Home | History | Annotate | Download | only in m_gdbserver
      1 /* Remote utility routines for the remote server for GDB.
      2    Copyright (C) 1986, 1989, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000,
      3    2001, 2002, 2003, 2004, 2005, 2006, 2011
      4    Free Software Foundation, Inc.
      5 
      6    This file is part of GDB.
      7    It has been modified to integrate it in valgrind
      8 
      9    This program is free software; you can redistribute it and/or modify
     10    it under the terms of the GNU General Public License as published by
     11    the Free Software Foundation; either version 2 of the License, or
     12    (at your option) any later version.
     13 
     14    This program is distributed in the hope that it will be useful,
     15    but WITHOUT ANY WARRANTY; without even the implied warranty of
     16    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
     17    GNU General Public License for more details.
     18 
     19    You should have received a copy of the GNU General Public License
     20    along with this program; if not, write to the Free Software
     21    Foundation, Inc., 51 Franklin Street, Fifth Floor,
     22    Boston, MA 02110-1301, USA.  */
     23 
     24 #include "pub_core_basics.h"
     25 #include "pub_core_vki.h"
     26 #include "pub_core_vkiscnums.h"
     27 #include "pub_core_libcsignal.h"
     28 #include "pub_core_options.h"
     29 
     30 #include "server.h"
     31 
     32 #  if defined(VGO_linux)
     33 #include <sys/prctl.h>
     34 #  endif
     35 
     36 Bool noack_mode;
     37 
     38 static int readchar (int single);
     39 
     40 void remote_utils_output_status(void);
     41 
     42 static int remote_desc;
     43 
     44 static VgdbShared *shared;
     45 static int  last_looked_cntr = -1;
     46 static struct vki_pollfd remote_desc_pollfdread_activity;
     47 #define INVALID_DESCRIPTOR -1
     48 
     49 /* for a gdbserver embedded in valgrind, we read from a FIFO and write
     50    to another FIFO So, we need two descriptors */
     51 static int write_remote_desc = INVALID_DESCRIPTOR;
     52 static int pid_from_to_creator;
     53 /* only this pid will remove the FIFOs: if an exec fails, we must avoid
     54    that the exiting child believes it has to remove the FIFOs of its parent */
     55 static int mknod_done = 0;
     56 
     57 static char *from_gdb = NULL;
     58 static char *to_gdb = NULL;
     59 static char *shared_mem = NULL;
     60 
     61 static
     62 int open_fifo (char *side, char *path, int flags)
     63 {
     64   SysRes o;
     65   int fd;
     66   dlog(1, "Opening %s side %s\n", side, path);
     67   o = VG_(open) (path, flags, 0);
     68   if (sr_isError (o)) {
     69      sr_perror(o, "open fifo %s\n", path);
     70      fatal ("valgrind: fatal error: vgdb FIFO cannot be opened.\n");
     71   } else {
     72      fd = sr_Res(o);
     73      dlog(1, "result fd %d\n", fd);
     74   }
     75   fd = VG_(safe_fd)(fd);
     76   dlog(1, "result safe_fd %d\n", fd);
     77   if (fd == -1)
     78      fatal("safe_fd for vgdb FIFO failed\n");
     79   return fd;
     80 }
     81 
     82 void remote_utils_output_status(void)
     83 {
     84    if (shared == NULL)
     85       VG_(umsg)("remote communication not initialized\n");
     86    else
     87       VG_(umsg)("shared->written_by_vgdb %d shared->seen_by_valgrind %d\n",
     88                 shared->written_by_vgdb, shared->seen_by_valgrind);
     89 }
     90 
     91 /* Returns 0 if vgdb and connection state looks good,
     92    otherwise returns an int value telling which check failed. */
     93 static
     94 int vgdb_state_looks_bad(char* where)
     95 {
     96    if (VG_(kill)(shared->vgdb_pid, 0) != 0)
     97       return 1; // vgdb process does not exist anymore.
     98 
     99    if (remote_desc_activity(where) == 2)
    100       return 2; // check for error on remote desc shows a problem
    101 
    102    if (remote_desc == INVALID_DESCRIPTOR)
    103       return 3; // after check, remote_desc not ok anymore
    104 
    105    return 0; // all is ok.
    106 }
    107 
    108 /* On systems that defines PR_SET_PTRACER, verify if ptrace_scope is
    109    is permissive enough for vgdb. Otherwise, call set_ptracer.
    110    This is especially aimed at Ubuntu >= 10.10 which has added
    111    the ptrace_scope context. */
    112 static
    113 void set_ptracer(void)
    114 {
    115 #ifdef PR_SET_PTRACER
    116    SysRes o;
    117    char *ptrace_scope_setting_file = "/proc/sys/kernel/yama/ptrace_scope";
    118    int fd;
    119    char ptrace_scope;
    120    int ret;
    121 
    122    o = VG_(open) (ptrace_scope_setting_file, VKI_O_RDONLY, 0);
    123    if (sr_isError(o)) {
    124       if (VG_(debugLog_getLevel)() >= 1) {
    125          sr_perror(o, "error VG_(open) %s\n", ptrace_scope_setting_file);
    126       }
    127       /* can't read setting. Assuming ptrace can be called by vgdb. */
    128       return;
    129    }
    130    fd = sr_Res(o);
    131    if (VG_(read) (fd, &ptrace_scope, 1) == 1) {
    132       dlog(1, "ptrace_scope %c\n", ptrace_scope);
    133       if (ptrace_scope != '0') {
    134          /* insufficient default ptrace_scope.
