3 This kgdb will get called and will trap almost any kernel
4 fault WITHOUT BEING ARMED.
6 It is entered at boot time via "kgdb" in the boot string,
7 not "gdb". This entry occurs when the first setup on the
8 boot string is called, not sometime later. You will not
9 find a "waiting for gdb" on your console, as the console has
10 not yet been enabled at this time. (Note, this early stuff
11 is a bit fragile as the full trap table has yet to be
12 loaded, something I might address, sometime... So don't try
13 to look at memory that can not be reached, for example.
14 Once the full trap table is loaded this restriction goes
17 If you hard code it, you can put a breakpoint() as the FIRST
20 It does NOT use the serial driver, but if the serial driver
21 is loaded, it tells it to release the port to avoid
24 The threads stuff is not configurable, does not require
25 redirection of schedule() calls and does back track to the
26 first non schedule() caller on the info threads command. If
27 you switch to the thread, however, it will show it in the
28 switch code (as it should).
30 It is MUCH more aggressive and paranoid about grabbing the
31 other cpus on entry. It issues a "send_nmi_all_but_self()"
32 rather than depending on them to interrupt or hit an NMI
33 sometime in the distant future. If a cpu does not come to
34 the party, it will continue without it so all is not lost.
36 It does not have anything to do with IOCTL calls, but does
37 do the control-C thing.
39 There is a LOT of info in the patch which ends up in
40 .../Documentation/i386/kgdb/*
42 There is a nifty little thing call kgdb_ts() (kgdb time
43 stamp) which is a function you can code calls to which puts
44 some useful stuff in a circular buffer which can be examined
45 with the supplied gdb macros.
47 It also allows you do to do "p foobar(...)" i.e. to call a
48 function from gdb, just like gdb allows in program
51 In an SMP system, you can choose to "hold" any given set of
52 cpus. It also defaults to holding other cpus on single step
53 (this can be overridden).
55 This said, you can imagine my consternation when I found it
56 "lost it" on continues on 2.5. I found and fixed this this
57 early pm, a hold cpu on exit goof on my part.
59 Oh, and a final point, the configure options are more
60 extensive (the serial port is set up here, for example, (can
61 not wait for a command line to do this)). There is one to
62 do system call exit tests. This is VERY new and causes the
63 kernel to hit a hard "int 3" if a system call attempts to
64 exit with preempt count other than zero. This is a fault,
65 of course, but the current 2.5 is full of them so I don't
66 recommend turning this on.
72 From: Ingo Molnar <mingo@elte.hu>
74 this patch fixes a deprecated use of asm input operands. (and shuts up a
78 kgdb buffer overflow fix
80 From: George Anzinger <george@mvista.com>
86 From: Ingo Molnar <mingo@elte.hu>
88 this patch fixes a deprecated use of asm input operands. (and shuts up a
92 kgdb: CONFIG_DEBUG_INFO fix
94 From: Thomas Schlichter <schlicht@uni-mannheim.de>
96 that patch sets DEBUG_INFO to y by default, even if whether DEBUG_KERNEL nor
97 KGDB is enabled. The attached patch changes this to enable DEBUG_INFO by
98 default only if KGDB is enabled.
105 Fix x86_64 for kgdb. We forget why.
107 correct kgdb.txt Documentation link (against 2.6.1-rc1-mm2)
109 From: Jesper Juhl <juhl-lkml@dif.dk>
111 The help text for "config KGDB" in arch/i386/Kconfig refers to
112 Documentation/i386/kgdb.txt - the actual location is
113 Documentation/i386/kgdb/kgdb.txt - patch below to fix that.
116 kgdb: fix for recent gcc
119 arch/i386/kernel/traps.c:97: error: conflicting types for 'int3'
120 arch/i386/kernel/traps.c:77: error: previous declaration of 'int3' was here
121 arch/i386/kernel/traps.c:97: error: conflicting types for 'int3'
122 arch/i386/kernel/traps.c:77: error: previous declaration of 'int3' was here
123 arch/i386/kernel/traps.c:99: error: conflicting types for 'debug'
124 arch/i386/kernel/traps.c:75: error: previous declaration of 'debug' was here
125 arch/i386/kernel/traps.c:99: error: conflicting types for 'debug'
126 arch/i386/kernel/traps.c:75: error: previous declaration of 'debug' was here
132 arch/i386/kernel/kgdb_stub.c:1306: warning: 'time' might be used uninitialized in this function
133 arch/i386/kernel/kgdb_stub.c:1306: warning: 'dum' might be used uninitialized in this function
135 THREAD_SIZE fixes for kgdb
137 From: Matt Mackall <mpm@selenic.com>
139 Noticed the THREAD_SIZE clean-ups are in -mm now. Here are the missing
140 bits for kgdb, tested in -tiny with 4k stacks.
142 Fix stack overflow test for non-8k stacks
144 From: Matt Mackall <mpm@selenic.com>
146 This is needed to work properly with 4k and 16k stacks.
148 kgdb-ga.patch fix for i386 single-step into sysenter
150 From: Roland McGrath <roland@redhat.com>
152 Using kgdb-ga.patch from -mm, if userland single-steps (PTRACE_SINGLESTEP)
153 into the `sysenter' instruction, kgdb reports a bogus trap:
155 Program received signal SIGTRAP, Trace/breakpoint trap.
156 sysenter_past_esp () at arch/i386/kernel/entry.S:249
157 1: x/i $pc 0xc0106023 <sysenter_past_esp>: sti
160 The hackery in the "FIX_STACK" macro in entry.S changes the saved PC for a
161 the spurious kernel-mode debug trap when TF was set on user-mode execution
162 of `sysenter', so sysenter_past_esp is where it actually lies in this case.
163 The following patch removes the kgdb hiccup when userland
164 PTRACE_SINGLESTEP's into sysenter.
166 fix TRAP_BAD_SYSCALL_EXITS on i386
168 From: Andy Whitcroft <apw@shadowen.org>
170 We are not using the right offset name, nor the right address when checking
171 for a non-zero preempt count. Move to TI_preempt_count(%ebp).
173 Signed-off-by: Andy Whitcroft <apw@shadowen.org>
175 add TRAP_BAD_SYSCALL_EXITS config for i386
177 From: Andy Whitcroft <apw@shadowen.org>
179 There seems to be code recently added to -bk and thereby -mm which supports
180 extra debug for preempt on system call exit. Oddly there doesn't seem to
181 be configuration options to enable them. Below is a possible patch to
182 allow enabling this on i386. Sadly the most obvious menu to add this to is
183 the Kernel Hacking menu, but that is defined in architecture specific
184 configuration. If this makes sense I could patch the other arches?
186 Add a configuration option to allow enabling TRAP_BAD_SYSCALL_EXITS to the
189 Signed-off-by: Andy Whitcroft <apw@shadowen.org>
190 Signed-off-by: Andrew Morton <akpm@osdl.org>
191 Index: linux/Documentation/i386/kgdb/andthen
192 ===================================================================
193 --- linux.orig/Documentation/i386/kgdb/andthen
194 +++ linux/Documentation/i386/kgdb/andthen
199 + set var $thp=(struct kgdb_and_then_struct *)&kgdb_data[0]
200 + set var $at_size = (sizeof kgdb_data)/(sizeof *$thp)
201 + set var $at_oc=kgdb_and_then_count
202 + set var $at_cc=$at_oc
206 + set var $at_cc=$arg0
211 + if ($at_cc >= $at_oc)
212 + printf "Outside window. Window size is %d\n",($at_oc-$at_low)
214 + printf "%d: ",$at_cc
215 + output *($thp+($at_cc++ % $at_size ))
219 +define andthen_set_edge
220 + set var $at_oc=kgdb_and_then_count
221 + set var $at_low = $at_oc - $at_size
223 + set var $at_low = 0
225 + if (( $at_cc > $at_oc) || ($at_cc < $at_low))
226 + printf "Count outside of window, setting count to "
227 + if ($at_cc >= $at_oc)
228 + set var $at_cc = $at_oc
230 + set var $at_cc = $at_low
232 + printf "%d\n",$at_cc
238 + if ($at_cc <= $at_low)
239 + printf "Outside window. Window size is %d\n",($at_oc-$at_low)
241 + printf "%d: ",$at_cc-1
242 + output *($thp+(--$at_cc % $at_size ))
247 +document andthen_next
248 + andthen_next <count>
249 + . sets the number of the event to display next. If this event
250 + . is not in the event pool, either andthen or beforethat will
251 + . correct it to the nearest event pool edge. The event pool
252 + . ends at the last event recorded and begins <number of events>
253 + . prior to that. If beforethat is used next, it will display
254 + . event <count> -1.
256 + andthen commands are: set_andthen, andthen_next, andthen and beforethat
262 +. displays the next event in the list. <set_andthen> sets up to display
263 +. the oldest saved event first.
264 +. <count> (optional) count of the event to display.
265 +. note the number of events saved is specified at configure time.
266 +. if events are saved between calls to andthen the index will change
267 +. but the displayed event will be the next one (unless the event buffer
270 +. andthen commands are: set_andthen, andthen_next, andthen and beforethat
273 +document set_andthen
275 +. sets up to use the <andthen> and <beforethat> commands.
276 +. if you have defined your own struct, use the above and
277 +. then enter the following:
278 +. p $thp=(struct kgdb_and_then_structX *)&kgdb_data[0]
279 +. where <kgdb_and_then_structX> is the name of your structure.
281 +. andthen commands are: set_andthen, andthen_next, andthen and beforethat
286 +. displays the next prior event in the list. <set_andthen> sets up to
287 +. display the last occuring event first.
289 +. note the number of events saved is specified at configure time.
290 +. if events are saved between calls to beforethat the index will change
291 +. but the displayed event will be the next one (unless the event buffer
294 +. andthen commands are: set_andthen, andthen_next, andthen and beforethat
296 Index: linux/Documentation/i386/kgdb/debug-nmi.txt
297 ===================================================================
298 --- linux.orig/Documentation/i386/kgdb/debug-nmi.txt
299 +++ linux/Documentation/i386/kgdb/debug-nmi.txt
301 +Subject: Debugging with NMI
302 +Date: Mon, 12 Jul 1999 11:28:31 -0500
303 +From: David Grothe <dave@gcom.com>
304 +Organization: Gcom, Inc
305 +To: David Grothe <dave@gcom.com>
309 +Maybe this is old hat, but it is new to me --
311 +On an ISA bus machine, if you short out the A1 and B1 pins of an ISA
312 +slot you will generate an NMI to the CPU. This interrupts even a
313 +machine that is hung in a loop with interrupts disabled. Used in
314 +conjunction with kgdb <
315 +ftp://ftp.gcom.com/pub/linux/src/kgdb-2.3.35/kgdb-2.3.35.tgz > you can
316 +gain debugger control of a machine that is hung in the kernel! Even
317 +without kgdb the kernel will print a stack trace so you can find out
320 +The A1/B1 pins are directly opposite one another and the farthest pins
321 +towards the bracket end of the ISA bus socket. You can stick a paper
322 +clip or multi-meter probe between them to short them out.
324 +I had a spare ISA bus to PC104 bus adapter around. The PC104 end of the
325 +board consists of two rows of wire wrap pins. So I wired a push button
326 +between the A1/B1 pins and now have an ISA board that I can stick into
327 +any ISA bus slot for debugger entry.
329 +Microsoft has a circuit diagram of a PCI card at
330 +http://www.microsoft.com/hwdev/DEBUGGING/DMPSW.HTM. If you want to
331 +build one you will have to mail them and ask for the PAL equations.
332 +Nobody makes one comercially.
334 +[THIS TIP COMES WITH NO WARRANTY WHATSOEVER. It works for me, but if
335 +your machine catches fire, it is your problem, not mine.]
337 +-- Dave (the kgdb guy)
338 Index: linux/Documentation/i386/kgdb/gdb-globals.txt
339 ===================================================================
340 --- linux.orig/Documentation/i386/kgdb/gdb-globals.txt
341 +++ linux/Documentation/i386/kgdb/gdb-globals.txt
343 +Sender: akale@veritas.com
344 +Date: Fri, 23 Jun 2000 19:26:35 +0530
345 +From: "Amit S. Kale" <akale@veritas.com>
346 +Organization: Veritas Software (India)
347 +To: Dave Grothe <dave@gcom.com>, linux-kernel@vger.rutgers.edu
348 +CC: David Milburn <dmilburn@wirespeed.com>,
349 + "Edouard G. Parmelan" <Edouard.Parmelan@quadratec.fr>,
350 + ezannoni@cygnus.com, Keith Owens <kaos@ocs.com.au>
351 +Subject: Re: Module debugging using kgdb
357 +> There is a 2.4.0 version of kgdb on our ftp site:
358 +> ftp://ftp.gcom.com/pub/linux/src/kgdb. I mirrored your version of gdb
359 +> and loadmodule.sh there.
361 +> Have a look at the README file and see if I go it right. If not, send
362 +> me some corrections and I will update it.
364 +> Does your version of gdb solve the global variable problem?
367 +Thanks to Elena Zanoni, gdb (developement version) can now calculate
368 +correctly addresses of dynamically loaded object files. I have not been
369 +following gdb developement for sometime and am not sure when symbol
370 +address calculation fix is going to appear in a gdb stable version.
372 +Elena, any idea when the fix will make it to a prebuilt gdb from a
375 +For the time being I have built a gdb developement version. It can be
376 +used for module debugging with loadmodule.sh script.
378 +The problem with calculating of module addresses with previous versions
379 +of gdb was as follows:
380 +gdb did not use base address of a section while calculating address of
381 +a symbol in the section in an object file loaded via 'add-symbol-file'.
382 +It used address of .text segment instead. Due to this addresses of
383 +symbols in .data, .bss etc. (e.g. global variables) were calculated incorrectly.
385 +Above mentioned fix allow gdb to use base address of a segment while
386 +calculating address of a symbol in it. It adds a parameter '-s' to
387 +'add-symbol-file' command for specifying base address of a segment.
389 +loadmodule.sh script works as follows.
391 +1. Copy a module file to target machine.
392 +2. Load the module on the target machine using insmod with -m parameter.
393 +insmod produces a module load map which contains base addresses of all
394 +sections in the module and addresses of symbols in the module file.
395 +3. Find all sections and their base addresses in the module from
397 +4. Generate a script that loads the module file. The script uses
398 +'add-symbol-file' and specifies address of text segment followed by
399 +addresses of all segments in the module.
401 +Here is an example gdb script produced by loadmodule.sh script.
403 +add-symbol-file foo 0xd082c060 -s .text.lock 0xd08cbfb5
404 +-s .fixup 0xd08cfbdf -s .rodata 0xd08cfde0 -s __ex_table 0xd08e3b38
405 +-s .data 0xd08e3d00 -s .bss 0xd08ec8c0 -s __ksymtab 0xd08ee838
407 +With this command gdb can calculate addresses of symbols in ANY segment
413 +Veritas Software ( http://www.veritas.com )
414 Index: linux/Documentation/i386/kgdb/gdbinit
415 ===================================================================
416 --- linux.orig/Documentation/i386/kgdb/gdbinit
417 +++ linux/Documentation/i386/kgdb/gdbinit
419 +shell echo -e "\003" >/dev/ttyS0
420 +set remotebaud 38400
421 +target remote /dev/ttyS0
424 +printf "EAX=%08x EBX=%08x ECX=%08x EDX=%08x\n", $eax, $ebx, $ecx, $edx
425 +printf "ESI=%08x EDI=%08x EBP=%08x ESP=%08x\n", $esi, $edi, $ebp, $esp
430 +printf "EAX=%08x EBX=%08x ECX=%08x EDX=%08x\n", $eax, $ebx, $ecx, $edx
431 +printf "ESI=%08x EDI=%08x EBP=%08x ESP=%08x\n", $esi, $edi, $ebp, $esp
433 Index: linux/Documentation/i386/kgdb/gdbinit-modules
434 ===================================================================
435 --- linux.orig/Documentation/i386/kgdb/gdbinit-modules
436 +++ linux/Documentation/i386/kgdb/gdbinit-modules
439 +# Usefull GDB user-command to debug Linux Kernel Modules with gdbstub.
441 +# This don't work for Linux-2.0 or older.
443 +# Author Edouard G. Parmelan <Edouard.Parmelan@quadratec.fr>
446 +# Fri Apr 30 20:33:29 CEST 1999
447 +# First public release.
449 +# Major cleanup after experiment Linux-2.0 kernel without success.
450 +# Symbols of a module are not in the correct order, I can't explain
453 +# Fri Mar 19 15:41:40 CET 1999
456 +# Thu Jan 6 16:29:03 CST 2000
457 +# A little fixing by Dave Grothe <dave@gcom.com>
459 +# Mon Jun 19 09:33:13 CDT 2000
460 +# Alignment changes from Edouard Parmelan
462 +# The basic idea is to find where insmod load the module and inform
463 +# GDB to load the symbol table of the module with the GDB command
464 +# ``add-symbol-file <object> <address>''.
466 +# The Linux kernel holds the list of all loaded modules in module_list,
467 +# this list end with &kernel_module (exactly with module->next == NULL,
468 +# but the last module is not a real module).
470 +# Insmod allocates the struct module before the object file. Since
471 +# Linux-2.1, this structure contain his size. The real address of
472 +# the object file is then (char*)module + module->size_of_struct.
474 +# You can use three user functions ``mod-list'', ``mod-print-symbols''
475 +# and ``add-module-symbols''.
477 +# mod-list list all loaded modules with the format:
478 +# <module-address> <module-name>
480 +# As soon as you have found the address of your module, you can
481 +# print its exported symbols (mod-print-symbols) or inform GDB to add
482 +# symbols from your module file (mod-add-symbols).
484 +# The argument that you give to mod-print-symbols or mod-add-symbols
485 +# is the <module-address> from the mod-list command.
487 +# When using the mod-add-symbols command you must also give the full
488 +# pathname of the modules object code file.
490 +# The command mod-add-lis is an example of how to make this easier.
491 +# You can edit this macro to contain the path name of your own
492 +# favorite module and then use it as a shorthand to load it. You
493 +# still need the module-address, however.
495 +# The internal function ``mod-validate'' set the GDB variable $mod
496 +# as a ``struct module*'' if the kernel known the module otherwise
497 +# $mod is set to NULL. This ensure to not add symbols for a wrong
501 +# Sat Feb 12 20:05:47 CET 2005
503 +# Adapted to the 2.6.* module data structure.
504 +# (Getting miffed at gdb for not having "offsetof" in the process :-/ )
506 +# Autogenerate add-symbol-file statements from the module list instead
507 +# of relying on a no-longer-working loadmodule.sh program.
509 +# Matthias Urlichs <smurf@debian.org>
512 +# Have a nice hacking day !
516 + set $lmod = modules->next
517 + # This is a circular data structure
518 + while $lmod != &modules
519 + set $mod = (struct module *)(((char *)$lmod) - ((int)&(((struct module *)0) -> list)))
520 + printf "%p\t%s\n", $mod, $mod->name
521 + set $lmod = $lmod->next
526 +List all modules in the form: <module-address> <module-name>
527 +Use the <module-address> as the argument for the other
528 +mod-commands: mod-print-symbols, mod-add-symbols.
531 +define mod-list-syms
532 + set $lmod = modules->next
533 + # This is a circular data structure
534 + while $lmod != &modules
535 + set $mod = (struct module *)(((char *)$lmod) - ((int)&(((struct module *)0) -> list)))
536 + printf "add-symbol-file %s.ko %p\n", $mod->name, $mod->module_core
537 + set $lmod = $lmod->next
540 +document mod-list-syms
542 +List all modules in the form: add-symbol-file <module-path> <module-core>
543 +for adding modules' symbol tables without loadmodule.sh.
547 + set $lmod = modules->next
548 + set $mod = (struct module *)(((char *)$lmod) - ((int)&(((struct module *)0) -> list)))
549 + while ($lmod != &modules) && ($mod != $arg0)
550 + set $lmod = $lmod->next
551 + set $mod = (struct module *)(((char *)$lmod) - ((int)&(((struct module *)0) -> list)))
553 + if $lmod == &modules
555 + printf "%p is not a module\n", $arg0
558 +document mod-validate
559 +mod-validate <module-address>
560 +Internal user-command used to validate the module parameter.
561 +If <module> is a real loaded module, set $mod to it, otherwise set $mod
565 +define mod-print-symbols
569 + while $i < $mod->num_syms
570 + set $sym = $mod->syms[$i]
571 + printf "%p\t%s\n", $sym->value, $sym->name
575 + while $i < $mod->num_gpl_syms
576 + set $sym = $mod->gpl_syms[$i]
577 + printf "%p\t%s\n", $sym->value, $sym->name
582 +document mod-print-symbols
583 +mod-print-symbols <module-address>
584 +Print all exported symbols of the module. See mod-list
587 Index: linux/Documentation/i386/kgdb/gdbinit.hw
588 ===================================================================
589 --- linux.orig/Documentation/i386/kgdb/gdbinit.hw
590 +++ linux/Documentation/i386/kgdb/gdbinit.hw
593 +#Using ia-32 hardware breakpoints.
595 +#4 hardware breakpoints are available in ia-32 processors. These breakpoints
596 +#do not need code modification. They are set using debug registers.
598 +#Each hardware breakpoint can be of one of the
599 +#three types: execution, write, access.
600 +#1. An Execution breakpoint is triggered when code at the breakpoint address is
602 +#2. A write breakpoint ( aka watchpoints ) is triggered when memory location
603 +#at the breakpoint address is written.
604 +#3. An access breakpoint is triggered when memory location at the breakpoint
605 +#address is either read or written.
607 +#As hardware breakpoints are available in limited number, use software
608 +#breakpoints ( br command in gdb ) instead of execution hardware breakpoints.
610 +#Length of an access or a write breakpoint defines length of the datatype to
611 +#be watched. Length is 1 for char, 2 short , 3 int.
613 +#For placing execution, write and access breakpoints, use commands
614 +#hwebrk, hwwbrk, hwabrk
615 +#To remove a breakpoint use hwrmbrk command.
617 +#These commands take following types of arguments. For arguments associated
618 +#with each command, use help command.
619 +#1. breakpointno: 0 to 3
621 +#3. address: Memory location in hex ( without 0x ) e.g c015e9bc
623 +#Use the command exinfo to find which hardware breakpoint occured.
625 +#hwebrk breakpointno address
627 + maintenance packet Y$arg0,0,0,$arg1
630 + hwebrk <breakpointno> <address>
631 + Places a hardware execution breakpoint
632 + <breakpointno> = 0 - 3
633 + <address> = Hex digits without leading "0x".
636 +#hwwbrk breakpointno length address
638 + maintenance packet Y$arg0,1,$arg1,$arg2
641 + hwwbrk <breakpointno> <length> <address>
642 + Places a hardware write breakpoint
643 + <breakpointno> = 0 - 3
644 + <length> = 1 (1 byte), 2 (2 byte), 3 (4 byte)
645 + <address> = Hex digits without leading "0x".
648 +#hwabrk breakpointno length address
650 + maintenance packet Y$arg0,1,$arg1,$arg2
653 + hwabrk <breakpointno> <length> <address>
654 + Places a hardware access breakpoint
655 + <breakpointno> = 0 - 3
656 + <length> = 1 (1 byte), 2 (2 byte), 3 (4 byte)
657 + <address> = Hex digits without leading "0x".
660 +#hwrmbrk breakpointno
662 + maintenance packet y$arg0
665 + hwrmbrk <breakpointno>
666 + <breakpointno> = 0 - 3
667 + Removes a hardware breakpoint
671 + maintenance packet r
675 + maintenance packet qE
679 + Gives information about a breakpoint.
682 + p $th=(struct thread_info *)((int)$esp & ~8191)
686 + Gets and prints the current thread_info pointer, Defines th to be it.
689 + p $cu=((struct thread_info *)((int)$esp & ~8191))->task
693 + Gets and print the "current" value. Defines $cu to be it.
696 + set var $flags=$eflags
697 + set $eflags=$eflags&~0x200
700 + set var $eflags|=$flags&0x200
703 + saves the current interrupt state and clears the processor interrupt
704 + flag. Use int_on to restore the saved flag.
707 + Restores the interrupt flag saved by int_off.
709 Index: linux/Documentation/i386/kgdb/kgdb.txt
710 ===================================================================
711 --- linux.orig/Documentation/i386/kgdb/kgdb.txt
712 +++ linux/Documentation/i386/kgdb/kgdb.txt
714 +Last edit: <20030806.1637.12>
715 +This file has information specific to the i386 kgdb option. Other
716 +platforms with the kgdb option may behave in a similar fashion.
721 +This version was made against the 2.6.0-test2 kernel. We have made the
724 +- The getthread() code in the stub calls find_task_by_pid(). It fails
725 + if we are early in the bring up such that the pid arrays have yet to
726 + be allocated. We have added a line to kernel/pid.c to make
727 + "kgdb_pid_init_done" true once the arrays are allocated. This way the
728 + getthread() code knows not to call. This is only used by the thread
729 + debugging stuff and threads will not yet exist at this point in the
732 +- For some reason, gdb was not asking for a new thread list when the
733 + "info thread" command was given. We changed to the newer version of
734 + the thread info command and gdb now seems to ask when needed. Result,
735 + we now get all threads in the thread list.
737 +- We now respond to the ThreadExtraInfo request from gdb with the thread
738 + name from task_struct .comm. This then appears in the thread list.
739 + Thoughts on additional options for this are welcome. Things such as
740 + "has BKL" and "Preempted" come to mind. I think we could have a flag
741 + word that could enable different bits of info here.
743 +- We now honor, sort of, the C and S commands. These are continue and
744 + single set after delivering a signal. We ignore the signal and do the
745 + requested action. This only happens when we told gdb that a signal
746 + was the reason for entry, which is only done on memory faults. The
747 + result is that you can now continue into the Oops.
749 +- We changed the -g to -gdwarf-2. This seems to be the same as -ggdb,
750 + but it is more exact on what language to use.
752 +- We added two dwarf2 include files and a bit of code at the end of
753 + entry.S. This does not yet work, so it is disabled. Still we want to
754 + keep track of the code and "maybe" someone out there can fix it.
756 +- Randy Dunlap sent some fix ups for this file which are now merged.
758 +- Hugh Dickins sent a fix to a bit of code in traps.c that prevents a
759 + compiler warning if CONFIG_KGDB is off (now who would do that :).
761 +- Andrew Morton sent a fix for the serial driver which is now merged.
763 +- Andrew also sent a change to the stub around the cpu managment code
764 + which is also merged.
766 +- Andrew also sent a patch to make "f" as well as "g" work as SysRq
767 + commands to enter kgdb, merged.
769 +- If CONFIG_KGDB and CONFIG_DEBUG_SPINLOCKS are both set we added a
770 + "who" field to the spinlock data struct. This is filled with
771 + "current" when ever the spinlock suceeds. Useful if you want to know
774 +_ And last, but not least, we fixed the "get_cu" macro to properly get
775 + the current value of "current".
780 +We are starting to align with the sourceforge version, at least in
781 +commands. To this end, the boot command string to start kgdb at
782 +boot time has been changed from "kgdb" to "gdb".
784 +Andrew Morton sent a couple of patches which are now included as follows:
785 +1.) We now return a flag to the interrupt handler.
786 +2.) We no longer use smp_num_cpus (a conflict with the lock meter).
