Adapted experiment to new framework
git-svn-id: https://www4.informatik.uni-erlangen.de/i4svn/danceos/trunk/devel/fail@1987 8c4709b5-6ec9-48aa-a5cd-a96041d1645a
This commit is contained in:
unzner
@ -139,7 +139,7 @@ BaseListener *L4SysExperiment::singleStep(bool preserveAddressSpace) {
|
|||||||
log << "Result TIMEOUT" << endl;
|
log << "Result TIMEOUT" << endl;
|
||||||
param->msg.set_resulttype(param->msg.TIMEOUT);
|
param->msg.set_resulttype(param->msg.TIMEOUT);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
param->msg.set_details("Timed out immediately after injecting");
|
param->msg.set_details("Timed out immediately after injecting");
|
||||||
|
|
||||||
@ -204,7 +204,7 @@ bool L4SysExperiment::run() {
|
|||||||
|
|
||||||
log << "test function entry reached, saving state" << endl;
|
log << "test function entry reached, saving state" << endl;
|
||||||
log << "EIP = " << hex << bp.getTriggerInstructionPointer() << " or "
|
log << "EIP = " << hex << bp.getTriggerInstructionPointer() << " or "
|
||||||
<< simulator.getRegisterManager().getInstructionPointer()
|
<< simulator.getCPU(0).getInstructionPointer()
|
||||||
<< endl;
|
<< endl;
|
||||||
simulator.save(L4SYS_STATE_FOLDER);
|
simulator.save(L4SYS_STATE_FOLDER);
|
||||||
#elif PREPARATION_STEP == 2
|
#elif PREPARATION_STEP == 2
|
||||||
@ -212,7 +212,7 @@ bool L4SysExperiment::run() {
|
|||||||
log << "restoring state" << endl;
|
log << "restoring state" << endl;
|
||||||
simulator.restore(L4SYS_STATE_FOLDER);
|
simulator.restore(L4SYS_STATE_FOLDER);
|
||||||
log << "EIP = " << hex
|
log << "EIP = " << hex
|
||||||
<< simulator.getRegisterManager().getInstructionPointer()
|
<< simulator.getCPU(0).getInstructionPointer()
|
||||||
<< endl;
|
<< endl;
|
||||||
|
|
||||||
#ifdef L4SYS_FILTER_INSTRUCTIONS
|
#ifdef L4SYS_FILTER_INSTRUCTIONS
|
||||||
@ -231,7 +231,7 @@ bool L4SysExperiment::run() {
|
|||||||
//short sanity check
|
//short sanity check
|
||||||
address_t curr_addr = bp.getTriggerInstructionPointer();
|
address_t curr_addr = bp.getTriggerInstructionPointer();
|
||||||
assert(
|
assert(
|
||||||
curr_addr == simulator.getRegisterManager().getInstructionPointer());
|
curr_addr == simulator.getCPU(0).getInstructionPointer());
|
||||||
|
|
||||||
unsigned times_called = times_called_map[curr_addr];
|
unsigned times_called = times_called_map[curr_addr];
|
||||||
times_called++;
|
times_called++;
|
||||||
@ -267,7 +267,7 @@ bool L4SysExperiment::run() {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
log << "EIP = " << hex
|
log << "EIP = " << hex
|
||||||
<< simulator.getRegisterManager().getInstructionPointer() << endl;
|
<< simulator.getCPU(0).getInstructionPointer() << endl;
|
||||||
log << "test function calculation position reached after "
|
log << "test function calculation position reached after "
|
||||||
<< dec << count << " instructions; "
|
<< dec << count << " instructions; "
|
||||||
<< "ul: " << ul << ", kernel: " << kernel << endl;
|
<< "ul: " << ul << ", kernel: " << kernel << endl;
|
||||||
@ -278,7 +278,7 @@ bool L4SysExperiment::run() {
|
|||||||
log << "restoring state" << endl;
|
log << "restoring state" << endl;
|
||||||
simulator.restore(L4SYS_STATE_FOLDER);
|
simulator.restore(L4SYS_STATE_FOLDER);
|
||||||
log << "EIP = " << hex
|
log << "EIP = " << hex
|
||||||
<< simulator.getRegisterManager().getInstructionPointer()
|
<< simulator.getCPU(0).getInstructionPointer()
|
||||||
<< endl;
|
