4 * Copyright (c) 2003-2005 Fabrice Bellard
6 * This library is free software; you can redistribute it and/or
7 * modify it under the terms of the GNU Lesser General Public
8 * License as published by the Free Software Foundation; either
9 * version 2 of the License, or (at your option) any later version.
11 * This library is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
14 * Lesser General Public License for more details.
16 * You should have received a copy of the GNU Lesser General Public
17 * License along with this library; if not, write to the Free Software
18 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
21 #include "qemu-common.h"
22 #ifdef CONFIG_USER_ONLY
33 #include "qemu-char.h"
38 #define MAX_PACKET_LENGTH 4096
40 #include "qemu_socket.h"
42 /* XXX: these constants may be independent of the host ones even for Unix */
55 typedef struct GDBRegisterState {
61 struct GDBRegisterState *next;
71 typedef struct GDBState {
72 CPUState *c_cpu; /* current CPU for step/continue ops */
73 CPUState *g_cpu; /* current CPU for other ops */
74 CPUState *query_cpu; /* for q{f|s}ThreadInfo */
75 enum RSState state; /* parsing state */
76 char line_buf[MAX_PACKET_LENGTH];
79 uint8_t last_packet[MAX_PACKET_LENGTH + 4];
82 #ifdef CONFIG_USER_ONLY
90 /* By default use no IRQs and no timers while single stepping so as to
91 * make single stepping like an ICE HW step.
93 static int sstep_flags = SSTEP_ENABLE|SSTEP_NOIRQ|SSTEP_NOTIMER;
95 static GDBState *gdbserver_state;
97 /* This is an ugly hack to cope with both new and old gdb.
98 If gdb sends qXfer:features:read then assume we're talking to a newish
99 gdb that understands target descriptions. */
100 static int gdb_has_xml;
102 #ifdef CONFIG_USER_ONLY
103 /* XXX: This is not thread safe. Do we care? */
104 static int gdbserver_fd = -1;
106 static int get_char(GDBState *s)
112 ret = recv(s->fd, &ch, 1, 0);
114 if (errno == ECONNRESET)
116 if (errno != EINTR && errno != EAGAIN)
118 } else if (ret == 0) {
130 static gdb_syscall_complete_cb gdb_current_syscall_cb;
138 /* If gdb is connected when the first semihosting syscall occurs then use
139 remote gdb syscalls. Otherwise use native file IO. */
140 int use_gdb_syscalls(void)
142 if (gdb_syscall_mode == GDB_SYS_UNKNOWN) {
143 gdb_syscall_mode = (gdbserver_state ? GDB_SYS_ENABLED
146 return gdb_syscall_mode == GDB_SYS_ENABLED;
149 /* Resume execution. */
150 static inline void gdb_continue(GDBState *s)
152 #ifdef CONFIG_USER_ONLY
153 s->running_state = 1;
159 static void put_buffer(GDBState *s, const uint8_t *buf, int len)
161 #ifdef CONFIG_USER_ONLY
165 ret = send(s->fd, buf, len, 0);
167 if (errno != EINTR && errno != EAGAIN)
175 qemu_chr_write(s->chr, buf, len);
179 static inline int fromhex(int v)
181 if (v >= '0' && v <= '9')
183 else if (v >= 'A' && v <= 'F')
185 else if (v >= 'a' && v <= 'f')
191 static inline int tohex(int v)
199 static void memtohex(char *buf, const uint8_t *mem, int len)
204 for(i = 0; i < len; i++) {
206 *q++ = tohex(c >> 4);
207 *q++ = tohex(c & 0xf);
212 static void hextomem(uint8_t *mem, const char *buf, int len)
216 for(i = 0; i < len; i++) {
217 mem[i] = (fromhex(buf[0]) << 4) | fromhex(buf[1]);
222 /* return -1 if error, 0 if OK */
223 static int put_packet_binary(GDBState *s, const char *buf, int len)
234 for(i = 0; i < len; i++) {
238 *(p++) = tohex((csum >> 4) & 0xf);
239 *(p++) = tohex((csum) & 0xf);
241 s->last_packet_len = p - s->last_packet;
242 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
244 #ifdef CONFIG_USER_ONLY
257 /* return -1 if error, 0 if OK */
258 static int put_packet(GDBState *s, const char *buf)
261 printf("reply='%s'\n", buf);
264 return put_packet_binary(s, buf, strlen(buf));
267 /* The GDB remote protocol transfers values in target byte order. This means
268 we can use the raw memory access routines to access the value buffer.