    135             Indicate to the kernel that we accept to be
    136             ptraced by our vgdb. */
    137          ret = VG_(prctl) (PR_SET_PTRACER, shared->vgdb_pid, 0, 0, 0);
    138          dlog(1, "set_ptracer to vgdb_pid %d result %d\n",
    139               shared->vgdb_pid, ret);
    140       }
    141    } else {
    142       dlog(0, "Could not read the ptrace_scope setting from %s\n",
    143            ptrace_scope_setting_file);
    144    }
    145 
    146    VG_(close) (fd);
    147 #endif
    148 }
    149 
    150 /* returns 1 if one or more poll "errors" is set.
    151    Errors are: VKI_POLLERR or VKI_POLLHUP or VKI_POLLNAL */
    152 static
    153 int poll_cond (short revents)
    154 {
    155    return (revents & (VKI_POLLERR | VKI_POLLHUP | VKI_POLLNVAL));
    156 }
    157 
    158 /* Ensures we have a valid write file descriptor.
    159    Returns 1 if we have a valid write file descriptor,
    160    0 if the write fd could not be opened. */
    161 static
    162 int ensure_write_remote_desc(void)
    163 {
    164    struct vki_pollfd write_remote_desc_ok;
    165    int ret;
    166    if (write_remote_desc != INVALID_DESCRIPTOR) {
    167       write_remote_desc_ok.fd = write_remote_desc;
    168       write_remote_desc_ok.events = VKI_POLLOUT;
    169       write_remote_desc_ok.revents = 0;
    170       ret = VG_(poll)(&write_remote_desc_ok, 1, 0);
    171       if (ret && poll_cond(write_remote_desc_ok.revents)) {
    172          dlog(1, "POLLcond %d closing write_remote_desc %d\n",
    173               write_remote_desc_ok.revents, write_remote_desc);
    174          VG_(close) (write_remote_desc);
    175          write_remote_desc = INVALID_DESCRIPTOR;
    176       }
    177    }
    178    if (write_remote_desc == INVALID_DESCRIPTOR) {
    179       /* open_fifo write will block if the receiving vgdb
    180          process is dead.  So, let's check for vgdb state to
    181          be reasonably sure someone is reading on the other
    182          side of the fifo. */
    183       if (!vgdb_state_looks_bad("bad?@ensure_write_remote_desc")) {
    184          set_ptracer();
    185          write_remote_desc = open_fifo ("write", to_gdb, VKI_O_WRONLY);
    186       }
    187    }
    188 
    189    return (write_remote_desc != INVALID_DESCRIPTOR);
    190 }
    191 
    192 #if defined(VGO_darwin)
    193 #define VKI_S_IFIFO 0010000
    194 #endif
    195 static
    196 void safe_mknod (char *nod)
    197 {
    198    SysRes m;
    199    m = VG_(mknod) (nod, VKI_S_IFIFO|0600, 0);
    200    if (sr_isError (m)) {
    201       if (sr_Err (m) == VKI_EEXIST) {
    202          if (VG_(clo_verbosity) > 1) {
    203             VG_(umsg)("%s already created\n", nod);
    204          }
    205       } else {
    206          sr_perror(m, "mknod %s\n", nod);
    207          VG_(umsg) ("valgrind: fatal error: vgdb FIFOs cannot be created.\n");
    208          VG_(exit)(1);
    209       }
    210    }
    211 }
    212 
    213 /* Open a connection to a remote debugger.
    214    NAME is the filename used for communication.
    215    For Valgrind, name is the prefix for the two read and write FIFOs
    216    The two FIFOs names will be build by appending
    217    -from-vgdb-to-pid-by-user-on-host and -to-vgdb-from-pid-by-user-on-host
    218    with pid being the pidnr of the valgrind process These two FIFOs
    219    will be created if not existing yet. They will be removed when
    220    the gdbserver connection is closed or the process exits */
    221 
    222 void remote_open (char *name)
    223 {
    224    const HChar *user, *host;
    225    int save_fcntl_flags, len;
    226    VgdbShared vgdbinit =
    227       {0, 0, (Addr) VG_(invoke_gdbserver),
    228        (Addr) VG_(threads), sizeof(ThreadState),
    229        offsetof(ThreadState, status),
    230        offsetof(ThreadState, os_state) + offsetof(ThreadOSstate, lwpid),
    231        0};
    232    const int pid = VG_(getpid)();
    233    const int name_default = strcmp(name, VG_(vgdb_prefix_default)()) == 0;
    234    Addr addr_shared;
    235    SysRes o;
    236    int shared_mem_fd = INVALID_DESCRIPTOR;
    237 
