1 /* 2 * Semihosting support for systems modeled on the Arm "Angel" 3 * semihosting syscalls design. This includes Arm and RISC-V processors 4 * 5 * Copyright (c) 2005, 2007 CodeSourcery. 6 * Copyright (c) 2019 Linaro 7 * Written by Paul Brook. 8 * 9 * Copyright © 2020 by Keith Packard <keithp@keithp.com> 10 * Adapted for systems other than ARM, including RISC-V, by Keith Packard 11 * 12 * This program is free software; you can redistribute it and/or modify 13 * it under the terms of the GNU General Public License as published by 14 * the Free Software Foundation; either version 2 of the License, or 15 * (at your option) any later version. 16 * 17 * This program is distributed in the hope that it will be useful, 18 * but WITHOUT ANY WARRANTY; without even the implied warranty of 19 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 20 * GNU General Public License for more details. 21 * 22 * You should have received a copy of the GNU General Public License 23 * along with this program; if not, see <http://www.gnu.org/licenses/>. 24 * 25 * ARM Semihosting is documented in: 26 * Semihosting for AArch32 and AArch64 Release 2.0 27 * https://static.docs.arm.com/100863/0200/semihosting.pdf 28 * 29 * RISC-V Semihosting is documented in: 30 * RISC-V Semihosting 31 * https://github.com/riscv/riscv-semihosting-spec/blob/main/riscv-semihosting-spec.adoc 32 */ 33 34 #include "qemu/osdep.h" 35 #include "qemu/timer.h" 36 #include "exec/gdbstub.h" 37 #include "semihosting/semihost.h" 38 #include "semihosting/console.h" 39 #include "semihosting/common-semi.h" 40 #include "semihosting/guestfd.h" 41 #include "semihosting/syscalls.h" 42 43 #ifdef CONFIG_USER_ONLY 44 #include "qemu.h" 45 46 #define COMMON_SEMI_HEAP_SIZE (128 * 1024 * 1024) 47 #else 48 #include "qemu/cutils.h" 49 #include "hw/loader.h" 50 #include "hw/boards.h" 51 #endif 52 53 #define TARGET_SYS_OPEN 0x01 54 #define TARGET_SYS_CLOSE 0x02 55 #define TARGET_SYS_WRITEC 0x03 56 #define TARGET_SYS_WRITE0 0x04 57 #define TARGET_SYS_WRITE 0x05 58 #define TARGET_SYS_READ 0x06 59 #define TARGET_SYS_READC 0x07 60 #define TARGET_SYS_ISERROR 0x08 61 #define TARGET_SYS_ISTTY 0x09 62 #define TARGET_SYS_SEEK 0x0a 63 #define TARGET_SYS_FLEN 0x0c 64 #define TARGET_SYS_TMPNAM 0x0d 65 #define TARGET_SYS_REMOVE 0x0e 66 #define TARGET_SYS_RENAME 0x0f 67 #define TARGET_SYS_CLOCK 0x10 68 #define TARGET_SYS_TIME 0x11 69 #define TARGET_SYS_SYSTEM 0x12 70 #define TARGET_SYS_ERRNO 0x13 71 #define TARGET_SYS_GET_CMDLINE 0x15 72 #define TARGET_SYS_HEAPINFO 0x16 73 #define TARGET_SYS_EXIT 0x18 74 #define TARGET_SYS_SYNCCACHE 0x19 75 #define TARGET_SYS_EXIT_EXTENDED 0x20 76 #define TARGET_SYS_ELAPSED 0x30 77 #define TARGET_SYS_TICKFREQ 0x31 78 79 /* ADP_Stopped_ApplicationExit is used for exit(0), 80 * anything else is implemented as exit(1) */ 81 #define ADP_Stopped_ApplicationExit (0x20026) 82 83 #ifndef O_BINARY 84 #define O_BINARY 0 85 #endif 86 87 static int gdb_open_modeflags[12] = { 88 GDB_O_RDONLY, 89 GDB_O_RDONLY, 90 GDB_O_RDWR, 91 GDB_O_RDWR, 