OSD-GDB server: Provide interface to connect OSD with GDB [WIP] #20
Conversation
shivmgg
changed the title
shivmgg
changed the title
|
Thanks for this PR! Before we go into the details, let's start with some fundamental things.
So that's a couple points that I'd like to see worked on first. Once this is done we can focus on the smaller things, and talk about how to actually implement the handling of commands coming in from GDB. |
|
@imphil Thanks a lot for the review.
I will try adding unit tests for send/receive_rsp_packet() functions. The idea of writing a "mock gdb client" is a little frightening but still exciting right now. I will look into the code of mock_hostmod() for more details.
I think you meant "osd-target-run". Please correct me, if I am wrong. I will start with it right away. Edit: I tried adding unit tests for validate_rsp_packet() function but cannot run them since they need access to the TCP port. |
shivmgg
force-pushed
the
osd-gdbserver
branch
4 times, most recently
from
9606408
to
10fb959
Compare
(1) Connect to GDB over TCP (2) Send and Recieve data to/from the client (3) Receive RSP packet from the client (4) Validate the obtained packet using checksum (5) Send RSP packet to the client
|
The challenges you have in testing are indeed tricky and require a bit of thought. Designing software in a way that it is testable isn't always easy, but will lead to a much clearer software design in the end. In general, unit tests test the public API of a class. For us that's all functions which appear in the For our osd_gdbserver class the public API is not exposing the functions which parse and assemble the stream of GDB commands. But in fact this code is the most tricky to write and benefits most from unit tests. So we should find a way to make these functions testable. So what options do we have? The easiest way is to make the functions we want to test "public", at least when running the unit tests. I'd hence go ahead and do the following:
You can now call such "private" functions in your test code. Prerequisite, however, is you don't have a Matryoshka doll-like design in your functions, i.e. functions which call other subfunctions in a nesting fashion. An example is the function |
|
Thanks a lot for the guidance.
Some more issues:
Edit: Implementation like the one below can be used to test send_rsp_packet_inner. void send_rsp_packet_inner(char *buffer, int len, char *packet_buffer,
int packet_checksum)
{
packet_buffer[0] = '$';
memcpy(packet_buffer + 1, buffer, len);
int j = len + 1;
packet_buffer[j++] = '#';
for (int i = 0; i < len; i++) {
packet_checksum += buffer[i];
}
packet_buffer[j++] = dectohex((packet_checksum >> 4) & 0xf);
packet_buffer[j] = dectohex(packet_checksum & 0xf);
}
osd_result send_rsp_packet(struct osd_gdbserver_ctx *ctx, char *buffer,
int len)
{
char packet_buffer[len + 3];
int packet_checksum = 0;
osd_result rv;
while(1) {
send_rsp_packet_inner(buffer, len, packet_buffer, &packet_checksum);
rv = osd_gdbserver_write_data(ctx, packet_buffer, len + 4);
if (OSD_FAILED(rv)) {
return OSD_ERROR_FAILURE;
}
rv = osd_gdbserver_read_data(ctx);
if (OSD_FAILED(rv)) {
return OSD_ERROR_FAILURE;
}
char reply = ctx->buffer[0];
if (reply == '+') {
break;
} else {
return OSD_ERROR_FAILURE;
}
}
} |
|
Your version in the edit got it right. Functions like send_rsp_packet_inner() (better name needed) don't need the context struct and hence can easily be tested on its own. Please go ahead and try to update the PR in this style (and add the tests). |
|
I forgot to mention: you don't need to make all functions which are currently static functions, i.e. helpers, available for testing. But you absolutely should test the functions which implement the RSP protocol and deal with string buffers, since those functions are very easy to get wrong (functional errors, buffer overflows, other memory errors, etc.) |
shivmgg
force-pushed
the
osd-gdbserver
branch
2 times, most recently
from
9815ab6
to
e2b11e3
Compare
|
@imphil Apologies for the delay. |
These functions implement the RSP protocol and deal with the string buffer.
There was a problem hiding this comment.
Thanks for the updated PR. As you have noticed, working on memory buffers in C requires some practice. That also means we're unfortunately not there yet. I've for now focused on the encoding/decoding functions for the RSP packets, and added comments into the source code.
