Changes between Version 1 and Version 2 of Tools/Memory Checker
- Timestamp:
- Jan 29, 2009, 8:09:07 PM (15 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
Tools/Memory Checker
v1 v2 9 9 == Implementation == 10 10 11 Like the GdbServer, the Memory checker contains no processor specific code and can be used to manage any Soclib processor model using the generic Iss interface. It is implemented as an Iss wrapper class. When the Memory checker is in use, it intercepts all events between the processor Iss model and the Soclib platform. The running operating system must be instrumented slightly to let the Memory checker be aware of valid stack ranges and allocation ranges. The Mutekhoperating system is working with the Memory checker.11 Like the GdbServer, the Memory checker contains no processor specific code and can be used to manage any Soclib processor model using the generic Iss interface. It is implemented as an Iss wrapper class. When the Memory checker is in use, it intercepts all events between the processor Iss model and the Soclib platform. The running operating system must be instrumented slightly to let the Memory checker be aware of valid stack ranges and allocation ranges. The [http://www.mutek.fr MutekH] operating system is working with the Memory checker. 12 12 13 13 === What is being checked === 14 14 15 All memory access are monitored and checked for read accessto non previously initialized (written) words.15 All memory accesses are monitored and checked for read to non previously initialized (written) words. 16 16 17 17 Context and stacks related checks: 18 18 * The stack pointer register must stay in range given by the operating system for each software context in use. 19 19 * The frame pointer register (if any) must stay in range given by the operating system for each software context in use. 20 * Context stack range can not overlap (checked on context creation)21 * Stack range must be in allocated memory at context creation ( whenallocation checks are enabled).20 * Contexts stack ranges can not overlap (checked on context creation). 21 * Stack range must be in allocated memory at context creation (as soon as allocation checks are enabled). 22 22 * The stack memory is marked as non-initialized when a new execution context is created. 23 * The stack memory is marked as non-initialized below the stack pointer.23 * The stack memory is always considered as non-initialized below the stack pointer. 24 24 * Memory r/w accesses can not occur below the stack pointer. 25 25 26 26 Memory allocation and region checks: 27 * Write accesses can not occur in read only preloaded sections.28 * Preloaded sections are marked as uninitialize when appropriate.29 * Memory is marked as uninitialized on `malloc()` .30 * Memory is marked as uninitialized on `free()` .27 * Write accesses can not occur in read only preloaded sections. 28 * Preloaded sections are marked as uninitialized when appropriate. 29 * Memory is marked as uninitialized on `malloc()` invocation. 30 * Memory is marked as uninitialized on `free()` invocation. 31 31 * Memory r/w accesses can not occur in freed memory. 32 32 * Allocation are only allowed in free memory. … … 34 34 === Suspicious memory access reporting === 35 35 36 Suspicious memory access produce a message on running platform stdout stream.36 Suspicious memory accesses produce a message on simulator `stdout` stream. This simulation is not stopped anyway. 37 37 38 An exception can be reported if working with the GdbServer module to stop the processors execution. This enables further analisys of buggy software when a suspicious memory access happend. When using the Memory checker with the GdbServer, the Memory checker must be close to the processor.38 An exception can be reported to an optional GdbServer module to stop processors execution when a suspicious memory access happend. This enables further analisys of buggy software. When using the Memory checker with the GdbServer, the Memory checker must wrap the processor directly and must be wrapped in the GdbServer. 39 39 40 40 == Usage == … … 48 48 }}} 49 49 50 Then call the init function with mapping table and loader and replace processor instantiation:50 Then call the init function with mapping table and loader parameters and replace processor instantiation: 51 51 52 52 {{{ … … 69 69 The running operating system must communicate with the Memory checker to report information about context creation, stack range and allocator operations. This is done through read/write access to specifc memory locations which are intercepted by the Memory checker and not forwarded to the rest of the platform. 70 70 71 Currently the only known supported operating system is Mutekh with mips processor. Other processors are partially supported, only memory allocation checks are performed. To use the memory checker with Mutekh, simply add the `CONFIG_SOCLIB_MEMCHECK` configuration token to your configuration file.71 Currently the only known supported operating system is [http://www.mutek.fr MutekH] with Mips processor. Other processors are partially supported, only memory allocation checks are performed. To use the memory checker with MutekH, simply add the `CONFIG_SOCLIB_MEMCHECK` configuration token to your configuration file. 72 72 73 73 Note: 74 74 * An instrumented operating system can not be used without the ISS Memory checker module as memory access won't be intercepted and may cause bus error or side effects. 75 * The default base address for the register bank of the memory checker is 0x00004200. This address can be changed but must stay small to fit on some processor instruction immediate field.76 * The register bank is protected by a magic value andas almost no chance being modified by an other running software.75 * The default base address for the register bank of the memory checker is 0x00004200. This address can be changed but must stay close to 0 to fit on some processor instruction immediate field. You should consider this if you already have components at these addresses. 76 * The Memory checker registers bank is protected by a magic value and has almost no chance being modified by an other running software.