active_fpu.fcr0);
1065 switch (n) {
1066 case 32: GET_REGL((int32_t)env->CP0_Status);
1067 case 33: GET_REGL(env->active_tc.LO[0]);
1068 case 34: GET_REGL(env->active_tc.HI[0]);
1069 case 35: GET_REGL(env->CP0_BadVAddr);
1070 case 36: GET_REGL((int32_t)env->CP0_Cause);
1071 case 37: GET_REGL(env->active_tc.PC | !!(env->hflags & MIPS_HFLAG_M16));
1072 case 72: GET_REGL(0); /* fp */
1073 case 89: GET_REGL((int32_t)env->CP0_PRid);
1075 if (n >= 73 && n <= 88) {
1076 /* 16 embedded regs. */
1077 GET_REGL(0);
1080 return 0;
1083 /* convert MIPS rounding mode in FCR31 to IEEE library */
1084 static unsigned int ieee_rm[] =
1086 float_round_nearest_even,
1087 float_round_to_zero,
1088 float_round_up,
1089 float_round_down
1091 #define RESTORE_ROUNDING_MODE \
1092 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
1094 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1096 target_ulong tmp;
1098 tmp = ldtul_p(mem_buf);
1100 if (n < 32) {
1101 env->active_tc.gpr[n] = tmp;
1102 return sizeof(target_ulong);
1104 if (env->CP0_Config1 & (1 << CP0C1_FP)
1105 && n >= 38 && n < 73) {
1106 if (n < 70) {
1107 if (env->CP0_Status & (1 << CP0St_FR))
1108 env->active_fpu.fpr[n - 38].d = tmp;
1109 else
1110 env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX] = tmp;
1112 switch (n) {
1113 case 70:
1114 env->active_fpu.fcr31 = tmp & 0xFF83FFFF;
1115 /* set rounding mode */
1116 RESTORE_ROUNDING_MODE;
1117 break;
1118 case 71: env->active_fpu.fcr0 = tmp; break;
1120 return sizeof(target_ulong);
1122 switch (n) {
1123 case 32: env->CP0_Status = tmp; break;
1124 case 33: env->active_tc.LO[0] = tmp; break;
1125 case 34: env->active_tc.HI[0] = tmp; break;
1126 case 35: env->CP0_BadVAddr = tmp; break;
1127 case 36: env->CP0_Cause = tmp; break;
1128 case 37:
1129 env->active_tc.PC = tmp & ~(target_ulong)1;
1130 if (tmp & 1) {
1131 env->hflags |= MIPS_HFLAG_M16;
1132 } else {
1133 env->hflags &= ~(MIPS_HFLAG_M16);
1135 break;
1136 case 72: /* fp, ignored */ break;
1137 default:
1138 if (n > 89)
1139 return 0;
1140 /* Other registers are readonly. Ignore writes. */
1141 break;
1144 return sizeof(target_ulong);
1146 #elif defined (TARGET_SH4)
1148 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
1149 /* FIXME: We should use XML for this. */
1151 #define NUM_CORE_REGS 59
1153 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1155 if (n < 8) {
1156 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
1157 GET_REGL(env->gregs[n + 16]);
1158 } else {
1159 GET_REGL(env->gregs[n]);
1161 } else if (n < 16) {
1162 GET_REGL(env->gregs[n]);
1163 } else if (n >= 25 && n < 41) {
1164 GET_REGL(env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)]);
1165 } else if (n >= 43 && n < 51) {
1166 GET_REGL(env->gregs[n - 43]);
1167 } else if (n >= 51 && n < 59) {
1168 GET_REGL(env->gregs[n - (51 - 16)]);
1170 switch (n) {
1171 case 16: GET_REGL(env->pc);
1172 case 17: GET_REGL(env->pr);
1173 case 18: GET_REGL(env->gbr);
1174 case 19: GET_REGL(env->vbr);
1175 case 20: GET_REGL(env->mach);
1176 case 21: GET_REGL(env->macl);
1177 case 22: GET_REGL(env->sr);
1178 case 23: GET_REGL(env->fpul);
1179 case 24: GET_REGL(env->fpscr);
1180 case 41: GET_REGL(env->ssr);
1181 case 42: GET_REGL(env->spc);
1184 return 0;
1187 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1189 uint32_t tmp;
1191 tmp = ldl_p(mem_buf);
1193 if (n < 8) {
1194 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
1195 env->gregs[n + 16] = tmp;
1196 } else {
1197 env->gregs[n] = tmp;
1199 return 4;
1200 } else if (n < 16) {
1201 env->gregs[n] = tmp;
1202 return 4;
1203 } else if (n >= 25 && n < 41) {
1204 env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)] = tmp;
1205 return 4;
1206 } else if (n >= 43 && n < 51) {
1207 env->gregs[n - 43] = tmp;
1208 return 4;
1209 } else if (n >= 51 && n < 59) {
1210 env->gregs[n - (51 - 16)] = tmp;
1211 return 4;
1213 switch (n) {
1214 case 16: env->pc = tmp; break;
1215 case 17: env->pr = tmp; break;
1216 case 18: env->gbr = tmp; break;
1217 case 19: env->vbr = tmp; break;
1218 case 20: env->mach = tmp; break;
1219 case 21: env->macl = tmp; break;
1220 case 22: env->sr = tmp; break;
1221 case 23: env->fpul = tmp; break;
1222 case 24: env->fpscr = tmp; break;
1223 case 41: env->ssr = tmp; break;
1224 case 42: env->spc = tmp; break;
1225 default: return 0;
1228 return 4;
1230 #elif defined (TARGET_MICROBLAZE)
1232 #define NUM_CORE_REGS (32 + 5)
1234 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1236 if (n < 32) {
1237 GET_REG32(env->regs[n]);
1238 } else {
1239 GET_REG32(env->sregs[n - 32]);
1241 return 0;
1244 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1246 uint32_t tmp;
1248 if (n > NUM_CORE_REGS)
1249 return 0;
1251 tmp = ldl_p(mem_buf);
1253 if (n < 32) {
1254 env->regs[n] = tmp;
1255 } else {
1256 env->sregs[n - 32] = tmp;
1258 return 4;
1260 #elif defined (TARGET_CRIS)
1262 #define NUM_CORE_REGS 49
1264 static int
1265 read_register_crisv10(CPUState *env, uint8_t *mem_buf, int n)
1267 if (n < 15) {
1268 GET_REG32(env->regs[n]);
1271 if (n == 15) {
1272 GET_REG32(env->pc);
1275 if (n < 32) {
1276 switch (n) {
1277 case 16:
1278 GET_REG8(env->pregs[n - 16]);
1279 break;
1280 case 17:
1281 GET_REG8(env->pregs[n - 16]);
1282 break;
1283 case 20:
1284 case 21:
1285 GET_REG16(env->pregs[n - 16]);
1286 break;
1287 default:
1288 if (n >= 23) {
1289 GET_REG32(env->pregs[n - 16]);
1291 break;
1294 return 0;