269 Conveniently, these also handle the case where the buffer is mis-aligned.
271 #define GET_REG8(val) do { \
272 stb_p(mem_buf, val); \
275 #define GET_REG16(val) do { \
276 stw_p(mem_buf, val); \
279 #define GET_REG32(val) do { \
280 stl_p(mem_buf, val); \
283 #define GET_REG64(val) do { \
284 stq_p(mem_buf, val); \
288 #if TARGET_LONG_BITS == 64
289 #define GET_REGL(val) GET_REG64(val)
290 #define ldtul_p(addr) ldq_p(addr)
292 #define GET_REGL(val) GET_REG32(val)
293 #define ldtul_p(addr) ldl_p(addr)
296 #if defined(TARGET_I386)
299 static const int gpr_map[16] = {
300 R_EAX, R_EBX, R_ECX, R_EDX, R_ESI, R_EDI, R_EBP, R_ESP,
301 8, 9, 10, 11, 12, 13, 14, 15
304 static const int gpr_map[8] = {0, 1, 2, 3, 4, 5, 6, 7};
307 #define NUM_CORE_REGS (CPU_NB_REGS * 2 + 25)
309 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
311 if (n < CPU_NB_REGS) {
312 GET_REGL(env->regs[gpr_map[n]]);
313 } else if (n >= CPU_NB_REGS + 8 && n < CPU_NB_REGS + 16) {
314 /* FIXME: byteswap float values. */
315 #ifdef USE_X86LDOUBLE
316 memcpy(mem_buf, &env->fpregs[n - (CPU_NB_REGS + 8)], 10);
318 memset(mem_buf, 0, 10);
321 } else if (n >= CPU_NB_REGS + 24) {
322 n -= CPU_NB_REGS + 24;
323 if (n < CPU_NB_REGS) {
324 stq_p(mem_buf, env->xmm_regs[n].XMM_Q(0));
325 stq_p(mem_buf + 8, env->xmm_regs[n].XMM_Q(1));
327 } else if (n == CPU_NB_REGS) {
328 GET_REG32(env->mxcsr);
333 case 0: GET_REGL(env->eip);
334 case 1: GET_REG32(env->eflags);
335 case 2: GET_REG32(env->segs[R_CS].selector);
336 case 3: GET_REG32(env->segs[R_SS].selector);
337 case 4: GET_REG32(env->segs[R_DS].selector);
338 case 5: GET_REG32(env->segs[R_ES].selector);
339 case 6: GET_REG32(env->segs[R_FS].selector);
340 case 7: GET_REG32(env->segs[R_GS].selector);
341 /* 8...15 x87 regs. */
342 case 16: GET_REG32(env->fpuc);
343 case 17: GET_REG32((env->fpus & ~0x3800) | (env->fpstt & 0x7) << 11);
344 case 18: GET_REG32(0); /* ftag */
345 case 19: GET_REG32(0); /* fiseg */
346 case 20: GET_REG32(0); /* fioff */
347 case 21: GET_REG32(0); /* foseg */
348 case 22: GET_REG32(0); /* fooff */
349 case 23: GET_REG32(0); /* fop */
356 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int i)
360 if (i < CPU_NB_REGS) {
361 env->regs[gpr_map[i]] = ldtul_p(mem_buf);
362 return sizeof(target_ulong);
363 } else if (i >= CPU_NB_REGS + 8 && i < CPU_NB_REGS + 16) {
364 i -= CPU_NB_REGS + 8;
365 #ifdef USE_X86LDOUBLE
366 memcpy(&env->fpregs[i], mem_buf, 10);
369 } else if (i >= CPU_NB_REGS + 24) {
370 i -= CPU_NB_REGS + 24;
371 if (i < CPU_NB_REGS) {
372 env->xmm_regs[i].XMM_Q(0) = ldq_p(mem_buf);
373 env->xmm_regs[i].XMM_Q(1) = ldq_p(mem_buf + 8);
375 } else if (i == CPU_NB_REGS) {
376 env->mxcsr = ldl_p(mem_buf);
382 case 0: env->eip = ldtul_p(mem_buf); return sizeof(target_ulong);
383 case 1: env->eflags = ldl_p(mem_buf); return 4;
384 #if defined(CONFIG_USER_ONLY)
385 #define LOAD_SEG(index, sreg)\
386 tmp = ldl_p(mem_buf);\
387 if (tmp != env->segs[sreg].selector)\
388 cpu_x86_load_seg(env, sreg, tmp);
390 /* FIXME: Honor segment registers. Needs to avoid raising an exception
391 when the selector is invalid. */
392 #define LOAD_SEG(index, sreg) do {} while(0)
394 case 2: LOAD_SEG(10, R_CS); return 4;
395 case 3: LOAD_SEG(11, R_SS); return 4;
396 case 4: LOAD_SEG(12, R_DS); return 4;
397 case 5: LOAD_SEG(13, R_ES); return 4;
398 case 6: LOAD_SEG(14, R_FS); return 4;
399 case 7: LOAD_SEG(15, R_GS); return 4;
400 /* 8...15 x87 regs. */
401 case 16: env->fpuc = ldl_p(mem_buf); return 4;
403 tmp = ldl_p(mem_buf);
404 env->fpstt = (tmp >> 11) & 7;
405 env->fpus = tmp & ~0x3800;
407 case 18: /* ftag */ return 4;
408 case 19: /* fiseg */ return 4;
409 case 20: /* fioff */ return 4;
410 case 21: /* foseg */ return 4;
411 case 22: /* fooff */ return 4;
412 case 23: /* fop */ return 4;
416 /* Unrecognised register. */
420 #elif defined (TARGET_PPC)
422 #define NUM_CORE_REGS 71
424 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
428 GET_REGL(env->gpr[n]);
431 stfq_p(mem_buf, env->fpr[n-32]);
435 case 64: GET_REGL(env->nip);
436 case 65: GET_REGL(env->msr);
441 for (i = 0; i < 8; i++)
442 cr |= env->crf[i] << (32 - ((i + 1) * 4));
445 case 67: GET_REGL(env->lr);
446 case 68: GET_REGL(env->ctr);
447 case 69: GET_REGL(env->xer);
448 case 70: GET_REG32(0); /* fpscr */
454 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
458 env->gpr[n] = ldtul_p(mem_buf);
459 return sizeof(target_ulong);
462 env->fpr[n-32] = ldfq_p(mem_buf);
467 env->nip = ldtul_p(mem_buf);
468 return sizeof(target_ulong);
470 ppc_store_msr(env, ldtul_p(mem_buf));
471 return sizeof(target_ulong);
474 uint32_t cr = ldl_p(mem_buf);
476 for (i = 0; i < 8; i++)
477 env->crf[i] = (cr >> (32 - ((i + 1) * 4))) & 0xF;
481 env->lr = ldtul_p(mem_buf);
482 return sizeof(target_ulong);
484 env->ctr = ldtul_p(mem_buf);
485 return sizeof(target_ulong);
487 env->xer = ldtul_p(mem_buf);
488 return sizeof(target_ulong);