787 +3.) And from William Lee Irwin III <wli@holomorphy.com> code to make
788 + sure high-mem is set up before we attempt to register our interrupt
790 +We now include asm/kgdb.h from config.h so you will most likely never
791 +have to include it. It also 'NULLS' the kgdb macros you might have in
792 +your code when CONFIG_KGDB is not defined. This allows you to just
793 +turn off CONFIG_KGDB to turn off all the kgdb_ts() calls and such.
794 +This include is conditioned on the machine being an x86 so as to not
795 +mess with other archs.
798 +This is currently the version for the 2.4.18 (and beyond?) kernel.
800 +We have several new "features" beginning with this version:
802 +1.) Kgdb now syncs the "other" CPUs with a cross-CPU NMI. No more
803 + waiting and it will pull that guy out of an IRQ off spin lock :)
805 +2.) We doctored up the code that tells where a task is waiting and
806 + included it so that the "info thread" command will show a bit more
807 + than "schedule()". Try it...
809 +3.) Added the ability to call a function from gdb. All the standard gdb
810 + issues apply, i.e. if you hit a breakpoint in the function, you are
811 + not allowed to call another (gdb limitation, not kgdb). To help
812 + this capability we added a memory allocation function. Gdb does not
813 + return this memory (it is used for strings that you pass to that function
814 + you are calling from gdb) so we fixed up a way to allow you to
815 + manually return the memory (see below).
817 +4.) Kgdb time stamps (kgdb_ts()) are enhanced to expand what was the
818 + interrupt flag to now also include the preemption count and the
819 + "in_interrupt" info. The flag is now called "with_pif" to indicate
820 + the order, preempt_count, in_interrupt, flag. The preempt_count is
821 + shifted left by 4 bits so you can read the count in hex by dropping
822 + the low order digit. In_interrupt is in bit 1, and the flag is in
825 +5.) The command: "p kgdb_info" is now expanded and prints something
828 +$2 = {used_malloc = 0, called_from = 0xc0107506, entry_tsc = 67468627259,
829 + errcode = 0, vector = 3, print_debug_info = 0, hold_on_sstep = 1,
830 + cpus_waiting = {{task = 0xc027a000, pid = 32768, hold = 0,
831 + regs = 0xc027bf84}, {task = 0x0, pid = 0, hold = 0, regs = 0x0}}}
833 + Things to note here: a.) used_malloc is the amount of memory that
834 + has been malloc'ed to do calls from gdb. You can reclaim this
835 + memory like this: "p kgdb_info.used_malloc=0" Cool, huh? b.)
836 + cpus_waiting is now "sized" by the number of CPUs you enter at
837 + configure time in the kgdb configure section. This is NOT used
838 + anywhere else in the system, but it is "nice" here. c.) The task's
839 + "pid" is now in the structure. This is the pid you will need to use
840 + to decode to the thread id to get gdb to look at that thread.
841 + Remember that the "info thread" command prints a list of threads
842 + wherein it numbers each thread with its reference number followed
843 + by the thread's pid. Note that the per-CPU idle threads actually
844 + have pids of 0 (yes, there is more than one pid 0 in an SMP system).
845 + To avoid confusion, kgdb numbers these threads with numbers beyond
846 + the MAX_PID. That is why you see 32768 and above.
848 +6.) A subtle change, we now provide the complete register set for tasks
849 + that are active on the other CPUs. This allows better trace back on
852 + And, let's mention what we could not fix. Back-trace from all but the
853 + thread that we trapped will, most likely, have a bogus entry in it.
854 + The problem is that gdb does not recognize the entry code for
855 + functions that use "current" near (at all?) the entry. The compiler
856 + is putting the "current" decode as the first two instructions of the
857 + function where gdb expects to find %ebp changing code. Back trace
858 + also has trouble with interrupt frames. I am talking with Daniel
859 + Jacobowitz about some way to fix this, but don't hold your breath.
862 +Major enhancement with this version is the ability to hold one or more
863 +CPUs in an SMP system while allowing the others to continue. Also, by
864 +default only the current CPU is enabled on single-step commands (please
865 +note that gdb issues single-step commands at times other than when you
866 +use the si command).
868 +Another change is to collect some useful information in
869 +a global structure called "kgdb_info". You should be able to just:
873 +although I have seen cases where the first time this is done gdb just
874 +prints the first member but prints the whole structure if you then enter
875 +CR (carriage return or enter). This also works:
881 +$4 = {called_from = 0xc010732c, entry_tsc = 32804123790856, errcode = 0,
882 + vector = 3, print_debug_info = 0}
884 +"Called_from" is the return address from the current entry into kgdb.
885 +Sometimes it is useful to know why you are in kgdb, for example, was
886 +it an NMI or a real breakpoint? The simple way to interrogate this
891 +which will print the surrounding few lines of source code.
893 +"Entry_tsc" is the CPU TSC on entry to kgdb (useful to compare to the
896 +"errcode" and "vector" are other entry parameters which may be helpful on
899 +"print_debug_info" is the internal debugging kgdb print enable flag. Yes,
902 +In SMP systems kgdb_info also includes the "cpus_waiting" structure and
906 +$7 = {called_from = 0xc0112739, entry_tsc = 1034936624074, errcode = 0,
907 + vector = 2, print_debug_info = 0, hold_on_sstep = 1, cpus_waiting = {{
908 + task = 0x0, hold = 0, regs = 0x0}, {task = 0xc71b8000, hold = 0,
909 + regs = 0xc71b9f70}, {task = 0x0, hold = 0, regs = 0x0}, {task = 0x0,
910 + hold = 0, regs = 0x0}, {task = 0x0, hold = 0, regs = 0x0}, {task = 0x0,
911 + hold = 0, regs = 0x0}, {task = 0x0, hold = 0, regs = 0x0}, {task = 0x0,
912 + hold = 0, regs = 0x0}}}
914 +"Cpus_waiting" has an entry for each CPU other than the current one that
915 +has been stopped. Each entry contains the task_struct address for that
916 +CPU, the address of the regs for that task and a hold flag. All these
917 +have the proper typing so that, for example:
919 +p *kgdb_info.cpus_waiting[1].regs
921 +will print the registers for CPU 1.
923 +"Hold_on_sstep" is a new feature with this version and comes up set or
924 +true. What this means is that whenever kgdb is asked to single-step all
925 +other CPUs are held (i.e. not allowed to execute). The flag applies to
926 +all but the current CPU and, again, can be changed:
928 +p kgdb_info.hold_on_sstep=0
930 +restores the old behavior of letting all CPUs run during single-stepping.
932 +Likewise, each CPU has a "hold" flag, which if set, locks that CPU out
933 +of execution. Note that this has some risk in cases where the CPUs need
934 +to communicate with each other. If kgdb finds no CPU available on exit,
935 +it will push a message thru gdb and stay in kgdb. Note that it is legal
936 +to hold the current CPU as long as at least one CPU can execute.
939 +This version implements an event queue. Events are signaled by calling
940 +a function in the kgdb stub and may be examined from gdb. See EVENTS
941 +below for details. This version also tightens up the interrupt and SMP
942 +handling to not allow interrupts on the way to kgdb from a breakpoint
943 +trap. It is fine to allow these interrupts for user code, but not
949 +This version of the kgdb package was developed and tested on
950 +kernel version 2.4.16. It will not install on any earlier kernels.
951 +It is possible that it will continue to work on later versions
952 +of 2.4 and then versions of 2.5 (I hope).
958 +Designate one machine as the "development" machine. This is the
959 +machine on which you run your compiles and which has your source
960 +code for the kernel. Designate a second machine as the "target"
961 +machine. This is the machine that will run your experimental
964 +The two machines will be connected together via a serial line out
965 +one or the other of the COM ports of the PC. You will need the
966 +appropriate modem eliminator (null modem) cable(s) for this.
968 +Decide on which tty port you want the machines to communicate, then
969 +connect them up back-to-back using the null modem cable. COM1 is
970 +/dev/ttyS0 and COM2 is /dev/ttyS1. You should test this connection
971 +with the two machines prior to trying to debug a kernel. Once you
972 +have it working, on the TARGET machine, enter:
974 +setserial /dev/ttyS0 (or what ever tty you are using)
976 +and record the port address and the IRQ number.
978 +On the DEVELOPMENT machine you need to apply the patch for the kgdb
979 +hooks. You have probably already done that if you are reading this
982 +On your DEVELOPMENT machine, go to your kernel source directory and do
983 +"make Xconfig" where X is one of "x", "menu", or "". If you are
984 +configuring in the standard serial driver, it must not be a module.
985 +Either yes or no is ok, but making the serial driver a module means it
986 +will initialize after kgdb has set up the UART interrupt code and may
987 +cause a failure of the control-C option discussed below. The configure
988 +question for the serial driver is under the "Character devices" heading
991 +"Standard/generic (8250/16550 and compatible UARTs) serial support"
993 +Go down to the kernel debugging menu item and open it up. Enable the
994 +kernel kgdb stub code by selecting that item. You can also choose to
995 +turn on the "-ggdb -O1" compile options. The -ggdb causes the compiler
996 +to put more debug info (like local symbols) in the object file. On the
997 +i386 -g and -ggdb are the same so this option just reduces to "O1". The
998 +-O1 reduces the optimization level. This may be helpful in some cases,
999 +be aware, however, that this may also mask the problem you are looking
1002 +The baud rate. Default is 115200. What ever you choose be sure that
1003 +the host machine is set to the same speed. I recommend the default.
1005 +The port. This is the I/O address of the serial UART that you should
1006 +have gotten using setserial as described above. The standard COM1 port
1007 +(3f8) using IRQ 4 is default. COM2 is 2f8 which by convention uses IRQ
1010 +The port IRQ (see above).
1012 +Stack overflow test. This option makes a minor change in the trap,
1013 +system call and interrupt code to detect stack overflow and transfer
1014 +control to kgdb if it happens. (Some platforms have this in the
1015 +baseline code, but the i386 does not.)
1017 +You can also configure the system to recognize the boot option
1018 +"console=kgdb" which if given will cause all console output during
1019 +booting to be put thru gdb as well as other consoles. This option
1020 +requires that gdb and kgdb be connected prior to sending console output
1021 +so, if they are not, a breakpoint is executed to force the connection.
1022 +This will happen before any kernel output (it is going thru gdb, right),
1023 +and will stall the boot until the connection is made.
1025 +You can also configure in a patch to SysRq to enable the kGdb SysRq.
1026 +This request generates a breakpoint. Since the serial port IRQ line is
1027 +set up after any serial drivers, it is possible that this command will
1028 +work when the control-C will not.
1030 +Save and exit the Xconfig program. Then do "make clean" , "make dep"
1031 +and "make bzImage" (or whatever target you want to make). This gets the
1032 +kernel compiled with the "-g" option set -- necessary for debugging.
1034 +You have just built the kernel on your DEVELOPMENT machine that you
1035 +intend to run on your TARGET machine.
1037 +To install this new kernel, use the following installation procedure.
1038 +Remember, you are on the DEVELOPMENT machine patching the kernel source
1039 +for the kernel that you intend to run on the TARGET machine.
1041 +Copy this kernel to your target machine using your usual procedures. I
1042 +usually arrange to copy development:
1043 +/usr/src/linux/arch/i386/boot/bzImage to /vmlinuz on the TARGET machine
1044 +via a LAN based NFS access. That is, I run the cp command on the target
1045 +and copy from the development machine via the LAN. Run Lilo (see "man
1046 +lilo" for details on how to set this up) on the new kernel on the target
1047 +machine so that it will boot! Then boot the kernel on the target
1050 +On the DEVELOPMENT machine, create a file called .gdbinit in the
1051 +directory /usr/src/linux. An example .gdbinit file looks like this:
1053 +shell echo -e "\003" >/dev/ttyS0
1054 +set remotebaud 38400 (or what ever speed you have chosen)
1055 +target remote /dev/ttyS0
1058 +Change the "echo" and "target" definition so that it specifies the tty
1059 +port that you intend to use. Change the "remotebaud" definition to
1060 +match the data rate that you are going to use for the com line.
1062 +You are now ready to try it out.
1064 +Boot your target machine with "kgdb" in the boot command i.e. something
1069 +or if you also want console output thru gdb:
1071 +lilo> test kgdb console=kgdb
1073 +You should see the lilo message saying it has loaded the kernel and then
1074 +all output stops. The kgdb stub is trying to connect with gdb. Start
1075 +gdb something like this:
1078 +On your DEVELOPMENT machine, cd /usr/src/linux and enter "gdb vmlinux".
1079 +When gdb gets the symbols loaded it will read your .gdbinit file and, if
1080 +everything is working correctly, you should see gdb print out a few
1081 +lines indicating that a breakpoint has been taken. It will actually
1082 +show a line of code in the target kernel inside the kgdb activation
1085 +The gdb interaction should look something like this:
1087 + linux-dev:/usr/src/linux# gdb vmlinux
1088 + GDB is free software and you are welcome to distribute copies of it
1089 + under certain conditions; type "show copying" to see the conditions.
1090 + There is absolutely no warranty for GDB; type "show warranty" for details.
1091 + GDB 4.15.1 (i486-slackware-linux),
1092 + Copyright 1995 Free Software Foundation, Inc...
1093 + breakpoint () at i386-stub.c:750
1097 +You can now use whatever gdb commands you like to set breakpoints.
1098 +Enter "continue" to start your target machine executing again. At this
1099 +point the target system will run at full speed until it encounters
1100 +your breakpoint or gets a segment violation in the kernel, or whatever.
1102 +If you have the kgdb console enabled when you continue, gdb will print
1103 +out all the console messages.
1105 +The above example caused a breakpoint relatively early in the boot
1106 +process. For the i386 kgdb it is possible to code a break instruction
1107 +as the first C-language point in init/main.c, i.e. as the first instruction
1108 +in start_kernel(). This could be done as follows:
1110 +#include <asm/kgdb.h>
1113 +This breakpoint() is really a function that sets up the breakpoint and
1114 +single-step hardware trap cells and then executes a breakpoint. Any
1115 +early hard coded breakpoint will need to use this function. Once the
1116 +trap cells are set up they need not be set again, but doing it again
1117 +does not hurt anything, so you don't need to be concerned about which
1118 +breakpoint is hit first. Once the trap cells are set up (and the kernel
1119 +sets them up in due course even if breakpoint() is never called) the
1124 +will generate an inline breakpoint. This may be more useful as it stops
1125 +the processor at the instruction instead of in a function a step removed
1126 +from the location of interest. In either case <asm/kgdb.h> must be
1127 +included to define both breakpoint() and BREAKPOINT.
1129 +Triggering kgdbstub at other times
1130 +==================================
1132 +Often you don't need to enter the debugger until much later in the boot
1133 +or even after the machine has been running for some time. Once the
1134 +kernel is booted and interrupts are on, you can force the system to
1135 +enter the debugger by sending a control-C to the debug port. This is
1136 +what the first line of the recommended .gdbinit file does. This allows
1137 +you to start gdb any time after the system is up as well as when the
1138 +system is already at a breakpoint. (In the case where the system is
1139 +already at a breakpoint the control-C is not needed, however, it will
1140 +be ignored by the target so no harm is done. Also note the the echo
1141 +command assumes that the port speed is already set. This will be true
1142 +once gdb has connected, but it is best to set the port speed before you
1145 +Another simple way to do this is to put the following file in you ~/bin
1149 +echo -e "\003" > /dev/ttyS0
1151 +Here, the ttyS0 should be replaced with what ever port you are using.
1152 +The "\003" is control-C. Once you are connected with gdb, you can enter
1153 +control-C at the command prompt.
1155 +An alternative way to get control to the debugger is to enable the kGdb
1156 +SysRq command. Then you would enter Alt-SysRq-g (all three keys at the
1157 +same time, but push them down in the order given). To refresh your
1158 +memory of the available SysRq commands try Alt-SysRq-=. Actually any
1159 +undefined command could replace the "=", but I like to KNOW that what I
1160 +am pushing will never be defined.
1165 +You can break into the target machine at any time from the development
1166 +machine by typing ^C (see above paragraph). If the target machine has
1167 +interrupts enabled this will stop it in the kernel and enter the
1170 +There is unfortunately no way of breaking into the kernel if it is
1171 +in a loop with interrupts disabled, so if this happens to you then
1172 +you need to place exploratory breakpoints or printk's into the kernel
1173 +to find out where it is looping. The exploratory breakpoints can be
1174 +entered either thru gdb or hard coded into the source. This is very
1175 +handy if you do something like:
1177 +if (<it hurts>) BREAKPOINT;
1180 +There is a copy of an e-mail in the Documentation/i386/kgdb/ directory
1181 +(debug-nmi.txt) which describes how to create an NMI on an ISA bus
1182 +machine using a paper clip. I have a sophisticated version of this made
1183 +by wiring a push button switch into a PC104/ISA bus adapter card. The
1184 +adapter card nicely furnishes wire wrap pins for all the ISA bus
1187 +When you are done debugging the kernel on the target machine it is a
1188 +good idea to leave it in a running state. This makes reboots faster,
1189 +bypassing the fsck. So do a gdb "continue" as the last gdb command if
1190 +this is possible. To terminate gdb itself on the development machine
1191 +and leave the target machine running, first clear all breakpoints and
1192 +continue, then type ^Z to suspend gdb and then kill it with "kill %1" or
1195 +If gdbstub Does Not Work
1196 +========================
1198 +If it doesn't work, you will have to troubleshoot it. Do the easy
1199 +things first like double checking your cabling and data rates. You
1200 +might try some non-kernel based programs to see if the back-to-back
1201 +connection works properly. Just something simple like cat /etc/hosts
1202 +>/dev/ttyS0 on one machine and cat /dev/ttyS0 on the other will tell you
1203 +if you can send data from one machine to the other. Make sure it works
1204 +in both directions. There is no point in tearing out your hair in the
1205 +kernel if the line doesn't work.
1207 +All of the real action takes place in the file
1208 +/usr/src/linux/arch/i386/kernel/kgdb_stub.c. That is the code on the target
1209 +machine that interacts with gdb on the development machine. In gdb you can
1210 +turn on a debug switch with the following command:
1214 +This will print out the protocol messages that gdb is exchanging with
1215 +the target machine.
1217 +Another place to look is /usr/src/arch/i386/lib/kgdb_serial.c. This is
1218 +the code that talks to the serial port on the target side. There might
1219 +be a problem there. In particular there is a section of this code that
1220 +tests the UART which will tell you what UART you have if you define
1221 +"PRNT" (just remove "_off" from the #define PRNT_off). To view this
1222 +report you will need to boot the system without any beakpoints. This
1223 +allows the kernel to run to the point where it calls kgdb to set up
1224 +interrupts. At this time kgdb will test the UART and print out the type
1225 +it finds. (You need to wait so that the printks are actually being
1226 +printed. Early in the boot they are cached, waiting for the console to
1227 +be enabled. Also, if kgdb is entered thru a breakpoint it is possible
1228 +to cause a dead lock by calling printk when the console is locked. The
1229 +stub thus avoids doing printks from breakpoints, especially in the
1230 +serial code.) At this time, if the UART fails to do the expected thing,
1231 +kgdb will print out (using printk) information on what failed. (These
1232 +messages will be buried in all the other boot up messages. Look for
1233 +lines that start with "gdb_hook_interrupt:". You may want to use dmesg
1234 +once the system is up to view the log. If this fails or if you still
1235 +don't connect, review your answers for the port address. Use:
1237 +setserial /dev/ttyS0
1239 +to get the current port and IRQ information. This command will also
1240 +tell you what the system found for the UART type. The stub recognizes
1241 +the following UART types:
1243 +16450, 16550, and 16550A
1245 +If you are really desperate you can use printk debugging in the
1246 +kgdbstub code in the target kernel until you get it working. In particular,
1247 +there is a global variable in /usr/src/linux/arch/i386/kernel/kgdb_stub.c
1248 +named "remote_debug". Compile your kernel with this set to 1, rather
1249 +than 0 and the debug stub will print out lots of stuff as it does
1250 +what it does. Likewise there are debug printks in the kgdb_serial.c
1251 +code that can be turned on with simple changes in the macro defines.
1254 +Debugging Loadable Modules
1255 +==========================
1257 +This technique comes courtesy of Edouard Parmelan
1258 +<Edouard.Parmelan@quadratec.fr>
1260 +When you run gdb, enter the command
1262 +source gdbinit-modules
1264 +This will read in a file of gdb macros that was installed in your
1265 +kernel source directory when kgdb was installed. This file implements
1266 +the following commands:
1269 + Lists the loaded modules in the form <module-address> <module-name>
1271 +mod-print-symbols <module-address>
1272 + Prints all the symbols in the indicated module.
1274 +mod-add-symbols <module-address> <object-file-path-name>
1275 + Loads the symbols from the object file and associates them
1276 + with the indicated module.
1278 +After you have loaded the module that you want to debug, use the command
1279 +mod-list to find the <module-address> of your module. Then use that
1280 +address in the mod-add-symbols command to load your module's symbols.
1281 +From that point onward you can debug your module as if it were a part
1284 +The file gdbinit-modules also contains a command named mod-add-lis as
1285 +an example of how to construct a command of your own to load your
1286 +favorite module. The idea is to "can" the pathname of the module
1287 +in the command so you don't have to type so much.
1292 +Each process in a target machine is seen as a gdb thread. gdb thread
1293 +related commands (info threads, thread n) can be used.
1295 +ia-32 hardware breakpoints
1296 +==========================
1298 +kgdb stub contains support for hardware breakpoints using debugging features
1299 +of ia-32(x86) processors. These breakpoints do not need code modification.
1300 +They use debugging registers. 4 hardware breakpoints are available in ia-32
1303 +Each hardware breakpoint can be of one of the following three types.
1305 +1. Execution breakpoint - An Execution breakpoint is triggered when code
1306 + at the breakpoint address is executed.
1308 + As limited number of hardware breakpoints are available, it is
1309 + advisable to use software breakpoints ( break command ) instead
1310 + of execution hardware breakpoints, unless modification of code
1313 +2. Write breakpoint - A write breakpoint is triggered when memory
1314 + location at the breakpoint address is written.
1316 + A write or can be placed for data of variable length. Length of
1317 + a write breakpoint indicates length of the datatype to be
1318 + watched. Length is 1 for 1 byte data , 2 for 2 byte data, 3 for
1321 +3. Access breakpoint - An access breakpoint is triggered when memory
1322 + location at the breakpoint address is either read or written.
1324 + Access breakpoints also have lengths similar to write breakpoints.
1326 +IO breakpoints in ia-32 are not supported.
1328 +Since gdb stub at present does not use the protocol used by gdb for hardware
1329 +breakpoints, hardware breakpoints are accessed through gdb macros. gdb macros
1330 +for hardware breakpoints are described below.
1332 +hwebrk - Places an execution breakpoint
1333 + hwebrk breakpointno address
1334 +hwwbrk - Places a write breakpoint
1335 + hwwbrk breakpointno length address
1336 +hwabrk - Places an access breakpoint
1337 + hwabrk breakpointno length address
1338 +hwrmbrk - Removes a breakpoint
1339 + hwrmbrk breakpointno
1340 +exinfo - Tells whether a software or hardware breakpoint has occurred.
1341 + Prints number of the hardware breakpoint if a hardware breakpoint has
1344 +Arguments required by these commands are as follows
1345 +breakpointno - 0 to 3
1347 +address - Memory location in hex digits ( without 0x ) e.g c015e9bc
1352 +When a breakpoint occurs or user issues a break ( Ctrl + C ) to gdb
1353 +client, all the processors are forced to enter the debugger. Current
1354 +thread corresponds to the thread running on the processor where
1355 +breakpoint occurred. Threads running on other processor(s) appear
1356 +similar to other non-running threads in the 'info threads' output.
1357 +Within the kgdb stub there is a structure "waiting_cpus" in which kgdb
1358 +records the values of "current" and "regs" for each CPU other than the
1359 +one that hit the breakpoint. "current" is a pointer to the task
1360 +structure for the task that CPU is running, while "regs" points to the
1361 +saved registers for the task. This structure can be examined with the
1364 +ia-32 hardware debugging registers on all processors are set to same
1365 +values. Hence any hardware breakpoints may occur on any processor.
1367 +gdb troubleshooting
1368 +===================
1371 +Kill it. restart gdb. Connect to target machine.
1373 +2. gdb cannot connect to target machine (after killing a gdb and
1374 +restarting another) If the target machine was not inside debugger when
1375 +you killed gdb, gdb cannot connect because the target machine won't
1376 +respond. In this case echo "Ctrl+C"(ASCII 3) to the serial line.
1377 +e.g. echo -e "\003" > /dev/ttyS1
1378 +This forces that target machine into the debugger, after which you
1381 +3. gdb cannot connect even after echoing Ctrl+C into serial line
1382 +Try changing serial line settings min to 1 and time to 0
1383 +e.g. stty min 1 time 0 < /dev/ttyS1
1386 +Check serial line speed and set it to correct value if required
1387 +e.g. stty ispeed 115200 ospeed 115200 < /dev/ttyS1
1392 +Ever want to know the order of things happening? Which CPU did what and
1393 +when? How did the spinlock get the way it is? Then events are for
1394 +you. Events are defined by calls to an event collection interface and
1395 +saved for later examination. In this case, kgdb events are saved by a
1396 +very fast bit of code in kgdb which is fully SMP and interrupt protected
1397 +and they are examined by using gdb to display them. Kgdb keeps only
1398 +the last N events, where N must be a power of two and is defined at
1402 +Events are signaled to kgdb by calling:
1404 +kgdb_ts(data0,data1)
1406 +For each call kgdb records each call in an array along with other info.
1407 +Here is the array definition:
1409 +struct kgdb_and_then_struct {
1413 + long long at_time;
1422 +For SMP machines the CPU is recorded, for all machines the TSC is
1423 +recorded (gets a time stamp) as well as the line number and source file
1424 +the call was made from. The address of the (from), the "if" (interrupt
1425 +flag) and the two data items are also recorded. The macro kgdb_ts casts
1426 +the types to int, so you can put any 32-bit values here. There is a
1427 +configure option to select the number of events you want to keep. A
1428 +nice number might be 128, but you can keep up to 1024 if you want. The
1429 +number must be a power of two. An "andthen" macro library is provided
1430 +for gdb to help you look at these events. It is also possible to define
1431 +a different structure for the event storage and cast the data to this
1432 +structure. For example the following structure is defined in kgdb:
1434 +struct kgdb_and_then_struct2 {
1438 + long long at_time;
1443 + struct task_struct *t1;
1444 + struct task_struct *t2;
1447 +If you use this for display, the data elements will be displayed as
1448 +pointers to task_struct entries. You may want to define your own
1449 +structure to use in casting. You should only change the last two items
1450 +and you must keep the structure size the same. Kgdb will handle these
1451 +as 32-bit ints, but within that constraint you can define a structure to
1452 +cast to any 32-bit quantity. This need only be available to gdb and is
1453 +only used for casting in the display code.
1458 +I picked up this code from Amit S. Kale and enhanced it.
1460 +If you make some really cool modification to this stuff, or if you
1461 +fix a bug, please let me know.
1464 +<george@mvista.com>
1467 +<akale@veritas.com>
1469 +(First kgdb by David Grothe <dave@gcom.com>)
1471 +(modified by Tigran Aivazian <tigran@sco.com>)
1472 + Putting gdbstub into the kernel config menu.
1474 +(modified by Scott Foehner <sfoehner@engr.sgi.com>)
1475 + Hooks for entering gdbstub at boot time.
1477 +(modified by Amit S. Kale <akale@veritas.com>)
1478 + Threads, ia-32 hw debugging, mp support, console support,
1479 + nmi watchdog handling.