    238    user = VG_(getenv)("LOGNAME");
    239    if (user == NULL) user = VG_(getenv)("USER");
    240    if (user == NULL) user = "???";
    241 
    242    host = VG_(getenv)("HOST");
    243    if (host == NULL) host = VG_(getenv)("HOSTNAME");
    244    if (host == NULL) host = "???";
    245 
    246    len = strlen(name) + strlen(user) + strlen(host) + 40;
    247 
    248    if (from_gdb != NULL)
    249       free (from_gdb);
    250    from_gdb = malloc (len);
    251    if (to_gdb != NULL)
    252       free (to_gdb);
    253    to_gdb = malloc (len);
    254    if (shared_mem != NULL)
    255       free (shared_mem);
    256    shared_mem = malloc (len);
    257    /* below 3 lines must match the equivalent in vgdb.c */
    258    VG_(sprintf) (from_gdb,   "%s-from-vgdb-to-%d-by-%s-on-%s",    name,
    259                  pid, user, host);
    260    VG_(sprintf) (to_gdb,     "%s-to-vgdb-from-%d-by-%s-on-%s",    name,
    261                  pid, user, host);
    262    VG_(sprintf) (shared_mem, "%s-shared-mem-vgdb-%d-by-%s-on-%s", name,
    263                  pid, user, host);
    264    if (VG_(clo_verbosity) > 1) {
    265       VG_(umsg)("embedded gdbserver: reading from %s\n", from_gdb);
    266       VG_(umsg)("embedded gdbserver: writing to   %s\n", to_gdb);
    267       VG_(umsg)("embedded gdbserver: shared mem   %s\n", shared_mem);
    268       VG_(umsg)("\n");
    269       VG_(umsg)("TO CONTROL THIS PROCESS USING vgdb (which you probably\n"
    270                 "don't want to do, unless you know exactly what you're doing,\n"
    271                 "or are doing some strange experiment):\n"
    272                 "  %s/../../bin/vgdb --pid=%d%s%s ...command...\n",
    273                 VG_(libdir),
    274                 pid, (name_default ? "" : " --vgdb-prefix="),
    275                 (name_default ? "" : name));
    276    }
    277    if (VG_(clo_verbosity) > 1
    278        || VG_(clo_vgdb_error) < 999999999) {
    279       VG_(umsg)("\n");
    280       VG_(umsg)(
    281          "TO DEBUG THIS PROCESS USING GDB: start GDB like this\n"
    282          "  /path/to/gdb %s\n"
    283          "and then give GDB the following command\n"
    284          "  target remote | %s/../../bin/vgdb --pid=%d%s%s\n",
    285          VG_(args_the_exename),
    286          VG_(libdir),
    287          pid, (name_default ? "" : " --vgdb-prefix="),
    288          (name_default ? "" : name)
    289       );
    290       VG_(umsg)("--pid is optional if only one valgrind process is running\n");
    291       VG_(umsg)("\n");
    292    }
    293 
    294    if (!mknod_done) {
    295       mknod_done++;
    296 
    297       /*
    298        * Unlink just in case a previous process with the same PID had been
    299        * killed and hence Valgrind hasn't had the chance yet to remove these.
    300        */
    301       VG_(unlink)(from_gdb);
    302       VG_(unlink)(to_gdb);
    303       VG_(unlink)(shared_mem);
    304 
    305       safe_mknod(from_gdb);
    306       safe_mknod(to_gdb);
    307 
    308       pid_from_to_creator = pid;
    309 
    310       o = VG_(open) (shared_mem, VKI_O_CREAT|VKI_O_RDWR, 0600);
    311       if (sr_isError (o)) {
    312          sr_perror(o, "cannot create shared_mem file %s\n", shared_mem);
    313          fatal("");
    314       } else {
    315          shared_mem_fd = sr_Res(o);
    316       }
    317 
    318       if (VG_(write)(shared_mem_fd, &vgdbinit, sizeof(VgdbShared))
    319           != sizeof(VgdbShared)) {
    320          fatal("error writing %d bytes to shared mem %s\n",
    321                (int) sizeof(VgdbShared), shared_mem);
    322       }
    323       {
    324          SysRes res = VG_(am_shared_mmap_file_float_valgrind)
    325             (sizeof(VgdbShared), VKI_PROT_READ|VKI_PROT_WRITE,
    326              shared_mem_fd, (Off64T)0);
    327          if (sr_isError(res)) {
    328             sr_perror(res, "error VG_(am_shared_mmap_file_float_valgrind) %s\n",
    329                       shared_mem);
    330             fatal("");
    331          }
    332          addr_shared = sr_Res (res);
    333       }
    334       shared = (VgdbShared*) addr_shared;