497 #elif defined (TARGET_SPARC)
499 #if defined(TARGET_SPARC64) && !defined(TARGET_ABI32)
500 #define NUM_CORE_REGS 86
502 #define NUM_CORE_REGS 73
506 #define GET_REGA(val) GET_REG32(val)
508 #define GET_REGA(val) GET_REGL(val)
511 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
515 GET_REGA(env->gregs[n]);
518 /* register window */
519 GET_REGA(env->regwptr[n - 8]);
521 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
524 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
526 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
528 case 64: GET_REGA(env->y);
529 case 65: GET_REGA(GET_PSR(env));
530 case 66: GET_REGA(env->wim);
531 case 67: GET_REGA(env->tbr);
532 case 68: GET_REGA(env->pc);
533 case 69: GET_REGA(env->npc);
534 case 70: GET_REGA(env->fsr);
535 case 71: GET_REGA(0); /* csr */
536 case 72: GET_REGA(0);
541 GET_REG32(*((uint32_t *)&env->fpr[n - 32]));
544 /* f32-f62 (double width, even numbers only) */
547 val = (uint64_t)*((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) << 32;
548 val |= *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]);
552 case 80: GET_REGL(env->pc);
553 case 81: GET_REGL(env->npc);
554 case 82: GET_REGL(((uint64_t)GET_CCR(env) << 32) |
555 ((env->asi & 0xff) << 24) |
556 ((env->pstate & 0xfff) << 8) |
558 case 83: GET_REGL(env->fsr);
559 case 84: GET_REGL(env->fprs);
560 case 85: GET_REGL(env->y);
566 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
568 #if defined(TARGET_ABI32)
571 tmp = ldl_p(mem_buf);
575 tmp = ldtul_p(mem_buf);
582 /* register window */
583 env->regwptr[n - 8] = tmp;
585 #if defined(TARGET_ABI32) || !defined(TARGET_SPARC64)
588 *((uint32_t *)&env->fpr[n - 32]) = tmp;
590 /* Y, PSR, WIM, TBR, PC, NPC, FPSR, CPSR */
592 case 64: env->y = tmp; break;
593 case 65: PUT_PSR(env, tmp); break;
594 case 66: env->wim = tmp; break;
595 case 67: env->tbr = tmp; break;
596 case 68: env->pc = tmp; break;
597 case 69: env->npc = tmp; break;
598 case 70: env->fsr = tmp; break;
606 env->fpr[n] = ldfl_p(mem_buf);
609 /* f32-f62 (double width, even numbers only) */
610 *((uint32_t *)&env->fpr[(n - 64) * 2 + 32]) = tmp >> 32;
611 *((uint32_t *)&env->fpr[(n - 64) * 2 + 33]) = tmp;
614 case 80: env->pc = tmp; break;
615 case 81: env->npc = tmp; break;
617 PUT_CCR(env, tmp >> 32);
618 env->asi = (tmp >> 24) & 0xff;
619 env->pstate = (tmp >> 8) & 0xfff;
620 PUT_CWP64(env, tmp & 0xff);
622 case 83: env->fsr = tmp; break;
623 case 84: env->fprs = tmp; break;
624 case 85: env->y = tmp; break;
631 #elif defined (TARGET_ARM)
633 /* Old gdb always expect FPA registers. Newer (xml-aware) gdb only expect
634 whatever the target description contains. Due to a historical mishap
635 the FPA registers appear in between core integer regs and the CPSR.
636 We hack round this by giving the FPA regs zero size when talking to a
638 #define NUM_CORE_REGS 26
639 #define GDB_CORE_XML "arm-core.xml"
641 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
644 /* Core integer register. */
645 GET_REG32(env->regs[n]);
651 memset(mem_buf, 0, 12);
656 /* FPA status register. */
662 GET_REG32(cpsr_read(env));
664 /* Unknown register. */
668 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
672 tmp = ldl_p(mem_buf);
674 /* Mask out low bit of PC to workaround gdb bugs. This will probably
675 cause problems if we ever implement the Jazelle DBX extensions. */
680 /* Core integer register. */
684 if (n < 24) { /* 16-23 */
685 /* FPA registers (ignored). */
692 /* FPA status register (ignored). */
698 cpsr_write (env, tmp, 0xffffffff);
701 /* Unknown register. */
705 #elif defined (TARGET_M68K)
707 #define NUM_CORE_REGS 18
709 #define GDB_CORE_XML "cf-core.xml"
711 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
715 GET_REG32(env->dregs[n]);
718 GET_REG32(env->aregs[n - 8]);
721 case 16: GET_REG32(env->sr);
722 case 17: GET_REG32(env->pc);
725 /* FP registers not included here because they vary between
726 ColdFire and m68k. Use XML bits for these. */
730 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
734 tmp = ldl_p(mem_buf);
741 env->aregs[n - 8] = tmp;
744 case 16: env->sr = tmp; break;
745 case 17: env->pc = tmp; break;
751 #elif defined (TARGET_MIPS)
753 #define NUM_CORE_REGS 73
755 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
758 GET_REGL(env->active_tc.gpr[n]);
760 if (env->CP0_Config1 & (1 << CP0C1_FP)) {
761 if (n >= 38 && n < 70) {
762 if (env->CP0_Status & (1 << CP0St_FR))
763 GET_REGL(env->active_fpu.fpr[n - 38].d);
765 GET_REGL(env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX]);
768 case 70: GET_REGL((int32_t)env->active_fpu.fcr31);
769 case 71: GET_REGL((int32_t)env->active_fpu.fcr0);
773 case 32: GET_REGL((int32_t)env->CP0_Status);
774 case 33: GET_REGL(env->active_tc.LO[0]);
775 case 34: GET_REGL(env->active_tc.HI[0]);
776 case 35: GET_REGL(env->CP0_BadVAddr);
777 case 36: GET_REGL((int32_t)env->CP0_Cause);