1481 +(modified by George Anzinger <george@mvista.com>)
1482 + Extended threads to include the idle threads.
1483 + Enhancements to allow breakpoint() at first C code.
1484 + Use of module_init() and __setup() to automate the configure.
1485 + Enhanced the cpu "collection" code to work in early bring-up.
1486 + Added ability to call functions from gdb
1487 + Print info thread stuff without going back to schedule()
1488 + Now collect the "other" cpus with an IPI/ NMI.
1489 Index: linux/Documentation/i386/kgdb/loadmodule.sh
1490 ===================================================================
1491 --- linux.orig/Documentation/i386/kgdb/loadmodule.sh
1492 +++ linux/Documentation/i386/kgdb/loadmodule.sh
1495 +# This script loads a module on a target machine and generates a gdb script.
1496 +# source generated gdb script to load the module file at appropriate addresses
1500 +# Loading the module on target machine and generating gdb script)
1501 +# [foo]$ loadmodule.sh <modulename>
1503 +# Loading the module file into gdb
1504 +# (gdb) source <gdbscriptpath>
1506 +# Modify following variables according to your setup.
1507 +# TESTMACHINE - Name of the target machine
1508 +# GDBSCRIPTS - The directory where a gdb script will be generated
1510 +# Author: Amit S. Kale (akale@veritas.com).
1512 +# If you run into problems, please check files pointed to by following
1514 +# ERRFILE - /tmp/<modulename>.errs contains stderr output of insmod
1515 +# MAPFILE - /tmp/<modulename>.map contains stdout output of insmod
1516 +# GDBSCRIPT - $GDBSCRIPTS/load<modulename> gdb script.
1519 +GDBSCRIPTS=/home/bar
1521 +if [ $# -lt 1 ] ; then {
1522 + echo Usage: $0 modulefile
1527 +MODULEFILEBASENAME=`basename $1`
1529 +if [ $MODULEFILE = $MODULEFILEBASENAME ] ; then {
1530 + MODULEFILE=`pwd`/$MODULEFILE
1533 +ERRFILE=/tmp/$MODULEFILEBASENAME.errs
1534 +MAPFILE=/tmp/$MODULEFILEBASENAME.map
1535 +GDBSCRIPT=$GDBSCRIPTS/load$MODULEFILEBASENAME
1537 +function findaddr() {
1538 + local ADDR=0x$(echo "$SEGMENTS" | \
1539 + grep "$1" | sed 's/^[^ ]*[ ]*[^ ]*[ ]*//' | \
1540 + sed 's/[ ]*[^ ]*$//')
1544 +function checkerrs() {
1545 + if [ "`cat $ERRFILE`" != "" ] ; then {
1552 +echo Copying $MODULEFILE to $TESTMACHINE
1553 +rcp $MODULEFILE root@${TESTMACHINE}:
1555 +echo Loading module $MODULEFILE
1556 +rsh -l root $TESTMACHINE /sbin/insmod -m ./`basename $MODULEFILE` \
1557 + > $MAPFILE 2> $ERRFILE
1560 +SEGMENTS=`head -n 11 $MAPFILE | tail -n 10`
1561 +TEXTADDR=$(findaddr "\\.text[^.]")
1562 +LOADSTRING="add-symbol-file $MODULEFILE $TEXTADDR"
1563 +SEGADDRS=`echo "$SEGMENTS" | awk '//{
1564 + if ($1 != ".text" && $1 != ".this" &&
1565 + $1 != ".kstrtab" && $1 != ".kmodtab") {
1566 + print " -s " $1 " 0x" $3 " "
1569 +LOADSTRING="$LOADSTRING $SEGADDRS"
1570 +echo Generating script $GDBSCRIPT
1571 +echo $LOADSTRING > $GDBSCRIPT
1572 Index: linux/MAINTAINERS
1573 ===================================================================
1574 --- linux.orig/MAINTAINERS
1575 +++ linux/MAINTAINERS
1576 @@ -1247,6 +1247,12 @@ W: http://sf.net/projects/kernel-janitor
1577 W: http://developer.osdl.org/rddunlap/kj-patches/
1580 +KGDB FOR I386 PLATFORM
1582 +M: george@mvista.com
1583 +L: linux-net@vger.kernel.org
1588 M: neilb@cse.unsw.edu.au
1589 Index: linux/arch/i386/Kconfig
1590 ===================================================================
1591 --- linux.orig/arch/i386/Kconfig
1592 +++ linux/arch/i386/Kconfig
1593 @@ -1292,6 +1292,14 @@ menu "Executable file formats"
1595 source "fs/Kconfig.binfmt"
1597 +config TRAP_BAD_SYSCALL_EXITS
1598 + bool "Debug bad system call exits"
1601 + If you say Y here the kernel will check for system calls which
1602 + return without clearing preempt.
1607 source "drivers/Kconfig"
1608 Index: linux/arch/i386/Kconfig.debug
1609 ===================================================================
1610 --- linux.orig/arch/i386/Kconfig.debug
1611 +++ linux/arch/i386/Kconfig.debug
1612 @@ -77,4 +77,6 @@ config X86_MPPARSE
1613 depends on X86_LOCAL_APIC && !X86_VISWS
1616 +source "arch/i386/Kconfig.kgdb"
1619 Index: linux/arch/i386/Kconfig.kgdb
1620 ===================================================================
1621 --- linux.orig/arch/i386/Kconfig.kgdb
1622 +++ linux/arch/i386/Kconfig.kgdb
1625 + bool "Include kgdb kernel debugger"
1626 + depends on DEBUG_KERNEL
1628 + If you say Y here, the system will be compiled with the debug
1629 + option (-g) and a debugging stub will be included in the
1630 + kernel. This stub communicates with gdb on another (host)
1631 + computer via a serial port. The host computer should have
1632 + access to the kernel binary file (vmlinux) and a serial port
1633 + that is connected to the target machine. Gdb can be made to
1634 + configure the serial port or you can use stty and setserial to
1635 + do this. See the 'target' command in gdb. This option also
1636 + configures in the ability to request a breakpoint early in the
1637 + boot process. To request the breakpoint just include 'kgdb'
1638 + as a boot option when booting the target machine. The system
1639 + will then break as soon as it looks at the boot options. This
1640 + option also installs a breakpoint in panic and sends any
1641 + kernel faults to the debugger. For more information see the
1642 + Documentation/i386/kgdb/kgdb.txt file.
1646 + prompt "Debug serial port BAUD"
1647 + default KGDB_115200BAUD
1649 + Gdb and the kernel stub need to agree on the baud rate to be
1650 + used. Some systems (x86 family at this writing) allow this to
1653 +config KGDB_9600BAUD
1656 +config KGDB_19200BAUD
1659 +config KGDB_38400BAUD
1662 +config KGDB_57600BAUD
1665 +config KGDB_115200BAUD
1670 + hex "hex I/O port address of the debug serial port"
1674 + Some systems (x86 family at this writing) allow the port
1675 + address to be configured. The number entered is assumed to be
1676 + hex, don't put 0x in front of it. The standard address are:
1677 + COM1 3f8 , irq 4 and COM2 2f8 irq 3. Setserial /dev/ttySx
1678 + will tell you what you have. It is good to test the serial
1679 + connection with a live system before trying to debug.
1682 + int "IRQ of the debug serial port"
1686 + This is the irq for the debug port. If everything is working
1687 + correctly and the kernel has interrupts on a control C to the
1688 + port should cause a break into the kernel debug stub.
1696 + bool "Add any additional compile options"
1700 + Saying yes here turns on the ability to enter additional
1704 +config KGDB_OPTIONS
1705 + depends on KGDB_MORE
1706 + string "Additional compile arguments"
1709 + This option allows you enter additional compile options for
1710 + the whole kernel compile. Each platform will have a default
1711 + that seems right for it. For example on PPC "-ggdb -O1", and
1712 + for i386 "-O1". Note that by configuring KGDB "-g" is already
1713 + turned on. In addition, on i386 platforms
1714 + "-fomit-frame-pointer" is deleted from the standard compile
1717 +config NO_KGDB_CPUS
1718 + int "Number of CPUs"
1719 + depends on KGDB && SMP
1723 + This option sets the number of cpus for kgdb ONLY. It is used
1724 + to prune some internal structures so they look "nice" when
1725 + displayed with gdb. This is to overcome possibly larger
1726 + numbers that may have been entered above. Enter the real
1727 + number to get nice clean kgdb_info displays.
1730 + bool "Enable kgdb time stamp macros?"
1734 + Kgdb event macros allow you to instrument your code with calls
1735 + to the kgdb event recording function. The event log may be
1736 + examined with gdb at a break point. Turning on this
1737 + capability also allows you to choose how many events to
1738 + keep. Kgdb always keeps the lastest events.
1741 + depends on KGDB_TS
1742 + prompt "Max number of time stamps to save?"
1743 + default KGDB_TS_128
1757 +config KGDB_TS_1024
1762 +config STACK_OVERFLOW_TEST
1763 + bool "Turn on kernel stack overflow testing?"
1767 + This option enables code in the front line interrupt handlers
1768 + to check for kernel stack overflow on interrupts and system
1769 + calls. This is part of the kgdb code on x86 systems.
1771 +config KGDB_CONSOLE
1772 + bool "Enable serial console thru kgdb port"
1776 + This option enables the command line "console=kgdb" option.
1777 + When the system is booted with this option in the command line
1778 + all kernel printk output is sent to gdb (as well as to other
1779 + consoles). For this to work gdb must be connected. For this
1780 + reason, this command line option will generate a breakpoint if
1781 + gdb has not yet connected. After the gdb continue command is
1782 + given all pent up console output will be printed by gdb on the
1783 + host machine. Neither this option, nor KGDB require the
1784 + serial driver to be configured.
1787 + bool "Turn on SysRq 'G' command to do a break?"
1791 + This option includes an option in the SysRq code that allows
1792 + you to enter SysRq G which generates a breakpoint to the KGDB
1793 + stub. This will work if the keyboard is alive and can
1794 + interrupt the system. Because of constraints on when the
1795 + serial port interrupt can be enabled, this code may allow you
1796 + to interrupt the system before the serial port control C is
1797 + available. Just say yes here.
1799 Index: linux/arch/i386/Makefile
1800 ===================================================================
1801 --- linux.orig/arch/i386/Makefile
1802 +++ linux/arch/i386/Makefile
1803 @@ -102,6 +102,9 @@ core-$(CONFIG_X86_ES7000) := arch/i386/m
1804 # default subarch .h files
1805 mflags-y += -Iinclude/asm-i386/mach-default
1807 +mflags-$(CONFIG_KGDB) += -gdwarf-2
1808 +mflags-$(CONFIG_KGDB_MORE) += $(shell echo $(CONFIG_KGDB_OPTIONS) | sed -e 's/"//g')
1810 head-y := arch/i386/kernel/head.o arch/i386/kernel/init_task.o
1812 libs-y += arch/i386/lib/
1813 Index: linux/arch/i386/kernel/Makefile
1814 ===================================================================
1815 --- linux.orig/arch/i386/kernel/Makefile
1816 +++ linux/arch/i386/kernel/Makefile
1817 @@ -14,6 +14,7 @@ obj-y += timers/
1818 obj-$(CONFIG_ACPI_BOOT) += acpi/
1819 obj-$(CONFIG_X86_BIOS_REBOOT) += reboot.o
1820 obj-$(CONFIG_MCA) += mca.o
1821 +obj-$(CONFIG_KGDB) += kgdb_stub.o
1822 obj-$(CONFIG_X86_MSR) += msr.o
1823 obj-$(CONFIG_X86_CPUID) += cpuid.o
1824 obj-$(CONFIG_MICROCODE) += microcode.o
1825 Index: linux/arch/i386/kernel/entry.S
1826 ===================================================================
1827 --- linux.orig/arch/i386/kernel/entry.S
1828 +++ linux/arch/i386/kernel/entry.S
1830 #include <asm/smp.h>
1831 #include <asm/page.h>
1832 #include "irq_vectors.h"
1833 + /* We do not recover from a stack overflow, but at least
1834 + * we know it happened and should be able to track it down.
1836 +#ifdef CONFIG_STACK_OVERFLOW_TEST
1837 +#define STACK_OVERFLOW_TEST \
1838 + testl $(THREAD_SIZE - 512),%esp; \
1840 + call stack_overflow; \
1843 +#define STACK_OVERFLOW_TEST
1846 #define nr_syscalls ((syscall_table_size)/4)
1848 @@ -191,7 +203,8 @@ int80_ret_end_marker: \
1850 movl $(__USER_DS), %edx; \
1854 + STACK_OVERFLOW_TEST
1856 #define __RESTORE_INT_REGS \
1858 @@ -361,6 +374,7 @@ need_resched:
1859 # sysenter call handler stub
1860 ENTRY(sysenter_entry)
1861 movl TSS_sysenter_esp0(%esp),%esp
1862 + .globl sysenter_past_esp
1866 @@ -441,6 +455,19 @@ syscall_exit:
1867 testw $_TIF_ALLWORK_MASK, %cx # current->work
1868 jne syscall_exit_work
1870 +#ifdef CONFIG_TRAP_BAD_SYSCALL_EXITS
1871 + movl EFLAGS(%esp), %eax # mix EFLAGS and CS
1872 + movb CS(%esp), %al
1873 + testl $(VM_MASK | 3), %eax
1874 + jz resume_kernelX # returning to kernel or vm86-space
1876 + cmpl $0,TI_preempt_count(%ebp) # non-zero preempt_count ?
1885 # perform work that needs to be done immediately before resumption
1886 Index: linux/arch/i386/kernel/kgdb_stub.c
1887 ===================================================================
1888 --- linux.orig/arch/i386/kernel/kgdb_stub.c
1889 +++ linux/arch/i386/kernel/kgdb_stub.c
1893 + * This program is free software; you can redistribute it and/or modify it
1894 + * under the terms of the GNU General Public License as published by the
1895 + * Free Software Foundation; either version 2, or (at your option) any
1898 + * This program is distributed in the hope that it will be useful, but
1899 + * WITHOUT ANY WARRANTY; without even the implied warranty of
1900 + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
1901 + * General Public License for more details.
1906 + * Copyright (c) 2000 VERITAS Software Corporation.
1909 +/****************************************************************************
1910 + * Header: remcom.c,v 1.34 91/03/09 12:29:49 glenne Exp $
1912 + * Module name: remcom.c $
1913 + * Revision: 1.34 $
1914 + * Date: 91/03/09 12:29:49 $
1915 + * Contributor: Lake Stevens Instrument Division$
1917 + * Description: low level support for gdb debugger. $
1919 + * Considerations: only works on target hardware $
1921 + * Written by: Glenn Engel $
1922 + * Updated by: David Grothe <dave@gcom.com>
1923 + * ModuleState: Experimental $
1925 + * NOTES: See Below $
1927 + * Modified for 386 by Jim Kingdon, Cygnus Support.
1928 + * Compatibility with 2.1.xx kernel by David Grothe <dave@gcom.com>
1930 + * Changes to allow auto initilization. All that is needed is that it
1931 + * be linked with the kernel and a break point (int 3) be executed.
1932 + * The header file <asm/kgdb.h> defines BREAKPOINT to allow one to do
1933 + * this. It should also be possible, once the interrupt system is up, to
1934 + * call putDebugChar("+"). Once this is done, the remote debugger should
1935 + * get our attention by sending a ^C in a packet. George Anzinger
1936 + * <george@mvista.com>
1937 + * Integrated into 2.2.5 kernel by Tigran Aivazian <tigran@sco.com>
1938 + * Added thread support, support for multiple processors,
1939 + * support for ia-32(x86) hardware debugging.
1940 + * Amit S. Kale ( akale@veritas.com )
1943 + * To enable debugger support, two things need to happen. One, a
1944 + * call to set_debug_traps() is necessary in order to allow any breakpoints
1945 + * or error conditions to be properly intercepted and reported to gdb.
1946 + * Two, a breakpoint needs to be generated to begin communication. This
1947 + * is most easily accomplished by a call to breakpoint(). Breakpoint()
1948 + * simulates a breakpoint by executing an int 3.
1952 + * The following gdb commands are supported:
1954 + * command function Return value
1956 + * g return the value of the CPU registers hex data or ENN
1957 + * G set the value of the CPU registers OK or ENN
1959 + * mAA..AA,LLLL Read LLLL bytes at address AA..AA hex data or ENN
1960 + * MAA..AA,LLLL: Write LLLL bytes at address AA.AA OK or ENN
1962 + * c Resume at current address SNN ( signal NN)
1963 + * cAA..AA Continue at address AA..AA SNN
1965 + * s Step one instruction SNN
1966 + * sAA..AA Step one instruction from AA..AA SNN
1970 + * ? What was the last sigval ? SNN (signal NN)
1972 + * All commands and responses are sent with a packet which includes a
1973 + * checksum. A packet consists of
1975 + * $<packet info>#<checksum>.
1978 + * <packet info> :: <characters representing the command or response>
1979 + * <checksum> :: < two hex digits computed as modulo 256 sum of <packetinfo>>
1981 + * When a packet is received, it is first acknowledged with either '+' or '-'.
1982 + * '+' indicates a successful transfer. '-' indicates a failed transfer.
1987 + * $m0,10#2a +$00010203040506070809101112131415#42
1989 + ****************************************************************************/
1990 +#define KGDB_VERSION "<20030915.1651.33>"
1991 +#include <linux/config.h>
1992 +#include <linux/types.h>
1993 +#include <asm/string.h> /* for strcpy */
1994 +#include <linux/kernel.h>
1995 +#include <linux/sched.h>
1996 +#include <asm/vm86.h>
1997 +#include <asm/system.h>
1998 +#include <asm/ptrace.h> /* for linux pt_regs struct */
1999 +#include <asm/kgdb_local.h>
2000 +#include <linux/list.h>
2001 +#include <asm/atomic.h>
2002 +#include <asm/processor.h>
2003 +#include <linux/irq.h>
2004 +#include <asm/desc.h>
2006 +/************************************************************************
2008 + * external low-level support routines
2010 +typedef void (*Function) (void); /* pointer to a function */
2012 +/* Thread reference */
2013 +typedef unsigned char threadref[8];
2015 +extern void putDebugChar(int); /* write a single character */
2016 +extern int getDebugChar(void); /* read and return a single char */
2018 +/************************************************************************/
2019 +/* BUFMAX defines the maximum number of characters in inbound/outbound buffers*/
2020 +/* at least NUMREGBYTES*2 are needed for register packets */
2021 +/* Longer buffer is needed to list all threads */
2024 +char *kgdb_version = KGDB_VERSION;
2026 +/* debug > 0 prints ill-formed commands in valid packets & checksum errors */
2027 +int debug_regs = 0; /* set to non-zero to print registers */
2029 +/* filled in by an external module */
2030 +char *gdb_module_offsets;
2032 +static const char hexchars[] = "0123456789abcdef";
2034 +/* Number of bytes of registers. */
2035 +#define NUMREGBYTES 64
2037 + * Note that this register image is in a different order than
2038 + * the register image that Linux produces at interrupt time.
2040 + * Linux's register image is defined by struct pt_regs in ptrace.h.
2041 + * Just why GDB uses a different order is a historical mystery.
2043 +enum regnames { _EAX, /* 0 */
2051 + _PC /* 8 also known as eip */ ,
2052 + _PS /* 9 also known as eflags */ ,
2061 +/*************************** ASSEMBLY CODE MACROS *************************/
2063 + * Put the error code here just in case the user cares.
2064 + * Likewise, the vector number here (since GDB only gets the signal
2065 + * number through the usual means, and that's not very specific).
2066 + * The called_from is the return address so he can tell how we entered kgdb.
2067 + * This will allow him to seperate out the various possible entries.
2069 +#define REMOTE_DEBUG 0 /* set != to turn on printing (also available in info) */
2071 +#define PID_MAX PID_MAX_DEFAULT
2074 +void smp_send_nmi_allbutself(void);
2075 +#define IF_SMP(x) x
2077 +#ifndef CONFIG_NO_KGDB_CPUS
2078 +#define CONFIG_NO_KGDB_CPUS 2
2080 +#if CONFIG_NO_KGDB_CPUS > NR_CPUS
2081 +#define MAX_NO_CPUS NR_CPUS
2083 +#define MAX_NO_CPUS CONFIG_NO_KGDB_CPUS
2085 +#define hold_init hold_on_sstep: 1,
2086 +#define MAX_CPU_MASK (unsigned long)((1LL << MAX_NO_CPUS) - 1LL)
2087 +#define NUM_CPUS num_online_cpus()
2092 +#define MAX_NO_CPUS 1
2095 +#define NOCPU (struct task_struct *)0xbad1fbad
2099 + void *called_from;
2100 + long long entry_tsc;
2103 + int print_debug_info;
2105 + int hold_on_sstep;
2107 + volatile struct task_struct *task;
2110 + struct pt_regs *regs;
2111 + } cpus_waiting[MAX_NO_CPUS];
2113 +} kgdb_info = {hold_init print_debug_info:REMOTE_DEBUG, vector:-1};
2117 +#define used_m kgdb_info.used_malloc
2119 + * This is little area we set aside to contain the stack we
2120 + * need to build to allow gdb to call functions. We use one
2121 + * per cpu to avoid locking issues. We will do all this work
2122 + * with interrupts off so that should take care of the protection
2125 +#define LOOKASIDE_SIZE 200 /* should be more than enough */
2126 +#define MALLOC_MAX 200 /* Max malloc size */
2129 + int array[LOOKASIDE_SIZE];
2130 +} fn_call_lookaside[MAX_NO_CPUS];
2132 +static int trap_cpu;
2133 +static unsigned int OLD_esp;
2135 +#define END_OF_LOOKASIDE &fn_call_lookaside[trap_cpu].array[LOOKASIDE_SIZE]
2136 +#define IF_BIT 0x200
2137 +#define TF_BIT 0x100
2139 +#define MALLOC_ROUND 8-1
2141 +static char malloc_array[MALLOC_MAX];
2142 +IF_SMP(static void to_gdb(const char *mess));
2147 + if (size <= (MALLOC_MAX - used_m)) {
2148 + int old_used = used_m;
2149 + used_m += ((size + MALLOC_ROUND) & (~MALLOC_ROUND));
2150 + return &malloc_array[old_used];
2157 + * Gdb calls functions by pushing agruments, including a return address
2158 + * on the stack and the adjusting EIP to point to the function. The
2159 + * whole assumption in GDB is that we are on a different stack than the
2160 + * one the "user" i.e. code that hit the break point, is on. This, of
2161 + * course is not true in the kernel. Thus various dodges are needed to
2162 + * do the call without directly messing with EIP (which we can not change
2163 + * as it is just a location and not a register. To adjust it would then
2164 + * require that we move every thing below EIP up or down as needed. This
2165 + * will not work as we may well have stack relative pointer on the stack
2166 + * (such as the pointer to regs, for example).
2168 + * So here is what we do:
2169 + * We detect gdb attempting to store into the stack area and instead, store
2170 + * into the fn_call_lookaside.array at the same relative location as if it
2171 + * were the area ESP pointed at. We also trap ESP modifications
2172 + * and uses these to adjust fn_call_lookaside.esp. On entry
2173 + * fn_call_lookaside.esp will be set to point at the last entry in
2174 + * fn_call_lookaside.array. This allows us to check if it has changed, and
2175 + * if so, on exit, we add the registers we will use to do the move and a
2176 + * trap/ interrupt return exit sequence. We then adjust the eflags in the
2177 + * regs array (remember we now have a copy in the fn_call_lookaside.array) to
2178 + * kill the interrupt bit, AND we change EIP to point at our set up stub.
2179 + * As part of the register set up we preset the registers to point at the
2180 + * begining and end of the fn_call_lookaside.array, so all the stub needs to
2181 + * do is move words from the array to the stack until ESP= the desired value
2182 + * then do the rti. This will then transfer to the desired function with
2183 + * all the correct registers. Nifty huh?
2185 +extern asmlinkage void fn_call_stub(void);
2186 +extern asmlinkage void fn_rtn_stub(void);
2188 +__asm__("fn_rtn_stub:\n\t"
2189 + "movl %eax,%esp\n\t"
2190 + "fn_call_stub:\n\t"
2192 + "addl $-4,%ebx\n\t"
2193 + "movl (%ebx), %eax\n\t"
2195 + "cmpl %esp,%ecx\n\t"
2202 +#define gdb_i386vector kgdb_info.vector
2203 +#define gdb_i386errcode kgdb_info.errcode
2204 +#define waiting_cpus kgdb_info.cpus_waiting
2205 +#define remote_debug kgdb_info.print_debug_info
2206 +#define hold_cpu(cpu) kgdb_info.cpus_waiting[cpu].hold
2210 +static int in_kgdb_called;
2211 +static spinlock_t waitlocks[MAX_NO_CPUS] =
2212 + {[0 ... MAX_NO_CPUS - 1] = SPIN_LOCK_UNLOCKED };
2214 + * The following array has the thread pointer of each of the "other"
2215 + * cpus. We make it global so it can be seen by gdb.
2217 +volatile int in_kgdb_entry_log[MAX_NO_CPUS];
2218 +volatile struct pt_regs *in_kgdb_here_log[MAX_NO_CPUS];
2220 +static spinlock_t continuelocks[MAX_NO_CPUS];
2222 +spinlock_t kgdb_spinlock = SPIN_LOCK_UNLOCKED;
2223 +/* waiters on our spinlock plus us */
2224 +static atomic_t spinlock_waiters = ATOMIC_INIT(1);
2225 +static int spinlock_count = 0;
2226 +static int spinlock_cpu = 0;
2228 + * Note we use nested spin locks to account for the case where a break
2229 + * point is encountered when calling a function by user direction from
2230 + * kgdb. Also there is the memory exception recursion to account for.
2231 + * Well, yes, but this lets other cpus thru too. Lets add a
2232 + * cpu id to the lock.