1297 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1299 uint8_t srs;
1301 if (env->pregs[PR_VR] < 32)
1302 return read_register_crisv10(env, mem_buf, n);
1304 srs = env->pregs[PR_SRS];
1305 if (n < 16) {
1306 GET_REG32(env->regs[n]);
1309 if (n >= 21 && n < 32) {
1310 GET_REG32(env->pregs[n - 16]);
1312 if (n >= 33 && n < 49) {
1313 GET_REG32(env->sregs[srs][n - 33]);
1315 switch (n) {
1316 case 16: GET_REG8(env->pregs[0]);
1317 case 17: GET_REG8(env->pregs[1]);
1318 case 18: GET_REG32(env->pregs[2]);
1319 case 19: GET_REG8(srs);
1320 case 20: GET_REG16(env->pregs[4]);
1321 case 32: GET_REG32(env->pc);
1324 return 0;
1327 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1329 uint32_t tmp;
1331 if (n > 49)
1332 return 0;
1334 tmp = ldl_p(mem_buf);
1336 if (n < 16) {
1337 env->regs[n] = tmp;
1340 if (n >= 21 && n < 32) {
1341 env->pregs[n - 16] = tmp;
1344 /* FIXME: Should support function regs be writable? */
1345 switch (n) {
1346 case 16: return 1;
1347 case 17: return 1;
1348 case 18: env->pregs[PR_PID] = tmp; break;
1349 case 19: return 1;
1350 case 20: return 2;
1351 case 32: env->pc = tmp; break;
1354 return 4;
1356 #elif defined (TARGET_ALPHA)
1358 #define NUM_CORE_REGS 67
1360 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1362 uint64_t val;
1363 CPU_DoubleU d;
1365 switch (n) {
1366 case 0 ... 30:
1367 val = env->ir[n];
1368 break;
1369 case 32 ... 62:
1370 d.d = env->fir[n - 32];
1371 val = d.ll;
1372 break;
1373 case 63:
1374 val = cpu_alpha_load_fpcr(env);
1375 break;
1376 case 64:
1377 val = env->pc;
1378 break;
1379 case 66:
1380 val = env->unique;
1381 break;
1382 case 31:
1383 case 65:
1384 /* 31 really is the zero register; 65 is unassigned in the
1385 gdb protocol, but is still required to occupy 8 bytes. */
1386 val = 0;
1387 break;
1388 default:
1389 return 0;
1391 GET_REGL(val);
1394 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1396 target_ulong tmp = ldtul_p(mem_buf);
1397 CPU_DoubleU d;
1399 switch (n) {
1400 case 0 ... 30:
1401 env->ir[n] = tmp;
1402 break;
1403 case 32 ... 62:
1404 d.ll = tmp;
1405 env->fir[n - 32] = d.d;
1406 break;
1407 case 63:
1408 cpu_alpha_store_fpcr(env, tmp);
1409 break;
1410 case 64:
1411 env->pc = tmp;
1412 break;
1413 case 66:
1414 env->unique = tmp;
1415 break;
1416 case 31:
1417 case 65:
1418 /* 31 really is the zero register; 65 is unassigned in the
1419 gdb protocol, but is still required to occupy 8 bytes. */
1420 break;
1421 default:
1422 return 0;
1424 return 8;
1426 #elif defined (TARGET_S390X)
1428 #define NUM_CORE_REGS S390_NUM_TOTAL_REGS
1430 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1432 switch (n) {
1433 case S390_PSWM_REGNUM: GET_REGL(env->psw.mask); break;
1434 case S390_PSWA_REGNUM: GET_REGL(env->psw.addr); break;
1435 case S390_R0_REGNUM ... S390_R15_REGNUM:
1436 GET_REGL(env->regs[n-S390_R0_REGNUM]); break;
1437 case S390_A0_REGNUM ... S390_A15_REGNUM:
1438 GET_REG32(env->aregs[n-S390_A0_REGNUM]); break;
1439 case S390_FPC_REGNUM: GET_REG32(env->fpc); break;
1440 case S390_F0_REGNUM ... S390_F15_REGNUM:
1441 /* XXX */
1442 break;
1443 case S390_PC_REGNUM: GET_REGL(env->psw.addr); break;
1444 case S390_CC_REGNUM:
1445 env->cc_op = calc_cc(env, env->cc_op, env->cc_src, env->cc_dst,
1446 env->cc_vr);
1447 GET_REG32(env->cc_op);
1448 break;
1451 return 0;
1454 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1456 target_ulong tmpl;
1457 uint32_t tmp32;
1458 int r = 8;
1459 tmpl = ldtul_p(mem_buf);
1460 tmp32 = ldl_p(mem_buf);
1462 switch (n) {
1463 case S390_PSWM_REGNUM: env->psw.mask = tmpl; break;
1464 case S390_PSWA_REGNUM: env->psw.addr = tmpl; break;
1465 case S390_R0_REGNUM ... S390_R15_REGNUM:
1466 env->regs[n-S390_R0_REGNUM] = tmpl; break;
1467 case S390_A0_REGNUM ... S390_A15_REGNUM:
1468 env->aregs[n-S390_A0_REGNUM] = tmp32; r=4; break;
1469 case S390_FPC_REGNUM: env->fpc = tmp32; r=4; break;
1470 case S390_F0_REGNUM ... S390_F15_REGNUM:
1471 /* XXX */
1472 break;
1473 case S390_PC_REGNUM: env->psw.addr = tmpl; break;
1474 case S390_CC_REGNUM: env->cc_op = tmp32; r=4; break;
1477 return r;
1479 #elif defined (TARGET_LM32)
1481 #include "hw/lm32_pic.h"
1482 #define NUM_CORE_REGS (32 + 7)
1484 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1486 if (n < 32) {
1487 GET_REG32(env->regs[n]);
1488 } else {
1489 switch (n) {
1490 case 32:
1491 GET_REG32(env->pc);
1492 break;
1493 /* FIXME: put in right exception ID */
1494 case 33:
1495 GET_REG32(0);
1496 break;
1497 case 34:
1498 GET_REG32(env->eba);
1499 break;
1500 case 35:
1501 GET_REG32(env->deba);
1502 break;
1503 case 36:
1504 GET_REG32(env->ie);
1505 break;
1506 case 37:
1507 GET_REG32(lm32_pic_get_im(env->pic_state));
1508 break;
1509 case 38:
1510 GET_REG32(lm32_pic_get_ip(env->pic_state));
1511 break;
1514 return 0;
1517 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1519 uint32_t tmp;
1521 if (n > NUM_CORE_REGS) {
1522 return 0;
1525 tmp = ldl_p(mem_buf);
1527 if (n < 32) {
1528 env->regs[n] = tmp;
1529 } else {
1530 switch (n) {
1531 case 32:
1532 env->pc = tmp;
1533 break;
1534 case 34:
1535 env->eba = tmp;
1536 break;
1537 case 35:
1538 env->deba = tmp;
1539 break;
1540 case 36:
1541 env->ie = tmp;
1542 break;
1543 case 37:
1544 lm32_pic_set_im(env->pic_state, tmp);
1545 break;
1546 case 38:
1547 lm32_pic_set_ip(env->pic_state, tmp);
1548 break;
1551 return 4;
1553 #elif defined(TARGET_XTENSA)
1555 /* Use num_core_regs to see only non-privileged registers in an unmodified gdb.