778 case 37: GET_REGL(env->active_tc.PC);
779 case 72: GET_REGL(0); /* fp */
780 case 89: GET_REGL((int32_t)env->CP0_PRid);
782 if (n >= 73 && n <= 88) {
783 /* 16 embedded regs. */
790 /* convert MIPS rounding mode in FCR31 to IEEE library */
791 static unsigned int ieee_rm[] =
793 float_round_nearest_even,
798 #define RESTORE_ROUNDING_MODE \
799 set_float_rounding_mode(ieee_rm[env->active_fpu.fcr31 & 3], &env->active_fpu.fp_status)
801 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
805 tmp = ldtul_p(mem_buf);
808 env->active_tc.gpr[n] = tmp;
809 return sizeof(target_ulong);
811 if (env->CP0_Config1 & (1 << CP0C1_FP)
812 && n >= 38 && n < 73) {
814 if (env->CP0_Status & (1 << CP0St_FR))
815 env->active_fpu.fpr[n - 38].d = tmp;
817 env->active_fpu.fpr[n - 38].w[FP_ENDIAN_IDX] = tmp;
821 env->active_fpu.fcr31 = tmp & 0xFF83FFFF;
822 /* set rounding mode */
823 RESTORE_ROUNDING_MODE;
824 #ifndef CONFIG_SOFTFLOAT
825 /* no floating point exception for native float */
826 SET_FP_ENABLE(env->active_fpu.fcr31, 0);
829 case 71: env->active_fpu.fcr0 = tmp; break;
831 return sizeof(target_ulong);
834 case 32: env->CP0_Status = tmp; break;
835 case 33: env->active_tc.LO[0] = tmp; break;
836 case 34: env->active_tc.HI[0] = tmp; break;
837 case 35: env->CP0_BadVAddr = tmp; break;
838 case 36: env->CP0_Cause = tmp; break;
839 case 37: env->active_tc.PC = tmp; break;
840 case 72: /* fp, ignored */ break;
844 /* Other registers are readonly. Ignore writes. */
848 return sizeof(target_ulong);
850 #elif defined (TARGET_SH4)
852 /* Hint: Use "set architecture sh4" in GDB to see fpu registers */
853 /* FIXME: We should use XML for this. */
855 #define NUM_CORE_REGS 59
857 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
860 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
861 GET_REGL(env->gregs[n + 16]);
863 GET_REGL(env->gregs[n]);
866 GET_REGL(env->gregs[n - 8]);
867 } else if (n >= 25 && n < 41) {
868 GET_REGL(env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)]);
869 } else if (n >= 43 && n < 51) {
870 GET_REGL(env->gregs[n - 43]);
871 } else if (n >= 51 && n < 59) {
872 GET_REGL(env->gregs[n - (51 - 16)]);
875 case 16: GET_REGL(env->pc);
876 case 17: GET_REGL(env->pr);
877 case 18: GET_REGL(env->gbr);
878 case 19: GET_REGL(env->vbr);
879 case 20: GET_REGL(env->mach);
880 case 21: GET_REGL(env->macl);
881 case 22: GET_REGL(env->sr);
882 case 23: GET_REGL(env->fpul);
883 case 24: GET_REGL(env->fpscr);
884 case 41: GET_REGL(env->ssr);
885 case 42: GET_REGL(env->spc);
891 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
895 tmp = ldl_p(mem_buf);
898 if ((env->sr & (SR_MD | SR_RB)) == (SR_MD | SR_RB)) {
899 env->gregs[n + 16] = tmp;
905 env->gregs[n - 8] = tmp;
907 } else if (n >= 25 && n < 41) {
908 env->fregs[(n - 25) + ((env->fpscr & FPSCR_FR) ? 16 : 0)] = tmp;
909 } else if (n >= 43 && n < 51) {
910 env->gregs[n - 43] = tmp;
912 } else if (n >= 51 && n < 59) {
913 env->gregs[n - (51 - 16)] = tmp;
917 case 16: env->pc = tmp;
918 case 17: env->pr = tmp;
919 case 18: env->gbr = tmp;
920 case 19: env->vbr = tmp;
921 case 20: env->mach = tmp;
922 case 21: env->macl = tmp;
923 case 22: env->sr = tmp;
924 case 23: env->fpul = tmp;
925 case 24: env->fpscr = tmp;
926 case 41: env->ssr = tmp;
927 case 42: env->spc = tmp;
933 #elif defined (TARGET_CRIS)
935 #define NUM_CORE_REGS 49
937 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
941 srs = env->pregs[PR_SRS];
943 GET_REG32(env->regs[n]);
946 if (n >= 21 && n < 32) {
947 GET_REG32(env->pregs[n - 16]);
949 if (n >= 33 && n < 49) {
950 GET_REG32(env->sregs[srs][n - 33]);
953 case 16: GET_REG8(env->pregs[0]);
954 case 17: GET_REG8(env->pregs[1]);
955 case 18: GET_REG32(env->pregs[2]);
956 case 19: GET_REG8(srs);
957 case 20: GET_REG16(env->pregs[4]);
958 case 32: GET_REG32(env->pc);
964 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
971 tmp = ldl_p(mem_buf);
977 if (n >= 21 && n < 32) {
978 env->pregs[n - 16] = tmp;
981 /* FIXME: Should support function regs be writable? */
985 case 18: env->pregs[PR_PID] = tmp; break;
988 case 32: env->pc = tmp; break;
993 #elif defined (TARGET_ALPHA)
995 #define NUM_CORE_REGS 65
997 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1000 GET_REGL(env->ir[n]);
1008 val=*((uint64_t *)&env->fir[n-32]);
1012 GET_REGL(env->fpcr);
1024 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1027 tmp = ldtul_p(mem_buf);
1033 if (n > 31 && n < 63) {
1034 env->fir[n - 32] = ldfl_p(mem_buf);
1045 #define NUM_CORE_REGS 0
1047 static int cpu_gdb_read_register(CPUState *env, uint8_t *mem_buf, int n)
1052 static int cpu_gdb_write_register(CPUState *env, uint8_t *mem_buf, int n)
1059 static int num_g_regs = NUM_CORE_REGS;
1062 /* Encode data using the encoding for 'x' packets. */
1063 static int memtox(char *buf, const char *mem, int len)
1071 case '#': case '$': case '*': case '}':