92 GDB_O_WRONLY | GDB_O_CREAT | GDB_O_TRUNC, 93 GDB_O_WRONLY | GDB_O_CREAT | GDB_O_TRUNC, 94 GDB_O_RDWR | GDB_O_CREAT | GDB_O_TRUNC, 95 GDB_O_RDWR | GDB_O_CREAT | GDB_O_TRUNC, 96 GDB_O_WRONLY | GDB_O_CREAT | GDB_O_APPEND, 97 GDB_O_WRONLY | GDB_O_CREAT | GDB_O_APPEND, 98 GDB_O_RDWR | GDB_O_CREAT | GDB_O_APPEND, 99 GDB_O_RDWR | GDB_O_CREAT | GDB_O_APPEND, 100 }; 101 102 #ifndef CONFIG_USER_ONLY 103 104 /** 105 * common_semi_find_bases: find information about ram and heap base 106 * 107 * This function attempts to provide meaningful numbers for RAM and 108 * HEAP base addresses. The rambase is simply the lowest addressable 109 * RAM position. For the heapbase we ask the loader to scan the 110 * address space and the largest available gap by querying the "ROM" 111 * regions. 112 * 113 * Returns: a structure with the numbers we need. 114 */ 115 116 typedef struct LayoutInfo { 117 target_ulong rambase; 118 size_t ramsize; 119 hwaddr heapbase; 120 hwaddr heaplimit; 121 } LayoutInfo; 122 123 static bool find_ram_cb(Int128 start, Int128 len, const MemoryRegion *mr, 124 hwaddr offset_in_region, void *opaque) 125 { 126 LayoutInfo *info = (LayoutInfo *) opaque; 127 uint64_t size = int128_get64(len); 128 129 if (!mr->ram || mr->readonly) { 130 return false; 131 } 132 133 if (size > info->ramsize) { 134 info->rambase = int128_get64(start); 135 info->ramsize = size; 136 } 137 138 /* search exhaustively for largest RAM */ 139 return false; 140 } 141 142 static LayoutInfo common_semi_find_bases(CPUState *cs) 143 { 144 FlatView *fv; 145 LayoutInfo info = { 0, 0, 0, 0 }; 146 147 RCU_READ_LOCK_GUARD(); 148 149 fv = address_space_to_flatview(cs->as); 150 flatview_for_each_range(fv, find_ram_cb, &info); 151 152 /* 153 * If we have found the RAM lets iterate through the ROM blobs to 154 * work out the best place for the remainder of RAM and split it 155 * equally between stack and heap. 156 */ 157 if (info.rambase || info.ramsize > 0) { 158 RomGap gap = rom_find_largest_gap_between(info.rambase, info.ramsize); 159 info.heapbase = gap.base; 160 info.heaplimit = gap.base + gap.size; 161 } 162 163 return info; 164 } 165 166 #endif 167 168 #include "common-semi-target.h" 169 170 /* 171 * Read the input value from the argument block; fail the semihosting 172 * call if the memory read fails. Eventually we could use a generic 173 * CPUState helper function here. 174 * Note that GET_ARG() handles memory access errors by jumping to 175 * do_fault, so must be used as the first thing done in handling a 176 * semihosting call, to avoid accidentally leaking allocated resources. 177 * SET_ARG(), since it unavoidably happens late, instead returns an 178 * error indication (0 on success, non-0 for error) which the caller 179 * should check. 