BochsController::restore() now recreates a state more expectable from
the experiment. The state is now the same that save() leaves behind
in its most prominent use case after hitting a breakpoint. This
change breaks backwards compatibility with some experiments, see
below!
Right after a breakpoint on a specific address fired and
BochsController::save() was called, another breakpoint on that
specific address would not fire again (unless that instruction is
executed again later on).
Up to this change, the situation after calling
BochsController::restore() was different: A breakpoint on that
specific address would fire twice. This difference led to the problem
that running the tracing plugin after save() would work fine
(recording the current instruction once, since 3dc752c "tracing: fix
loss of first dynamic instruction"), but running it after restore()
would record the current instruction *twice*.
This change aligns restore()'s behavior to that of save(). The
implications for existing experiments, traces and results are:
- Existing result data should be not affected at all, as
trace.time1/time2 were correct before this change. Nevertheless,
the assumption time2-time1 >= instr2-instr1 does not hold for
equivalence classes including the first instruction, if the latter
was faultily recorded twice (see below).
- Existing traces that were recorded after a restore() (with a
tracing plugin including the aforementioned commit 3dc752c)
contain the first instruction twice. An affected trace can be
corrected with this command line:
dump-trace old.tc | tail -n +2 | convert-trace -f dump -t new.tc
- For experiments that record traces after a restore() (such as
ecos_kernel_test), nothing changes, as both the tracing and the
fast-forwarding before the fault injection now see one instruction
event less.
- Experiments that record traces after a save(), especially those
that rely on the generic-tracing experiment for tracing, now see
one instruction event less, before they need to inject their
fault. These experiments need to be adjusted, for example
dciao-kernelstructs now should use bp.setCounter(injection_instr)
instead of bp.setCounter(injection_instr+1).
Change-Id: I913bed9f1cad91ed3025f610024d62cfc2b9b11b
BochsController::save() now can in principle be called multiple times
in a row. Not that this would really make sense, but the results are
consistent now.
Change-Id: Ib4c6eb571a364b0f7ea6142c8cfec004a12f98b3
BochsHelpers.hpp is included by some aspect headers, which are implicitly
included into many (all?) translation units. As in most TUs the "static
inline" defined getCPU function is not used, every time a "unused function"
warning was generated.
Change-Id: Ibb903fe7a11aaf1f455a626c8bf8b86f50857645
This fixes the resource-leaking "should never happen" case when no
element is found by returning a notfound member. Found by Coverity
Scan, CID 25555.
Change-Id: I9055ae0a3b31e61f3a8e3b098ec5613c3b5535f6
Only tracing the instruction pointer was broken, memory accesses were
always traced additionally. Found by Coverity Scan, CID 25495.
Change-Id: Ideb66175865c85bcd48f4b3786d5d8f16810d4f1
As the first cmd.parse() call was already checked before, parsing a
second time should never fail. Nevertheless, we can look at the
return value without much effort. Found by Coverity Scan, CID 25494.
Change-Id: Id012cf7183fe7b2022d33e6cbcb19ba49b544c99
The contained state is not used over function boundaries anyways.
Found by Coverity Scan, CID 25689.
Change-Id: I34e42c227710be4859f6d62de9311c4201ed29b0
This most probably is not a real problem, but does not take much work
to fix. Found by Coverity Scan, in several reports.
Change-Id: I8bd12e3f7afeb4b1c4e1b057bdbd95da9aa9211c
This was never a real problem, but keeps us on the safe side. Found
by Coverity Scan, CID 25731/25808/25817.
Change-Id: Ie4bd9fb52ff6140ce7ae024738b43c82f6f5045c
This fixes the (never intendedly occurring) case that no comma is
found in the SQL value list, and aligns the termination code with the
comment next to it. Found by Coverity Scan, CID 25653.
Change-Id: I98062748458a50603cd63a9017acd94eef0753f9
As the first cmd.parse() call was already checked before, parsing a
second time should never fail. Nevertheless, we can look at the
return value without much effort. Found by Coverity Scan, CID 25509.
Change-Id: I58466f5d123da2b541a6a88b72bafa1f754a581e
When Richard decided we need not yet give up when dwarf_srclines()
fails, he left a -- now premature -- close(fd) behind. Found by
Coverity Scan, CID 25806.
Change-Id: I0bc0cb6796225c9efaf5290e2799b6814f88e5b4
This is why our coding style suggests braces even for single-line "if"
or loop bodies. Found by Coverity Scan, CID 25767.
Change-Id: I53062286accba7c0fc9795ecea0a5e2795443321
To use the new clang-based AspectC++ (ac++ >1.2), Fail* must be built
with -D__NO_MATH_INLINES (or --c_compiler clang++).
