4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston MA 02110-1301 USA
21 #include "qemu-common.h"
22 #ifdef CONFIG_USER_ONLY
34 #include "qemu-char.h"
39 #define MAX_PACKET_LENGTH 4096
41 #include "qemu_socket.h"
49 GDB_SIGNAL_UNKNOWN
= 143
52 #ifdef CONFIG_USER_ONLY
54 /* Map target signal numbers to GDB protocol signal numbers and vice
55 * versa. For user emulation's currently supported systems, we can
56 * assume most signals are defined.
59 static int gdb_signal_table
[] = {
219 /* In system mode we only need SIGINT and SIGTRAP; other signals
220 are not yet supported. */
227 static int gdb_signal_table
[] = {
237 #ifdef CONFIG_USER_ONLY
238 static int target_signal_to_gdb (int sig
)
241 for (i
= 0; i
< ARRAY_SIZE (gdb_signal_table
); i
++)
242 if (gdb_signal_table
[i
] == sig
)
244 return GDB_SIGNAL_UNKNOWN
;
248 static int gdb_signal_to_target (int sig
)
250 if (sig
< ARRAY_SIZE (gdb_signal_table
))
251 return gdb_signal_table
[sig
];
258 typedef struct GDBRegisterState
{
264 struct GDBRegisterState
*next
;
275 typedef struct GDBState
{
276 CPUState
*c_cpu
; /* current CPU for step/continue ops */
277 CPUState
*g_cpu
; /* current CPU for other ops */
278 CPUState
*query_cpu
; /* for q{f|s}ThreadInfo */
279 enum RSState state
; /* parsing state */
280 char line_buf
[MAX_PACKET_LENGTH
];
283 uint8_t last_packet
[MAX_PACKET_LENGTH
+ 4];
286 #ifdef CONFIG_USER_ONLY
290 CharDriverState
*chr
;
291 CharDriverState
*mon_chr
;
295 /* By default use no IRQs and no timers while single stepping so as to
296 * make single stepping like an ICE HW step.
298 static int sstep_flags
= SSTEP_ENABLE
|SSTEP_NOIRQ
|SSTEP_NOTIMER
;
300 static GDBState
*gdbserver_state
;
302 /* This is an ugly hack to cope with both new and old gdb.
303 If gdb sends qXfer:features:read then assume we're talking to a newish
304 gdb that understands target descriptions. */
305 static int gdb_has_xml
;
307 #ifdef CONFIG_USER_ONLY
308 /* XXX: This is not thread safe. Do we care? */
309 static int gdbserver_fd
= -1;
311 static int get_char(GDBState
*s
)
317 ret
= recv(s
->fd
, &ch
, 1, 0);
319 if (errno
== ECONNRESET
)
321 if (errno
!= EINTR
&& errno
!= EAGAIN
)
323 } else if (ret
== 0) {
335 static gdb_syscall_complete_cb gdb_current_syscall_cb
;
343 /* If gdb is connected when the first semihosting syscall occurs then use
344 remote gdb syscalls. Otherwise use native file IO. */
345 int use_gdb_syscalls(void)
347 if (gdb_syscall_mode
== GDB_SYS_UNKNOWN
) {
348 gdb_syscall_mode
= (gdbserver_state
? GDB_SYS_ENABLED
351 return gdb_syscall_mode
== GDB_SYS_ENABLED
;
354 /* Resume execution. */
355 static inline void gdb_continue(GDBState
*s
)
357 #ifdef CONFIG_USER_ONLY
358 s
->running_state
= 1;
364 static void put_buffer(GDBState
*s
, const uint8_t *buf
, int len
)
366 #ifdef CONFIG_USER_ONLY
370 ret
= send(s
->fd
, buf
, len
, 0);
372 if (errno
!= EINTR
&& errno
!= EAGAIN
)
380 qemu_chr_write(s
->chr
, buf
, len
);
384 static inline int fromhex(int v
)
386 if (v
>= '0' && v
<= '9')
388 else if (v
>= 'A' && v
<= 'F')
390 else if (v
>= 'a' && v
<= 'f')
396 static inline int tohex(int v
)
404 static void memtohex(char *buf
, const uint8_t *mem
, int len
)
409 for(i
= 0; i
< len
; i
++) {
411 *q
++ = tohex(c
>> 4);
412 *q
++ = tohex(c
& 0xf);
417 static void hextomem(uint8_t *mem
, const char *buf
, int len
)
421 for(i
= 0; i
< len
; i
++) {
422 mem
[i
] = (fromhex(buf
[0]) << 4) | fromhex(buf
[1]);
427 /* return -1 if error, 0 if OK */
428 static int put_packet_binary(GDBState
*s
, const char *buf
, int len
)
439 for(i
= 0; i
< len
; i
++) {
443 *(p
++) = tohex((csum
>> 4) & 0xf);
444 *(p
++) = tohex((csum
) & 0xf);
446 s
->last_packet_len
= p
- s
->last_packet
;
447 put_buffer(s
, (uint8_t *)s
->last_packet
, s
->last_packet_len
);
449 #ifdef CONFIG_USER_ONLY
462 /* return -1 if error, 0 if OK */
463 static int put_packet(GDBState
*s
, const char *buf
)
466 printf("reply='%s'\n", buf
);
469 return put_packet_binary(s
, buf
, strlen(buf
));
472 /* The GDB remote protocol transfers values in target byte order. This means
473 we can use the raw memory access routines to access the value buffer.