2234 +#define KGDB_SPIN_LOCK(x) if( spinlock_count == 0 || \
2235 + spinlock_cpu != smp_processor_id()){\
2236 + atomic_inc(&spinlock_waiters); \
2237 + while (! spin_trylock(x)) {\
2240 + atomic_dec(&spinlock_waiters); \
2241 + spinlock_count = 1; \
2242 + spinlock_cpu = smp_processor_id(); \
2244 + spinlock_count++; \
2246 +#define KGDB_SPIN_UNLOCK(x) if( --spinlock_count == 0) spin_unlock(x)
2248 +unsigned kgdb_spinlock = 0;
2249 +#define KGDB_SPIN_LOCK(x) --*x
2250 +#define KGDB_SPIN_UNLOCK(x) ++*x
2256 + if ((ch >= 'a') && (ch <= 'f'))
2257 + return (ch - 'a' + 10);
2258 + if ((ch >= '0') && (ch <= '9'))
2259 + return (ch - '0');
2260 + if ((ch >= 'A') && (ch <= 'F'))
2261 + return (ch - 'A' + 10);
2265 +/* scan for the sequence $<data>#<checksum> */
2267 +getpacket(char *buffer)
2269 + unsigned char checksum;
2270 + unsigned char xmitcsum;
2276 + /* wait around for the start character, ignore all other characters */
2277 + while ((ch = (getDebugChar() & 0x7f)) != '$') ;
2283 + /* now, read until a # or end of buffer is found */
2284 + while (count < BUFMAX) {
2285 + ch = getDebugChar() & 0x7f;
2288 + checksum = checksum + ch;
2289 + buffer[count] = ch;
2290 + count = count + 1;
2292 + buffer[count] = 0;
2295 + xmitcsum = hex(getDebugChar() & 0x7f) << 4;
2296 + xmitcsum += hex(getDebugChar() & 0x7f);
2297 + if ((remote_debug) && (checksum != xmitcsum)) {
2299 + ("bad checksum. My count = 0x%x, sent=0x%x. buf=%s\n",
2300 + checksum, xmitcsum, buffer);
2303 + if (checksum != xmitcsum)
2304 + putDebugChar('-'); /* failed checksum */
2306 + putDebugChar('+'); /* successful transfer */
2307 + /* if a sequence char is present, reply the sequence ID */
2308 + if (buffer[2] == ':') {
2309 + putDebugChar(buffer[0]);
2310 + putDebugChar(buffer[1]);
2311 + /* remove sequence chars from buffer */
2312 + count = strlen(buffer);
2313 + for (i = 3; i <= count; i++)
2314 + buffer[i - 3] = buffer[i];
2318 + } while (checksum != xmitcsum);
2321 + printk("R:%s\n", buffer);
2324 +/* send the packet in buffer. */
2327 +putpacket(char *buffer)
2329 + unsigned char checksum;
2333 + /* $<packet info>#<checksum>. */
2336 + printk("T:%s\n", buffer);
2337 + putDebugChar('$');
2341 + while ((ch = buffer[count])) {
2347 + putDebugChar('#');
2348 + putDebugChar(hexchars[checksum >> 4]);
2349 + putDebugChar(hexchars[checksum % 16]);
2351 + } while ((getDebugChar() & 0x7f) != '+');
2355 +static char remcomInBuffer[BUFMAX];
2356 +static char remcomOutBuffer[BUFMAX];
2357 +static short error;
2360 +debug_error(char *format, char *parm)
2363 + printk(format, parm);
2367 +print_regs(struct pt_regs *regs)
2369 + printk("EAX=%08lx ", regs->eax);
2370 + printk("EBX=%08lx ", regs->ebx);
2371 + printk("ECX=%08lx ", regs->ecx);
2372 + printk("EDX=%08lx ", regs->edx);
2374 + printk("ESI=%08lx ", regs->esi);
2375 + printk("EDI=%08lx ", regs->edi);
2376 + printk("EBP=%08lx ", regs->ebp);
2377 + printk("ESP=%08lx ", (long) ®s->esp);
2379 + printk(" DS=%08x ", regs->xds);
2380 + printk(" ES=%08x ", regs->xes);
2381 + printk(" SS=%08x ", __KERNEL_DS);
2382 + printk(" FL=%08lx ", regs->eflags);
2384 + printk(" CS=%08x ", regs->xcs);
2385 + printk(" IP=%08lx ", regs->eip);
2387 + printk(" FS=%08x ", regs->fs);
2388 + printk(" GS=%08x ", regs->gs);
2394 +#define NEW_esp fn_call_lookaside[trap_cpu].esp
2397 +regs_to_gdb_regs(int *gdb_regs, struct pt_regs *regs)
2399 + gdb_regs[_EAX] = regs->eax;
2400 + gdb_regs[_EBX] = regs->ebx;
2401 + gdb_regs[_ECX] = regs->ecx;
2402 + gdb_regs[_EDX] = regs->edx;
2403 + gdb_regs[_ESI] = regs->esi;
2404 + gdb_regs[_EDI] = regs->edi;
2405 + gdb_regs[_EBP] = regs->ebp;
2406 + gdb_regs[_DS] = regs->xds;
2407 + gdb_regs[_ES] = regs->xes;
2408 + gdb_regs[_PS] = regs->eflags;
2409 + gdb_regs[_CS] = regs->xcs;
2410 + gdb_regs[_PC] = regs->eip;
2411 + /* Note, as we are a debugging the kernel, we will always
2412 + * trap in kernel code, this means no priviledge change,
2413 + * and so the pt_regs structure is not completely valid. In a non
2414 + * privilege change trap, only EFLAGS, CS and EIP are put on the stack,
2415 + * SS and ESP are not stacked, this means that the last 2 elements of
2416 + * pt_regs is not valid (they would normally refer to the user stack)
2417 + * also, using regs+1 is no good because you end up will a value that is
2418 + * 2 longs (8) too high. This used to cause stepping over functions
2419 + * to fail, so my fix is to use the address of regs->esp, which
2420 + * should point at the end of the stack frame. Note I have ignored
2421 + * completely exceptions that cause an error code to be stacked, such
2422 + * as double fault. Stuart Hughes, Zentropix.
2423 + * original code: gdb_regs[_ESP] = (int) (regs + 1) ;
2425 + * this is now done on entry and moved to OLD_esp (as well as NEW_esp).
2427 + gdb_regs[_ESP] = NEW_esp;
2428 + gdb_regs[_SS] = __KERNEL_DS;
2429 + gdb_regs[_FS] = 0xFFFF;
2430 + gdb_regs[_GS] = 0xFFFF;
2431 +} /* regs_to_gdb_regs */
2434 +gdb_regs_to_regs(int *gdb_regs, struct pt_regs *regs)
2436 + regs->eax = gdb_regs[_EAX];
2437 + regs->ebx = gdb_regs[_EBX];
2438 + regs->ecx = gdb_regs[_ECX];
2439 + regs->edx = gdb_regs[_EDX];
2440 + regs->esi = gdb_regs[_ESI];
2441 + regs->edi = gdb_regs[_EDI];
2442 + regs->ebp = gdb_regs[_EBP];
2443 + regs->xds = gdb_regs[_DS];
2444 + regs->xes = gdb_regs[_ES];
2445 + regs->eflags = gdb_regs[_PS];
2446 + regs->xcs = gdb_regs[_CS];
2447 + regs->eip = gdb_regs[_PC];
2448 + NEW_esp = gdb_regs[_ESP]; /* keep the value */
2449 +#if 0 /* can't change these */
2450 + regs->esp = gdb_regs[_ESP];
2451 + regs->xss = gdb_regs[_SS];
2452 + regs->fs = gdb_regs[_FS];
2453 + regs->gs = gdb_regs[_GS];
2456 +} /* gdb_regs_to_regs */
2458 +int thread_list = 0;
2461 +get_gdb_regs(struct task_struct *p, struct pt_regs *regs, int *gdb_regs)
2463 + unsigned long stack_page;
2466 + if (!p || p == current) {
2467 + regs_to_gdb_regs(gdb_regs, regs);
2471 + for (i = 0; i < MAX_NO_CPUS; i++) {
2472 + if (p == kgdb_info.cpus_waiting[i].task) {
2473 + regs_to_gdb_regs(gdb_regs,
2474 + kgdb_info.cpus_waiting[i].regs);
2476 + (int) &kgdb_info.cpus_waiting[i].regs->esp;
2482 + memset(gdb_regs, 0, NUMREGBYTES);
2483 + gdb_regs[_ESP] = p->thread.esp;
2484 + gdb_regs[_PC] = p->thread.eip;
2485 + gdb_regs[_EBP] = *(int *) gdb_regs[_ESP];
2486 + gdb_regs[_EDI] = *(int *) (gdb_regs[_ESP] + 4);
2487 + gdb_regs[_ESI] = *(int *) (gdb_regs[_ESP] + 8);
2490 + * This code is to give a more informative notion of where a process
2491 + * is waiting. It is used only when the user asks for a thread info
2492 + * list. If he then switches to the thread, s/he will find the task
2493 + * is in schedule, but a back trace should show the same info we come
2494 + * up with. This code was shamelessly purloined from process.c. It was
2495 + * then enhanced to provide more registers than simply the program
2499 + if (!thread_list) {
2503 + if (p->state == TASK_RUNNING)
2505 + stack_page = (unsigned long) p->thread_info;
2506 + if (gdb_regs[_ESP] < stack_page || gdb_regs[_ESP] >
2507 + THREAD_SIZE - sizeof(long) + stack_page)
2509 + /* include/asm-i386/system.h:switch_to() pushes ebp last. */
2511 + if (gdb_regs[_EBP] < stack_page ||
2512 + gdb_regs[_EBP] > THREAD_SIZE - 2*sizeof(long) + stack_page)
2514 + gdb_regs[_PC] = *(unsigned long *) (gdb_regs[_EBP] + 4);
2515 + gdb_regs[_ESP] = gdb_regs[_EBP] + 8;
2516 + gdb_regs[_EBP] = *(unsigned long *) gdb_regs[_EBP];
2517 + if (!in_sched_functions(gdb_regs[_PC]))
2519 + } while (count++ < 16);
2523 +/* Indicate to caller of mem2hex or hex2mem that there has been an
2525 +static volatile int mem_err = 0;
2526 +static volatile int mem_err_expected = 0;
2527 +static volatile int mem_err_cnt = 0;
2528 +static int garbage_loc = -1;
2531 +get_char(char *addr)
2537 +set_char(char *addr, int val, int may_fault)
2540 + * This code traps references to the area mapped to the kernel
2541 + * stack as given by the regs and, instead, stores to the
2542 + * fn_call_lookaside[cpu].array
2545 + (unsigned int) addr < OLD_esp &&
2546 + ((unsigned int) addr > (OLD_esp - (unsigned int) LOOKASIDE_SIZE))) {
2547 + addr = (char *) END_OF_LOOKASIDE - ((char *) OLD_esp - addr);
2552 +/* convert the memory pointed to by mem into hex, placing result in buf */
2553 +/* return a pointer to the last char put in buf (null) */
2554 +/* If MAY_FAULT is non-zero, then we should set mem_err in response to
2555 + a fault; if zero treat a fault like any other fault in the stub. */
2557 +mem2hex(char *mem, char *buf, int count, int may_fault)
2563 + mem_err_expected = 1;
2566 + for (i = 0; i < count; i++) {
2567 + /* printk("%lx = ", mem) ; */
2569 + ch = get_char(mem++);
2571 + /* printk("%02x\n", ch & 0xFF) ; */
2572 + if (may_fault && mem_err) {
2574 + printk("Mem fault fetching from addr %lx\n",
2575 + (long) (mem - 1));
2576 + *buf = 0; /* truncate buffer */
2579 + *buf++ = hexchars[ch >> 4];
2580 + *buf++ = hexchars[ch % 16];
2584 + mem_err_expected = 0;
2588 +/* convert the hex array pointed to by buf into binary to be placed in mem */
2589 +/* return a pointer to the character AFTER the last byte written */
2590 +/* NOTE: We use the may fault flag to also indicate if the write is to
2591 + * the registers (0) or "other" memory (!=0)
2594 +hex2mem(char *buf, char *mem, int count, int may_fault)
2600 + mem_err_expected = 1;
2603 + for (i = 0; i < count; i++) {
2604 + ch = hex(*buf++) << 4;
2605 + ch = ch + hex(*buf++);
2606 + set_char(mem++, ch, may_fault);
2608 + if (may_fault && mem_err) {
2610 + printk("Mem fault storing to addr %lx\n",
2611 + (long) (mem - 1));
2616 + mem_err_expected = 0;
2620 +/**********************************************/
2621 +/* WHILE WE FIND NICE HEX CHARS, BUILD AN INT */
2622 +/* RETURN NUMBER OF CHARS PROCESSED */
2623 +/**********************************************/
2625 +hexToInt(char **ptr, int *intValue)
2633 + hexValue = hex(**ptr);
2634 + if (hexValue >= 0) {
2635 + *intValue = (*intValue << 4) | hexValue;
2643 + return (numChars);
2646 +#define stubhex(h) hex(h)
2647 +#ifdef old_thread_list
2650 +stub_unpack_int(char *buff, int fieldlength)
2655 + while (fieldlength) {
2656 + nibble = stubhex(*buff++);
2660 + retval = retval << 4;
2666 +pack_hex_byte(char *pkt, int byte)
2668 + *pkt++ = hexchars[(byte >> 4) & 0xf];
2669 + *pkt++ = hexchars[(byte & 0xf)];
2673 +#define BUF_THREAD_ID_SIZE 16
2676 +pack_threadid(char *pkt, threadref * id)
2679 + unsigned char *altid;
2681 + altid = (unsigned char *) id;
2682 + limit = pkt + BUF_THREAD_ID_SIZE;
2683 + while (pkt < limit)
2684 + pkt = pack_hex_byte(pkt, *altid++);
2688 +#ifdef old_thread_list
2690 +unpack_byte(char *buf, int *value)
2692 + *value = stub_unpack_int(buf, 2);
2697 +unpack_threadid(char *inbuf, threadref * id)
2700 + char *limit = inbuf + BUF_THREAD_ID_SIZE;
2703 + altref = (char *) id;
2705 + while (inbuf < limit) {
2706 + x = stubhex(*inbuf++);
2707 + y = stubhex(*inbuf++);
2708 + *altref++ = (x << 4) | y;
2714 +int_to_threadref(threadref * id, int value)
2716 + unsigned char *scan;
2718 + scan = (unsigned char *) id;
2724 + *scan++ = (value >> 24) & 0xff;
2725 + *scan++ = (value >> 16) & 0xff;
2726 + *scan++ = (value >> 8) & 0xff;
2727 + *scan++ = (value & 0xff);
2730 +int_to_hex_v(unsigned char * id, int value)
2732 + unsigned char *start = id;
2736 + for (shift = 28; shift >= 0; shift -= 4) {
2737 + if ((ch = (value >> shift) & 0xf) || (id != start)) {
2738 + *id = hexchars[ch];
2744 + return id - start;
2746 +#ifdef old_thread_list
2749 +threadref_to_int(threadref * ref)
2752 + unsigned char *scan;
2754 + scan = (char *) ref;
2758 + value = (value << 8) | ((*scan++) & 0xff);
2763 +cmp_str(char *s1, char *s2, int count)
2766 + if (*s1++ != *s2++)
2772 +#if 1 /* this is a hold over from 2.4 where O(1) was "sometimes" */
2773 +extern struct task_struct *kgdb_get_idle(int cpu);
2774 +#define idle_task(cpu) kgdb_get_idle(cpu)
2776 +#define idle_task(cpu) init_tasks[cpu]
2779 +extern int kgdb_pid_init_done;
2781 +struct task_struct *
2784 + struct task_struct *thread;
2785 + if (pid >= PID_MAX && pid <= (PID_MAX + MAX_NO_CPUS)) {
2787 + return idle_task(pid - PID_MAX);
2790 + * find_task_by_pid is relatively safe all the time
2791 + * Other pid functions require lock downs which imply
2792 + * that we may be interrupting them (as we get here
2793 + * in the middle of most any lock down).
2794 + * Still we don't want to call until the table exists!
2796 + if (kgdb_pid_init_done){
2797 + thread = find_task_by_pid(pid);
2806 +struct hw_breakpoint {
2811 +} breakinfo[4] = { {enabled:0},
2816 +unsigned hw_breakpoint_status;
2818 +correct_hw_break(void)
2825 + asm volatile ("movl %%db7, %0\n":"=r" (dr7)
2827 + /* *INDENT-OFF* */
2829 + unsigned addr0, addr1, addr2, addr3;
2830 + asm volatile ("movl %%db0, %0\n"
2831 + "movl %%db1, %1\n"
2832 + "movl %%db2, %2\n"
2833 + "movl %%db3, %3\n"
2834 + :"=r" (addr0), "=r"(addr1),
2835 + "=r"(addr2), "=r"(addr3)
2840 + for (breakno = 0; breakno < 3; breakno++) {
2841 + breakbit = 2 << (breakno << 1);
2842 + if (!(dr7 & breakbit) && breakinfo[breakno].enabled) {
2845 + dr7 &= ~(0xf0000 << (breakno << 2));
2846 + dr7 |= (((breakinfo[breakno].len << 2) |
2847 + breakinfo[breakno].type) << 16) <<
2849 + switch (breakno) {
2851 + asm volatile ("movl %0, %%dr0\n"::"r"
2852 + (breakinfo[breakno].addr));
2856 + asm volatile ("movl %0, %%dr1\n"::"r"
2857 + (breakinfo[breakno].addr));
2861 + asm volatile ("movl %0, %%dr2\n"::"r"
2862 + (breakinfo[breakno].addr));
2866 + asm volatile ("movl %0, %%dr3\n"::"r"
2867 + (breakinfo[breakno].addr));
2870 + } else if ((dr7 & breakbit) && !breakinfo[breakno].enabled) {
2873 + dr7 &= ~(0xf0000 << (breakno << 2));
2877 + asm volatile ("movl %0, %%db7\n"::"r" (dr7));
2882 +remove_hw_break(unsigned breakno)
2884 + if (!breakinfo[breakno].enabled) {
2887 + breakinfo[breakno].enabled = 0;
2892 +set_hw_break(unsigned breakno, unsigned type, unsigned len, unsigned addr)
2894 + if (breakinfo[breakno].enabled) {
2897 + breakinfo[breakno].enabled = 1;
2898 + breakinfo[breakno].type = type;
2899 + breakinfo[breakno].len = len;
2900 + breakinfo[breakno].addr = addr;
2905 +static int in_kgdb_console = 0;
2908 +in_kgdb(struct pt_regs *regs)
2911 + int cpu = smp_processor_id();
2912 + in_kgdb_called = 1;
2913 + if (!spin_is_locked(&kgdb_spinlock)) {
2914 + if (in_kgdb_here_log[cpu] || /* we are holding this cpu */
2915 + in_kgdb_console) { /* or we are doing slow i/o */
2921 + /* As I see it the only reason not to let all cpus spin on
2922 + * the same spin_lock is to allow selected ones to proceed.
2923 + * This would be a good thing, so we leave it this way.
2924 + * Maybe someday.... Done !
2926 + * in_kgdb() is called from an NMI so we don't pretend
2927 + * to have any resources, like printk() for example.
2930 + kgdb_local_irq_save(flags); /* only local here, to avoid hanging */
2932 + * log arival of this cpu
2933 + * The NMI keeps on ticking. Protect against recurring more
2934 + * than once, and ignor the cpu that has the kgdb lock
2936 + in_kgdb_entry_log[cpu]++;
2937 + in_kgdb_here_log[cpu] = regs;
2938 + if (cpu == spinlock_cpu || waiting_cpus[cpu].task) {
2939 + goto exit_in_kgdb;
2942 + * For protection of the initilization of the spin locks by kgdb
2943 + * it locks the kgdb spinlock before it gets the wait locks set
2944 + * up. We wait here for the wait lock to be taken. If the
2945 + * kgdb lock goes away first?? Well, it could be a slow exit
2946 + * sequence where the wait lock is removed prior to the kgdb lock
2947 + * so if kgdb gets unlocked, we just exit.
2949 + while (spin_is_locked(&kgdb_spinlock) &&
2950 + !spin_is_locked(waitlocks + cpu)) ;
2951 + if (!spin_is_locked(&kgdb_spinlock)) {
2952 + goto exit_in_kgdb;
2954 + waiting_cpus[cpu].task = current;
2955 + waiting_cpus[cpu].pid = (current->pid) ? : (PID_MAX + cpu);
2956 + waiting_cpus[cpu].regs = regs;
2958 + spin_unlock_wait(waitlocks + cpu);
2960 + * log departure of this cpu
2962 + waiting_cpus[cpu].task = 0;
2963 + waiting_cpus[cpu].pid = 0;
2964 + waiting_cpus[cpu].regs = 0;
2965 + correct_hw_break();
2967 + in_kgdb_here_log[cpu] = 0;
2968 + kgdb_local_irq_restore(flags);
2971 + spin_unlock(continuelocks + smp_processor_id());
2976 +smp__in_kgdb(struct pt_regs regs)
2983 +in_kgdb(struct pt_regs *regs)
2985 + return (kgdb_spinlock);
2990 +printexceptioninfo(int exceptionNo, int errorcode, char *buffer)
2994 + switch (exceptionNo) {
2995 + case 1: /* debug exception */
2997 + case 3: /* breakpoint */
2998 + sprintf(buffer, "Software breakpoint");
3001 + sprintf(buffer, "Details not available");
3004 + asm volatile ("movl %%db6, %0\n":"=r" (dr6)
3006 + if (dr6 & 0x4000) {
3007 + sprintf(buffer, "Single step");
3010 + for (i = 0; i < 4; ++i) {
3011 + if (dr6 & (1 << i)) {
3012 + sprintf(buffer, "Hardware breakpoint %d", i);
3016 + sprintf(buffer, "Unknown trap");
3021 + * This function does all command procesing for interfacing to gdb.
3023 + * NOTE: The INT nn instruction leaves the state of the interrupt
3024 + * enable flag UNCHANGED. That means that when this routine
3025 + * is entered via a breakpoint (INT 3) instruction from code
3026 + * that has interrupts enabled, then interrupts will STILL BE
3027 + * enabled when this routine is entered. The first thing that
3028 + * we do here is disable interrupts so as to prevent recursive
3029 + * entries and bothersome serial interrupts while we are
3030 + * trying to run the serial port in polled mode.
3032 + * For kernel version 2.1.xx the kgdb_cli() actually gets a spin lock so
3033 + * it is always necessary to do a restore_flags before returning
3034 + * so as to let go of that lock.
3037 +kgdb_handle_exception(int exceptionVector,
3038 + int signo, int err_code, struct pt_regs *linux_regs)
3040 + struct task_struct *usethread = NULL;
3041 + struct task_struct *thread_list_start = 0, *thread = NULL;
3043 + int breakno, breaktype;
3048 + int thread_min = PID_MAX + MAX_NO_CPUS;
3049 +#ifdef old_thread_list
3053 + unsigned long flags;
3054 + int gdb_regs[NUMREGBYTES / 4];
3056 + IF_SMP(int entry_state = 0); /* 0, ok, 1, no nmi, 2 sync failed */
3059 +#define regs (*linux_regs)
3060 +#define NUMREGS NUMREGBYTES/4
3062 + * If the entry is not from the kernel then return to the Linux
3063 + * trap handler and let it process the interrupt normally.
3065 + if ((linux_regs->eflags & VM_MASK) || (3 & linux_regs->xcs)) {
3066 + printk("ignoring non-kernel exception\n");
3067 + print_regs(®s);
3071 + kgdb_local_irq_save(flags);
3073 + /* Get kgdb spinlock */
3075 + KGDB_SPIN_LOCK(&kgdb_spinlock);
3076 + rdtscll(kgdb_info.entry_tsc);
3078 + * We depend on this spinlock and the NMI watch dog to control the
3079 + * other cpus. They will arrive at "in_kgdb()" as a result of the
3080 + * NMI and will wait there for the following spin locks to be
3086 + if (cpu_callout_map & ~MAX_CPU_MASK) {
3087 + printk("kgdb : too many cpus, possibly not mapped"
3088 + " in contiguous space, change MAX_NO_CPUS"
3089 + " in kgdb_stub and make new kernel.\n"
3090 + " cpu_callout_map is %lx\n", cpu_callout_map);
3091 + goto exit_just_unlock;
3094 + if (spinlock_count == 1) {
3095 + int time = 0, end_time, dum = 0;
3097 + int cpu_logged_in[MAX_NO_CPUS] = {[0 ... MAX_NO_CPUS - 1] = (0)
3099 + if (remote_debug) {
3100 + printk("kgdb : cpu %d entry, syncing others\n",
3101 + smp_processor_id());
3103 + for (i = 0; i < MAX_NO_CPUS; i++) {
3105 + * Use trylock as we may already hold the lock if
3106 + * we are holding the cpu. Net result is all
3109 + spin_trylock(&waitlocks[i]);
3111 + for (i = 0; i < MAX_NO_CPUS; i++)
3112 + cpu_logged_in[i] = 0;
3114 + * Wait for their arrival. We know the watch dog is active if
3115 + * in_kgdb() has ever been called, as it is always called on a
3119 + end_time = time + 2; /* Note: we use the High order bits! */
3121 + if (num_online_cpus() > 1) {
3122 + int me_in_kgdb = in_kgdb_entry_log[smp_processor_id()];
3123 + smp_send_nmi_allbutself();
3124 + while (i < num_online_cpus() && time != end_time) {
3126 + for (j = 0; j < MAX_NO_CPUS; j++) {
3127 + if (waiting_cpus[j].task &&
3128 + !cpu_logged_in[j]) {
3130 + cpu_logged_in[j] = 1;
3131 + if (remote_debug) {
3133 + ("kgdb : cpu %d arrived at kgdb\n",
3137 + } else if (!waiting_cpus[j].task &&
3139 + waiting_cpus[j].task = NOCPU;
3140 + cpu_logged_in[j] = 1;
3141 + waiting_cpus[j].hold = 1;
3144 + if (!waiting_cpus[j].task &&
3145 + in_kgdb_here_log[j]) {
3147 + int wait = 100000;
3149 + if (!waiting_cpus[j].task &&
3150 + in_kgdb_here_log[j]) {
3152 + ("kgdb : cpu %d stall"
3156 + cpu_logged_in[j] = 1;
3157 + waiting_cpus[j].task =
3158 + (struct task_struct
3164 + if (in_kgdb_entry_log[smp_processor_id()] >
3165 + (me_in_kgdb + 10)) {
3171 + if (i < num_online_cpus()) {
3173 + ("kgdb : time out, proceeding without sync\n");
3175 + printk("kgdb : Waiting_cpus: 0 = %d, 1 = %d\n",
3176 + waiting_cpus[0].task != 0,
3177 + waiting_cpus[1].task != 0);
3178 + printk("kgdb : Cpu_logged in: 0 = %d, 1 = %d\n",
3179 + cpu_logged_in[0], cpu_logged_in[1]);
3181 + ("kgdb : in_kgdb_here_log in: 0 = %d, 1 = %d\n",
3182 + in_kgdb_here_log[0] != 0,
3183 + in_kgdb_here_log[1] != 0);
3185 + entry_state = NO_SYNC;
3189 + in_kgdb_entry_log[smp_processor_id()] -
3191 + printk("kgdb : sync after %d entries\n", ent);
3195 + if (remote_debug) {
3197 + ("kgdb : %d cpus, but watchdog not active\n"
3198 + "proceeding without locking down other cpus\n",
3199 + num_online_cpus());
3200 + entry_state = NO_NMI;
3206 + if (remote_debug) {
3207 + unsigned long *lp = (unsigned long *) &linux_regs;
3209 + printk("handle_exception(exceptionVector=%d, "
3210 + "signo=%d, err_code=%d, linux_regs=%p)\n",
3211 + exceptionVector, signo, err_code, linux_regs);
3213 + print_regs(®s);
3214 + printk("Stk: %8lx %8lx %8lx %8lx"
3215 + " %8lx %8lx %8lx %8lx\n",
3216 + lp[0], lp[1], lp[2], lp[3],
3217 + lp[4], lp[5], lp[6], lp[7]);
3218 + printk(" %8lx %8lx %8lx %8lx"
3219 + " %8lx %8lx %8lx %8lx\n",
3220 + lp[8], lp[9], lp[10], lp[11],
3221 + lp[12], lp[13], lp[14], lp[15]);
3222 + printk(" %8lx %8lx %8lx %8lx "
3223 + "%8lx %8lx %8lx %8lx\n",
3224 + lp[16], lp[17], lp[18], lp[19],
3225 + lp[20], lp[21], lp[22], lp[23]);
3226 + printk(" %8lx %8lx %8lx %8lx "
3227 + "%8lx %8lx %8lx %8lx\n",
3228 + lp[24], lp[25], lp[26], lp[27],
3229 + lp[28], lp[29], lp[30], lp[31]);
3233 + /* Disable hardware debugging while we are in kgdb */
3234 + /* Get the debug register status register */
3236 + __asm__("movl %0,%%db7"
3240 + asm volatile ("movl %%db6, %0\n"
3241 + :"=r" (hw_breakpoint_status)
3245 + switch (exceptionVector) {
3246 + case 0: /* divide error */
3247 + case 1: /* debug exception */
3249 + case 3: /* breakpoint */
3250 + case 4: /* overflow */
3251 + case 5: /* bounds check */
3252 + case 6: /* invalid opcode */
3253 + case 7: /* device not available */
3254 + case 8: /* double fault (errcode) */
3255 + case 10: /* invalid TSS (errcode) */
3256 + case 12: /* stack fault (errcode) */
3257 + case 16: /* floating point error */
3258 + case 17: /* alignment check (errcode) */
3259 + default: /* any undocumented */
3261 + case 11: /* segment not present (errcode) */
3262 + case 13: /* general protection (errcode) */
3263 + case 14: /* page fault (special errcode) */
3264 + case 19: /* cache flush denied */
3265 + if (mem_err_expected) {
3267 + * This fault occured because of the
3268 + * get_char or set_char routines. These
3269 + * two routines use either eax of edx to
3270 + * indirectly reference the location in
3271 + * memory that they are working with.
