Pointers back in - this solution seems to work for now
git-svn-id: https://www4.informatik.uni-erlangen.de/i4svn/danceos/trunk/devel/fail@1937 8c4709b5-6ec9-48aa-a5cd-a96041d1645a
This commit is contained in:
unzner
@ -110,11 +110,11 @@ bx_bool L4SysExperiment::fetchInstruction(BX_CPU_C *instance,
|
|||||||
|
|
||||||
void L4SysExperiment::logInjection() {
|
void L4SysExperiment::logInjection() {
|
||||||
// explicit type assignment necessary before sending over output stream
|
// explicit type assignment necessary before sending over output stream
|
||||||
int id = currentParam->getWorkloadID();
|
int id = param->getWorkloadID();
|
||||||
int instr_offset = currentParam->msg.instr_offset();
|
int instr_offset = param->msg.instr_offset();
|
||||||
int bit_offset = currentParam->msg.bit_offset();
|
int bit_offset = param->msg.bit_offset();
|
||||||
int exp_type = currentParam->msg.exp_type();
|
int exp_type = param->msg.exp_type();
|
||||||
address_t injection_ip = currentParam->msg.injection_ip();
|
address_t injection_ip = param->msg.injection_ip();
|
||||||
|
|
||||||
log << "job " << id << " exp_type " << exp_type << endl;
|
log << "job " << id << " exp_type " << exp_type << endl;
|
||||||
log << "inject @ ip " << injection_ip << " (offset " << dec << instr_offset
|
log << "inject @ ip " << injection_ip << " (offset " << dec << instr_offset
|
||||||
@ -137,19 +137,20 @@ BaseListener *L4SysExperiment::singleStep(bool preserveAddressSpace) {
|
|||||||
if (ev == &schedTimeout) {
|
if (ev == &schedTimeout) {
|
||||||
// otherwise we just assume this thread is never scheduled again
|
// otherwise we just assume this thread is never scheduled again
|
||||||
log << "Result TIMEOUT" << endl;
|
log << "Result TIMEOUT" << endl;
|
||||||
currentParam->msg.set_resulttype(currentParam->msg.TIMEOUT);
|
param->msg.set_resulttype(param->msg.TIMEOUT);
|
||||||
currentParam->msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
currentParam->msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
currentParam->msg.set_details("Timed out immediately after injecting");
|
param->msg.set_details("Timed out immediately after injecting");
|
||||||
|
|
||||||
m_jc.sendResult(*currentParam);
|
m_jc.sendResult(*param);
|
||||||
terminate(0);
|
terminate(0);
|
||||||
}
|
}
|
||||||
return ev;
|
return ev;
|
||||||
}
|
}
|
||||||
|
|
||||||
void L4SysExperiment::injectInstruction(bxInstruction_c *oldInstr, bxInstruction_c *newInstr) {
|
void L4SysExperiment::injectInstruction(
|
||||||
|
bxInstruction_c *oldInstr, bxInstruction_c *newInstr) {
|
||||||
// backup the current and insert the faulty instruction
|
// backup the current and insert the faulty instruction
|
||||||
bxInstruction_c backupInstr;
|
bxInstruction_c backupInstr;
|
||||||
memcpy(&backupInstr, oldInstr, sizeof(bxInstruction_c));
|
memcpy(&backupInstr, oldInstr, sizeof(bxInstruction_c));
|
||||||
@ -170,6 +171,18 @@ unsigned L4SysExperiment::calculateTimeout(unsigned instr_left) {
|
|||||||
return 1100 * seconds;
|
return 1100 * seconds;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
L4SysExperiment::L4SysExperiment()
|
||||||
|
: m_jc("localhost"), log("L4Sys", false)
|
||||||
|
{
|
||||||
|
param = new L4SysExperimentData;
|
||||||
|
}
|
||||||
|
|
||||||
|
L4SysExperiment::~L4SysExperiment() {
|
||||||
|
// FIXME: this should actually work, but it seems that the job server
|
||||||
|
// needs the param record even after the program has terminated
|
||||||
|
// delete param;
|
||||||
|
}
|
||||||
|
|
||||||
void L4SysExperiment::terminate(int reason) {
|