1556 * Use num_regs to see all registers. gdb modification is required for that:
1557 * reset bit 0 in the 'flags' field of the registers definitions in the
1558 * gdb/xtensa-config.c inside gdb source tree or inside gdb overlay.
1560 #define NUM_CORE_REGS (env->config->gdb_regmap.num_regs)
1561 #define num_g_regs NUM_CORE_REGS
1563 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1565 const XtensaGdbReg *reg = env->config->gdb_regmap.reg + n;
1567 if (n < 0 || n >= env->config->gdb_regmap.num_regs) {
1568 return 0;
1571 switch (reg->type) {
1572 case 9: /*pc*/
1573 GET_REG32(env->pc);
1574 break;
1576 case 1: /*ar*/
1577 xtensa_sync_phys_from_window(env);
1578 GET_REG32(env->phys_regs[(reg->targno & 0xff) % env->config->nareg]);
1579 break;
1581 case 2: /*SR*/
1582 GET_REG32(env->sregs[reg->targno & 0xff]);
1583 break;
1585 case 3: /*UR*/
1586 GET_REG32(env->uregs[reg->targno & 0xff]);
1587 break;
1589 case 8: /*a*/
1590 GET_REG32(env->regs[reg->targno & 0x0f]);
1591 break;
1593 default:
1594 qemu_log("%s from reg %d of unsupported type %d\n",
1595 __func__, n, reg->type);
1596 return 0;
1600 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1602 uint32_t tmp;
1603 const XtensaGdbReg *reg = env->config->gdb_regmap.reg + n;
1605 if (n < 0 || n >= env->config->gdb_regmap.num_regs) {
1606 return 0;
1609 tmp = ldl_p(mem_buf);
1611 switch (reg->type) {
1612 case 9: /*pc*/
1613 env->pc = tmp;
1614 break;
1616 case 1: /*ar*/
1617 env->phys_regs[(reg->targno & 0xff) % env->config->nareg] = tmp;
1618 xtensa_sync_window_from_phys(env);
1619 break;
1621 case 2: /*SR*/
1622 env->sregs[reg->targno & 0xff] = tmp;
1623 break;
1625 case 3: /*UR*/
1626 env->uregs[reg->targno & 0xff] = tmp;
1627 break;
1629 case 8: /*a*/
1630 env->regs[reg->targno & 0x0f] = tmp;
1631 break;
1633 default:
1634 qemu_log("%s to reg %d of unsupported type %d\n",
1635 __func__, n, reg->type);
1636 return 0;
1639 return 4;
1641 #else
1643 #define NUM_CORE_REGS 0
1645 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1647 return 0;
1650 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1652 return 0;
1655 #endif
1657 #if !defined(TARGET_XTENSA)
1658 static int num_g_regs = NUM_CORE_REGS;
1659 #endif
1661 #ifdef GDB_CORE_XML
1662 /* Encode data using the encoding for 'x' packets. */
1663 static int memtox(char *buf, const char *mem, int len)
1665 char *p = buf;
1666 char c;
1668 while (len--) {
1669 c = *(mem++);
1670 switch (c) {
1671 case '#': case '$': case '*': case '}':
1672 *(p++) = '}';
1673 *(p++) = c ^ 0x20;
1674 break;
1675 default:
1676 *(p++) = c;
1677 break;
1680 return p - buf;
1683 static const char *get_feature_xml(const char *p, const char **newp)
1685 size_t len;
1686 int i;
1687 const char *name;
1688 static char target_xml[1024];
1690 len = 0;
1691 while (p[len] && p[len] != ':')
1692 len++;
1693 *newp = p + len;
1695 name = NULL;
1696 if (strncmp(p, "target.xml", len) == 0) {
1697 /* Generate the XML description for this CPU. */
1698 if (!target_xml[0]) {
1699 GDBRegisterState *r;
1701 snprintf(target_xml, sizeof(target_xml),
1702 "<?xml version=\"1.0\"?>"
1703 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1704 "<target>"
1705 "<xi:include href=\"%s\"/>",
1706 GDB_CORE_XML);
1708 for (r = first_cpu->gdb_regs; r; r = r->next) {
1709 pstrcat(target_xml, sizeof(target_xml), "<xi:include href=\"");
1710 pstrcat(target_xml, sizeof(target_xml), r->xml);
1711 pstrcat(target_xml, sizeof(target_xml), "\"/>");
1713 pstrcat(target_xml, sizeof(target_xml), "</target>");
1715 return target_xml;
1717 for (i = 0; ; i++) {
1718 name = xml_builtin[i][0];
1719 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
1720 break;
1722 return name ? xml_builtin[i][1] : NULL;
1724 #endif
1726 static int gdb_read_register(CPUState *env, uint8_t *mem_buf, int reg)
1728 GDBRegisterState *r;
1730 if (reg < NUM_CORE_REGS)
1731 return cpu_gdb_read_register(env, mem_buf, reg);
1733 for (r = env->gdb_regs; r; r = r->next) {
1734 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1735 return r->get_reg(env, mem_buf, reg - r->base_reg);
1738 return 0;
1741 static int gdb_write_register(CPUState *env, uint8_t *mem_buf, int reg)
1743 GDBRegisterState *r;
1745 if (reg < NUM_CORE_REGS)
1746 return cpu_gdb_write_register(env, mem_buf, reg);
1748 for (r = env->gdb_regs; r; r = r->next) {
1749 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1750 return r->set_reg(env, mem_buf, reg - r->base_reg);
1753 return 0;
1756 #if !defined(TARGET_XTENSA)
1757 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1758 specifies the first register number and these registers are included in
1759 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1760 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1763 void gdb_register_coprocessor(CPUState * env,
1764 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
1765 int num_regs, const char *xml, int g_pos)
1767 GDBRegisterState *s;
1768 GDBRegisterState **p;
1769 static int last_reg = NUM_CORE_REGS;