3272 + * For a page fault, when we return the
3273 + * instruction will be retried, so we
3274 + * have to make sure that these
3275 + * registers point to valid memory.
3277 + mem_err = 1; /* set mem error flag */
3278 + mem_err_expected = 0;
3279 + mem_err_cnt++; /* helps in debugging */
3280 + /* make valid address */
3281 + regs.eax = (long) &garbage_loc;
3282 + /* make valid address */
3283 + regs.edx = (long) &garbage_loc;
3285 + printk("Return after memory error: "
3286 + "mem_err_cnt=%d\n", mem_err_cnt);
3288 + print_regs(®s);
3294 + printk("kgdb : entered kgdb on cpu %d\n", smp_processor_id());
3296 + gdb_i386vector = exceptionVector;
3297 + gdb_i386errcode = err_code;
3298 + kgdb_info.called_from = __builtin_return_address(0);
3301 + * OK, we can now communicate, lets tell gdb about the sync.
3302 + * but only if we had a problem.
3304 + switch (entry_state) {
3306 + to_gdb("NMI not active, other cpus not stopped\n");
3309 + to_gdb("Some cpus not stopped, see 'kgdb_info' for details\n");
3315 + * Set up the gdb function call area.
3317 + trap_cpu = smp_processor_id();
3318 + OLD_esp = NEW_esp = (int) (&linux_regs->esp);
3320 + IF_SMP(once_again:)
3321 + /* reply to host that an exception has occurred */
3322 + remcomOutBuffer[0] = 'S';
3323 + remcomOutBuffer[1] = hexchars[signo >> 4];
3324 + remcomOutBuffer[2] = hexchars[signo % 16];
3325 + remcomOutBuffer[3] = 0;
3327 + putpacket(remcomOutBuffer);
3331 + remcomOutBuffer[0] = 0;
3332 + getpacket(remcomInBuffer);
3333 + switch (remcomInBuffer[0]) {
3335 + remcomOutBuffer[0] = 'S';
3336 + remcomOutBuffer[1] = hexchars[signo >> 4];
3337 + remcomOutBuffer[2] = hexchars[signo % 16];
3338 + remcomOutBuffer[3] = 0;
3341 + remote_debug = !(remote_debug); /* toggle debug flag */
3342 + printk("Remote debug %s\n",
3343 + remote_debug ? "on" : "off");
3345 + case 'g': /* return the value of the CPU registers */
3346 + get_gdb_regs(usethread, ®s, gdb_regs);
3347 + mem2hex((char *) gdb_regs,
3348 + remcomOutBuffer, NUMREGBYTES, 0);
3350 + case 'G': /* set the value of the CPU registers - return OK */
3351 + hex2mem(&remcomInBuffer[1],
3352 + (char *) gdb_regs, NUMREGBYTES, 0);
3353 + if (!usethread || usethread == current) {
3354 + gdb_regs_to_regs(gdb_regs, ®s);
3355 + strcpy(remcomOutBuffer, "OK");
3357 + strcpy(remcomOutBuffer, "E00");
3361 + case 'P':{ /* set the value of a single CPU register -
3364 + * For some reason, gdb wants to talk about psudo
3365 + * registers (greater than 15). These may have
3366 + * meaning for ptrace, but for us it is safe to
3367 + * ignor them. We do this by dumping them into
3368 + * _GS which we also ignor, but do have memory for.
3372 + ptr = &remcomInBuffer[1];
3373 + regs_to_gdb_regs(gdb_regs, ®s);
3374 + if ((!usethread || usethread == current) &&
3375 + hexToInt(&ptr, ®no) &&
3376 + *ptr++ == '=' && (regno >= 0)) {
3378 + (regno >= NUMREGS ? _GS : regno);
3379 + hex2mem(ptr, (char *) &gdb_regs[regno],
3381 + gdb_regs_to_regs(gdb_regs, ®s);
3382 + strcpy(remcomOutBuffer, "OK");
3385 + strcpy(remcomOutBuffer, "E01");
3389 + /* mAA..AA,LLLL Read LLLL bytes at address AA..AA */
3391 + /* TRY TO READ %x,%x. IF SUCCEED, SET PTR = 0 */
3392 + ptr = &remcomInBuffer[1];
3393 + if (hexToInt(&ptr, &addr) &&
3394 + (*(ptr++) == ',') && (hexToInt(&ptr, &length))) {
3397 + * hex doubles the byte count
3399 + if (length > (BUFMAX / 2))
3400 + length = BUFMAX / 2;
3401 + mem2hex((char *) addr,
3402 + remcomOutBuffer, length, 1);
3404 + strcpy(remcomOutBuffer, "E03");
3405 + debug_error("memory fault\n", NULL);
3410 + strcpy(remcomOutBuffer, "E01");
3412 + ("malformed read memory command: %s\n",
3418 + Write LLLL bytes at address AA.AA return OK */
3420 + /* TRY TO READ '%x,%x:'. IF SUCCEED, SET PTR = 0 */
3421 + ptr = &remcomInBuffer[1];
3422 + if (hexToInt(&ptr, &addr) &&
3423 + (*(ptr++) == ',') &&
3424 + (hexToInt(&ptr, &length)) && (*(ptr++) == ':')) {
3425 + hex2mem(ptr, (char *) addr, length, 1);
3428 + strcpy(remcomOutBuffer, "E03");
3429 + debug_error("memory fault\n", NULL);
3431 + strcpy(remcomOutBuffer, "OK");
3437 + strcpy(remcomOutBuffer, "E02");
3439 + ("malformed write memory command: %s\n",
3444 + remcomInBuffer[0] = 's';
3446 + /* Csig;AA..AA where ;AA..AA is optional
3447 + * continue with signal
3448 + * Since signals are meaning less to us, delete that
3449 + * part and then fall into the 'c' code.
3451 + ptr = &remcomInBuffer[1];
3453 + while (*ptr && *ptr != ';') {
3460 + *(ptr - length++) = *ptr;
3463 + remcomInBuffer[1] = 0;
3466 + /* cAA..AA Continue at address AA..AA(optional) */
3467 + /* sAA..AA Step one instruction from AA..AA(optional) */
3468 + /* D detach, reply OK and then continue */
3473 + /* try to read optional parameter,
3474 + pc unchanged if no parm */
3475 + ptr = &remcomInBuffer[1];
3476 + if (hexToInt(&ptr, &addr)) {
3478 + printk("Changing EIP to 0x%x\n", addr);
3485 + /* clear the trace bit */
3486 + regs.eflags &= 0xfffffeff;
3488 + /* set the trace bit if we're stepping */
3489 + if (remcomInBuffer[0] == 's')
3490 + regs.eflags |= 0x100;
3492 + /* detach is a friendly version of continue. Note that
3493 + debugging is still enabled (e.g hit control C)
3495 + if (remcomInBuffer[0] == 'D') {
3496 + strcpy(remcomOutBuffer, "OK");
3497 + putpacket(remcomOutBuffer);
3500 + if (remote_debug) {
3501 + printk("Resuming execution\n");
3502 + print_regs(®s);
3504 + asm volatile ("movl %%db6, %0\n":"=r" (dr6)
3506 + if (!(dr6 & 0x4000)) {
3507 + for (breakno = 0; breakno < 4; ++breakno) {
3508 + if (dr6 & (1 << breakno) &&
3509 + (breakinfo[breakno].type == 0)) {
3510 + /* Set restore flag */
3511 + regs.eflags |= 0x10000;
3516 + correct_hw_break();
3517 + asm volatile ("movl %0, %%db6\n"::"r" (0));
3520 + /* kill the program */
3521 + case 'k': /* do nothing */
3527 + switch (remcomInBuffer[1]) {
3531 + thread_list_start = (usethread ? : current);
3533 + if (!cmp_str(&remcomInBuffer[2],
3534 + "ThreadInfo", 10))
3537 + remcomOutBuffer[nothreads++] = 'm';
3538 + for (; threadid < PID_MAX + MAX_NO_CPUS;
3540 + thread = getthread(threadid);
3542 + nothreads += int_to_hex_v(
3546 + if (thread_min > threadid)
3547 + thread_min = threadid;
3551 + if (nothreads > BUFMAX - 10)
3555 + if (remcomOutBuffer[nothreads - 1] == 'm') {
3556 + remcomOutBuffer[nothreads - 1] = 'l';
3560 + remcomOutBuffer[nothreads] = 0;
3563 +#ifdef old_thread_list /* Old thread info request */
3565 + /* List threads */
3567 + thread_list_start = (usethread ? : current);
3568 + unpack_byte(remcomInBuffer + 3, &maxthreads);
3569 + unpack_threadid(remcomInBuffer + 5, &thref);
3571 + int buf_thread_limit =
3572 + (BUFMAX - 22) / BUF_THREAD_ID_SIZE;
3573 + if (maxthreads > buf_thread_limit) {
3574 + maxthreads = buf_thread_limit;
3577 + remcomOutBuffer[0] = 'q';
3578 + remcomOutBuffer[1] = 'M';
3579 + remcomOutBuffer[4] = '0';
3580 + pack_threadid(remcomOutBuffer + 5, &thref);
3582 + threadid = threadref_to_int(&thref);
3583 + for (nothreads = 0;
3584 + nothreads < maxthreads &&
3585 + threadid < PID_MAX + MAX_NO_CPUS;
3587 + thread = getthread(threadid);
3589 + int_to_threadref(&thref,
3591 + pack_threadid(remcomOutBuffer +
3596 + if (thread_min > threadid)
3597 + thread_min = threadid;
3601 + if (threadid == PID_MAX + MAX_NO_CPUS) {
3602 + remcomOutBuffer[4] = '1';
3604 + pack_hex_byte(remcomOutBuffer + 2, nothreads);
3605 + remcomOutBuffer[21 + nothreads * 16] = '\0';
3609 + /* Current thread id */
3610 + remcomOutBuffer[0] = 'Q';
3611 + remcomOutBuffer[1] = 'C';
3612 + threadid = current->pid;
3617 + for (threadid = PID_MAX;
3618 + threadid < PID_MAX + MAX_NO_CPUS;
3621 + idle_task(threadid -
3626 + int_to_threadref(&thref, threadid);
3627 + pack_threadid(remcomOutBuffer + 2, &thref);
3628 + remcomOutBuffer[18] = '\0';
3632 + /* Print exception info */
3633 + printexceptioninfo(exceptionVector,
3634 + err_code, remcomOutBuffer);
3638 + /* Thread extra info */
3639 + if (!cmp_str(&remcomInBuffer[2],
3640 + "hreadExtraInfo,", 15)) {
3643 + ptr = &remcomInBuffer[17];
3644 + hexToInt(&ptr, &threadid);
3645 + thread = getthread(threadid);
3646 + nptr = &thread->comm[0];
3648 + ptr = &remcomOutBuffer[0];
3651 + ptr = pack_hex_byte(ptr, *nptr++);
3652 + } while (*nptr && length < 16);
3654 + * would like that 16 to be the size of
3655 + * task_struct.comm but don't know the
3663 + /* task related */
3665 + switch (remcomInBuffer[1]) {
3667 + ptr = &remcomInBuffer[2];
3668 + hexToInt(&ptr, &threadid);
3669 + thread = getthread(threadid);
3671 + remcomOutBuffer[0] = 'E';
3672 + remcomOutBuffer[1] = '\0';
3676 + * Just in case I forget what this is all about,
3677 + * the "thread info" command to gdb causes it
3678 + * to ask for a thread list. It then switches
3679 + * to each thread and asks for the registers.
3680 + * For this (and only this) usage, we want to
3681 + * fudge the registers of tasks not on the run
3682 + * list (i.e. waiting) to show the routine that
3683 + * called schedule. Also, gdb, is a minimalist
3684 + * in that if the current thread is the last
3685 + * it will not re-read the info when done.
3686 + * This means that in this case we must show
3687 + * the real registers. So here is how we do it:
3688 + * Each entry we keep track of the min
3689 + * thread in the list (the last that gdb will)
3690 + * get info for. We also keep track of the
3691 + * starting thread.
3692 + * "thread_list" is cleared when switching back
3693 + * to the min thread if it is was current, or
3694 + * if it was not current, thread_list is set
3695 + * to 1. When the switch to current comes,
3696 + * if thread_list is 1, clear it, else do
3699 + usethread = thread;
3700 + if ((thread_list == 1) &&
3701 + (thread == thread_list_start)) {
3704 + if (thread_list && (threadid == thread_min)) {
3705 + if (thread == thread_list_start) {
3711 + /* follow through */
3713 + remcomOutBuffer[0] = 'O';
3714 + remcomOutBuffer[1] = 'K';
3715 + remcomOutBuffer[2] = '\0';
3720 + /* Query thread status */
3722 + ptr = &remcomInBuffer[1];
3723 + hexToInt(&ptr, &threadid);
3724 + thread = getthread(threadid);
3726 + remcomOutBuffer[0] = 'O';
3727 + remcomOutBuffer[1] = 'K';
3728 + remcomOutBuffer[2] = '\0';
3729 + if (thread_min > threadid)
3730 + thread_min = threadid;
3732 + remcomOutBuffer[0] = 'E';
3733 + remcomOutBuffer[1] = '\0';
3737 + case 'Y': /* set up a hardware breakpoint */
3738 + ptr = &remcomInBuffer[1];
3739 + hexToInt(&ptr, &breakno);
3741 + hexToInt(&ptr, &breaktype);
3743 + hexToInt(&ptr, &length);
3745 + hexToInt(&ptr, &addr);
3746 + if (set_hw_break(breakno & 0x3,
3748 + length & 0x3, addr) == 0) {
3749 + strcpy(remcomOutBuffer, "OK");
3751 + strcpy(remcomOutBuffer, "ERROR");
3755 + /* Remove hardware breakpoint */
3757 + ptr = &remcomInBuffer[1];
3758 + hexToInt(&ptr, &breakno);
3759 + if (remove_hw_break(breakno & 0x3) == 0) {
3760 + strcpy(remcomOutBuffer, "OK");
3762 + strcpy(remcomOutBuffer, "ERROR");
3766 + case 'r': /* reboot */
3767 + strcpy(remcomOutBuffer, "OK");
3768 + putpacket(remcomOutBuffer);
3769 + /*to_gdb("Rebooting\n"); */
3770 + /* triplefault no return from here */
3772 + static long no_idt[2];
3773 + __asm__ __volatile__("lidt %0"::"m"(no_idt[0]));
3779 + /* reply to the request */
3780 + putpacket(remcomOutBuffer);
3781 + } /* while(1==1) */
3783 + * reached by goto only.
3787 + * Here is where we set up to trap a gdb function call. NEW_esp
3788 + * will be changed if we are trying to do this. We handle both
3789 + * adding and subtracting, thus allowing gdb to put grung on
3790 + * the stack which it removes later.
3792 + if (NEW_esp != OLD_esp) {
3793 + int *ptr = END_OF_LOOKASIDE;
3794 + if (NEW_esp < OLD_esp)
3795 + ptr -= (OLD_esp - NEW_esp) / sizeof (int);
3796 + *--ptr = linux_regs->eflags;
3797 + *--ptr = linux_regs->xcs;
3798 + *--ptr = linux_regs->eip;
3799 + *--ptr = linux_regs->ecx;
3800 + *--ptr = linux_regs->ebx;
3801 + *--ptr = linux_regs->eax;
3802 + linux_regs->ecx = NEW_esp - (sizeof (int) * 6);
3803 + linux_regs->ebx = (unsigned int) END_OF_LOOKASIDE;
3804 + if (NEW_esp < OLD_esp) {
3805 + linux_regs->eip = (unsigned int) fn_call_stub;
3807 + linux_regs->eip = (unsigned int) fn_rtn_stub;
3808 + linux_regs->eax = NEW_esp;
3810 + linux_regs->eflags &= ~(IF_BIT | TF_BIT);
3814 + * Release gdb wait locks
3815 + * Sanity check time. Must have at least one cpu to run. Also single
3816 + * step must not be done if the current cpu is on hold.
3818 + if (spinlock_count == 1) {
3819 + int ss_hold = (regs.eflags & 0x100) && kgdb_info.hold_on_sstep;
3820 + int cpu_avail = 0;
3823 + for (i = 0; i < MAX_NO_CPUS; i++) {
3824 + if (!cpu_online(i))
3826 + if (!hold_cpu(i)) {
3831 + * Early in the bring up there will be NO cpus on line...
3833 + if (!cpu_avail && !cpus_empty(cpu_online_map)) {
3834 + to_gdb("No cpus unblocked, see 'kgdb_info.hold_cpu'\n");
3837 + if (hold_cpu(smp_processor_id()) && (regs.eflags & 0x100)) {
3839 + ("Current cpu must be unblocked to single step\n");
3844 + for (i = 0; i < MAX_NO_CPUS; i++) {
3845 + if (!hold_cpu(i)) {
3846 + spin_unlock(&waitlocks[i]);
3850 + spin_unlock(&waitlocks[smp_processor_id()]);
3852 + /* Release kgdb spinlock */
3853 + KGDB_SPIN_UNLOCK(&kgdb_spinlock);
3855 + * If this cpu is on hold, this is where we
3856 + * do it. Note, the NMI will pull us out of here,
3857 + * but will return as the above lock is not held.
3858 + * We will stay here till another cpu releases the lock for us.
3860 + spin_unlock_wait(waitlocks + smp_processor_id());
3861 + kgdb_local_irq_restore(flags);
3868 + /* Release kgdb spinlock */
3869 + KGDB_SPIN_UNLOCK(&kgdb_spinlock);
3870 + kgdb_local_irq_restore(flags);
3874 +/* this function is used to set up exception handlers for tracing and
3876 + * This function is not needed as the above line does all that is needed.
3877 + * We leave it for backward compatitability...
3880 +set_debug_traps(void)
3883 + * linux_debug_hook is defined in traps.c. We store a pointer
3884 + * to our own exception handler into it.
3886 + * But really folks, every hear of labeled common, an old Fortran
3887 + * concept. Lots of folks can reference it and it is define if
3888 + * anyone does. Only one can initialize it at link time. We do
3889 + * this with the hook. See the statement above. No need for any
3890 + * executable code and it is ready as soon as the kernel is
3891 + * loaded. Very desirable in kernel debugging.
3893 + linux_debug_hook = handle_exception ;
3896 + /* In case GDB is started before us, ack any packets (presumably
3897 + "$?#xx") sitting there.
3898 + putDebugChar ('+');
3904 +/* This function will generate a breakpoint exception. It is used at the
3905 + beginning of a program to sync up with a debugger and can be used
3906 + otherwise as a quick means to stop program execution and "break" into
3908 +/* But really, just use the BREAKPOINT macro. We will handle the int stuff
3913 + * possibly we should not go thru the traps.c code at all? Someday.
3916 +do_kgdb_int3(struct pt_regs *regs, long error_code)
3918 + kgdb_handle_exception(3, 5, error_code, regs);
3923 +#ifdef CONFIG_TRAP_BAD_SYSCALL_EXITS
3925 +bad_sys_call_exit(int stuff)
3927 + struct pt_regs *regs = (struct pt_regs *) &stuff;
3928 + printk("Sys call %d return with %x preempt_count\n",
3929 + (int) regs->orig_eax, preempt_count());
3932 +#ifdef CONFIG_STACK_OVERFLOW_TEST
3933 +#include <asm/kgdb.h>
3935 +stack_overflow(void)
3940 + printk("Kernel stack overflow, looping forever\n");
3947 +#if defined(CONFIG_SMP) || defined(CONFIG_KGDB_CONSOLE)
3948 +char gdbconbuf[BUFMAX];
3951 +kgdb_gdb_message(const char *s, unsigned count)
3957 + * This takes care of NMI while spining out chars to gdb
3959 + IF_SMP(in_kgdb_console = 1);
3960 + gdbconbuf[0] = 'O';
3961 + bufptr = gdbconbuf + 1;
3962 + while (count > 0) {
3963 + if ((count << 1) > (BUFMAX - 2)) {
3964 + wcount = (BUFMAX - 2) >> 1;
3969 + for (i = 0; i < wcount; i++) {
3970 + bufptr = pack_hex_byte(bufptr, s[i]);
3975 + putpacket(gdbconbuf);
3978 + IF_SMP(in_kgdb_console = 0);
3983 +to_gdb(const char *s)
3986 + while (s[count] && (count++ < BUFMAX)) ;
3987 + kgdb_gdb_message(s, count);
3990 +#ifdef CONFIG_KGDB_CONSOLE
3991 +#include <linux/console.h>
3992 +#include <linux/init.h>
3993 +#include <linux/fs.h>
3994 +#include <asm/uaccess.h>
3995 +#include <asm/semaphore.h>
3998 +kgdb_console_write(struct console *co, const char *s, unsigned count)
4001 + if (gdb_i386vector == -1) {
4003 + * We have not yet talked to gdb. What to do...
4004 + * lets break, on continue we can do the write.
4005 + * But first tell him whats up. Uh, well no can do,
4006 + * as this IS the console. Oh well...
4007 + * We do need to wait or the messages will be lost.
4008 + * Other option would be to tell the above code to
4009 + * ignore this breakpoint and do an auto return,
4010 + * but that might confuse gdb. Also this happens
4011 + * early enough in boot up that we don't have the traps
4012 + * set up yet, so...
4016 + kgdb_gdb_message(s, count);
4020 + * ------------------------------------------------------------
4021 + * Serial KGDB driver
4022 + * ------------------------------------------------------------
4025 +static struct console kgdbcons = {
4027 + write:kgdb_console_write,
4028 +#ifdef CONFIG_KGDB_USER_CONSOLE
4029 + device:kgdb_console_device,
4031 + flags:CON_PRINTBUFFER | CON_ENABLED,
4036 + * The trick here is that this file gets linked before printk.o
4037 + * That means we get to peer at the console info in the command
4038 + * line before it does. If we are up, we register, otherwise,
4039 + * do nothing. By returning 0, we allow printk to look also.
4041 +static int kgdb_console_enabled;
4044 +kgdb_console_init(char *str)
4046 + if ((strncmp(str, "kgdb", 4) == 0) || (strncmp(str, "gdb", 3) == 0)) {
4047 + register_console(&kgdbcons);
4048 + kgdb_console_enabled = 1;
4050 + return 0; /* let others look at the string */
4053 +__setup("console=", kgdb_console_init);
4055 +#ifdef CONFIG_KGDB_USER_CONSOLE
4056 +static kdev_t kgdb_console_device(struct console *c);
4057 +/* This stuff sort of works, but it knocks out telnet devices
4058 + * we are leaving it here in case we (or you) find time to figure it out
4063 + * We need a real char device as well for when the console is opened for user
4064 + * space activities.
4068 +kgdb_consdev_open(struct inode *inode, struct file *file)
4074 +kgdb_consdev_write(struct file *file, const char *buf,
4075 + size_t count, loff_t * ppos)
4077 + int size, ret = 0;
4078 + static char kbuf[128];
4079 + static DECLARE_MUTEX(sem);
4081 + /* We are not reentrant... */
4082 + if (down_interruptible(&sem))
4083 + return -ERESTARTSYS;
4085 + while (count > 0) {
4086 + /* need to copy the data from user space */
4088 + if (size > sizeof (kbuf))
4089 + size = sizeof (kbuf);
4090 + if (copy_from_user(kbuf, buf, size)) {
4094 + kgdb_console_write(&kgdbcons, kbuf, size);
4105 +struct file_operations kgdb_consdev_fops = {
4106 + open:kgdb_consdev_open,
4107 + write:kgdb_consdev_write
4110 +kgdb_console_device(struct console *c)
4112 + return MKDEV(TTYAUX_MAJOR, 1);
4116 + * This routine gets called from the serial stub in the i386/lib
4117 + * This is so it is done late in bring up (just before the console open).
4120 +kgdb_console_finit(void)
4122 + if (kgdb_console_enabled) {
4123 + char *cptr = cdevname(MKDEV(TTYAUX_MAJOR, 1));
4125 + while (*cptr && *cptr != '(')
4128 + unregister_chrdev(TTYAUX_MAJOR, cp);
4129 + register_chrdev(TTYAUX_MAJOR, "kgdb", &kgdb_consdev_fops);
4134 +#ifdef CONFIG_KGDB_TS
4135 +#include <asm/msr.h> /* time stamp code */
4136 +#include <asm/hardirq.h> /* in_interrupt */
4137 +#ifdef CONFIG_KGDB_TS_64
4138 +#define DATA_POINTS 64
4140 +#ifdef CONFIG_KGDB_TS_128
4141 +#define DATA_POINTS 128
4143 +#ifdef CONFIG_KGDB_TS_256
4144 +#define DATA_POINTS 256
4146 +#ifdef CONFIG_KGDB_TS_512
4147 +#define DATA_POINTS 512
4149 +#ifdef CONFIG_KGDB_TS_1024
4150 +#define DATA_POINTS 1024
4152 +#ifndef DATA_POINTS
4153 +#define DATA_POINTS 128 /* must be a power of two */
4155 +#define INDEX_MASK (DATA_POINTS - 1)
4156 +#if (INDEX_MASK & DATA_POINTS)
4157 +#error "CONFIG_KGDB_TS_COUNT must be a power of 2"
4159 +struct kgdb_and_then_struct {
4163 + struct task_struct *task;
4164 + long long at_time;
4172 +struct kgdb_and_then_struct2 {
4176 + struct task_struct *task;
4177 + long long at_time;
4182 + struct task_struct *t1;
4183 + struct task_struct *t2;
4185 +struct kgdb_and_then_struct kgdb_data[DATA_POINTS];
4187 +struct kgdb_and_then_struct *kgdb_and_then = &kgdb_data[0];
4188 +int kgdb_and_then_count;
4191 +kgdb_tstamp(int line, char *source, int data0, int data1)
4193 + static spinlock_t ts_spin = SPIN_LOCK_UNLOCKED;
4195 + kgdb_local_irq_save(flags);
4196 + spin_lock(&ts_spin);
4197 + rdtscll(kgdb_and_then->at_time);
4199 + kgdb_and_then->on_cpu = smp_processor_id();
4201 + kgdb_and_then->task = current;
4202 + kgdb_and_then->from_ln = line;
4203 + kgdb_and_then->in_src = source;
4204 + kgdb_and_then->from = __builtin_return_address(0);
4205 + kgdb_and_then->with_shpf = (int *) (((flags & IF_BIT) >> 9) |
4206 + (preempt_count() << 8));
4207 + kgdb_and_then->data0 = data0;
4208 + kgdb_and_then->data1 = data1;
4209 + kgdb_and_then = &kgdb_data[++kgdb_and_then_count & INDEX_MASK];
4210 + spin_unlock(&ts_spin);
4211 + kgdb_local_irq_restore(flags);
4212 +#ifdef CONFIG_PREEMPT
4218 +typedef int gdb_debug_hook(int exceptionVector,
4219 + int signo, int err_code, struct pt_regs *linux_regs);
4220 +gdb_debug_hook *linux_debug_hook = &kgdb_handle_exception; /* histerical reasons... */
4221 Index: linux/arch/i386/kernel/nmi.c
4222 ===================================================================
4223 --- linux.orig/arch/i386/kernel/nmi.c
4224 +++ linux/arch/i386/kernel/nmi.c
4227 #include "mach_traps.h"
4230 +#include <asm/kgdb.h>
4232 +unsigned int nmi_watchdog = NMI_IO_APIC;
4234 +unsigned int nmi_watchdog = NMI_LOCAL_APIC;
4237 unsigned int nmi_watchdog = NMI_NONE;
4240 extern int unknown_nmi_panic;
4241 static unsigned int nmi_hz = HZ;
4242 static unsigned int nmi_perfctr_msr; /* the MSR to reset in NMI handler */
4243 @@ -466,6 +476,9 @@ void touch_nmi_watchdog (void)
4244 for (i = 0; i < NR_CPUS; i++)
4245 alert_counter[i] = 0;
4248 +int tune_watchdog = 5*HZ;
4251 extern void die_nmi(struct pt_regs *, const char *msg);
4253 @@ -481,12 +494,24 @@ void nmi_watchdog_tick (struct pt_regs *
4255 sum = irq_stat[cpu].apic_timer_irqs;
4258 + if (!in_kgdb(regs) && last_irq_sums[cpu] == sum) {
4261 if (last_irq_sums[cpu] == sum) {
4264 * Ayiee, looks like this CPU is stuck ...
