Add ballooning infrastructure.
[qemu/qemu-JZ.git] / gdbstub.c
blob452b7d0ecdb26c1edbdc4966d9f5e4d58c786f8d
1 /*
2 * gdb server stub
4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
20 #include "config.h"
21 #include "qemu-common.h"
22 #ifdef CONFIG_USER_ONLY
23 #include <stdlib.h>
24 #include <stdio.h>
25 #include <stdarg.h>
26 #include <string.h>
27 #include <errno.h>
28 #include <unistd.h>
29 #include <fcntl.h>
31 #include "qemu.h"
32 #else
33 #include "qemu-char.h"
34 #include "sysemu.h"
35 #include "gdbstub.h"
36 #endif
38 #define MAX_PACKET_LENGTH 4096
40 #include "qemu_socket.h"
41 #ifdef _WIN32
42 /* XXX: these constants may be independent of the host ones even for Unix */
43 #ifndef SIGTRAP
44 #define SIGTRAP 5
45 #endif
46 #ifndef SIGINT
47 #define SIGINT 2
48 #endif
49 #else
50 #include <signal.h>
51 #endif
53 //#define DEBUG_GDB
55 typedef struct GDBRegisterState {
56 int base_reg;
57 int num_regs;
58 gdb_reg_cb get_reg;
59 gdb_reg_cb set_reg;
60 const char *xml;
61 struct GDBRegisterState *next;
62 } GDBRegisterState;
64 enum RSState {
65 RS_IDLE,
66 RS_GETLINE,
67 RS_CHKSUM1,
68 RS_CHKSUM2,
69 RS_SYSCALL,
71 typedef struct GDBState {
72 CPUState *c_cpu; /* current CPU for step/continue ops */
73 CPUState *g_cpu; /* current CPU for other ops */
74 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
75 enum RSState state; /* parsing state */
76 char line_buf[MAX_PACKET_LENGTH];
77 int line_buf_index;
78 int line_csum;
79 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
80 int last_packet_len;
81 int signal;
82 #ifdef CONFIG_USER_ONLY
83 int fd;
84 int running_state;
85 #else
86 CharDriverState *chr;
87 #endif
88 } GDBState;
90 /* By default use no IRQs and no timers while single stepping so as to
91 * make single stepping like an ICE HW step.
93 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
95 static GDBState *gdbserver_state;
97 /* This is an ugly hack to cope with both new and old gdb.
98 If gdb sends qXfer:features:read then assume we're talking to a newish
99 gdb that understands target descriptions. */
100 static int gdb_has_xml;
102 #ifdef CONFIG_USER_ONLY
103 /* XXX: This is not thread safe. Do we care? */
104 static int gdbserver_fd = -1;
106 static int get_char(GDBState *s)
108 uint8_t ch;
109 int ret;
111 for(;;) {
112 ret = recv(s->fd, &ch, 1, 0);
113 if (ret < 0) {
114 if (errno == ECONNRESET)
115 s->fd = -1;
116 if (errno != EINTR && errno != EAGAIN)
117 return -1;
118 } else if (ret == 0) {
119 close(s->fd);
120 s->fd = -1;
121 return -1;
122 } else {
123 break;
126 return ch;
128 #endif
130 static gdb_syscall_complete_cb gdb_current_syscall_cb;
132 enum {
133 GDB_SYS_UNKNOWN,
134 GDB_SYS_ENABLED,
135 GDB_SYS_DISABLED,
136 } gdb_syscall_mode;
138 /* If gdb is connected when the first semihosting syscall occurs then use
139 remote gdb syscalls. Otherwise use native file IO. */
140 int use_gdb_syscalls(void)
142 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
143 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
144 : GDB_SYS_DISABLED);
146 return gdb_syscall_mode == GDB_SYS_ENABLED;
149 /* Resume execution. */
150 static inline void gdb_continue(GDBState *s)
152 #ifdef CONFIG_USER_ONLY
153 s->running_state = 1;
154 #else
155 vm_start();
156 #endif
159 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
161 #ifdef CONFIG_USER_ONLY
162 int ret;
164 while (len > 0) {
165 ret = send(s->fd, buf, len, 0);
166 if (ret < 0) {
167 if (errno != EINTR && errno != EAGAIN)
168 return;
169 } else {
170 buf += ret;
171 len -= ret;
174 #else
175 qemu_chr_write(s->chr, buf, len);
176 #endif
179 static inline int fromhex(int v)
181 if (v >= '0' && v <= '9')
182 return v - '0';
183 else if (v >= 'A' && v <= 'F')
184 return v - 'A' + 10;
185 else if (v >= 'a' && v <= 'f')
186 return v - 'a' + 10;
187 else
188 return 0;
191 static inline int tohex(int v)
193 if (v < 10)
194 return v + '0';
195 else
196 return v - 10 + 'a';
199 static void memtohex(char *buf, const uint8_t *mem, int len)
201 int i, c;
202 char *q;
203 q = buf;
204 for(i = 0; i < len; i++) {
205 c = mem[i];
206 *q++ = tohex(c >> 4);
207 *q++ = tohex(c & 0xf);
209 *q = '\0';
212 static void hextomem(uint8_t *mem, const char *buf, int len)
214 int i;
216 for(i = 0; i < len; i++) {
217 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
218 buf += 2;
222 /* return -1 if error, 0 if OK */
223 static int put_packet_binary(GDBState *s, const char *buf, int len)
225 int csum, i;
226 uint8_t *p;
228 for(;;) {
229 p = s->last_packet;
230 *(p++) = '$';
231 memcpy(p, buf, len);
232 p += len;
233 csum = 0;
234 for(i = 0; i < len; i++) {
235 csum += buf[i];
237 *(p++) = '#';
238 *(p++) = tohex((csum >> 4) & 0xf);
239 *(p++) = tohex((csum) & 0xf);
241 s->last_packet_len = p - s->last_packet;
242 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
244 #ifdef CONFIG_USER_ONLY
245 i = get_char(s);
246 if (i < 0)
247 return -1;
248 if (i == '+')
249 break;
250 #else
251 break;
252 #endif
254 return 0;
257 /* return -1 if error, 0 if OK */
258 static int put_packet(GDBState *s, const char *buf)
260 #ifdef DEBUG_GDB
261 printf("reply='%s'\n", buf);
262 #endif
264 return put_packet_binary(s, buf, strlen(buf));
267 /* The GDB remote protocol transfers values in target byte order. This means
268 we can use the raw memory access routines to access the value buffer.