1771 s = (GDBRegisterState *)g_malloc0(sizeof(GDBRegisterState));
1772 s->base_reg = last_reg;
1773 s->num_regs = num_regs;
1774 s->get_reg = get_reg;
1775 s->set_reg = set_reg;
1776 s->xml = xml;
1777 p = &env->gdb_regs;
1778 while (*p) {
1779 /* Check for duplicates. */
1780 if (strcmp((*p)->xml, xml) == 0)
1781 return;
1782 p = &(*p)->next;
1784 /* Add to end of list. */
1785 last_reg += num_regs;
1786 *p = s;
1787 if (g_pos) {
1788 if (g_pos != s->base_reg) {
1789 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
1790 "Expected %d got %d\n", xml, g_pos, s->base_reg);
1791 } else {
1792 num_g_regs = last_reg;
1796 #endif
1798 #ifndef CONFIG_USER_ONLY
1799 static const int xlat_gdb_type[] = {
1800 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1801 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1802 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1804 #endif
1806 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
1808 CPUState *env;
1809 int err = 0;
1811 if (kvm_enabled())
1812 return kvm_insert_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1814 switch (type) {
1815 case GDB_BREAKPOINT_SW:
1816 case GDB_BREAKPOINT_HW:
1817 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1818 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
1819 if (err)
1820 break;
1822 return err;
1823 #ifndef CONFIG_USER_ONLY
1824 case GDB_WATCHPOINT_WRITE:
1825 case GDB_WATCHPOINT_READ:
1826 case GDB_WATCHPOINT_ACCESS:
1827 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1828 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
1829 NULL);
1830 if (err)
1831 break;
1833 return err;
1834 #endif
1835 default:
1836 return -ENOSYS;
1840 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
1842 CPUState *env;
1843 int err = 0;
1845 if (kvm_enabled())
1846 return kvm_remove_breakpoint(gdbserver_state->c_cpu, addr, len, type);
1848 switch (type) {
1849 case GDB_BREAKPOINT_SW:
1850 case GDB_BREAKPOINT_HW:
1851 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1852 err = cpu_breakpoint_remove(env, addr, BP_GDB);
1853 if (err)
1854 break;
1856 return err;
1857 #ifndef CONFIG_USER_ONLY
1858 case GDB_WATCHPOINT_WRITE:
1859 case GDB_WATCHPOINT_READ:
1860 case GDB_WATCHPOINT_ACCESS:
1861 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1862 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
1863 if (err)
1864 break;
1866 return err;
1867 #endif
1868 default:
1869 return -ENOSYS;
1873 static void gdb_breakpoint_remove_all(void)
1875 CPUState *env;
1877 if (kvm_enabled()) {
1878 kvm_remove_all_breakpoints(gdbserver_state->c_cpu);
1879 return;
1882 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1883 cpu_breakpoint_remove_all(env, BP_GDB);
1884 #ifndef CONFIG_USER_ONLY
1885 cpu_watchpoint_remove_all(env, BP_GDB);
1886 #endif
1890 static void gdb_set_cpu_pc(GDBState *s, target_ulong pc)
1892 #if defined(TARGET_I386)
1893 cpu_synchronize_state(s->c_cpu);
1894 s->c_cpu->eip = pc;
1895 #elif defined (TARGET_PPC)
1896 s->c_cpu->nip = pc;
1897 #elif defined (TARGET_SPARC)
1898 s->c_cpu->pc = pc;
1899 s->c_cpu->npc = pc + 4;
1900 #elif defined (TARGET_ARM)
1901 s->c_cpu->regs[15] = pc;
1902 #elif defined (TARGET_SH4)
1903 s->c_cpu->pc = pc;
1904 #elif defined (TARGET_MIPS)
1905 s->c_cpu->active_tc.PC = pc & ~(target_ulong)1;
1906 if (pc & 1) {
1907 s->c_cpu->hflags |= MIPS_HFLAG_M16;
1908 } else {
1909 s->c_cpu->hflags &= ~(MIPS_HFLAG_M16);
1911 #elif defined (TARGET_MICROBLAZE)
1912 s->c_cpu->sregs[SR_PC] = pc;
1913 #elif defined (TARGET_CRIS)
1914 s->c_cpu->pc = pc;
1915 #elif defined (TARGET_ALPHA)
1916 s->c_cpu->pc = pc;
1917 #elif defined (TARGET_S390X)
1918 cpu_synchronize_state(s->c_cpu);
1919 s->c_cpu->psw.addr = pc;
1920 #elif defined (TARGET_LM32)
1921 s->c_cpu->pc = pc;
1922 #elif defined(TARGET_XTENSA)
1923 s->c_cpu->pc = pc;
1924 #endif
1927 static inline int gdb_id(CPUState *env)
1929 #if defined(CONFIG_USER_ONLY) && defined(CONFIG_USE_NPTL)
1930 return env->host_tid;
1931 #else
1932 return env->cpu_index + 1;
1933 #endif
1936 static CPUState *find_cpu(uint32_t thread_id)
1938 CPUState *env;
1940 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1941 if (gdb_id(env) == thread_id) {
1942 return env;
1946 return NULL;
1949 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1951 CPUState *env;
1952 const char *p;
1953 uint32_t thread;
1954 int ch, reg_size, type, res;
1955 char buf[MAX_PACKET_LENGTH];
1956 uint8_t mem_buf[MAX_PACKET_LENGTH];
1957 uint8_t *registers;
1958 target_ulong addr, len;
1960 #ifdef DEBUG_GDB
1961 printf("command='%s'\n", line_buf);
1962 #endif
1963 p = line_buf;
1964 ch = *p++;
1965 switch(ch) {
1966 case '?':
1967 /* TODO: Make this return the correct value for user-mode. */
1968 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", GDB_SIGNAL_TRAP,
1969 gdb_id(s->c_cpu));
1970 put_packet(s, buf);
1971 /* Remove all the breakpoints when this query is issued,
1972 * because gdb is doing and initial connect and the state
1973 * should be cleaned up.
