Unmodified source of the software fault injection utility

diff --git a/commands/simple/stat.c b/commands/simple/stat.c
index be4d70d7200227561d8a2adfe92acfbb9ed61e94..2a831150423afbfacc2e725c997dbd9dbe4bdf21 100755 (executable)
--- a/commands/simple/stat.c
+++ b/commands/simple/stat.c
@@ -195,6 +195,7 @@ int main(int ac, char** av)
                        continue;
                }
 #endif
+fprintf(stderr, "stat: buffer at %p\n", &sbuf);
                if (!sym) err= stat(av[i], &sbuf);
                if (sym || (err != 0 && errno == ENOENT)) {
                    err= lstat(av[i], &sbuf);
@@ -244,6 +245,7 @@ int main(int ac, char** av)
                printf("%s: %s\n", av[i], sbuf);
                continue;
        }
+fprintf(stderr, "stat: buffer at %p\n", &sbuf);
        if (!sym) err= stat(av[i], &sbuf);
        if (sym || (err != 0 && errno == ENOENT)) err= lstat(av[i], &sbuf);
        if (err != -1) {

diff --git a/commands/swifi/Makefile b/commands/swifi/Makefile
new file mode 100644 (file)
index 0000000..def034b
--- /dev/null
+++ b/commands/swifi/Makefile
@@ -0,0 +1,25 @@
+#
+# Makefile for the nooks.
+#
+# Note! Dependencies are done automagically by 'make dep', which also
+# removes any old dependencies. DON'T put your own dependencies here
+# unless it's something special (ie not a .c file).
+#
+# Note 2! The CFLAGS definitions are now in the main makefile...
+
+O_TARGET := swifi.o
+
+# All of the (potential) objects that export symbols.
+# This list comes from 'grep -l EXPORT_SYMBOL *.[hc]'.
+
+export-objs = swifi-ksyms.o
+
+obj-$(CONFIG_SWIFI) +=  db_sym.o db_disasm.o db_access.o \
+                       random.o fault_model.o swifi-ksyms.o
+
+# db_interface.o 
+
+include $(TOPDIR)/Rules.make
+
+fastdep:
+

diff --git a/commands/swifi/db_access.c b/commands/swifi/db_access.c
new file mode 100644 (file)
index 0000000..d6a732a
--- /dev/null
+++ b/commands/swifi/db_access.c
@@ -0,0 +1,90 @@
+/*
+ * Mach Operating System
+ * Copyright (c) 1991,1990 Carnegie Mellon University
+ * All Rights Reserved.
+ *
+ * Permission to use, copy, modify and distribute this software and its
+ * documentation is hereby granted, provided that both the copyright
+ * notice and this permission notice appear in all copies of the
+ * software, derivative works or modified versions, and any portions
+ * thereof, and that both notices appear in supporting documentation.
+ *
+ * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS
+ * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
+ * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
+ *
+ * Carnegie Mellon requests users of this software to return to
+ *
+ *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
+ *  School of Computer Science
+ *  Carnegie Mellon University
+ *  Pittsburgh PA 15213-3890
+ *
+ * any improvements or extensions that they make and grant Carnegie the
+ * rights to redistribute these changes.
+ *
+ *     $Id: db_access.c,v 1.1 2003/01/15 21:50:58 mikesw Exp $
+ */
+
+/*
+ *     Author: David B. Golub, Carnegie Mellon University
+ *     Date:   7/90
+ */
+#include "ddb.h"
+#include "db_access.h"
+
+/*
+ * Access unaligned data items on aligned (longword)
+ * boundaries.
+ */
+
+static unsigned db_extend[] = {        /* table for sign-extending */
+       0,
+       0xFFFFFF80U,
+       0xFFFF8000U,
+       0xFF800000U
+};
+
+void
+db_read_bytes(addr, size, data)
+       vm_offset_t     addr;
+       register int    size;
+       register char   *data;
+{
+       register char   *src;
+
+       src = (char *)addr;
+       while (--size >= 0)
+           *data++ = *src++;
+
+}
+
+db_expr_t
+db_get_value(addr, size, is_signed)
+       db_addr_t       addr;
+       register int    size;
+       boolean_t       is_signed;
+{
+       char            data[sizeof(int)];
+       register db_expr_t value;
+       register int    i;
+
+       db_read_bytes(addr, size, data);
+
+       value = 0;
+#if    BYTE_MSF
+       for (i = 0; i < size; i++)
+#else  /* BYTE_LSF */
+       for (i = size - 1; i >= 0; i--)
+#endif
+       {
+           value = (value << 8) + (data[i] & 0xFF);
+       }
+
+       if (size < 4) {
+           if (is_signed && (value & db_extend[size]) != 0)
+               value |= db_extend[size];
+       }
+       return (value);
+}
+

diff --git a/commands/swifi/db_access.h b/commands/swifi/db_access.h
new file mode 100644 (file)
index 0000000..192fb40
--- /dev/null
+++ b/commands/swifi/db_access.h
@@ -0,0 +1,43 @@
+/*
+ * Mach Operating System
+ * Copyright (c) 1991,1990 Carnegie Mellon University
+ * All Rights Reserved.
+ *
+ * Permission to use, copy, modify and distribute this software and its
+ * documentation is hereby granted, provided that both the copyright
+ * notice and this permission notice appear in all copies of the
+ * software, derivative works or modified versions, and any portions
+ * thereof, and that both notices appear in supporting documentation.
+ *
+ * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS
+ * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
+ * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
+ *
+ * Carnegie Mellon requests users of this software to return to
+ *
+ *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
+ *  School of Computer Science
+ *  Carnegie Mellon University
+ *  Pittsburgh PA 15213-3890
+ *
+ * any improvements or extensions that they make and grant Carnegie the
+ * rights to redistribute these changes.
+ *
+ *     $Id: db_access.h,v 1.1 2003/01/15 21:51:24 mikesw Exp $
+ */
+
+#ifndef _DDB_DB_ACCESS_H_
+#define        _DDB_DB_ACCESS_H_
+
+/*
+ *     Author: David B. Golub, Carnegie Mellon University
+ *     Date:   7/90
+ */
+/*
+ * Data access functions for debugger.
+ */
+db_expr_t      db_get_value __P((db_addr_t addr, int size,
+                                 boolean_t is_signed));
+void           db_put_value __P((db_addr_t addr, int size, db_expr_t value));
+
+#endif /* !_DDB_DB_ACCESS_H_ */

diff --git a/commands/swifi/db_disasm.c b/commands/swifi/db_disasm.c
new file mode 100644 (file)
index 0000000..295377a
--- /dev/null
+++ b/commands/swifi/db_disasm.c
@@ -0,0 +1,1333 @@
+/*
+ * Mach Operating System
+ * Copyright (c) 1991,1990 Carnegie Mellon University
+ * All Rights Reserved.
+ *
+ * Permission to use, copy, modify and distribute this software and its
+ * documentation is hereby granted, provided that both the copyright
+ * notice and this permission notice appear in all copies of the
+ * software, derivative works or modified versions, and any portions
+ * thereof, and that both notices appear in supporting documentation.
+ *
+ * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS
+ * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
+ * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
+ *
+ * Carnegie Mellon requests users of this software to return to
+ *
+ *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
+ *  School of Computer Science
+ *  Carnegie Mellon University
+ *  Pittsburgh PA 15213-3890
+ *
+ * any improvements or extensions that they make and grant Carnegie the
+ * rights to redistribute these changes.
+ *
+ *     $Id: db_disasm.c,v 1.1 2003/01/15 21:50:58 mikesw Exp $
+ */
+
+/*
+ * Instruction disassembler.
+ */
+
+#include <linux/kernel.h>
+#include "ddb.h"
+
+#include "db_access.h"
+#include "db_sym.h"
+
+/*
+ * Size attributes
+ */
+#define        BYTE    0
+#define        WORD    1
+#define        LONG    2
+#define        QUAD    3
+#define        SNGL    4
+#define        DBLR    5
+#define        EXTR    6
+#define        SDEP    7
+#define        NONE    8
+
+/*
+ * Addressing modes
+ */
+#define        E       1                       /* general effective address */
+#define        Eind    2                       /* indirect address (jump, call) */
+#define        Ew      3                       /* address, word size */
+#define        Eb      4                       /* address, byte size */
+#define        R       5                       /* register, in 'reg' field */
+#define        Rw      6                       /* word register, in 'reg' field */
+#define        Ri      7                       /* register in instruction */
+#define        S       8                       /* segment reg, in 'reg' field */
+#define        Si      9                       /* segment reg, in instruction */
+#define        A       10                      /* accumulator */
+#define        BX      11                      /* (bx) */
+#define        CL      12                      /* cl, for shifts */
+#define        DX      13                      /* dx, for IO */
+#define        SI      14                      /* si */
+#define        DI      15                      /* di */
+#define        CR      16                      /* control register */
+#define        DR      17                      /* debug register */
+#define        TR      18                      /* test register */
+#define        I       19                      /* immediate, unsigned */
+#define        Is      20                      /* immediate, signed */
+#define        Ib      21                      /* byte immediate, unsigned */