269 Conveniently, these also handle the case where the buffer is mis-aligned.
271 #define GET_REG8(val) do { \
272 stb_p(mem_buf, val); \
273 return 1; \
274 } while(0)
275 #define GET_REG16(val) do { \
276 stw_p(mem_buf, val); \
277 return 2; \
278 } while(0)
279 #define GET_REG32(val) do { \
280 stl_p(mem_buf, val); \
281 return 4; \
282 } while(0)
283 #define GET_REG64(val) do { \
284 stq_p(mem_buf, val); \
285 return 8; \
286 } while(0)
288 #if TARGET_LONG_BITS == 64
289 #define GET_REGL(val) GET_REG64(val)
290 #define ldtul_p(addr) ldq_p(addr)
291 #else
292 #define GET_REGL(val) GET_REG32(val)
293 #define ldtul_p(addr) ldl_p(addr)
294 #endif
296 #if defined(TARGET_I386)
298 #ifdef TARGET_X86_64
299 static const int gpr_map[16] = {
300 R_EAX, R_EBX, R_ECX, R_EDX, R_ESI, R_EDI, R_EBP, R_ESP,
301 8, 9, 10, 11, 12, 13, 14, 15
303 #else
304 static const int gpr_map[8] = {0, 1, 2, 3, 4, 5, 6, 7};
305 #endif
307 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
309 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
311 if (n < CPU_NB_REGS) {
312 GET_REGL(env->regs[gpr_map[n]]);
313 } else if (n >= CPU_NB_REGS + 8 && n < CPU_NB_REGS + 16) {
314 /* FIXME: byteswap float values. */
315 #ifdef USE_X86LDOUBLE
316 memcpy(mem_buf, &env->fpregs[n - (CPU_NB_REGS + 8)], 10);
317 #else
318 memset(mem_buf, 0, 10);
319 #endif
320 return 10;
321 } else if (n >= CPU_NB_REGS + 24) {
322 n -= CPU_NB_REGS + 24;
323 if (n < CPU_NB_REGS) {
324 stq_p(mem_buf, env->xmm_regs[n].XMM_Q(0));
325 stq_p(mem_buf + 8, env->xmm_regs[n].XMM_Q(1));
326 return 16;
327 } else if (n == CPU_NB_REGS) {
328 GET_REG32(env->mxcsr);
330 } else {
331 n -= CPU_NB_REGS;
332 switch (n) {
333 case 0: GET_REGL(env->eip);
334 case 1: GET_REG32(env->eflags);
335 case 2: GET_REG32(env->segs[R_CS].selector);
336 case 3: GET_REG32(env->segs[R_SS].selector);
337 case 4: GET_REG32(env->segs[R_DS].selector);
338 case 5: GET_REG32(env->segs[R_ES].selector);
339 case 6: GET_REG32(env->segs[R_FS].selector);
340 case 7: GET_REG32(env->segs[R_GS].selector);
341 /* 8...15 x87 regs. */
342 case 16: GET_REG32(env->fpuc);
343 case 17: GET_REG32((env->fpus & ~0x3800) | (env->fpstt & 0x7) << 11);
344 case 18: GET_REG32(0); /* ftag */
345 case 19: GET_REG32(0); /* fiseg */
346 case 20: GET_REG32(0); /* fioff */
347 case 21: GET_REG32(0); /* foseg */
348 case 22: GET_REG32(0); /* fooff */
349 case 23: GET_REG32(0); /* fop */
350 /* 24+ xmm regs. */
353 return 0;
356 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int i)
358 uint32_t tmp;
360 if (i < CPU_NB_REGS) {
361 env->regs[gpr_map[i]] = ldtul_p(mem_buf);
362 return sizeof(target_ulong);
363 } else if (i >= CPU_NB_REGS + 8 && i < CPU_NB_REGS + 16) {
364 i -= CPU_NB_REGS + 8;
365 #ifdef USE_X86LDOUBLE
366 memcpy(&env->fpregs[i], mem_buf, 10);
367 #endif
368 return 10;
369 } else if (i >= CPU_NB_REGS + 24) {
370 i -= CPU_NB_REGS + 24;
371 if (i < CPU_NB_REGS) {
372 env->xmm_regs[i].XMM_Q(0) = ldq_p(mem_buf);
373 env->xmm_regs[i].XMM_Q(1) = ldq_p(mem_buf + 8);
374 return 16;
375 } else if (i == CPU_NB_REGS) {
376 env->mxcsr = ldl_p(mem_buf);
377 return 4;
379 } else {
380 i -= CPU_NB_REGS;
381 switch (i) {
382 case 0: env->eip = ldtul_p(mem_buf); return sizeof(target_ulong);
383 case 1: env->eflags = ldl_p(mem_buf); return 4;
384 #if defined(CONFIG_USER_ONLY)
385 #define LOAD_SEG(index, sreg)\
386 tmp = ldl_p(mem_buf);\
387 if (tmp != env->segs[sreg].selector)\
388 cpu_x86_load_seg(env, sreg, tmp);
389 #else
390 /* FIXME: Honor segment registers. Needs to avoid raising an exception
391 when the selector is invalid. */
392 #define LOAD_SEG(index, sreg) do {} while(0)
393 #endif
394 case 2: LOAD_SEG(10, R_CS); return 4;
395 case 3: LOAD_SEG(11, R_SS); return 4;
396 case 4: LOAD_SEG(12, R_DS); return 4;
397 case 5: LOAD_SEG(13, R_ES); return 4;
398 case 6: LOAD_SEG(14, R_FS); return 4;
399 case 7: LOAD_SEG(15, R_GS); return 4;
400 /* 8...15 x87 regs. */
401 case 16: env->fpuc = ldl_p(mem_buf); return 4;
402 case 17:
403 tmp = ldl_p(mem_buf);
404 env->fpstt = (tmp >> 11) & 7;
405 env->fpus = tmp & ~0x3800;
406 return 4;
407 case 18: /* ftag */ return 4;
408 case 19: /* fiseg */ return 4;
409 case 20: /* fioff */ return 4;
410 case 21: /* foseg */ return 4;
411 case 22: /* fooff */ return 4;
412 case 23: /* fop */ return 4;
413 /* 24+ xmm regs. */
416 /* Unrecognised register. */
417 return 0;
420 #elif defined (TARGET_PPC)
422 #define NUM_CORE_REGS 71
424 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
426 if (n < 32) {
427 /* gprs */
428 GET_REGL(env->gpr[n]);
429 } else if (n < 64) {
430 /* fprs */
431 stfq_p(mem_buf, env->fpr[n-32]);
432 return 8;
433 } else {
434 switch (n) {
435 case 64: GET_REGL(env->nip);
436 case 65: GET_REGL(env->msr);
437 case 66:
439 uint32_t cr = 0;
440 int i;
441 for (i = 0; i < 8; i++)
442 cr |= env->crf[i] << (32 - ((i + 1) * 4));
443 GET_REG32(cr);
445 case 67: GET_REGL(env->lr);
446 case 68: GET_REGL(env->ctr);
447 case 69: GET_REGL(env->xer);
448 case 70: GET_REG32(0); /* fpscr */
451 return 0;
454 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
456 if (n < 32) {
457 /* gprs */
458 env->gpr[n] = ldtul_p(mem_buf);
459 return sizeof(target_ulong);
460 } else if (n < 64) {
461 /* fprs */
462 env->fpr[n-32] = ldfq_p(mem_buf);
463 return 8;
464 } else {
465 switch (n) {
466 case 64:
467 env->nip = ldtul_p(mem_buf);
468 return sizeof(target_ulong);
469 case 65:
470 ppc_store_msr(env, ldtul_p(mem_buf));
471 return sizeof(target_ulong);
472 case 66:
474 uint32_t cr = ldl_p(mem_buf);
475 int i;
476 for (i = 0; i < 8; i++)
477 env->crf[i] = (cr >> (32 - ((i + 1) * 4))) & 0xF;
478 return 4;
480 case 67:
481 env->lr = ldtul_p(mem_buf);
482 return sizeof(target_ulong);
483 case 68:
484 env->ctr = ldtul_p(mem_buf);
485 return sizeof(target_ulong);
486 case 69:
487 env->xer = ldtul_p(mem_buf);
488 return sizeof(target_ulong);
489 case 70:
490 /* fpscr */
491 return 4;
494 return 0;
497 #elif defined (TARGET_SPARC)