    335       VG_(close) (shared_mem_fd);
    336    }
    337 
    338    /* we open the read side FIFO in non blocking mode
    339       We then set the fd in blocking mode.
    340       Opening in non-blocking read mode always succeeds while opening
    341       in non-blocking write mode succeeds only if the fifo is already
    342       opened in read mode. So, we wait till we have read the first
    343       character from the read side before opening the write side. */
    344    remote_desc = open_fifo ("read", from_gdb, VKI_O_RDONLY|VKI_O_NONBLOCK);
    345    save_fcntl_flags = VG_(fcntl) (remote_desc, VKI_F_GETFL, 0);
    346    VG_(fcntl) (remote_desc, VKI_F_SETFL, save_fcntl_flags & ~VKI_O_NONBLOCK);
    347    remote_desc_pollfdread_activity.fd = remote_desc;
    348    remote_desc_pollfdread_activity.events = VKI_POLLIN;
    349    remote_desc_pollfdread_activity.revents = 0;
    350 }
    351 
    352 /* sync_gdb_connection wait a time long enough to let the connection
    353    be properly closed if needed when closing the connection (in case
    354    of detach or error), if we reopen it too quickly, it seems there
    355    are some events queued in the kernel concerning the "old"
    356    connection/remote_desc which are discovered with poll or select on
    357    the "new" connection/remote_desc.  We bypass this by waiting some
    358    time to let a proper cleanup to be donex */
    359 void sync_gdb_connection(void)
    360 {
    361    VG_(poll)(0, 0, 100);
    362 }
    363 
    364 static
    365 char * ppFinishReason (FinishReason reason)
    366 {
    367    switch (reason) {
    368    case orderly_finish:    return "orderly_finish";
    369    case reset_after_error: return "reset_after_error";
    370    case reset_after_fork:  return "reset_after_fork";
    371    default: vg_assert (0);
    372    }
    373 }
    374 
    375 void remote_finish (FinishReason reason)
    376 {
    377    dlog(1, "remote_finish (reason %s) %d %d\n",
    378         ppFinishReason(reason), remote_desc, write_remote_desc);
    379    reset_valgrind_sink(ppFinishReason(reason));
    380    if (write_remote_desc != INVALID_DESCRIPTOR)
    381       VG_(close) (write_remote_desc);
    382    write_remote_desc = INVALID_DESCRIPTOR;
    383    if (remote_desc != INVALID_DESCRIPTOR) {
    384       remote_desc_pollfdread_activity.fd = INVALID_DESCRIPTOR;
    385       remote_desc_pollfdread_activity.events = 0;
    386       remote_desc_pollfdread_activity.revents = 0;
    387       VG_(close) (remote_desc);
    388    }
    389    remote_desc = INVALID_DESCRIPTOR;
    390    noack_mode = False;
    391 
    392    /* ensure the child will create its own FIFOs */
    393    if (reason == reset_after_fork)
    394       mknod_done = 0;
    395 
    396    if (reason == reset_after_error)
    397       sync_gdb_connection();
    398 }
    399 
    400 /* orderly close, cleans up everything */
    401 void remote_close (void)
    402 {
    403    const int pid = VG_(getpid)();
    404    remote_finish(orderly_finish);
    405    if (pid == pid_from_to_creator) {
    406       dlog(1, "unlinking\n    %s\n    %s\n    %s\n",
    407            from_gdb, to_gdb, shared_mem);
    408       if (VG_(unlink) (from_gdb) == -1)
    409          warning ("could not unlink %s\n", from_gdb);
    410       if (VG_(unlink) (to_gdb) == -1)
    411          warning ("could not unlink %s\n", to_gdb);
    412       if (VG_(unlink) (shared_mem) == -1)
    413          warning ("could not unlink %s\n", shared_mem);
    414    }
    415    else {
    416       dlog(1, "not creator => not unlinking %s and %s\n", from_gdb, to_gdb);
    417    }
    418    free (from_gdb);
    419    free (to_gdb);
    420 }
    421 
    422 Bool remote_connected(void)
    423 {
    424    return write_remote_desc != INVALID_DESCRIPTOR;
    425 }
    426 
    427 /* cleanup after an error detected by poll_cond */
    428 static
    429 void error_poll_cond(void)
    430 {
    431    /* if we will close the connection, we assume either that
    432       all characters have been seen or that they will be dropped. */
    433    shared->seen_by_valgrind = shared->written_by_vgdb;
    434    remote_finish(reset_after_error);
    435 }
    436 
    437 /* remote_desc_activity might be used at high frequency if the user
    438    gives a small value to --vgdb-poll. So, the function avoids
    439    doing repetitively system calls by rather looking at the
    440    counter values maintained in shared memory by vgdb. */
    441 int remote_desc_activity(char *msg)
    442 {
    443    int ret;
    444    const int looking_at = shared->written_by_vgdb;
    445    if (shared->seen_by_valgrind == looking_at)
    446    //   if (last_looked_cntr == looking_at)
    447       return 0;
    448    if (remote_desc == INVALID_DESCRIPTOR)
    449       return 0;
    450 
    451    /* poll the remote desc */
    452    remote_desc_pollfdread_activity.revents = 0;
    453    ret = VG_(poll) (&remote_desc_pollfdread_activity, 1, 0);
    454    if (ret && poll_cond(remote_desc_pollfdread_activity.revents)) {
    455       dlog(1, "POLLcond %d remote_desc_pollfdread %d\n",
    456            remote_desc_pollfdread_activity.revents, remote_desc);
    457       error_poll_cond();
    458       ret = 2;
    459    }
    460    dlog(1,
    461         "remote_desc_activity %s %d last_looked_cntr %d looking_at %d"
    462         " shared->written_by_vgdb %d shared->seen_by_valgrind %d"
    463         " ret %d\n",
    464         msg, remote_desc, last_looked_cntr, looking_at,
    465         shared->written_by_vgdb, shared->seen_by_valgrind,
    466         ret);
    467    /* if no error from poll, indicate we have "seen" up to looking_at */
    468    if (ret != 2)
    469       last_looked_cntr = looking_at;
    470    return ret;
    471 }
    472 
    473 /* Convert hex digit A to a number.  */
    474 
    475 static
    476 int fromhex (int a)
    477 {
    478    if (a >= '0' && a <= '9')
    479       return a - '0';
    480    else if (a >= 'a' && a <= 'f')
    481       return a - 'a' + 10;
    482    else
    483       error ("Reply contains invalid hex digit 0x%x\n", a);
    484    return 0;
    485 }
    486 
    487 int unhexify (char *bin, const char *hex, int count)
    488 {
    489    int i;
    490 
    491    for (i = 0; i < count; i++) {
    492       if (hex[0] == 0 || hex[1] == 0) {
    493          /* Hex string is short, or of uneven length.