1975 gdb_breakpoint_remove_all();
1976 break;
1977 case 'c':
1978 if (*p != '\0') {
1979 addr = strtoull(p, (char **)&p, 16);
1980 gdb_set_cpu_pc(s, addr);
1982 s->signal = 0;
1983 gdb_continue(s);
1984 return RS_IDLE;
1985 case 'C':
1986 s->signal = gdb_signal_to_target (strtoul(p, (char **)&p, 16));
1987 if (s->signal == -1)
1988 s->signal = 0;
1989 gdb_continue(s);
1990 return RS_IDLE;
1991 case 'v':
1992 if (strncmp(p, "Cont", 4) == 0) {
1993 int res_signal, res_thread;
1995 p += 4;
1996 if (*p == '?') {
1997 put_packet(s, "vCont;c;C;s;S");
1998 break;
2000 res = 0;
2001 res_signal = 0;
2002 res_thread = 0;
2003 while (*p) {
2004 int action, signal;
2006 if (*p++ != ';') {
2007 res = 0;
2008 break;
2010 action = *p++;
2011 signal = 0;
2012 if (action == 'C' || action == 'S') {
2013 signal = strtoul(p, (char **)&p, 16);
2014 } else if (action != 'c' && action != 's') {
2015 res = 0;
2016 break;
2018 thread = 0;
2019 if (*p == ':') {
2020 thread = strtoull(p+1, (char **)&p, 16);
2022 action = tolower(action);
2023 if (res == 0 || (res == 'c' && action == 's')) {
2024 res = action;
2025 res_signal = signal;
2026 res_thread = thread;
2029 if (res) {
2030 if (res_thread != -1 && res_thread != 0) {
2031 env = find_cpu(res_thread);
2032 if (env == NULL) {
2033 put_packet(s, "E22");
2034 break;
2036 s->c_cpu = env;
2038 if (res == 's') {
2039 cpu_single_step(s->c_cpu, sstep_flags);
2041 s->signal = res_signal;
2042 gdb_continue(s);
2043 return RS_IDLE;
2045 break;
2046 } else {
2047 goto unknown_command;
2049 case 'k':
2050 /* Kill the target */
2051 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
2052 exit(0);
2053 case 'D':
2054 /* Detach packet */
2055 gdb_breakpoint_remove_all();
2056 gdb_syscall_mode = GDB_SYS_DISABLED;
2057 gdb_continue(s);
2058 put_packet(s, "OK");
2059 break;
2060 case 's':
2061 if (*p != '\0') {
2062 addr = strtoull(p, (char **)&p, 16);
2063 gdb_set_cpu_pc(s, addr);
2065 cpu_single_step(s->c_cpu, sstep_flags);
2066 gdb_continue(s);
2067 return RS_IDLE;
2068 case 'F':
2070 target_ulong ret;
2071 target_ulong err;
2073 ret = strtoull(p, (char **)&p, 16);
2074 if (*p == ',') {
2075 p++;
2076 err = strtoull(p, (char **)&p, 16);
2077 } else {
2078 err = 0;
2080 if (*p == ',')
2081 p++;
2082 type = *p;
2083 if (gdb_current_syscall_cb)
2084 gdb_current_syscall_cb(s->c_cpu, ret, err);
2085 if (type == 'C') {
2086 put_packet(s, "T02");
2087 } else {
2088 gdb_continue(s);
2091 break;
2092 case 'g':
2093 cpu_synchronize_state(s->g_cpu);
2094 env = s->g_cpu;
2095 len = 0;
2096 for (addr = 0; addr < num_g_regs; addr++) {
2097 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
2098 len += reg_size;
2100 memtohex(buf, mem_buf, len);
2101 put_packet(s, buf);
2102 break;
2103 case 'G':
2104 cpu_synchronize_state(s->g_cpu);
2105 env = s->g_cpu;
2106 registers = mem_buf;
2107 len = strlen(p) / 2;
2108 hextomem((uint8_t *)registers, p, len);
2109 for (addr = 0; addr < num_g_regs && len > 0; addr++) {
2110 reg_size = gdb_write_register(s->g_cpu, registers, addr);
2111 len -= reg_size;
2112 registers += reg_size;
2114 put_packet(s, "OK");
2115 break;
2116 case 'm':
2117 addr = strtoull(p, (char **)&p, 16);
2118 if (*p == ',')
2119 p++;
2120 len = strtoull(p, NULL, 16);
2121 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 0) != 0) {
2122 put_packet (s, "E14");
2123 } else {
2124 memtohex(buf, mem_buf, len);
2125 put_packet(s, buf);
2127 break;
2128 case 'M':
2129 addr = strtoull(p, (char **)&p, 16);
2130 if (*p == ',')
2131 p++;
2132 len = strtoull(p, (char **)&p, 16);
2133 if (*p == ':')
2134 p++;
2135 hextomem(mem_buf, p, len);
2136 if (target_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 1) != 0) {
2137 put_packet(s, "E14");
2138 } else {
2139 put_packet(s, "OK");
2141 break;
2142 case 'p':
2143 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
2144 This works, but can be very slow. Anything new enough to
2145 understand XML also knows how to use this properly. */
2146 if (!gdb_has_xml)
2147 goto unknown_command;
2148 addr = strtoull(p, (char **)&p, 16);
2149 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
2150 if (reg_size) {
2151 memtohex(buf, mem_buf, reg_size);
2152 put_packet(s, buf);
2153 } else {
2154 put_packet(s, "E14");
2156 break;
2157 case 'P':
2158 if (!gdb_has_xml)
2159 goto unknown_command;
2160 addr = strtoull(p, (char **)&p, 16);
2161 if (*p == '=')
2162 p++;
2163 reg_size = strlen(p) / 2;
2164 hextomem(mem_buf, p, reg_size);
2165 gdb_write_register(s->g_cpu, mem_buf, addr);
2166 put_packet(s, "OK");
2167 break;
2168 case 'Z':
2169 case 'z':
2170 type = strtoul(p, (char **)&p, 16);
2171 if (*p == ',')
2172 p++;
2173 addr = strtoull(p, (char **)&p, 16);
2174 if (*p == ',')
2175 p++;
2176 len = strtoull(p, (char **)&p, 16);
2177 if (ch == 'Z')
2178 res = gdb_breakpoint_insert(addr, len, type);
2179 else
2180 res = gdb_breakpoint_remove(addr, len, type);
2181 if (res >= 0)
2182 put_packet(s, "OK");
2183 else if (res == -ENOSYS)
2184 put_packet(s, "");
2185 else
2186 put_packet(s, "E22");
2187 break;
2188 case 'H':
2189 type = *p++;
2190 thread = strtoull(p, (char **)&p, 16);
2191 if (thread == -1 || thread == 0) {
2192 put_packet(s, "OK");
2193 break;
2195 env = find_cpu(thread);
2196 if (env == NULL) {
2197 put_packet(s, "E22");
2198 break;
2200 switch (type) {
2201 case 'c':
2202 s->c_cpu = env;
2203 put_packet(s, "OK");
2204 break;
2205 case 'g':
2206 s->g_cpu = env;
2207 put_packet(s, "OK");
2208 break;
2209 default:
2210 put_packet(s, "E22");
2211 break;
2213 break;
2214 case 'T':
2215 thread = strtoull(p, (char **)&p, 16);
2216 env = find_cpu(thread);