474 Conveniently, these also handle the case where the buffer is mis-aligned.
476 #define GET_REG8(val) do { \
477 stb_p(mem_buf, val); \
480 #define GET_REG16(val) do { \
481 stw_p(mem_buf, val); \
484 #define GET_REG32(val) do { \
485 stl_p(mem_buf, val); \
488 #define GET_REG64(val) do { \
489 stq_p(mem_buf, val); \
493 #if TARGET_LONG_BITS == 64
494 #define GET_REGL(val) GET_REG64(val)
495 #define ldtul_p(addr) ldq_p(addr)
497 #define GET_REGL(val) GET_REG32(val)
498 #define ldtul_p(addr) ldl_p(addr)
501 #if defined(TARGET_I386)
504 static const int gpr_map
[16] = {
505 R_EAX
, R_EBX
, R_ECX
, R_EDX
, R_ESI
, R_EDI
, R_EBP
, R_ESP
,
506 8, 9, 10, 11, 12, 13, 14, 15
509 static const int gpr_map
[8] = {0, 1, 2, 3, 4, 5, 6, 7};
512 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
514 #define IDX_IP_REG CPU_NB_REGS
515 #define IDX_FLAGS_REG (IDX_IP_REG + 1)
516 #define IDX_SEG_REGS (IDX_FLAGS_REG + 1)
517 #define IDX_FP_REGS (IDX_SEG_REGS + 6)
518 #define IDX_XMM_REGS (IDX_FP_REGS + 16)
519 #define IDX_MXCSR_REG (IDX_XMM_REGS + CPU_NB_REGS)
521 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
523 if (n
< CPU_NB_REGS
) {
524 GET_REGL(env
->regs
[gpr_map
[n
]]);
525 } else if (n
>= IDX_FP_REGS
&& n
< IDX_FP_REGS
+ 8) {
526 #ifdef USE_X86LDOUBLE
527 /* FIXME: byteswap float values - after fixing fpregs layout. */
528 memcpy(mem_buf
, &env
->fpregs
[n
- IDX_FP_REGS
], 10);
530 memset(mem_buf
, 0, 10);
533 } else if (n
>= IDX_XMM_REGS
&& n
< IDX_XMM_REGS
+ CPU_NB_REGS
) {
535 stq_p(mem_buf
, env
->xmm_regs
[n
].XMM_Q(0));
536 stq_p(mem_buf
+ 8, env
->xmm_regs
[n
].XMM_Q(1));
540 case IDX_IP_REG
: GET_REGL(env
->eip
);
541 case IDX_FLAGS_REG
: GET_REG32(env
->eflags
);
543 case IDX_SEG_REGS
: GET_REG32(env
->segs
[R_CS
].selector
);
544 case IDX_SEG_REGS
+ 1: GET_REG32(env
->segs
[R_SS
].selector
);
545 case IDX_SEG_REGS
+ 2: GET_REG32(env
->segs
[R_DS
].selector
);
546 case IDX_SEG_REGS
+ 3: GET_REG32(env
->segs
[R_ES
].selector
);
547 case IDX_SEG_REGS
+ 4: GET_REG32(env
->segs
[R_FS
].selector
);
548 case IDX_SEG_REGS
+ 5: GET_REG32(env
->segs
[R_GS
].selector
);
550 case IDX_FP_REGS
+ 8: GET_REG32(env
->fpuc
);
551 case IDX_FP_REGS
+ 9: GET_REG32((env
->fpus
& ~0x3800) |
552 (env
->fpstt
& 0x7) << 11);
553 case IDX_FP_REGS
+ 10: GET_REG32(0); /* ftag */
554 case IDX_FP_REGS
+ 11: GET_REG32(0); /* fiseg */
555 case IDX_FP_REGS
+ 12: GET_REG32(0); /* fioff */
556 case IDX_FP_REGS
+ 13: GET_REG32(0); /* foseg */
557 case IDX_FP_REGS
+ 14: GET_REG32(0); /* fooff */
558 case IDX_FP_REGS
+ 15: GET_REG32(0); /* fop */
560 case IDX_MXCSR_REG
: GET_REG32(env
->mxcsr
);
566 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
570 if (n
< CPU_NB_REGS
) {
571 env
->regs
[gpr_map
[n
]] = ldtul_p(mem_buf
);
572 return sizeof(target_ulong
);
573 } else if (n
>= IDX_FP_REGS
&& n
< IDX_FP_REGS
+ 8) {
574 #ifdef USE_X86LDOUBLE
575 /* FIXME: byteswap float values - after fixing fpregs layout. */
576 memcpy(&env
->fpregs
[n
- IDX_FP_REGS
], mem_buf
, 10);
579 } else if (n
>= IDX_XMM_REGS
&& n
< IDX_XMM_REGS
+ CPU_NB_REGS
) {
581 env
->xmm_regs
[n
].XMM_Q(0) = ldq_p(mem_buf
);
582 env
->xmm_regs
[n
].XMM_Q(1) = ldq_p(mem_buf
+ 8);
587 env
->eip
= ldtul_p(mem_buf
);
588 return sizeof(target_ulong
);
590 env
->eflags
= ldl_p(mem_buf
);
593 #if defined(CONFIG_USER_ONLY)
594 #define LOAD_SEG(index, sreg)\
595 tmp = ldl_p(mem_buf);\
596 if (tmp != env->segs[sreg].selector)\
597 cpu_x86_load_seg(env, sreg, tmp);\
600 /* FIXME: Honor segment registers. Needs to avoid raising an exception
601 when the selector is invalid. */
602 #define LOAD_SEG(index, sreg) return 4
604 case IDX_SEG_REGS
: LOAD_SEG(10, R_CS
);
605 case IDX_SEG_REGS
+ 1: LOAD_SEG(11, R_SS
);
606 case IDX_SEG_REGS
+ 2: LOAD_SEG(12, R_DS
);
607 case IDX_SEG_REGS
+ 3: LOAD_SEG(13, R_ES
);
608 case IDX_SEG_REGS
+ 4: LOAD_SEG(14, R_FS
);
609 case IDX_SEG_REGS
+ 5: LOAD_SEG(15, R_GS
);
611 case IDX_FP_REGS
+ 8:
612 env
->fpuc
= ldl_p(mem_buf
);
614 case IDX_FP_REGS
+ 9:
615 tmp
= ldl_p(mem_buf
);
616 env
->fpstt
= (tmp
>> 11) & 7;
617 env
->fpus
= tmp
& ~0x3800;
619 case IDX_FP_REGS
+ 10: /* ftag */ return 4;
620 case IDX_FP_REGS
+ 11: /* fiseg */ return 4;
621 case IDX_FP_REGS
+ 12: /* fioff */ return 4;
622 case IDX_FP_REGS
+ 13: /* foseg */ return 4;
623 case IDX_FP_REGS
+ 14: /* fooff */ return 4;
624 case IDX_FP_REGS
+ 15: /* fop */ return 4;
627 env
->mxcsr
= ldl_p(mem_buf
);
631 /* Unrecognised register. */
635 #elif defined (TARGET_PPC)
637 /* Old gdb always expects FP registers. Newer (xml-aware) gdb only
638 expects whatever the target description contains. Due to a
639 historical mishap the FP registers appear in between core integer
640 regs and PC, MSR, CR, and so forth. We hack round this by giving the
641 FP regs zero size when talking to a newer gdb. */
642 #define NUM_CORE_REGS 71
643 #if defined (TARGET_PPC64)
644 #define GDB_CORE_XML "power64-core.xml"
646 #define GDB_CORE_XML "power-core.xml"
649 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
653 GET_REGL(env
->gpr
[n
]);
658 stfq_p(mem_buf
, env
->fpr
[n
-32]);
662 case 64: GET_REGL(env
->nip
);
663 case 65: GET_REGL(env
->msr
);
668 for (i
= 0; i
< 8; i
++)
669 cr
|= env
->crf
[i
] << (32 - ((i
+ 1) * 4));
672 case 67: GET_REGL(env
->lr
);
673 case 68: GET_REGL(env
->ctr
);
674 case 69: GET_REGL(env
->xer
);
679 GET_REG32(0); /* fpscr */
686 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
690 env
->gpr
[n
] = ldtul_p(mem_buf
);
691 return sizeof(target_ulong
);
696 env
->fpr
[n
-32] = ldfq_p(mem_buf
);
701 env
->nip
= ldtul_p(mem_buf
);
702 return sizeof(target_ulong
);
704 ppc_store_msr(env
, ldtul_p(mem_buf