<< endl;
|
||||||
|
|
||||||
ofstream golden_run_file(L4SYS_CORRECT_OUTPUT);
|
ofstream golden_run_file(L4SYS_CORRECT_OUTPUT);
|
||||||
@ -364,7 +364,7 @@ bool L4SysExperiment::run() {
|
|||||||
|
|
||||||
// note at what IP we will do the injection
|
// note at what IP we will do the injection
|
||||||
address_t injection_ip =
|
address_t injection_ip =
|
||||||
simulator.getRegisterManager().getInstructionPointer();
|
simulator.getCPU(0).getInstructionPointer();
|
||||||
param->msg.set_injection_ip(injection_ip);
|
param->msg.set_injection_ip(injection_ip);
|
||||||
|
|
||||||
#ifdef L4SYS_FILTER_INSTRUCTIONS
|
#ifdef L4SYS_FILTER_INSTRUCTIONS
|
||||||
@ -389,7 +389,7 @@ bool L4SysExperiment::run() {
|
|||||||
if (!param->msg.has_register_offset()) {
|
if (!param->msg.has_register_offset()) {
|
||||||
param->msg.set_resulttype(param->msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
@ -399,11 +399,11 @@ bool L4SysExperiment::run() {
|
|||||||
terminate(30);
|
terminate(30);
|
||||||
}
|
}
|
||||||
int reg_offset = param->msg.register_offset();
|
int reg_offset = param->msg.register_offset();
|
||||||
RegisterManager& rm = simulator.getRegisterManager();
|
ConcreteCPU& cpu = simulator.getCPU(0);
|
||||||
Register *reg_target = rm.getRegister(reg_offset - 1);
|
Register *reg_target = cpu.getRegister(reg_offset - 1);
|
||||||
regdata_t data = reg_target->getData();
|
regdata_t data = cpu.getRegisterContent(reg_target);
|
||||||
regdata_t newdata = data ^ (1 << bit_offset);
|
regdata_t newdata = data ^ (1 << bit_offset);
|
||||||
reg_target->setData(newdata);
|
cpu.setRegisterContent(reg_target, newdata);
|
||||||
|
|
||||||
// do the logging in case everything worked out
|
// do the logging in case everything worked out
|
||||||
logInjection();
|
logInjection();
|
||||||
@ -462,7 +462,7 @@ bool L4SysExperiment::run() {
|
|||||||
if (!udis.fetchNextInstruction()) {
|
if (!udis.fetchNextInstruction()) {
|
||||||
param->msg.set_resulttype(param->msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
@ -519,12 +519,12 @@ bool L4SysExperiment::run() {
|
|||||||
/* end Bjoern Doebel's code (slightly modified) */
|
/* end Bjoern Doebel's code (slightly modified) */
|
||||||
|
|
||||||
} while (which == UD_NONE &&
|
} while (which == UD_NONE &&
|
||||||
simulator.getRegisterManager().getInstructionPointer() != L4SYS_FUNC_EXIT);
|
simulator.getCPU(0).getInstructionPointer() != L4SYS_FUNC_EXIT);
|
||||||
|
|
||||||
if (simulator.getRegisterManager().getInstructionPointer() == L4SYS_FUNC_EXIT) {
|
if (simulator.getCPU(0).getInstructionPointer() == L4SYS_FUNC_EXIT) {
|
||||||
param->msg.set_resulttype(param->msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
@ -535,7 +535,7 @@ bool L4SysExperiment::run() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// store the real injection point
|
// store the real injection point
|
||||||
param->msg.set_injection_ip(simulator.getRegisterManager().getInstructionPointer());
|
param->msg.set_injection_ip(simulator.getCPU(0).getInstructionPointer());
|
||||||
|
|
||||||
// so we are able to flip the associated registers
|
// so we are able to flip the associated registers
|
||||||
// for details on the algorithm, see Bjoern Doebel's SWIFI/RATFlip class
|
// for details on the algorithm, see Bjoern Doebel's SWIFI/RATFlip class
|
||||||
@ -543,7 +543,9 @@ bool L4SysExperiment::run() {
|
|||||||
// some declarations
|
// some declarations
|
||||||