499 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
500 #define NUM_CORE_REGS 86
501 #else
502 #define NUM_CORE_REGS 73
503 #endif
505 #ifdef TARGET_ABI32
506 #define GET_REGA(val) GET_REG32(val)
507 #else
508 #define GET_REGA(val) GET_REGL(val)
509 #endif
511 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
513 if (n < 8) {
514 /* g0..g7 */
515 GET_REGA(env->gregs[n]);
517 if (n < 32) {
518 /* register window */
519 GET_REGA(env->regwptr[n - 8]);
521 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
522 if (n < 64) {
523 /* fprs */
524 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
526 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
527 switch (n) {
528 case 64: GET_REGA(env->y);
529 case 65: GET_REGA(GET_PSR(env));
530 case 66: GET_REGA(env->wim);
531 case 67: GET_REGA(env->tbr);
532 case 68: GET_REGA(env->pc);
533 case 69: GET_REGA(env->npc);
534 case 70: GET_REGA(env->fsr);
535 case 71: GET_REGA(0); /* csr */
536 case 72: GET_REGA(0);
538 #else
539 if (n < 64) {
540 /* f0-f31 */
541 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
543 if (n < 80) {
544 /* f32-f62 (double width, even numbers only) */
545 uint64_t val;
547 val = (uint64_t)*((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) << 32;
548 val |= *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]);
549 GET_REG64(val);
551 switch (n) {
552 case 80: GET_REGL(env->pc);
553 case 81: GET_REGL(env->npc);
554 case 82: GET_REGL(((uint64_t)GET_CCR(env) << 32) |
555 ((env->asi & 0xff) << 24) |
556 ((env->pstate & 0xfff) << 8) |
557 GET_CWP64(env));
558 case 83: GET_REGL(env->fsr);
559 case 84: GET_REGL(env->fprs);
560 case 85: GET_REGL(env->y);
562 #endif
563 return 0;
566 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
568 #if defined(TARGET_ABI32)
569 abi_ulong tmp;
571 tmp = ldl_p(mem_buf);
572 #else
573 target_ulong tmp;
575 tmp = ldtul_p(mem_buf);
576 #endif
578 if (n < 8) {
579 /* g0..g7 */
580 env->gregs[n] = tmp;
581 } else if (n < 32) {
582 /* register window */
583 env->regwptr[n - 8] = tmp;
585 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
586 else if (n < 64) {
587 /* fprs */
588 *((uint32_t *)&env->fpr[n - 32]) = tmp;
589 } else {
590 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
591 switch (n) {
592 case 64: env->y = tmp; break;
593 case 65: PUT_PSR(env, tmp); break;
594 case 66: env->wim = tmp; break;
595 case 67: env->tbr = tmp; break;
596 case 68: env->pc = tmp; break;
597 case 69: env->npc = tmp; break;
598 case 70: env->fsr = tmp; break;
599 default: return 0;
602 return 4;
603 #else
604 else if (n < 64) {
605 /* f0-f31 */
606 env->fpr[n] = ldfl_p(mem_buf);
607 return 4;
608 } else if (n < 80) {
609 /* f32-f62 (double width, even numbers only) */
610 *((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) = tmp >> 32;
611 *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]) = tmp;
612 } else {
613 switch (n) {
614 case 80: env->pc = tmp; break;
615 case 81: env->npc = tmp; break;
616 case 82:
617 PUT_CCR(env, tmp >> 32);
618 env->asi = (tmp >> 24) & 0xff;
619 env->pstate = (tmp >> 8) & 0xfff;
620 PUT_CWP64(env, tmp & 0xff);
621 break;
622 case 83: env->fsr = tmp; break;
623 case 84: env->fprs = tmp; break;
624 case 85: env->y = tmp; break;
625 default: return 0;
628 return 8;
629 #endif
631 #elif defined (TARGET_ARM)
633 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
634 whatever the target description contains. Due to a historical mishap
635 the FPA registers appear in between core integer regs and the CPSR.
636 We hack round this by giving the FPA regs zero size when talking to a
637 newer gdb. */
638 #define NUM_CORE_REGS 26
639 #define GDB_CORE_XML "arm-core.xml"
641 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
643 if (n < 16) {
644 /* Core integer register. */
645 GET_REG32(env->regs[n]);
647 if (n < 24) {
648 /* FPA registers. */
649 if (gdb_has_xml)
650 return 0;
651 memset(mem_buf, 0, 12);
652 return 12;
654 switch (n) {
655 case 24:
656 /* FPA status register. */
657 if (gdb_has_xml)
658 return 0;
659 GET_REG32(0);
660 case 25:
661 /* CPSR */
662 GET_REG32(cpsr_read(env));
664 /* Unknown register. */
665 return 0;
668 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
670 uint32_t tmp;
672 tmp = ldl_p(mem_buf);
674 /* Mask out low bit of PC to workaround gdb bugs. This will probably
675 cause problems if we ever implement the Jazelle DBX extensions. */
676 if (n == 15)
677 tmp &= ~1;
679 if (n < 16) {
680 /* Core integer register. */
681 env->regs[n] = tmp;
682 return 4;
684 if (n < 24) { /* 16-23 */
685 /* FPA registers (ignored). */
686 if (gdb_has_xml)
687 return 0;
688 return 12;
690 switch (n) {
691 case 24:
692 /* FPA status register (ignored). */
693 if (gdb_has_xml)
694 return 0;
695 return 4;
696 case 25:
697 /* CPSR */
698 cpsr_write (env, tmp, 0xffffffff);
699 return 4;
701 /* Unknown register. */
702 return 0;
705 #elif defined (TARGET_M68K)
707 #define NUM_CORE_REGS 18
709 #define GDB_CORE_XML "cf-core.xml"
711 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
713 if (n < 8) {
714 /* D0-D7 */
715 GET_REG32(env->dregs[n]);
716 } else if (n < 16) {
717 /* A0-A7 */
718 GET_REG32(env->aregs[n - 8]);
719 } else {
720 switch (n) {
721 case 16: GET_REG32(env->sr);
722 case 17: GET_REG32(env->pc);
725 /* FP registers not included here because they vary between
726 ColdFire and m68k. Use XML bits for these. */
727 return 0;
730 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
732 uint32_t tmp;
734 tmp = ldl_p(mem_buf);
736 if (n < 8) {
737 /* D0-D7 */
738 env->dregs[n] = tmp;
739 } else if (n < 8) {
740 /* A0-A7 */
741 env->aregs[n - 8] = tmp;
742 } else {
743 switch (n) {
744 case 16: env->sr = tmp; break;
745 case 17: env->pc = tmp; break;
746 default: return 0;
749 return 4;
751 #elif defined (TARGET_MIPS)
753 #define NUM_CORE_REGS 73
755 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
757 if (n < 32) {
758 GET_REGL(env->active_tc.gpr[n]);
760 if (env->CP0_Config1 & (1 << CP0C1_FP)) {