180 */ 181 182 #define GET_ARG(n) do { \ 183 if (is_64bit_semihosting(env)) { \ 184 if (get_user_u64(arg ## n, args + (n) * 8)) { \ 185 goto do_fault; \ 186 } \ 187 } else { \ 188 if (get_user_u32(arg ## n, args + (n) * 4)) { \ 189 goto do_fault; \ 190 } \ 191 } \ 192 } while (0) 193 194 #define SET_ARG(n, val) \ 195 (is_64bit_semihosting(env) ? \ 196 put_user_u64(val, args + (n) * 8) : \ 197 put_user_u32(val, args + (n) * 4)) 198 199 200 /* 201 * The semihosting API has no concept of its errno being thread-safe, 202 * as the API design predates SMP CPUs and was intended as a simple 203 * real-hardware set of debug functionality. For QEMU, we make the 204 * errno be per-thread in linux-user mode; in softmmu it is a simple 205 * global, and we assume that the guest takes care of avoiding any races. 206 */ 207 #ifndef CONFIG_USER_ONLY 208 static target_ulong syscall_err; 209 210 #include "semihosting/softmmu-uaccess.h" 211 #endif 212 213 static inline uint32_t get_swi_errno(CPUState *cs) 214 { 215 #ifdef CONFIG_USER_ONLY 216 TaskState *ts = cs->opaque; 217 218 return ts->swi_errno; 219 #else 220 return syscall_err; 221 #endif 222 } 223 224 static void common_semi_cb(CPUState *cs, uint64_t ret, int err) 225 { 226 if (err) { 227 #ifdef CONFIG_USER_ONLY 228 TaskState *ts = cs->opaque; 229 ts->swi_errno = err; 230 #else 231 syscall_err = err; 232 #endif 233 } 234 common_semi_set_ret(cs, ret); 235 } 236 237 /* 238 * Use 0xdeadbeef as the return value when there isn't a defined 239 * return value for the call. 240 */ 241 static void common_semi_dead_cb(CPUState *cs, uint64_t ret, int err) 242 { 243 common_semi_set_ret(cs, 0xdeadbeef); 244 } 245 246 /* 247 * SYS_READ and SYS_WRITE always return the number of bytes not read/written. 248 * There is no error condition, other than returning the original length. 249 */ 250 static void common_semi_rw_cb(CPUState *cs, uint64_t ret, int err) 251 { 252 /* Recover the original length from the third argument. */ 253 CPUArchState *env G_GNUC_UNUSED = cs->env_ptr; 254 target_ulong args = common_semi_arg(cs, 1); 255 target_ulong arg2; 256 GET_ARG(2); 257 258 if (err) { 259 do_fault: 260 ret = 0; /* error: no bytes transmitted */ 261 } 262 common_semi_set_ret(cs, arg2 - ret); 263 } 264 265 /* 266 * Convert from Posix ret+errno to Arm SYS_ISTTY return values. 267 * With gdbstub, err is only ever set for protocol errors to EIO. 268 */ 269 static void common_semi_istty_cb(CPUState *cs, uint64_t ret, int err) 270 { 271 if (err) { 272 ret = (err == ENOTTY ? 0 : -1); 273 } 274 common_semi_cb(cs, ret, err); 275 } 276 277 /* 278 * SYS_SEEK returns 0 on success, not the resulting offset. 279 */ 280 static void common_semi_seek_cb(CPUState *cs, uint64_t ret, int err) 281 { 282 if (!err) { 283 ret = 0; 284 } 285 common_semi_cb(cs, ret, err); 286 } 287 288 /* 289 * Return an address in target memory of 64 bytes where the remote 290 * gdb should write its stat struct. (The format of this structure 291 * is defined by GDB's remote protocol and is not target-specific.) 