    494             Return the count that has been converted so far. */
    495          return i;
    496       }
    497       *bin++ = fromhex (hex[0]) * 16 + fromhex (hex[1]);
    498       hex += 2;
    499    }
    500    return i;
    501 }
    502 
    503 void decode_address (CORE_ADDR *addrp, const char *start, int len)
    504 {
    505    CORE_ADDR addr;
    506    char ch;
    507    int i;
    508 
    509    addr = 0;
    510    for (i = 0; i < len; i++) {
    511       ch = start[i];
    512       addr = addr << 4;
    513       addr = addr | (fromhex (ch) & 0x0f);
    514    }
    515    *addrp = addr;
    516 }
    517 
    518 /* Convert number NIB to a hex digit.  */
    519 
    520 static
    521 int tohex (int nib)
    522 {
    523    if (nib < 10)
    524       return '0' + nib;
    525    else
    526       return 'a' + nib - 10;
    527 }
    528 
    529 int hexify (char *hex, const char *bin, int count)
    530 {
    531    int i;
    532 
    533    /* May use a length, or a nul-terminated string as input. */
    534    if (count == 0)
    535       count = strlen (bin);
    536 
    537   for (i = 0; i < count; i++) {
    538      *hex++ = tohex ((*bin >> 4) & 0xf);
    539      *hex++ = tohex (*bin++ & 0xf);
    540   }
    541   *hex = 0;
    542   return i;
    543 }
    544 
    545 /* builds an image of bin according to byte order of the architecture
    546    Useful for register and int image */
    547 char* heximage (char *buf, char *bin, int count)
    548 {
    549 #if defined(VGA_x86) || defined(VGA_amd64)
    550    char rev[count];
    551    /* note: no need for trailing \0, length is known with count */
    552   int i;
    553   for (i = 0; i < count; i++)
    554     rev[i] = bin[count - i - 1];
    555   hexify (buf, rev, count);
    556 #else
    557   hexify (buf, bin, count);
    558 #endif
    559   return buf;
    560 }
    561 
    562 void* C2v(CORE_ADDR addr)
    563 {
    564    return (void*) addr;
    565 }
    566 
    567 
    568 /* Convert BUFFER, binary data at least LEN bytes long, into escaped
    569    binary data in OUT_BUF.  Set *OUT_LEN to the length of the data
    570    encoded in OUT_BUF, and return the number of bytes in OUT_BUF
    571    (which may be more than *OUT_LEN due to escape characters).  The
    572    total number of bytes in the output buffer will be at most
    573    OUT_MAXLEN.  */
    574 
    575 int
    576 remote_escape_output (const gdb_byte *buffer, int len,
    577 		      gdb_byte *out_buf, int *out_len,
    578 		      int out_maxlen)
    579 {
    580    int input_index, output_index;
    581 
    582    output_index = 0;
    583    for (input_index = 0; input_index < len; input_index++) {
    584       gdb_byte b = buffer[input_index];
    585 
    586       if (b == '$' || b == '#' || b == '}' || b == '*') {
    587          /* These must be escaped.  */
    588          if (output_index + 2 > out_maxlen)
    589 	    break;
    590          out_buf[output_index++] = '}';
    591          out_buf[output_index++] = b ^ 0x20;
    592       } else {
    593          if (output_index + 1 > out_maxlen)
    594 	    break;
    595          out_buf[output_index++] = b;
    596       }
    597    }
    598 
    599    *out_len = input_index;
    600    return output_index;
    601 }
    602 
    603 /* Convert BUFFER, escaped data LEN bytes long, into binary data
    604    in OUT_BUF.  Return the number of bytes written to OUT_BUF.
    605    Raise an error if the total number of bytes exceeds OUT_MAXLEN.
    606 
    607    This function reverses remote_escape_output.  It allows more
    608    escaped characters than that function does, in particular because
    609    '*' must be escaped to avoid the run-length encoding processing
    610    in reading packets.  */
    611 
    612 static
    613 int remote_unescape_input (const gdb_byte *buffer, int len,
    614 		       gdb_byte *out_buf, int out_maxlen)
    615 {
    616    int input_index, output_index;
    617    int escaped;
    618 
    619    output_index = 0;
    620    escaped = 0;
    621    for (input_index = 0; input_index < len; input_index++) {
    622       gdb_byte b = buffer[input_index];
    623 
    624       if (output_index + 1 > out_maxlen)
    625          error ("Received too much data (len %d) from the target.\n", len);
    626 
    627       if (escaped) {
    628          out_buf[output_index++] = b ^ 0x20;
    629          escaped = 0;
    630       } else if (b == '}') {
    631          escaped = 1;
    632       } else {
    633          out_buf[output_index++] = b;
    634       }
    635    }
    636 
    637    if (escaped)
    638       error ("Unmatched escape character in target response.\n");
    639 
    640    return output_index;
    641 }
    642 
    643 /* Look for a sequence of characters which can be run-length encoded.
    644    If there are any, update *CSUM and *P.  Otherwise, output the
    645    single character.  Return the number of characters consumed.  */
    646 
    647 static
    648 int try_rle (char *buf, int remaining, unsigned char *csum, char **p)
    649 {
    650    int n;
    651 
    652    /* Always output the character.  */
    653    *csum += buf[0];
    654    *(*p)++ = buf[0];
    655 
    656    /* Don't go past '~'.  */
    657    if (remaining > 97)
    658       remaining = 97;
    659 
    660    for (n = 1; n < remaining; n++)
    661       if (buf[n] != buf[0])
    662          break;
    663 
    664    /* N is the index of the first character not the same as buf[0].