761 if (n >= 38 && n < 70) {
762 if (env->CP0_Status & (1 << CP0St_FR))
763 GET_REGL(env->active_fpu.fpr[n - 38].d);
764 else
765 GET_REGL(env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX]);
767 switch (n) {
768 case 70: GET_REGL((int32_t)env->active_fpu.fcr31);
769 case 71: GET_REGL((int32_t)env->active_fpu.fcr0);
772 switch (n) {
773 case 32: GET_REGL((int32_t)env->CP0_Status);
774 case 33: GET_REGL(env->active_tc.LO[0]);
775 case 34: GET_REGL(env->active_tc.HI[0]);
776 case 35: GET_REGL(env->CP0_BadVAddr);
777 case 36: GET_REGL((int32_t)env->CP0_Cause);
778 case 37: GET_REGL(env->active_tc.PC);
779 case 72: GET_REGL(0); /* fp */
780 case 89: GET_REGL((int32_t)env->CP0_PRid);
782 if (n >= 73 && n <= 88) {
783 /* 16 embedded regs. */
784 GET_REGL(0);
787 return 0;
790 /* convert MIPS rounding mode in FCR31 to IEEE library */
791 static unsigned int ieee_rm[] =
793 float_round_nearest_even,
794 float_round_to_zero,
795 float_round_up,
796 float_round_down
798 #define RESTORE_ROUNDING_MODE \
799 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
801 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
803 target_ulong tmp;
805 tmp = ldtul_p(mem_buf);
807 if (n < 32) {
808 env->active_tc.gpr[n] = tmp;
809 return sizeof(target_ulong);
811 if (env->CP0_Config1 & (1 << CP0C1_FP)
812 && n >= 38 && n < 73) {
813 if (n < 70) {
814 if (env->CP0_Status & (1 << CP0St_FR))
815 env->active_fpu.fpr[n - 38].d = tmp;
816 else
817 env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX] = tmp;
819 switch (n) {
820 case 70:
821 env->active_fpu.fcr31 = tmp & 0xFF83FFFF;
822 /* set rounding mode */
823 RESTORE_ROUNDING_MODE;
824 #ifndef CONFIG_SOFTFLOAT
825 /* no floating point exception for native float */
826 SET_FP_ENABLE(env->active_fpu.fcr31, 0);
827 #endif
828 break;
829 case 71: env->active_fpu.fcr0 = tmp; break;
831 return sizeof(target_ulong);
833 switch (n) {
834 case 32: env->CP0_Status = tmp; break;
835 case 33: env->active_tc.LO[0] = tmp; break;
836 case 34: env->active_tc.HI[0] = tmp; break;
837 case 35: env->CP0_BadVAddr = tmp; break;
838 case 36: env->CP0_Cause = tmp; break;
839 case 37: env->active_tc.PC = tmp; break;
840 case 72: /* fp, ignored */ break;
841 default:
842 if (n > 89)
843 return 0;
844 /* Other registers are readonly. Ignore writes. */
845 break;
848 return sizeof(target_ulong);
850 #elif defined (TARGET_SH4)
852 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
853 /* FIXME: We should use XML for this. */
855 #define NUM_CORE_REGS 59
857 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
859 if (n < 8) {
860 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
861 GET_REGL(env->gregs[n + 16]);
862 } else {
863 GET_REGL(env->gregs[n]);
865 } else if (n < 16) {
866 GET_REGL(env->gregs[n - 8]);
867 } else if (n >= 25 && n < 41) {
868 GET_REGL(env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)]);
869 } else if (n >= 43 && n < 51) {
870 GET_REGL(env->gregs[n - 43]);
871 } else if (n >= 51 && n < 59) {
872 GET_REGL(env->gregs[n - (51 - 16)]);
874 switch (n) {
875 case 16: GET_REGL(env->pc);
876 case 17: GET_REGL(env->pr);
877 case 18: GET_REGL(env->gbr);
878 case 19: GET_REGL(env->vbr);
879 case 20: GET_REGL(env->mach);
880 case 21: GET_REGL(env->macl);
881 case 22: GET_REGL(env->sr);
882 case 23: GET_REGL(env->fpul);
883 case 24: GET_REGL(env->fpscr);
884 case 41: GET_REGL(env->ssr);
885 case 42: GET_REGL(env->spc);
888 return 0;
891 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
893 uint32_t tmp;
895 tmp = ldl_p(mem_buf);
897 if (n < 8) {
898 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
899 env->gregs[n + 16] = tmp;
900 } else {
901 env->gregs[n] = tmp;
903 return 4;
904 } else if (n < 16) {
905 env->gregs[n - 8] = tmp;
906 return 4;
907 } else if (n >= 25 && n < 41) {
908 env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)] = tmp;
909 } else if (n >= 43 && n < 51) {
910 env->gregs[n - 43] = tmp;
911 return 4;
912 } else if (n >= 51 && n < 59) {
913 env->gregs[n - (51 - 16)] = tmp;
914 return 4;
916 switch (n) {
917 case 16: env->pc = tmp;
918 case 17: env->pr = tmp;
919 case 18: env->gbr = tmp;
920 case 19: env->vbr = tmp;
921 case 20: env->mach = tmp;
922 case 21: env->macl = tmp;
923 case 22: env->sr = tmp;
924 case 23: env->fpul = tmp;
925 case 24: env->fpscr = tmp;
926 case 41: env->ssr = tmp;
927 case 42: env->spc = tmp;
928 default: return 0;
931 return 4;
933 #elif defined (TARGET_CRIS)
935 #define NUM_CORE_REGS 49
937 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
939 uint8_t srs;
941 srs = env->pregs[PR_SRS];
942 if (n < 16) {
943 GET_REG32(env->regs[n]);
946 if (n >= 21 && n < 32) {
947 GET_REG32(env->pregs[n - 16]);
949 if (n >= 33 && n < 49) {
950 GET_REG32(env->sregs[srs][n - 33]);
952 switch (n) {
953 case 16: GET_REG8(env->pregs[0]);
954 case 17: GET_REG8(env->pregs[1]);
955 case 18: GET_REG32(env->pregs[2]);
956 case 19: GET_REG8(srs);
957 case 20: GET_REG16(env->pregs[4]);
958 case 32: GET_REG32(env->pc);
961 return 0;
964 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
966 uint32_t tmp;
968 if (n > 49)
969 return 0;
971 tmp = ldl_p(mem_buf);
973 if (n < 16) {
974 env->regs[n] = tmp;
977 if (n >= 21 && n < 32) {
978 env->pregs[n - 16] = tmp;
981 /* FIXME: Should support function regs be writable? */
982 switch (n) {
983 case 16: return 1;
984 case 17: return 1;
985 case 18: env->pregs[PR_PID] = tmp; break;
986 case 19: return 1;
987 case 20: return 2;
988 case 32: env->pc = tmp; break;
991 return 4;
993 #else
995 #define NUM_CORE_REGS 0
997 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
999 return 0;
1002 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1004 return 0;
1007 #endif
1009 static int num_g_regs = NUM_CORE_REGS;
1011 #ifdef GDB_CORE_XML
1012 /* Encode data using the encoding for 'x' packets. */
1013 static int memtox(char *buf, const char *mem, int len)
1015 char *p = buf;
1016 char c;
1018 while (len--) {
1019 c = *(mem++);