292 * We put this on the guest's stack just below SP. 293 */ 294 static target_ulong common_semi_flen_buf(CPUState *cs) 295 { 296 target_ulong sp = common_semi_stack_bottom(cs); 297 return sp - 64; 298 } 299 300 static void 301 common_semi_flen_fstat_cb(CPUState *cs, uint64_t ret, int err) 302 { 303 if (!err) { 304 /* The size is always stored in big-endian order, extract the value. */ 305 uint64_t size; 306 if (cpu_memory_rw_debug(cs, common_semi_flen_buf(cs) + 307 offsetof(struct gdb_stat, gdb_st_size), 308 &size, 8, 0)) { 309 ret = -1, err = EFAULT; 310 } else { 311 size = be64_to_cpu(size); 312 if (ret != size) { 313 ret = -1, err = EOVERFLOW; 314 } 315 } 316 } 317 common_semi_cb(cs, ret, err); 318 } 319 320 static void 321 common_semi_readc_cb(CPUState *cs, uint64_t ret, int err) 322 { 323 if (!err) { 324 CPUArchState *env G_GNUC_UNUSED = cs->env_ptr; 325 uint8_t ch; 326 327 if (get_user_u8(ch, common_semi_stack_bottom(cs) - 1)) { 328 ret = -1, err = EFAULT; 329 } else { 330 ret = ch; 331 } 332 } 333 common_semi_cb(cs, ret, err); 334 } 335 336 #define SHFB_MAGIC_0 0x53 337 #define SHFB_MAGIC_1 0x48 338 #define SHFB_MAGIC_2 0x46 339 #define SHFB_MAGIC_3 0x42 340 341 /* Feature bits reportable in feature byte 0 */ 342 #define SH_EXT_EXIT_EXTENDED (1 << 0) 343 #define SH_EXT_STDOUT_STDERR (1 << 1) 344 345 static const uint8_t featurefile_data[] = { 346 SHFB_MAGIC_0, 347 SHFB_MAGIC_1, 348 SHFB_MAGIC_2, 349 SHFB_MAGIC_3, 350 SH_EXT_EXIT_EXTENDED | SH_EXT_STDOUT_STDERR, /* Feature byte 0 */ 351 }; 352 353 /* 354 * Do a semihosting call. 355 * 356 * The specification always says that the "return register" either 357 * returns a specific value or is corrupted, so we don't need to 358 * report to our caller whether we are returning a value or trying to 359 * leave the register unchanged. 360 */ 361 void do_common_semihosting(CPUState *cs) 362 { 363 CPUArchState *env = cs->env_ptr; 364 target_ulong args; 365 target_ulong arg0, arg1, arg2, arg3; 366 target_ulong ul_ret; 367 char * s; 368 int nr; 369 uint32_t ret; 370 int64_t elapsed; 371 372 nr = common_semi_arg(cs, 0) & 0xffffffffU; 373 args = common_semi_arg(cs, 1); 374 375 switch (nr) { 376 case TARGET_SYS_OPEN: 377 { 378 int ret, err = 0; 379 int hostfd; 380 381 GET_ARG(0); 382 GET_ARG(1); 383 GET_ARG(2); 384 s = lock_user_string(arg0); 385 if (!s) { 386 goto do_fault; 387 } 388 if (arg1 >= 12) { 389 unlock_user(s, arg0, 0); 390 common_semi_cb(cs, -1, EINVAL); 391 break; 392 } 393 394 if (strcmp(s, ":tt") == 0) { 395 /* 396 * We implement SH_EXT_STDOUT_STDERR, so: 397 * open for read == stdin 398 * open for write == stdout 399 * open for append == stderr 400 */ 401 if (arg1 < 4) { 402 hostfd = STDIN_FILENO; 403 } else if (arg1 < 8) { 404 hostfd = STDOUT_FILENO; 405 } else { 406 hostfd = STDERR_FILENO; 407 } 408 ret = alloc_guestfd(); 409 associate_guestfd(ret, hostfd); 410 } else if (strcmp(s, ":semihosting-features") == 0) { 411 /* We must fail opens for modes other than 0 ('r') or 1 ('rb') */ 412 if (arg1 != 0 && arg1 != 1) { 413 ret = -1; 414 err = EACCES; 415 } else { 416 ret = alloc_guestfd(); 417 staticfile_guestfd(ret, featurefile_data, 418 sizeof(featurefile_data)); 419 } 420 } else { 421 unlock_user(s, arg0, 0); 422 semihost_sys_open(cs, common_semi_cb, arg0, arg2 + 1, 423 gdb_open_modeflags[arg1], 0644); 424 break; 425 } 426 unlock_user(s, arg0, 0); 427 common_semi_cb(cs, ret, err); 428 break; 429 } 430 431 case TARGET_SYS_CLOSE: 432 GET_ARG(0); 433 semihost_sys_close(cs, common_semi_cb, arg0); 434 break; 435 436 case TARGET_SYS_WRITEC: 437 /* 438 * FIXME: the byte to be written is in a target_ulong slot, 439 * which means this is wrong for a big-endian guest. 