+#define        Ibs     22                      /* byte immediate, signed */
+#define        Iw      23                      /* word immediate, unsigned */
+#define        O       25                      /* direct address */
+#define        Db      26                      /* byte displacement from EIP */
+#define        Dl      27                      /* long displacement from EIP */
+#define        o1      28                      /* constant 1 */
+#define        o3      29                      /* constant 3 */
+#define        OS      30                      /* immediate offset/segment */
+#define        ST      31                      /* FP stack top */
+#define        STI     32                      /* FP stack */
+#define        X       33                      /* extended FP op */
+#define        XA      34                      /* for 'fstcw %ax' */
+#define        El      35                      /* address, long size */
+#define        Ril     36                      /* long register in instruction */
+#define        Iba     37                      /* byte immediate, don't print if 0xa */
+
+struct inst {
+       const char *    i_name;         /* name */
+       short   i_has_modrm;            /* has regmodrm byte */
+       short   i_size;                 /* operand size */
+       int     i_mode;                 /* addressing modes */
+       const void *    i_extra;        /* pointer to extra opcode table */
+};
+
+#define        op1(x)          (x)
+#define        op2(x,y)        ((x)|((y)<<8))
+#define        op3(x,y,z)      ((x)|((y)<<8)|((z)<<16))
+
+struct finst {
+       const char *    f_name;         /* name for memory instruction */
+       int     f_size;                 /* size for memory instruction */
+       int     f_rrmode;               /* mode for rr instruction */
+       const void *    f_rrname;       /* name for rr instruction
+                                          (or pointer to table) */
+};
+
+static const char * const db_Grp6[] = {
+       "sldt",
+       "str",
+       "lldt",
+       "ltr",
+       "verr",
+       "verw",
+       "",
+       ""
+};
+
+static const char * const db_Grp7[] = {
+       "sgdt",
+       "sidt",
+       "lgdt",
+       "lidt",
+       "smsw",
+       "",
+       "lmsw",
+       "invlpg"
+};
+
+static const char * const db_Grp8[] = {
+       "",
+       "",
+       "",
+       "",
+       "bt",
+       "bts",
+       "btr",
+       "btc"
+};
+
+static const char * const db_Grp9[] = {
+       "",
+       "cmpxchg8b",
+       "",
+       "",
+       "",
+       "",
+       "",
+       ""
+};
+
+static const struct inst db_inst_0f0x[] = {
+/*00*/ { "",      TRUE,  NONE,  op1(Ew),     db_Grp6 },
+/*01*/ { "",      TRUE,  NONE,  op1(Ew),     db_Grp7 },
+/*02*/ { "lar",   TRUE,  LONG,  op2(E,R),    0 },
+/*03*/ { "lsl",   TRUE,  LONG,  op2(E,R),    0 },
+/*04*/ { "",      FALSE, NONE,  0,           0 },
+/*05*/ { "",      FALSE, NONE,  0,           0 },
+/*06*/ { "clts",  FALSE, NONE,  0,           0 },
+/*07*/ { "",      FALSE, NONE,  0,           0 },
+
+/*08*/ { "invd",  FALSE, NONE,  0,           0 },
+/*09*/ { "wbinvd",FALSE, NONE,  0,           0 },
+/*0a*/ { "",      FALSE, NONE,  0,           0 },
+/*0b*/ { "",      FALSE, NONE,  0,           0 },
+/*0c*/ { "",      FALSE, NONE,  0,           0 },
+/*0d*/ { "",      FALSE, NONE,  0,           0 },
+/*0e*/ { "",      FALSE, NONE,  0,           0 },
+/*0f*/ { "",      FALSE, NONE,  0,           0 },
+};
+
+static const struct inst db_inst_0f2x[] = {
+/*20*/ { "mov",   TRUE,  LONG,  op2(CR,El),  0 },
+/*21*/ { "mov",   TRUE,  LONG,  op2(DR,El),  0 },
+/*22*/ { "mov",   TRUE,  LONG,  op2(El,CR),  0 },
+/*23*/ { "mov",   TRUE,  LONG,  op2(El,DR),  0 },
+/*24*/ { "mov",   TRUE,  LONG,  op2(TR,El),  0 },
+/*25*/ { "",      FALSE, NONE,  0,           0 },
+/*26*/ { "mov",   TRUE,  LONG,  op2(El,TR),  0 },
+/*27*/ { "",      FALSE, NONE,  0,           0 },
+
+/*28*/ { "",      FALSE, NONE,  0,           0 },
+/*29*/ { "",      FALSE, NONE,  0,           0 },
+/*2a*/ { "",      FALSE, NONE,  0,           0 },
+/*2b*/ { "",      FALSE, NONE,  0,           0 },
+/*2c*/ { "",      FALSE, NONE,  0,           0 },
+/*2d*/ { "",      FALSE, NONE,  0,           0 },
+/*2e*/ { "",      FALSE, NONE,  0,           0 },
+/*2f*/ { "",      FALSE, NONE,  0,           0 },
+};
+
+static const struct inst db_inst_0f3x[] = {
+/*30*/ { "wrmsr", FALSE, NONE,  0,           0 },
+/*31*/ { "rdtsc", FALSE, NONE,  0,           0 },
+/*32*/ { "rdmsr", FALSE, NONE,  0,           0 },
+/*33*/ { "rdpmc", FALSE, NONE,  0,           0 },
+/*34*/ { "",      FALSE, NONE,  0,           0 },
+/*35*/ { "",      FALSE, NONE,  0,           0 },
+/*36*/ { "",      FALSE, NONE,  0,           0 },
+/*37*/ { "",      FALSE, NONE,  0,           0 },
+
+/*38*/ { "",      FALSE, NONE,  0,           0 },
+/*39*/ { "",      FALSE, NONE,  0,           0 },
+/*3a*/ { "",      FALSE, NONE,  0,           0 },
+/*3b*/ { "",      FALSE, NONE,  0,           0 },
+/*3c*/ { "",      FALSE, NONE,  0,           0 },
+/*3d*/ { "",      FALSE, NONE,  0,           0 },
+/*3e*/ { "",      FALSE, NONE,  0,           0 },
+/*3f*/ { "",      FALSE, NONE,  0,           0 },
+};
+
+static const struct inst db_inst_0f8x[] = {
+/*80*/ { "jo",    FALSE, NONE,  op1(Dl),     0 },
+/*81*/ { "jno",   FALSE, NONE,  op1(Dl),     0 },
+/*82*/ { "jb",    FALSE, NONE,  op1(Dl),     0 },
+/*83*/ { "jnb",   FALSE, NONE,  op1(Dl),     0 },
+/*84*/ { "jz",    FALSE, NONE,  op1(Dl),     0 },
+/*85*/ { "jnz",   FALSE, NONE,  op1(Dl),     0 },
+/*86*/ { "jbe",   FALSE, NONE,  op1(Dl),     0 },
+/*87*/ { "jnbe",  FALSE, NONE,  op1(Dl),     0 },
+
+/*88*/ { "js",    FALSE, NONE,  op1(Dl),     0 },
+/*89*/ { "jns",   FALSE, NONE,  op1(Dl),     0 },
+/*8a*/ { "jp",    FALSE, NONE,  op1(Dl),     0 },
+/*8b*/ { "jnp",   FALSE, NONE,  op1(Dl),     0 },
+/*8c*/ { "jl",    FALSE, NONE,  op1(Dl),     0 },
+/*8d*/ { "jnl",   FALSE, NONE,  op1(Dl),     0 },
+/*8e*/ { "jle",   FALSE, NONE,  op1(Dl),     0 },
+/*8f*/ { "jnle",  FALSE, NONE,  op1(Dl),     0 },
+};
+
+static const struct inst db_inst_0f9x[] = {
+/*90*/ { "seto",  TRUE,  NONE,  op1(Eb),     0 },
+/*91*/ { "setno", TRUE,  NONE,  op1(Eb),     0 },
+/*92*/ { "setb",  TRUE,  NONE,  op1(Eb),     0 },
+/*93*/ { "setnb", TRUE,  NONE,  op1(Eb),     0 },
+/*94*/ { "setz",  TRUE,  NONE,  op1(Eb),     0 },
+/*95*/ { "setnz", TRUE,  NONE,  op1(Eb),     0 },
+/*96*/ { "setbe", TRUE,  NONE,  op1(Eb),     0 },
+/*97*/ { "setnbe",TRUE,  NONE,  op1(Eb),     0 },
+
+/*98*/ { "sets",  TRUE,  NONE,  op1(Eb),     0 },
+/*99*/ { "setns", TRUE,  NONE,  op1(Eb),     0 },
+/*9a*/ { "setp",  TRUE,  NONE,  op1(Eb),     0 },
+/*9b*/ { "setnp", TRUE,  NONE,  op1(Eb),     0 },
+/*9c*/ { "setl",  TRUE,  NONE,  op1(Eb),     0 },
+/*9d*/ { "setnl", TRUE,  NONE,  op1(Eb),     0 },
+/*9e*/ { "setle", TRUE,  NONE,  op1(Eb),     0 },
+/*9f*/ { "setnle",TRUE,  NONE,  op1(Eb),     0 },
+};
+
+static const struct inst db_inst_0fax[] = {
+/*a0*/ { "push",  FALSE, NONE,  op1(Si),     0 },
+/*a1*/ { "pop",   FALSE, NONE,  op1(Si),     0 },
+/*a2*/ { "cpuid", FALSE, NONE,  0,           0 },
+/*a3*/ { "bt",    TRUE,  LONG,  op2(R,E),    0 },
+/*a4*/ { "shld",  TRUE,  LONG,  op3(Ib,R,E), 0 },
+/*a5*/ { "shld",  TRUE,  LONG,  op3(CL,R,E), 0 },
+/*a6*/ { "",      FALSE, NONE,  0,           0 },
+/*a7*/ { "",      FALSE, NONE,  0,           0 },
+
+/*a8*/ { "push",  FALSE, NONE,  op1(Si),     0 },
+/*a9*/ { "pop",   FALSE, NONE,  op1(Si),     0 },
+/*aa*/ { "rsm",   FALSE, NONE,  0,           0 },
+/*ab*/ { "bts",   TRUE,  LONG,  op2(R,E),    0 },
+/*ac*/ { "shrd",  TRUE,  LONG,  op3(Ib,R,E), 0 },
+/*ad*/ { "shrd",  TRUE,  LONG,  op3(CL,R,E), 0 },
+/*a6*/ { "",      FALSE, NONE,  0,           0 },
+/*a7*/ { "imul",  TRUE,  LONG,  op2(E,R),    0 },
+};
+
+static const struct inst db_inst_0fbx[] = {
+/*b0*/ { "cmpxchg",TRUE, BYTE,  op2(R, E),   0 },
+/*b0*/ { "cmpxchg",TRUE, LONG,  op2(R, E),   0 },
+/*b2*/ { "lss",   TRUE,  LONG,  op2(E, R),   0 },
+/*b3*/ { "btr",   TRUE,  LONG,  op2(R, E),   0 },
+/*b4*/ { "lfs",   TRUE,  LONG,  op2(E, R),   0 },
+/*b5*/ { "lgs",   TRUE,  LONG,  op2(E, R),   0 },
+/*b6*/ { "movzb", TRUE,  LONG,  op2(Eb, R),  0 },
+/*b7*/ { "movzw", TRUE,  LONG,  op2(Ew, R),  0 },
+
+/*b8*/ { "",      FALSE, NONE,  0,           0 },
+/*b9*/ { "",      FALSE, NONE,  0,           0 },
+/*ba*/ { "",      TRUE,  LONG,  op2(Ib, E),  db_Grp8 },
+/*bb*/ { "btc",   TRUE,  LONG,  op2(R, E),   0 },
+/*bc*/ { "bsf",   TRUE,  LONG,  op2(E, R),   0 },
+/*bd*/ { "bsr",   TRUE,  LONG,  op2(E, R),   0 },
+/*be*/ { "movsb", TRUE,  LONG,  op2(Eb, R),  0 },
+/*bf*/ { "movsw", TRUE,  LONG,  op2(Ew, R),  0 },
+};
+
+static const struct inst db_inst_0fcx[] = {
+/*c0*/ { "xadd",  TRUE,  BYTE,  op2(R, E),   0 },
+/*c1*/ { "xadd",  TRUE,  LONG,  op2(R, E),   0 },
+/*c2*/ { "",      FALSE, NONE,  0,           0 },
+/*c3*/ { "",      FALSE, NONE,  0,           0 },
+/*c4*/ { "",      FALSE, NONE,  0,           0 },
+/*c5*/ { "",      FALSE, NONE,  0,           0 },
+/*c6*/ { "",      FALSE, NONE,  0,           0 },
+/*c7*/ { "",      TRUE,  NONE,  op1(E),      db_Grp9 },