In addition I have three general remarks:
- In almost all cases,
bufferis a bad name for a function argument as it is to unspecific. Choose a name according to what is actually inside the buffer -- that's what people care about. - In your tests, don't just test a single combination of arguments. Test multiple ones, and include tricky edge cases, or cases that are expected to return an error (and make sure this error actually happens).
- Programming in C requires great care being taken to memory errors, such as the wrong length of a string, writing beyond memory boundaries, etc. Most of these problems can be avoided by making it very clear (a) who's reponsible of allocating and freeing memory (e.g. the caller or callee of a function), and (b) never using buffers of static size (e.g.
char[1024]) unless you are very sure and document that, that the data you're writing into the buffer will not overflow.
src/libosd/gdbserver.c
Outdated
|
|
||
| //API_EXPORT | ||
| osd_result validate_rsp_packet(char *buf_p, bool *ver_checksum, int *len, | ||
| char *buffer) |
There was a problem hiding this comment.
A couple problems here:
validate_rsp_packetdoes not accurately describe what's going on in this function. From my reading, decodes a RSP packet according to the rules in https://sourceware.org/gdb/onlinedocs/gdb/Overview.html#Overview. Mention this URL in the doxygen comment for people to look up what you're actually implementing. (Correspondingly, there's also an encoding function, which you namedconfigure_rsp_packet). How about something likersp_packet_encode()for a function name?- The input data you pass is given as string buffer
buf_pwith no length. Your implementation works on the assumption that the string contains a#somewhere, otherwise it will just continue in thewhileloop and at some point in time it will be killed when it accesses memory it may not access. You have two options to solve that: either pass a input string and a length of this string, or assume the string is null-terminated (and assert on that assumption in the calling function!) For safety reasons I'd go with passing the length of the buffer. - Your output data is written to
buffer, the length of the valid data in this buffer is inlen. That does not work. The caller must allocate memory used forbuffer. How much memory should it allocate? It cannot know how much data you'll write into the buffer inside your function (even you cannot give an upper bound, since it depends on the size of your input data). Again you have multiple options: (1) allocate a new buffer within this function and pass it back to the caller (and document that the caller is responsible for freeing it), (2) Operate in-place, since the output data will always be shorter than the input data (if I understood the protocol right), or (3) let the function take three arguments: a pointer to an allocated buffer (likebufferright now), the size of this buffer (i.e. how large it was allocated), and as a third argument have an output argument (similar tolenright now) that indicates how many valid bytes the buffer now contains. - The status "is the packet valid" is passed back to the caller through the output variable
var_checksum. Why not just use the return value of the function for that?
src/libosd/gdbserver.c
Outdated
|
|
||
| // packet-format: $packet-data#checksum | ||
| // traversing through the obtained packet till we obtained '#' | ||
| while (1) { |
There was a problem hiding this comment.
As said before: make sure that this loop ends even if the input data is corrupted/invalid. The easiest way is iterating only until the known end of the string (i.e. a length that you passed in, or a null-byte if the string is null-terminated)
src/libosd/gdbserver.c
Outdated
| * character followed by the original character XORed with 0x20. | ||
| */ | ||
| if (packet_char == '}') { | ||
| val_checksum += packet_char & 0xff; |
There was a problem hiding this comment.
packet_char is a 8 bit value. With `& 0xff`` you mask out the first 8 bit, i.e. do nothing => simply remove that operation.
src/libosd/gdbserver.c
Outdated
| packet_char = *buf; | ||
| packet_checksum[1] = packet_char; | ||
| packet_checksum[2] = 0; | ||
| *ver_checksum = (val_checksum == strtoul(packet_checksum, NULL, 16)); |
There was a problem hiding this comment.
as said before: make that a return value.
src/libosd/gdbserver.c
Outdated
|
|
||
| if (OSD_FAILED(rv)) { | ||
| return rv; | ||
| } else { |
There was a problem hiding this comment.
no need to have an else after a return.
src/libosd/gdbserver.c
Outdated
| } | ||
|
|
||
| API_EXPORT | ||
| osd_result configure_rsp_packet(char *buffer, int len, char *packet_buffer) |
There was a problem hiding this comment.
