Add copy_done check after first boot
This was previously removed because it failed on multi-image tests due
to some image having finished an upgrade and having it's flag already
set. A new method was added that checks that at least one copy_done flag
is unset, thus not all upgrades have finished.
Signed-off-by: Fabio Utzig <utzig@apache.org>
diff --git a/sim/src/image.rs b/sim/src/image.rs
index 564e331..44cfaaa 100644
--- a/sim/src/image.rs
+++ b/sim/src/image.rs
@@ -828,6 +828,13 @@
fails += 1;
}
+ // In a multi-image setup, copy done might be set if any number of
+ // images was already successfully swapped.
+ if !self.verify_trailers_loose(&flash, 0, None, None, BOOT_FLAG_UNSET) {
+ warn!("copy_done should be unset");
+ fails += 1;
+ }
+
let (x, _) = c::boot_go(&mut flash, &self.areadesc, None, false);
if x != 0 {
warn!("Should have finished test upgrade");
@@ -955,6 +962,20 @@
true
}
+ /// Verify that at least one of the trailers of the images have the
+ /// specified values.
+ fn verify_trailers_loose(&self, flash: &SimMultiFlash, slot: usize,
+ magic: Option<u8>, image_ok: Option<u8>,
+ copy_done: Option<u8>) -> bool {
+ for image in &self.images {
+ if verify_trailer(flash, &image.slots, slot,
+ magic, image_ok, copy_done) {
+ return true;
+ }
+ }
+ false
+ }
+
/// Verify that the trailers of the images have the specified
/// values.
fn verify_trailers(&self, flash: &SimMultiFlash, slot: usize,