));
705 return sizeof(target_ulong
);
708 uint32_t cr
= ldl_p(mem_buf
);
710 for (i
= 0; i
< 8; i
++)
711 env
->crf
[i
] = (cr
>> (32 - ((i
+ 1) * 4))) & 0xF;
715 env
->lr
= ldtul_p(mem_buf
);
716 return sizeof(target_ulong
);
718 env
->ctr
= ldtul_p(mem_buf
);
719 return sizeof(target_ulong
);
721 env
->xer
= ldtul_p(mem_buf
);
722 return sizeof(target_ulong
);
733 #elif defined (TARGET_SPARC)
735 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
736 #define NUM_CORE_REGS 86
738 #define NUM_CORE_REGS 72
742 #define GET_REGA(val) GET_REG32(val)
744 #define GET_REGA(val) GET_REGL(val)
747 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
751 GET_REGA(env
->gregs
[n
]);
754 /* register window */
755 GET_REGA(env
->regwptr
[n
- 8]);
757 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
760 GET_REG32(*((uint32_t *)&env
->fpr
[n
- 32]));
762 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
764 case 64: GET_REGA(env
->y
);
765 case 65: GET_REGA(GET_PSR(env
));
766 case 66: GET_REGA(env
->wim
);
767 case 67: GET_REGA(env
->tbr
);
768 case 68: GET_REGA(env
->pc
);
769 case 69: GET_REGA(env
->npc
);
770 case 70: GET_REGA(env
->fsr
);
771 case 71: GET_REGA(0); /* csr */
772 default: GET_REGA(0);
777 GET_REG32(*((uint32_t *)&env
->fpr
[n
- 32]));
780 /* f32-f62 (double width, even numbers only) */
783 val
= (uint64_t)*((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 32]) << 32;
784 val
|= *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 33]);
788 case 80: GET_REGL(env
->pc
);
789 case 81: GET_REGL(env
->npc
);
790 case 82: GET_REGL(((uint64_t)GET_CCR(env
) << 32) |
791 ((env
->asi
& 0xff) << 24) |
792 ((env
->pstate
& 0xfff) << 8) |
794 case 83: GET_REGL(env
->fsr
);
795 case 84: GET_REGL(env
->fprs
);
796 case 85: GET_REGL(env
->y
);
802 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
804 #if defined(TARGET_ABI32)
807 tmp
= ldl_p(mem_buf
);
811 tmp
= ldtul_p(mem_buf
);
818 /* register window */
819 env
->regwptr
[n
- 8] = tmp
;
821 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
824 *((uint32_t *)&env
->fpr
[n
- 32]) = tmp
;
826 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
828 case 64: env
->y
= tmp
; break;
829 case 65: PUT_PSR(env
, tmp
); break;
830 case 66: env
->wim
= tmp
; break;
831 case 67: env
->tbr
= tmp
; break;
832 case 68: env
->pc
= tmp
; break;
833 case 69: env
->npc
= tmp
; break;
834 case 70: env
->fsr
= tmp
; break;
842 env
->fpr
[n
] = ldfl_p(mem_buf
);
845 /* f32-f62 (double width, even numbers only) */
846 *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 32]) = tmp
>> 32;
847 *((uint32_t *)&env
->fpr
[(n
- 64) * 2 + 33]) = tmp
;
850 case 80: env
->pc
= tmp
; break;
851 case 81: env
->npc
= tmp
; break;
853 PUT_CCR(env
, tmp
>> 32);
854 env
->asi
= (tmp
>> 24) & 0xff;
855 env
->pstate
= (tmp
>> 8) & 0xfff;
856 PUT_CWP64(env
, tmp
& 0xff);
858 case 83: env
->fsr
= tmp
; break;
859 case 84: env
->fprs
= tmp
; break;
860 case 85: env
->y
= tmp
; break;
867 #elif defined (TARGET_ARM)
869 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
870 whatever the target description contains. Due to a historical mishap
871 the FPA registers appear in between core integer regs and the CPSR.
872 We hack round this by giving the FPA regs zero size when talking to a
874 #define NUM_CORE_REGS 26
875 #define GDB_CORE_XML "arm-core.xml"
877 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
880 /* Core integer register. */
881 GET_REG32(env
->regs
[n
]);
887 memset(mem_buf
, 0, 12);
892 /* FPA status register. */
898 GET_REG32(cpsr_read(env
));
900 /* Unknown register. */
904 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
908 tmp
= ldl_p(mem_buf
);
910 /* Mask out low bit of PC to workaround gdb bugs. This will probably
911 cause problems if we ever implement the Jazelle DBX extensions. */
916 /* Core integer register. */
920 if (n
< 24) { /* 16-23 */
921 /* FPA registers (ignored). */
928 /* FPA status register (ignored). */
934 cpsr_write (env
, tmp
, 0xffffffff);
937 /* Unknown register. */
941 #elif defined (TARGET_M68K)
943 #define NUM_CORE_REGS 18
945 #define GDB_CORE_XML "cf-core.xml"
947 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
951 GET_REG32(env
->dregs
[n
]);
954 GET_REG32(env
->aregs
[n
- 8]);
957 case 16: GET_REG32(env
->sr
);
958 case 17: GET_REG32(env
->pc
);
961 /* FP registers not included here because they vary between
962 ColdFire and m68k. Use XML bits for these. */
966 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
970 tmp
= ldl_p(mem_buf
);
977 env
->aregs
[n
- 8] = tmp
;
980 case 16: env
->sr
= tmp
; break;
981 case 17: env
->pc
= tmp
; break;
987 #elif defined (TARGET_MIPS)
989 #define NUM_CORE_REGS 73
991 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
994 GET_REGL(env
->active_tc
.gpr
[n
]);
996 if (env
->CP0_Config1
& (1 << CP0C1_FP
)) {
997 if (n
>= 38 && n
< 70) {
998 if (env
->CP0_Status
& (1 << CP0St_FR
))
999 GET_REGL(env
->active_fpu
.fpr
[n
- 38].d
);
1001 GET_REGL(env
->active_fpu
.fpr
[n
- 38].w
[FP_ENDIAN_IDX
]);
1004 case 70: GET_REGL((int32_t)env
->active_fpu
.fcr31
);
1005 case 71: GET_REGL((int32_t)env
->active_fpu
.fcr0
);
1009 case 32: GET_REGL((int32_t)env
->CP0_Status
);
1010 case 33: GET_REGL(env
->active_tc
.LO
[0]);
1011 case 34: GET_REGL(env
->active_tc
.HI
[0]);
1012 case 35: GET_REGL(env
->CP0_BadVAddr
);
1013 case 36: GET_REGL((int32_t)env
->CP0_Cause
);
1014 case 37: GET_REGL(env
->active_tc
.PC
);
1015 case 72: GET_REGL(0); /* fp */
1016 case 89: GET_REGL((int32_t)env
->CP0_PRid
);
1018 if (n
>= 73 && n
<= 88) {
1019 /* 16 embedded regs. */
1026 /* convert MIPS rounding mode in FCR31 to IEEE library */