See the long comment in validate_rsp_packet and apply the suggestions on this function as well.
Adds more test cases to check validate/encode functions.
|
Thanks for the review. I have incorporated almost every change requested. I have also added two more unit tests to check some corner cases. Here's a brief description of the two functions:
Regarding the size of buffer, we can keep it constant and equal to the MAX_GDB_PACKET_SIZE, i.e., 1024 (currently). This is the maximum size of the packet received/send from/to the GDB via TCP. Also, the commands we are supporting right now will suffice with this size.
In case of OR1K, there are a total of 32 32-bit registers, each requiring 8 hex characters + 1 character for the 'G', a total of 257 (hexadecimal 0x101) characters. |
(1) 'g' : read general registers (2) 'G XX' : write general registers (3) 'p n ' : read the value of a specific register n (4) 'P n..=r..': write a specific register n with value r
|
I have added code implementation for the following GDB commands:
Next, I will add support for memory read/write command and then, connect GDB using target command. I need to complete the following RSP packet exchanges for the GDB target remote command to support connectivity.
|
|
1. m addr,length : Read length bytes of memory starting at addr. 2. M addr,length:XX... : Write length bytes of memory starting at addr. 3. Unit tests to check intermediate utility functions
|
Unit testing can and needs to be done through a mock gdb client. I already outlined that in one of the previous discussions, please implement that. Before such testing is in place I will not have a further look at the code. |
|
Thanks a lot for the response. |
|
It should open a tcp connection, and act like a gdb client, by sending commands that you told the mock client to do, and verifying the response. |
|
I have added a rough implementation of mock GDBclient program and unit tests to check and validate the TCP connection between GDB server and mock GDBclient program. The test cases are working fine. Currently, I used PThread API to establish a TCP connection. GDBserver has the following two programs:
I think we need to design the code such that there is no deadlock between the two threads/programs. Also, as you pointed out earlier, we need to figure out the non-blocking aspect of the code. For this part, I tried using: setsockopt(cli_socket, SOL_SOCKET, SO_RCVTIMEO, (struct timeval *)&tv, sizeof(struct timeval));but it didn't work. Send/receive and read/write functions are working successfully using the existing implementation (with slight changes). Maybe, for now, I should focus on completing the GDBserver with blocking I/O only, i.e. adding add_breakpoint/remove_breakpoint functions. I can switch to non-blocking I/O and other concepts later. |
There was a problem hiding this comment.
Thanks Shivam for the update on this PR. Getting parallelism right in any programming language is tricky and requires thinking of multiple components and interfaces at the same time. I know this is not an easy task, but I'm sure the experience will be worth it.
- I focus in this review on the public API and the threading questions. I leave all further questions to future iterations.
- I did refrain for now from discussing the GDB buffer sizing and related discussions. There is more to be said later.
I noted a couple things regarding the public API in the code (and some other drive-by comments).
The most important part now is to get the parallelism right.
To get a better understanding of the parallelism I'm proposing you draw a message sequence chart (e.g. using draw.io) which includes the participants (classes and other components like the GDB client) and the communication between them.
Two communication paths need to be supported.
Path 1: gdb-client initiated commands:
GDB client -> osd_gdbserver -> (some function handling the command, typically using osd_hostmod) -> ... (response)
Questions to be answered:
- Which things can happen in parallel (i.e. are asynchronus)
- Is the gdbserver protocol a synchronous (blocking) or asynchronous protocol?
Example: if the gdb client sends a command to read memory from the target, is the answer sent when the memory has been read, or does it return immediately (e.g. with an acknowledgement saying "command receive"), and at some later point a new message is sent with the data? - Answering the previous question is essential to the design of the osd_gdbserver module: it determines if you need to (potentially) handle multiple commands in parallel, or just one.
Path 2: event notifications (e.g. breakpoint notifications)
osd_hostmod (events) -> osd_gdbserver -> (TCP send) -> GDB client
osd_hostmod provide a polling interface (osd_hostmod_event_receive()) and a asynchronous interface (register a event rx callback with osd_hostmod_new()). Depending on the answer of the remaining design both could be used.