4265 * wait a few IRQs (5 seconds) before doing the oops ...
4267 alert_counter[cpu]++;
4269 + if (alert_counter[cpu] == tune_watchdog) {
4270 + kgdb_handle_exception(2, SIGPWR, 0, regs);
4271 + last_irq_sums[cpu] = sum;
4272 + alert_counter[cpu] = 0;
4275 if (alert_counter[cpu] == 30*nmi_hz)
4276 die_nmi(regs, "NMI Watchdog detected LOCKUP");
4278 Index: linux/arch/i386/kernel/smp.c
4279 ===================================================================
4280 --- linux.orig/arch/i386/kernel/smp.c
4281 +++ linux/arch/i386/kernel/smp.c
4282 @@ -459,7 +459,17 @@ void flush_tlb_all(void)
4284 on_each_cpu(do_flush_tlb_all, NULL, 1, 1);
4289 + * By using the NMI code instead of a vector we just sneak thru the
4290 + * word generator coming out with just what we want. AND it does
4291 + * not matter if clustered_apic_mode is set or not.
4293 +void smp_send_nmi_allbutself(void)
4295 + send_IPI_allbutself(APIC_DM_NMI);
4299 * this function sends a 'reschedule' IPI to another CPU.
4300 * it goes straight through and wastes no time serializing
4301 Index: linux/arch/i386/kernel/traps.c
4302 ===================================================================
4303 --- linux.orig/arch/i386/kernel/traps.c
4304 +++ linux/arch/i386/kernel/traps.c
4305 @@ -103,6 +103,39 @@ int register_die_notifier(struct notifie
4310 +extern void sysenter_past_esp(void);
4311 +#include <asm/kgdb.h>
4312 +#include <linux/init.h>
4313 +void set_intr_gate(unsigned int n, void *addr);
4314 +static void set_intr_usr_gate(unsigned int n, void *addr);
4316 + * Should be able to call this breakpoint() very early in
4317 + * bring up. Just hard code the call where needed.
4318 + * The breakpoint() code is here because set_?_gate() functions
4319 + * are local (static) to trap.c. They need be done only once,
4320 + * but it does not hurt to do them over.
4322 +void breakpoint(void)
4324 + set_intr_usr_gate(3,&int3); /* disable ints on trap */
4325 + set_intr_gate(1,&debug);
4326 + set_intr_gate(14,&page_fault);
4330 +#define CHK_REMOTE_DEBUG(trapnr,signr,error_code,regs,after) \
4332 + if (!user_mode(regs) ) \
4334 + kgdb_handle_exception(trapnr, signr, error_code, regs); \
4336 + } else if ((trapnr == 3) && (regs->eflags &0x200)) local_irq_enable(); \
4339 +#define CHK_REMOTE_DEBUG(trapnr,signr,error_code,regs,after)
4342 static inline int valid_stack_ptr(struct thread_info *tinfo, void *p)
4344 return p > (void *)tinfo &&
4345 @@ -328,6 +361,15 @@ void die(const char * str, struct pt_reg
4350 + /* This is about the only place we want to go to kgdb even if in
4351 + * user mode. But we must go in via a trap so within kgdb we will
4352 + * always be in kernel mode.
4354 + if (user_mode(regs))
4357 + CHK_REMOTE_DEBUG(0,SIGTRAP,err,regs,)
4358 notify_die(DIE_OOPS, (char *)str, regs, err, 255, SIGSEGV);
4359 show_registers(regs);
4360 try_crashdump(regs);
4361 @@ -453,6 +495,7 @@ static inline void do_trap(int trapnr, i
4362 #define DO_ERROR(trapnr, signr, str, name) \
4363 asmlinkage void do_##name(struct pt_regs * regs, long error_code) \
4365 + CHK_REMOTE_DEBUG(trapnr,signr,error_code,regs,) \
4366 if (notify_die(DIE_TRAP, str, regs, error_code, trapnr, signr) \
4369 @@ -476,6 +519,7 @@ asmlinkage void do_##name(struct pt_regs
4370 #define DO_VM86_ERROR(trapnr, signr, str, name) \
4371 asmlinkage void do_##name(struct pt_regs * regs, long error_code) \
4373 + CHK_REMOTE_DEBUG(trapnr, signr, error_code,regs, return) \
4374 if (notify_die(DIE_TRAP, str, regs, error_code, trapnr, signr) \
4377 @@ -605,6 +649,7 @@ gp_in_vm86:
4379 if (!fixup_exception(regs)) {
4381 + CHK_REMOTE_DEBUG(13,SIGSEGV,error_code,regs,)
4382 if (notify_die(DIE_GPF, "general protection fault", regs,
4383 error_code, 13, SIGSEGV) == NOTIFY_STOP)
4385 @@ -835,8 +880,18 @@ asmlinkage void do_debug(struct pt_regs
4386 * allowing programs to debug themselves without the ptrace()
4391 + * I think this is the only "real" case of a TF in the kernel
4392 + * that really belongs to user space. Others are
4393 + * "Ours all ours!"
4395 + if (((regs->xcs & 3) == 0) && ((void *)regs->eip == sysenter_past_esp))
4396 + goto clear_TF_reenable;
4398 if ((regs->xcs & 3) == 0)
4399 goto clear_TF_reenable;
4401 if ((tsk->ptrace & (PT_DTRACE|PT_PTRACED)) == PT_DTRACE)
4404 @@ -848,6 +903,17 @@ asmlinkage void do_debug(struct pt_regs
4406 info.si_code = TRAP_BRKPT;
4410 + * If this is a kernel mode trap, we need to reset db7 to allow us
4411 + * to continue sanely ALSO skip the signal delivery
4413 + if ((regs->xcs & 3) == 0)
4416 + /* if not kernel, allow ints but only if they were on */
4417 + if ( regs->eflags & 0x200) local_irq_enable();
4419 /* If this is a kernel mode trap, save the user PC on entry to
4420 * the kernel, that's what the debugger can make sense of.
4422 @@ -862,6 +928,7 @@ clear_dr7:
4423 __asm__("movl %0,%%db7"
4426 + CHK_REMOTE_DEBUG(1,SIGTRAP,error_code,regs,)
4430 @@ -1157,6 +1224,12 @@ static void __init set_task_gate(unsigne
4432 _set_gate(idt_table+n,5,0,0,(gdt_entry<<3));
4435 +void set_intr_usr_gate(unsigned int n, void *addr)
4437 + _set_gate(idt_table+n,14,3,addr,__KERNEL_CS);
4442 void __init trap_init(void)
4443 @@ -1175,7 +1248,11 @@ void __init trap_init(void)
4444 set_trap_gate(0,÷_error);
4445 set_intr_gate(1,&debug);
4446 set_intr_gate(2,&nmi);
4447 +#ifndef CONFIG_KGDB
4448 set_system_intr_gate(3, &int3); /* int3-5 can be called from all */
4450 + set_intr_usr_gate(3,&int3); /* int3-5 can be called from all */
4452 set_system_gate(4,&overflow);
4453 set_system_gate(5,&bounds);
4454 set_trap_gate(6,&invalid_op);
4455 Index: linux/arch/i386/lib/Makefile
4456 ===================================================================
4457 --- linux.orig/arch/i386/lib/Makefile
4458 +++ linux/arch/i386/lib/Makefile
4459 @@ -8,3 +8,4 @@ lib-y = checksum.o delay.o usercopy.o ge
4461 lib-$(CONFIG_X86_USE_3DNOW) += mmx.o
4462 lib-$(CONFIG_HAVE_DEC_LOCK) += dec_and_lock.o
4463 +lib-$(CONFIG_KGDB) += kgdb_serial.o
4464 Index: linux/arch/i386/lib/kgdb_serial.c
4465 ===================================================================
4466 --- linux.orig/arch/i386/lib/kgdb_serial.c
4467 +++ linux/arch/i386/lib/kgdb_serial.c
4470 + * Serial interface GDB stub
4472 + * Written (hacked together) by David Grothe (dave@gcom.com)
4473 + * Modified to allow invokation early in boot see also
4474 + * kgdb.h for instructions by George Anzinger(george@mvista.com)
4478 +#include <linux/module.h>
4479 +#include <linux/errno.h>
4480 +#include <linux/signal.h>
4481 +#include <linux/sched.h>
4482 +#include <linux/timer.h>
4483 +#include <linux/interrupt.h>
4484 +#include <linux/tty.h>
4485 +#include <linux/tty_flip.h>
4486 +#include <linux/serial.h>
4487 +#include <linux/serial_reg.h>
4488 +#include <linux/config.h>
4489 +#include <linux/major.h>
4490 +#include <linux/string.h>
4491 +#include <linux/fcntl.h>
4492 +#include <linux/ptrace.h>
4493 +#include <linux/ioport.h>
4494 +#include <linux/mm.h>
4495 +#include <linux/init.h>
4496 +#include <linux/highmem.h>
4497 +#include <asm/system.h>
4498 +#include <asm/io.h>
4499 +#include <asm/segment.h>
4500 +#include <asm/bitops.h>
4501 +#include <asm/system.h>
4502 +#include <asm/kgdb_local.h>
4503 +#ifdef CONFIG_KGDB_USER_CONSOLE
4504 +extern void kgdb_console_finit(void);
4507 +#define TEST_EXISTANCE
4509 +#define dbprintk(s) printk s
4511 +#define dbprintk(s)
4513 +#define TEST_INTERRUPT_off
4514 +#ifdef TEST_INTERRUPT
4515 +#define intprintk(s) printk s
4517 +#define intprintk(s)
4520 +#define IRQ_T(info) ((info->flags & ASYNC_SHARE_IRQ) ? SA_SHIRQ : SA_INTERRUPT)
4522 +#define GDB_BUF_SIZE 512 /* power of 2, please */
4524 +static char gdb_buf[GDB_BUF_SIZE];
4525 +static int gdb_buf_in_inx;
4526 +static atomic_t gdb_buf_in_cnt;
4527 +static int gdb_buf_out_inx;
4529 +struct async_struct *gdb_async_info;
4530 +static int gdb_async_irq;
4532 +#define outb_px(a,b) outb_p(b,a)
4534 +static void program_uart(struct async_struct *info);
4535 +static void write_char(struct async_struct *info, int chr);
4537 + * Get a byte from the hardware data buffer and return it
4540 +read_data_bfr(struct async_struct *info)
4542 + char it = inb_p(info->port + UART_LSR);
4544 + if (it & UART_LSR_DR)
4545 + return (inb_p(info->port + UART_RX));
4547 + * If we have a framing error assume somebody messed with
4548 + * our uart. Reprogram it and send '-' both ways...
4551 + program_uart(info);
4552 + write_char(info, '-');
4557 +} /* read_data_bfr */
4560 + * Get a char if available, return -1 if nothing available.
4561 + * Empty the receive buffer first, then look at the interface hardware.
4563 + * Locking here is a bit of a problem. We MUST not lock out communication
4564 + * if we are trying to talk to gdb about a kgdb entry. ON the other hand
4565 + * we can loose chars in the console pass thru if we don't lock. It is also
4566 + * possible that we could hold the lock or be waiting for it when kgdb
4567 + * NEEDS to talk. Since kgdb locks down the world, it does not need locks.
4568 + * We do, of course have possible issues with interrupting a uart operation,
4569 + * but we will just depend on the uart status to help keep that straight.
4572 +static spinlock_t uart_interrupt_lock = SPIN_LOCK_UNLOCKED;
4574 +extern spinlock_t kgdb_spinlock;
4578 +read_char(struct async_struct *info)
4581 + unsigned long flags;
4582 + local_irq_save(flags);
4584 + if (!spin_is_locked(&kgdb_spinlock)) {
4585 + spin_lock(&uart_interrupt_lock);
4588 + if (atomic_read(&gdb_buf_in_cnt) != 0) { /* intr routine has q'd chars */
4589 + chr = gdb_buf[gdb_buf_out_inx++];
4590 + gdb_buf_out_inx &= (GDB_BUF_SIZE - 1);
4591 + atomic_dec(&gdb_buf_in_cnt);
4593 + chr = read_data_bfr(info);
4596 + if (!spin_is_locked(&kgdb_spinlock)) {
4597 + spin_unlock(&uart_interrupt_lock);
4600 + local_irq_restore(flags);
4605 + * Wait until the interface can accept a char, then write it.
4608 +write_char(struct async_struct *info, int chr)
4610 + while (!(inb_p(info->port + UART_LSR) & UART_LSR_THRE)) ;
4612 + outb_p(chr, info->port + UART_TX);
4617 + * Mostly we don't need a spinlock, but since the console goes
4618 + * thru here with interrutps on, well, we need to catch those
4622 + * This is the receiver interrupt routine for the GDB stub.
4623 + * It will receive a limited number of characters of input
4624 + * from the gdb host machine and save them up in a buffer.
4626 + * When the gdb stub routine getDebugChar() is called it
4627 + * draws characters out of the buffer until it is empty and
4628 + * then reads directly from the serial port.
4630 + * We do not attempt to write chars from the interrupt routine
4631 + * since the stubs do all of that via putDebugChar() which
4632 + * writes one byte after waiting for the interface to become
4635 + * The debug stubs like to run with interrupts disabled since,
4636 + * after all, they run as a consequence of a breakpoint in
4639 + * Perhaps someone who knows more about the tty driver than I
4640 + * care to learn can make this work for any low level serial
4644 +gdb_interrupt(int irq, void *dev_id, struct pt_regs *regs)
4646 + struct async_struct *info;
4647 + unsigned long flags;
4649 + info = gdb_async_info;
4650 + if (!info || !info->tty || irq != gdb_async_irq)
4653 + local_irq_save(flags);
4654 + spin_lock(&uart_interrupt_lock);
4656 + int chr = read_data_bfr(info);
4657 + intprintk(("Debug char on int: %x hex\n", chr));
4661 + if (chr == 3) { /* Ctrl-C means remote interrupt */
4666 + if (atomic_read(&gdb_buf_in_cnt) >= GDB_BUF_SIZE) {
4667 + /* buffer overflow tosses early char */
4670 + gdb_buf[gdb_buf_in_inx++] = chr;
4671 + gdb_buf_in_inx &= (GDB_BUF_SIZE - 1);
4672 + } while (inb_p(info->port + UART_IIR) & UART_IIR_RDI);
4673 + spin_unlock(&uart_interrupt_lock);
4674 + local_irq_restore(flags);
4675 + return IRQ_HANDLED;
4676 +} /* gdb_interrupt */
4679 + * Just a NULL routine for testing.
4686 +/* These structure are filled in with values defined in asm/kgdb_local.h
4688 +static struct serial_state state = SB_STATE;
4689 +static struct async_struct local_info = SB_INFO;
4690 +static int ok_to_enable_ints = 0;
4691 +static void kgdb_enable_ints_now(void);
4693 +extern char *kgdb_version;
4695 + * Hook an IRQ for KGDB.
4697 + * This routine is called from putDebugChar, below.
4699 +static int ints_disabled = 1;
4701 +gdb_hook_interrupt(struct async_struct *info, int verb)
4703 + struct serial_state *state = info->state;
4704 + unsigned long flags;
4706 +#ifdef TEST_EXISTANCE
4707 + int scratch, scratch2;
4710 + /* The above fails if memory managment is not set up yet.
4711 + * Rather than fail the set up, just keep track of the fact
4712 + * and pick up the interrupt thing later.
4714 + gdb_async_info = info;
4715 + port = gdb_async_info->port;
4716 + gdb_async_irq = state->irq;
4718 + printk("kgdb %s : port =%x, IRQ=%d, divisor =%d\n",
4721 + gdb_async_irq, gdb_async_info->state->custom_divisor);
4723 + local_irq_save(flags);
4724 +#ifdef TEST_EXISTANCE
4725 + /* Existance test */
4726 + /* Should not need all this, but just in case.... */
4728 + scratch = inb_p(port + UART_IER);
4729 + outb_px(port + UART_IER, 0);
4730 + outb_px(0xff, 0x080);
4731 + scratch2 = inb_p(port + UART_IER);
4732 + outb_px(port + UART_IER, scratch);
4735 + ("gdb_hook_interrupt: Could not clear IER, not a UART!\n");
4736 + local_irq_restore(flags);
4737 + return 1; /* We failed; there's nothing here */
4739 + scratch2 = inb_p(port + UART_LCR);
4740 + outb_px(port + UART_LCR, 0xBF); /* set up for StarTech test */
4741 + outb_px(port + UART_EFR, 0); /* EFR is the same as FCR */
4742 + outb_px(port + UART_LCR, 0);
4743 + outb_px(port + UART_FCR, UART_FCR_ENABLE_FIFO);
4744 + scratch = inb_p(port + UART_IIR) >> 6;
4745 + if (scratch == 1) {
4746 + printk("gdb_hook_interrupt: Undefined UART type!"
4747 + " Not a UART! \n");
4748 + local_irq_restore(flags);
4751 + dbprintk(("gdb_hook_interrupt: UART type "
4752 + "is %d where 0=16450, 2=16550 3=16550A\n", scratch));
4754 + scratch = inb_p(port + UART_MCR);
4755 + outb_px(port + UART_MCR, UART_MCR_LOOP | scratch);
4756 + outb_px(port + UART_MCR, UART_MCR_LOOP | 0x0A);
4757 + scratch2 = inb_p(port + UART_MSR) & 0xF0;
4758 + outb_px(port + UART_MCR, scratch);
4759 + if (scratch2 != 0x90) {
4760 + printk("gdb_hook_interrupt: "
4761 + "Loop back test failed! Not a UART!\n");
4762 + local_irq_restore(flags);
4763 + return scratch2 + 1000; /* force 0 to fail */
4765 +#endif /* test existance */
4766 + program_uart(info);
4767 + local_irq_restore(flags);
4771 +} /* gdb_hook_interrupt */
4774 +program_uart(struct async_struct *info)
4776 + int port = info->port;
4778 + (void) inb_p(port + UART_RX);
4779 + outb_px(port + UART_IER, 0);
4781 + (void) inb_p(port + UART_RX); /* serial driver comments say */
4782 + (void) inb_p(port + UART_IIR); /* this clears the interrupt regs */
4783 + (void) inb_p(port + UART_MSR);
4784 + outb_px(port + UART_LCR, UART_LCR_WLEN8 | UART_LCR_DLAB);
4785 + outb_px(port + UART_DLL, info->state->custom_divisor & 0xff); /* LS */
4786 + outb_px(port + UART_DLM, info->state->custom_divisor >> 8); /* MS */
4787 + outb_px(port + UART_MCR, info->MCR);
4789 + outb_px(port + UART_FCR, UART_FCR_ENABLE_FIFO | UART_FCR_TRIGGER_1 | UART_FCR_CLEAR_XMIT | UART_FCR_CLEAR_RCVR); /* set fcr */
4790 + outb_px(port + UART_LCR, UART_LCR_WLEN8); /* reset DLAB */
4791 + outb_px(port + UART_FCR, UART_FCR_ENABLE_FIFO | UART_FCR_TRIGGER_1); /* set fcr */
4792 + if (!ints_disabled) {
4793 + intprintk(("KGDB: Sending %d to port %x offset %d\n",
4794 + gdb_async_info->IER,
4795 + (int) gdb_async_info->port, UART_IER));
4796 + outb_px(gdb_async_info->port + UART_IER, gdb_async_info->IER);
4804 + * This is a GDB stub routine. It waits for a character from the
4805 + * serial interface and then returns it. If there is no serial
4806 + * interface connection then it returns a bogus value which will
4807 + * almost certainly cause the system to hang. In the
4809 +int kgdb_in_isr = 0;
4810 +int kgdb_in_lsr = 0;
4811 +extern spinlock_t kgdb_spinlock;
4813 +/* Caller takes needed protections */
4818 + volatile int chr, dum, time, end_time;
4820 + dbprintk(("getDebugChar(port %x): ", gdb_async_info->port));
4822 + if (gdb_async_info == NULL) {
4823 + gdb_hook_interrupt(&local_info, 0);
4826 + * This trick says if we wait a very long time and get
4827 + * no char, return the -1 and let the upper level deal
4831 + end_time = time + 2;
4832 + while (((chr = read_char(gdb_async_info)) == -1) &&
4833 + (end_time - time) > 0) {
4837 + * This covers our butts if some other code messes with
4838 + * our uart, hay, it happens :o)
4841 + program_uart(gdb_async_info);
4843 + dbprintk(("%c\n", chr > ' ' && chr < 0x7F ? chr : ' '));
4846 +} /* getDebugChar */
4848 +static int count = 3;
4849 +static spinlock_t one_at_atime = SPIN_LOCK_UNLOCKED;
4852 +kgdb_enable_ints(void)
4854 + if (gdb_async_info == NULL) {
4855 + gdb_hook_interrupt(&local_info, 1);
4857 + ok_to_enable_ints = 1;
4858 + kgdb_enable_ints_now();
4859 +#ifdef CONFIG_KGDB_USER_CONSOLE
4860 + kgdb_console_finit();
4865 +#ifdef CONFIG_SERIAL_8250
4866 +void shutdown_for_kgdb(struct async_struct *gdb_async_info);
4869 +#ifdef CONFIG_DISCONTIGMEM
4870 +static inline int kgdb_mem_init_done(void)
4872 + return highmem_start_page != NULL;
4875 +static inline int kgdb_mem_init_done(void)
4877 + return max_mapnr != 0;
4882 +kgdb_enable_ints_now(void)
4884 + if (!spin_trylock(&one_at_atime))
4886 + if (!ints_disabled)
4888 + if (kgdb_mem_init_done() &&
4889 + ints_disabled) { /* don't try till mem init */
4890 +#ifdef CONFIG_SERIAL_8250
4892 + * The ifdef here allows the system to be configured
4893 + * without the serial driver.
4894 + * Don't make it a module, however, it will steal the port
4896 + shutdown_for_kgdb(gdb_async_info);
4898 + ints_disabled = request_irq(gdb_async_info->state->irq,
4900 + IRQ_T(gdb_async_info),
4901 + "KGDB-stub", NULL);
4902 + intprintk(("KGDB: request_irq returned %d\n", ints_disabled));
4904 + if (!ints_disabled) {
4905 + intprintk(("KGDB: Sending %d to port %x offset %d\n",
4906 + gdb_async_info->IER,
4907 + (int) gdb_async_info->port, UART_IER));
4908 + outb_px(gdb_async_info->port + UART_IER, gdb_async_info->IER);
4911 + spin_unlock(&one_at_atime);
4917 + * This is a GDB stub routine. It waits until the interface is ready
4918 + * to transmit a char and then sends it. If there is no serial
4919 + * interface connection then it simply returns to its caller, having
4920 + * pretended to send the char. Caller takes needed protections.
4923 +putDebugChar(int chr)
4925 + dbprintk(("putDebugChar(port %x): chr=%02x '%c', ints_on=%d\n",
4926 + gdb_async_info->port,
4928 + chr > ' ' && chr < 0x7F ? chr : ' ', ints_disabled ? 0 : 1));
4930 + if (gdb_async_info == NULL) {
4931 + gdb_hook_interrupt(&local_info, 0);
4934 + write_char(gdb_async_info, chr); /* this routine will wait */
4935 + count = (chr == '#') ? 0 : count + 1;
4936 + if ((count == 2)) { /* try to enable after */
4937 + if (ints_disabled & ok_to_enable_ints)
4938 + kgdb_enable_ints_now(); /* try to enable after */
4940 + /* We do this a lot because, well we really want to get these
4941 + * interrupts. The serial driver will clear these bits when it
4942 + * initializes the chip. Every thing else it does is ok,
4945 + if (!ints_disabled) {
4946 + outb_px(gdb_async_info->port + UART_IER,
4947 + gdb_async_info->IER);
4951 +} /* putDebugChar */
4953 +module_init(kgdb_enable_ints);
4954 Index: linux/arch/i386/mm/fault.c
4955 ===================================================================
4956 --- linux.orig/arch/i386/mm/fault.c
4957 +++ linux/arch/i386/mm/fault.c
4958 @@ -453,6 +453,12 @@ no_context:
4959 * Oops. The kernel tried to access some bad page. We'll have to
4960 * terminate things with extreme prejudice.