2218 if (env != NULL) {
2219 put_packet(s, "OK");
2220 } else {
2221 put_packet(s, "E22");
2223 break;
2224 case 'q':
2225 case 'Q':
2226 /* parse any 'q' packets here */
2227 if (!strcmp(p,"qemu.sstepbits")) {
2228 /* Query Breakpoint bit definitions */
2229 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
2230 SSTEP_ENABLE,
2231 SSTEP_NOIRQ,
2232 SSTEP_NOTIMER);
2233 put_packet(s, buf);
2234 break;
2235 } else if (strncmp(p,"qemu.sstep",10) == 0) {
2236 /* Display or change the sstep_flags */
2237 p += 10;
2238 if (*p != '=') {
2239 /* Display current setting */
2240 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
2241 put_packet(s, buf);
2242 break;
2244 p++;
2245 type = strtoul(p, (char **)&p, 16);
2246 sstep_flags = type;
2247 put_packet(s, "OK");
2248 break;
2249 } else if (strcmp(p,"C") == 0) {
2250 /* "Current thread" remains vague in the spec, so always return
2251 * the first CPU (gdb returns the first thread). */
2252 put_packet(s, "QC1");
2253 break;
2254 } else if (strcmp(p,"fThreadInfo") == 0) {
2255 s->query_cpu = first_cpu;
2256 goto report_cpuinfo;
2257 } else if (strcmp(p,"sThreadInfo") == 0) {
2258 report_cpuinfo:
2259 if (s->query_cpu) {
2260 snprintf(buf, sizeof(buf), "m%x", gdb_id(s->query_cpu));
2261 put_packet(s, buf);
2262 s->query_cpu = s->query_cpu->next_cpu;
2263 } else
2264 put_packet(s, "l");
2265 break;
2266 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
2267 thread = strtoull(p+16, (char **)&p, 16);
2268 env = find_cpu(thread);
2269 if (env != NULL) {
2270 cpu_synchronize_state(env);
2271 len = snprintf((char *)mem_buf, sizeof(mem_buf),
2272 "CPU#%d [%s]", env->cpu_index,
2273 env->halted ? "halted " : "running");
2274 memtohex(buf, mem_buf, len);
2275 put_packet(s, buf);
2277 break;
2279 #ifdef CONFIG_USER_ONLY
2280 else if (strncmp(p, "Offsets", 7) == 0) {
2281 TaskState *ts = s->c_cpu->opaque;
2283 snprintf(buf, sizeof(buf),
2284 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
2285 ";Bss=" TARGET_ABI_FMT_lx,
2286 ts->info->code_offset,
2287 ts->info->data_offset,
2288 ts->info->data_offset);
2289 put_packet(s, buf);
2290 break;
2292 #else /* !CONFIG_USER_ONLY */
2293 else if (strncmp(p, "Rcmd,", 5) == 0) {
2294 int len = strlen(p + 5);
2296 if ((len % 2) != 0) {
2297 put_packet(s, "E01");
2298 break;
2300 hextomem(mem_buf, p + 5, len);
2301 len = len / 2;
2302 mem_buf[len++] = 0;
2303 qemu_chr_be_write(s->mon_chr, mem_buf, len);
2304 put_packet(s, "OK");
2305 break;
2307 #endif /* !CONFIG_USER_ONLY */
2308 if (strncmp(p, "Supported", 9) == 0) {
2309 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
2310 #ifdef GDB_CORE_XML
2311 pstrcat(buf, sizeof(buf), ";qXfer:features:read+");
2312 #endif
2313 put_packet(s, buf);
2314 break;
2316 #ifdef GDB_CORE_XML
2317 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
2318 const char *xml;
2319 target_ulong total_len;
2321 gdb_has_xml = 1;
2322 p += 19;
2323 xml = get_feature_xml(p, &p);
2324 if (!xml) {
2325 snprintf(buf, sizeof(buf), "E00");
2326 put_packet(s, buf);
2327 break;
2330 if (*p == ':')
2331 p++;
2332 addr = strtoul(p, (char **)&p, 16);
2333 if (*p == ',')
2334 p++;
2335 len = strtoul(p, (char **)&p, 16);
2337 total_len = strlen(xml);
2338 if (addr > total_len) {
2339 snprintf(buf, sizeof(buf), "E00");
2340 put_packet(s, buf);
2341 break;
2343 if (len > (MAX_PACKET_LENGTH - 5) / 2)
2344 len = (MAX_PACKET_LENGTH - 5) / 2;
2345 if (len < total_len - addr) {
2346 buf[0] = 'm';
2347 len = memtox(buf + 1, xml + addr, len);
2348 } else {
2349 buf[0] = 'l';
2350 len = memtox(buf + 1, xml + addr, total_len - addr);
2352 put_packet_binary(s, buf, len + 1);
2353 break;
2355 #endif
2356 /* Unrecognised 'q' command. */
2357 goto unknown_command;
2359 default:
2360 unknown_command:
2361 /* put empty packet */
2362 buf[0] = '\0';
2363 put_packet(s, buf);
2364 break;
2366 return RS_IDLE;
2369 void gdb_set_stop_cpu(CPUState *env)
2371 gdbserver_state->c_cpu = env;
2372 gdbserver_state->g_cpu = env;
2375 #ifndef CONFIG_USER_ONLY
2376 static void gdb_vm_state_change(void *opaque, int running, RunState state)
2378 GDBState *s = gdbserver_state;
2379 CPUState *env = s->c_cpu;
2380 char buf[256];
2381 const char *type;
2382 int ret;
2384 if (running || s->state == RS_INACTIVE || s->state == RS_SYSCALL) {
2385 return;
2387 switch (state) {
2388 case RSTATE_DEBUG:
2389 if (env->watchpoint_hit) {
2390 switch (env->watchpoint_hit->flags & BP_MEM_ACCESS) {
2391 case BP_MEM_READ:
2392 type = "r";
2393 break;
2394 case BP_MEM_ACCESS:
2395 type = "a";
2396 break;
2397 default:
2398 type = "";
2399 break;
2401 snprintf(buf, sizeof(buf),
2402 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
2403 GDB_SIGNAL_TRAP, gdb_id(env), type,
2404 env->watchpoint_hit->vaddr);
2405 env->watchpoint_hit = NULL;
2406 goto send_packet;
2408 tb_flush(env);
2409 ret = GDB_SIGNAL_TRAP;
2410 break;
2411 case RSTATE_PAUSED:
2412 ret = GDB_SIGNAL_INT;
2413 break;
2414 case RSTATE_SHUTDOWN:
2415 ret = GDB_SIGNAL_QUIT;
2416 break;
2417 case RSTATE_IO_ERROR:
2418 ret = GDB_SIGNAL_IO;
2419 break;
2420 case RSTATE_WATCHDOG:
2421 ret = GDB_SIGNAL_ALRM;
2422 break;
2423 case RSTATE_PANICKED:
2424 ret = GDB_SIGNAL_ABRT;
2425 break;
2426 case RSTATE_SAVEVM:
2427 case RSTATE_RESTORE:
2428 return;
2429 case RSTATE_PRE_MIGRATE:
2430 ret = GDB_SIGNAL_XCPU;
2431 break;
2432 default:
2433 ret = GDB_SIGNAL_UNKNOWN;
2434 break;
2436 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, gdb_id(env));
2438 send_packet:
2439 put_packet(s, buf);
2441 /* disable single step if it was enabled */
2442 cpu_single_step(env, 0);
2444 #endif
2446 /* Send a gdb syscall request.