1020 switch (c) {
1021 case '#': case '$': case '*': case '}':
1022 *(p++) = '}';
1023 *(p++) = c ^ 0x20;
1024 break;
1025 default:
1026 *(p++) = c;
1027 break;
1030 return p - buf;
1033 const char *get_feature_xml(const char *p, const char **newp)
1035 extern const char *const xml_builtin[][2];
1036 size_t len;
1037 int i;
1038 const char *name;
1039 static char target_xml[1024];
1041 len = 0;
1042 while (p[len] && p[len] != ':')
1043 len++;
1044 *newp = p + len;
1046 name = NULL;
1047 if (strncmp(p, "target.xml", len) == 0) {
1048 /* Generate the XML description for this CPU. */
1049 if (!target_xml[0]) {
1050 GDBRegisterState *r;
1052 snprintf(target_xml, sizeof(target_xml),
1053 "<?xml version=\"1.0\"?>"
1054 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1055 "<target>"
1056 "<xi:include href=\"%s\"/>",
1057 GDB_CORE_XML);
1059 for (r = first_cpu->gdb_regs; r; r = r->next) {
1060 strcat(target_xml, "<xi:include href=\"");
1061 strcat(target_xml, r->xml);
1062 strcat(target_xml, "\"/>");
1064 strcat(target_xml, "</target>");
1066 return target_xml;
1068 for (i = 0; ; i++) {
1069 name = xml_builtin[i][0];
1070 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
1071 break;
1073 return name ? xml_builtin[i][1] : NULL;
1075 #endif
1077 static int gdb_read_register(CPUState *env, uint8_t *mem_buf, int reg)
1079 GDBRegisterState *r;
1081 if (reg < NUM_CORE_REGS)
1082 return cpu_gdb_read_register(env, mem_buf, reg);
1084 for (r = env->gdb_regs; r; r = r->next) {
1085 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1086 return r->get_reg(env, mem_buf, reg - r->base_reg);
1089 return 0;
1092 static int gdb_write_register(CPUState *env, uint8_t *mem_buf, int reg)
1094 GDBRegisterState *r;
1096 if (reg < NUM_CORE_REGS)
1097 return cpu_gdb_write_register(env, mem_buf, reg);
1099 for (r = env->gdb_regs; r; r = r->next) {
1100 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1101 return r->set_reg(env, mem_buf, reg - r->base_reg);
1104 return 0;
1107 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1108 specifies the first register number and these registers are included in
1109 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1110 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1113 void gdb_register_coprocessor(CPUState * env,
1114 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
1115 int num_regs, const char *xml, int g_pos)
1117 GDBRegisterState *s;
1118 GDBRegisterState **p;
1119 static int last_reg = NUM_CORE_REGS;
1121 s = (GDBRegisterState *)qemu_mallocz(sizeof(GDBRegisterState));
1122 s->base_reg = last_reg;
1123 s->num_regs = num_regs;
1124 s->get_reg = get_reg;
1125 s->set_reg = set_reg;
1126 s->xml = xml;
1127 p = &env->gdb_regs;
1128 while (*p) {
1129 /* Check for duplicates. */
1130 if (strcmp((*p)->xml, xml) == 0)
1131 return;
1132 p = &(*p)->next;
1134 /* Add to end of list. */
1135 last_reg += num_regs;
1136 *p = s;
1137 if (g_pos) {
1138 if (g_pos != s->base_reg) {
1139 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
1140 "Expected %d got %d\n", xml, g_pos, s->base_reg);
1141 } else {
1142 num_g_regs = last_reg;
1147 /* GDB breakpoint/watchpoint types */
1148 #define GDB_BREAKPOINT_SW 0
1149 #define GDB_BREAKPOINT_HW 1
1150 #define GDB_WATCHPOINT_WRITE 2
1151 #define GDB_WATCHPOINT_READ 3
1152 #define GDB_WATCHPOINT_ACCESS 4
1154 #ifndef CONFIG_USER_ONLY
1155 static const int xlat_gdb_type[] = {
1156 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1157 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1158 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1160 #endif
1162 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
1164 CPUState *env;
1165 int err = 0;
1167 switch (type) {
1168 case GDB_BREAKPOINT_SW:
1169 case GDB_BREAKPOINT_HW:
1170 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1171 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
1172 if (err)
1173 break;
1175 return err;
1176 #ifndef CONFIG_USER_ONLY
1177 case GDB_WATCHPOINT_WRITE:
1178 case GDB_WATCHPOINT_READ:
1179 case GDB_WATCHPOINT_ACCESS:
1180 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1181 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
1182 NULL);
1183 if (err)
1184 break;
1186 return err;
1187 #endif
1188 default:
1189 return -ENOSYS;
1193 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
1195 CPUState *env;
1196 int err = 0;
1198 switch (type) {
1199 case GDB_BREAKPOINT_SW:
1200 case GDB_BREAKPOINT_HW:
1201 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1202 err = cpu_breakpoint_remove(env, addr, BP_GDB);
1203 if (err)
1204 break;
1206 return err;
1207 #ifndef CONFIG_USER_ONLY
1208 case GDB_WATCHPOINT_WRITE:
1209 case GDB_WATCHPOINT_READ:
1210 case GDB_WATCHPOINT_ACCESS:
1211 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1212 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
1213 if (err)
1214 break;
1216 return err;
1217 #endif
1218 default:
1219 return -ENOSYS;
1223 static void gdb_breakpoint_remove_all(void)
1225 CPUState *env;
1227 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1228 cpu_breakpoint_remove_all(env, BP_GDB);
1229 #ifndef CONFIG_USER_ONLY
1230 cpu_watchpoint_remove_all(env, BP_GDB);
1231 #endif
1235 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1237 CPUState *env;
1238 const char *p;
1239 int ch, reg_size, type, res, thread;
1240 char buf[MAX_PACKET_LENGTH];
1241 uint8_t mem_buf[MAX_PACKET_LENGTH];
1242 uint8_t *registers;
1243 target_ulong addr, len;
1245 #ifdef DEBUG_GDB
1246 printf("command='%s'\n", line_buf);
1247 #endif
1248 p = line_buf;
1249 ch = *p++;
1250 switch(ch) {
1251 case '?':
1252 /* TODO: Make this return the correct value for user-mode. */
1253 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", SIGTRAP,
1254 s->c_cpu->cpu_index+1);
1255 put_packet(s, buf);
1256 /* Remove all the breakpoints when this query is issued,
1257 * because gdb is doing and initial connect and the state
1258 * should be cleaned up.