1083 static const char *get_feature_xml(const char *p, const char **newp)
1085 extern const char *const xml_builtin[][2];
1089 static char target_xml[1024];
1092 while (p[len] && p[len] != ':')
1097 if (strncmp(p, "target.xml", len) == 0) {
1098 /* Generate the XML description for this CPU. */
1099 if (!target_xml[0]) {
1100 GDBRegisterState *r;
1102 snprintf(target_xml, sizeof(target_xml),
1103 "<?xml version=\"1.0\"?>"
1104 "<!DOCTYPE target SYSTEM \"gdb-target.dtd\">"
1106 "<xi:include href=\"%s\"/>",
1109 for (r = first_cpu->gdb_regs; r; r = r->next) {
1110 strcat(target_xml, "<xi:include href=\"");
1111 strcat(target_xml, r->xml);
1112 strcat(target_xml, "\"/>");
1114 strcat(target_xml, "</target>");
1118 for (i = 0; ; i++) {
1119 name = xml_builtin[i][0];
1120 if (!name || (strncmp(name, p, len) == 0 && strlen(name) == len))
1123 return name ? xml_builtin[i][1] : NULL;
1127 static int gdb_read_register(CPUState *env, uint8_t *mem_buf, int reg)
1129 GDBRegisterState *r;
1131 if (reg < NUM_CORE_REGS)
1132 return cpu_gdb_read_register(env, mem_buf, reg);
1134 for (r = env->gdb_regs; r; r = r->next) {
1135 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1136 return r->get_reg(env, mem_buf, reg - r->base_reg);
1142 static int gdb_write_register(CPUState *env, uint8_t *mem_buf, int reg)
1144 GDBRegisterState *r;
1146 if (reg < NUM_CORE_REGS)
1147 return cpu_gdb_write_register(env, mem_buf, reg);
1149 for (r = env->gdb_regs; r; r = r->next) {
1150 if (r->base_reg <= reg && reg < r->base_reg + r->num_regs) {
1151 return r->set_reg(env, mem_buf, reg - r->base_reg);
1157 /* Register a supplemental set of CPU registers. If g_pos is nonzero it
1158 specifies the first register number and these registers are included in
1159 a standard "g" packet. Direction is relative to gdb, i.e. get_reg is
1160 gdb reading a CPU register, and set_reg is gdb modifying a CPU register.
1163 void gdb_register_coprocessor(CPUState * env,
1164 gdb_reg_cb get_reg, gdb_reg_cb set_reg,
1165 int num_regs, const char *xml, int g_pos)
1167 GDBRegisterState *s;
1168 GDBRegisterState **p;
1169 static int last_reg = NUM_CORE_REGS;
1171 s = (GDBRegisterState *)qemu_mallocz(sizeof(GDBRegisterState));
1172 s->base_reg = last_reg;
1173 s->num_regs = num_regs;
1174 s->get_reg = get_reg;
1175 s->set_reg = set_reg;
1179 /* Check for duplicates. */
1180 if (strcmp((*p)->xml, xml) == 0)
1184 /* Add to end of list. */
1185 last_reg += num_regs;
1188 if (g_pos != s->base_reg) {
1189 fprintf(stderr, "Error: Bad gdb register numbering for '%s'\n"
1190 "Expected %d got %d\n", xml, g_pos, s->base_reg);
1192 num_g_regs = last_reg;
1197 /* GDB breakpoint/watchpoint types */
1198 #define GDB_BREAKPOINT_SW 0
1199 #define GDB_BREAKPOINT_HW 1
1200 #define GDB_WATCHPOINT_WRITE 2
1201 #define GDB_WATCHPOINT_READ 3
1202 #define GDB_WATCHPOINT_ACCESS 4
1204 #ifndef CONFIG_USER_ONLY
1205 static const int xlat_gdb_type[] = {
1206 [GDB_WATCHPOINT_WRITE] = BP_GDB | BP_MEM_WRITE,
1207 [GDB_WATCHPOINT_READ] = BP_GDB | BP_MEM_READ,
1208 [GDB_WATCHPOINT_ACCESS] = BP_GDB | BP_MEM_ACCESS,
1212 static int gdb_breakpoint_insert(target_ulong addr, target_ulong len, int type)
1218 case GDB_BREAKPOINT_SW:
1219 case GDB_BREAKPOINT_HW:
1220 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1221 err = cpu_breakpoint_insert(env, addr, BP_GDB, NULL);
1226 #ifndef CONFIG_USER_ONLY
1227 case GDB_WATCHPOINT_WRITE:
1228 case GDB_WATCHPOINT_READ:
1229 case GDB_WATCHPOINT_ACCESS:
1230 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1231 err = cpu_watchpoint_insert(env, addr, len, xlat_gdb_type[type],
1243 static int gdb_breakpoint_remove(target_ulong addr, target_ulong len, int type)
1249 case GDB_BREAKPOINT_SW:
1250 case GDB_BREAKPOINT_HW:
1251 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1252 err = cpu_breakpoint_remove(env, addr, BP_GDB);
1257 #ifndef CONFIG_USER_ONLY
1258 case GDB_WATCHPOINT_WRITE:
1259 case GDB_WATCHPOINT_READ:
1260 case GDB_WATCHPOINT_ACCESS:
1261 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1262 err = cpu_watchpoint_remove(env, addr, len, xlat_gdb_type[type]);
1273 static void gdb_breakpoint_remove_all(void)
1277 for (env = first_cpu; env != NULL; env = env->next_cpu) {
1278 cpu_breakpoint_remove_all(env, BP_GDB);
1279 #ifndef CONFIG_USER_ONLY
1280 cpu_watchpoint_remove_all(env, BP_GDB);
1285 static int gdb_handle_packet(GDBState *s, const char *line_buf)
1289 int ch, reg_size, type, res, thread;
1290 char buf[MAX_PACKET_LENGTH];
1291 uint8_t mem_buf[MAX_PACKET_LENGTH];
1293 target_ulong addr, len;
1296 printf("command='%s'\n", line_buf);
1302 /* TODO: Make this return the correct value for user-mode. */
1303 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", SIGTRAP,
1304 s->c_cpu->cpu_index+1);
1306 /* Remove all the breakpoints when this query is issued,
1307 * because gdb is doing and initial connect and the state
1308 * should be cleaned up.