2447 This accepts limited printf-style format specifiers, specifically:
2448 %x - target_ulong argument printed in hex.
2449 %lx - 64-bit argument printed in hex.
2450 %s - string pointer (target_ulong) and length (int) pair. */
2451 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
2453 va_list va;
2454 char buf[256];
2455 char *p;
2456 target_ulong addr;
2457 uint64_t i64;
2458 GDBState *s;
2460 s = gdbserver_state;
2461 if (!s)
2462 return;
2463 gdb_current_syscall_cb = cb;
2464 s->state = RS_SYSCALL;
2465 #ifndef CONFIG_USER_ONLY
2466 vm_stop(RSTATE_DEBUG);
2467 #endif
2468 s->state = RS_IDLE;
2469 va_start(va, fmt);
2470 p = buf;
2471 *(p++) = 'F';
2472 while (*fmt) {
2473 if (*fmt == '%') {
2474 fmt++;
2475 switch (*fmt++) {
2476 case 'x':
2477 addr = va_arg(va, target_ulong);
2478 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx, addr);
2479 break;
2480 case 'l':
2481 if (*(fmt++) != 'x')
2482 goto bad_format;
2483 i64 = va_arg(va, uint64_t);
2484 p += snprintf(p, &buf[sizeof(buf)] - p, "%" PRIx64, i64);
2485 break;
2486 case 's':
2487 addr = va_arg(va, target_ulong);
2488 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx "/%x",
2489 addr, va_arg(va, int));
2490 break;
2491 default:
2492 bad_format:
2493 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
2494 fmt - 1);
2495 break;
2497 } else {
2498 *(p++) = *(fmt++);
2501 *p = 0;
2502 va_end(va);
2503 put_packet(s, buf);
2504 #ifdef CONFIG_USER_ONLY
2505 gdb_handlesig(s->c_cpu, 0);
2506 #else
2507 cpu_exit(s->c_cpu);
2508 #endif
2511 static void gdb_read_byte(GDBState *s, int ch)
2513 int i, csum;
2514 uint8_t reply;
2516 #ifndef CONFIG_USER_ONLY
2517 if (s->last_packet_len) {
2518 /* Waiting for a response to the last packet. If we see the start
2519 of a new command then abandon the previous response. */
2520 if (ch == '-') {
2521 #ifdef DEBUG_GDB
2522 printf("Got NACK, retransmitting\n");
2523 #endif
2524 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
2526 #ifdef DEBUG_GDB
2527 else if (ch == '+')
2528 printf("Got ACK\n");
2529 else
2530 printf("Got '%c' when expecting ACK/NACK\n", ch);
2531 #endif
2532 if (ch == '+' || ch == '$')
2533 s->last_packet_len = 0;
2534 if (ch != '$')
2535 return;
2537 if (runstate_is_running()) {
2538 /* when the CPU is running, we cannot do anything except stop
2539 it when receiving a char */
2540 vm_stop(RSTATE_PAUSED);
2541 } else
2542 #endif
2544 switch(s->state) {
2545 case RS_IDLE:
2546 if (ch == '$') {
2547 s->line_buf_index = 0;
2548 s->state = RS_GETLINE;
2550 break;
2551 case RS_GETLINE:
2552 if (ch == '#') {
2553 s->state = RS_CHKSUM1;
2554 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
2555 s->state = RS_IDLE;
2556 } else {
2557 s->line_buf[s->line_buf_index++] = ch;
2559 break;
2560 case RS_CHKSUM1:
2561 s->line_buf[s->line_buf_index] = '\0';
2562 s->line_csum = fromhex(ch) << 4;
2563 s->state = RS_CHKSUM2;
2564 break;
2565 case RS_CHKSUM2:
2566 s->line_csum |= fromhex(ch);
2567 csum = 0;
2568 for(i = 0; i < s->line_buf_index; i++) {
2569 csum += s->line_buf[i];
2571 if (s->line_csum != (csum & 0xff)) {
2572 reply = '-';
2573 put_buffer(s, &reply, 1);
2574 s->state = RS_IDLE;
2575 } else {
2576 reply = '+';
2577 put_buffer(s, &reply, 1);
2578 s->state = gdb_handle_packet(s, s->line_buf);
2580 break;
2581 default:
2582 abort();
2587 /* Tell the remote gdb that the process has exited. */
2588 void gdb_exit(CPUState *env, int code)
2590 GDBState *s;
2591 char buf[4];
2593 s = gdbserver_state;
2594 if (!s) {
2595 return;
2597 #ifdef CONFIG_USER_ONLY
2598 if (gdbserver_fd < 0 || s->fd < 0) {
2599 return;
2601 #endif
2603 snprintf(buf, sizeof(buf), "W%02x", (uint8_t)code);
2604 put_packet(s, buf);
2606 #ifndef CONFIG_USER_ONLY
2607 if (s->chr) {
2608 qemu_chr_delete(s->chr);
2610 #endif
2613 #ifdef CONFIG_USER_ONLY
2615 gdb_queuesig (void)
2617 GDBState *s;
2619 s = gdbserver_state;
2621 if (gdbserver_fd < 0 || s->fd < 0)
2622 return 0;
2623 else
2624 return 1;
2628 gdb_handlesig (CPUState *env, int sig)
2630 GDBState *s;
2631 char buf[256];
2632 int n;
2634 s = gdbserver_state;
2635 if (gdbserver_fd < 0 || s->fd < 0)
2636 return sig;
2638 /* disable single step if it was enabled */
2639 cpu_single_step(env, 0);
2640 tb_flush(env);
2642 if (sig != 0)
2644 snprintf(buf, sizeof(buf), "S%02x", target_signal_to_gdb (sig));
2645 put_packet(s, buf);
2647 /* put_packet() might have detected that the peer terminated the
2648 connection. */
2649 if (s->fd < 0)
2650 return sig;
2652 sig = 0;
2653 s->state = RS_IDLE;
2654 s->running_state = 0;
2655 while (s->running_state == 0) {
2656 n = read (s->fd, buf, 256);
2657 if (n > 0)
2659 int i;
2661 for (i = 0; i < n; i++)
2662 gdb_read_byte (s, buf[i]);
2664 else if (n == 0 || errno != EAGAIN)
2666 /* XXX: Connection closed. Should probably wait for annother
2667 connection before continuing. */
2668 return sig;
2671 sig = s->signal;
2672 s->signal = 0;
2673 return sig;
2676 /* Tell the remote gdb that the process has exited due to SIG. */