    665       buf[0] is counted twice, so by decrementing N, we get the number
    666       of characters the RLE sequence will replace.  */
    667    n--;
    668 
    669    if (n < 3)
    670       return 1;
    671 
    672    /* Skip the frame characters.  The manual says to skip '+' and '-'
    673       also, but there's no reason to.  Unfortunately these two unusable
    674       characters double the encoded length of a four byte zero
    675       value.  */
    676    while (n + 29 == '$' || n + 29 == '#')
    677       n--;
    678 
    679    *csum += '*';
    680    *(*p)++ = '*';
    681    *csum += n + 29;
    682    *(*p)++ = n + 29;
    683 
    684    return n + 1;
    685 }
    686 
    687 /* Send a packet to the remote machine, with error checking.
    688    The data of the packet is in BUF, and the length of the
    689    packet is in CNT.  Returns >= 0 on success, -1 otherwise.  */
    690 
    691 int putpkt_binary (char *buf, int cnt)
    692 {
    693    int i;
    694    unsigned char csum = 0;
    695    char *buf2;
    696    char *p;
    697    int cc;
    698 
    699    buf2 = malloc (PBUFSIZ);
    700 
    701    /* Copy the packet into buffer BUF2, encapsulating it
    702       and giving it a checksum.  */
    703 
    704    p = buf2;
    705    *p++ = '$';
    706 
    707    for (i = 0; i < cnt;)
    708       i += try_rle (buf + i, cnt - i, &csum, &p);
    709 
    710    *p++ = '#';
    711    *p++ = tohex ((csum >> 4) & 0xf);
    712    *p++ = tohex (csum & 0xf);
    713 
    714    *p = '\0';
    715 
    716    /* we might have to write a pkt when out FIFO not yet/anymore opened */
    717    if (!ensure_write_remote_desc()) {
    718       warning ("putpkt(write) error: no write_remote_desc\n");
    719       return -1;
    720    }
    721 
    722    /* Send it once (noack_mode)
    723       or send it over and over until we get a positive ack.  */
    724 
    725    do {
    726       if (VG_(write) (write_remote_desc, buf2, p - buf2) != p - buf2) {
    727          warning ("putpkt(write) error\n");
    728          return -1;
    729       }
    730 
    731       if (noack_mode)
    732          dlog(1, "putpkt (\"%s\"); [no ack]\n", buf2);
    733       else
    734          dlog(1,"putpkt (\"%s\"); [looking for ack]\n", buf2);
    735 
    736       if (noack_mode)
    737          break;
    738 
    739       cc = readchar (1);
    740       if (cc > 0)
    741          dlog(1, "[received '%c' (0x%x)]\n", cc, cc);
    742 
    743       if (cc <= 0) {
    744          if (cc == 0)
    745             dlog(1, "putpkt(read): Got EOF\n");
    746          else
    747 	    warning ("putpkt(read) error\n");
    748 
    749          free (buf2);
    750          return -1;
    751       }
    752 
    753       /* Check for an input interrupt while we're here.  */
    754       if (cc == '\003')
    755          dlog(1, "Received 0x03 character (SIGINT)\n");
    756    }
    757    while (cc != '+');
    758 
    759    free (buf2);
    760    return 1;			/* Success! */
    761 }
    762 
    763 /* Send a packet to the remote machine, with error checking.  The data
    764    of the packet is in BUF, and the packet should be a NUL-terminated
    765    string.  Returns >= 0 on success, -1 otherwise.  */
    766 
    767 int putpkt (char *buf)
    768 {
    769    return putpkt_binary (buf, strlen (buf));
    770 }
    771 
    772 void monitor_output (char *s)
    773 {
    774    const int len = strlen(s);
    775    char *buf = malloc(1 + 2*len + 1);
    776 
    777    buf[0] = 'O';
    778    hexify(buf+1, s, len);
    779    if (putpkt (buf) < 0) {
    780       /* We probably have lost the connection with vgdb. */
    781       reset_valgrind_sink("Error writing monitor output");
    782       /* write again after reset */
    783       VG_(printf) ("%s", s);
    784    }
    785 
    786    free (buf);
    787 }
    788 
    789 /* Returns next char from remote GDB.  -1 if error.  */
    790 /* if single, only one character maximum can be read with
    791    read system call. Otherwise, when reading an ack character
    792    we might pile up the next gdb command in the static buf.
