If intended for use on a variable, the variable must be statically allocated. If a data watchpoint with value match is used, two of the four watchpoints are used. Configuring a hardware watchpoint to break on 8-bit write with value 0x This section discusses some ROV views useful for debugging and profiling. This functionality can be a good point to start if anything has gone wrong. Scan for errors. Here a Task Stack has been overrun. The Task Detailed view is useful for seeing the state of each task and its related runtime stack usage.
This example shows the state the first time the user-thread is called. Detailed view of the Tasks. Notice the address of the overrun task matches the instance id from Scan for errors. Function calls may push the stack pointer out of the run-time stack, but not actually write to the entire area. A stack peak near stackSize but not exceeding it may indicate stack overflow. The Hwi Module view allows profiling of the system stack used during boot or for main , Hwi execution, and Swi execution.
See System Stack for more information on the system stack. Debuggers are able to show a representation of the memory on the CCR2. In CCS, you can index by address or by symbol name. The solution in this case would be to increase the stack size for the failing task and see what the stack peak really is. Because stacks are utilized from higher addresses towards lower addressed upwards in the picture , stacks that overrun will tend to overwrite data at locations immediately before the stack.
Compiler optimizations are great for saving space or speeding up execution. However, these optimizations can be very difficult to debug around. There are multiple levels at which optimization can be turned on or off. Project-wide optimization settings are the most general. Sometimes, given the constraints of the device, it is impossible to lower the size optimization level.
File-wide optimization settings can be used like project-wide optimizations to turn on or off certain settings. The most granular control is using compiler directives to control optimization at a function level.
Do single-file optimizations with care because this also overrides the project-wide preprocessor symbols. Pragmas are very specific to the toolchain, and may lead to non-reusable code.
Be careful where you use these. This can lead to some confusion, when only addresses are shown in the disassembly view and the call-stack view. Several possible exception causes exist. If an exception is caught, an exception handler function can be called. Depending on the project settings, this handler may be a default handler in ROM, which is just an infinite loop or a custom function called from this default handler instead of a loop.
When an exception occurs, the exception may be caught and halted in debug mode immediately, depending on the debugger. If the execution halted manually later through the Break debugger, it is then stopped within the exception handler loop.
Most exception causes fall into the following three categories. The default choice in the BLE-Stack projects is to use no exception handler. Setting m3Hwi. By setting up an excHookFunc, the minimal exception handler will call this function and pass along a pointer to the exception context for the user to work with. When an exception occurs, the device should end up in that infinite loop. Decoded exception, intentional write to address 0x which is illegal.
Note that writebuffering has been disabled to get a precise error location, and that m3Hwi. In this case, a bus fault was forced in the function writeToAddress by dereferencing address 0x and trying to write to it:. The write instruction was placed on line 79 of application. To get a precise location, the write buffer was disabled as described earlier.
It can be instructive to look at the disassembly view for the locations specified by PC program counter and LR link register.
PC is the presumed exception location, and LR is normally the location the failing function should have returned to. As an example, the PC at this exception:. Here the pc from the decoded exception was looked up in the disassembly view. Some forensics is required here. We have from the Hwi decoding in ROV and from the exception context in the exception hook that the program counter was 0xe when the exception occurred.
As it stands today, this is not something that a cleverly disguised email attachment or a hacked website can leverage. For laptops taken offsite home, remote offices, road warriors , this is of concern. The risk associated with the briefly unattended employee laptop, whether at the airport gate check-in or trade show, is all too common. Free flash drive! One open question which remains to be answered is whether the exploit works if DLP endpoint technologies are present and configured to block USB ports or limit them to only approved USB devices.
If the exploit requires x86 code to run at first, it may be a much more controllable risk than the initial reports imply. If the exploit can run from a USB device without needing to run a program in the OS… well, buckle up and stay tuned. Given that the risk is primarily physical in nature, the risk vectors are more limited than a traditional malware-centric or network-based attack. The exploit has to be presented in person to take hold.
The impact, however, is potentially very high. To have such deep hardware access — commands, diagnostics, firmware flashing — to an out-of-band remote management subsystem made available just by plugging in a USB device is problematic, especially if other system security functions like UEFI and the TPM can also be affected.
Or, c Just let this play out? If the board fails this test, then it is simply cast aside and another is built to replace it until the order is complete. The OEM, naturally. If boards can be diagnosed and then fixed at a cost of less than their value component costs plus build costs, namely labour and factory overhead , and the manufacturing process debugged also, then of course it makes sense to test more vigorously.
But who actually decides that? It is easy to understand why, in the highly competitive word of contract manufacturing, CEMs may wish to keep their costs, and by extension, quotation values to a minimum.
Avoiding discussions over test and who pays for it is one way to do this. Ideally then, the chosen test methods will be a joint decision — based on knowledge of both the design and manufacturing process. Both OEMs and CEMs, therefore, should review design for test DfT , fault coverage, diagnostics resolution test system performance and more, before jointly determining the optimum lowest cost effective test path.
Most reputable test systems now provide a fault coverage assessment figure, but what does that mean, how is it derived — and can it be trusted?
0コメント