Professional Documents
Culture Documents
1503
Labs
Note
To run the labs involving the C/C++ debugger, you must install the Debugging Tools for
Windows suite found on Microsofts web site:
http://www.microsoft.com/whdc/devtools/debugging/installx86.mspx. The version used for
these labs is 6.12.2.633.
To run Lab 2 you need to install the Windiff utility on the machine where OPNET Modeler
is installed.
To successfully run these Labs, you need to update your preference file by adding the full
path to the cdb.exe file and to the windiff.exe file. For example, on a 32-bit machine you
could add the following entries:
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
8. Close the function block by clicking on the X in the upper-right corner of the window.
Preparing a Simulation for Debugging
1. Set the compilation flags to include debugging information.
a.
b.
c.
Note that correct debug compilation flags are set for the development kernel.
d.
Click Cancel.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
2. Recompile
dialog box.
2. If you see the following dialog, click on the Detailed button, to bring up the advanced
version of the Configure/Run DES dialog
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
3. Select the Common tree view item, and make sure the Simulation Kernel menu is set to
development or Based on kernel_type preference if the preference is set to development.
Or
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
6. Click Continue.
7. When the abort occurs, the debugger will automatically bring you to the error.
You can see the value of sess_ptr in the Local and State Variables tab at the bottom of
the window (you may need to scroll down to see the variable).
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
We conclude that the cause of the abort is the use of the variable sess_ptr, which has an invalid
value (NIL). The value is taken from the state variable sess_list, so further investigation will focus
on how the variable got the bad value. A recoverable error about invalid list index, which was issued
immediately before the crash, hints that there may be something wrong with the list iteration logic.
Indeed, the for loop where crash occurred traverses the list backwards, starting at the sess_list_size
position, but list position indexes start at 0. Thus correct backward list iteration should start from
session_list_size-1 and continue until i is non-negative.
2. Select Simulation > Detach Windows Debugger (CDB).
3. Close Simulation Execution dialog.
4. Return to the process model: select the gna_clsvr_mgr_1503_lab1 window.
5. Open the function block.
6. Correct the for loop bounds at the line 3706:
for (i = sess_list_size-1; i >= 0; i--)
7. Close and save your changes.
8. Recompile the process model.
9. Return to the Project Editor (the 1503-lab1 window).
10. Run the simulation. Hit Continue if youre at the ODB> prompt.
11. Observe that the simulation runs to completion.
End of Lab 1
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
At this point, we will take a look at the code where the error message occurred: the call to
op_stat_write() in the ethernet_mac_phys_pk_accept function called from
ethernet_mac_v2_1503_lab2 process model.
7. Return to the OPNET Modeler window.
8. Open process model ethernet_mac_v2_1503_lab2.
9. Open the function block and scroll to line 592, which is the block line number reported in the
error log.
10. Observe 4 op_stat_write () calls in that block:
Conclusion: At least one of statistic handle does not seem to be initialized correctly for a given
process instance. Let's find a piece of code where those statistic handles are initialized.
11. Search for global_ete_handle, one of questionable statistic handles in the same function
block.
12. Search reveals that all relevant statistic handles seem to be properly initialized in function
ethernet_mac_stat_init2 ().
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
10
Hypothesis 1: ethernet_mac_stat_init2 () is not called. To check this hypothesis lets use the
source level debugger to see if that function is actually called.
13. Return to 1503 project window.
14. To configure the simulation to run ODB, open the Configure/Run DES dialog box.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
11
b. Switch to the Source Breakpoints tab at the bottom of the debugger window. Note that
your new breakpoint has been recorded.
24. From the object tree observe that the object id of the module in question is 14481.
25. Observe that one of mac process state variables contains the parent module object id.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
12
26. Lets set a breakpoint at line 770 of the ethernet_mac_v2_1503_lab2.pr.c source file that is
triggered when my_objid state variable value is 14481. CDB syntax for that is:
WARNING: Be very careful when choosing the correct quote marks for the above command.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
13
The ` quote before the ethernet_ and after the :770 is a back quote (or grave accent)
(found in the upper-left part of your keyboard).
The quote before the j @@c++ and after the gc is a double-quote (found near the
enter key).
The quote around the gc and before the ; are single-quotes (same key as the doublequote).
27. Click the Continue button and observe that execution stopped at the breakpoint that we just
set. You can verify that my_objid state variable value in the Local and State Variables
panel is indeed 14481.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
14
29. Lets set a watch point that is triggered when global_ete_handle.validation value changes.
a. First we need to determine the address of that field in memory. CDB's "dt -b
op_sv_ptr" will print the value of the op_sv_ptr pointer and offsets from that
address to all structure members.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
15
The numbers circled in red in the image below may be different from what you see when
running your simulation.
....
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
16
It appears that state variable my_node_name is big enough to carry up to 25 characters. The
length of node name in question (This Workstation Does Some Web Browsing And Maybe
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
17
Something Else Too) exceeds this limitation and thus name copy in the INIT state corrupts the
memory of global_ete_handle field.
Hypothesis 3 turned out to be true. Lets fix the problem.
Solution 1: Modify the "my_node_name" to carry up to 255 characters.
Solution 2: Use your implementation. Hint: APIs that check array bounds such as strncpy () or
op_ima_obj_attr_get_str () combined with dynamically allocated string may be more
appropriate.
35. Implement your change, compile ethernet_mac_v2_1503_lab2.
36. Open 1503 project and if simulation debugging session is still running, detach ODB and quit
the simulation.