GPRegisterId bochs_reg = Udis86::udisGPRToFailBochsGPR(which);
|
GPRegisterId bochs_reg = Udis86::udisGPRToFailBochsGPR(which);
|
||||||
int exchg_reg = -1;
|
int exchg_reg = -1;
|
||||||
RegisterManager &rm = simulator.getRegisterManager();
|
ConcreteCPU &cpu = simulator.getCPU(0);
|
||||||
|
Register *bochsRegister = cpu.getRegister(bochs_reg);
|
||||||
|
Register *exchangeRegister = NULL;
|
||||||
|
|
||||||
// first, decide if the fault hits a register bound to this thread
|
// first, decide if the fault hits a register bound to this thread
|
||||||
// (ten percent chance)
|
// (ten percent chance)
|
||||||
@ -552,22 +554,22 @@ bool L4SysExperiment::run() {
|
|||||||
exchg_reg = rand() % 7;
|
exchg_reg = rand() % 7;
|
||||||
if (exchg_reg == bochs_reg)
|
if (exchg_reg == bochs_reg)
|
||||||
exchg_reg++;
|
exchg_reg++;
|
||||||
|
exchangeRegister = cpu.getRegister(exchg_reg);
|
||||||
}
|
}
|
||||||
|
|
||||||
// prepare the fault
|
// prepare the fault
|
||||||
regdata_t data = rm.getRegister(bochs_reg)->getData();
|
regdata_t data = cpu.getRegisterContent(bochsRegister);
|
||||||
if (rnd > 0) {
|
if (rnd > 0) {
|
||||||
//input register - do the fault injection here
|
//input register - do the fault injection here
|
||||||
regdata_t newdata = 0;
|
regdata_t newdata = 0;
|
||||||
if (exchg_reg >= 0) {
|
if (exchangeRegister >= 0) {
|
||||||
// the data is taken from a process register chosen before
|
// the data is taken from a process register chosen before
|
||||||
newdata = rm.getRegister(exchg_reg)->getData();
|
newdata = cpu.getRegisterContent(exchangeRegister);
|
||||||
} else {
|
} else {
|
||||||
// the data comes from an uninitialised register
|
// the data comes from an uninitialised register
|
||||||
newdata = rand();
|
newdata = rand();
|
||||||
}
|
}
|
||||||
rm.getRegister(bochs_reg)->setData(newdata);
|
cpu.setRegisterContent(bochsRegister, newdata);
|
||||||
}
|
}
|
||||||
|
|
||||||
// execute the instruction
|
// execute the instruction
|
||||||
@ -576,16 +578,16 @@ bool L4SysExperiment::run() {
|
|||||||
// restore the register if we are still in the thread
|
// restore the register if we are still in the thread
|
||||||
if (rnd == 0) {
|
if (rnd == 0) {
|
||||||
// output register - do the fault injection here
|
// output register - do the fault injection here
|
||||||
if (exchg_reg >= 0) {
|
if (exchangeRegister >= 0) {
|
||||||
// write the result into the wrong local register
|
// write the result into the wrong local register
|
||||||
regdata_t newdata = rm.getRegister(bochs_reg)->getData();
|
regdata_t newdata = cpu.getRegisterContent(bochsRegister);
|
||||||
rm.getRegister(exchg_reg)->setData(newdata);
|
cpu.setRegisterContent(exchangeRegister, newdata);
|
||||||
}
|
}
|
||||||
// otherwise, just assume it is stored in an unused register
|
// otherwise, just assume it is stored in an unused register
|
||||||
}
|
}
|
||||||
// restore the actual value of the register
|
// restore the actual value of the register
|
||||||
// in reality, it would never have been overwritten
|
// in reality, it would never have been overwritten
|
||||||
rm.getRegister(bochs_reg)->setData(data);
|
cpu.setRegisterContent(bochsRegister, data);
|
||||||
|
|
||||||
// log the injection
|
// log the injection
|
||||||
logInjection();
|
logInjection();
|
||||||
@ -597,14 +599,14 @@ bool L4SysExperiment::run() {
|
|||||||
bxInstruction_c *currInstr;
|
bxInstruction_c *currInstr;
|