1310 gdb_breakpoint_remove_all();
1314 addr = strtoull(p, (char **)&p, 16);
1315 #if defined(TARGET_I386)
1316 s->c_cpu->eip = addr;
1317 #elif defined (TARGET_PPC)
1318 s->c_cpu->nip = addr;
1319 #elif defined (TARGET_SPARC)
1320 s->c_cpu->pc = addr;
1321 s->c_cpu->npc = addr + 4;
1322 #elif defined (TARGET_ARM)
1323 s->c_cpu->regs[15] = addr;
1324 #elif defined (TARGET_SH4)
1325 s->c_cpu->pc = addr;
1326 #elif defined (TARGET_MIPS)
1327 s->c_cpu->active_tc.PC = addr;
1328 #elif defined (TARGET_CRIS)
1329 s->c_cpu->pc = addr;
1330 #elif defined (TARGET_ALPHA)
1331 s->c_cpu->pc = addr;
1337 s->signal = strtoul(p, (char **)&p, 16);
1341 /* Kill the target */
1342 fprintf(stderr, "\nQEMU: Terminated via GDBstub\n");
1346 gdb_breakpoint_remove_all();
1348 put_packet(s, "OK");
1352 addr = strtoull(p, (char **)&p, 16);
1353 #if defined(TARGET_I386)
1354 s->c_cpu->eip = addr;
1355 #elif defined (TARGET_PPC)
1356 s->c_cpu->nip = addr;
1357 #elif defined (TARGET_SPARC)
1358 s->c_cpu->pc = addr;
1359 s->c_cpu->npc = addr + 4;
1360 #elif defined (TARGET_ARM)
1361 s->c_cpu->regs[15] = addr;
1362 #elif defined (TARGET_SH4)
1363 s->c_cpu->pc = addr;
1364 #elif defined (TARGET_MIPS)
1365 s->c_cpu->active_tc.PC = addr;
1366 #elif defined (TARGET_CRIS)
1367 s->c_cpu->pc = addr;
1368 #elif defined (TARGET_ALPHA)
1369 s->c_cpu->pc = addr;
1372 cpu_single_step(s->c_cpu, sstep_flags);
1380 ret = strtoull(p, (char **)&p, 16);
1383 err = strtoull(p, (char **)&p, 16);
1390 if (gdb_current_syscall_cb)
1391 gdb_current_syscall_cb(s->c_cpu, ret, err);
1393 put_packet(s, "T02");
1401 for (addr = 0; addr < num_g_regs; addr++) {
1402 reg_size = gdb_read_register(s->g_cpu, mem_buf + len, addr);
1405 memtohex(buf, mem_buf, len);
1409 registers = mem_buf;
1410 len = strlen(p) / 2;
1411 hextomem((uint8_t *)registers, p, len);
1412 for (addr = 0; addr < num_g_regs && len > 0; addr++) {
1413 reg_size = gdb_write_register(s->g_cpu, registers, addr);
1415 registers += reg_size;
1417 put_packet(s, "OK");
1420 addr = strtoull(p, (char **)&p, 16);
1423 len = strtoull(p, NULL, 16);
1424 if (cpu_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 0) != 0) {
1425 put_packet (s, "E14");
1427 memtohex(buf, mem_buf, len);
1432 addr = strtoull(p, (char **)&p, 16);
1435 len = strtoull(p, (char **)&p, 16);
1438 hextomem(mem_buf, p, len);
1439 if (cpu_memory_rw_debug(s->g_cpu, addr, mem_buf, len, 1) != 0)
1440 put_packet(s, "E14");
1442 put_packet(s, "OK");
1445 /* Older gdb are really dumb, and don't use 'g' if 'p' is avaialable.