void L4SysExperiment::terminate(int reason) {
|
||||||
simulator.terminate(reason);
|
simulator.terminate(reason);
|
||||||
}
|
}
|
||||||
@ -311,18 +324,16 @@ bool L4SysExperiment::run() {
|
|||||||
log << "restoring state" << endl;
|
log << "restoring state" << endl;
|
||||||
simulator.restore(L4SYS_STATE_FOLDER);
|
simulator.restore(L4SYS_STATE_FOLDER);
|
||||||
|
|
||||||
L4SysExperimentData param;
|
|
||||||
currentParam = ¶m;
|
|
||||||
log << "asking job server for experiment parameters" << endl;
|
log << "asking job server for experiment parameters" << endl;
|
||||||
if (!m_jc.getParam(param)) {
|
if (!m_jc.getParam(*param)) {
|
||||||
log << "Dying." << endl;
|
log << "Dying." << endl;
|
||||||
// communicate that we were told to die
|
// communicate that we were told to die
|
||||||
terminate(1);
|
terminate(1);
|
||||||
}
|
}
|
||||||
|
|
||||||
int instr_offset = param.msg.instr_offset();
|
int instr_offset = param->msg.instr_offset();
|
||||||
int bit_offset = param.msg.bit_offset();
|
int bit_offset = param->msg.bit_offset();
|
||||||
int exp_type = param.msg.exp_type();
|
int exp_type = param->msg.exp_type();
|
||||||
|
|
||||||
#ifdef L4SYS_FILTER_INSTRUCTIONS
|
#ifdef L4SYS_FILTER_INSTRUCTIONS
|
||||||
ifstream instr_list_file(L4SYS_INSTRUCTION_LIST, ios::binary);
|
ifstream instr_list_file(L4SYS_INSTRUCTION_LIST, ios::binary);
|
||||||
@ -350,7 +361,7 @@ bool L4SysExperiment::run() {
|
|||||||
// note at what IP we will do the injection
|
// note at what IP we will do the injection
|
||||||
address_t injection_ip =
|
address_t injection_ip =
|
||||||
simulator.getRegisterManager().getInstructionPointer();
|
simulator.getRegisterManager().getInstructionPointer();
|
||||||
param.msg.set_injection_ip(injection_ip);
|
param->msg.set_injection_ip(injection_ip);
|
||||||
|
|
||||||
#ifdef L4SYS_FILTER_INSTRUCTIONS
|
#ifdef L4SYS_FILTER_INSTRUCTIONS
|
||||||
// only works if we filter instructions
|
// only works if we filter instructions
|
||||||
@ -360,31 +371,30 @@ bool L4SysExperiment::run() {
|
|||||||
ss << "SANITY CHECK FAILED: " << injection_ip << " != "
|
ss << "SANITY CHECK FAILED: " << injection_ip << " != "
|
||||||
<< curr_instr.trigger_addr;
|
<< curr_instr.trigger_addr;
|
||||||
log << ss.str() << endl;
|
log << ss.str() << endl;
|
||||||
param.msg.set_resulttype(param.msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param.msg.set_resultdata(injection_ip);
|
param->msg.set_resultdata(injection_ip);
|
||||||
param.msg.set_details(ss.str());
|
param->msg.set_details(ss.str());
|
||||||
|
|
||||||
simulator.clearListeners();
|
m_jc.sendResult(*param);
|
||||||
m_jc.sendResult(param);
|
|
||||||
terminate(20);
|
terminate(20);
|
||||||
}
|
}
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
// inject
|
// inject
|
||||||
if (exp_type == param.msg.GPRFLIP) {
|
if (exp_type == param->msg.GPRFLIP) {
|
||||||
if (!param.msg.has_register_offset()) {
|
if (!param->msg.has_register_offset()) {
|
||||||
param.msg.set_resulttype(param.msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param.msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
ss << "Sent package did not contain the injection location (register offset)";
|
ss << "Sent package did not contain the injection location (register offset)";
|
||||||
param.msg.set_details(ss.str());
|
param->msg.set_details(ss.str());
|
||||||
m_jc.sendResult(param);
|
m_jc.sendResult(*param);
|
||||||
terminate(30);
|
terminate(30);
|
||||||
}
|
}
|
||||||
int reg_offset = param.msg.register_offset();
|
int reg_offset = param->msg.register_offset();