    793    The read loop is then blocked in poll till gdb times out. */
    794 static
    795 int readchar (int single)
    796 {
    797    static unsigned char buf[PBUFSIZ];
    798    static int bufcnt = 0;
    799    static unsigned char *bufp;
    800    int ret;
    801 
    802    if (bufcnt-- > 0)
    803       return *bufp++;
    804 
    805    if (remote_desc == INVALID_DESCRIPTOR)
    806       return -1;
    807 
    808    /* No characters available in buf =>
    809       wait for some characters to arrive */
    810    remote_desc_pollfdread_activity.revents = 0;
    811    ret = VG_(poll)(&remote_desc_pollfdread_activity, 1, -1);
    812    if (ret != 1) {
    813       dlog(0, "readchar: poll got %d\n", ret);
    814       return -1;
    815    }
    816    if (single)
    817       bufcnt = VG_(read) (remote_desc, buf, 1);
    818    else
    819       bufcnt = VG_(read) (remote_desc, buf, sizeof (buf));
    820 
    821    if (bufcnt <= 0) {
    822       if (bufcnt == 0)
    823          dlog (1, "readchar: Got EOF\n");
    824       else
    825          warning ("readchar read error\n");
    826 
    827       return -1;
    828    }
    829 
    830    shared->seen_by_valgrind += bufcnt;
    831 
    832    /* If we have received a character and we do not yet have a
    833       connection, we better open our "write" fifo to let vgdb open its
    834       read fifo side */
    835    if (write_remote_desc == INVALID_DESCRIPTOR
    836        && !ensure_write_remote_desc()) {
    837       dlog(1, "reachar: write_remote_desc could not be created");
    838    }
    839 
    840    bufp = buf;
    841    bufcnt--;
    842 
    843    if (poll_cond(remote_desc_pollfdread_activity.revents)) {
    844       dlog(1, "readchar: POLLcond got %d\n",
    845            remote_desc_pollfdread_activity.revents);
    846       error_poll_cond();
    847    }
    848 
    849    return *bufp++;
    850 }
    851 
    852 
    853 /* Read a packet from the remote machine, with error checking,
    854    and store it in BUF.  Returns length of packet, or negative if error. */
    855 
    856 int getpkt (char *buf)
    857 {
    858    char *bp;
    859    unsigned char csum, c1, c2;
    860    int c;
    861 
    862    while (1) {
    863       csum = 0;
    864 
    865       while (1) {
    866          c = readchar (0);
    867          if (c == '$')
    868 	    break;
    869          dlog(1, "[getpkt: discarding char '%c']\n", c);
    870          if (c < 0)
    871 	    return -1;
    872       }
    873 
    874       bp = buf;
    875       while (1) {
    876          c = readchar (0);
    877          if (c < 0)
    878 	    return -1;
    879          if (c == '#')
    880 	    break;
    881          *bp++ = c;
    882          csum += c;
    883       }
    884       *bp = 0;
    885 
    886       c1 = fromhex (readchar (0));
    887       c2 = fromhex (readchar (0));
    888 
    889       if (csum == (c1 << 4) + c2)
    890          break;
    891 
    892       dlog (0, "Bad checksum, sentsum=0x%x, csum=0x%x, buf=%s\n",
    893             (c1 << 4) + c2, csum, buf);
    894       if (!ensure_write_remote_desc()) {
    895          dlog(1, "getpkt(write nack) no write_remote_desc");
    896       }
    897       VG_(write) (write_remote_desc, "-", 1);
    898    }
    899 
    900    if (noack_mode)
    901       dlog(1, "getpkt (\"%s\");  [no ack] \n", buf);
    902    else
    903       dlog(1, "getpkt (\"%s\");  [sending ack] \n", buf);
    904 
    905    if (!noack_mode) {
    906       if (!ensure_write_remote_desc()) {
    907          dlog(1, "getpkt(write ack) no write_remote_desc");
    908       }
    909       VG_(write) (write_remote_desc, "+", 1);
    910       dlog(1, "[sent ack]\n");
    911    }
    912 
    913    return bp - buf;
    914 }
    915 
    916 void write_ok (char *buf)
    917 {
    918    buf[0] = 'O';
    919    buf[1] = 'K';
    920    buf[2] = '\0';
    921 }
    922 
    923 void write_enn (char *buf)
    924 {
    925    /* Some day, we should define the meanings of the error codes... */
    926    buf[0] = 'E';
    927    buf[1] = '0';
    928    buf[2] = '1';
    929    buf[3] = '\0';
    930 }
    931 
    932 void convert_int_to_ascii (unsigned char *from, char *to, int n)
    933 {
    934    int nib;
    935    int ch;
    936    while (n--) {
    937       ch = *from++;
    938       nib = ((ch & 0xf0) >> 4) & 0x0f;
    939       *to++ = tohex (nib);
    940       nib = ch & 0x0f;
    941       *to++ = tohex (nib);
    942    }
    943    *to++ = 0;
    944 }
    945 
    946 
    947 void convert_ascii_to_int (char *from, unsigned char *to, int n)
    948 {
    949    int nib1, nib2;
    950    while (n--) {
    951       nib1 = fromhex (*from++);
    952       nib2 = fromhex (*from++);
    953       *to++ = (((nib1 & 0x0f) << 4) & 0xf0) | (nib2 & 0x0f);
    954    }
    955 }
    956 
    957 static
    958 char * outreg (int regno, char *buf)
    959 {
    960    if ((regno >> 12) != 0)
    961       *buf++ = tohex ((regno >> 12) & 0xf);
    962    if ((regno >> 8) != 0)
    963       *buf++ = tohex ((regno >> 8) & 0xf);
    964    *buf++ = tohex ((regno >> 4) & 0xf);
    965    *buf++ = tohex (regno & 0xf);
    966    *buf++ = ':';
    967    collect_register_as_string (regno, buf);
    968    buf += 2 * register_size (regno);
    969    *buf++ = ';';
    970 
    971    return buf;
    972 }
    973 
    974 void prepare_resume_reply (char *buf, char status, unsigned char sig)
    975 {
    976    int nib;
    977 
    978    *buf++ = status;
    979 
    980    nib = ((sig & 0xf0) >> 4);
    981    *buf++ = tohex (nib);
    982    nib = sig & 0x0f;
    983    *buf++ = tohex (nib);
    984 
    985    if (status == 'T') {
    986       const char **regp = gdbserver_expedite_regs;
    987 
    988       if (valgrind_stopped_by_watchpoint()) {
    989          CORE_ADDR addr;
    990          int i;
    991 
    992          strncpy (buf, "watch:", 6);
    993          buf += 6;
    994 
    995          addr = valgrind_stopped_data_address ();
    996 
    997          /* Convert each byte of the address into two hexadecimal chars.