1446 This works, but can be very slow. Anything new enough to
1447 understand XML also knows how to use this properly. */
1449 goto unknown_command;
1450 addr = strtoull(p, (char **)&p, 16);
1451 reg_size = gdb_read_register(s->g_cpu, mem_buf, addr);
1453 memtohex(buf, mem_buf, reg_size);
1456 put_packet(s, "E14");
1461 goto unknown_command;
1462 addr = strtoull(p, (char **)&p, 16);
1465 reg_size = strlen(p) / 2;
1466 hextomem(mem_buf, p, reg_size);
1467 gdb_write_register(s->g_cpu, mem_buf, addr);
1468 put_packet(s, "OK");
1472 type = strtoul(p, (char **)&p, 16);
1475 addr = strtoull(p, (char **)&p, 16);
1478 len = strtoull(p, (char **)&p, 16);
1480 res = gdb_breakpoint_insert(addr, len, type);
1482 res = gdb_breakpoint_remove(addr, len, type);
1484 put_packet(s, "OK");
1485 else if (res == -ENOSYS)
1488 put_packet(s, "E22");
1492 thread = strtoull(p, (char **)&p, 16);
1493 if (thread == -1 || thread == 0) {
1494 put_packet(s, "OK");
1497 for (env = first_cpu; env != NULL; env = env->next_cpu)
1498 if (env->cpu_index + 1 == thread)
1501 put_packet(s, "E22");
1507 put_packet(s, "OK");
1511 put_packet(s, "OK");
1514 put_packet(s, "E22");
1519 thread = strtoull(p, (char **)&p, 16);
1520 #ifndef CONFIG_USER_ONLY
1521 if (thread > 0 && thread < smp_cpus + 1)
1525 put_packet(s, "OK");
1527 put_packet(s, "E22");
1531 /* parse any 'q' packets here */
1532 if (!strcmp(p,"qemu.sstepbits")) {
1533 /* Query Breakpoint bit definitions */
1534 snprintf(buf, sizeof(buf), "ENABLE=%x,NOIRQ=%x,NOTIMER=%x",
1540 } else if (strncmp(p,"qemu.sstep",10) == 0) {
1541 /* Display or change the sstep_flags */
1544 /* Display current setting */
1545 snprintf(buf, sizeof(buf), "0x%x", sstep_flags);
1550 type = strtoul(p, (char **)&p, 16);
1552 put_packet(s, "OK");
1554 } else if (strcmp(p,"C") == 0) {
1555 /* "Current thread" remains vague in the spec, so always return
1556 * the first CPU (gdb returns the first thread). */
1557 put_packet(s, "QC1");
1559 } else if (strcmp(p,"fThreadInfo") == 0) {
1560 s->query_cpu = first_cpu;
1561 goto report_cpuinfo;
1562 } else if (strcmp(p,"sThreadInfo") == 0) {
1565 snprintf(buf, sizeof(buf), "m%x", s->query_cpu->cpu_index+1);
1567 s->query_cpu = s->query_cpu->next_cpu;
1571 } else if (strncmp(p,"ThreadExtraInfo,", 16) == 0) {
1572 thread = strtoull(p+16, (char **)&p, 16);
1573 for (env = first_cpu; env != NULL; env = env->next_cpu)
1574 if (env->cpu_index + 1 == thread) {
1575 len = snprintf((char *)mem_buf, sizeof(mem_buf),
1576 "CPU#%d [%s]", env->cpu_index,
1577 env->halted ? "halted " : "running");
1578 memtohex(buf, mem_buf, len);
1584 #ifdef CONFIG_LINUX_USER
1585 else if (strncmp(p, "Offsets", 7) == 0) {
1586 TaskState *ts = s->c_cpu->opaque;
1588 snprintf(buf, sizeof(buf),
1589 "Text=" TARGET_ABI_FMT_lx ";Data=" TARGET_ABI_FMT_lx
1590 ";Bss=" TARGET_ABI_FMT_lx,
1591 ts->info->code_offset,
1592 ts->info->data_offset,
1593 ts->info->data_offset);
1598 if (strncmp(p, "Supported", 9) == 0) {
1599 snprintf(buf, sizeof(buf), "PacketSize=%x", MAX_PACKET_LENGTH);
1601 strcat(buf, ";qXfer:features:read+");
1607 if (strncmp(p, "Xfer:features:read:", 19) == 0) {
1609 target_ulong total_len;
1613 xml = get_feature_xml(p, &p);
1615 snprintf(buf, sizeof(buf), "E00");
1622 addr = strtoul(p, (char **)&p, 16);
1625 len = strtoul(p, (char **)&p, 16);
1627 total_len = strlen(xml);
1628 if (addr > total_len) {
1629 snprintf(buf, sizeof(buf), "E00");
1633 if (len > (MAX_PACKET_LENGTH - 5) / 2)
1634 len = (MAX_PACKET_LENGTH - 5) / 2;
1635 if (len < total_len - addr) {
1637 len = memtox(buf + 1, xml + addr, len);
1640 len = memtox(buf + 1, xml + addr, total_len - addr);
1642 put_packet_binary(s, buf, len + 1);
1646 /* Unrecognised 'q' command. */
1647 goto unknown_command;
1651 /* put empty packet */
1659 void gdb_set_stop_cpu(CPUState *env)
1661 gdbserver_state->c_cpu = env;
1662 gdbserver_state->g_cpu = env;
1665 #ifndef CONFIG_USER_ONLY
1666 static void gdb_vm_stopped(void *opaque, int reason)
1668 GDBState *s = gdbserver_state;
1669 CPUState *env = s->c_cpu;
1674 if (s->state == RS_SYSCALL)
1677 /* disable single step if it was enable */
1678 cpu_single_step(env, 0);
1680 if (reason == EXCP_DEBUG) {
1681 if (env->watchpoint_hit) {
1682 switch (env->watchpoint_hit->flags & BP_MEM_ACCESS) {
1693 snprintf(buf, sizeof(buf),
1694 "T%02xthread:%02x;%swatch:" TARGET_FMT_lx ";",
1695 SIGTRAP, env->cpu_index+1, type,
1696 env->watchpoint_hit->vaddr);
1698 env->watchpoint_hit = NULL;
1703 } else if (reason == EXCP_INTERRUPT) {
1708 snprintf(buf, sizeof(buf), "T%02xthread:%02x;", ret, env->cpu_index+1);
1713 /* Send a gdb syscall request.
1714 This accepts limited printf-style format specifiers, specifically:
1715 %x - target_ulong argument printed in hex.
1716 %lx - 64-bit argument printed in hex.
1717 %s - string pointer (target_ulong) and length (int) pair. */
1718 void gdb_do_syscall(gdb_syscall_complete_cb cb, const char *fmt, ...)