|
||||||
RegisterManager& rm = simulator.getRegisterManager();
|
RegisterManager& rm = simulator.getRegisterManager();
|
||||||
Register *reg_target = rm.getRegister(reg_offset - 1);
|
Register *reg_target = rm.getRegister(reg_offset - 1);
|
||||||
regdata_t data = reg_target->getData();
|
regdata_t data = reg_target->getData();
|
||||||
@ -395,7 +405,7 @@ bool L4SysExperiment::run() {
|
|||||||
logInjection();
|
logInjection();
|
||||||
log << "register data: 0x" << hex << ((int) data) << " -> 0x"
|
log << "register data: 0x" << hex << ((int) data) << " -> 0x"
|
||||||
<< ((int) newdata) << endl;
|
<< ((int) newdata) << endl;
|
||||||
} else if (exp_type == param.msg.IDCFLIP) {
|
} else if (exp_type == param->msg.IDCFLIP) {
|
||||||
// this is a twisted one
|
// this is a twisted one
|
||||||
|
|
||||||
// initial definitions
|
// initial definitions
|
||||||
@ -413,7 +423,7 @@ bool L4SysExperiment::run() {
|
|||||||
// CampaignManager has no idea of the instruction length
|
// CampaignManager has no idea of the instruction length
|
||||||
// (neither do we), therefore this small adaption
|
// (neither do we), therefore this small adaption
|
||||||
bit_offset %= length_in_bits;
|
bit_offset %= length_in_bits;
|
||||||
param.msg.set_bit_offset(bit_offset);
|
param->msg.set_bit_offset(bit_offset);
|
||||||
|
|
||||||
// do some access calculation
|
// do some access calculation
|
||||||
int byte_index = bit_offset >> 3;
|
int byte_index = bit_offset >> 3;
|
||||||
@ -433,7 +443,7 @@ bool L4SysExperiment::run() {
|
|||||||
|
|
||||||
// do the logging
|
// do the logging
|
||||||
logInjection();
|
logInjection();
|
||||||
} else if (exp_type == param.msg.RATFLIP) {
|
} else if (exp_type == param->msg.RATFLIP) {
|
||||||
ud_type_t which = UD_NONE;
|
ud_type_t which = UD_NONE;
|
||||||
unsigned rnd = 0;
|
unsigned rnd = 0;
|
||||||
Udis86 udis(injection_ip);
|
Udis86 udis(injection_ip);
|
||||||
@ -441,15 +451,15 @@ bool L4SysExperiment::run() {
|
|||||||
bxInstruction_c *currInstr = simulator.getCurrentInstruction();
|
bxInstruction_c *currInstr = simulator.getCurrentInstruction();
|
||||||
udis.setInputBuffer(calculateInstructionAddress(), currInstr->ilen());
|
udis.setInputBuffer(calculateInstructionAddress(), currInstr->ilen());
|
||||||
if (!udis.fetchNextInstruction()) {
|
if (!udis.fetchNextInstruction()) {
|
||||||
param.msg.set_resulttype(param.msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param.msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
ss << "Could not decode instruction using UDIS86";
|
ss << "Could not decode instruction using UDIS86";
|
||||||
param.msg.set_details(ss.str());
|
param->msg.set_details(ss.str());
|
||||||
m_jc.sendResult(param);
|
m_jc.sendResult(*param);
|
||||||
terminate(32);
|
terminate(32);
|
||||||
}
|
}
|
||||||
ud_t _ud = udis.getCurrentState();
|
ud_t _ud = udis.getCurrentState();
|
||||||
@ -503,20 +513,20 @@ bool L4SysExperiment::run() {
|
|||||||
simulator.getRegisterManager().getInstructionPointer() != L4SYS_FUNC_EXIT);
|
simulator.getRegisterManager().getInstructionPointer() != L4SYS_FUNC_EXIT);
|
||||||
|
|
||||||
if (simulator.getRegisterManager().getInstructionPointer() == L4SYS_FUNC_EXIT) {
|
if (simulator.getRegisterManager().getInstructionPointer() == L4SYS_FUNC_EXIT) {
|
||||||
param.msg.set_resulttype(param.msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param.msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
ss << "Reached the end of the experiment without finding an appropriate instruction";
|
