Enabling both CONFIG_FAST_BREAKPOINTS / CONFIG_FAST_WATCHPOINTS and
CONFIG_EVENT_BREAKPOINTS / CONFIG_EVENT_BREAKPOINTS_RANGE /
CONFIG_EVENT_MEMREAD / CONFIG_EVENT_MEMWRITE led to an (unnecessary)
include cycle.
Change-Id: I8144e3e72da69b98e21a844a4bfded1b77bdce07
Previously the code did not handle equivalence classes, which consist
only of one instruction (length 1). As these classes for example
come up at two consecutive read instructions, we have to handle them.
Change-Id: Ib9e475a782828a380dfc79f5b390ca9192f4b8e3
As we might need information of target instruction (in case of
checkpoint, etc.) this information is now added to the output
protobuf message.
Trace-Events are generated also for position zero, so this case is
also regarded.
Change-Id: I69ff4818e7f8d6771923802f65bf0aa1b81883c5
As we gain some degrees of freedom in choice of the specific
injection instruction offset, this can be used to minimize
navigational costs. This is a first approach towards pruning-aware
injection points.
To do so, we need to modify the sql query, which gets the pilots,
so we additionally join with the trace table to get begin and
end information for equivalence classes, which are feeded into
the creation of InjectionPoints.
Change-Id: I343b712dfcbed1299121f02eee9ce1b136a7ff15
As the InjectionPoint is considered to be a container for abstract
"points in time" which can be navigated to, not every object of
a InjectionPointHops needs a smart-hopping calculator.
Change-Id: I150a46cf79a2b9d8ddb2d24a6d89dc3d4246cdb3
As atoi caps the value of a unsigned int bigger than (2^31 - 1) other
than just letting it overflow to the corresponding negative value on
32Bit-integer machines, it must not be used for parsing to unsigned int.
TODO: Also apply this fix to all other unsigned values (in database)
which get parsed by atoi.
Change-Id: I96e29b14d36479ab6e567c527a40feb0b5fb14e5
As these tools work closely together with fail components, its
easiest, to build them in this context. As these tools don't
really matter for fail use, they might never be pushed to the
master branch.
Change-Id: I8c8bd80376d0475f08a531a995d829e85032371b
As openocd is able to read maximally 4-Byte sized chunks,
this will be done for performance improvement.
Change-Id: I79f85e580240f913b5a3d7b49bc0698390644ca8
As we need hop chains to efficiently navigate to the injection
point on pandaboard, this campaign uses these. As we do not yet
have a component, which automatically navigates to a generic
InjectionPoint (API needs to be properly designed), we do this
explicitly.
Change-Id: I26ca6ebb3f05cde735f9641551a8ce5478e463f6
As for the pandaboard to navigate fast to the injection
instruction we need to deliver a hop chain to the fail-client,
this commit adds a generic wrapper for a injection point.
For now we have only the two options hop chain and instruction
offset, so it is activated via a cmake ON/OFF switch.
Change-Id: Ic01a07a30ac386d4316e6d6d271baf1549db966a
Added performance monitor hw-function cycle count.
Also fix for single-stepping exit, some additional register
exits and prevention of reboot failures.
Change-Id: I74196905dc39ecc14ae78366e7e1cb70ec7092f1
Previously for correct termination, the PandaController called
the finish-function of the openocd wrapper, invoked a coroutine
switch and waited for the openocd wrapper to finish up and switch
coroutine again, so the PandaController could exit with correct
exitStatus. Now the openocd-wrapper directly exits with chosen
exit status.
Change-Id: I8d318a4143c53340896ccee4d059a0d79fdcfe89
With the recent updates to record one additional instruction at the trace
start, I broke memory-map handling (restrictMemoryAddresses() and
restrictInstructionAddresses()). This change repairs this functionality.
Change-Id: I0daf9f474d0efe3f8e30a168c0ccc1e993e7ddc6
Listens on a configurable SUT's global variable.
On read access a signal pattern value is calculated and sent back
to the SUT.
Currently, only a superimposable sine wave signal form is implemented.
Further signal forms can be implemented by inheriting from the
abstract SignalForm class.
Change-Id: I2e6cf49cd44797999691c9e9cf0c54dd3c96875e
Logs access to a given global variable of the SUT, given by
a symbol name, and outputs value when variable is written to file.
Format:
<Simulation time>;<Value of variable>
Change-Id: I81b581e571be4255a1a2200c41e7c16657ddfd3d
Add two new breakpoints to L4Sys experiment that allow detecting that
execution terminated with an error: vga_console_blink() is called by the
kernel if JDB was entered (meaning we are hanging, e.g., due to an
assertion); also longjmp() is only used by PF handling code after no
valid page fault handling could be performed
Change-Id: Ice61039c4bd07815a316bbc0bdb39f3483d9a1da
* after injecting a fault, track how many instructions it takes until
execution deviates from original execution
* also track what the first deviating EIP value is
Change-Id: I18a9250517ca90214728c2c4b036b412f5dbf224
When a register in the extended trace was dereferenced and the value
was smaller than the memory pool size, but the address was not mapped
an assertion occured and the tracing plugin terminated the
simulator. Now the dereferenced memory address is checked for being
mapped and not being smaller than the memory pool.
Change-Id: I9ac954988ef860969679f9f360814c5e4b66f473
* introduce L4SYS_ADDRESS_SPACE_TRACE to indicate that we want
to trace instructions in a different AS from the one we are starting
the experiment in
* add CR3Run() to determine address space ID
Change-Id: I7bdaf1e858a6dd369af5175bd56e1b4e2d5f05ef
The internal m_iponly / m_memonly bools are a bit hackish; especially it's
unclear what should happen if both are set. The m_tracetype enum now
encompasses all possible configurations, while the plugin's user interface
remains unchanged.
Change-Id: Ibdd872b5cc5781836428b27bfb2db3825700e671
This change implements what the source-code comment already promised but
didn't keep: As we only record time deltas instead of absolute time values,
prevtime must not be overwritten unless the current delta was really added
to the trace. This has caused timing information to be stored incorrectly
if certain events were skipped (e.g., because they didn't match the memory
map configured by the user).
Change-Id: Id40271d117dd91b1122136c62329d64174f304b0
When starting the tracing plugin (simulator.addFlow()), at the moment
the *current* dynamic instruction (e.g., the one the start symbol
points to) is skipped, and tracing commences with the second
instruction. This change records an additional instruction event at
the trace begin.
Note that this change affects all tracing-plugin users. The first
event gets recorded when starting the plugin (simulator.addFlow()).
This avoids compatibility/off-by-one issues when recording traces with
the generic-tracing experiment vs. with custom experiments.
Change-Id: Ic24e17a68b8a44edad3be994e9edd6d6712bfda1
This reverts commit 036e340bd9.
Problems with this one were:
- Broken event timings. m_prevtime wasn't reset to m_curtime in
TracingPlugin::handleSingleIP(), resulting in a large deltatime
being recorded for the second event, too. This effectively
doubled the experiment's start time.
- Code repetition (copy/pasted for special handling of first event),
making planned changes (advanced tracing for IP events) more
difficult.
- Unnecessary additional tracing-plugin interface method.
Change-Id: I4b74d1a3f4563aabe6626399f9b30a2171b4c285
When using the generic-tracing experiment for generating a trace, the
first event, after the tracing is started (the start-symbol) is lost
in the trace. This patch handles this special case seperately.
Change-Id: Ia131a8559d67161532504160826fdb100247ed75