1260 gdb_breakpoint_remove_all();
1261 break;
1262 case 'c':
1263 if (*p != '\0') {
1264 addr = strtoull(p, (char **)&p, 16);
1265 #if defined(TARGET_I386)
1266 s->c_cpu->eip = addr;
1267 #elif defined (TARGET_PPC)
1268 s->c_cpu->nip = addr;
1269 #elif defined (TARGET_SPARC)
1270 s->c_cpu->pc = addr;
1271 s->c_cpu->npc = addr + 4;
1272 #elif defined (TARGET_ARM)
1273 s->c_cpu->regs[15] = addr;
1274 #elif defined (TARGET_SH4)
1275 s->c_cpu->pc = addr;
1276 #elif defined (TARGET_MIPS)
1277 s->c_cpu->active_tc.PC = addr;
1278 #elif defined (TARGET_CRIS)
1279 s->c_cpu->pc = addr;
1280 #endif
1282 gdb_continue(s);
1283 return RS_IDLE;
1284 case 'C':
1285 s->signal = strtoul(p, (char **)&p, 16);
1286 gdb_continue(s);
1287 return RS_IDLE;
1288 case 'k':
1289 /* Kill the target */
1290 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
1291 exit(0);
1292 case 'D':
1293 /* Detach packet */
1294 gdb_breakpoint_remove_all();
1295 gdb_continue(s);
1296 put_packet(s, "OK");
1297 break;
1298 case 's':
1299 if (*p != '\0') {
1300 addr = strtoull(p, (char **)&p, 16);
1301 #if defined(TARGET_I386)
1302 s->c_cpu->eip = addr;
1303 #elif defined (TARGET_PPC)
1304 s->c_cpu->nip = addr;
1305 #elif defined (TARGET_SPARC)
1306 s->c_cpu->pc = addr;
1307 s->c_cpu->npc = addr + 4;
1308 #elif defined (TARGET_ARM)
1309 s->c_cpu->regs[15] = addr;
1310 #elif defined (TARGET_SH4)
1311 s->c_cpu->pc = addr;
1312 #elif defined (TARGET_MIPS)
1313 s->c_cpu->active_tc.PC = addr;
1314 #elif defined (TARGET_CRIS)
1315 s->c_cpu->pc = addr;
1316 #endif
1318 cpu_single_step(s->c_cpu, sstep_flags);
1319 gdb_continue(s);
1320 return RS_IDLE;
1321 case 'F':
1323 target_ulong ret;
1324 target_ulong err;
1326 ret = strtoull(p, (char **)&p, 16);
1327 if (*p == ',') {
1328 p++;
1329 err = strtoull(p, (char **)&p, 16);
1330 } else {
1331 err = 0;
1333 if (*p == ',')
1334 p++;
1335 type = *p;
1336 if (gdb_current_syscall_cb)
1337 gdb_current_syscall_cb(s->c_cpu, ret, err);
1338 if (type == 'C') {
1339 put_packet(s, "T02");
1340 } else {
1341 gdb_continue(s);
1344 break;
1345 case 'g':
1346 len = 0;
1347 for (addr = 0; addr < num_g_regs; addr++) {
1348 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1349 len += reg_size;
1351 memtohex(buf, mem_buf, len);
1352 put_packet(s, buf);
1353 break;
1354 case 'G':
1355 registers = mem_buf;
1356 len = strlen(p) / 2;
1357 hextomem((uint8_t *)registers, p, len);
1358 for (addr = 0; addr < num_g_regs && len > 0; addr++) {
1359 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1360 len -= reg_size;
1361 registers += reg_size;
1363 put_packet(s, "OK");
1364 break;
1365 case 'm':
1366 addr = strtoull(p, (char **)&p, 16);
1367 if (*p == ',')
1368 p++;
1369 len = strtoull(p, NULL, 16);
1370 if (cpu_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 0) != 0) {
1371 put_packet (s, "E14");
1372 } else {
1373 memtohex(buf, mem_buf, len);
1374 put_packet(s, buf);
1376 break;
1377 case 'M':
1378 addr = strtoull(p, (char **)&p, 16);
1379 if (*p == ',')
1380 p++;
1381 len = strtoull(p, (char **)&p, 16);
1382 if (*p == ':')
1383 p++;
1384 hextomem(mem_buf, p, len);
1385 if (cpu_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 1) != 0)
1386 put_packet(s, "E14");
1387 else
1388 put_packet(s, "OK");
1389 break;
1390 case 'p':
1391 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1392 This works, but can be very slow. Anything new enough to
1393 understand XML also knows how to use this properly. */
1394 if (!gdb_has_xml)
1395 goto unknown_command;
1396 addr = strtoull(p, (char **)&p, 16);
1397 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1398 if (reg_size) {
1399 memtohex(buf, mem_buf, reg_size);
1400 put_packet(s, buf);
1401 } else {
1402 put_packet(s, "E14");
1404 break;
1405 case 'P':
1406 if (!gdb_has_xml)
1407 goto unknown_command;
1408 addr = strtoull(p, (char **)&p, 16);
1409 if (*p == '=')
1410 p++;
1411 reg_size = strlen(p) / 2;
1412 hextomem(mem_buf, p, reg_size);
1413 gdb_write_register(s->g_cpu, mem_buf, addr);
1414 put_packet(s, "OK");
1415 break;
1416 case 'Z':
1417 case 'z':
1418 type = strtoul(p, (char **)&p, 16);
1419 if (*p == ',')
1420 p++;
1421 addr = strtoull(p, (char **)&p, 16);
1422 if (*p == ',')
1423 p++;
1424 len = strtoull(p, (char **)&p, 16);
1425 if (ch == 'Z')
1426 res = gdb_breakpoint_insert(addr, len, type);
1427 else
1428 res = gdb_breakpoint_remove(addr, len, type);
1429 if (res >= 0)
1430 put_packet(s, "OK");
1431 else if (res == -ENOSYS)
1432 put_packet(s, "");
1433 else
1434 put_packet(s, "E22");
1435 break;
1436 case 'H':
1437 type = *p++;
1438 thread = strtoull(p, (char **)&p, 16);
1439 if (thread == -1 || thread == 0) {
1440 put_packet(s, "OK");
1441 break;
1443 for (env = first_cpu; env != NULL; env = env->next_cpu)
1444 if (env->cpu_index + 1 == thread)
1445 break;
1446 if (env == NULL) {
1447 put_packet(s, "E22");
1448 break;
1450 switch (type) {
1451 case 'c':
1452 s->c_cpu = env;
1453 put_packet(s, "OK");
1454 break;
1455 case 'g':
1456 s->g_cpu = env;
1457 put_packet(s, "OK");
1458 break;
1459 default:
1460 put_packet(s, "E22");
1461 break;
1463 break;
1464 case 'T':