37. Re-run the simulation (may use Ctrl-Shift-R shortcut) and observe that no errors are
reported.
Postscript
Note the use of conditional breakpoints and watchpoints. Conditional breakpoints were used to stop
at a very convenient point in the source code. This wasnt the only way to get to that point (you
could use the ODB command prostop), but it is by far the most straightforward and direct way.
Watchpoints are an excellent way to test a common hypothesis: a value becomes invalid or corrupted
between a known valid state and a known invalid state. Much debugging time is often spent trying to
find corruption that is far removed from a reported error state. Using watchpoints saves much of this
time.
End of Lab 2
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
18
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
19
d. "DES Execution Manager" window will appear. You can check the progress of
simulations by clicking on the "View Details" button for a particular run.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
20
Conclusion: Results from the simulation of the modified model do not match the reference.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
21
Observation: Simulation execution pattern was identical until event #12399. Next step is to
capture the detailed trace of activity during this event to see where execution diverges.
6. Capture full trace of event #12399 execution:
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
22
"evst #12399" and hit Enter. This will set the breakpoint at the event of
interest
"c" and hit Enter. This will run the simulation until the above set breakpoint
"f" and hit Enter. This will turn on the full trace
"n" and hit Enter. This will stop at the next simulation event after producing
the full trace of execution of the event # 12399
e. Choose Simulation->Save Console... menu command and save the console content
in C:\trace1 file.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
23
f. Switch to scenario lab3_2 and repeat steps b through e this time saving the console
trace into C:\trace2.
7. Compare captured traces:
a. Choose Run... from the Windows Start menu.
b. Type windiff at the prompt and click OK.
d. Select C:\trace1 and click Open. Another file chooser will reappear.
e. Select C:\trace2 and click Open.
f. Click on Expand button.
g. Scroll through the differences ignoring differences in used model names and pointers
until you see a difference in computed service time.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
24
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
25
11. Indeed, you can confirm by looking at the gna_clsvr_mgr_1503_orig process model,
processing_speed is specified in bytes per second, where response_size is specified in bits.
12. To fix the discrepancy, modify line 2147 to divide the response_size by the
processing_speed multiplied by 8.
Postscript
Using Execution Trace coupled with ODB tracing we were able to easily track down a problem in
the modified model code without much knowledge about the nature of the model code modification
or much knowledge about the model code in general.
End of Lab 3
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
26
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
27
11. Note that packet-related items are at the top of the list.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
28
12. Resume the simulation, wait a few more seconds, then click on the Pause and Get Latest
Data button again. Check the Show differences checkbox. The table should now look
something like this:
13. Note that the Memory Stats table helpfully shows you that ams_atm_cell packet related
memory use is on the rise.
Conclusion: The system generates packets, but they are not being destroyed when they should be.
This creates a packet build-up.
Question: Although it seems obvious that ATM cells are the packets that are building up, can we
discover which moduleeven which functionis responsible for the packet build-up?
Collect More Information about Packet Allocation
1. Stop the simulation by clicking the Stop button. Click Close to close the dialog.
2. Open the Configure/Run DES dialog box.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
29
7. Click Run.
View Source of Leaked Packets
1. Let the simulation run for about 20-30 seconds, and then hit Pause.
2. Click on the Memory Sources tab in the Simulation Sequence dialog box.
3. Click on the Update button.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
30
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
31
2. In a little while a table showing all memory blocks that were allocated from the specified
function will appear.
3. This information is sufficient to trace any one of the leaked packet using ODB event and
packet tracing. We will leave this as an optional exercise, but here is the brief outline of the
procedure:
a. Set the breakpoint at leaked packet creation event.
b. Capture full trace of the event and gather IDs of created packets.
c. Trace created packets (pktrace ODB command) to see which module / process
accessed packets last. That process is likely responsible for the leak.
4. Investigation revealed that bulk of packets seemed to be last processed by the "to AAL"
state's enter executives of the ams_atam_layer_v3_1503_lab4 process model.
5. Double-click on one of Voice Stn nodes in the project editor.
6. Double-click on the ATM_layer module.
7. Double-click on the enter execs of the to AAL state. In this state, we expect ATM cells to be
destroyed after AAL packets are decapsulated. The most likely place we can expect a call to
op_pk_destroy() is right before or after an op_pk_send_() call.
8. Find (Ctrl+F) instances of op_pk_send().
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
32
9. Note the problem (failure to destroy the ATM cell). Somebody forgot to remove debugging
statements...
10. Remove #if DEBUGGING_SOMETHING and #endif statements.
11. Re-compile the process model.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
33
12. Go to the Project Editor and re-run simulation (Ctrl+Shift+R). Note the decrease in memory
usage.
Postscript
Using the new simulation memory tracking features can be very useful in tracking down memory
leaks. However, keep in mind that the more knowledge you have about an OPNET model, the better
chance you have in fixing it. In the end, techniques take a back seat to model knowledge.
End of Lab 4
Summary
Congratulations! You now should be comfortable debugging simulation models in OPNET using a
C/C++ source code debugger. For anyone who develops process models, this is a valuable skill to
have. It will enable you to save time debugging any type of problem that comes your way. The
techniques shown in these labs are sufficient for the vast majority of debugging problems and will
serve you well for any process modeling project you will see in the future.
CONFIDENTIAL RESTRICTED ACCESS: This information may not be disclosed, copied, or transmitted in any format without the prior written consent of OPNET Technologies, Inc.
2010 OPNET Technologies, Inc.
34