4963 + if (!user_mode(regs)){
4964 + kgdb_handle_exception(14,SIGBUS, error_code, regs);
4971 Index: linux/arch/x86_64/boot/compressed/head.S
4972 ===================================================================
4973 --- linux.orig/arch/x86_64/boot/compressed/head.S
4974 +++ linux/arch/x86_64/boot/compressed/head.S
4979 +#define IN_BOOTLOADER
4980 #include <linux/linkage.h>
4981 #include <asm/segment.h>
4983 Index: linux/arch/x86_64/boot/compressed/misc.c
4984 ===================================================================
4985 --- linux.orig/arch/x86_64/boot/compressed/misc.c
4986 +++ linux/arch/x86_64/boot/compressed/misc.c
4988 * High loaded stuff by Hans Lermen & Werner Almesberger, Feb. 1996
4991 +#define IN_BOOTLOADER
4992 #include "miscsetup.h"
4995 Index: linux/drivers/char/keyboard.c
4996 ===================================================================
4997 --- linux.orig/drivers/char/keyboard.c
4998 +++ linux/drivers/char/keyboard.c
4999 @@ -1078,6 +1078,9 @@ void kbd_keycode(unsigned int keycode, i
5001 if (sysrq_down && down && !rep) {
5002 handle_sysrq(kbd_sysrq_xlate[keycode], regs, tty);
5003 +#ifdef CONFIG_KGDB_SYSRQ
5004 + sysrq_down = 0; /* in case we miss the "up" event */
5009 Index: linux/drivers/char/sysrq.c
5010 ===================================================================
5011 --- linux.orig/drivers/char/sysrq.c
5012 +++ linux/drivers/char/sysrq.c
5014 #include <linux/spinlock.h>
5016 #include <asm/ptrace.h>
5017 +#ifdef CONFIG_KGDB_SYSRQ
5019 +#define GDB_OP &kgdb_op
5020 +static void kgdb_sysrq(int key, struct pt_regs *pt_regs, struct tty_struct *tty)
5022 + printk("kgdb sysrq\n");
5026 +static struct sysrq_key_op kgdb_op = {
5027 + .handler = kgdb_sysrq,
5028 + .help_msg = "kGdb|Fgdb",
5029 + .action_msg = "Debug breakpoint\n",
5033 +#define GDB_OP NULL
5037 extern void reset_vc(unsigned int);
5039 @@ -271,8 +290,8 @@ static struct sysrq_key_op *sysrq_key_ta
5040 /* c */ &sysrq_crash_op,
5042 /* e */ &sysrq_term_op,
5048 /* i */ &sysrq_kill_op,
5050 Index: linux/drivers/serial/8250.c
5051 ===================================================================
5052 --- linux.orig/drivers/serial/8250.c
5053 +++ linux/drivers/serial/8250.c
5054 @@ -882,7 +882,7 @@ receive_chars(struct uart_8250_port *up,
5055 if (unlikely(tty->flip.count >= TTY_FLIPBUF_SIZE)) {
5056 tty->flip.work.func((void *)tty);
5057 if (tty->flip.count >= TTY_FLIPBUF_SIZE)
5058 - return; // if TTY_DONT_FLIP is set
5059 + return; /* if TTY_DONT_FLIP is set */
5061 ch = serial_inp(up, UART_RX);
5062 *tty->flip.char_buf_ptr = ch;
5063 @@ -1245,12 +1245,21 @@ static void serial8250_break_ctl(struct
5064 spin_unlock_irqrestore(&up->port.lock, flags);
5068 +static int kgdb_irq = -1;
5071 static int serial8250_startup(struct uart_port *port)
5073 struct uart_8250_port *up = (struct uart_8250_port *)port;
5074 unsigned long flags;
5078 + if (up->port.irq == kgdb_irq)
5082 up->capabilities = uart_config[up->port.type].flags;
5085 @@ -1881,6 +1890,10 @@ static void __init serial8250_register_p
5086 for (i = 0; i < UART_NR; i++) {
5087 struct uart_8250_port *up = &serial8250_ports[i];
5090 + if (up->port.irq == kgdb_irq)
5091 + up->port.kgdb = 1;
5094 up->port.ops = &serial8250_pops;
5095 init_timer(&up->timer);
5096 @@ -2181,6 +2194,31 @@ void serial8250_resume_port(int line)
5097 uart_resume_port(&serial8250_reg, &serial8250_ports[line].port);
5102 + * Find all the ports using the given irq and shut them down.
5103 + * Result should be that the irq will be released.
5105 +void shutdown_for_kgdb(struct async_struct * info)
5107 + int irq = info->state->irq;
5108 + struct uart_8250_port *up;
5111 + kgdb_irq = irq; /* save for later init */
5112 + for (ttyS = 0; ttyS < UART_NR; ttyS++){
5113 + up = &serial8250_ports[ttyS];
5114 + if (up->port.irq == irq && (irq_lists + irq)->head) {
5115 +#ifdef CONFIG_DEBUG_SPINLOCK /* ugly business... */
5116 + if(up->port.lock.magic != SPINLOCK_MAGIC)
5117 + spin_lock_init(&up->port.lock);
5119 + serial8250_shutdown(&up->port);
5123 +#endif /* CONFIG_KGDB */
5125 static int __init serial8250_init(void)
5128 Index: linux/drivers/serial/serial_core.c
5129 ===================================================================
5130 --- linux.orig/drivers/serial/serial_core.c
5131 +++ linux/drivers/serial/serial_core.c
5132 @@ -1981,6 +1981,11 @@ uart_configure_port(struct uart_driver *
5142 * If there isn't a port here, don't do anything further.
5144 Index: linux/include/asm-i386/bugs.h
5145 ===================================================================
5146 --- linux.orig/include/asm-i386/bugs.h
5147 +++ linux/include/asm-i386/bugs.h
5149 #include <asm/processor.h>
5150 #include <asm/i387.h>
5151 #include <asm/msr.h>
5155 + * Provied the command line "gdb" initial break
5157 +int __init kgdb_initial_break(char * str)
5159 + if (*str == '\0'){
5165 +__setup("gdb",kgdb_initial_break);
5167 static int __init no_halt(char *s)
5169 boot_cpu_data.hlt_works_ok = 0;
5170 Index: linux/include/asm-i386/kgdb.h
5171 ===================================================================
5172 --- linux.orig/include/asm-i386/kgdb.h
5173 +++ linux/include/asm-i386/kgdb.h
5179 + * This file should not include ANY others. This makes it usable
5180 + * most anywhere without the fear of include order or inclusion.
5183 + * This file may be included all the time. It is only active if
5184 + * CONFIG_KGDB is defined, otherwise it stubs out all the macros
5185 + * and entry points.
5187 +#if defined(CONFIG_KGDB) && !defined(__ASSEMBLY__)
5189 +extern void breakpoint(void);
5190 +#define INIT_KGDB_INTS kgdb_enable_ints()
5193 +#define BREAKPOINT() asm(" int $3")
5196 + * GDB debug stub (or any debug stub) can point the 'linux_debug_hook'
5197 + * pointer to its routine and it will be entered as the first thing
5198 + * when a trap occurs.
5200 + * Return values are, at present, undefined.
5202 + * The debug hook routine does not necessarily return to its caller.
5203 + * It has the register image and thus may choose to resume execution
5204 + * anywhere it pleases.
5208 +extern int kgdb_handle_exception(int trapno,
5209 + int signo, int err_code, struct pt_regs *regs);
5210 +extern int in_kgdb(struct pt_regs *regs);
5212 +#ifdef CONFIG_KGDB_TS
5213 +void kgdb_tstamp(int line, char *source, int data0, int data1);
5215 + * This is the time stamp function. The macro adds the source info and
5216 + * does a cast on the data to allow most any 32-bit value.
5219 +#define kgdb_ts(data0,data1) kgdb_tstamp(__LINE__,__FILE__,(int)data0,(int)data1)
5221 +#define kgdb_ts(data0,data1)
5223 +#else /* CONFIG_KGDB && ! __ASSEMBLY__ ,stubs follow... */
5225 +#define BREAKPOINT()
5227 +#define kgdb_ts(data0,data1)
5229 +#define kgdb_handle_exception
5231 +#define INIT_KGDB_INTS
5233 +#endif /* __KGDB */
5234 Index: linux/include/asm-i386/kgdb_local.h
5235 ===================================================================
5236 --- linux.orig/include/asm-i386/kgdb_local.h
5237 +++ linux/include/asm-i386/kgdb_local.h
5239 +#ifndef __KGDB_LOCAL
5240 +#define ___KGDB_LOCAL
5241 +#include <linux/config.h>
5242 +#include <linux/types.h>
5243 +#include <linux/serial.h>
5244 +#include <linux/serialP.h>
5245 +#include <linux/spinlock.h>
5246 +#include <asm/processor.h>
5247 +#include <asm/msr.h>
5248 +#include <asm/kgdb.h>
5251 +#ifdef CONFIG_KGDB_PORT
5253 +#define PORT CONFIG_KGDB_PORT
5256 +#ifdef CONFIG_KGDB_IRQ
5258 +#define IRQ CONFIG_KGDB_IRQ
5260 +#define SB_CLOCK 1843200
5261 +#define SB_BASE (SB_CLOCK/16)
5262 +#define SB_BAUD9600 SB_BASE/9600
5263 +#define SB_BAUD192 SB_BASE/19200
5264 +#define SB_BAUD384 SB_BASE/38400
5265 +#define SB_BAUD576 SB_BASE/57600
5266 +#define SB_BAUD1152 SB_BASE/115200
5267 +#ifdef CONFIG_KGDB_9600BAUD
5268 +#define SB_BAUD SB_BAUD9600
5270 +#ifdef CONFIG_KGDB_19200BAUD
5271 +#define SB_BAUD SB_BAUD192
5273 +#ifdef CONFIG_KGDB_38400BAUD
5274 +#define SB_BAUD SB_BAUD384
5276 +#ifdef CONFIG_KGDB_57600BAUD
5277 +#define SB_BAUD SB_BAUD576
5279 +#ifdef CONFIG_KGDB_115200BAUD
5280 +#define SB_BAUD SB_BAUD1152
5283 +#define SB_BAUD SB_BAUD1152 /* Start with this if not given */
5286 +#ifndef CONFIG_X86_TSC
5288 +#define rdtsc(a,b) if (a++ > 10000){a = 0; b++;}
5290 +#define rdtscll(s) s++
5293 +#ifdef _raw_read_unlock /* must use a name that is "define"ed, not an inline */
5295 +#undef spin_trylock
5297 +#define spin_lock _raw_spin_lock
5298 +#define spin_trylock _raw_spin_trylock
5299 +#define spin_unlock _raw_spin_unlock
5302 +#undef spin_unlock_wait
5303 +#define spin_unlock_wait(x) do { cpu_relax(); barrier();} \
5304 + while(spin_is_locked(x))
5307 +#define SB_MCR UART_MCR_OUT2 | UART_MCR_DTR | UART_MCR_RTS
5310 +#define SB_STATE { \
5311 + magic: SSTATE_MAGIC, \
5312 + baud_base: SB_BASE, \
5316 + custom_divisor:SB_BAUD}
5317 +#define SB_INFO { \
5318 + magic: SERIAL_MAGIC, \
5319 + port: PORT,0,FLAGS, \
5321 + tty: (struct tty_struct *)&state, \
5324 +extern void putDebugChar(int);
5325 +/* RTAI support needs us to really stop/start interrupts */
5327 +#define kgdb_sti() __asm__ __volatile__("sti": : :"memory")
5328 +#define kgdb_cli() __asm__ __volatile__("cli": : :"memory")
5329 +#define kgdb_local_save_flags(x) __asm__ __volatile__(\
5330 + "pushfl ; popl %0":"=g" (x): /* no input */)
5331 +#define kgdb_local_irq_restore(x) __asm__ __volatile__(\
5332 + "pushl %0 ; popfl": \
5333 + /* no output */ :"g" (x):"memory", "cc")
5334 +#define kgdb_local_irq_save(x) kgdb_local_save_flags(x); kgdb_cli()
5336 +#ifdef CONFIG_SERIAL
5337 +extern void shutdown_for_kgdb(struct async_struct *info);
5339 +#define INIT_KDEBUG putDebugChar("+");
5340 +#endif /* __KGDB_LOCAL */
5341 Index: linux/include/asm-x86_64/kgdb.h
5342 ===================================================================
5343 --- linux.orig/include/asm-x86_64/kgdb.h
5344 +++ linux/include/asm-x86_64/kgdb.h
5350 + * This file should not include ANY others. This makes it usable
5351 + * most anywhere without the fear of include order or inclusion.
5354 + * This file may be included all the time. It is only active if
5355 + * CONFIG_KGDB is defined, otherwise it stubs out all the macros
5356 + * and entry points.
5359 +#define BREAKPOINT()
5362 +#define kgdb_ts(data0,data1)
5364 +#define kgdb_handle_exception
5366 +#define INIT_KGDB_INTS
5368 +#endif /* __KGDB */
5369 Index: linux/include/linux/config.h
5370 ===================================================================
5371 --- linux.orig/include/linux/config.h
5372 +++ linux/include/linux/config.h
5374 #define _LINUX_CONFIG_H
5376 #include <linux/autoconf.h>
5377 +#if defined(__i386__) && !defined(IN_BOOTLOADER)
5378 +#include <asm/kgdb.h>
5380 #if !defined (__KERNEL__) && !defined(__KERNGLUE__)
5381 #error including kernel header in userspace; use the glibc headers instead!
5383 Index: linux/include/linux/dwarf2-lang.h
5384 ===================================================================
5385 --- linux.orig/include/linux/dwarf2-lang.h
5386 +++ linux/include/linux/dwarf2-lang.h
5388 +#ifndef DWARF2_LANG
5389 +#define DWARF2_LANG
5390 +#include <linux/dwarf2.h>
5393 + * This is free software; you can redistribute it and/or modify it under
5394 + * the terms of the GNU General Public License as published by the Free
5395 + * Software Foundation; either version 2, or (at your option) any later
5399 + * This file defines macros that allow generation of DWARF debug records
5400 + * for asm files. This file is platform independent. Register numbers
5401 + * (which are about the only thing that is platform dependent) are to be
5402 + * supplied by a platform defined file.
5404 +#define DWARF_preamble() .section .debug_frame,"",@progbits
5406 + * This macro starts a debug frame section. The debug_frame describes
5407 + * where to find the registers that the enclosing function saved on
5410 + * ORD is use by the label generator and should be the same as what is
5411 + * passed to CFI_postamble.
5413 + * pc, pc register gdb ordinal.
5415 + * code_align this is the factor used to define locations or regions
5416 + * where the given definitions apply. If you use labels to define these
5417 + * this should be 1.
5419 + * data_align this is the factor used to define register offsets. If
5420 + * you use struct offset, this should be the size of the register in
5421 + * bytes or the negative of that. This is how it is used: you will
5422 + * define a register as the reference register, say the stack pointer,
5423 + * then you will say where a register is located relative to this
5424 + * reference registers value, say 40 for register 3 (the gdb register
5425 + * number). The <40> will be multiplied by <data_align> to define the
5426 + * byte offset of the given register (3, in this example). So if your
5427 + * <40> is the byte offset and the reference register points at the
5428 + * begining, you would want 1 for the data_offset. If <40> was the 40th
5429 + * 4-byte element in that structure you would want 4. And if your
5430 + * reference register points at the end of the structure you would want
5431 + * a negative data_align value(and you would have to do other math as
5435 +#define CFI_preamble(ORD, pc, code_align, data_align) \
5436 +.section .debug_frame,"",@progbits ; \
5437 +frame/**/_/**/ORD: \
5438 + .long end/**/_/**/ORD-start/**/_/**/ORD; \
5439 +start/**/_/**/ORD: \
5440 + .long DW_CIE_ID; \
5441 + .byte DW_CIE_VERSION; \
5443 + .uleb128 code_align; \
5444 + .sleb128 data_align; \
5448 + * After the above macro and prior to the CFI_postamble, you need to
5449 + * define the initial state. This starts with defining the reference
5450 + * register and, usually the pc. Here are some helper macros:
5453 +#define CFA_define_reference(reg, offset) \
5454 + .byte DW_CFA_def_cfa; \
5456 + .uleb128 (offset);
5458 +#define CFA_define_offset(reg, offset) \
5459 + .byte (DW_CFA_offset + reg); \
5460 + .uleb128 (offset);
5462 +#define CFI_postamble(ORD) \
5466 + * So now your code pushs stuff on the stack, you need a new location
5467 + * and the rules for what to do. This starts a running description of
5468 + * the call frame. You need to describe what changes with respect to
5469 + * the call registers as the location of the pc moves through the code.
5470 + * The following builds an FDE (fram descriptor entry?). Like the
5471 + * above, it has a preamble and a postamble. It also is tied to the CFI
5473 + * The first entry after the preamble must be the location in the code
5474 + * that the call frame is being described for.
5476 +#define FDE_preamble(ORD, fde_no, initial_address, length) \
5477 + .long FDE_end/**/_/**/fde_no-FDE_start/**/_/**/fde_no; \
5478 +FDE_start/**/_/**/fde_no: \
5479 + .long frame/**/_/**/ORD; \
5480 + .long initial_address; \
5483 +#define FDE_postamble(fde_no) \
5485 +FDE_end/**/_/**/fde_no:
5487 + * That done, you can now add registers, subtract registers, move the
5488 + * reference and even change the reference. You can also define a new
5489 + * area of code the info applies to. For discontinuous bits you should
5490 + * start a new FDE. You may have as many as you like.
5494 + * To advance the address by <bytes>
5497 +#define FDE_advance(bytes) \
5498 + .byte DW_CFA_advance_loc4 \
5504 + * With the above you can define all the register locations. But
5505 + * suppose the reference register moves... Takes the new offset NOT an
5506 + * increment. This is how esp is tracked if it is not saved.
5509 +#define CFA_define_cfa_offset(offset) \
5510 + .byte $DW_CFA_def_cfa_offset; \
5511 + .uleb128 (offset);
5513 + * Or suppose you want to use a different reference register...
5515 +#define CFA_define_cfa_register(reg) \
5516 + .byte DW_CFA_def_cfa_register; \
5520 Index: linux/include/linux/dwarf2.h
5521 ===================================================================
5522 --- linux.orig/include/linux/dwarf2.h
5523 +++ linux/include/linux/dwarf2.h
5525 +/* Declarations and definitions of codes relating to the DWARF2 symbolic
5526 + debugging information format.
5527 + Copyright (C) 1992, 1993, 1995, 1996, 1997, 1999, 2000, 2001, 2002
5528 + Free Software Foundation, Inc.
5530 + Written by Gary Funck (gary@intrepid.com) The Ada Joint Program
5531 + Office (AJPO), Florida State Unviversity and Silicon Graphics Inc.
5532 + provided support for this effort -- June 21, 1995.
5534 + Derived from the DWARF 1 implementation written by Ron Guilmette
5535 + (rfg@netcom.com), November 1990.
5537 + This file is part of GCC.
5539 + GCC is free software; you can redistribute it and/or modify it under
5540 + the terms of the GNU General Public License as published by the Free
5541 + Software Foundation; either version 2, or (at your option) any later
5544 + GCC is distributed in the hope that it will be useful, but WITHOUT
5545 + ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
5546 + or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public
5547 + License for more details.
5549 + You should have received a copy of the GNU General Public License
5550 + along with GCC; see the file COPYING. If not, write to the Free
5551 + Software Foundation, 59 Temple Place - Suite 330, Boston, MA
5552 + 02111-1307, USA. */
5554 +/* This file is derived from the DWARF specification (a public document)
5555 + Revision 2.0.0 (July 27, 1993) developed by the UNIX International
5556 + Programming Languages Special Interest Group (UI/PLSIG) and distributed
5557 + by UNIX International. Copies of this specification are available from
5558 + UNIX International, 20 Waterview Boulevard, Parsippany, NJ, 07054.
5560 + This file also now contains definitions from the DWARF 3 specification. */
5562 +/* This file is shared between GCC and GDB, and should not contain
5565 +#ifndef _ELF_DWARF2_H
5566 +#define _ELF_DWARF2_H
5568 +/* Structure found in the .debug_line section. */
5569 +#ifndef __ASSEMBLY__
5572 + unsigned char li_length [4];
5573 + unsigned char li_version [2];
5574 + unsigned char li_prologue_length [4];
5575 + unsigned char li_min_insn_length [1];
5576 + unsigned char li_default_is_stmt [1];
5577 + unsigned char li_line_base [1];
5578 + unsigned char li_line_range [1];
5579 + unsigned char li_opcode_base [1];
5581 +DWARF2_External_LineInfo;
5585 + unsigned long li_length;
5586 + unsigned short li_version;
5587 + unsigned int li_prologue_length;
5588 + unsigned char li_min_insn_length;
5589 + unsigned char li_default_is_stmt;
5591 + unsigned char li_line_range;
5592 + unsigned char li_opcode_base;
5594 +DWARF2_Internal_LineInfo;
5596 +/* Structure found in .debug_pubnames section. */
5599 + unsigned char pn_length [4];
5600 + unsigned char pn_version [2];
5601 + unsigned char pn_offset [4];
5602 + unsigned char pn_size [4];
5604 +DWARF2_External_PubNames;
5608 + unsigned long pn_length;
5609 + unsigned short pn_version;
5610 + unsigned long pn_offset;
5611 + unsigned long pn_size;
5613 +DWARF2_Internal_PubNames;
5615 +/* Structure found in .debug_info section. */
5618 + unsigned char cu_length [4];
5619 + unsigned char cu_version [2];
5620 + unsigned char cu_abbrev_offset [4];
5621 + unsigned char cu_pointer_size [1];
5623 +DWARF2_External_CompUnit;
5627 + unsigned long cu_length;
5628 + unsigned short cu_version;
5629 + unsigned long cu_abbrev_offset;
5630 + unsigned char cu_pointer_size;
5632 +DWARF2_Internal_CompUnit;
5636 + unsigned char ar_length [4];
5637 + unsigned char ar_version [2];
5638 + unsigned char ar_info_offset [4];
5639 + unsigned char ar_pointer_size [1];
5640 + unsigned char ar_segment_size [1];
5642 +DWARF2_External_ARange;
5646 + unsigned long ar_length;
5647 + unsigned short ar_version;
5648 + unsigned long ar_info_offset;
5649 + unsigned char ar_pointer_size;
5650 + unsigned char ar_segment_size;
5652 +DWARF2_Internal_ARange;
5654 +#define ENUM(name) enum name {
5655 +#define IF_NOT_ASM(a) a
5659 +#define IF_NOT_ASM(a)
5664 +/* Tag names and codes. */
5667 + DW_TAG_padding = 0x00 COMMA
5668 + DW_TAG_array_type = 0x01 COMMA
5669 + DW_TAG_class_type = 0x02 COMMA
5670 + DW_TAG_entry_point = 0x03 COMMA
5671 + DW_TAG_enumeration_type = 0x04 COMMA
5672 + DW_TAG_formal_parameter = 0x05 COMMA
5673 + DW_TAG_imported_declaration = 0x08 COMMA
5674 + DW_TAG_label = 0x0a COMMA
5675 + DW_TAG_lexical_block = 0x0b COMMA
5676 + DW_TAG_member = 0x0d COMMA
5677 + DW_TAG_pointer_type = 0x0f COMMA
5678 + DW_TAG_reference_type = 0x10 COMMA
5679 + DW_TAG_compile_unit = 0x11 COMMA
5680 + DW_TAG_string_type = 0x12 COMMA
5681 + DW_TAG_structure_type = 0x13 COMMA