ss << "Reached the end of the experiment without finding an appropriate instruction";
|
||||||
param.msg.set_details(ss.str());
|
param->msg.set_details(ss.str());
|
||||||
m_jc.sendResult(param);
|
m_jc.sendResult(*param);
|
||||||
terminate(33);
|
terminate(33);
|
||||||
}
|
}
|
||||||
|
|
||||||
// store the real injection point
|
// store the real injection point
|
||||||
param.msg.set_injection_ip(simulator.getRegisterManager().getInstructionPointer());
|
param->msg.set_injection_ip(simulator.getRegisterManager().getInstructionPointer());
|
||||||
|
|
||||||
// so we are able to flip the associated registers
|
// so we are able to flip the associated registers
|
||||||
// for details on the algorithm, see Bjoern Doebel's SWIFI/RATFlip class
|
// for details on the algorithm, see Bjoern Doebel's SWIFI/RATFlip class
|
||||||
@ -571,7 +581,7 @@ bool L4SysExperiment::run() {
|
|||||||
// log the injection
|
// log the injection
|
||||||
logInjection();
|
logInjection();
|
||||||
|
|
||||||
} else if (exp_type == param.msg.ALUINSTR) {
|
} else if (exp_type == param->msg.ALUINSTR) {
|
||||||
static BochsALUInstructions aluInstrObject(aluInstructions, aluInstructionsSize);
|
static BochsALUInstructions aluInstrObject(aluInstructions, aluInstructionsSize);
|
||||||
// find the closest ALU instruction after the current IP
|
// find the closest ALU instruction after the current IP
|
||||||
|
|
||||||
@ -583,20 +593,20 @@ bool L4SysExperiment::run() {
|
|||||||
}
|
}
|
||||||
|
|
||||||
if (simulator.getRegisterManager().getInstructionPointer() == L4SYS_FUNC_EXIT) {
|
if (simulator.getRegisterManager().getInstructionPointer() == L4SYS_FUNC_EXIT) {
|
||||||
param.msg.set_resulttype(param.msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param.msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
ss << "Reached the end of the experiment without finding an appropriate instruction";
|
ss << "Reached the end of the experiment without finding an appropriate instruction";
|
||||||
param.msg.set_details(ss.str());
|
param->msg.set_details(ss.str());
|
||||||
m_jc.sendResult(param);
|
m_jc.sendResult(*param);
|
||||||
terminate(33);
|
terminate(33);
|
||||||
}
|
}
|
||||||
|
|
||||||
// store the real injection point
|
// store the real injection point
|
||||||
param.msg.set_injection_ip(simulator.getRegisterManager().getInstructionPointer());
|
param->msg.set_injection_ip(simulator.getRegisterManager().getInstructionPointer());
|
||||||
|
|
||||||
// now exchange it with a random equivalent
|
// now exchange it with a random equivalent
|
||||||
bxInstruction_c newInstr;
|
bxInstruction_c newInstr;
|
||||||
@ -604,19 +614,19 @@ bool L4SysExperiment::run() {
|
|||||||
aluInstrObject.randomEquivalent(newInstr, details);
|
aluInstrObject.randomEquivalent(newInstr, details);
|
||||||
if (memcmp(&newInstr, currInstr, sizeof(bxInstruction_c)) == 0) {
|
if (memcmp(&newInstr, currInstr, sizeof(bxInstruction_c)) == 0) {
|
||||||
// something went wrong - exit experiment
|
// something went wrong - exit experiment
|
||||||
param.msg.set_resulttype(param.msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param.msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
ostringstream oss;
|
ostringstream oss;
|
||||||
oss << "Did not hit an ALU instruction - correct the source code please!";
|
oss << "Did not hit an ALU instruction - correct the source code please!";
|
||||||
param.msg.set_details(oss.str());
|
param->msg.set_details(oss.str());
|
||||||
m_jc.sendResult(param);
|
m_jc.sendResult(*param);
|
||||||
terminate(40);
|
terminate(40);
|
||||||
}