1027 static unsigned int ieee_rm
[] =
1029 float_round_nearest_even
,
1030 float_round_to_zero
,
1034 #define RESTORE_ROUNDING_MODE \
1035 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
1037 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1041 tmp
= ldtul_p(mem_buf
);
1044 env
->active_tc
.gpr
[n
] = tmp
;
1045 return sizeof(target_ulong
);
1047 if (env
->CP0_Config1
& (1 << CP0C1_FP
)
1048 && n
>= 38 && n
< 73) {
1050 if (env
->CP0_Status
& (1 << CP0St_FR
))
1051 env
->active_fpu
.fpr
[n
- 38].d
= tmp
;
1053 env
->active_fpu
.fpr
[n
- 38].w
[FP_ENDIAN_IDX
] = tmp
;
1057 env
->active_fpu
.fcr31
= tmp
& 0xFF83FFFF;
1058 /* set rounding mode */
1059 RESTORE_ROUNDING_MODE
;
1060 #ifndef CONFIG_SOFTFLOAT
1061 /* no floating point exception for native float */
1062 SET_FP_ENABLE(env
->active_fpu
.fcr31
, 0);
1065 case 71: env
->active_fpu
.fcr0
= tmp
; break;
1067 return sizeof(target_ulong
);
1070 case 32: env
->CP0_Status
= tmp
; break;
1071 case 33: env
->active_tc
.LO
[0] = tmp
; break;
1072 case 34: env
->active_tc
.HI
[0] = tmp
; break;
1073 case 35: env
->CP0_BadVAddr
= tmp
; break;
1074 case 36: env
->CP0_Cause
= tmp
; break;
1075 case 37: env
->active_tc
.PC
= tmp
; break;
1076 case 72: /* fp, ignored */ break;
1080 /* Other registers are readonly. Ignore writes. */
1084 return sizeof(target_ulong
);
1086 #elif defined (TARGET_SH4)
1088 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
1089 /* FIXME: We should use XML for this. */
1091 #define NUM_CORE_REGS 59
1093 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1096 if ((env
->sr
& (SR_MD
| SR_RB
)) == (SR_MD
| SR_RB
)) {
1097 GET_REGL(env
->gregs
[n
+ 16]);
1099 GET_REGL(env
->gregs
[n
]);
1101 } else if (n
< 16) {
1102 GET_REGL(env
->gregs
[n
- 8]);
1103 } else if (n
>= 25 && n
< 41) {
1104 GET_REGL(env
->fregs
[(n
- 25) + ((env
->fpscr
& FPSCR_FR
) ? 16 : 0)]);
1105 } else if (n
>= 43 && n
< 51) {
1106 GET_REGL(env
->gregs
[n
- 43]);
1107 } else if (n
>= 51 && n
< 59) {
1108 GET_REGL(env
->gregs
[n
- (51 - 16)]);
1111 case 16: GET_REGL(env
->pc
);
1112 case 17: GET_REGL(env
->pr
);
1113 case 18: GET_REGL(env
->gbr
);
1114 case 19: GET_REGL(env
->vbr
);
1115 case 20: GET_REGL(env
->mach
);
1116 case 21: GET_REGL(env
->macl
);
1117 case 22: GET_REGL(env
->sr
);
1118 case 23: GET_REGL(env
->fpul
);
1119 case 24: GET_REGL(env
->fpscr
);
1120 case 41: GET_REGL(env
->ssr
);
1121 case 42: GET_REGL(env
->spc
);
1127 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1131 tmp
= ldl_p(mem_buf
);
1134 if ((env
->sr
& (SR_MD
| SR_RB
)) == (SR_MD
| SR_RB
)) {
1135 env
->gregs
[n
+ 16] = tmp
;
1137 env
->gregs
[n
] = tmp
;
1140 } else if (n
< 16) {
1141 env
->gregs
[n
- 8] = tmp
;
1143 } else if (n
>= 25 && n
< 41) {
1144 env
->fregs
[(n
- 25) + ((env
->fpscr
& FPSCR_FR
) ? 16 : 0)] = tmp
;
1145 } else if (n
>= 43 && n
< 51) {
1146 env
->gregs
[n
- 43] = tmp
;
1148 } else if (n
>= 51 && n
< 59) {
1149 env
->gregs
[n
- (51 - 16)] = tmp
;
1153 case 16: env
->pc
= tmp
;
1154 case 17: env
->pr
= tmp
;
1155 case 18: env
->gbr
= tmp
;
1156 case 19: env
->vbr
= tmp
;
1157 case 20: env
->mach
= tmp
;
1158 case 21: env
->macl
= tmp
;
1159 case 22: env
->sr
= tmp
;
1160 case 23: env
->fpul
= tmp
;
1161 case 24: env
->fpscr
= tmp
;
1162 case 41: env
->ssr
= tmp
;
1163 case 42: env
->spc
= tmp
;
1169 #elif defined (TARGET_MICROBLAZE)
1171 #define NUM_CORE_REGS (32 + 5)
1173 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1176 GET_REG32(env
->regs
[n
]);
1178 GET_REG32(env
->sregs
[n
- 32]);
1183 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1187 if (n
> NUM_CORE_REGS
)
1190 tmp
= ldl_p(mem_buf
);
1195 env
->sregs
[n
- 32] = tmp
;
1199 #elif defined (TARGET_CRIS)
1201 #define NUM_CORE_REGS 49
1203 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1207 srs
= env
->pregs
[PR_SRS
];
1209 GET_REG32(env
->regs
[n
]);
1212 if (n
>= 21 && n
< 32) {
1213 GET_REG32(env
->pregs
[n
- 16]);
1215 if (n
>= 33 && n
< 49) {
1216 GET_REG32(env
->sregs
[srs
][n
- 33]);
1219 case 16: GET_REG8(env
->pregs
[0]);
1220 case 17: GET_REG8(env
->pregs
[1]);
1221 case 18: GET_REG32(env
->pregs
[2]);
1222 case 19: GET_REG8(srs
);
1223 case 20: GET_REG16(env
->pregs
[4]);
1224 case 32: GET_REG32(env
->pc
);
1230 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1237 tmp
= ldl_p(mem_buf
);
1243 if (n
>= 21 && n
< 32) {
1244 env
->pregs
[n
- 16] = tmp
;
1247 /* FIXME: Should support function regs be writable? */
1251 case 18: env
->pregs
[PR_PID
] = tmp
; break;
1254 case 32: env
->pc
= tmp
; break;
1259 #elif defined (TARGET_ALPHA)
1261 #define NUM_CORE_REGS 65
1263 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1266 GET_REGL(env
->ir
[n
]);
1274 val
=*((uint64_t *)&env
->fir
[n
-32]);
1278 GET_REGL(env
->fpcr
);
1290 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1293 tmp
= ldtul_p(mem_buf
);
1299 if (n
> 31 && n
< 63) {
1300 env
->fir
[n
- 32] = ldfl_p(mem_buf
);
1311 #define NUM_CORE_REGS 0
1313 static int cpu_gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1318 static int cpu_gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int n
)
1325 static int num_g_regs
= NUM_CORE_REGS
;
1328 /* Encode data using the encoding for 'x' packets. */
1329 static int memtox(char *buf
, const char *mem
, int len
)
1337 case '#': case '$': case '*': case '}':
1349 static const char *get_feature_xml(const char *p
, const char **newp
)
1351 extern const char *const xml_builtin
[][2];
1355 static char target_xml
[1024];
1358 while (p
[len
] && p
[len
] != ':')
1363 if (strncmp(p
, "target.xml", len
) == 0) {
1364 /* Generate the XML description for this CPU. */
1365 if (!target_xml
[0]) {
