Remove Injection functionallity which is currently broken and unused (fetchInstruction, logInjection, singleStep)
This commit is contained in:
Tobias Stumpf
@ -12,7 +12,6 @@
|
||||
#include "InstructionFilter.hpp"
|
||||
#include "aluinstr.hpp"
|
||||
#include "campaign.hpp"
|
||||
#include "conversion.hpp"
|
||||
|
||||
#include "sal/SALConfig.hpp"
|
||||
#include "sal/SALInst.hpp"
|
||||
@ -89,89 +88,6 @@ const Bit8u *L4SysExperiment::calculateInstructionAddress() {
|
||||
return result;
|
||||
}
|
||||
|
||||
bx_bool L4SysExperiment::fetchInstruction(BX_CPU_C *instance,
|
||||
const Bit8u *instr, bxInstruction_c *iStorage) {
|
||||
unsigned remainingInPage = instance->eipPageWindowSize - eipBiased();
|
||||
int ret;
|
||||
|
||||
#if BX_SUPPORT_X86_64
|
||||
if (BX_CPU_THIS_PTR cpu_mode == BX_MODE_LONG_64)
|
||||
ret = instance->fetchDecode64(instr, iStorage, remainingInPage);
|
||||
else
|
||||
#endif
|
||||
ret = instance->fetchDecode32(instr, iStorage, remainingInPage);
|
||||
|
||||
if (ret < 0) {
|
||||
// handle instrumentation callback inside boundaryFetch
|
||||
instance->boundaryFetch(instr, remainingInPage, iStorage);
|
||||
return 0;
|
||||
}
|
||||
|
||||
return 1;
|
||||
}
|
||||
|
||||
void L4SysExperiment::logInjection() {
|
||||
// XXX fixme
|
||||
#if 0
|
||||
// explicit type assignment necessary before sending over output stream
|
||||
int id = param->getWorkloadID();
|
||||
int instr_offset = param->msg.instr_offset();
|
||||
int bit_offset = param->msg.bit_offset();
|
||||
int exp_type = param->msg.exp_type();
|
||||
address_t injection_ip = param->msg.injection_ip();
|
||||
|
||||
log << "job " << id << " exp_type " << exp_type << endl;
|
||||
log << "inject @ ip " << hex << injection_ip << " (offset " << dec << instr_offset
|
||||
<< ")" << " bit " << bit_offset << endl;
|
||||
#endif
|
||||
}
|
||||
|
||||
BaseListener *L4SysExperiment::singleStep(bool preserveAddressSpace) {
|
||||
// XXX: fixme
|
||||
return 0;
|
||||
#if 0
|
||||
address_t aspace = (preserveAddressSpace ? L4SYS_ADDRESS_SPACE : ANY_ADDR);
|
||||
BPSingleListener singlestepping_event(ANY_ADDR, aspace);
|
||||
simulator.addListener(&singlestepping_event);
|
||||
/* prepare for the case that the kernel panics and never
|
||||
switches back to this thread by introducing a scheduling timeout
|
||||
of 10 seconds */
|
||||
TimerListener schedTimeout(10000000);
|
||||
simulator.addListener(&schedTimeout);
|
||||
BaseListener *ev = waitIOOrOther(false);
|
||||
simulator.removeListener(&singlestepping_event);
|
||||
simulator.removeListener(&schedTimeout);
|
||||
|
||||
if (ev == &schedTimeout) {
|
||||
// otherwise we just assume this thread is never scheduled again
|
||||
log << "Result TIMEOUT" << endl;
|
||||
param->msg.set_resulttype(param->msg.TIMEOUT);
|
||||
param->msg.set_resultdata(
|
||||
simulator.getCPU(0).getInstructionPointer());
|
||||
param->msg.set_output(sanitised(currentOutput.c_str()));
|
||||
param->msg.set_details("Timed out immediately after injecting");
|
||||
|
||||
m_jc.sendResult(*param);
|
||||
terminate(0);
|
||||
}
|
||||
return ev;
|
||||
#endif
|
||||
}
|
||||
|
||||
void L4SysExperiment::injectInstruction(
|
||||
bxInstruction_c *oldInstr, bxInstruction_c *newInstr) {
|
||||
// backup the current and insert the faulty instruction
|
||||
bxInstruction_c backupInstr;
|
||||
memcpy(&backupInstr, oldInstr, sizeof(bxInstruction_c));
|
||||
memcpy(oldInstr, newInstr, sizeof(bxInstruction_c));
|
||||
|
||||
// execute the faulty instruction, then return
|
||||
singleStep(false);
|
||||
|
||||
//restore the old instruction
|
||||
memcpy(oldInstr, &backupInstr, sizeof(bxInstruction_c));
|
||||
}
|
||||
|
||||
unsigned L4SysExperiment::calculateTimeout(unsigned instr_left) {
|
||||
// the timeout in seconds, plus one backup second (avoids rounding overhead)
|
||||
// [instr] / [instr / s] = [s]
|
||||
|
||||
@ -26,8 +26,6 @@ typedef struct TraceInstrType {
|
||||
unsigned bp_counter;
|
||||
} TraceInstr;
|
||||
|
||||
typedef std::vector<TraceInstr> TraceVector;
|
||||
|
||||
class L4SysExperiment : public fail::ExperimentFlow {
|
||||
private:
|
||||
fail::JobClient m_jc; //!< the job client connecting to the campaign server
|
||||
@ -74,35 +72,6 @@ private:
|
||||
* @returns a value for Bochs' eipBiased variable
|
||||
*/
|
||||
Bit32u eipBiased();
|
||||
/**
|
||||
* Parses a raw instruction into a bxInstruction_c structure.
|
||||
* This simple version of the function is taken from Bochs
|
||||
* where it is currently disabled due to the TRACE_CACHE option,
|
||||
* and has been modified to fit the needs of instruction modification.
|
||||
* @param instance a pointer to the current Bochs CPU
|
||||
* @param instr a pointer to the address the instruction is fetched from
|
||||
* @param iStorage an outgoing value which contains the parsed instruction
|
||||
* @returns \a false if the instruction continued on the following page in memory
|
||||
*/
|
||||
bx_bool fetchInstruction(BX_CPU_C *instance, const Bit8u *instr, bxInstruction_c *iStorage);
|
||||
/**
|
||||
* Write out the injection parameters to the logger.
|
||||
*/
|
||||
void logInjection();
|
||||
/**
|
||||
* Proceeds by one single instruction.
|
||||
* @param preserveAddressSpace if set, the address space of the next instruction
|
||||
* must match with the current address space
|
||||
* (for example, this is important when debugging in the kernel)
|
||||
* @returns the listener that was triggered, in case there were more than one
|
||||
*/
|
||||
fail::BaseListener *singleStep(bool preserveAddressSpace);
|
||||
/**
|
||||
* Injects a new instruction into the Bochs instruction stream and restores the previous one
|
||||
* @param oldInstr address of the instruction to be replaced
|
||||
* @param newInstr address of the instruction to replace it with
|
||||
*/
|
||||
void injectInstruction(bxInstruction_c *oldInstr, bxInstruction_c *newInstr);
|
||||
/**
|
||||
* Calculate the timeout of the current workload in milliseconds.
|
||||
*/
|
||||
|
||||
Reference in New Issue
Block a user