+/*c8*/ { "bswap", FALSE, LONG,  op1(Ril),    0 },
+/*c9*/ { "bswap", FALSE, LONG,  op1(Ril),    0 },
+/*ca*/ { "bswap", FALSE, LONG,  op1(Ril),    0 },
+/*cb*/ { "bswap", FALSE, LONG,  op1(Ril),    0 },
+/*cc*/ { "bswap", FALSE, LONG,  op1(Ril),    0 },
+/*cd*/ { "bswap", FALSE, LONG,  op1(Ril),    0 },
+/*ce*/ { "bswap", FALSE, LONG,  op1(Ril),    0 },
+/*cf*/ { "bswap", FALSE, LONG,  op1(Ril),    0 },
+};
+
+static const struct inst * const db_inst_0f[] = {
+       db_inst_0f0x,
+       0,
+       db_inst_0f2x,
+       db_inst_0f3x,
+       0,
+       0,
+       0,
+       0,
+       db_inst_0f8x,
+       db_inst_0f9x,
+       db_inst_0fax,
+       db_inst_0fbx,
+       db_inst_0fcx,
+       0,
+       0,
+       0
+};
+
+static const char * const db_Esc92[] = {
+       "fnop", "",     "",     "",     "",     "",     "",     ""
+};
+static const char * const db_Esc94[] = {
+       "fchs", "fabs", "",     "",     "ftst", "fxam", "",     ""
+};
+static const char * const db_Esc95[] = {
+       "fld1", "fldl2t","fldl2e","fldpi","fldlg2","fldln2","fldz",""
+};
+static const char * const db_Esc96[] = {
+       "f2xm1","fyl2x","fptan","fpatan","fxtract","fprem1","fdecstp",
+       "fincstp"
+};
+static const char * const db_Esc97[] = {
+       "fprem","fyl2xp1","fsqrt","fsincos","frndint","fscale","fsin","fcos"
+};
+
+static const char * const db_Esca5[] = {
+       "",     "fucompp","",   "",     "",     "",     "",     ""
+};
+
+static const char * const db_Escb4[] = {
+       "fneni","fndisi",       "fnclex","fninit","fsetpm",     "",     "",     ""
+};
+
+static const char * const db_Esce3[] = {
+       "",     "fcompp","",    "",     "",     "",     "",     ""
+};
+
+static const char * const db_Escf4[] = {
+       "fnstsw","",    "",     "",     "",     "",     "",     ""
+};
+
+static const struct finst db_Esc8[] = {
+/*0*/  { "fadd",   SNGL,  op2(STI,ST), 0 },
+/*1*/  { "fmul",   SNGL,  op2(STI,ST), 0 },
+/*2*/  { "fcom",   SNGL,  op2(STI,ST), 0 },
+/*3*/  { "fcomp",  SNGL,  op2(STI,ST), 0 },
+/*4*/  { "fsub",   SNGL,  op2(STI,ST), 0 },
+/*5*/  { "fsubr",  SNGL,  op2(STI,ST), 0 },
+/*6*/  { "fdiv",   SNGL,  op2(STI,ST), 0 },
+/*7*/  { "fdivr",  SNGL,  op2(STI,ST), 0 },
+};
+
+static const struct finst db_Esc9[] = {
+/*0*/  { "fld",    SNGL,  op1(STI),    0 },
+/*1*/  { "",       NONE,  op1(STI),    "fxch" },
+/*2*/  { "fst",    SNGL,  op1(X),      db_Esc92 },
+/*3*/  { "fstp",   SNGL,  0,           0 },
+/*4*/  { "fldenv", NONE,  op1(X),      db_Esc94 },
+/*5*/  { "fldcw",  NONE,  op1(X),      db_Esc95 },
+/*6*/  { "fnstenv",NONE,  op1(X),      db_Esc96 },
+/*7*/  { "fnstcw", NONE,  op1(X),      db_Esc97 },
+};
+
+static const struct finst db_Esca[] = {
+/*0*/  { "fiadd",  LONG,  0,           0 },
+/*1*/  { "fimul",  LONG,  0,           0 },
+/*2*/  { "ficom",  LONG,  0,           0 },
+/*3*/  { "ficomp", LONG,  0,           0 },
+/*4*/  { "fisub",  LONG,  0,           0 },
+/*5*/  { "fisubr", LONG,  op1(X),      db_Esca5 },
+/*6*/  { "fidiv",  LONG,  0,           0 },
+/*7*/  { "fidivr", LONG,  0,           0 }
+};
+
+static const struct finst db_Escb[] = {
+/*0*/  { "fild",   LONG,  0,           0 },
+/*1*/  { "",       NONE,  0,           0 },
+/*2*/  { "fist",   LONG,  0,           0 },
+/*3*/  { "fistp",  LONG,  0,           0 },
+/*4*/  { "",       WORD,  op1(X),      db_Escb4 },
+/*5*/  { "fld",    EXTR,  0,           0 },
+/*6*/  { "",       WORD,  0,           0 },
+/*7*/  { "fstp",   EXTR,  0,           0 },
+};
+
+static const struct finst db_Escc[] = {
+/*0*/  { "fadd",   DBLR,  op2(ST,STI), 0 },
+/*1*/  { "fmul",   DBLR,  op2(ST,STI), 0 },
+/*2*/  { "fcom",   DBLR,  0,           0 },
+/*3*/  { "fcomp",  DBLR,  0,           0 },
+/*4*/  { "fsub",   DBLR,  op2(ST,STI), "fsubr" },
+/*5*/  { "fsubr",  DBLR,  op2(ST,STI), "fsub" },
+/*6*/  { "fdiv",   DBLR,  op2(ST,STI), "fdivr" },
+/*7*/  { "fdivr",  DBLR,  op2(ST,STI), "fdiv" },
+};
+
+static const struct finst db_Escd[] = {
+/*0*/  { "fld",    DBLR,  op1(STI),    "ffree" },
+/*1*/  { "",       NONE,  0,           0 },
+/*2*/  { "fst",    DBLR,  op1(STI),    0 },
+/*3*/  { "fstp",   DBLR,  op1(STI),    0 },
+/*4*/  { "frstor", NONE,  op1(STI),    "fucom" },
+/*5*/  { "",       NONE,  op1(STI),    "fucomp" },
+/*6*/  { "fnsave", NONE,  0,           0 },
+/*7*/  { "fnstsw", NONE,  0,           0 },
+};
+
+static const struct finst db_Esce[] = {
+/*0*/  { "fiadd",  WORD,  op2(ST,STI), "faddp" },
+/*1*/  { "fimul",  WORD,  op2(ST,STI), "fmulp" },
+/*2*/  { "ficom",  WORD,  0,           0 },
+/*3*/  { "ficomp", WORD,  op1(X),      db_Esce3 },
+/*4*/  { "fisub",  WORD,  op2(ST,STI), "fsubrp" },
+/*5*/  { "fisubr", WORD,  op2(ST,STI), "fsubp" },
+/*6*/  { "fidiv",  WORD,  op2(ST,STI), "fdivrp" },
+/*7*/  { "fidivr", WORD,  op2(ST,STI), "fdivp" },
+};
+
+static const struct finst db_Escf[] = {
+/*0*/  { "fild",   WORD,  0,           0 },
+/*1*/  { "",       NONE,  0,           0 },
+/*2*/  { "fist",   WORD,  0,           0 },
+/*3*/  { "fistp",  WORD,  0,           0 },
+/*4*/  { "fbld",   NONE,  op1(XA),     db_Escf4 },
+/*5*/  { "fild",   QUAD,  0,           0 },
+/*6*/  { "fbstp",  NONE,  0,           0 },
+/*7*/  { "fistp",  QUAD,  0,           0 },
+};
+
+static const struct finst * const db_Esc_inst[] = {
+       db_Esc8, db_Esc9, db_Esca, db_Escb,
+       db_Escc, db_Escd, db_Esce, db_Escf
+};
+
+static const char * const db_Grp1[] = {
+       "add",
+       "or",
+       "adc",
+       "sbb",
+       "and",
+       "sub",
+       "xor",
+       "cmp"
+};
+
+static const char * const db_Grp2[] = {
+       "rol",
+       "ror",
+       "rcl",
+       "rcr",
+       "shl",
+       "shr",
+       "shl",
+       "sar"
+};
+
+static const struct inst db_Grp3[] = {
+       { "test",  TRUE, NONE, op2(I,E), 0 },
+       { "test",  TRUE, NONE, op2(I,E), 0 },
+       { "not",   TRUE, NONE, op1(E),   0 },
+       { "neg",   TRUE, NONE, op1(E),   0 },
+       { "mul",   TRUE, NONE, op2(E,A), 0 },
+       { "imul",  TRUE, NONE, op2(E,A), 0 },
+       { "div",   TRUE, NONE, op2(E,A), 0 },
+       { "idiv",  TRUE, NONE, op2(E,A), 0 },
+};
+
+static const struct inst db_Grp4[] = {
+       { "inc",   TRUE, BYTE, op1(E),   0 },
+       { "dec",   TRUE, BYTE, op1(E),   0 },
+       { "",      TRUE, NONE, 0,        0 },
+       { "",      TRUE, NONE, 0,        0 },
+       { "",      TRUE, NONE, 0,        0 },
+       { "",      TRUE, NONE, 0,        0 },
+       { "",      TRUE, NONE, 0,        0 },
+       { "",      TRUE, NONE, 0,        0 }
+};
+
+static const struct inst db_Grp5[] = {
+       { "inc",   TRUE, LONG, op1(E),   0 },
+       { "dec",   TRUE, LONG, op1(E),   0 },
+       { "call",  TRUE, LONG, op1(Eind),0 },
+       { "lcall", TRUE, LONG, op1(Eind),0 },
+       { "jmp",   TRUE, LONG, op1(Eind),0 },
+       { "ljmp",  TRUE, LONG, op1(Eind),0 },
+       { "push",  TRUE, LONG, op1(E),   0 },
+       { "",      TRUE, NONE, 0,        0 }
+};
+
+static const struct inst db_inst_table[256] = {
+/*00*/ { "add",   TRUE,  BYTE,  op2(R, E),  0 },
+/*01*/ { "add",   TRUE,  LONG,  op2(R, E),  0 },
+/*02*/ { "add",   TRUE,  BYTE,  op2(E, R),  0 },
+/*03*/ { "add",   TRUE,  LONG,  op2(E, R),  0 },
+/*04*/ { "add",   FALSE, BYTE,  op2(I, A),  0 },
+/*05*/ { "add",   FALSE, LONG,  op2(Is, A), 0 },
+/*06*/ { "push",  FALSE, NONE,  op1(Si),    0 },
+/*07*/ { "pop",   FALSE, NONE,  op1(Si),    0 },
+
+/*08*/ { "or",    TRUE,  BYTE,  op2(R, E),  0 },
+/*09*/ { "or",    TRUE,  LONG,  op2(R, E),  0 },
+/*0a*/ { "or",    TRUE,  BYTE,  op2(E, R),  0 },
+/*0b*/ { "or",    TRUE,  LONG,  op2(E, R),  0 },
+/*0c*/ { "or",    FALSE, BYTE,  op2(I, A),  0 },
+/*0d*/ { "or",    FALSE, LONG,  op2(I, A),  0 },
+/*0e*/ { "push",  FALSE, NONE,  op1(Si),    0 },
+/*0f*/ { "",      FALSE, NONE,  0,          0 },
+
+/*10*/ { "adc",   TRUE,  BYTE,  op2(R, E),  0 },
+/*11*/ { "adc",   TRUE,  LONG,  op2(R, E),  0 },
+/*12*/ { "adc",   TRUE,  BYTE,  op2(E, R),  0 },
+/*13*/ { "adc",   TRUE,  LONG,  op2(E, R),  0 },
+/*14*/ { "adc",   FALSE, BYTE,  op2(I, A),  0 },
+/*15*/ { "adc",   FALSE, LONG,  op2(Is, A), 0 },
+/*16*/ { "push",  FALSE, NONE,  op1(Si),    0 },
+/*17*/ { "pop",   FALSE, NONE,  op1(Si),    0 },
+
+/*18*/ { "sbb",   TRUE,  BYTE,  op2(R, E),  0 },
+/*19*/ { "sbb",   TRUE,  LONG,  op2(R, E),  0 },
+/*1a*/ { "sbb",   TRUE,  BYTE,  op2(E, R),  0 },
+/*1b*/ { "sbb",   TRUE,  LONG,  op2(E, R),  0 },
+/*1c*/ { "sbb",   FALSE, BYTE,  op2(I, A),  0 },
+/*1d*/ { "sbb",   FALSE, LONG,  op2(Is, A), 0 },
+/*1e*/ { "push",  FALSE, NONE,  op1(Si),    0 },
+/*1f*/ { "pop",   FALSE, NONE,  op1(Si),    0 },
+
+/*20*/ { "and",   TRUE,  BYTE,  op2(R, E),  0 },
+/*21*/ { "and",   TRUE,  LONG,  op2(R, E),  0 },
+/*22*/ { "and",   TRUE,  BYTE,  op2(E, R),  0 },
+/*23*/ { "and",   TRUE,  LONG,  op2(E, R),  0 },
+/*24*/ { "and",   FALSE, BYTE,  op2(I, A),  0 },
+/*25*/ { "and",   FALSE, LONG,  op2(I, A),  0 },
+/*26*/ { "",      FALSE, NONE,  0,          0 },
+/*27*/ { "daa",   FALSE, NONE,  0,          0 },
+
+/*28*/ { "sub",   TRUE,  BYTE,  op2(R, E),  0 },
+/*29*/ { "sub",   TRUE,  LONG,  op2(R, E),  0 },
+/*2a*/ { "sub",   TRUE,  BYTE,  op2(E, R),  0 },