1366 GDBRegisterState
*r
;
1368 snprintf(target_xml
, sizeof(target_xml
),
1369 "<?xml version=\"1.0\"?>"
1370 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1372 "<xi:include href=\"%s\"/>",
1375 for (r
= first_cpu
->gdb_regs
; r
; r
= r
->next
) {
1376 pstrcat(target_xml
, sizeof(target_xml
), "<xi:include href=\"");
1377 pstrcat(target_xml
, sizeof(target_xml
), r
->xml
);
1378 pstrcat(target_xml
, sizeof(target_xml
), "\"/>");
1380 pstrcat(target_xml
, sizeof(target_xml
), "</target>");
1384 for (i
= 0; ; i
++) {
1385 name
= xml_builtin
[i
][0];
1386 if (!name
|| (strncmp(name
, p
, len
) == 0 && strlen(name
) == len
))
1389 return name
? xml_builtin
[i
][1] : NULL
;
1393 static int gdb_read_register(CPUState
*env
, uint8_t *mem_buf
, int reg
)
1395 GDBRegisterState
*r
;
1397 if (reg
< NUM_CORE_REGS
)
1398 return cpu_gdb_read_register(env
, mem_buf
, reg
);
1400 for (r
= env
->gdb_regs
; r
; r
= r
->next
) {
1401 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
1402 return r
->get_reg(env
, mem_buf
, reg
- r
->base_reg
);
1408 static int gdb_write_register(CPUState
*env
, uint8_t *mem_buf
, int reg
)
1410 GDBRegisterState
*r
;
1412 if (reg
< NUM_CORE_REGS
)
1413 return cpu_gdb_write_register(env
, mem_buf
, reg
);
1415 for (r
= env
->gdb_regs
; r
; r
= r
->next
) {
1416 if (r
->base_reg
<= reg
&& reg
< r
->base_reg
+ r
->num_regs
) {
1417 return r
->set_reg(env
, mem_buf
, reg
- r
->base_reg
);
1423 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1424 specifies the first register number and these registers are included in
1425 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1426 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1429 void gdb_register_coprocessor(CPUState
* env
,
1430 gdb_reg_cb get_reg
, gdb_reg_cb set_reg
,
1431 int num_regs
, const char *xml
, int g_pos
)
1433 GDBRegisterState
*s
;
1434 GDBRegisterState
**p
;
1435 static int last_reg
= NUM_CORE_REGS
;
1437 s
= (GDBRegisterState
*)qemu_mallocz(sizeof(GDBRegisterState
));
1438 s
->base_reg
= last_reg
;
1439 s
->num_regs
= num_regs
;
1440 s
->get_reg
= get_reg
;
1441 s
->set_reg
= set_reg
;
1445 /* Check for duplicates. */
1446 if (strcmp((*p
)->xml
, xml
) == 0)
1450 /* Add to end of list. */
1451 last_reg
+= num_regs
;
1454 if (g_pos
!= s
->base_reg
) {
1455 fprintf(stderr
, "Error: Bad gdb register numbering for '%s'\n"
1456 "Expected %d got %d\n", xml
, g_pos
, s
->base_reg
);
1458 num_g_regs
= last_reg
;
1463 #ifndef CONFIG_USER_ONLY
1464 static const int xlat_gdb_type
[] = {
1465 [GDB_WATCHPOINT_WRITE
] = BP_GDB
| BP_MEM_WRITE
,
1466 [GDB_WATCHPOINT_READ
] = BP_GDB
| BP_MEM_READ
,
1467 [GDB_WATCHPOINT_ACCESS
] = BP_GDB
| BP_MEM_ACCESS
,
1471 static int gdb_breakpoint_insert(target_ulong addr
, target_ulong len
, int type
)
1477 return kvm_insert_breakpoint(gdbserver_state
->c_cpu
, addr
, len
, type
);
1480 case GDB_BREAKPOINT_SW
:
1481 case GDB_BREAKPOINT_HW
:
1482 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1483 err
= cpu_breakpoint_insert(env
, addr
, BP_GDB
, NULL
);
1488 #ifndef CONFIG_USER_ONLY
1489 case GDB_WATCHPOINT_WRITE
:
1490 case GDB_WATCHPOINT_READ
:
1491 case GDB_WATCHPOINT_ACCESS
:
1492 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1493 err
= cpu_watchpoint_insert(env
, addr
, len
, xlat_gdb_type
[type
],
1505 static int gdb_breakpoint_remove(target_ulong addr
, target_ulong len
, int type
)
1511 return kvm_remove_breakpoint(gdbserver_state
->c_cpu
, addr
, len
, type
);
1514 case GDB_BREAKPOINT_SW
:
1515 case GDB_BREAKPOINT_HW
:
1516 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1517 err
= cpu_breakpoint_remove(env
, addr
, BP_GDB
);
1522 #ifndef CONFIG_USER_ONLY
1523 case GDB_WATCHPOINT_WRITE
:
1524 case GDB_WATCHPOINT_READ
:
1525 case GDB_WATCHPOINT_ACCESS
:
1526 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1527 err
= cpu_watchpoint_remove(env
, addr
, len
, xlat_gdb_type
[type
]);
1538 static void gdb_breakpoint_remove_all(void)
1542 if (kvm_enabled()) {
1543 kvm_remove_all_breakpoints(gdbserver_state
->c_cpu
);
1547 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1548 cpu_breakpoint_remove_all(env
, BP_GDB
);
1549 #ifndef CONFIG_USER_ONLY
1550 cpu_watchpoint_remove_all(env
, BP_GDB
);
1555 static void gdb_set_cpu_pc(GDBState
*s
, target_ulong pc
)
1557 #if defined(TARGET_I386)
1559 cpu_synchronize_state(s
->c_cpu
, 1);
1560 #elif defined (TARGET_PPC)
1562 #elif defined (TARGET_SPARC)
1564 s
->c_cpu
->npc
= pc
+ 4;
1565 #elif defined (TARGET_ARM)
1566 s
->c_cpu
->regs
[15] = pc
;
1567 #elif defined (TARGET_SH4)
1569 #elif defined (TARGET_MIPS)
1570 s
->c_cpu
->active_tc
.PC
= pc
;
1571 #elif defined (TARGET_MICROBLAZE)
1572 s
->c_cpu
->sregs
[SR_PC
] = pc
;
1573 #elif defined (TARGET_CRIS)
1575 #elif defined (TARGET_ALPHA)
1580 static inline int gdb_id(CPUState
*env
)
1582 #if defined(CONFIG_USER_ONLY) && defined(USE_NPTL)
1583 return env
->host_tid
;
1585 return env
->cpu_index
+ 1;
1589 static CPUState
*find_cpu(uint32_t thread_id
)
1593 for (env
= first_cpu
; env
!= NULL
; env
= env
->next_cpu
) {
1594 if (gdb_id(env
) == thread_id
) {
1602 static int gdb_handle_packet(GDBState
*s
, const char *line_buf
)
1607 int ch
, reg_size
, type
, res
;
1608 char buf
[MAX_PACKET_LENGTH
];
1609 uint8_t mem_buf
[MAX_PACKET_LENGTH
];
1611 target_ulong addr
, len
;
1614 printf("command='%s'\n", line_buf
);
1620 /* TODO: Make this return the correct value for user-mode. */
1621 snprintf(buf
, sizeof(buf
), "T%02xthread:%02x;", GDB_SIGNAL_TRAP
,
1624 /* Remove all the breakpoints when this query is issued,
1625 * because gdb is doing and initial connect and the state
1626 * should be cleaned up.