|
}
|
||||||
// record information on the new instruction
|
// record information on the new instruction
|
||||||
param.msg.set_details(details);
|
param->msg.set_details(details);
|
||||||
|
|
||||||
// inject it
|
// inject it
|
||||||
injectInstruction(currInstr, &newInstr);
|
injectInstruction(currInstr, &newInstr);
|
||||||
@ -647,39 +657,38 @@ bool L4SysExperiment::run() {
|
|||||||
if (ev == &ev_done) {
|
if (ev == &ev_done) {
|
||||||
if (strcmp(output.c_str(), golden_run.c_str()) == 0) {
|
if (strcmp(output.c_str(), golden_run.c_str()) == 0) {
|
||||||
log << "Result DONE" << endl;
|
log << "Result DONE" << endl;
|
||||||
param.msg.set_resulttype(param.msg.DONE);
|
param->msg.set_resulttype(param->msg.DONE);
|
||||||
} else {
|
} else {
|
||||||
log << "Result WRONG" << endl;
|
log << "Result WRONG" << endl;
|
||||||
param.msg.set_resulttype(param.msg.WRONG);
|
param->msg.set_resulttype(param->msg.WRONG);
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
}
|
}
|
||||||
} else if (ev == &ev_incomplete) {
|
} else if (ev == &ev_incomplete) {
|
||||||
log << "Result INCOMPLETE" << endl;
|
log << "Result INCOMPLETE" << endl;
|
||||||
param.msg.set_resulttype(param.msg.INCOMPLETE);
|
param->msg.set_resulttype(param->msg.INCOMPLETE);
|
||||||
param.msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
} else if (ev == &ev_timeout) {
|
} else if (ev == &ev_timeout) {
|
||||||
log << "Result TIMEOUT" << endl;
|
log << "Result TIMEOUT" << endl;
|
||||||
param.msg.set_resulttype(param.msg.TIMEOUT);
|
param->msg.set_resulttype(param->msg.TIMEOUT);
|
||||||
param.msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
} else {
|
} else {
|
||||||
log << "Result WTF?" << endl;
|
log << "Result WTF?" << endl;
|
||||||
param.msg.set_resulttype(param.msg.UNKNOWN);
|
param->msg.set_resulttype(param->msg.UNKNOWN);
|
||||||
param.msg.set_resultdata(
|
param->msg.set_resultdata(
|
||||||
simulator.getRegisterManager().getInstructionPointer());
|
simulator.getRegisterManager().getInstructionPointer());
|
||||||
param.msg.set_output(sanitised(output.c_str()));
|
param->msg.set_output(sanitised(output.c_str()));
|
||||||
|
|
||||||
stringstream ss;
|
stringstream ss;
|
||||||
ss << "eventid " << ev << " EIP "
|
ss << "eventid " << ev << " EIP "
|
||||||
<< simulator.getRegisterManager().getInstructionPointer();
|
<< simulator.getRegisterManager().getInstructionPointer();
|
||||||
param.msg.set_details(ss.str());
|
param->msg.set_details(ss.str());
|
||||||
}
|
}
|
||||||
|
|
||||||
simulator.clearListeners();
|
m_jc.sendResult(*param);
|
||||||
m_jc.sendResult(param);
|
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
terminate(0);
|
terminate(0);
|
||||||
|
|||||||
@ -28,10 +28,10 @@ class L4SysExperiment : public fail::ExperimentFlow {
|
|||||||
private:
|
private:
|
||||||
fail::JobClient m_jc; //!< the job client connecting to the campaign server
|
fail::JobClient m_jc; //!< the job client connecting to the campaign server
|
||||||
fail::Logger log; //<! the logger
|
fail::Logger log; //<! the logger
|
||||||
//! our current parameter set is globally available among the object
|
L4SysExperimentData *param; //<! the parameter set currently in use by the client
|
||||||
L4SysExperimentData *currentParam;
|
|
||||||
public:
|
public:
|
||||||
L4SysExperiment() : m_jc("localhost"), log("L4Sys", false), currentParam(NULL) {}
|
L4SysExperiment();
|
||||||
|
~L4SysExperiment();
|
||||||
bool run();
|
bool run();
|
||||||
protected:
|
protected:
|
||||||
/**
|
/**
|
||||||
|
|||||||
Reference in New Issue
Block a user