+/*2b*/ { "sub",   TRUE,  LONG,  op2(E, R),  0 },
+/*2c*/ { "sub",   FALSE, BYTE,  op2(I, A),  0 },
+/*2d*/ { "sub",   FALSE, LONG,  op2(Is, A), 0 },
+/*2e*/ { "",      FALSE, NONE,  0,          0 },
+/*2f*/ { "das",   FALSE, NONE,  0,          0 },
+
+/*30*/ { "xor",   TRUE,  BYTE,  op2(R, E),  0 },
+/*31*/ { "xor",   TRUE,  LONG,  op2(R, E),  0 },
+/*32*/ { "xor",   TRUE,  BYTE,  op2(E, R),  0 },
+/*33*/ { "xor",   TRUE,  LONG,  op2(E, R),  0 },
+/*34*/ { "xor",   FALSE, BYTE,  op2(I, A),  0 },
+/*35*/ { "xor",   FALSE, LONG,  op2(I, A),  0 },
+/*36*/ { "",      FALSE, NONE,  0,          0 },
+/*37*/ { "aaa",   FALSE, NONE,  0,          0 },
+
+/*38*/ { "cmp",   TRUE,  BYTE,  op2(R, E),  0 },
+/*39*/ { "cmp",   TRUE,  LONG,  op2(R, E),  0 },
+/*3a*/ { "cmp",   TRUE,  BYTE,  op2(E, R),  0 },
+/*3b*/ { "cmp",   TRUE,  LONG,  op2(E, R),  0 },
+/*3c*/ { "cmp",   FALSE, BYTE,  op2(I, A),  0 },
+/*3d*/ { "cmp",   FALSE, LONG,  op2(Is, A), 0 },
+/*3e*/ { "",      FALSE, NONE,  0,          0 },
+/*3f*/ { "aas",   FALSE, NONE,  0,          0 },
+
+/*40*/ { "inc",   FALSE, LONG,  op1(Ri),    0 },
+/*41*/ { "inc",   FALSE, LONG,  op1(Ri),    0 },
+/*42*/ { "inc",   FALSE, LONG,  op1(Ri),    0 },
+/*43*/ { "inc",   FALSE, LONG,  op1(Ri),    0 },
+/*44*/ { "inc",   FALSE, LONG,  op1(Ri),    0 },
+/*45*/ { "inc",   FALSE, LONG,  op1(Ri),    0 },
+/*46*/ { "inc",   FALSE, LONG,  op1(Ri),    0 },
+/*47*/ { "inc",   FALSE, LONG,  op1(Ri),    0 },
+
+/*48*/ { "dec",   FALSE, LONG,  op1(Ri),    0 },
+/*49*/ { "dec",   FALSE, LONG,  op1(Ri),    0 },
+/*4a*/ { "dec",   FALSE, LONG,  op1(Ri),    0 },
+/*4b*/ { "dec",   FALSE, LONG,  op1(Ri),    0 },
+/*4c*/ { "dec",   FALSE, LONG,  op1(Ri),    0 },
+/*4d*/ { "dec",   FALSE, LONG,  op1(Ri),    0 },
+/*4e*/ { "dec",   FALSE, LONG,  op1(Ri),    0 },
+/*4f*/ { "dec",   FALSE, LONG,  op1(Ri),    0 },
+
+/*50*/ { "push",  FALSE, LONG,  op1(Ri),    0 },
+/*51*/ { "push",  FALSE, LONG,  op1(Ri),    0 },
+/*52*/ { "push",  FALSE, LONG,  op1(Ri),    0 },
+/*53*/ { "push",  FALSE, LONG,  op1(Ri),    0 },
+/*54*/ { "push",  FALSE, LONG,  op1(Ri),    0 },
+/*55*/ { "push",  FALSE, LONG,  op1(Ri),    0 },
+/*56*/ { "push",  FALSE, LONG,  op1(Ri),    0 },
+/*57*/ { "push",  FALSE, LONG,  op1(Ri),    0 },
+
+/*58*/ { "pop",   FALSE, LONG,  op1(Ri),    0 },
+/*59*/ { "pop",   FALSE, LONG,  op1(Ri),    0 },
+/*5a*/ { "pop",   FALSE, LONG,  op1(Ri),    0 },
+/*5b*/ { "pop",   FALSE, LONG,  op1(Ri),    0 },
+/*5c*/ { "pop",   FALSE, LONG,  op1(Ri),    0 },
+/*5d*/ { "pop",   FALSE, LONG,  op1(Ri),    0 },
+/*5e*/ { "pop",   FALSE, LONG,  op1(Ri),    0 },
+/*5f*/ { "pop",   FALSE, LONG,  op1(Ri),    0 },
+
+/*60*/ { "pusha", FALSE, LONG,  0,          0 },
+/*61*/ { "popa",  FALSE, LONG,  0,          0 },
+/*62*/  { "bound", TRUE,  LONG,  op2(E, R),  0 },
+/*63*/ { "arpl",  TRUE,  NONE,  op2(Rw,Ew), 0 },
+
+/*64*/ { "",      FALSE, NONE,  0,          0 },
+/*65*/ { "",      FALSE, NONE,  0,          0 },
+/*66*/ { "",      FALSE, NONE,  0,          0 },
+/*67*/ { "",      FALSE, NONE,  0,          0 },
+
+/*68*/ { "push",  FALSE, LONG,  op1(I),     0 },
+/*69*/  { "imul",  TRUE,  LONG,  op3(I,E,R), 0 },
+/*6a*/ { "push",  FALSE, LONG,  op1(Ibs),   0 },
+/*6b*/  { "imul",  TRUE,  LONG,  op3(Ibs,E,R),0 },
+/*6c*/ { "ins",   FALSE, BYTE,  op2(DX, DI), 0 },
+/*6d*/ { "ins",   FALSE, LONG,  op2(DX, DI), 0 },
+/*6e*/ { "outs",  FALSE, BYTE,  op2(SI, DX), 0 },
+/*6f*/ { "outs",  FALSE, LONG,  op2(SI, DX), 0 },
+
+/*70*/ { "jo",    FALSE, NONE,  op1(Db),     0 },
+/*71*/ { "jno",   FALSE, NONE,  op1(Db),     0 },
+/*72*/ { "jb",    FALSE, NONE,  op1(Db),     0 },
+/*73*/ { "jnb",   FALSE, NONE,  op1(Db),     0 },
+/*74*/ { "jz",    FALSE, NONE,  op1(Db),     0 },
+/*75*/ { "jnz",   FALSE, NONE,  op1(Db),     0 },
+/*76*/ { "jbe",   FALSE, NONE,  op1(Db),     0 },
+/*77*/ { "jnbe",  FALSE, NONE,  op1(Db),     0 },
+
+/*78*/ { "js",    FALSE, NONE,  op1(Db),     0 },
+/*79*/ { "jns",   FALSE, NONE,  op1(Db),     0 },
+/*7a*/ { "jp",    FALSE, NONE,  op1(Db),     0 },
+/*7b*/ { "jnp",   FALSE, NONE,  op1(Db),     0 },
+/*7c*/ { "jl",    FALSE, NONE,  op1(Db),     0 },
+/*7d*/ { "jnl",   FALSE, NONE,  op1(Db),     0 },
+/*7e*/ { "jle",   FALSE, NONE,  op1(Db),     0 },
+/*7f*/ { "jnle",  FALSE, NONE,  op1(Db),     0 },
+
+/*80*/  { "",     TRUE,  BYTE,  op2(I, E),   db_Grp1 },
+/*81*/  { "",     TRUE,  LONG,  op2(I, E),   db_Grp1 },
+/*82*/  { "",     TRUE,  BYTE,  op2(I, E),   db_Grp1 },
+/*83*/  { "",     TRUE,  LONG,  op2(Ibs,E),  db_Grp1 },
+/*84*/ { "test",  TRUE,  BYTE,  op2(R, E),   0 },
+/*85*/ { "test",  TRUE,  LONG,  op2(R, E),   0 },
+/*86*/ { "xchg",  TRUE,  BYTE,  op2(R, E),   0 },
+/*87*/ { "xchg",  TRUE,  LONG,  op2(R, E),   0 },
+
+/*88*/ { "mov",   TRUE,  BYTE,  op2(R, E),   0 },
+/*89*/ { "mov",   TRUE,  LONG,  op2(R, E),   0 },
+/*8a*/ { "mov",   TRUE,  BYTE,  op2(E, R),   0 },
+/*8b*/ { "mov",   TRUE,  LONG,  op2(E, R),   0 },
+/*8c*/  { "mov",   TRUE,  NONE,  op2(S, Ew),  0 },
+/*8d*/ { "lea",   TRUE,  LONG,  op2(E, R),   0 },
+/*8e*/ { "mov",   TRUE,  NONE,  op2(Ew, S),  0 },
+/*8f*/ { "pop",   TRUE,  LONG,  op1(E),      0 },
+
+/*90*/ { "nop",   FALSE, NONE,  0,           0 },
+/*91*/ { "xchg",  FALSE, LONG,  op2(A, Ri),  0 },
+/*92*/ { "xchg",  FALSE, LONG,  op2(A, Ri),  0 },
+/*93*/ { "xchg",  FALSE, LONG,  op2(A, Ri),  0 },
+/*94*/ { "xchg",  FALSE, LONG,  op2(A, Ri),  0 },
+/*95*/ { "xchg",  FALSE, LONG,  op2(A, Ri),  0 },
+/*96*/ { "xchg",  FALSE, LONG,  op2(A, Ri),  0 },
+/*97*/ { "xchg",  FALSE, LONG,  op2(A, Ri),  0 },
+
+/*98*/ { "cbw",   FALSE, SDEP,  0,           "cwde" }, /* cbw/cwde */
+/*99*/ { "cwd",   FALSE, SDEP,  0,           "cdq"  }, /* cwd/cdq */
+/*9a*/ { "lcall", FALSE, NONE,  op1(OS),     0 },
+/*9b*/ { "wait",  FALSE, NONE,  0,           0 },
+/*9c*/ { "pushf", FALSE, LONG,  0,           0 },
+/*9d*/ { "popf",  FALSE, LONG,  0,           0 },
+/*9e*/ { "sahf",  FALSE, NONE,  0,           0 },
+/*9f*/ { "lahf",  FALSE, NONE,  0,           0 },
+
+/*a0*/ { "mov",   FALSE, BYTE,  op2(O, A),   0 },
+/*a1*/ { "mov",   FALSE, LONG,  op2(O, A),   0 },
+/*a2*/ { "mov",   FALSE, BYTE,  op2(A, O),   0 },
+/*a3*/ { "mov",   FALSE, LONG,  op2(A, O),   0 },
+/*a4*/ { "movs",  FALSE, BYTE,  op2(SI,DI),  0 },
+/*a5*/ { "movs",  FALSE, LONG,  op2(SI,DI),  0 },
+/*a6*/ { "cmps",  FALSE, BYTE,  op2(SI,DI),  0 },
+/*a7*/ { "cmps",  FALSE, LONG,  op2(SI,DI),  0 },
+
+/*a8*/ { "test",  FALSE, BYTE,  op2(I, A),   0 },
+/*a9*/ { "test",  FALSE, LONG,  op2(I, A),   0 },
+/*aa*/ { "stos",  FALSE, BYTE,  op1(DI),     0 },
+/*ab*/ { "stos",  FALSE, LONG,  op1(DI),     0 },
+/*ac*/ { "lods",  FALSE, BYTE,  op1(SI),     0 },
+/*ad*/ { "lods",  FALSE, LONG,  op1(SI),     0 },
+/*ae*/ { "scas",  FALSE, BYTE,  op1(SI),     0 },
+/*af*/ { "scas",  FALSE, LONG,  op1(SI),     0 },
+
+/*b0*/ { "mov",   FALSE, BYTE,  op2(I, Ri),  0 },
+/*b1*/ { "mov",   FALSE, BYTE,  op2(I, Ri),  0 },
+/*b2*/ { "mov",   FALSE, BYTE,  op2(I, Ri),  0 },
+/*b3*/ { "mov",   FALSE, BYTE,  op2(I, Ri),  0 },
+/*b4*/ { "mov",   FALSE, BYTE,  op2(I, Ri),  0 },
+/*b5*/ { "mov",   FALSE, BYTE,  op2(I, Ri),  0 },
+/*b6*/ { "mov",   FALSE, BYTE,  op2(I, Ri),  0 },
+/*b7*/ { "mov",   FALSE, BYTE,  op2(I, Ri),  0 },
+
+/*b8*/ { "mov",   FALSE, LONG,  op2(I, Ri),  0 },
+/*b9*/ { "mov",   FALSE, LONG,  op2(I, Ri),  0 },
+/*ba*/ { "mov",   FALSE, LONG,  op2(I, Ri),  0 },
+/*bb*/ { "mov",   FALSE, LONG,  op2(I, Ri),  0 },
+/*bc*/ { "mov",   FALSE, LONG,  op2(I, Ri),  0 },
+/*bd*/ { "mov",   FALSE, LONG,  op2(I, Ri),  0 },
+/*be*/ { "mov",   FALSE, LONG,  op2(I, Ri),  0 },
+/*bf*/ { "mov",   FALSE, LONG,  op2(I, Ri),  0 },
+
+/*c0*/ { "",      TRUE,  BYTE,  op2(Ib, E),  db_Grp2 },
+/*c1*/ { "",      TRUE,  LONG,  op2(Ib, E),  db_Grp2 },
+/*c2*/ { "ret",   FALSE, NONE,  op1(Iw),     0 },
+/*c3*/ { "ret",   FALSE, NONE,  0,           0 },
+/*c4*/ { "les",   TRUE,  LONG,  op2(E, R),   0 },
+/*c5*/ { "lds",   TRUE,  LONG,  op2(E, R),   0 },
+/*c6*/ { "mov",   TRUE,  BYTE,  op2(I, E),   0 },
+/*c7*/ { "mov",   TRUE,  LONG,  op2(I, E),   0 },
+
+/*c8*/ { "enter", FALSE, NONE,  op2(Iw, Ib), 0 },
+/*c9*/ { "leave", FALSE, NONE,  0,           0 },
+/*ca*/ { "lret",  FALSE, NONE,  op1(Iw),     0 },
+/*cb*/ { "lret",  FALSE, NONE,  0,           0 },
+/*cc*/ { "int",   FALSE, NONE,  op1(o3),     0 },
+/*cd*/ { "int",   FALSE, NONE,  op1(Ib),     0 },
+/*ce*/ { "into",  FALSE, NONE,  0,           0 },
+/*cf*/ { "iret",  FALSE, NONE,  0,           0 },
+
+/*d0*/ { "",      TRUE,  BYTE,  op2(o1, E),  db_Grp2 },
+/*d1*/ { "",      TRUE,  LONG,  op2(o1, E),  db_Grp2 },
+/*d2*/ { "",      TRUE,  BYTE,  op2(CL, E),  db_Grp2 },
+/*d3*/ { "",      TRUE,  LONG,  op2(CL, E),  db_Grp2 },
+/*d4*/ { "aam",   FALSE, NONE,  op1(Iba),    0 },
+/*d5*/ { "aad",   FALSE, NONE,  op1(Iba),    0 },
+/*d6*/ { ".byte\t0xd6", FALSE, NONE, 0,      0 },
+/*d7*/ { "xlat",  FALSE, BYTE,  op1(BX),     0 },
+
+/*d8*/  { "",      TRUE,  NONE,  0,          db_Esc8 },
+/*d9*/  { "",      TRUE,  NONE,  0,          db_Esc9 },
+/*da*/  { "",      TRUE,  NONE,  0,          db_Esca },
+/*db*/  { "",      TRUE,  NONE,  0,          db_Escb },