1628 gdb_breakpoint_remove_all();
1632 addr
= strtoull(p
, (char **)&p
, 16);
1633 gdb_set_cpu_pc(s
, addr
);
1639 s
->signal
= gdb_signal_to_target (strtoul(p
, (char **)&p
, 16));
1640 if (s
->signal
== -1)
1645 if (strncmp(p
, "Cont", 4) == 0) {
1646 int res_signal
, res_thread
;
1650 put_packet(s
, "vCont;c;C;s;S");
1665 if (action
== 'C' || action
== 'S') {
1666 signal
= strtoul(p
, (char **)&p
, 16);
1667 } else if (action
!= 'c' && action
!= 's') {
1673 thread
= strtoull(p
+1, (char **)&p
, 16);
1675 action
= tolower(action
);
1676 if (res
== 0 || (res
== 'c' && action
== 's')) {
1678 res_signal
= signal
;
1679 res_thread
= thread
;
1683 if (res_thread
!= -1 && res_thread
!= 0) {
1684 env
= find_cpu(res_thread
);
1686 put_packet(s
, "E22");
1692 cpu_single_step(s
->c_cpu
, sstep_flags
);
1694 s
->signal
= res_signal
;
1700 goto unknown_command
;
1703 /* Kill the target */
1704 fprintf(stderr
, "\nQEMU: Terminated via GDBstub\n");
1708 gdb_breakpoint_remove_all();
1710 put_packet(s
, "OK");
1714 addr
= strtoull(p
, (char **)&p
, 16);
1715 gdb_set_cpu_pc(s
, addr
);
1717 cpu_single_step(s
->c_cpu
, sstep_flags
);
1725 ret
= strtoull(p
, (char **)&p
, 16);
1728 err
= strtoull(p
, (char **)&p
, 16);
1735 if (gdb_current_syscall_cb
)
1736 gdb_current_syscall_cb(s
->c_cpu
, ret
, err
);
1738 put_packet(s
, "T02");
1745 cpu_synchronize_state(s
->g_cpu
, 0);
1747 for (addr
= 0; addr
< num_g_regs
; addr
++) {
1748 reg_size
= gdb_read_register(s
->g_cpu
, mem_buf
+ len
, addr
);
1751 memtohex(buf
, mem_buf
, len
);
1755 registers
= mem_buf
;
1756 len
= strlen(p
) / 2;
1757 hextomem((uint8_t *)registers
, p
, len
);
1758 for (addr
= 0; addr
< num_g_regs
&& len
> 0; addr
++) {
1759 reg_size
= gdb_write_register(s
->g_cpu
, registers
, addr
);
1761 registers
+= reg_size
;
1763 cpu_synchronize_state(s
->g_cpu
, 1);
1764 put_packet(s
, "OK");
1767 addr
= strtoull(p
, (char **)&p
, 16);
1770 len
= strtoull(p
, NULL
, 16);
1771 if (cpu_memory_rw_debug(s
->g_cpu
, addr
, mem_buf
, len
, 0) != 0) {
1772 put_packet (s
, "E14");
1774 memtohex(buf
, mem_buf
, len
);
1779 addr
= strtoull(p
, (char **)&p
, 16);
1782 len
= strtoull(p
, (char **)&p
, 16);
1785 hextomem(mem_buf
, p
, len
);
1786 if (cpu_memory_rw_debug(s
->g_cpu
, addr
, mem_buf
, len
, 1) != 0)
1787 put_packet(s
, "E14");
1789 put_packet(s
, "OK");
1792 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1793 This works, but can be very slow. Anything new enough to
1794 understand XML also knows how to use this properly. */
1796 goto unknown_command
;
1797 addr
= strtoull(p
, (char **)&p
, 16);
1798 reg_size
= gdb_read_register(s
->g_cpu
, mem_buf
, addr
);
1800 memtohex(buf
, mem_buf
, reg_size
);
1803 put_packet(s
, "E14");
1808 goto unknown_command
;
1809 addr
= strtoull(p
, (char **)&p
, 16);
1812 reg_size
= strlen(p
) / 2;
1813 hextomem(mem_buf
, p
, reg_size
);
1814 gdb_write_register(s
->g_cpu
, mem_buf
, addr
);
1815 put_packet(s
, "OK");
1819 type
= strtoul(p
, (char **)&p
, 16);
1822 addr
= strtoull(p
, (char **)&p
, 16);
1825 len
= strtoull(p
, (char **)&p
, 16);
1827 res
= gdb_breakpoint_insert(addr
, len
, type
);
1829 res
= gdb_breakpoint_remove(addr
, len
, type
);
1831 put_packet(s
, "OK");
1832 else if (res
== -ENOSYS
)
1835 put_packet(s
, "E22");
1839 thread
= strtoull(p
, (char **)&p
, 16);
1840 if (thread
== -1 || thread
== 0) {
1841 put_packet(s
, "OK");
1844 env
= find_cpu(thread
);
1846 put_packet(s
, "E22");
1852 put_packet(s
, "OK");
1856 put_packet(s
, "OK");
1859 put_packet(s
, "E22");
1864 thread
= strtoull(p
, (char **)&p
, 16);
1865 env
= find_cpu(thread
);
1868 put_packet(s
, "OK");
1870 put_packet(s
, "E22");
1875 /* parse any 'q' packets here */
1876 if (!strcmp(p
,"qemu.sstepbits")) {
1877 /* Query Breakpoint bit definitions */
1878 snprintf(buf
, sizeof(buf
), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1884 } else if (strncmp(p
,"qemu.sstep",10) == 0) {
1885 /* Display or change the sstep_flags */
1888 /* Display current setting */
1889 snprintf(buf
, sizeof(buf
), "0x%x", sstep_flags
);
1894 type
= strtoul(p
, (char **)&p
, 16);
1896 put_packet(s
, "OK");
1898 } else if (strcmp(p
,"C") == 0) {
1899 /* "Current thread" remains vague in the spec, so always return
1900 * the first CPU (gdb returns the first thread). */
1901 put_packet(s
, "QC1");
1903 } else if (strcmp(p
,"fThreadInfo") == 0) {
1904 s
->query_cpu
= first_cpu
;
1905 goto report_cpuinfo
;
1906 } else if (strcmp(p
,"sThreadInfo") == 0) {
1909 snprintf(buf
, sizeof(buf
), "m%x", gdb_id(s
->query_cpu
));
1911 s
->query_cpu
= s
->query_cpu
->next_cpu
;
1915 } else if (strncmp(p
,"ThreadExtraInfo,", 16) == 0) {
1916 thread
= strtoull(p
+16, (char **)&p
, 16);
1917 env
= find_cpu(thread
);
1919 cpu_synchronize_state(env
, 0);
1920 len
= snprintf((char *)mem_buf
, sizeof(mem_buf
),
1921 "CPU#%d [%s]", env
->cpu_index
,
1922 env
->halted
? "halted " : "running");
1923 memtohex(buf
, mem_buf
, len
);