5682 + DW_TAG_subroutine_type = 0x15 COMMA
5683 + DW_TAG_typedef = 0x16 COMMA
5684 + DW_TAG_union_type = 0x17 COMMA
5685 + DW_TAG_unspecified_parameters = 0x18 COMMA
5686 + DW_TAG_variant = 0x19 COMMA
5687 + DW_TAG_common_block = 0x1a COMMA
5688 + DW_TAG_common_inclusion = 0x1b COMMA
5689 + DW_TAG_inheritance = 0x1c COMMA
5690 + DW_TAG_inlined_subroutine = 0x1d COMMA
5691 + DW_TAG_module = 0x1e COMMA
5692 + DW_TAG_ptr_to_member_type = 0x1f COMMA
5693 + DW_TAG_set_type = 0x20 COMMA
5694 + DW_TAG_subrange_type = 0x21 COMMA
5695 + DW_TAG_with_stmt = 0x22 COMMA
5696 + DW_TAG_access_declaration = 0x23 COMMA
5697 + DW_TAG_base_type = 0x24 COMMA
5698 + DW_TAG_catch_block = 0x25 COMMA
5699 + DW_TAG_const_type = 0x26 COMMA
5700 + DW_TAG_constant = 0x27 COMMA
5701 + DW_TAG_enumerator = 0x28 COMMA
5702 + DW_TAG_file_type = 0x29 COMMA
5703 + DW_TAG_friend = 0x2a COMMA
5704 + DW_TAG_namelist = 0x2b COMMA
5705 + DW_TAG_namelist_item = 0x2c COMMA
5706 + DW_TAG_packed_type = 0x2d COMMA
5707 + DW_TAG_subprogram = 0x2e COMMA
5708 + DW_TAG_template_type_param = 0x2f COMMA
5709 + DW_TAG_template_value_param = 0x30 COMMA
5710 + DW_TAG_thrown_type = 0x31 COMMA
5711 + DW_TAG_try_block = 0x32 COMMA
5712 + DW_TAG_variant_part = 0x33 COMMA
5713 + DW_TAG_variable = 0x34 COMMA
5714 + DW_TAG_volatile_type = 0x35 COMMA
5716 + DW_TAG_dwarf_procedure = 0x36 COMMA
5717 + DW_TAG_restrict_type = 0x37 COMMA
5718 + DW_TAG_interface_type = 0x38 COMMA
5719 + DW_TAG_namespace = 0x39 COMMA
5720 + DW_TAG_imported_module = 0x3a COMMA
5721 + DW_TAG_unspecified_type = 0x3b COMMA
5722 + DW_TAG_partial_unit = 0x3c COMMA
5723 + DW_TAG_imported_unit = 0x3d COMMA
5724 + /* SGI/MIPS Extensions. */
5725 + DW_TAG_MIPS_loop = 0x4081 COMMA
5726 + /* GNU extensions. */
5727 + DW_TAG_format_label = 0x4101 COMMA /* For FORTRAN 77 and Fortran 90. */
5728 + DW_TAG_function_template = 0x4102 COMMA /* For C++. */
5729 + DW_TAG_class_template = 0x4103 COMMA /* For C++. */
5730 + DW_TAG_GNU_BINCL = 0x4104 COMMA
5731 + DW_TAG_GNU_EINCL = 0x4105 COMMA
5732 + /* Extensions for UPC. See: http://upc.gwu.edu/~upc. */
5733 + DW_TAG_upc_shared_type = 0x8765 COMMA
5734 + DW_TAG_upc_strict_type = 0x8766 COMMA
5735 + DW_TAG_upc_relaxed_type = 0x8767
5738 +#define DW_TAG_lo_user 0x4080
5739 +#define DW_TAG_hi_user 0xffff
5741 +/* Flag that tells whether entry has a child or not. */
5742 +#define DW_children_no 0
5743 +#define DW_children_yes 1
5745 +/* Form names and codes. */
5748 + DW_FORM_addr = 0x01 COMMA
5749 + DW_FORM_block2 = 0x03 COMMA
5750 + DW_FORM_block4 = 0x04 COMMA
5751 + DW_FORM_data2 = 0x05 COMMA
5752 + DW_FORM_data4 = 0x06 COMMA
5753 + DW_FORM_data8 = 0x07 COMMA
5754 + DW_FORM_string = 0x08 COMMA
5755 + DW_FORM_block = 0x09 COMMA
5756 + DW_FORM_block1 = 0x0a COMMA
5757 + DW_FORM_data1 = 0x0b COMMA
5758 + DW_FORM_flag = 0x0c COMMA
5759 + DW_FORM_sdata = 0x0d COMMA
5760 + DW_FORM_strp = 0x0e COMMA
5761 + DW_FORM_udata = 0x0f COMMA
5762 + DW_FORM_ref_addr = 0x10 COMMA
5763 + DW_FORM_ref1 = 0x11 COMMA
5764 + DW_FORM_ref2 = 0x12 COMMA
5765 + DW_FORM_ref4 = 0x13 COMMA
5766 + DW_FORM_ref8 = 0x14 COMMA
5767 + DW_FORM_ref_udata = 0x15 COMMA
5768 + DW_FORM_indirect = 0x16
5771 +/* Attribute names and codes. */
5773 +ENUM(dwarf_attribute)
5775 + DW_AT_sibling = 0x01 COMMA
5776 + DW_AT_location = 0x02 COMMA
5777 + DW_AT_name = 0x03 COMMA
5778 + DW_AT_ordering = 0x09 COMMA
5779 + DW_AT_subscr_data = 0x0a COMMA
5780 + DW_AT_byte_size = 0x0b COMMA
5781 + DW_AT_bit_offset = 0x0c COMMA
5782 + DW_AT_bit_size = 0x0d COMMA
5783 + DW_AT_element_list = 0x0f COMMA
5784 + DW_AT_stmt_list = 0x10 COMMA
5785 + DW_AT_low_pc = 0x11 COMMA
5786 + DW_AT_high_pc = 0x12 COMMA
5787 + DW_AT_language = 0x13 COMMA
5788 + DW_AT_member = 0x14 COMMA
5789 + DW_AT_discr = 0x15 COMMA
5790 + DW_AT_discr_value = 0x16 COMMA
5791 + DW_AT_visibility = 0x17 COMMA
5792 + DW_AT_import = 0x18 COMMA
5793 + DW_AT_string_length = 0x19 COMMA
5794 + DW_AT_common_reference = 0x1a COMMA
5795 + DW_AT_comp_dir = 0x1b COMMA
5796 + DW_AT_const_value = 0x1c COMMA
5797 + DW_AT_containing_type = 0x1d COMMA
5798 + DW_AT_default_value = 0x1e COMMA
5799 + DW_AT_inline = 0x20 COMMA
5800 + DW_AT_is_optional = 0x21 COMMA
5801 + DW_AT_lower_bound = 0x22 COMMA
5802 + DW_AT_producer = 0x25 COMMA
5803 + DW_AT_prototyped = 0x27 COMMA
5804 + DW_AT_return_addr = 0x2a COMMA
5805 + DW_AT_start_scope = 0x2c COMMA
5806 + DW_AT_stride_size = 0x2e COMMA
5807 + DW_AT_upper_bound = 0x2f COMMA
5808 + DW_AT_abstract_origin = 0x31 COMMA
5809 + DW_AT_accessibility = 0x32 COMMA
5810 + DW_AT_address_class = 0x33 COMMA
5811 + DW_AT_artificial = 0x34 COMMA
5812 + DW_AT_base_types = 0x35 COMMA
5813 + DW_AT_calling_convention = 0x36 COMMA
5814 + DW_AT_count = 0x37 COMMA
5815 + DW_AT_data_member_location = 0x38 COMMA
5816 + DW_AT_decl_column = 0x39 COMMA
5817 + DW_AT_decl_file = 0x3a COMMA
5818 + DW_AT_decl_line = 0x3b COMMA
5819 + DW_AT_declaration = 0x3c COMMA
5820 + DW_AT_discr_list = 0x3d COMMA
5821 + DW_AT_encoding = 0x3e COMMA
5822 + DW_AT_external = 0x3f COMMA
5823 + DW_AT_frame_base = 0x40 COMMA
5824 + DW_AT_friend = 0x41 COMMA
5825 + DW_AT_identifier_case = 0x42 COMMA
5826 + DW_AT_macro_info = 0x43 COMMA
5827 + DW_AT_namelist_items = 0x44 COMMA
5828 + DW_AT_priority = 0x45 COMMA
5829 + DW_AT_segment = 0x46 COMMA
5830 + DW_AT_specification = 0x47 COMMA
5831 + DW_AT_static_link = 0x48 COMMA
5832 + DW_AT_type = 0x49 COMMA
5833 + DW_AT_use_location = 0x4a COMMA
5834 + DW_AT_variable_parameter = 0x4b COMMA
5835 + DW_AT_virtuality = 0x4c COMMA
5836 + DW_AT_vtable_elem_location = 0x4d COMMA
5837 + /* DWARF 3 values. */
5838 + DW_AT_allocated = 0x4e COMMA
5839 + DW_AT_associated = 0x4f COMMA
5840 + DW_AT_data_location = 0x50 COMMA
5841 + DW_AT_stride = 0x51 COMMA
5842 + DW_AT_entry_pc = 0x52 COMMA
5843 + DW_AT_use_UTF8 = 0x53 COMMA
5844 + DW_AT_extension = 0x54 COMMA
5845 + DW_AT_ranges = 0x55 COMMA
5846 + DW_AT_trampoline = 0x56 COMMA
5847 + DW_AT_call_column = 0x57 COMMA
5848 + DW_AT_call_file = 0x58 COMMA
5849 + DW_AT_call_line = 0x59 COMMA
5850 + /* SGI/MIPS extensions. */
5851 + DW_AT_MIPS_fde = 0x2001 COMMA
5852 + DW_AT_MIPS_loop_begin = 0x2002 COMMA
5853 + DW_AT_MIPS_tail_loop_begin = 0x2003 COMMA
5854 + DW_AT_MIPS_epilog_begin = 0x2004 COMMA
5855 + DW_AT_MIPS_loop_unroll_factor = 0x2005 COMMA
5856 + DW_AT_MIPS_software_pipeline_depth = 0x2006 COMMA
5857 + DW_AT_MIPS_linkage_name = 0x2007 COMMA
5858 + DW_AT_MIPS_stride = 0x2008 COMMA
5859 + DW_AT_MIPS_abstract_name = 0x2009 COMMA
5860 + DW_AT_MIPS_clone_origin = 0x200a COMMA
5861 + DW_AT_MIPS_has_inlines = 0x200b COMMA
5862 + /* GNU extensions. */
5863 + DW_AT_sf_names = 0x2101 COMMA
5864 + DW_AT_src_info = 0x2102 COMMA
5865 + DW_AT_mac_info = 0x2103 COMMA
5866 + DW_AT_src_coords = 0x2104 COMMA
5867 + DW_AT_body_begin = 0x2105 COMMA
5868 + DW_AT_body_end = 0x2106 COMMA
5869 + DW_AT_GNU_vector = 0x2107 COMMA
5870 + /* VMS extensions. */
5871 + DW_AT_VMS_rtnbeg_pd_address = 0x2201 COMMA
5872 + /* UPC extension. */
5873 + DW_AT_upc_threads_scaled = 0x3210
5876 +#define DW_AT_lo_user 0x2000 /* Implementation-defined range start. */
5877 +#define DW_AT_hi_user 0x3ff0 /* Implementation-defined range end. */
5879 +/* Location atom names and codes. */
5880 +ENUM(dwarf_location_atom)
5882 + DW_OP_addr = 0x03 COMMA
5883 + DW_OP_deref = 0x06 COMMA
5884 + DW_OP_const1u = 0x08 COMMA
5885 + DW_OP_const1s = 0x09 COMMA
5886 + DW_OP_const2u = 0x0a COMMA
5887 + DW_OP_const2s = 0x0b COMMA
5888 + DW_OP_const4u = 0x0c COMMA
5889 + DW_OP_const4s = 0x0d COMMA
5890 + DW_OP_const8u = 0x0e COMMA
5891 + DW_OP_const8s = 0x0f COMMA
5892 + DW_OP_constu = 0x10 COMMA
5893 + DW_OP_consts = 0x11 COMMA
5894 + DW_OP_dup = 0x12 COMMA
5895 + DW_OP_drop = 0x13 COMMA
5896 + DW_OP_over = 0x14 COMMA
5897 + DW_OP_pick = 0x15 COMMA
5898 + DW_OP_swap = 0x16 COMMA
5899 + DW_OP_rot = 0x17 COMMA
5900 + DW_OP_xderef = 0x18 COMMA
5901 + DW_OP_abs = 0x19 COMMA
5902 + DW_OP_and = 0x1a COMMA
5903 + DW_OP_div = 0x1b COMMA
5904 + DW_OP_minus = 0x1c COMMA
5905 + DW_OP_mod = 0x1d COMMA
5906 + DW_OP_mul = 0x1e COMMA
5907 + DW_OP_neg = 0x1f COMMA
5908 + DW_OP_not = 0x20 COMMA
5909 + DW_OP_or = 0x21 COMMA
5910 + DW_OP_plus = 0x22 COMMA
5911 + DW_OP_plus_uconst = 0x23 COMMA
5912 + DW_OP_shl = 0x24 COMMA
5913 + DW_OP_shr = 0x25 COMMA
5914 + DW_OP_shra = 0x26 COMMA
5915 + DW_OP_xor = 0x27 COMMA
5916 + DW_OP_bra = 0x28 COMMA
5917 + DW_OP_eq = 0x29 COMMA
5918 + DW_OP_ge = 0x2a COMMA
5919 + DW_OP_gt = 0x2b COMMA
5920 + DW_OP_le = 0x2c COMMA
5921 + DW_OP_lt = 0x2d COMMA
5922 + DW_OP_ne = 0x2e COMMA
5923 + DW_OP_skip = 0x2f COMMA
5924 + DW_OP_lit0 = 0x30 COMMA
5925 + DW_OP_lit1 = 0x31 COMMA
5926 + DW_OP_lit2 = 0x32 COMMA
5927 + DW_OP_lit3 = 0x33 COMMA
5928 + DW_OP_lit4 = 0x34 COMMA
5929 + DW_OP_lit5 = 0x35 COMMA
5930 + DW_OP_lit6 = 0x36 COMMA
5931 + DW_OP_lit7 = 0x37 COMMA
5932 + DW_OP_lit8 = 0x38 COMMA
5933 + DW_OP_lit9 = 0x39 COMMA
5934 + DW_OP_lit10 = 0x3a COMMA
5935 + DW_OP_lit11 = 0x3b COMMA
5936 + DW_OP_lit12 = 0x3c COMMA
5937 + DW_OP_lit13 = 0x3d COMMA
5938 + DW_OP_lit14 = 0x3e COMMA
5939 + DW_OP_lit15 = 0x3f COMMA
5940 + DW_OP_lit16 = 0x40 COMMA
5941 + DW_OP_lit17 = 0x41 COMMA
5942 + DW_OP_lit18 = 0x42 COMMA
5943 + DW_OP_lit19 = 0x43 COMMA
5944 + DW_OP_lit20 = 0x44 COMMA
5945 + DW_OP_lit21 = 0x45 COMMA
5946 + DW_OP_lit22 = 0x46 COMMA
5947 + DW_OP_lit23 = 0x47 COMMA
5948 + DW_OP_lit24 = 0x48 COMMA
5949 + DW_OP_lit25 = 0x49 COMMA
5950 + DW_OP_lit26 = 0x4a COMMA
5951 + DW_OP_lit27 = 0x4b COMMA
5952 + DW_OP_lit28 = 0x4c COMMA
5953 + DW_OP_lit29 = 0x4d COMMA
5954 + DW_OP_lit30 = 0x4e COMMA
5955 + DW_OP_lit31 = 0x4f COMMA
5956 + DW_OP_reg0 = 0x50 COMMA
5957 + DW_OP_reg1 = 0x51 COMMA
5958 + DW_OP_reg2 = 0x52 COMMA
5959 + DW_OP_reg3 = 0x53 COMMA
5960 + DW_OP_reg4 = 0x54 COMMA
5961 + DW_OP_reg5 = 0x55 COMMA
5962 + DW_OP_reg6 = 0x56 COMMA
5963 + DW_OP_reg7 = 0x57 COMMA
5964 + DW_OP_reg8 = 0x58 COMMA
5965 + DW_OP_reg9 = 0x59 COMMA
5966 + DW_OP_reg10 = 0x5a COMMA
5967 + DW_OP_reg11 = 0x5b COMMA
5968 + DW_OP_reg12 = 0x5c COMMA
5969 + DW_OP_reg13 = 0x5d COMMA
5970 + DW_OP_reg14 = 0x5e COMMA
5971 + DW_OP_reg15 = 0x5f COMMA
5972 + DW_OP_reg16 = 0x60 COMMA
5973 + DW_OP_reg17 = 0x61 COMMA
5974 + DW_OP_reg18 = 0x62 COMMA
5975 + DW_OP_reg19 = 0x63 COMMA
5976 + DW_OP_reg20 = 0x64 COMMA
5977 + DW_OP_reg21 = 0x65 COMMA
5978 + DW_OP_reg22 = 0x66 COMMA
5979 + DW_OP_reg23 = 0x67 COMMA
5980 + DW_OP_reg24 = 0x68 COMMA
5981 + DW_OP_reg25 = 0x69 COMMA
5982 + DW_OP_reg26 = 0x6a COMMA
5983 + DW_OP_reg27 = 0x6b COMMA
5984 + DW_OP_reg28 = 0x6c COMMA
5985 + DW_OP_reg29 = 0x6d COMMA
5986 + DW_OP_reg30 = 0x6e COMMA
5987 + DW_OP_reg31 = 0x6f COMMA
5988 + DW_OP_breg0 = 0x70 COMMA
5989 + DW_OP_breg1 = 0x71 COMMA
5990 + DW_OP_breg2 = 0x72 COMMA
5991 + DW_OP_breg3 = 0x73 COMMA
5992 + DW_OP_breg4 = 0x74 COMMA
5993 + DW_OP_breg5 = 0x75 COMMA
5994 + DW_OP_breg6 = 0x76 COMMA
5995 + DW_OP_breg7 = 0x77 COMMA
5996 + DW_OP_breg8 = 0x78 COMMA
5997 + DW_OP_breg9 = 0x79 COMMA
5998 + DW_OP_breg10 = 0x7a COMMA
5999 + DW_OP_breg11 = 0x7b COMMA
6000 + DW_OP_breg12 = 0x7c COMMA
6001 + DW_OP_breg13 = 0x7d COMMA
6002 + DW_OP_breg14 = 0x7e COMMA
6003 + DW_OP_breg15 = 0x7f COMMA
6004 + DW_OP_breg16 = 0x80 COMMA
6005 + DW_OP_breg17 = 0x81 COMMA
6006 + DW_OP_breg18 = 0x82 COMMA
6007 + DW_OP_breg19 = 0x83 COMMA
6008 + DW_OP_breg20 = 0x84 COMMA
6009 + DW_OP_breg21 = 0x85 COMMA
6010 + DW_OP_breg22 = 0x86 COMMA
6011 + DW_OP_breg23 = 0x87 COMMA
6012 + DW_OP_breg24 = 0x88 COMMA
6013 + DW_OP_breg25 = 0x89 COMMA
6014 + DW_OP_breg26 = 0x8a COMMA
6015 + DW_OP_breg27 = 0x8b COMMA
6016 + DW_OP_breg28 = 0x8c COMMA
6017 + DW_OP_breg29 = 0x8d COMMA
6018 + DW_OP_breg30 = 0x8e COMMA
6019 + DW_OP_breg31 = 0x8f COMMA
6020 + DW_OP_regx = 0x90 COMMA
6021 + DW_OP_fbreg = 0x91 COMMA
6022 + DW_OP_bregx = 0x92 COMMA
6023 + DW_OP_piece = 0x93 COMMA
6024 + DW_OP_deref_size = 0x94 COMMA
6025 + DW_OP_xderef_size = 0x95 COMMA
6026 + DW_OP_nop = 0x96 COMMA
6027 + /* DWARF 3 extensions. */
6028 + DW_OP_push_object_address = 0x97 COMMA
6029 + DW_OP_call2 = 0x98 COMMA
6030 + DW_OP_call4 = 0x99 COMMA
6031 + DW_OP_call_ref = 0x9a COMMA
6032 + /* GNU extensions. */
6033 + DW_OP_GNU_push_tls_address = 0xe0
6036 +#define DW_OP_lo_user 0xe0 /* Implementation-defined range start. */
6037 +#define DW_OP_hi_user 0xff /* Implementation-defined range end. */
6039 +/* Type encodings. */
6042 + DW_ATE_void = 0x0 COMMA
6043 + DW_ATE_address = 0x1 COMMA
6044 + DW_ATE_boolean = 0x2 COMMA
6045 + DW_ATE_complex_float = 0x3 COMMA
6046 + DW_ATE_float = 0x4 COMMA
6047 + DW_ATE_signed = 0x5 COMMA
6048 + DW_ATE_signed_char = 0x6 COMMA
6049 + DW_ATE_unsigned = 0x7 COMMA
6050 + DW_ATE_unsigned_char = 0x8 COMMA
6052 + DW_ATE_imaginary_float = 0x9
6055 +#define DW_ATE_lo_user 0x80
6056 +#define DW_ATE_hi_user 0xff
6058 +/* Array ordering names and codes. */
6059 +ENUM(dwarf_array_dim_ordering)
6061 + DW_ORD_row_major = 0 COMMA
6062 + DW_ORD_col_major = 1
6065 +/* Access attribute. */
6066 +ENUM(dwarf_access_attribute)
6068 + DW_ACCESS_public = 1 COMMA
6069 + DW_ACCESS_protected = 2 COMMA
6070 + DW_ACCESS_private = 3
6074 +ENUM(dwarf_visibility_attribute)
6076 + DW_VIS_local = 1 COMMA
6077 + DW_VIS_exported = 2 COMMA
6078 + DW_VIS_qualified = 3
6082 +ENUM(dwarf_virtuality_attribute)
6084 + DW_VIRTUALITY_none = 0 COMMA
6085 + DW_VIRTUALITY_virtual = 1 COMMA
6086 + DW_VIRTUALITY_pure_virtual = 2
6089 +/* Case sensitivity. */
6090 +ENUM(dwarf_id_case)
6092 + DW_ID_case_sensitive = 0 COMMA
6093 + DW_ID_up_case = 1 COMMA
6094 + DW_ID_down_case = 2 COMMA
6095 + DW_ID_case_insensitive = 3
6098 +/* Calling convention. */
6099 +ENUM(dwarf_calling_convention)
6101 + DW_CC_normal = 0x1 COMMA
6102 + DW_CC_program = 0x2 COMMA
6103 + DW_CC_nocall = 0x3
6106 +#define DW_CC_lo_user 0x40
6107 +#define DW_CC_hi_user 0xff
6109 +/* Inline attribute. */
6110 +ENUM(dwarf_inline_attribute)
6112 + DW_INL_not_inlined = 0 COMMA
6113 + DW_INL_inlined = 1 COMMA
6114 + DW_INL_declared_not_inlined = 2 COMMA
6115 + DW_INL_declared_inlined = 3
6118 +/* Discriminant lists. */
6119 +ENUM(dwarf_discrim_list)
6121 + DW_DSC_label = 0 COMMA
6125 +/* Line number opcodes. */
6126 +ENUM(dwarf_line_number_ops)
6128 + DW_LNS_extended_op = 0 COMMA
6129 + DW_LNS_copy = 1 COMMA
6130 + DW_LNS_advance_pc = 2 COMMA
6131 + DW_LNS_advance_line = 3 COMMA
6132 + DW_LNS_set_file = 4 COMMA
6133 + DW_LNS_set_column = 5 COMMA
6134 + DW_LNS_negate_stmt = 6 COMMA
6135 + DW_LNS_set_basic_block = 7 COMMA
6136 + DW_LNS_const_add_pc = 8 COMMA
6137 + DW_LNS_fixed_advance_pc = 9 COMMA
6139 + DW_LNS_set_prologue_end = 10 COMMA
6140 + DW_LNS_set_epilogue_begin = 11 COMMA
6141 + DW_LNS_set_isa = 12
6144 +/* Line number extended opcodes. */
6145 +ENUM(dwarf_line_number_x_ops)
6147 + DW_LNE_end_sequence = 1 COMMA
6148 + DW_LNE_set_address = 2 COMMA
6149 + DW_LNE_define_file = 3
6152 +/* Call frame information. */
6153 +ENUM(dwarf_call_frame_info)
6155 + DW_CFA_advance_loc = 0x40 COMMA
6156 + DW_CFA_offset = 0x80 COMMA
6157 + DW_CFA_restore = 0xc0 COMMA
6158 + DW_CFA_nop = 0x00 COMMA
6159 + DW_CFA_set_loc = 0x01 COMMA
6160 + DW_CFA_advance_loc1 = 0x02 COMMA
6161 + DW_CFA_advance_loc2 = 0x03 COMMA
6162 + DW_CFA_advance_loc4 = 0x04 COMMA
6163 + DW_CFA_offset_extended = 0x05 COMMA
6164 + DW_CFA_restore_extended = 0x06 COMMA
6165 + DW_CFA_undefined = 0x07 COMMA
6166 + DW_CFA_same_value = 0x08 COMMA
6167 + DW_CFA_register = 0x09 COMMA
6168 + DW_CFA_remember_state = 0x0a COMMA
6169 + DW_CFA_restore_state = 0x0b COMMA
6170 + DW_CFA_def_cfa = 0x0c COMMA
6171 + DW_CFA_def_cfa_register = 0x0d COMMA
6172 + DW_CFA_def_cfa_offset = 0x0e COMMA
6175 + DW_CFA_def_cfa_expression = 0x0f COMMA
6176 + DW_CFA_expression = 0x10 COMMA
6177 + DW_CFA_offset_extended_sf = 0x11 COMMA
6178 + DW_CFA_def_cfa_sf = 0x12 COMMA
6179 + DW_CFA_def_cfa_offset_sf = 0x13 COMMA
6181 + /* SGI/MIPS specific. */
6182 + DW_CFA_MIPS_advance_loc8 = 0x1d COMMA
6184 + /* GNU extensions. */
6185 + DW_CFA_GNU_window_save = 0x2d COMMA
6186 + DW_CFA_GNU_args_size = 0x2e COMMA
6187 + DW_CFA_GNU_negative_offset_extended = 0x2f
6190 +#define DW_CIE_ID 0xffffffff
6191 +#define DW_CIE_VERSION 1
6193 +#define DW_CFA_extended 0
6194 +#define DW_CFA_lo_user 0x1c
6195 +#define DW_CFA_hi_user 0x3f
6197 +#define DW_CHILDREN_no 0x00
6198 +#define DW_CHILDREN_yes 0x01
6200 +#define DW_ADDR_none 0
6202 +/* Source language names and codes. */
6203 +ENUM(dwarf_source_language)
6205 + DW_LANG_C89 = 0x0001 COMMA
6206 + DW_LANG_C = 0x0002 COMMA
6207 + DW_LANG_Ada83 = 0x0003 COMMA
6208 + DW_LANG_C_plus_plus = 0x0004 COMMA
6209 + DW_LANG_Cobol74 = 0x0005 COMMA
6210 + DW_LANG_Cobol85 = 0x0006 COMMA
6211 + DW_LANG_Fortran77 = 0x0007 COMMA
6212 + DW_LANG_Fortran90 = 0x0008 COMMA
6213 + DW_LANG_Pascal83 = 0x0009 COMMA
6214 + DW_LANG_Modula2 = 0x000a COMMA
6215 + DW_LANG_Java = 0x000b COMMA
6217 + DW_LANG_C99 = 0x000c COMMA
6218 + DW_LANG_Ada95 = 0x000d COMMA
6219 + DW_LANG_Fortran95 = 0x000e COMMA
6221 + DW_LANG_Mips_Assembler = 0x8001 COMMA
6223 + DW_LANG_Upc = 0x8765
6226 +#define DW_LANG_lo_user 0x8000 /* Implementation-defined range start. */
6227 +#define DW_LANG_hi_user 0xffff /* Implementation-defined range start. */
6229 +/* Names and codes for macro information. */
6230 +ENUM(dwarf_macinfo_record_type)
6232 + DW_MACINFO_define = 1 COMMA
6233 + DW_MACINFO_undef = 2 COMMA
6234 + DW_MACINFO_start_file = 3 COMMA
6235 + DW_MACINFO_end_file = 4 COMMA
6236 + DW_MACINFO_vendor_ext = 255
6239 +/* @@@ For use with GNU frame unwind information. */
6241 +#define DW_EH_PE_absptr 0x00
6242 +#define DW_EH_PE_omit 0xff
6244 +#define DW_EH_PE_uleb128 0x01
6245 +#define DW_EH_PE_udata2 0x02
6246 +#define DW_EH_PE_udata4 0x03
6247 +#define DW_EH_PE_udata8 0x04
6248 +#define DW_EH_PE_sleb128 0x09
6249 +#define DW_EH_PE_sdata2 0x0A
6250 +#define DW_EH_PE_sdata4 0x0B
6251 +#define DW_EH_PE_sdata8 0x0C
6252 +#define DW_EH_PE_signed 0x08
6254 +#define DW_EH_PE_pcrel 0x10
6255 +#define DW_EH_PE_textrel 0x20
6256 +#define DW_EH_PE_datarel 0x30
6257 +#define DW_EH_PE_funcrel 0x40
6258 +#define DW_EH_PE_aligned 0x50
6260 +#define DW_EH_PE_indirect 0x80
6262 +#endif /* _ELF_DWARF2_H */
6263 Index: linux/include/linux/serial_core.h
6264 ===================================================================
6265 --- linux.orig/include/linux/serial_core.h
6266 +++ linux/include/linux/serial_core.h
6267 @@ -174,7 +174,9 @@ struct uart_port {
6268 unsigned char x_char; /* xon/xoff char */
6269 unsigned char regshift; /* reg offset shift */
6270 unsigned char iotype; /* io access style */
6273 + int kgdb; /* in use by kgdb */
6275 #define UPIO_PORT (0)
6276 #define UPIO_HUB6 (1)
6277 #define UPIO_MEM (2)
6278 Index: linux/include/linux/spinlock.h
6279 ===================================================================
6280 --- linux.orig/include/linux/spinlock.h
6281 +++ linux/include/linux/spinlock.h
6284 #include <asm/processor.h> /* for cpu relax */
6285 #include <asm/system.h>
6287 +#include <asm/current.h>
6288 +#define SET_WHO(x, him) (x)->who = him;
6290 +#define SET_WHO(x, him)
6294 * Must define these before including other files, inline functions need them
6295 @@ -88,6 +94,9 @@ typedef struct {
6300 + struct task_struct *who;
6303 #define SPIN_LOCK_UNLOCKED (spinlock_t) { SPINLOCK_MAGIC, 0, 10, __FILE__ , NULL, 0}
6305 @@ -99,6 +108,7 @@ typedef struct {
6306 (x)->module = __FILE__; \
6307 (x)->owner = NULL; \
6309 + SET_WHO(x, NULL) \
6312 #define CHECK_LOCK(x) \
6313 @@ -121,6 +131,7 @@ typedef struct {
6315 (x)->owner = __FILE__; \
6316 (x)->oline = __LINE__; \
6317 + SET_WHO(x, current) \
6320 #define spin_is_locked(x) \
6321 Index: linux/kernel/pid.c
6322 ===================================================================
6323 --- linux.orig/kernel/pid.c
6324 +++ linux/kernel/pid.c
6325 @@ -320,6 +320,9 @@ struct pid *find_ge_pid(int nr)
6326 * machine. From a minimum of 16 slots up to 4096 slots at one gigabyte or
6330 +int kgdb_pid_init_done; /* so we don't call prior to... */
6332 void __init pidhash_init(void)
6334 int i, j, pidhash_size;
6335 @@ -341,6 +344,9 @@ void __init pidhash_init(void)
6336 for (j = 0; j < pidhash_size; j++)
6337 INIT_HLIST_HEAD(&pid_hash[i][j]);
6340 + kgdb_pid_init_done++;
6344 void __init pidmap_init(void)
6345 Index: linux/kernel/sched.c
6346 ===================================================================
6347 --- linux.orig/kernel/sched.c
6348 +++ linux/kernel/sched.c
6349 @@ -3207,6 +3207,13 @@ out_unlock:
6351 EXPORT_SYMBOL(set_user_nice);
6354 +struct task_struct *kgdb_get_idle(int this_cpu)
6356 + return cpu_rq(this_cpu)->idle;
6360 #ifdef __ARCH_WANT_SYS_NICE