+/*dc*/  { "",      TRUE,  NONE,  0,          db_Escc },
+/*dd*/  { "",      TRUE,  NONE,  0,          db_Escd },
+/*de*/  { "",      TRUE,  NONE,  0,          db_Esce },
+/*df*/  { "",      TRUE,  NONE,  0,          db_Escf },
+
+/*e0*/ { "loopne",FALSE, NONE,  op1(Db),     0 },
+/*e1*/ { "loope", FALSE, NONE,  op1(Db),     0 },
+/*e2*/ { "loop",  FALSE, NONE,  op1(Db),     0 },
+/*e3*/ { "jcxz",  FALSE, SDEP,  op1(Db),     "jecxz" },
+/*e4*/ { "in",    FALSE, BYTE,  op2(Ib, A),  0 },
+/*e5*/ { "in",    FALSE, LONG,  op2(Ib, A) , 0 },
+/*e6*/ { "out",   FALSE, BYTE,  op2(A, Ib),  0 },
+/*e7*/ { "out",   FALSE, LONG,  op2(A, Ib) , 0 },
+
+/*e8*/ { "call",  FALSE, NONE,  op1(Dl),     0 },
+/*e9*/ { "jmp",   FALSE, NONE,  op1(Dl),     0 },
+/*ea*/ { "ljmp",  FALSE, NONE,  op1(OS),     0 },
+/*eb*/ { "jmp",   FALSE, NONE,  op1(Db),     0 },
+/*ec*/ { "in",    FALSE, BYTE,  op2(DX, A),  0 },
+/*ed*/ { "in",    FALSE, LONG,  op2(DX, A) , 0 },
+/*ee*/ { "out",   FALSE, BYTE,  op2(A, DX),  0 },
+/*ef*/ { "out",   FALSE, LONG,  op2(A, DX) , 0 },
+
+/*f0*/ { "",      FALSE, NONE,  0,          0 },
+/*f1*/ { ".byte\t0xf1", FALSE, NONE, 0,     0 },
+/*f2*/ { "",      FALSE, NONE,  0,          0 },
+/*f3*/ { "",      FALSE, NONE,  0,          0 },
+/*f4*/ { "hlt",   FALSE, NONE,  0,          0 },
+/*f5*/ { "cmc",   FALSE, NONE,  0,          0 },
+/*f6*/ { "",      TRUE,  BYTE,  0,          db_Grp3 },
+/*f7*/ { "",      TRUE,  LONG,  0,          db_Grp3 },
+
+/*f8*/ { "clc",   FALSE, NONE,  0,          0 },
+/*f9*/ { "stc",   FALSE, NONE,  0,          0 },
+/*fa*/ { "cli",   FALSE, NONE,  0,          0 },
+/*fb*/ { "sti",   FALSE, NONE,  0,          0 },
+/*fc*/ { "cld",   FALSE, NONE,  0,          0 },
+/*fd*/ { "std",   FALSE, NONE,  0,          0 },
+/*fe*/ { "",      TRUE,  NONE,  0,          db_Grp4 },
+/*ff*/ { "",      TRUE,  NONE,  0,          db_Grp5 },
+};
+
+static const struct inst db_bad_inst =
+       { "???",   FALSE, NONE,  0,           0 }
+;
+
+#define        f_mod(byte)     ((byte)>>6)
+#define        f_reg(byte)     (((byte)>>3)&0x7)
+#define        f_rm(byte)      ((byte)&0x7)
+
+#define        sib_ss(byte)    ((byte)>>6)
+#define        sib_index(byte) (((byte)>>3)&0x7)
+#define        sib_base(byte)  ((byte)&0x7)
+
+struct i_addr {
+       int             is_reg; /* if reg, reg number is in 'disp' */
+       int             disp;
+       const char *    base;
+       const char *    index;
+       int             ss;
+};
+
+static const char * const db_index_reg_16[8] = {
+       "%bx,%si",
+       "%bx,%di",
+       "%bp,%si",
+       "%bp,%di",
+       "%si",
+       "%di",
+       "%bp",
+       "%bx"
+};
+
+static const char * const db_reg[3][8] = {
+  {"%al",  "%cl",  "%dl",  "%bl",  "%ah",  "%ch",  "%dh",  "%bh"},
+  {"%ax",  "%cx",  "%dx",  "%bx",  "%sp",  "%bp",  "%si",  "%di"},
+  {"%eax", "%ecx", "%edx", "%ebx", "%esp", "%ebp", "%esi", "%edi"}
+};
+
+static const char * const db_seg_reg[8] = {
+       "%es", "%cs", "%ss", "%ds", "%fs", "%gs", "", ""
+};
+
+/*
+ * lengths for size attributes
+ */
+static const int db_lengths[] = {
+       1,      /* BYTE */
+       2,      /* WORD */
+       4,      /* LONG */
+       8,      /* QUAD */
+       4,      /* SNGL */
+       8,      /* DBLR */
+       10,     /* EXTR */
+};
+
+#define        get_value_inc(result, loc, size, is_signed) \
+       result = db_get_value((loc), (size), (is_signed)); \
+       (loc) += (size);
+
+//static db_addr_t
+//             db_disasm_esc __P((db_addr_t loc, int inst, int short_addr,
+//                                int size, const char *seg));
+//static void  db_print_address __P((const char *seg, int size,
+//                                   struct i_addr *addrp));
+static db_addr_t
+               db_read_address __P((db_addr_t loc, int short_addr,
+                                    int regmodrm, struct i_addr *addrp));
+
+/*
+ * Read address at location and return updated location.
+ */
+static db_addr_t
+db_read_address(loc, short_addr, regmodrm, addrp)
+       db_addr_t       loc;
+       int             short_addr;
+       int             regmodrm;
+       struct i_addr * addrp;          /* out */
+{
+       int             mod, rm, sib, index, disp;
+
+       mod = f_mod(regmodrm);
+       rm  = f_rm(regmodrm);
+
+       if (mod == 3) {
+           addrp->is_reg = TRUE;
+           addrp->disp = rm;
+           return (loc);
+       }
+       addrp->is_reg = FALSE;
+       addrp->index = 0;
+
+       if (short_addr) {
+           addrp->index = 0;
+           addrp->ss = 0;
+           switch (mod) {
+               case 0:
+                   if (rm == 6) {
+                       get_value_inc(disp, loc, 2, FALSE);
+                       addrp->disp = disp;
+                       addrp->base = 0;
+                   }
+                   else {
+                       addrp->disp = 0;
+                       addrp->base = db_index_reg_16[rm];
+                   }
+                   break;
+               case 1:
+                   get_value_inc(disp, loc, 1, TRUE);
+                   disp &= 0xFFFF;
+                   addrp->disp = disp;
+                   addrp->base = db_index_reg_16[rm];
+                   break;
+               case 2:
+                   get_value_inc(disp, loc, 2, FALSE);
+                   addrp->disp = disp;
+                   addrp->base = db_index_reg_16[rm];
+                   break;
+           }
+       }
+       else {
+           if (mod != 3 && rm == 4) {
+               get_value_inc(sib, loc, 1, FALSE);
+               rm = sib_base(sib);
+               index = sib_index(sib);
+               if (index != 4)
+                   addrp->index = db_reg[LONG][index];
+               addrp->ss = sib_ss(sib);
+           }
+
+           switch (mod) {
+               case 0:
+                   if (rm == 5) {
+                       get_value_inc(addrp->disp, loc, 4, FALSE);
+                       addrp->base = 0;
+                   }
+                   else {
+                       addrp->disp = 0;
+                       addrp->base = db_reg[LONG][rm];
+                   }
+                   break;
+
+               case 1:
+                   get_value_inc(disp, loc, 1, TRUE);
+                   addrp->disp = disp;
+                   addrp->base = db_reg[LONG][rm];
+                   break;
+
+               case 2:
+                   get_value_inc(disp, loc, 4, FALSE);
+                   addrp->disp = disp;
+                   addrp->base = db_reg[LONG][rm];
+                   break;
+           }
+       }
+       return (loc);
+}
+
+/*
+ * NWT: fault injection routine only. disasm floating-point instruction
+ * and return updated location.
+ */
+static db_addr_t
+my_disasm_esc(
+             db_addr_t loc,
+             int               inst,
+             int               short_addr,
+             int               size,
+             const char *      seg)
+{
+       int             regmodrm;
+       const struct finst *    fp;
+       int             mod;
+       struct i_addr   address;
+       const char *    name;
+
+       get_value_inc(regmodrm, loc, 1, FALSE);
+       fp = &db_Esc_inst[inst - 0xd8][f_reg(regmodrm)];
+       mod = f_mod(regmodrm);
+       if (mod != 3) {
+           if (*fp->f_name == '\0') {
+               return (loc);
+           }
+           /*
+            * Normal address modes.
+            */
+           loc = db_read_address(loc, short_addr, regmodrm, &address);
+           switch(fp->f_size) {
+               case SNGL:
+                   break;
+               case DBLR:
+                   break;
+               case EXTR:
+                   break;
+               case WORD:
+                   break;
+               case LONG:
+                   break;
+               case QUAD:
+                   break;
+               default:
+                   break;
+           }
+       }
+       else {
+           /*
+            * 'reg-reg' - special formats
+            */
+           switch (fp->f_rrmode) {
+               case op2(ST,STI):
+                   name = (fp->f_rrname) ? fp->f_rrname : fp->f_name;
+                   break;
+               case op2(STI,ST):
+                   name = (fp->f_rrname) ? fp->f_rrname : fp->f_name;
+                   break;
+               case op1(STI):
+                   name = (fp->f_rrname) ? fp->f_rrname : fp->f_name;
+                   break;
+               case op1(X):
+                   name = ((const char * const *)fp->f_rrname)[f_rm(regmodrm)];
+                   if (*name == '\0')
+                       goto bad;
+                   break;
+               case op1(XA):
+                   name = ((const char * const *)fp->f_rrname)[f_rm(regmodrm)];
+                   if (*name == '\0')
+                       goto bad;
+                   break;
+               default:
+               bad:
+                   break;
+           }
+       }
+
+       return (loc);
+}
+/*
+ * Disassemble instruction at 'loc'.  'altfmt' specifies an
+ * (optional) alternate format.  Return address of start of
+ * next instruction.