||||||
while (!aluInstrObject.isALUInstruction(
|
while (!aluInstrObject.isALUInstruction(
|
||||||
currInstr = simulator.getCurrentInstruction()) &&
|
currInstr = simulator.getCurrentInstruction()) &&
|
||||||
simulator.getRegisterManager().getInstructionPointer() != L4SYS_FUNC_EXIT) {
|
simulator.getCPU(0).getInstructionPointer() != L4SYS_FUNC_EXIT) {
|
||||||
singleStep(true);
|
singleStep(true);
|
||||||
}
|
}
|
||||||
|
|
||||||
if (simulator.getRegisterManager().getInstructionPointer() == L4SYS_FUNC_EXIT) {
|
if (simulator.getCPU(0).getInstructionPointer() == L4SYS_FUNC_EXIT) {
|
||||||
param->msg.set_resulttype(param->msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
@ -615,7 +617,7 @@ bool L4SysExperiment::run() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// store the real injection point
|
// store the real injection point
|
||||||
param->msg.set_injection_ip(simulator.getRegisterManager().getInstructionPointer());
|
param->msg.set_injection_ip(simulator.getCPU(0).getInstructionPointer());
|
||||||
|
|
||||||
// now exchange it with a random equivalent
|
// now exchange it with a random equivalent
|
||||||
bxInstruction_c newInstr;
|
bxInstruction_c newInstr;
|
||||||
@ -625,7 +627,7 @@ bool L4SysExperiment::run() {
|
|||||||
// something went wrong - exit experiment
|
// something went wrong - exit experiment
|
||||||
param->msg.set_resulttype(param->msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
ostringstream oss;
|
ostringstream oss;
|
||||||
@ -676,24 +678,24 @@ bool L4SysExperiment::run() {
|
|||||||
log << "Result INCOMPLETE" << endl;
|
log << "Result INCOMPLETE" << endl;
|
||||||
param->msg.set_resulttype(param->msg.INCOMPLETE);
|
param->msg.set_resulttype(param->msg.INCOMPLETE);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
} else if (ev == &ev_timeout) {
|
} else if (ev == &ev_timeout) {
|
||||||
log << "Result TIMEOUT" << endl;
|
log << "Result TIMEOUT" << endl;
|
||||||
param->msg.set_resulttype(param->msg.TIMEOUT);
|
param->msg.set_resulttype(param->msg.TIMEOUT);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
} else {
|
} else {
|
||||||
log << "Result WTF?" << endl;
|
log << "Result WTF?" << endl;
|
||||||
param->msg.set_resulttype(param->msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getCPU(0).getInstructionPointer());
|
||||||
param->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
ss << "eventid " << ev << " EIP "
|
ss << "eventid " << ev << " EIP "
|
||||||
<< simulator.getRegisterManager().getInstructionPointer();
|
<< simulator.getCPU(0).getInstructionPointer();
|
||||||
param->msg.set_details(ss.str());
|
param->msg.set_details(ss.str());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Binary file not shown.
@ -300,6 +300,9 @@ the campaign server, from left to right.
|
|||||||
At the moment, RATFlip does not provide enough information
|
At the moment, RATFlip does not provide enough information
|
||||||
to reconstruct the injected fault
|
to reconstruct the injected fault
|
||||||
(see also the \texttt{TODO} in \texttt{experiment.cc}).
|
(see also the \texttt{TODO} in \texttt{experiment.cc}).
|
||||||
|
Also, if you need support for more than one processor,
|
||||||
|
you will have to extend the code accordingly:
|
||||||
|
at the moment, when in doubt, it uses the first CPU.
|
||||||
|
|
||||||
\section{To Be Continued}
|
\section{To Be Continued}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user