440 */ 441 semihost_sys_write_gf(cs, common_semi_dead_cb, 442 &console_out_gf, args, 1); 443 break; 444 445 case TARGET_SYS_WRITE0: 446 { 447 ssize_t len = target_strlen(args); 448 if (len < 0) { 449 common_semi_dead_cb(cs, -1, EFAULT); 450 } else { 451 semihost_sys_write_gf(cs, common_semi_dead_cb, 452 &console_out_gf, args, len); 453 } 454 } 455 break; 456 457 case TARGET_SYS_WRITE: 458 GET_ARG(0); 459 GET_ARG(1); 460 GET_ARG(2); 461 semihost_sys_write(cs, common_semi_rw_cb, arg0, arg1, arg2); 462 break; 463 464 case TARGET_SYS_READ: 465 GET_ARG(0); 466 GET_ARG(1); 467 GET_ARG(2); 468 semihost_sys_read(cs, common_semi_rw_cb, arg0, arg1, arg2); 469 break; 470 471 case TARGET_SYS_READC: 472 semihost_sys_read_gf(cs, common_semi_readc_cb, &console_in_gf, 473 common_semi_stack_bottom(cs) - 1, 1); 474 break; 475 476 case TARGET_SYS_ISERROR: 477 GET_ARG(0); 478 common_semi_set_ret(cs, (target_long)arg0 < 0); 479 break; 480 481 case TARGET_SYS_ISTTY: 482 GET_ARG(0); 483 semihost_sys_isatty(cs, common_semi_istty_cb, arg0); 484 break; 485 486 case TARGET_SYS_SEEK: 487 GET_ARG(0); 488 GET_ARG(1); 489 semihost_sys_lseek(cs, common_semi_seek_cb, arg0, arg1, GDB_SEEK_SET); 490 break; 491 492 case TARGET_SYS_FLEN: 493 GET_ARG(0); 494 semihost_sys_flen(cs, common_semi_flen_fstat_cb, common_semi_cb, 495 arg0, common_semi_flen_buf(cs)); 496 break; 497 498 case TARGET_SYS_TMPNAM: 499 { 500 int len; 501 char *p; 502 503 GET_ARG(0); 504 GET_ARG(1); 505 GET_ARG(2); 506 len = asprintf(&s, "/tmp/qemu-%x%02x", getpid(), (int)arg1 & 0xff); 507 if (len < 0) { 508 common_semi_set_ret(cs, -1); 509 break; 510 } 511 512 /* Allow for trailing NUL */ 513 len++; 514 /* Make sure there's enough space in the buffer */ 515 if (len > arg2) { 516 free(s); 517 common_semi_set_ret(cs, -1); 518 break; 519 } 520 p = lock_user(VERIFY_WRITE, arg0, len, 0); 521 if (!p) { 522 free(s); 523 goto do_fault; 524 } 525 memcpy(p, s, len); 526 unlock_user(p, arg0, len); 527 free(s); 528 common_semi_set_ret(cs, 0); 529 break; 530 } 531 532 case TARGET_SYS_REMOVE: 533 GET_ARG(0); 534 GET_ARG(1); 535 semihost_sys_remove(cs, common_semi_cb, arg0, arg1 + 1); 536 break; 537 538 case TARGET_SYS_RENAME: 539 GET_ARG(0); 540 GET_ARG(1); 541 GET_ARG(2); 542 GET_ARG(3); 543 semihost_sys_rename(cs, common_semi_cb, arg0, arg1 + 1, arg2, arg3 + 1); 544 break; 545 546 case TARGET_SYS_CLOCK: 547 common_semi_set_ret(cs, clock() / (CLOCKS_PER_SEC / 100)); 548 break; 549 550 case TARGET_SYS_TIME: 551 ul_ret = time(NULL); 552 common_semi_cb(cs, ul_ret, ul_ret == -1 ? errno : 0); 553 break; 554 555 case TARGET_SYS_SYSTEM: 556 GET_ARG(0); 557 GET_ARG(1); 558 semihost_sys_system(cs, common_semi_cb, arg0, arg1 + 1); 559 break; 560 561 case TARGET_SYS_ERRNO: 562 common_semi_set_ret(cs, get_swi_errno(cs)); 563 break; 564 565 case TARGET_SYS_GET_CMDLINE: 566 { 567 /* Build a command-line from the original argv. 568 * 569 * The inputs are: 570 * * arg0, pointer to a buffer of at least the size 571 * specified in arg1. 