1928 #ifdef CONFIG_USER_ONLY
1929 else if (strncmp(p
, "Offsets", 7) == 0) {
1930 TaskState
*ts
= s
->c_cpu
->opaque
;
1932 snprintf(buf
, sizeof(buf
),
1933 "Text=" TARGET_ABI_FMT_lx
";Data=" TARGET_ABI_FMT_lx
1934 ";Bss=" TARGET_ABI_FMT_lx
,
1935 ts
->info
->code_offset
,
1936 ts
->info
->data_offset
,
1937 ts
->info
->data_offset
);
1941 #else /* !CONFIG_USER_ONLY */
1942 else if (strncmp(p
, "Rcmd,", 5) == 0) {
1943 int len
= strlen(p
+ 5);
1945 if ((len
% 2) != 0) {
1946 put_packet(s
, "E01");
1949 hextomem(mem_buf
, p
+ 5, len
);
1952 qemu_chr_read(s
->mon_chr
, mem_buf
, len
);
1953 put_packet(s
, "OK");
1956 #endif /* !CONFIG_USER_ONLY */
1957 if (strncmp(p
, "Supported", 9) == 0) {
1958 snprintf(buf
, sizeof(buf
), "PacketSize=%x", MAX_PACKET_LENGTH
);
1960 pstrcat(buf
, sizeof(buf
), ";qXfer:features:read+");
1966 if (strncmp(p
, "Xfer:features:read:", 19) == 0) {
1968 target_ulong total_len
;
1972 xml
= get_feature_xml(p
, &p
);
1974 snprintf(buf
, sizeof(buf
), "E00");
1981 addr
= strtoul(p
, (char **)&p
, 16);
1984 len
= strtoul(p
, (char **)&p
, 16);
1986 total_len
= strlen(xml
);
1987 if (addr
> total_len
) {
1988 snprintf(buf
, sizeof(buf
), "E00");
1992 if (len
> (MAX_PACKET_LENGTH
- 5) / 2)
1993 len
= (MAX_PACKET_LENGTH
- 5) / 2;
1994 if (len
< total_len
- addr
) {
1996 len
= memtox(buf
+ 1, xml
+ addr
, len
);
1999 len
= memtox(buf
+ 1, xml
+ addr
, total_len
- addr
);
2001 put_packet_binary(s
, buf
, len
+ 1);
2005 /* Unrecognised 'q' command. */
2006 goto unknown_command
;
2010 /* put empty packet */
2018 void gdb_set_stop_cpu(CPUState
*env
)
2020 gdbserver_state
->c_cpu
= env
;
2021 gdbserver_state
->g_cpu
= env
;
2024 #ifndef CONFIG_USER_ONLY
2025 static void gdb_vm_state_change(void *opaque
, int running
, int reason
)
2027 GDBState
*s
= gdbserver_state
;
2028 CPUState
*env
= s
->c_cpu
;
2033 if (running
|| (reason
!= EXCP_DEBUG
&& reason
!= EXCP_INTERRUPT
) ||
2034 s
->state
== RS_INACTIVE
|| s
->state
== RS_SYSCALL
)
2037 /* disable single step if it was enable */
2038 cpu_single_step(env
, 0);
2040 if (reason
== EXCP_DEBUG
) {
2041 if (env
->watchpoint_hit
) {
2042 switch (env
->watchpoint_hit
->flags
& BP_MEM_ACCESS
) {
2053 snprintf(buf
, sizeof(buf
),
2054 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx
";",
2055 GDB_SIGNAL_TRAP
, gdb_id(env
), type
,
2056 env
->watchpoint_hit
->vaddr
);
2058 env
->watchpoint_hit
= NULL
;
2062 ret
= GDB_SIGNAL_TRAP
;
2064 ret
= GDB_SIGNAL_INT
;
2066 snprintf(buf
, sizeof(buf
), "T%02xthread:%02x;", ret
, gdb_id(env
));
2071 /* Send a gdb syscall request.
2072 This accepts limited printf-style format specifiers, specifically:
2073 %x - target_ulong argument printed in hex.
2074 %lx - 64-bit argument printed in hex.
2075 %s - string pointer (target_ulong) and length (int) pair. */
2076 void gdb_do_syscall(gdb_syscall_complete_cb cb
, const char *fmt
, ...)
2085 s
= gdbserver_state
;
2088 gdb_current_syscall_cb
= cb
;
2089 s
->state
= RS_SYSCALL
;
2090 #ifndef CONFIG_USER_ONLY
2091 vm_stop(EXCP_DEBUG
);
2102 addr
= va_arg(va
, target_ulong
);
2103 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, TARGET_FMT_lx
, addr
);
2106 if (*(fmt
++) != 'x')
2108 i64
= va_arg(va
, uint64_t);
2109 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, "%" PRIx64
, i64
);
2112 addr
= va_arg(va
, target_ulong
);
2113 p
+= snprintf(p
, &buf
[sizeof(buf
)] - p
, TARGET_FMT_lx
"/%x",
2114 addr
, va_arg(va
, int));
2118 fprintf(stderr
, "gdbstub: Bad syscall format string '%s'\n",
2129 #ifdef CONFIG_USER_ONLY
2130 gdb_handlesig(s
->c_cpu
, 0);
2136 static void gdb_read_byte(GDBState
*s
, int ch
)
2141 #ifndef CONFIG_USER_ONLY
2142 if (s
->last_packet_len
) {
2143 /* Waiting for a response to the last packet. If we see the start
2144 of a new command then abandon the previous response. */
2147 printf("Got NACK, retransmitting\n");
2149 put_buffer(s
, (uint8_t *)s
->last_packet
, s
->last_packet_len
);
2153 printf("Got ACK\n");
2155 printf("Got '%c' when expecting ACK/NACK\n", ch
);
2157 if (ch
== '+' || ch
== '$')
2158 s
->last_packet_len
= 0;
2163 /* when the CPU is running, we cannot do anything except stop
2164 it when receiving a char */
2165 vm_stop(EXCP_INTERRUPT
);
2172 s
->line_buf_index
= 0;
2173 s
->state
= RS_GETLINE
;
2178 s
->state
= RS_CHKSUM1
;
2179 } else if (s
->line_buf_index
>= sizeof(s
->line_buf
) - 1) {
2182 s
->line_buf
[s
->line_buf_index
++] = ch
;
2186 s
->line_buf
[s
->line_buf_index
] = '\0';
2187 s
->line_csum
= fromhex(ch
) << 4;
2188 s
->state
= RS_CHKSUM2
;
2191 s
->line_csum
|= fromhex(ch
);
2193 for(i
= 0; i
< s
->line_buf_index
; i
++) {
2194 csum
+= s
->line_buf
[i
];
2196 if (s
->line_csum
!= (csum
& 0xff)) {
2198 put_buffer(s
, &reply
, 1);
2202 put_buffer(s
, &reply
, 1);
2203 s
->state
= gdb_handle_packet(s
, s
->line_buf
);
2212 #ifdef CONFIG_USER_ONLY
2218 s
= gdbserver_state
;
2220 if (gdbserver_fd
< 0 || s
->fd
< 0)
2227 gdb_handlesig (CPUState
*env