1465 thread = strtoull(p, (char **)&p, 16);
1466 #ifndef CONFIG_USER_ONLY
1467 if (thread > 0 && thread < smp_cpus + 1)
1468 #else
1469 if (thread == 1)
1470 #endif
1471 put_packet(s, "OK");
1472 else
1473 put_packet(s, "E22");
1474 break;
1475 case 'q':
1476 case 'Q':
1477 /* parse any 'q' packets here */
1478 if (!strcmp(p,"qemu.sstepbits")) {
1479 /* Query Breakpoint bit definitions */
1480 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1481 SSTEP_ENABLE,
1482 SSTEP_NOIRQ,
1483 SSTEP_NOTIMER);
1484 put_packet(s, buf);
1485 break;
1486 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1487 /* Display or change the sstep_flags */
1488 p += 10;
1489 if (*p != '=') {
1490 /* Display current setting */
1491 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1492 put_packet(s, buf);
1493 break;
1495 p++;
1496 type = strtoul(p, (char **)&p, 16);
1497 sstep_flags = type;
1498 put_packet(s, "OK");
1499 break;
1500 } else if (strcmp(p,"C") == 0) {
1501 /* "Current thread" remains vague in the spec, so always return
1502 * the first CPU (gdb returns the first thread). */
1503 put_packet(s, "QC1");
1504 break;
1505 } else if (strcmp(p,"fThreadInfo") == 0) {
1506 s->query_cpu = first_cpu;
1507 goto report_cpuinfo;
1508 } else if (strcmp(p,"sThreadInfo") == 0) {
1509 report_cpuinfo:
1510 if (s->query_cpu) {
1511 snprintf(buf, sizeof(buf), "m%x", s->query_cpu->cpu_index+1);
1512 put_packet(s, buf);
1513 s->query_cpu = s->query_cpu->next_cpu;
1514 } else
1515 put_packet(s, "l");
1516 break;
1517 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1518 thread = strtoull(p+16, (char **)&p, 16);
1519 for (env = first_cpu; env != NULL; env = env->next_cpu)
1520 if (env->cpu_index + 1 == thread) {
1521 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1522 "CPU#%d [%s]", env->cpu_index,
1523 env->halted ? "halted " : "running");
1524 memtohex(buf, mem_buf, len);
1525 put_packet(s, buf);
1526 break;
1528 break;
1530 #ifdef CONFIG_LINUX_USER
1531 else if (strncmp(p, "Offsets", 7) == 0) {
1532 TaskState *ts = s->c_cpu->opaque;
1534 snprintf(buf, sizeof(buf),
1535 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1536 ";Bss=" TARGET_ABI_FMT_lx,
1537 ts->info->code_offset,
1538 ts->info->data_offset,
1539 ts->info->data_offset);
1540 put_packet(s, buf);
1541 break;
1543 #endif
1544 if (strncmp(p, "Supported", 9) == 0) {
1545 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1546 #ifdef GDB_CORE_XML
1547 strcat(buf, ";qXfer:features:read+");
1548 #endif
1549 put_packet(s, buf);
1550 break;
1552 #ifdef GDB_CORE_XML
1553 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1554 const char *xml;
1555 target_ulong total_len;
1557 gdb_has_xml = 1;
1558 p += 19;
1559 xml = get_feature_xml(p, &p);
1560 if (!xml) {
1561 snprintf(buf, sizeof(buf), "E00");
1562 put_packet(s, buf);
1563 break;
1566 if (*p == ':')
1567 p++;
1568 addr = strtoul(p, (char **)&p, 16);
1569 if (*p == ',')
1570 p++;
1571 len = strtoul(p, (char **)&p, 16);
1573 total_len = strlen(xml);
1574 if (addr > total_len) {
1575 snprintf(buf, sizeof(buf), "E00");
1576 put_packet(s, buf);
1577 break;
1579 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1580 len = (MAX_PACKET_LENGTH - 5) / 2;
1581 if (len < total_len - addr) {
1582 buf[0] = 'm';
1583 len = memtox(buf + 1, xml + addr, len);
1584 } else {
1585 buf[0] = 'l';
1586 len = memtox(buf + 1, xml + addr, total_len - addr);
1588 put_packet_binary(s, buf, len + 1);
1589 break;
1591 #endif
1592 /* Unrecognised 'q' command. */
1593 goto unknown_command;
1595 default:
1596 unknown_command:
1597 /* put empty packet */
1598 buf[0] = '\0';
1599 put_packet(s, buf);
1600 break;
1602 return RS_IDLE;
1605 extern void tb_flush(CPUState *env);
1607 void gdb_set_stop_cpu(CPUState *env)
1609 gdbserver_state->c_cpu = env;
1610 gdbserver_state->g_cpu = env;
1613 #ifndef CONFIG_USER_ONLY
1614 static void gdb_vm_stopped(void *opaque, int reason)
1616 GDBState *s = gdbserver_state;
1617 CPUState *env = s->c_cpu;
1618 char buf[256];
1619 const char *type;
1620 int ret;
1622 if (s->state == RS_SYSCALL)
1623 return;
1625 /* disable single step if it was enable */
1626 cpu_single_step(env, 0);
1628 if (reason == EXCP_DEBUG) {
1629 if (env->watchpoint_hit) {
1630 switch (env->watchpoint_hit->flags & BP_MEM_ACCESS) {
1631 case BP_MEM_READ:
1632 type = "r";
1633 break;
1634 case BP_MEM_ACCESS:
1635 type = "a";
1636 break;
1637 default:
1638 type = "";
1639 break;
1641 snprintf(buf, sizeof(buf),
1642 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1643 SIGTRAP, env->cpu_index+1, type,
1644 env->watchpoint_hit->vaddr);
1645 put_packet(s, buf);
1646 env->watchpoint_hit = NULL;
1647 return;
1649 tb_flush(env);
1650 ret = SIGTRAP;
1651 } else if (reason == EXCP_INTERRUPT) {
1652 ret = SIGINT;
1653 } else {
1654 ret = 0;
1656 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, env->cpu_index+1);
1657 put_packet(s, buf);
1659 #endif
1661 /* Send a gdb syscall request.
1662 This accepts limited printf-style format specifiers, specifically:
1663 %x - target_ulong argument printed in hex.
1664 %lx - 64-bit argument printed in hex.