+ */
+db_addr_t
+my_disasm(db_addr_t    loc,
+         boolean_t     altfmt)
+{
+       int     inst;
+       int     size;
+       int     short_addr;
+       const char *    seg;
+       const struct inst *     ip;
+       const char *    i_name;
+       int     i_size;
+       int     i_mode;
+       int     regmodrm = 0;
+       boolean_t       first;
+       int     displ;
+       int     prefix;
+       int     imm;
+       int     imm2;
+       int     len;
+       struct i_addr   address;
+
+       get_value_inc(inst, loc, 1, FALSE);
+       short_addr = FALSE;
+       size = LONG;
+       seg = 0;
+
+       /*
+        * Get prefixes
+        */
+       prefix = TRUE;
+       do {
+           switch (inst) {
+               case 0x66:              /* data16 */
+                   size = WORD;
+                   break;
+               case 0x67:
+                   short_addr = TRUE;
+                   break;
+               case 0x26:
+                   seg = "%es";
+                   break;
+               case 0x36:
+                   seg = "%ss";
+                   break;
+               case 0x2e:
+                   seg = "%cs";
+                   break;
+               case 0x3e:
+                   seg = "%ds";
+                   break;
+               case 0x64:
+                   seg = "%fs";
+                   break;
+               case 0x65:
+                   seg = "%gs";
+                   break;
+               case 0xf0:
+                   // db_printf("lock ");
+                   break;
+               case 0xf2:
+                   // db_printf("repne ");
+                   break;
+               case 0xf3:
+                   // db_printf("repe ");      /* XXX repe VS rep */
+                   break;
+               default:
+                   prefix = FALSE;
+                   break;
+           }
+           if (prefix) {
+               get_value_inc(inst, loc, 1, FALSE);
+           }
+       } while (prefix);
+
+       if (inst >= 0xd8 && inst <= 0xdf) {
+           loc = my_disasm_esc(loc, inst, short_addr, size, seg);
+           return (loc);
+       }
+
+       if (inst == 0x0f) {
+           get_value_inc(inst, loc, 1, FALSE);
+           ip = db_inst_0f[inst>>4];
+           if (ip == 0) {
+               ip = &db_bad_inst;
+           }
+           else {
+               ip = &ip[inst&0xf];
+           }
+       }
+       else
+           ip = &db_inst_table[inst];
+
+       if (ip->i_has_modrm) {
+           unsigned long prev_loc=loc;
+           extern unsigned long modAddr;
+
+           get_value_inc(regmodrm, loc, 1, FALSE);
+           loc = db_read_address(loc, short_addr, regmodrm, &address);
+               modAddr=prev_loc;
+//         printf("modrm at %x, offset %d\n", loc, loc-prev_loc);
+       }
+
+       i_name = ip->i_name;
+       i_size = ip->i_size;
+       i_mode = ip->i_mode;
+
+       if (ip->i_extra == db_Grp1 || ip->i_extra == db_Grp2 ||
+           ip->i_extra == db_Grp6 || ip->i_extra == db_Grp7 ||
+           ip->i_extra == db_Grp8 || ip->i_extra == db_Grp9) {
+           i_name = ((const char * const *)ip->i_extra)[f_reg(regmodrm)];
+       }
+       else if (ip->i_extra == db_Grp3) {
+           ip = ip->i_extra;
+           ip = &ip[f_reg(regmodrm)];
+           i_name = ip->i_name;
+           i_mode = ip->i_mode;
+       }
+       else if (ip->i_extra == db_Grp4 || ip->i_extra == db_Grp5) {
+           ip = ip->i_extra;
+           ip = &ip[f_reg(regmodrm)];
+           i_name = ip->i_name;
+           i_mode = ip->i_mode;
+           i_size = ip->i_size;
+       }
+
+       if (i_size == SDEP) {
+       }
+       else {
+           if (i_size != NONE) {
+               if (i_size == BYTE) {
+                   size = BYTE;
+               }
+               else if (i_size == WORD) {
+                   size = WORD;
+               }
+           }
+       }
+       for (first = TRUE;
+            i_mode != 0;
+            i_mode >>= 8, first = FALSE)
+       {
+
+           switch (i_mode & 0xFF) {
+
+               case E:
+                   // db_print_address(seg, size, &address);
+                   break;
+
+               case Eind:
+                   // db_print_address(seg, size, &address);
+                   break;
+
+               case El:
+                   // db_print_address(seg, LONG, &address);
+                   break;
+
+               case Ew:
+                   // db_print_address(seg, WORD, &address);
+                   break;
+
+               case Eb:
+                   // db_print_address(seg, BYTE, &address);
+                   break;
+
+               case R:
+                   // db_printf("%s", db_reg[size][f_reg(regmodrm)]);
+                   break;
+
+               case Rw:
+                   // db_printf("%s", db_reg[WORD][f_reg(regmodrm)]);
+                   break;
+
+               case Ri:
+                   // db_printf("%s", db_reg[size][f_rm(inst)]);
+                   break;
+
+               case Ril:
+                   // db_printf("%s", db_reg[LONG][f_rm(inst)]);
+                   break;
+
+               case S:
+                   // db_printf("%s", db_seg_reg[f_reg(regmodrm)]);
+                   break;
+
+               case Si:
+                   // db_printf("%s", db_seg_reg[f_reg(inst)]);
+                   break;
+
+               case A:
+                   // db_printf("%s", db_reg[size][0]);        /* acc */
+                   break;
+
+               case BX:
+                   break;
+
+               case CL:
+                   break;
+
+               case DX:
+                   break;
+
+               case SI:
+                   break;
+
+               case DI:
+                   break;
+
+               case CR:
+                   break;
+
+               case DR:
+                   break;
+
+               case TR:
+                   break;
+
+               case I:
+                   len = db_lengths[size];
+                   get_value_inc(imm, loc, len, FALSE);
+                   break;
+
+               case Is:
+                   len = db_lengths[size];
+                   get_value_inc(imm, loc, len, FALSE);
+                   /*
+                    * XXX the + in this format doesn't seem to work right.
+                    * `Is' is equivalent to `I'.
+                    */
+                   break;
+
+               case Ib:
+                   get_value_inc(imm, loc, 1, FALSE);
+                   break;
+
+               case Iba:
+                   get_value_inc(imm, loc, 1, FALSE);
+                   break;
+
+               case Ibs:
+                   get_value_inc(imm, loc, 1, TRUE);
+                   if (size == WORD)
+                       imm &= 0xFFFF;
+                   break;
+
+               case Iw:
+                   get_value_inc(imm, loc, 2, FALSE);
+                   break;
+
+               case O:
+                   len = (short_addr ? 2 : 4);
+                   get_value_inc(displ, loc, len, FALSE);
+                   if (seg) ;
+                   else
+//                     db_printsym((db_addr_t)displ, DB_STGY_ANY);
+                   break;
+
+               case Db:
+                   get_value_inc(displ, loc, 1, TRUE);
+                   displ += loc;
+                   if (size == WORD)
+                       displ &= 0xFFFF;
+//                 db_printsym((db_addr_t)displ, DB_STGY_XTRN);
+                   break;
+
+               case Dl:
+                   len = db_lengths[size];
+                   get_value_inc(displ, loc, len, FALSE);
+                   displ += loc;
+                   if (size == WORD)
+                       displ &= 0xFFFF;
+//                 db_printsym((db_addr_t)displ, DB_STGY_XTRN);
+                   break;
+
+               case o1:
+                   break;
+
+               case o3:
+                   break;
+
+               case OS:
+                   len = db_lengths[size];
+                   get_value_inc(imm, loc, len, FALSE);        /* offset */
+                   get_value_inc(imm2, loc, 2, FALSE); /* segment */
+                   break;
+           }
+       }
+//     db_printf("\n");
+       return (loc);
+}

diff --git a/commands/swifi/db_machdep.h b/commands/swifi/db_machdep.h
new file mode 100644 (file)
index 0000000..07f71dc
--- /dev/null
+++ b/commands/swifi/db_machdep.h
@@ -0,0 +1,99 @@
+/*
+ * Mach Operating System
+ * Copyright (c) 1991,1990 Carnegie Mellon University
+ * All Rights Reserved.
+ *
+ * Permission to use, copy, modify and distribute this software and its
+ * documentation is hereby granted, provided that both the copyright
+ * notice and this permission notice appear in all copies of the
+ * software, derivative works or modified versions, and any portions
+ * thereof, and that both notices appear in supporting documentation.
+ *
+ * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS "AS IS"
+ * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
+ * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
+ *
+ * Carnegie Mellon requests users of this software to return to
+ *
+ *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
+ *  School of Computer Science
+ *  Carnegie Mellon University
+ *  Pittsburgh PA 15213-3890
+ *
+ * any improvements or extensions that they make and grant Carnegie Mellon
+ * the rights to redistribute these changes.
+ *
+ *     $Id: db_machdep.h,v 1.1 2003/01/15 21:51:24 mikesw Exp $
+ */
+
+#ifndef _MACHINE_DB_MACHDEP_H_
+#define        _MACHINE_DB_MACHDEP_H_
+
+//#include <machine/frame.h>
+//#include <machine/psl.h>
+
+#ifndef TRUE
+#define TRUE 1
+#endif
+
+#ifndef FALSE
+#define FALSE 0
+#endif
+
+#define i386_saved_state trapframe
+
+typedef        vm_offset_t     db_addr_t;      /* address - unsigned */
+typedef        int             db_expr_t;      /* expression - signed */
+
+typedef struct i386_saved_state db_regs_t;
+extern db_regs_t       ddb_regs;       /* register state */
+#define        DDB_REGS        (&ddb_regs)
+
+#define        PC_REGS(regs)   (((regs)->tf_cs & 0xfffc) == 0x08 \
+                        ? (db_addr_t)(regs)->tf_eip : 0)
+
+#define        BKPT_INST       0xcc            /* breakpoint instruction */
+#define        BKPT_SIZE       (1)             /* size of breakpoint inst */
+#define        BKPT_SET(inst)  (BKPT_INST)
+
+#define        FIXUP_PC_AFTER_BREAK    ddb_regs.tf_eip -= 1;
+
+#define        db_clear_single_step(regs)      ((regs)->tf_eflags &= ~PSL_T)
+#define        db_set_single_step(regs)        ((regs)->tf_eflags |=  PSL_T)
+
+#define        IS_BREAKPOINT_TRAP(type, code)  ((type) == T_BPTFLT)
+/*
+ * Watchpoints are not supported.  The debug exception type is in %dr6
+ * and not yet in the args to this macro.
+ */
+#define IS_WATCHPOINT_TRAP(type, code) 0
+
+#define        I_CALL          0xe8
+#define        I_CALLI         0xff
+#define        I_RET           0xc3
+#define        I_IRET          0xcf
+
+#define        inst_trap_return(ins)   (((ins)&0xff) == I_IRET)
+#define        inst_return(ins)        (((ins)&0xff) == I_RET)
+#define        inst_call(ins)          (((ins)&0xff) == I_CALL || \
+                                (((ins)&0xff) == I_CALLI && \
+                                 ((ins)&0x3800) == 0x1000))
+#define inst_load(ins)         0
+#define inst_store(ins)                0
+
+/*
+ * There no interesting addresses below _kstack = 0xefbfe000.  There
+ * are small absolute values for GUPROF, but we don't want to see them.
+ * Treat "negative" addresses below _kstack as non-small to allow for
+ * future reductions of _kstack and to avoid sign extension problems.
+ *
+ * There is one interesting symbol above -db_maxoff = 0xffff0000,
+ * namely _APTD = 0xfffff000.  Accepting this would mess up the
+ * printing of small negative offsets.  The next largest symbol is
+ * _APTmap = 0xffc00000.  Accepting this is OK (unless db_maxoff is
+ * set to >= 0x400000 - (max stack offset)).
+ */
+#define        DB_SMALL_VALUE_MAX      0x7fffffff
+#define        DB_SMALL_VALUE_MIN      (-0x400001)
+
+#endif /* !_MACHINE_DB_MACHDEP_H_ */

diff --git a/commands/swifi/db_sym.c b/commands/swifi/db_sym.c
new file mode 100644 (file)
index 0000000..86460b1
--- /dev/null
+++ b/commands/swifi/db_sym.c
@@ -0,0 +1,583 @@
+/*
+ * Mach Operating System
+ * Copyright (c) 1991,1990 Carnegie Mellon University
+ * All Rights Reserved.
+ *
+ * Permission to use, copy, modify and distribute this software and its
+ * documentation is hereby granted, provided that both the copyright
+ * notice and this permission notice appear in all copies of the
+ * software, derivative works or modified versions, and any portions
+ * thereof, and that both notices appear in supporting documentation.
+ *
+ * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS
+ * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
+ * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
+ *
+ * Carnegie Mellon requests users of this software to return to
+ *
+ *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
+ *  School of Computer Science
+ *  Carnegie Mellon University
+ *  Pittsburgh PA 15213-3890
+ *
+ * any improvements or extensions that they make and grant Carnegie the
+ * rights to redistribute these changes.
+ *
+ *     $Id: db_sym.c,v 1.2 2003/01/16 01:06:09 mikesw Exp $
+ */
+
+/*
+ *     Author: David B. Golub, Carnegie Mellon University
+ *     Date:   7/90
+ */
+//#include <sys/param.h>
+//#include <sys/systm.h>
+#include <linux/kernel.h>
+#include <linux/string.h>
+#include <linux/kallsyms.h>
+#include "ddb.h"
+#include "db_sym.h"
+#include "swifi.h"
+
+/*
+ * Multiple symbol tables
+ */
+#ifndef MAXNOSYMTABS
+#define        MAXNOSYMTABS    3       /* mach, ux, emulator */
+#endif
+#if 0
+
+static db_symtab_t     db_symtabs[MAXNOSYMTABS] = {{0,},};
+static int db_nsymtab = 0;
+
+static db_symtab_t     *db_last_symtab;
+
+static db_sym_t                db_lookup __P(( char *symstr));
+static char            *db_qualify __P((db_sym_t sym, char *symtabname));
+static boolean_t       db_symbol_is_ambiguous __P((db_sym_t sym));
+static boolean_t       db_line_at_pc __P((db_sym_t, char **, int *, 
+                               db_expr_t));
+
+/*
+ * Add symbol table, with given name, to list of symbol tables.
+ */
+void
+db_add_symbol_table(start, end, name, ref)
+       char *start;
+       char *end;
+       char *name;
+       char *ref;
+{
+       if (db_nsymtab >= MAXNOSYMTABS) {
+               printk ("No slots left for %s symbol table", name);
+               panic ("db_sym.c: db_add_symbol_table");
+       }
+
+       db_symtabs[db_nsymtab].start = start;
+       db_symtabs[db_nsymtab].end = end;
+       db_symtabs[db_nsymtab].name = name;
+       db_symtabs[db_nsymtab].private = ref;
+       db_nsymtab++;
+}
+
+/*
+ *  db_qualify("vm_map", "ux") returns "unix:vm_map".
+ *
+ *  Note: return value points to static data whose content is
+ *  overwritten by each call... but in practice this seems okay.