Change-Id: I020d62891946d09ac456b8df914b669ab33ab0e2
Analogous to the FESamplingPruner, the --no-weighting switch disables the
equivalence-class weighting by using a weight of one instead of the
equivalence-class size. This is usually not a good idea, and should only
be used for demonstration purposes, or if the fault model requires
weight-less sampling.
The --no-weighting switch was introduced with an earlier commit, but
did not have an effect until now.
Change-Id: If2ebf775bea7f2e3f8c293abbae08f1eb00cacf1
(The "symbol" is currently only created by some inofficial scripts,
but may become part of the Fail* core at some point.)
Change-Id: If0b3e6cdd6b6ca865abb67382de128e7a27f19ab
In bash, ${parameter:=word} assigns the default value. In our case,
${parameter:-word} (the whole expression has a default value, but it's
not assigned) suffices.
Change-Id: I5f4105b973892aa13943d660cbebaed76fd43752
These IDs don't make sense by themselves but only after a lookup in the
database, which clients usually don't have (and don't need) access to.
Conflicts:
src/core/comm/DatabaseCampaignMessage.proto.in
Change-Id: Ice739463552039b7fb48581722ea2e05984cea47
The --incremental switch allows to add more samples if the resulting
confidence intervals are not satisfactory yet.
Change-Id: I65dc99522f45f8a4eaf4ce68e832f7636585381d
The SamplingPruner implements "normal" sampling with equivalence-class
reuse. Unlike the FESamplingPruner, the SamplingPruner implements
uniform fault-space sampling that counts multiple hits of an
equivalence class.
This change modifies the database schema, more specifically it adds
the "weight" column to the fspgroup table. Update existing databases
with this query:
ALTER TABLE fspgroup ADD COLUMN weight INT UNSIGNED;
Change-Id: I668fc9b25fc4d79a60aa1ef8d69cdf5fa076cc6d
SumTree::get now non-intrusively picks an element and returns a
reference to it, SumTree::remove removes and returns a copy. The
former is needed for sampling with replacement.
Change-Id: Iefef2fdf0b7df6ea7a9949f2588528ec9e86bb7a
In the sampling step, the --no-weighting switch disables the
equivalence-class weighting by using a weight of one instead of the
equivalence-class size. This is usually not a good idea, and should
only be used for demonstration purposes, or if the fault model
requires weight-less sampling.
Change-Id: Id903d1924c6ecbcd217815aa5ce9271560130071
The --use-known-results switch simulates sampling (with fault
expansion, FESamplingPruner) by reusing results from a previous
campaign covering the full fault space (that used the "basic" pruner).
The pruner only creates entries in the "fspgroup" table that refer to
already existing pilots and corresponding results.
This switch is not for normal Fail* use, but only for experimenting
with the FESamplingPruner.
Change-Id: I1bf561d93f55918d243c5306551a1c6b48027198
The project version number is now not user-editable anymore, and
custom values get overwritten by force. Without this change,
CMakeCache.txt stays at the version number it was first instantiated
from.
Change-Id: If9ad1549937dad98db9a0f0eda16ef752e7d74aa
This change fixes several file-descriptor leaks in the DwarfReader
implementation. The patch is taken from Richard Hellwig's not yet
merged change I161f626d12ca7f2b7b9d13ba9cbc254eb55692f1. I did not
apply any white-space cleanups to prevent conflicts when Richard's
change will be merged later.
Change-Id: Icd9c1bdeeab39e77900e2ce88b756a8cf7ade96a
This change makes sure an active but not-yet fired listener does not fire
anymore if it gets removed. In this case, the listener already has an
invalid index, but still needs to be copied to the delete list.
This issue has not been observed in the wild, and is unlikely to have
caused real problems in the past.
Change-Id: I8be8a5b1d4cdc783a092b93f34f33b969894e5da
This commit changes the entities in a ResultSet from listener indexes
(into ListenerManagers m_BufferList) to BaseListener pointers, as
ListenerManager::makeActive(BaseListener*) (called from
FastBreakpoints/Watchpoints.ah) may invalidate indexes temporarily
stored in a ResultSet. The issue occurs when multiple breakpoints
(watchpoints) fire at the same time, and one added more recently than
the others occupies the largest index position in m_BufferList.
Although this issue is extremely rare and was only observed in a few
corner cases up to now, it may have falsified results in the past.
Change-Id: I7b788a06d412f15700ca75f56f2be5d3b78465fa
The project version number is now not user-editable anymore, and
custom values get overwritten by force. Without this change,
CMakeCache.txt stays at the version number it was first instantiated
from.
Change-Id: If9ad1549937dad98db9a0f0eda16ef752e7d74aa