, int sig
)
2233 s
= gdbserver_state
;
2234 if (gdbserver_fd
< 0 || s
->fd
< 0)
2237 /* disable single step if it was enabled */
2238 cpu_single_step(env
, 0);
2243 snprintf(buf
, sizeof(buf
), "S%02x", target_signal_to_gdb (sig
));
2246 /* put_packet() might have detected that the peer terminated the
2253 s
->running_state
= 0;
2254 while (s
->running_state
== 0) {
2255 n
= read (s
->fd
, buf
, 256);
2260 for (i
= 0; i
< n
; i
++)
2261 gdb_read_byte (s
, buf
[i
]);
2263 else if (n
== 0 || errno
!= EAGAIN
)
2265 /* XXX: Connection closed. Should probably wait for annother
2266 connection before continuing. */
2275 /* Tell the remote gdb that the process has exited. */
2276 void gdb_exit(CPUState
*env
, int code
)
2281 s
= gdbserver_state
;
2282 if (gdbserver_fd
< 0 || s
->fd
< 0)
2285 snprintf(buf
, sizeof(buf
), "W%02x", code
);
2289 /* Tell the remote gdb that the process has exited due to SIG. */
2290 void gdb_signalled(CPUState
*env
, int sig
)
2295 s
= gdbserver_state
;
2296 if (gdbserver_fd
< 0 || s
->fd
< 0)
2299 snprintf(buf
, sizeof(buf
), "X%02x", target_signal_to_gdb (sig
));
2303 static void gdb_accept(void)
2306 struct sockaddr_in sockaddr
;
2311 len
= sizeof(sockaddr
);
2312 fd
= accept(gdbserver_fd
, (struct sockaddr
*)&sockaddr
, &len
);
2313 if (fd
< 0 && errno
!= EINTR
) {
2316 } else if (fd
>= 0) {
2321 /* set short latency */
2323 setsockopt(fd
, IPPROTO_TCP
, TCP_NODELAY
, (char *)&val
, sizeof(val
));
2325 s
= qemu_mallocz(sizeof(GDBState
));
2326 s
->c_cpu
= first_cpu
;
2327 s
->g_cpu
= first_cpu
;
2331 gdbserver_state
= s
;
2333 fcntl(fd
, F_SETFL
, O_NONBLOCK
);
2336 static int gdbserver_open(int port
)
2338 struct sockaddr_in sockaddr
;
2341 fd
= socket(PF_INET
, SOCK_STREAM
, 0);
2347 /* allow fast reuse */
2349 setsockopt(fd
, SOL_SOCKET
, SO_REUSEADDR
, (char *)&val
, sizeof(val
));
2351 sockaddr
.sin_family
= AF_INET
;
2352 sockaddr
.sin_port
= htons(port
);
2353 sockaddr
.sin_addr
.s_addr
= 0;
2354 ret
= bind(fd
, (struct sockaddr
*)&sockaddr
, sizeof(sockaddr
));
2359 ret
= listen(fd
, 0);
2367 int gdbserver_start(int port
)
2369 gdbserver_fd
= gdbserver_open(port
);
2370 if (gdbserver_fd
< 0)
2372 /* accept connections */
2377 /* Disable gdb stub for child processes. */
2378 void gdbserver_fork(CPUState
*env
)
2380 GDBState
*s
= gdbserver_state
;
2381 if (gdbserver_fd
< 0 || s
->fd
< 0)
2385 cpu_breakpoint_remove_all(env
, BP_GDB
);
2386 cpu_watchpoint_remove_all(env
, BP_GDB
);
2389 static int gdb_chr_can_receive(void *opaque
)
2391 /* We can handle an arbitrarily large amount of data.
2392 Pick the maximum packet size, which is as good as anything. */
2393 return MAX_PACKET_LENGTH
;
2396 static void gdb_chr_receive(void *opaque
, const uint8_t *buf
, int size
)
2400 for (i
= 0; i
< size
; i
++) {
2401 gdb_read_byte(gdbserver_state
, buf
[i
]);
2405 static void gdb_chr_event(void *opaque
, int event
)
2408 case CHR_EVENT_RESET
:
2409 vm_stop(EXCP_INTERRUPT
);
2417 static void gdb_monitor_output(GDBState
*s
, const char *msg
, int len
)
2419 char buf
[MAX_PACKET_LENGTH
];
2422 if (len
> (MAX_PACKET_LENGTH
/2) - 1)
2423 len
= (MAX_PACKET_LENGTH
/2) - 1;
2424 memtohex(buf
+ 1, (uint8_t *)msg
, len
);
2428 static int gdb_monitor_write(CharDriverState
*chr
, const uint8_t *buf
, int len
)
2430 const char *p
= (const char *)buf
;
2433 max_sz
= (sizeof(gdbserver_state
->last_packet
) - 2) / 2;
2435 if (len
<= max_sz
) {
2436 gdb_monitor_output(gdbserver_state
, p
, len
);
2439 gdb_monitor_output(gdbserver_state
, p
, max_sz
);
2447 static void gdb_sigterm_handler(int signal
)
2450 vm_stop(EXCP_INTERRUPT
);
2454 int gdbserver_start(const char *device
)
2457 char gdbstub_device_name
[128];
2458 CharDriverState
*chr
= NULL
;
2459 CharDriverState
*mon_chr
;
2463 if (strcmp(device
, "none") != 0) {
2464 if (strstart(device
, "tcp:", NULL
)) {
2465 /* enforce required TCP attributes */
2466 snprintf(gdbstub_device_name
, sizeof(gdbstub_device_name
),
2467 "%s,nowait,nodelay,server", device
);
2468 device
= gdbstub_device_name
;
2471 else if (strcmp(device
, "stdio") == 0) {
2472 struct sigaction act
;
2474 memset(&act
, 0, sizeof(act
));
2475 act
.sa_handler
= gdb_sigterm_handler
;
2476 sigaction(SIGINT
, &act
, NULL
);
2479 chr
= qemu_chr_open("gdb", device
, NULL
);
2483 qemu_chr_add_handlers(chr
, gdb_chr_can_receive
, gdb_chr_receive
,
2484 gdb_chr_event
, NULL
);
2487 s
= gdbserver_state
;
2489 s
= qemu_mallocz(sizeof(GDBState
));
2490 gdbserver_state
= s
;
2492 qemu_add_vm_change_state_handler(gdb_vm_state_change
, NULL
);
2494 /* Initialize a monitor terminal for gdb */
2495 mon_chr
= qemu_mallocz(sizeof(*mon_chr
));
2496 mon_chr
->chr_write
= gdb_monitor_write
;
2497 monitor_init(mon_chr
, 0);
2500 qemu_chr_close(s
->chr
);
2501 mon_chr
= s
->mon_chr
;
2502 memset(s
, 0, sizeof(GDBState
));
2504 s
->c_cpu
= first_cpu
;
2505 s
->g_cpu
= first_cpu
;
2507 s
->state
= chr
? RS_IDLE
: RS_INACTIVE
;
2508 s
->mon_chr
= mon_chr
;