+ */
+static char *
+db_qualify(sym, symtabname)
+       db_sym_t        sym;
+       register char   *symtabname;
+{
+       char            *symname;
+       static char     tmp[256];
+
+       db_symbol_values(sym, &symname, 0);
+       strcpy(tmp,symtabname);
+       strcat(tmp,":");
+       strcat(tmp,symname);
+       return tmp;
+}
+
+
+boolean_t
+db_eqname(src, dst, c)
+       char *src;
+       char *dst;
+       char c;
+{
+       if (!strcmp(src, dst))
+           return (TRUE);
+       if (src[0] == c)
+           return (!strcmp(src+1,dst));
+       return (FALSE);
+}
+
+boolean_t
+db_value_of_name(name, valuep)
+       char            *name;
+       db_expr_t       *valuep;
+{
+       db_sym_t        sym;
+
+       sym = db_lookup(name);
+       if (sym == DB_SYM_NULL)
+           return (FALSE);
+       db_symbol_values(sym, &name, valuep);
+       return (TRUE);
+}
+
+
+/*
+ * Lookup a symbol.
+ * If the symbol has a qualifier (e.g., ux:vm_map),
+ * then only the specified symbol table will be searched;
+ * otherwise, all symbol tables will be searched.
+ */
+static db_sym_t
+db_lookup(symstr)
+       char *symstr;
+{
+       db_sym_t sp;
+       register int i;
+       int symtab_start = 0;
+       int symtab_end = db_nsymtab;
+       register char *cp;
+
+       /*
+        * Look for, remove, and remember any symbol table specifier.
+        */
+       for (cp = symstr; *cp; cp++) {
+               if (*cp == ':') {
+                       *cp = '\0';
+                       for (i = 0; i < db_nsymtab; i++) {
+                               if (! strcmp(symstr, db_symtabs[i].name)) {
+                                       symtab_start = i;
+                                       symtab_end = i + 1;
+                                       break;
+                               }
+                       }
+                       *cp = ':';
+                       if (i == db_nsymtab) {
+                               db_error("invalid symbol table name");
+                       }
+                       symstr = cp+1;
+               }
+       }
+
+       /*
+        * Look in the specified set of symbol tables.
+        * Return on first match.
+        */
+       for (i = symtab_start; i < symtab_end; i++) {
+               sp = X_db_lookup(&db_symtabs[i], symstr);
+               if (sp) {
+                       db_last_symtab = &db_symtabs[i];
+                       return sp;
+               }
+       }
+       return 0;
+}
+
+/*
+ * Does this symbol name appear in more than one symbol table?
+ * Used by db_symbol_values to decide whether to qualify a symbol.
+ */
+static boolean_t db_qualify_ambiguous_names = FALSE;
+
+static boolean_t
+db_symbol_is_ambiguous(sym)
+       db_sym_t        sym;
+{
+       char            *sym_name;
+       register int    i;
+       register
+       boolean_t       found_once = FALSE;
+
+       if (!db_qualify_ambiguous_names)
+               return FALSE;
+
+       db_symbol_values(sym, &sym_name, 0);
+       for (i = 0; i < db_nsymtab; i++) {
+               if (X_db_lookup(&db_symtabs[i], sym_name)) {
+                       if (found_once)
+                               return TRUE;
+                       found_once = TRUE;
+               }
+       }
+       return FALSE;
+}
+
+/*
+ * Find the closest symbol to val, and return its name
+ * and the difference between val and the symbol found.
+ */
+db_sym_t
+db_search_symbol( val, strategy, offp)
+       register db_addr_t      val;
+       db_strategy_t           strategy;
+       db_expr_t               *offp;
+{
+       register
+       unsigned int    diff;
+       unsigned int    newdiff;
+       register int    i;
+       db_sym_t        ret = DB_SYM_NULL, sym;
+
+       newdiff = diff = ~0;
+       db_last_symtab = 0;
+       for (i = 0; i < db_nsymtab; i++) {
+           sym = X_db_search_symbol(&db_symtabs[i], val, strategy, &newdiff);
+           if (newdiff < diff) {
+               db_last_symtab = &db_symtabs[i];
+               diff = newdiff;
+               ret = sym;
+           }
+       }
+       *offp = diff;
+       return ret;
+}
+
+/*
+ * Return name and value of a symbol
+ */
+void
+db_symbol_values(sym, namep, valuep)
+       db_sym_t        sym;
+       char            **namep;
+       db_expr_t       *valuep;
+{
+       db_expr_t       value;
+
+       if (sym == DB_SYM_NULL) {
+               *namep = 0;
+               return;
+       }
+
+       X_db_symbol_values(sym, namep, &value);
+       if (db_symbol_is_ambiguous(sym))
+               *namep = db_qualify(sym, db_last_symtab->name);
+       if (valuep)
+               *valuep = value;
+}
+
+
+/*
+ * Print a the closest symbol to value
+ *
+ * After matching the symbol according to the given strategy
+ * we print it in the name+offset format, provided the symbol's
+ * value is close enough (eg smaller than db_maxoff).
+ * We also attempt to print [filename:linenum] when applicable
+ * (eg for procedure names).
+ *
+ * If we could not find a reasonable name+offset representation,
+ * then we just print the value in hex.  Small values might get
+ * bogus symbol associations, e.g. 3 might get some absolute
+ * value like _INCLUDE_VERSION or something, therefore we do
+ * not accept symbols whose value is "small" (and use plain hex).
+ */
+
+
+void
+db_printsym(off, strategy)
+       db_expr_t       off;
+       db_strategy_t   strategy;
+{
+       db_expr_t       d;
+       char            *filename;
+       char            *name;
+       db_expr_t       value;
+       int             linenum;
+       db_sym_t        cursym;
+
+       cursym = db_search_symbol(off, strategy, &d);
+       db_symbol_values(cursym, &name, &value);
+       if (name == 0)
+               value = off;
+       if (value >= DB_SMALL_VALUE_MIN && value <= DB_SMALL_VALUE_MAX) {
+               printk("0x%x", off);
+               return;
+       }
+       if (name == 0 || d >= db_maxoff) {
+               printk("0x%x", off);
+               return;
+       }
+       printk("%s", name);
+       if (d)
+               printk("+0x%x", d);
+       if (strategy == DB_STGY_PROC) {
+         //            if (db_line_at_pc(cursym, &filename, &linenum, off))
+         //                    printk(" [%s:%d]", filename, linenum);
+       }
+}
+
+#endif 
+
+unsigned int   db_maxoff = 0x10000;
+unsigned long modAddr = 0;
+
+/* NWT: fault injection routine only. 
+ * figure out start of function address given an address (off) in kernel text.
+ *     name = function name
+ *     value = function address
+ *  d = difference between off and function address
+ * input is the desired address off and fault type
+ * returns closest instruction address (if found), NULL otherwise
+ */
+unsigned long
+find_faulty_instr(db_expr_t off, int type, int *instr_len)
+{
+  db_expr_t       d;
+  char            *name;
+  db_expr_t       value, cur_value, prev_value = 0;
+  int          verbose=0, found=0;
+  const char * mod_name = NULL;
+  unsigned long mod_start;
+  unsigned long mod_end;
+  const char * sec_name = NULL;
+  unsigned long sec_start;
+  unsigned long sec_end;
+  const char * sym_name = NULL;
+  unsigned long sym_start;
+  unsigned long sym_end;
+  
+
+  *instr_len = 0;
+  if (kallsyms_address_to_symbol(off,
+                                &mod_name, &mod_start, &mod_end,
+                                &sec_name, &sec_start, &sec_end,
+                                &sym_name, &sym_start, &sym_end) == 0) {
+    return(0);
+  }
+  
+  value = (db_expr_t) sym_start;
+  d = off - sym_start;
+  name = (char *) sym_name;
+
+  if (name == 0) {
+    value = off;
+  }
+
+  if (value >= DB_SMALL_VALUE_MIN && value <= DB_SMALL_VALUE_MAX) {
+    printk("0x%x", off);
+    return 0;
+  }
+
+  if (name == 0 || d >= db_maxoff) {
+    printk("0x%x", off);
+    return 0 ;
+  }
+  /* 2) backup to start of function (SOF) 
+   * 3) delineate instruction boundaries, find instruction length too.
+   */
+
+  if(verbose) {
+    printk("function %s", sym_name);
+  }
+
+  /* 4)  skip instructions until we get to our faulty address */
+  cur_value = value;
+  while(cur_value < sec_end) {
+    if(verbose) { 
+      //       db_printsym(cur_value, DB_STGY_PROC); 
+      //       printk(":\t");
+    }
+    prev_value=cur_value;
+    modAddr=0;
+    if(verbose) {
+      //cur_value=db_disasm(prev_value, FALSE); 
+    } else {
+      cur_value=my_disasm(prev_value, FALSE); 
+    }
+    
+    /* 4a) bail out if instruction is leave (0xc9) */
+    if(cur_value-prev_value == 1) {
+      unsigned char *c;
+      c=(char *) prev_value;
+      if(*c==0xc9)     {
+       if(verbose) printk("bailing out as we hit a leave\n");
+       found=0;
+       break;
+      }
+    }
+    /* 5a) init fault: from SOF, look for movl $X, -Y(%ebp), 
+     *     (C645Fxxx or C745Fxxx) and replace with nop.
+     */
+    if(type==INIT_FAULT) {
+      unsigned char *c;
+      c=(char *) prev_value;
+
+      if(*c==0x66 || *c==0x67) 
+       c++;    /* override prefix */
+
+      if(*c==0xC6 || *c==0xC7) 
+       c++;    /* movb or movl imm */
+      else 
+       continue;
+
+      if(*c==0x45) 
+       c++;                            /* [ebp]        */
+      else 
+       continue;
+
+      if(*c & 0x80) 
+       found=1;                        /* negative displacement */
+      else 
+       continue;
+
+      found=1; 
+      break;
+    } else if(type==NOP_FAULT) {
+      /* 5b) nop*: replace instruction with nop */
+      if(cur_value> off) {
+       found=1;
+       break;
+      }
+    } else if(type==DST_FAULT || type==SRC_FAULT) {
+      /* 5c) dst/src: flip bits in mod/rm, sib, disp or imm fields */
+      if(cur_value>off && (cur_value-prev_value) > 1) {
+       found=1;
+       break;
+      }
+    } else if(type==BRANCH_FAULT || type==LOOP_FAULT) {
+      /* 5e) brc*: search forward utnil we hit a Jxx or rep (F3 or F2). 
+       *     replace instr with nop.
+       */
+      unsigned char *c;
+
+      c=(char *) prev_value;
+
+      /* look for repX prefix */
+
+      if(*c==0xf3 || *c==0xf2) {       
+       if(verbose) 
+         printk("found repX prefix\n");
+       /* take out repX prefix only */
+       found=1;        
+       cur_value=prev_value+1;         
+       break;
+      } else if( ((*c)&0xf0)==0x70 || (*c>=0xe0 && *c<=0xe2) ) {       
+       /* look for jXX 8 (7X), loop,jcx (e0-3), jXX 16/32 (0f 8X) */
+       found=1;        
+       if(verbose) 
+         printk("found jXX rel8, loop or jcx\n");
+       break;
+      } else if(*c==0x66 || *c==0x67)  {       /* override prefix */
+       c++;
+      } else if(*(c++)==0xf && ((*c)&0xf0)==0x80 ) {
+       found=1;        /* 0x0f 0x8X */
+       if(verbose) printk("found branch!\n");
+       break;
+      }
+    } else if(type==PTR_FAULT) {
+      /* 5f) ptr: if instruction has regmodrm byte (i_has_modrm), 
+       *     and mod field has address ([eyy]dispxx), eyy!=ebp
+       *     flip 1 bit in lower byte (0x0f) or any bit in following 
+       *     bytes (sib, imm or disp).
+       */
+      if(cur_value>off && modAddr) {
+       unsigned char *c;
+       c=(char *) modAddr;
+       if( (*c)>0x3f && (*c)<0xc0 && (((*c)&7)!=5) ) {
+         found=1;
+         break;
+       }
+      }
+    } else if(type==INTERFACE_FAULT) {
+      /* 5f) i/f: look for movl XX(ebp), reg or movb XX(ebp), reg,
+       *     where XX is positive. replace instr with nop.
+       *     movl=0x8a, movb=0x8b, mod=01XXX101 (disp8[ebp]), disp>0 
+       */
+      unsigned char *c;
+      c=(char *) prev_value;
+      if( *c==0x8a || *c==0x8b) {
+       c++;
+       if( ((*(c++))&0xc7)==0x45 && ((*c)&0x80)==0 ) {
+         /* 75% chance that we'll choose the next arg */
+         if(random()&0x3) {
+           found=1;
+           break;
+         } else {
+           if(verbose) printk("skipped...\n");
+         }
+       }
+      }
+    }else if(type==IRQ_FAULT) {
+      /* 5g) i/f: look for push reg or offset(reg) / popf,
+       *     where XX is positive. replace instr with nop.