    998             Note that we take sizeof (void *) instead of sizeof (addr);
    999             this is to avoid sending a 64-bit address to a 32-bit GDB.  */
   1000          for (i = sizeof (void *) * 2; i > 0; i--) {
   1001             *buf++ = tohex ((addr >> (i - 1) * 4) & 0xf);
   1002          }
   1003          *buf++ = ';';
   1004       }
   1005 
   1006       while (*regp) {
   1007          buf = outreg (find_regno (*regp), buf);
   1008          regp ++;
   1009       }
   1010 
   1011       {
   1012          unsigned int gdb_id_from_wait;
   1013 
   1014          /* FIXME right place to set this? */
   1015          thread_from_wait =
   1016             ((struct inferior_list_entry *)current_inferior)->id;
   1017          gdb_id_from_wait = thread_to_gdb_id (current_inferior);
   1018 
   1019          dlog(1, "Writing resume reply for %ld\n", thread_from_wait);
   1020          /* This if (1) ought to be unnecessary.  But remote_wait in GDB
   1021             will claim this event belongs to inferior_ptid if we do not
   1022             specify a thread, and there's no way for gdbserver to know
   1023             what inferior_ptid is.  */
   1024          if (1 || old_thread_from_wait != thread_from_wait) {
   1025             general_thread = thread_from_wait;
   1026             VG_(sprintf) (buf, "thread:%x;", gdb_id_from_wait);
   1027             buf += strlen (buf);
   1028             old_thread_from_wait = thread_from_wait;
   1029          }
   1030       }
   1031    }
   1032    /* For W and X, we're done.  */
   1033    *buf++ = 0;
   1034 }
   1035 
   1036 void decode_m_packet (char *from, CORE_ADDR *mem_addr_ptr, unsigned int *len_ptr)
   1037 {
   1038    int i = 0, j = 0;
   1039    char ch;
   1040    *mem_addr_ptr = *len_ptr = 0;
   1041 
   1042    while ((ch = from[i++]) != ',') {
   1043       *mem_addr_ptr = *mem_addr_ptr << 4;
   1044       *mem_addr_ptr |= fromhex (ch) & 0x0f;
   1045    }
   1046 
   1047    for (j = 0; j < 4; j++) {
   1048       if ((ch = from[i++]) == 0)
   1049          break;
   1050       *len_ptr = *len_ptr << 4;
   1051       *len_ptr |= fromhex (ch) & 0x0f;
   1052    }
   1053 }
   1054 
   1055 void decode_M_packet (char *from, CORE_ADDR *mem_addr_ptr, unsigned int *len_ptr,
   1056 		 unsigned char *to)
   1057 {
   1058    int i = 0;
   1059    char ch;
   1060    *mem_addr_ptr = *len_ptr = 0;
   1061 
   1062    while ((ch = from[i++]) != ',') {
   1063       *mem_addr_ptr = *mem_addr_ptr << 4;
   1064       *mem_addr_ptr |= fromhex (ch) & 0x0f;
   1065    }
   1066 
   1067    while ((ch = from[i++]) != ':') {
   1068       *len_ptr = *len_ptr << 4;
   1069       *len_ptr |= fromhex (ch) & 0x0f;
   1070    }
   1071 
   1072    convert_ascii_to_int (&from[i++], to, *len_ptr);
   1073 }
   1074 
   1075 int decode_X_packet (char *from, int packet_len, CORE_ADDR *mem_addr_ptr,
   1076 		 unsigned int *len_ptr, unsigned char *to)
   1077 {
   1078    int i = 0;
   1079    char ch;
   1080    *mem_addr_ptr = *len_ptr = 0;
   1081 
   1082    while ((ch = from[i++]) != ',') {
   1083       *mem_addr_ptr = *mem_addr_ptr << 4;
   1084       *mem_addr_ptr |= fromhex (ch) & 0x0f;
   1085    }
   1086 
   1087    while ((ch = from[i++]) != ':') {
   1088       *len_ptr = *len_ptr << 4;
   1089       *len_ptr |= fromhex (ch) & 0x0f;
   1090    }
   1091 
   1092    if (remote_unescape_input ((const gdb_byte *) &from[i], packet_len - i,
   1093                               to, *len_ptr) != *len_ptr)
   1094       return -1;
   1095 
   1096    return 0;
   1097 }
   1098 
   1099 
   1100 /* Return the path prefix for the named pipes (FIFOs) used by vgdb/gdb
   1101    to communicate with valgrind */
   1102 HChar *
   1103 VG_(vgdb_prefix_default)(void)
   1104 {
   1105    static HChar *prefix;
   1106 
   1107    if (prefix == NULL) {
   1108      const HChar *tmpdir = VG_(tmpdir)();
   1109      prefix = malloc(strlen(tmpdir) + strlen("/vgdb-pipe") + 1);
   1110      strcpy(prefix, tmpdir);
   1111      strcat(prefix, "/vgdb-pipe");
   1112    }
   1113    return prefix;
   1114 }
   1115