Questions to be answered:
- How are these notifications being combined with the gdb client-initiated data? I.e. breakpoint notifications be sent to a gdb client at any time, or only when no other command (see above) is being processed?
Things already known:
- You need at least one thread within osd_gdbserver which handles the communication with the gdb client. This thread is started when the port is bound (e.g. in osd_gdbserver_start() or _connect(), whatever name you choose in the end), and torn down when the osd_gdbserver is stopped/disconnected.
Things not yet known:
- You possibly need more threads, depending on the answers to the previous questions.
- Depending on the communicaton needs between the threads, you may get away with simple pthreads (if you need almost no communication), or you need to use the worker helper class (if you have more communication between threads).
| #define OSD_GDBSERVER_BUFF_SIZE 1024 | ||
|
|
||
| /** | ||
| * Create a new context object |
There was a problem hiding this comment.
Please document the function arguments.
src/libosd/include/osd/gdbserver.h
Outdated
| /** | ||
| * Indicates the port for connecting to GDB | ||
| */ | ||
| #define OSD_GDBSERVER_PORT 5555 |
There was a problem hiding this comment.
This port cannot be fixed, but needs to be runtime-configurable.
Multiple options exist.
- Either pass it to
osd_gdbserver_new()parameter. This makes the constructur a bit long with many arguments, which (in C) don't have names -> the code is harder to read. - Or pass it to the function that starts the gdbserver.
- Or make the passing of the port optional and create a new function
osd_gdbserver_set_port()to configure it if the default port should not be used. In this case, you additionally should rename the define here toOSD_GDBSERVER_PORT_DEFAULT(or similar).
I'd go with option 2 or 3 (most likely 3).
src/libosd/include/osd/gdbserver.h
Outdated
| * | ||
| * @return OSD_OK on success, any other value indicates an error | ||
| */ | ||
| osd_result osd_gdbserver_connect_GDB(struct osd_gdbserver_ctx *ctx); |
There was a problem hiding this comment.
- all-lowercase function names please.
- This function is mis-named. You implement a (TCP) server. A server does not connect, it binds a port to provide a service. The client then connects. Better names include
osd_gdbserver_serve(),osd_gdbserver_start(), etc. (The latter one you already have.)
Going beyond naming: you can remove this function from the public API (i.e. the header file). Proposal:
- Make only
osd_gdbserver_connect()andosd_gdbserver_disconnect()available in the public API. - The two functions to connect to the hostctrl and bind the TCP port are then called from there.
Rationale: for the osd_gdbserver class to be working you need to have both connections established. Just having (either) one cannot do anything useful. At the same time, getting the ordering of connecting and disconnecting right, and tearing down one connection if the other one fails to be created is a (rather) tricky business. Hiding this complexity from the public API is a good thing: the class can be used more easily, and the tricky parts can be done right once, and tested to stay functional.
Further, you need to be clear when this function returns: It returns once the connection has been established. It does not block forever to receive data. That's important to keep in mind: Within this function you do everything to connect and delegate the reception (and sending) of data between GDB server and client to a worker thread.
| bool osd_gdbserver_is_connected_hostmod(struct osd_gdbserver_ctx *ctx); | ||
|
|
||
| /** | ||
| * Free the context object |
There was a problem hiding this comment.
Please complete the documentation here.
src/libosd/include/osd/gdbserver.h
Outdated
| * | ||
| * @see osd_gdbserver_write_data() | ||
| */ | ||
| osd_result osd_gdbserver_read_data(struct osd_gdbserver_ctx *ctx); |
There was a problem hiding this comment.
This function should not be part of the public API.
src/libosd/gdbserver.c
Outdated
| { | ||
| if (packet_char >= 10 && packet_char <= 15) | ||
| return packet_char - 10 + 'a'; | ||
| else if (packet_char >= 0 && packet_char <= 9) |
There was a problem hiding this comment.
- Do not put an else after a return.
- Always use
{}, even if the if-statement has only one line.
src/libosd/gdbserver.c
Outdated
| return OSD_OK; | ||
| } | ||
|
|
||
| static char dectohex(int packet_char) |
There was a problem hiding this comment.
