diff --git a/examples/stm32-timeout-wfi/fault.json b/examples/stm32-timeout-wfi/fault.json new file mode 100644 index 0000000..7b6fae2 --- /dev/null +++ b/examples/stm32-timeout-wfi/fault.json @@ -0,0 +1,61 @@ +{ + "max_instruction_count": 100, + "start" : { + "address" : 0x0800006a, + "counter" : 1 + }, + "end" :[ + { + "address" : 0x08000056, + "counter" : 3 + }, + { + "address" : 0x08000070, + "counter" : 1 + } +], + "faults" :[ + [ + { + "fault_address" : [0x20001fec], + "fault_type" : "data", + "fault_model" : "set0", + "fault_lifespan" : [100], + "fault_mask" : [1], + "trigger_address" : [0x0800004a], + "trigger_counter" : [1] + } + ], + [ + { + "fault_address" : [0x08000056], + "fault_type" : "instruction", + "fault_model" : "overwrite", + "num_bytes" : 2, + "fault_lifespan" : [100], + "fault_mask" : [0x46c0], + "trigger_address" : [0x08000040], + "trigger_counter" : [1] + } + ], + [ + { + "fault_address" : [3], + "fault_type" : "register", + "fault_model" : "set0", + "fault_lifespan" : [0], + "fault_mask" : [0xffffffff], + "trigger_address" : [0x08000054], + "trigger_counter" : [1] + } + ] + ], + "memorydump": [ + { + "address" : 0x08000000, + "length" : 1023 + } + ], + "mem_info": true, + "timeout": 1 +} diff --git a/examples/stm32-timeout-wfi/qemuconf.json b/examples/stm32-timeout-wfi/qemuconf.json new file mode 100644 index 0000000..7bf30fc --- /dev/null +++ b/examples/stm32-timeout-wfi/qemuconf.json @@ -0,0 +1,8 @@ +{ + "qemu" : "../../qemu/build/debug/arm-softmmu/qemu-system-arm", + "bios" : "", + "kernel" : "minimal.elf", + "plugin" : "../../faultplugin/libfaultplugin.so", + "machine" : "stm32vldiscovery", + "additional_qemu_args" : "" +} diff --git a/examples/stm32-timeout-wfi/run.sh b/examples/stm32-timeout-wfi/run.sh new file mode 100755 index 0000000..5de4f1c --- /dev/null +++ b/examples/stm32-timeout-wfi/run.sh @@ -0,0 +1,2 @@ +#!/bin/sh +python3 ../../controller.py --debug --fault fault.json --qemu qemuconf.json output.hdf5 diff --git a/examples/stm32-timeout-wfi/src/Makefile b/examples/stm32-timeout-wfi/src/Makefile new file mode 100644 index 0000000..cfc4d07 --- /dev/null +++ b/examples/stm32-timeout-wfi/src/Makefile @@ -0,0 +1,13 @@ +BINARY = minimal + +PREFIX :=arm-none-eabi- + +CC :=$(PREFIX)gcc + +LDSCRIPT = ./stm32f0-discovery.ld + +make: + $(CC) -g -mcpu=cortex-m0 -mthumb -Wl,-static -nostartfiles -Wl,--start-group -lc -lgcc -lnosys -Wl,--end-group -Wl,-T,$(LDSCRIPT) minimal.c -o $(BINARY).elf + +clean: + rm $(BINARY).elf -f diff --git a/examples/stm32-timeout-wfi/src/minimal.c b/examples/stm32-timeout-wfi/src/minimal.c new file mode 100644 index 0000000..313c941 --- /dev/null +++ b/examples/stm32-timeout-wfi/src/minimal.c @@ -0,0 +1,47 @@ +typedef void (*vector_table_entry_t)(void); + +typedef struct { + unsigned int *initial_sp_value; /**< Initial stack pointer value. */ + vector_table_entry_t reset; + vector_table_entry_t nmi; + vector_table_entry_t hard_fault; + vector_table_entry_t memory_manage_fault; /* not in CM0 */ + vector_table_entry_t bus_fault; /* not in CM0 */ + vector_table_entry_t usage_fault; /* not in CM0 */ + vector_table_entry_t reserved_x001c[4]; + vector_table_entry_t sv_call; + vector_table_entry_t debug_monitor; /* not in CM0 */ + vector_table_entry_t reserved_x0034; + vector_table_entry_t pend_sv; + vector_table_entry_t systick; + vector_table_entry_t irq[0]; +} vector_table_t; + +extern vector_table_t vector_table; + +int main(void) { + volatile int i = 1; + volatile int x = 0; + + while (i) { + __asm__("nop"); + } + + x = 0x10; + + return x; +} + +void reset_handler(void) { + main(); + + while(1) { + __asm__("wfi"); + } +} + +__attribute__ ((section(".vectors"))) +vector_table_t vector_table = { + .initial_sp_value = (unsigned *)0x20002000, + .reset = reset_handler +}; diff --git a/examples/stm32-timeout-wfi/src/stm32f0-discovery.ld b/examples/stm32-timeout-wfi/src/stm32f0-discovery.ld new file mode 100644 index 0000000..649adb0 --- /dev/null +++ b/examples/stm32-timeout-wfi/src/stm32f0-discovery.ld @@ -0,0 +1,21 @@ +MEMORY +{ + rom (rx) : ORIGIN = 0x08000000, LENGTH = 64K + ram (rwx) : ORIGIN = 0x20000000, LENGTH = 8K +} + +EXTERN (vector_table) + +ENTRY(reset_handler) + +SECTIONS +{ + .text : { + *(.vectors) /* Vector table */ + *(.text*) /* Program code */ + . = ALIGN(4); + } >rom + + end = .; +} + diff --git a/fault-readme.md b/fault-readme.md index 869ee85..603dc28 100644 --- a/fault-readme.md +++ b/fault-readme.md @@ -233,4 +233,7 @@ Use of the ring buffer implementation to store the list of executed translation Enable collection of data on all memory accesses. The configuration property expects to be passed a boolean value. If unspecified, it will default to `false`. ### timeout -Maximum execution duration in seconds for a single experiment. If exceeded, ARCHIE will be stopped. If unspecified, it will default to `1200` seconds. +Maximum execution duration in seconds for a single experiment. +If exceeded, the experiment will be stopped. +If unspecified, it will default to `1200` seconds. +See the example in `examples/stm32-timeout-wfi` for more details.