1665 %s - string pointer (target_ulong) and length (int) pair. */
1666 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1668 va_list va;
1669 char buf[256];
1670 char *p;
1671 target_ulong addr;
1672 uint64_t i64;
1673 GDBState *s;
1675 s = gdbserver_state;
1676 if (!s)
1677 return;
1678 gdb_current_syscall_cb = cb;
1679 s->state = RS_SYSCALL;
1680 #ifndef CONFIG_USER_ONLY
1681 vm_stop(EXCP_DEBUG);
1682 #endif
1683 s->state = RS_IDLE;
1684 va_start(va, fmt);
1685 p = buf;
1686 *(p++) = 'F';
1687 while (*fmt) {
1688 if (*fmt == '%') {
1689 fmt++;
1690 switch (*fmt++) {
1691 case 'x':
1692 addr = va_arg(va, target_ulong);
1693 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx, addr);
1694 break;
1695 case 'l':
1696 if (*(fmt++) != 'x')
1697 goto bad_format;
1698 i64 = va_arg(va, uint64_t);
1699 p += snprintf(p, &buf[sizeof(buf)] - p, "%" PRIx64, i64);
1700 break;
1701 case 's':
1702 addr = va_arg(va, target_ulong);
1703 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx "/%x",
1704 addr, va_arg(va, int));
1705 break;
1706 default:
1707 bad_format:
1708 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1709 fmt - 1);
1710 break;
1712 } else {
1713 *(p++) = *(fmt++);
1716 *p = 0;
1717 va_end(va);
1718 put_packet(s, buf);
1719 #ifdef CONFIG_USER_ONLY
1720 gdb_handlesig(s->c_cpu, 0);
1721 #else
1722 cpu_interrupt(s->c_cpu, CPU_INTERRUPT_EXIT);
1723 #endif
1726 static void gdb_read_byte(GDBState *s, int ch)
1728 int i, csum;
1729 uint8_t reply;
1731 #ifndef CONFIG_USER_ONLY
1732 if (s->last_packet_len) {
1733 /* Waiting for a response to the last packet. If we see the start
1734 of a new command then abandon the previous response. */
1735 if (ch == '-') {
1736 #ifdef DEBUG_GDB
1737 printf("Got NACK, retransmitting\n");
1738 #endif
1739 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1741 #ifdef DEBUG_GDB
1742 else if (ch == '+')
1743 printf("Got ACK\n");
1744 else
1745 printf("Got '%c' when expecting ACK/NACK\n", ch);
1746 #endif
1747 if (ch == '+' || ch == '$')
1748 s->last_packet_len = 0;
1749 if (ch != '$')
1750 return;
1752 if (vm_running) {
1753 /* when the CPU is running, we cannot do anything except stop
1754 it when receiving a char */
1755 vm_stop(EXCP_INTERRUPT);
1756 } else
1757 #endif
1759 switch(s->state) {
1760 case RS_IDLE:
1761 if (ch == '$') {
1762 s->line_buf_index = 0;
1763 s->state = RS_GETLINE;
1765 break;
1766 case RS_GETLINE:
1767 if (ch == '#') {
1768 s->state = RS_CHKSUM1;
1769 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1770 s->state = RS_IDLE;
1771 } else {
1772 s->line_buf[s->line_buf_index++] = ch;
1774 break;
1775 case RS_CHKSUM1:
1776 s->line_buf[s->line_buf_index] = '\0';
1777 s->line_csum = fromhex(ch) << 4;
1778 s->state = RS_CHKSUM2;
1779 break;
1780 case RS_CHKSUM2:
1781 s->line_csum |= fromhex(ch);
1782 csum = 0;
1783 for(i = 0; i < s->line_buf_index; i++) {
1784 csum += s->line_buf[i];
1786 if (s->line_csum != (csum & 0xff)) {
1787 reply = '-';
1788 put_buffer(s, &reply, 1);
1789 s->state = RS_IDLE;
1790 } else {
1791 reply = '+';
1792 put_buffer(s, &reply, 1);
1793 s->state = gdb_handle_packet(s, s->line_buf);
1795 break;
1796 default:
1797 abort();
1802 #ifdef CONFIG_USER_ONLY
1804 gdb_handlesig (CPUState *env, int sig)
1806 GDBState *s;
1807 char buf[256];
1808 int n;
1810 s = gdbserver_state;
1811 if (gdbserver_fd < 0 || s->fd < 0)
1812 return sig;
1814 /* disable single step if it was enabled */
1815 cpu_single_step(env, 0);
1816 tb_flush(env);
1818 if (sig != 0)
1820 snprintf(buf, sizeof(buf), "S%02x", sig);
1821 put_packet(s, buf);
1823 /* put_packet() might have detected that the peer terminated the
1824 connection. */
1825 if (s->fd < 0)
1826 return sig;
1828 sig = 0;
1829 s->state = RS_IDLE;
1830 s->running_state = 0;
1831 while (s->running_state == 0) {
1832 n = read (s->fd, buf, 256);
1833 if (n > 0)
1835 int i;
1837 for (i = 0; i < n; i++)
1838 gdb_read_byte (s, buf[i]);
1840 else if (n == 0 || errno != EAGAIN)
1842 /* XXX: Connection closed. Should probably wait for annother
1843 connection before continuing. */
1844 return sig;
1847 sig = s->signal;
1848 s->signal = 0;
1849 return sig;
1852 /* Tell the remote gdb that the process has exited. */
1853 void gdb_exit(CPUState *env, int code)
1855 GDBState *s;
1856 char buf[4];
1858 s = gdbserver_state;
1859 if (gdbserver_fd < 0 || s->fd < 0)
1860 return;
1862 snprintf(buf, sizeof(buf), "W%02x", code);
1863 put_packet(s, buf);
1867 static void gdb_accept(void)
1869 GDBState *s;
1870 struct sockaddr_in sockaddr;
1871 socklen_t len;
1872 int val, fd;
1874 for(;;) {
1875 len = sizeof(sockaddr);
1876 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1877 if (fd < 0 && errno != EINTR) {
1878 perror("accept");
1879 return;
1880 } else if (fd >= 0) {
1881 break;
1885 /* set short latency */
1886 val = 1;
1887 setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val));
1889 s = qemu_mallocz(sizeof(GDBState));
1890 if (!s) {
1891 errno = ENOMEM;
1892 perror("accept");
1893 return;
1896 memset (s, 0, sizeof (GDBState));
1897 s->c_cpu = first_cpu;
1898 s->g_cpu = first_cpu;
1899 s->fd = fd;
1900 gdb_has_xml = 0;
1902 gdbserver_state = s;
1904 fcntl(fd, F_SETFL, O_NONBLOCK);
1907 static int gdbserver_open(int port)
1909 struct sockaddr_in sockaddr;
1910 int fd, val, ret;
1912 fd = socket(PF_INET, SOCK_STREAM, 0);
1913 if (fd < 0) {
1914 perror("socket");
1915 return -1;
1918 /* allow fast reuse */
1919 val = 1;
1920 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val));
1922 sockaddr.sin_family = AF_INET;
1923 sockaddr.sin_port = htons(port);
1924 sockaddr.sin_addr.s_addr = 0;
1925 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1926 if (ret < 0) {
1927 perror("bind");
1928 return -1;
1930 ret = listen(fd, 0);
1931 if (ret < 0) {
1932 perror("listen");
1933 return -1;
1935 return fd;
1938 int gdbserver_start(int port)
1940 gdbserver_fd = gdbserver_open(port);
1941 if (gdbserver_fd < 0)
1942 return -1;
1943 /* accept connections */
1944 gdb_accept();
1945 return 0;
1947 #else
1948 static int gdb_chr_can_receive(void *opaque)
1950 /* We can handle an arbitrarily large amount of data.
1951 Pick the maximum packet size, which is as good as anything. */
1952 return MAX_PACKET_LENGTH;
1955 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
1957 int i;
1959 for (i = 0; i < size; i++) {
1960 gdb_read_byte(gdbserver_state, buf[i]);
1964 static void gdb_chr_event(void *opaque, int event)
1966 switch (event) {
1967 case CHR_EVENT_RESET:
1968 vm_stop(EXCP_INTERRUPT);
1969 gdb_has_xml = 0;
1970 break;
1971 default:
1972 break;
1976 int gdbserver_start(const char *port)
1978 GDBState *s;
1979 char gdbstub_port_name[128];
1980 int port_num;
1981 char *p;
1982 CharDriverState *chr;
1984 if (!port || !*port)
1985 return -1;
1987 port_num = strtol(port, &p, 10);
1988 if (*p == 0) {
1989 /* A numeric value is interpreted as a port number. */
1990 snprintf(gdbstub_port_name, sizeof(gdbstub_port_name),
1991 "tcp::%d,nowait,nodelay,server", port_num);
1992 port = gdbstub_port_name;
1995 chr = qemu_chr_open("gdb", port);
1996 if (!chr)
1997 return -1;
1999 s = qemu_mallocz(sizeof(GDBState));
2000 if (!s) {
2001 return -1;
2003 s->c_cpu = first_cpu;
2004 s->g_cpu = first_cpu;
2005 s->chr = chr;
2006 gdbserver_state = s;
2007 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
2008 gdb_chr_event, NULL);
2009 qemu_add_vm_stop_handler(gdb_vm_stopped, NULL);
2010 return 0;
2012 #endif