Please document the behavior of this function. Especially the return of "-1" is non-obvious from the function name. And why is the argument called packet_char?
src/libosd/gdbserver.c
Outdated
| return -1; | ||
| } | ||
|
|
||
| static int hextodec(char packet_char) |
src/libosd/gdbserver.c
Outdated
|
|
||
| memset(&ctx->sin, 0, sizeof(ctx->sin)); | ||
| ctx->sin.sin_family = AF_INET; | ||
| ctx->sin.sin_addr.s_addr = htonl(INADDR_LOOPBACK); |
There was a problem hiding this comment.
Just like the port you need to make the bind address configurable at runtime. Listening only on the loopback interface is a good default.
src/libosd/gdbserver.c
Outdated
| ctx->sin.sin_port = htons(OSD_GDBSERVER_PORT); | ||
|
|
||
| if (OSD_FAILED( | ||
| bind(ctx->fd, (struct sockaddr *)&ctx->sin, sizeof(ctx->sin)))) { |
There was a problem hiding this comment.
- Do not use OSD_FAILED() for functions which don't return osd_result.
- To avoid overly long if conditions assign the return value to a variable and check then.
|
I have tried to resolve some major issues in this iteration.
Generally speaking, most commands in the OSD-GDB server are sequential in nature. Each packet received from the GDB (client) should be acknowledged with a single character.
For instance, the following image illustrates the sequence diagram of "read memory / m packet" request.
As per my understanding, we don't need to handle multiple commands simultaneously.
The GDB command to set breakpoints, break does not immediately cause a RSP interaction. GDB only actually sets breakpoints immediately before execution (for example by a continue or step command) and immediately clears them when a breakpoint is hit. Event notifications, i.e. in case of breakpoint hit are sent to the GDB only when no other command is being processed. This is again a blocking/synchronous process.
|
|
Thanks for the updated PR. Before we move any further I'd like to make sure that we are on the same page regarding threading. The message sequence chart you provided leaves out this important part. Please include the threads within "OSD-GDB Server," and also show how breakpoint event packets are handled. |
|
Apologies for the delay.
By default, whenever a packet is received, it is acknowledged with a '+' or '-' sign to establish reliability. However, we can also choose to disable the '+/-' acknowledgments by means of the `QStartNoAckMode' packet. For the current iteration, I think we should go ahead with these acknowledgment signs. For the break command, the sequence diagram (until trap exception) should be:
In the image, a software breakpoint (Z0) is requested at addr 0x1150. First of all, the current state of the instruction at addr 0x1150 is stored and then, a trap instruction is inserted at that address. The program continues execution until it hits the breakpoint (in this case, a trap signal). The CDM module sends a Debug stall event packet to the GDBserver. These event notifications should be sent immediately after the CPU stall. GDBserver instantly clears the trap condition from the bp address when a breakpoint is hit. I have also included the smaller functions/threads within the GDBserver in both the diagrams. Please suggest if I should add any other information in these diagrams. |
|
Your drawing shows a single thread for the osd-gdb server, which is the thread doing the TCP communication with the GDB client. You need to create this thread when osd_gdbserver_start() is called, and destroy it when osd_gdbserver_stop() is called (or however these functions will be called in the end). That should work. Please go ahead and update the code to follow this scheme. |
This PR adds OSD-GDB server which enables GDB client to connect to an OSD-enabled system. It implements GDB Remote Serial Protocol (RSP) which provides a high-level protocol allowing GDB to connect to any target remotely. The current implementation supports OpenRISC 1000 architecture and is experimental in nature.
The current iteration of the program provides the API to support:
Read general purpose registers
Write general purpose registers
Read the value of register n
Write register n... with value r
Read length addressable memory units starting at address addr
Write length addressable memory units starting at address addr (see addressable memory unit). The data is given by XX…; each byte is transmitted as a two-digit hexadecimal number.
RSP commands from the client to the server are textual strings. Each packet is acknowledged with a single character '+' to indicate valid receipt and ‘-’ to indicate the failure.
The PR also contains a mock GDB client to check and validate TCP connection with the server and test various requests/response commands and packets.
Closes #19