572 * * arg1, size of the buffer pointed to by arg0 in 573 * bytes. 574 * 575 * The outputs are: 576 * * arg0, pointer to null-terminated string of the 577 * command line. 578 * * arg1, length of the string pointed to by arg0. 579 */ 580 581 char *output_buffer; 582 size_t input_size; 583 size_t output_size; 584 int status = 0; 585 #if !defined(CONFIG_USER_ONLY) 586 const char *cmdline; 587 #else 588 TaskState *ts = cs->opaque; 589 #endif 590 GET_ARG(0); 591 GET_ARG(1); 592 input_size = arg1; 593 /* Compute the size of the output string. */ 594 #if !defined(CONFIG_USER_ONLY) 595 cmdline = semihosting_get_cmdline(); 596 if (cmdline == NULL) { 597 cmdline = ""; /* Default to an empty line. */ 598 } 599 output_size = strlen(cmdline) + 1; /* Count terminating 0. */ 600 #else 601 unsigned int i; 602 603 output_size = ts->info->env_strings - ts->info->arg_strings; 604 if (!output_size) { 605 /* 606 * We special-case the "empty command line" case (argc==0). 607 * Just provide the terminating 0. 608 */ 609 output_size = 1; 610 } 611 #endif 612 613 if (output_size > input_size) { 614 /* Not enough space to store command-line arguments. */ 615 common_semi_cb(cs, -1, E2BIG); 616 break; 617 } 618 619 /* Adjust the command-line length. */ 620 if (SET_ARG(1, output_size - 1)) { 621 /* Couldn't write back to argument block */ 622 goto do_fault; 623 } 624 625 /* Lock the buffer on the ARM side. */ 626 output_buffer = lock_user(VERIFY_WRITE, arg0, output_size, 0); 627 if (!output_buffer) { 628 goto do_fault; 629 } 630 631 /* Copy the command-line arguments. */ 632 #if !defined(CONFIG_USER_ONLY) 633 pstrcpy(output_buffer, output_size, cmdline); 634 #else 635 if (output_size == 1) { 636 /* Empty command-line. */ 637 output_buffer[0] = '\0'; 638 goto out; 639 } 640 641 if (copy_from_user(output_buffer, ts->info->arg_strings, 642 output_size)) { 643 unlock_user(output_buffer, arg0, 0); 644 goto do_fault; 645 } 646 647 /* Separate arguments by white spaces. */ 648 for (i = 0; i < output_size - 1; i++) { 649 if (output_buffer[i] == 0) { 650 output_buffer[i] = ' '; 651 } 652 } 653 out: 654 #endif 655 /* Unlock the buffer on the ARM side. */ 656 unlock_user(output_buffer, arg0, output_size); 657 common_semi_cb(cs, status, 0); 658 } 659 break; 660 661 case TARGET_SYS_HEAPINFO: 662 { 663 target_ulong retvals[4]; 664 int i; 665 #ifdef CONFIG_USER_ONLY 666 TaskState *ts = cs->opaque; 667 target_ulong limit; 668 #else 669 LayoutInfo info = common_semi_find_bases(cs); 670 #endif 671 672 GET_ARG(0); 673 674 #ifdef CONFIG_USER_ONLY 675 /* 676 * Some C libraries assume the heap immediately follows .bss, so 677 * allocate it using sbrk. 678 */ 679 if (!ts->heap_limit) { 680 abi_ulong ret; 681 682 ts->heap_base = do_brk(0); 683 limit = ts->heap_base + COMMON_SEMI_HEAP_SIZE; 684 /* Try a big heap, and reduce the size if that fails. */ 685 for (;;) { 686 ret = do_brk(limit); 687 if (ret >= limit) { 688 break; 689 } 690 limit = (ts->heap_base >> 1) + (limit >> 1); 691 } 692 ts->heap_limit = limit; 693 } 694 695 retvals[0] = ts->heap_base; 696 retvals[1] = ts->heap_limit; 697 retvals[2] = ts->stack_base; 698 retvals[3] = 0; /* Stack limit. */ 699 #else 700 retvals[0] = info.heapbase; /* Heap Base */ 701 retvals[1] = info.heaplimit; /* Heap Limit */ 702 retvals[2] = info.heaplimit; /* Stack base */ 703 retvals[3] = info.heapbase; /* Stack limit. */ 704 #endif 705 706 for (i = 0; i < ARRAY_SIZE(retvals); i++) { 707 bool fail; 708 709 if (is_64bit_semihosting(env)) { 710 fail = put_user_u64(retvals[i], arg0 + i * 8); 711 } else { 712 fail = put_user_u32(retvals[i], arg0 + i * 4); 713 } 714 715 if (fail) { 716 /* Couldn't write back to argument block */ 717 goto do_fault; 718 } 719 } 720 common_semi_set_ret(cs, 0); 721 } 722 break; 723 724 case TARGET_SYS_EXIT: 725 case TARGET_SYS_EXIT_EXTENDED: 726 if (common_semi_sys_exit_extended(cs, nr)) { 727 /* 728 * The A64 version of SYS_EXIT takes a parameter block, 729 * so the application-exit type can return a subcode which 730 * is the exit status code from the application. 731 * SYS_EXIT_EXTENDED is an a new-in-v2.0 optional function 732 * which allows A32/T32 guests to also provide a status code. 733 */ 734 GET_ARG(0); 735 GET_ARG(1); 736 737 if (arg0 == ADP_Stopped_ApplicationExit) { 738 ret = arg1; 739 } else { 740 ret = 1; 741 } 742 } else { 743 /* 744 * The A32/T32 version of SYS_EXIT specifies only 745 * Stopped_ApplicationExit as normal exit, but does not 746 * allow the guest to specify the exit status code. 747 * Everything else is considered an error. 748 */ 749 ret = (args == ADP_Stopped_ApplicationExit) ? 0 : 1; 750 } 751 gdb_exit(ret); 752 exit(ret); 753 754 case TARGET_SYS_ELAPSED: 755 elapsed = get_clock() - clock_start; 756 if (sizeof(target_ulong) == 8) { 757 if (SET_ARG(0, elapsed)) { 758 goto do_fault; 759 } 760 } else { 761 if (SET_ARG(0, (uint32_t) elapsed) || 762 SET_ARG(1, (uint32_t) (elapsed >> 32))) { 763 goto do_fault; 764 } 765 } 766 common_semi_set_ret(cs, 0); 767 break; 768 769 case TARGET_SYS_TICKFREQ: 770 /* qemu always uses nsec */ 771 common_semi_set_ret(cs, 1000000000); 772 break; 773 774 case TARGET_SYS_SYNCCACHE: 775 /* 776 * Clean the D-cache and invalidate the I-cache for the specified 777 * virtual address range. This is a nop for us since we don't 778 * implement caches. This is only present on A64. 779 */ 780 if (common_semi_has_synccache(env)) { 781 common_semi_set_ret(cs, 0); 782 break; 783 } 784 /* fall through */ 785 default: 786 fprintf(stderr, "qemu: Unsupported SemiHosting SWI 0x%02x\n", nr); 787 cpu_dump_state(cs, stderr, 0); 788 abort(); 789 790 do_fault: 791 common_semi_cb(cs, -1, EFAULT); 792 break; 793 } 794 } 795