2677 void gdb_signalled(CPUState *env, int sig)
2679 GDBState *s;
2680 char buf[4];
2682 s = gdbserver_state;
2683 if (gdbserver_fd < 0 || s->fd < 0)
2684 return;
2686 snprintf(buf, sizeof(buf), "X%02x", target_signal_to_gdb (sig));
2687 put_packet(s, buf);
2690 static void gdb_accept(void)
2692 GDBState *s;
2693 struct sockaddr_in sockaddr;
2694 socklen_t len;
2695 int val, fd;
2697 for(;;) {
2698 len = sizeof(sockaddr);
2699 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
2700 if (fd < 0 && errno != EINTR) {
2701 perror("accept");
2702 return;
2703 } else if (fd >= 0) {
2704 #ifndef _WIN32
2705 fcntl(fd, F_SETFD, FD_CLOEXEC);
2706 #endif
2707 break;
2711 /* set short latency */
2712 val = 1;
2713 setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val));
2715 s = g_malloc0(sizeof(GDBState));
2716 s->c_cpu = first_cpu;
2717 s->g_cpu = first_cpu;
2718 s->fd = fd;
2719 gdb_has_xml = 0;
2721 gdbserver_state = s;
2723 fcntl(fd, F_SETFL, O_NONBLOCK);
2726 static int gdbserver_open(int port)
2728 struct sockaddr_in sockaddr;
2729 int fd, val, ret;
2731 fd = socket(PF_INET, SOCK_STREAM, 0);
2732 if (fd < 0) {
2733 perror("socket");
2734 return -1;
2736 #ifndef _WIN32
2737 fcntl(fd, F_SETFD, FD_CLOEXEC);
2738 #endif
2740 /* allow fast reuse */
2741 val = 1;
2742 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val));
2744 sockaddr.sin_family = AF_INET;
2745 sockaddr.sin_port = htons(port);
2746 sockaddr.sin_addr.s_addr = 0;
2747 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
2748 if (ret < 0) {
2749 perror("bind");
2750 return -1;
2752 ret = listen(fd, 0);
2753 if (ret < 0) {
2754 perror("listen");
2755 return -1;
2757 return fd;
2760 int gdbserver_start(int port)
2762 gdbserver_fd = gdbserver_open(port);
2763 if (gdbserver_fd < 0)
2764 return -1;
2765 /* accept connections */
2766 gdb_accept();
2767 return 0;
2770 /* Disable gdb stub for child processes. */
2771 void gdbserver_fork(CPUState *env)
2773 GDBState *s = gdbserver_state;
2774 if (gdbserver_fd < 0 || s->fd < 0)
2775 return;
2776 close(s->fd);
2777 s->fd = -1;
2778 cpu_breakpoint_remove_all(env, BP_GDB);
2779 cpu_watchpoint_remove_all(env, BP_GDB);
2781 #else
2782 static int gdb_chr_can_receive(void *opaque)
2784 /* We can handle an arbitrarily large amount of data.
2785 Pick the maximum packet size, which is as good as anything. */
2786 return MAX_PACKET_LENGTH;
2789 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
2791 int i;
2793 for (i = 0; i < size; i++) {
2794 gdb_read_byte(gdbserver_state, buf[i]);
2798 static void gdb_chr_event(void *opaque, int event)
2800 switch (event) {
2801 case CHR_EVENT_OPENED:
2802 vm_stop(RSTATE_PAUSED);
2803 gdb_has_xml = 0;
2804 break;
2805 default:
2806 break;
2810 static void gdb_monitor_output(GDBState *s, const char *msg, int len)
2812 char buf[MAX_PACKET_LENGTH];
2814 buf[0] = 'O';
2815 if (len > (MAX_PACKET_LENGTH/2) - 1)
2816 len = (MAX_PACKET_LENGTH/2) - 1;
2817 memtohex(buf + 1, (uint8_t *)msg, len);
2818 put_packet(s, buf);
2821 static int gdb_monitor_write(CharDriverState *chr, const uint8_t *buf, int len)
2823 const char *p = (const char *)buf;
2824 int max_sz;
2826 max_sz = (sizeof(gdbserver_state->last_packet) - 2) / 2;
2827 for (;;) {
2828 if (len <= max_sz) {
2829 gdb_monitor_output(gdbserver_state, p, len);
2830 break;
2832 gdb_monitor_output(gdbserver_state, p, max_sz);
2833 p += max_sz;
2834 len -= max_sz;
2836 return len;
2839 #ifndef _WIN32
2840 static void gdb_sigterm_handler(int signal)
2842 if (runstate_is_running()) {
2843 vm_stop(RSTATE_PAUSED);
2846 #endif
2848 int gdbserver_start(const char *device)
2850 GDBState *s;
2851 char gdbstub_device_name[128];
2852 CharDriverState *chr = NULL;
2853 CharDriverState *mon_chr;
2855 if (!device)
2856 return -1;
2857 if (strcmp(device, "none") != 0) {
2858 if (strstart(device, "tcp:", NULL)) {
2859 /* enforce required TCP attributes */
2860 snprintf(gdbstub_device_name, sizeof(gdbstub_device_name),
2861 "%s,nowait,nodelay,server", device);
2862 device = gdbstub_device_name;
2864 #ifndef _WIN32
2865 else if (strcmp(device, "stdio") == 0) {
2866 struct sigaction act;
2868 memset(&act, 0, sizeof(act));
2869 act.sa_handler = gdb_sigterm_handler;
2870 sigaction(SIGINT, &act, NULL);
2872 #endif
2873 chr = qemu_chr_new("gdb", device, NULL);
2874 if (!chr)
2875 return -1;
2877 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
2878 gdb_chr_event, NULL);
2881 s = gdbserver_state;
2882 if (!s) {
2883 s = g_malloc0(sizeof(GDBState));
2884 gdbserver_state = s;
2886 qemu_add_vm_change_state_handler(gdb_vm_state_change, NULL);
2888 /* Initialize a monitor terminal for gdb */
2889 mon_chr = g_malloc0(sizeof(*mon_chr));
2890 mon_chr->chr_write = gdb_monitor_write;
2891 monitor_init(mon_chr, 0);
2892 } else {
2893 if (s->chr)
2894 qemu_chr_delete(s->chr);
2895 mon_chr = s->mon_chr;
2896 memset(s, 0, sizeof(GDBState));
2898 s->c_cpu = first_cpu;
2899 s->g_cpu = first_cpu;
2900 s->chr = chr;
2901 s->state = chr ? RS_IDLE : RS_INACTIVE;
2902 s->mon_chr = mon_chr;
2904 return 0;
2906 #endif