1727 s = gdbserver_state;
1730 gdb_current_syscall_cb = cb;
1731 s->state = RS_SYSCALL;
1732 #ifndef CONFIG_USER_ONLY
1733 vm_stop(EXCP_DEBUG);
1744 addr = va_arg(va, target_ulong);
1745 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx, addr);
1748 if (*(fmt++) != 'x')
1750 i64 = va_arg(va, uint64_t);
1751 p += snprintf(p, &buf[sizeof(buf)] - p, "%" PRIx64, i64);
1754 addr = va_arg(va, target_ulong);
1755 p += snprintf(p, &buf[sizeof(buf)] - p, TARGET_FMT_lx "/%x",
1756 addr, va_arg(va, int));
1760 fprintf(stderr, "gdbstub: Bad syscall format string '%s'\n",
1771 #ifdef CONFIG_USER_ONLY
1772 gdb_handlesig(s->c_cpu, 0);
1774 cpu_interrupt(s->c_cpu, CPU_INTERRUPT_EXIT);
1778 static void gdb_read_byte(GDBState *s, int ch)
1783 #ifndef CONFIG_USER_ONLY
1784 if (s->last_packet_len) {
1785 /* Waiting for a response to the last packet. If we see the start
1786 of a new command then abandon the previous response. */
1789 printf("Got NACK, retransmitting\n");
1791 put_buffer(s, (uint8_t *)s->last_packet, s->last_packet_len);
1795 printf("Got ACK\n");
1797 printf("Got '%c' when expecting ACK/NACK\n", ch);
1799 if (ch == '+' || ch == '$')
1800 s->last_packet_len = 0;
1805 /* when the CPU is running, we cannot do anything except stop
1806 it when receiving a char */
1807 vm_stop(EXCP_INTERRUPT);
1814 s->line_buf_index = 0;
1815 s->state = RS_GETLINE;
1820 s->state = RS_CHKSUM1;
1821 } else if (s->line_buf_index >= sizeof(s->line_buf) - 1) {
1824 s->line_buf[s->line_buf_index++] = ch;
1828 s->line_buf[s->line_buf_index] = '\0';
1829 s->line_csum = fromhex(ch) << 4;
1830 s->state = RS_CHKSUM2;
1833 s->line_csum |= fromhex(ch);
1835 for(i = 0; i < s->line_buf_index; i++) {
1836 csum += s->line_buf[i];
1838 if (s->line_csum != (csum & 0xff)) {
1840 put_buffer(s, &reply, 1);
1844 put_buffer(s, &reply, 1);
1845 s->state = gdb_handle_packet(s, s->line_buf);
1854 #ifdef CONFIG_USER_ONLY
1856 gdb_handlesig (CPUState *env, int sig)
1862 s = gdbserver_state;
1863 if (gdbserver_fd < 0 || s->fd < 0)
1866 /* disable single step if it was enabled */
1867 cpu_single_step(env, 0);
1872 snprintf(buf, sizeof(buf), "S%02x", sig);
1875 /* put_packet() might have detected that the peer terminated the
1882 s->running_state = 0;
1883 while (s->running_state == 0) {
1884 n = read (s->fd, buf, 256);
1889 for (i = 0; i < n; i++)
1890 gdb_read_byte (s, buf[i]);
1892 else if (n == 0 || errno != EAGAIN)
1894 /* XXX: Connection closed. Should probably wait for annother
1895 connection before continuing. */
1904 /* Tell the remote gdb that the process has exited. */
1905 void gdb_exit(CPUState *env, int code)
1910 s = gdbserver_state;
1911 if (gdbserver_fd < 0 || s->fd < 0)
1914 snprintf(buf, sizeof(buf), "W%02x", code);
1919 static void gdb_accept(void)
1922 struct sockaddr_in sockaddr;
1927 len = sizeof(sockaddr);
1928 fd = accept(gdbserver_fd, (struct sockaddr *)&sockaddr, &len);
1929 if (fd < 0 && errno != EINTR) {
1932 } else if (fd >= 0) {
1937 /* set short latency */
1939 setsockopt(fd, IPPROTO_TCP, TCP_NODELAY, (char *)&val, sizeof(val));
1941 s = qemu_mallocz(sizeof(GDBState));
1948 memset (s, 0, sizeof (GDBState));
1949 s->c_cpu = first_cpu;
1950 s->g_cpu = first_cpu;
1954 gdbserver_state = s;
1956 fcntl(fd, F_SETFL, O_NONBLOCK);
1959 static int gdbserver_open(int port)
1961 struct sockaddr_in sockaddr;
1964 fd = socket(PF_INET, SOCK_STREAM, 0);
1970 /* allow fast reuse */
1972 setsockopt(fd, SOL_SOCKET, SO_REUSEADDR, (char *)&val, sizeof(val));
1974 sockaddr.sin_family = AF_INET;
1975 sockaddr.sin_port = htons(port);
1976 sockaddr.sin_addr.s_addr = 0;
1977 ret = bind(fd, (struct sockaddr *)&sockaddr, sizeof(sockaddr));
1982 ret = listen(fd, 0);
1990 int gdbserver_start(int port)
1992 gdbserver_fd = gdbserver_open(port);
1993 if (gdbserver_fd < 0)
1995 /* accept connections */
2000 static int gdb_chr_can_receive(void *opaque)
2002 /* We can handle an arbitrarily large amount of data.
2003 Pick the maximum packet size, which is as good as anything. */
2004 return MAX_PACKET_LENGTH;
2007 static void gdb_chr_receive(void *opaque, const uint8_t *buf, int size)
2011 for (i = 0; i < size; i++) {
2012 gdb_read_byte(gdbserver_state, buf[i]);
2016 static void gdb_chr_event(void *opaque, int event)
2019 case CHR_EVENT_RESET:
2020 vm_stop(EXCP_INTERRUPT);
2028 int gdbserver_start(const char *port)
2031 char gdbstub_port_name[128];
2034 CharDriverState *chr;
2036 if (!port || !*port)
2039 port_num = strtol(port, &p, 10);
2041 /* A numeric value is interpreted as a port number. */
2042 snprintf(gdbstub_port_name, sizeof(gdbstub_port_name),
2043 "tcp::%d,nowait,nodelay,server", port_num);
2044 port = gdbstub_port_name;
2047 chr = qemu_chr_open("gdb", port);
2051 s = qemu_mallocz(sizeof(GDBState));
2055 s->c_cpu = first_cpu;
2056 s->g_cpu = first_cpu;
2058 gdbserver_state = s;
2059 qemu_chr_add_handlers(chr, gdb_chr_can_receive, gdb_chr_receive,
2060 gdb_chr_event, NULL);
2061 qemu_add_vm_stop_handler(gdb_vm_stopped, NULL);
projects / qemu / blob