1. Field of the Invention
This invention relates to software analysis, and more particularly to a method and apparatus for dynamically instrumenting software executing on embedded systems for analysis thereof.
2. Background Information
A wide variety of hardware and/or software systems for generating an exception to debug, test and/or emulate a target processor are known in the art. Such systems provide their functionality using many disparate technologies.
For example, U.S. Pat. No. 5,560,036 to Yoshida; U.S. Pat. No. 5,737,516 to Circello et al.; U.S. Pat. No. 5,530,804 to Edgington et al., (the ""804 patent); and U.S. Pat. No. 5,493,664 to Doi, all disclose processors having hardware or software integrated therein which facilitates debugging. A drawback of these approaches, however, is that they are not readily usable in connection with processors not originally manufactured with integrated debugging capabilities. For example, The ""804 patent discloses a processor having two modes of operation, one being a normal mode and the other being a debug, test or emulator mode of operation which is entered via an exception/interrupt. In this approach, a xe2x80x9cgenerate debug mode exceptionxe2x80x9d (GDMI) may be included in the processor""s instruction set. Disadvantageously, this approach is integrated into the processor rather than being suitable for use with processors not originally manufactured with such integrated systems.
U.S. Pat. No. 5,748,878 to Rees et al., (the ""878 patent) discloses a software analysis system for capturing tags generated by tag statements in instrumented source code. This software analysis system includes a probe that monitors the address and data bus of the target system. When a tag statement is executed in the target system, a tag is written to a predetermined location in the address space of the target system. In this manner, instructions executing from internal cache memory which are not reflected on externally accessible buses, may be monitored. A drawback of this approach, however, is that discrete tag statements, which tend to disadvantageously increase the number of executable lines of the code, must be included within the source code. These discrete tags disadvantageously increase the size of the code in proportion to the number of functions instrumented. Moreover, although the tags may be monitored, the code continues to be executed within cache, and thus is not directly observable.
Thus, a need exists for an improved debugging/emulation system capable of overcoming the drawbacks of the prior art.
According to an embodiment of this invention, a method for monitoring software code being executed in a target system having a bus and cache, includes the steps of:
(a) searching a range of addresses within the software code to identify a desired instruction;
(b) replacing the desired instruction with an exception-generating instruction;
(c) inserting an exception routine into an exception vector table, the exception routine having a cache-disabling instruction and a branch instruction branching to an address of the software code subsequent to the exception-generating instruction; and
(d) executing the software code.
In a second aspect of the present invention, a method for monitoring software code being executed in a target system having a bus and cache includes the steps of:
(a) searching a range of addresses within the software code to identify preamble and postamble instructions;
(b) replacing the preamble instruction with a misalignment instruction;
(c) replacing the postamble instruction with an other misalignment instruction;
(d) inserting an exception routine into an exception vector table executable upon a branch from a faulted address, the exception routine having a cache-disabling instruction, an instruction to execute the instruction replaced from the faulted address, a branch instruction branching to an address of the software code subsequent to the faulted address, and a decoding instruction to indicate entry of a function when the address of the misalignment instruction is faulted and to indicate exit of a function when the address of the other misalignment instruction is faulted; and
(e) executing the software code, wherein at least a portion of the software code will execute externally of the cache.
In a third aspect of the present invention, a system is provided for monitoring software code being executed in a target having a bus and cache. The system includes an instruction locating module which searches a range of addresses within the software code to identify a desired instruction, and an instruction replacement module which replaces the desired instruction with an exception-generating instruction. The system also includes a vector table instrumentation module which inserts an exception routine into an exception vector table, the exception routine having a cache-disabling instruction and a branch instruction branching to an address of the software code located subsequent to the exception-generating instruction.
The above and other features and advantages of this invention will be more readily apparent from a reading of the following detailed description of various aspects of the invention taken in conjunction with the accompanying drawings.