+       *     movl=0x8a, movb=0x8b, mod=01XXX101 (disp8[ebp]), disp>0 
+       */
+      unsigned char *c;
+      c=(char *) prev_value;
+      if (((*c & 0xf8) == 0x50) || 
+         (*c == 0xff)) {
+       if (*c == 0xff) {
+         c++;
+         //
+         // Look for push x(ebp)
+         if ((*c & 0x78) != 0x70) {
+           continue;
+         }
+         // 
+         // Skip the offset
+         //
+         c++;
+       }
+       c++;
+       if (*c == 0x9d) {
+         //
+         // Increment cur_value to include the 
+         // popf instruction
+         //
+         cur_value++;
+         found = 1;
+         break;
+       }
+      }
+      
+    }
+  }
+  /* if we're doing nop fault, then we're done. 
+   */
+  if(found) {
+    *instr_len=cur_value-prev_value;
+    off=prev_value;
+    if(1 || verbose) {
+      printk("%s", name);
+      if (d) printk("+0x%x", d);
+      printk(" @ %x, ", value);
+      printk("instr @ %x, len=%d, ", off, *instr_len);
+                               // db_disasm(prev_value, FALSE); 
+    }
+    return off;
+  } else {
+    if(verbose) printk("cannot locate instruction in function\n"); 
+    *instr_len=0;
+    return 0;
+  }
+}
+
+#if 0
+static boolean_t
+db_line_at_pc( sym, filename, linenum, pc)
+       db_sym_t        sym;
+       char            **filename;
+       int             *linenum;
+       db_expr_t       pc;
+{
+       return X_db_line_at_pc( db_last_symtab, sym, filename, linenum, pc);
+}
+
+int
+db_sym_numargs(sym, nargp, argnames)
+       db_sym_t        sym;
+       int             *nargp;
+       char            **argnames;
+{
+       return X_db_sym_numargs(db_last_symtab, sym, nargp, argnames);
+}
+
+#endif

diff --git a/commands/swifi/db_sym.h b/commands/swifi/db_sym.h
new file mode 100644 (file)
index 0000000..66b700e
--- /dev/null
+++ b/commands/swifi/db_sym.h
@@ -0,0 +1,118 @@
+/*
+ * Mach Operating System
+ * Copyright (c) 1991,1990 Carnegie Mellon University
+ * All Rights Reserved.
+ *
+ * Permission to use, copy, modify and distribute this software and its
+ * documentation is hereby granted, provided that both the copyright
+ * notice and this permission notice appear in all copies of the
+ * software, derivative works or modified versions, and any portions
+ * thereof, and that both notices appear in supporting documentation.
+ *
+ * CARNEGIE MELLON ALLOWS FREE USE OF THIS SOFTWARE IN ITS
+ * CONDITION.  CARNEGIE MELLON DISCLAIMS ANY LIABILITY OF ANY KIND FOR
+ * ANY DAMAGES WHATSOEVER RESULTING FROM THE USE OF THIS SOFTWARE.
+ *
+ * Carnegie Mellon requests users of this software to return to
+ *
+ *  Software Distribution Coordinator  or  Software.Distribution@CS.CMU.EDU
+ *  School of Computer Science
+ *  Carnegie Mellon University
+ *  Pittsburgh PA 15213-3890
+ *
+ * any improvements or extensions that they make and grant Carnegie the
+ * rights to redistribute these changes.
+ *
+ *     $Id: db_sym.h,v 1.1 2003/01/15 21:51:24 mikesw Exp $
+ */
+
+#ifndef _DDB_DB_SYM_H_
+#define        _DDB_DB_SYM_H_
+
+#define db_printf printk
+
+/*
+ *     Author: Alessandro Forin, Carnegie Mellon University
+ *     Date:   8/90
+ */
+
+/*
+ * This module can handle multiple symbol tables
+ */
+typedef struct {
+       char            *name;          /* symtab name */
+       char            *start;         /* symtab location */
+       char            *end;
+       char            *private;       /* optional machdep pointer */
+} db_symtab_t;
+
+extern db_symtab_t     *db_last_symtab; /* where last symbol was found */
+
+/*
+ * Symbol representation is specific to the symtab style:
+ * BSD compilers use dbx' nlist, other compilers might use
+ * a different one
+ */
+typedef        char *          db_sym_t;       /* opaque handle on symbols */
+#define        DB_SYM_NULL     ((db_sym_t)0)
+
+/*
+ * Non-stripped symbol tables will have duplicates, for instance
+ * the same string could match a parameter name, a local var, a
+ * global var, etc.
+ * We are most concern with the following matches.
+ */
+typedef int            db_strategy_t;  /* search strategy */
+
+#define        DB_STGY_ANY     0                       /* anything goes */
+#define DB_STGY_XTRN   1                       /* only external symbols */
+#define DB_STGY_PROC   2                       /* only procedures */
+
+extern boolean_t       db_qualify_ambiguous_names;
+                                       /* if TRUE, check across symbol tables
+                                        * for multiple occurrences of a name.
+                                        * Might slow down quite a bit */
+
+/*
+ * Functions exported by the symtable module
+ */
+void           db_add_symbol_table __P((char *, char *, char *, char *));
+                                       /* extend the list of symbol tables */
+
+db_sym_t       db_search_symbol __P((db_addr_t, db_strategy_t, db_expr_t *));
+                                       /* find symbol given value */
+
+void           db_symbol_values __P((db_sym_t, char **, db_expr_t *));
+                                       /* return name and value of symbol */
+
+#define db_find_sym_and_offset(val,namep,offp) \
+       db_symbol_values(db_search_symbol(val,DB_STGY_ANY,offp),namep,0)
+                                       /* find name&value given approx val */
+
+#define db_find_xtrn_sym_and_offset(val,namep,offp)    \
+       db_symbol_values(db_search_symbol(val,DB_STGY_XTRN,offp),namep,0)
+                                       /* ditto, but no locals */
+
+int            db_eqname __P((char *, char *, char));
+                                       /* strcmp, modulo leading char */
+
+void           db_printsym __P((db_expr_t, db_strategy_t));
+                                       /* print closest symbol to a value */
+
+int            db_sym_numargs __P((db_sym_t, int *, char **));
+
+boolean_t      X_db_line_at_pc __P((db_symtab_t *symtab, db_sym_t cursym,
+                                    char **filename, int *linenum,
+                                    db_expr_t off));
+db_sym_t       X_db_lookup __P((db_symtab_t *stab, char *symstr));
+db_sym_t       X_db_search_symbol __P((db_symtab_t *symtab, db_addr_t off,
+                                       db_strategy_t strategy,
+                                       db_expr_t *diffp));
+int            X_db_sym_numargs __P((db_symtab_t *, db_sym_t, int *,
+                                     char **));
+void           X_db_symbol_values __P((db_sym_t sym, char **namep,
+                                       db_expr_t *valuep));
+unsigned long
+find_faulty_instr(db_expr_t off, int type, int *instr_len);
+
+#endif /* !_DDB_DB_SYM_H_ */

diff --git a/commands/swifi/ddb.h b/commands/swifi/ddb.h
new file mode 100644 (file)
index 0000000..03553f2
--- /dev/null
+++ b/commands/swifi/ddb.h
@@ -0,0 +1,161 @@
+/*-
+ * Copyright (c) 1993, Garrett A. Wollman.
+ * Copyright (c) 1993, University of Vermont and State Agricultural College.
+ * All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *     $Id: ddb.h,v 1.1 2003/01/15 21:51:24 mikesw Exp $
+ */
+
+/*
+ * Necessary declarations for the `ddb' kernel debugger.
+ */
+
+#ifndef _DDB_DDB_H_
+#define        _DDB_DDB_H_
+
+#define __P(protos) protos
+typedef int boolean_t;
+typedef unsigned long vm_offset_t;
+unsigned long   random __P((void));
+void    srandom __P((unsigned long));
+
+#include "db_machdep.h"                /* type definitions */
+
+typedef void db_cmdfcn_t __P((db_expr_t addr, boolean_t have_addr,
+                             db_expr_t count, char *modif));
+
+#define DB_COMMAND(cmd_name, func_name) \
+       DB_SET(cmd_name, func_name, db_cmd_set)
+#define DB_SHOW_COMMAND(cmd_name, func_name) \
+       DB_SET(cmd_name, func_name, db_show_cmd_set)
+
+#define DB_SET(cmd_name, func_name, set)                       \
+static db_cmdfcn_t     func_name;                              \
+                                                               \
+static const struct command __CONCAT(func_name,_cmd) = {       \
+       __STRING(cmd_name),                                     \
+       func_name,                                              \
+       0,                                                      \
+       0,                                                      \
+};                                                             \
+TEXT_SET(set, __CONCAT(func_name,_cmd));                       \
+                                                               \
+static void                                                    \
+func_name(addr, have_addr, count, modif)                       \
+       db_expr_t addr;                                         \
+       boolean_t have_addr;                                    \
+       db_expr_t count;                                        \
+       char *modif;
+
+extern char *esym;
+extern unsigned int db_maxoff;
+extern int db_indent;
+extern int db_inst_count;
+extern int db_load_count;
+extern int db_store_count;
+extern int db_radix;
+extern int db_max_width;
+extern int db_tab_stop_width;
+
+struct vm_map;
+
+void           cnpollc __P((int));
+void           db_check_interrupt __P((void));
+void           db_clear_watchpoints __P((void));
+db_addr_t      db_disasm __P((db_addr_t loc, boolean_t altfmt));
+                               /* instruction disassembler */
+//void         db_error __P((char *s));
+#define db_error printk
+int            db_expression __P((db_expr_t *valuep));
+int            db_get_variable __P((db_expr_t *valuep));
+void           db_iprintf __P((const char *,...));
+struct vm_map  *db_map_addr __P((vm_offset_t));
+boolean_t      db_map_current __P((struct vm_map *));
+boolean_t      db_map_equal __P((struct vm_map *, struct vm_map *));
+void           db_print_loc_and_inst __P((db_addr_t loc));
+void           db_printf __P((const char *fmt, ...));
+void           db_read_bytes __P((vm_offset_t addr, int size, char *data));
+                               /* machine-dependent */
+int            db_readline __P((char *lstart, int lsize));
+void           db_restart_at_pc __P((boolean_t watchpt));
+void           db_set_watchpoints __P((void));
+void           db_skip_to_eol __P((void));
+boolean_t      db_stop_at_pc __P((boolean_t *is_breakpoint));
+#define                db_strcpy       strcpy
+void           db_trap __P((int type, int code));
+int            db_value_of_name __P((char *name, db_expr_t *valuep));
+void           db_write_bytes __P((vm_offset_t addr, int size, char *data));
+                               /* machine-dependent */
+void           kdb_init __P((void));
+void           kdbprintf __P((const char *fmt, ...));
+
+db_cmdfcn_t    db_breakpoint_cmd;
+db_cmdfcn_t    db_continue_cmd;
+db_cmdfcn_t    db_delete_cmd;
+db_cmdfcn_t    db_deletewatch_cmd;
+db_cmdfcn_t    db_examine_cmd;
+db_cmdfcn_t    db_listbreak_cmd;
+db_cmdfcn_t    db_listwatch_cmd;
+db_cmdfcn_t    db_print_cmd;
+db_cmdfcn_t    db_ps;
+db_cmdfcn_t    db_search_cmd;
+db_cmdfcn_t    db_set_cmd;
+db_cmdfcn_t    db_show_regs;
+db_cmdfcn_t    db_single_step_cmd;
+db_cmdfcn_t    db_stack_trace_cmd;
+db_cmdfcn_t    db_trace_until_call_cmd;
+db_cmdfcn_t    db_trace_until_matching_cmd;
+db_cmdfcn_t    db_watchpoint_cmd;
+db_cmdfcn_t    db_write_cmd;
+
+#if 0
+db_cmdfcn_t    db_help_cmd;
+db_cmdfcn_t    db_show_all_threads;
+db_cmdfcn_t    db_show_one_thread;
+db_cmdfcn_t    ipc_port_print;
+db_cmdfcn_t    vm_page_print;
+#endif
+
+/*
+ * Command table.
+ */
+struct command {
+       char *  name;           /* command name */
+       db_cmdfcn_t *fcn;       /* function to call */
+       int     flag;           /* extra info: */
+#define        CS_OWN          0x1     /* non-standard syntax */
+#define        CS_MORE         0x2     /* standard syntax, but may have other words
+                                * at end */
+#define        CS_SET_DOT      0x100   /* set dot after command */
+       struct command *more;   /* another level of command */
+};
+
+db_addr_t
+my_disasm(db_addr_t    loc,
+         boolean_t     altfmt);
+
+#endif /* !_DDB_DDB_H_ */

diff --git a/commands/swifi/fault_model.c b/commands/swifi/fault_model.c
new file mode 100644 (file)
index 0000000..79326e9
--- /dev/null
+++ b/commands/swifi/fault_model.c
@@ -0,0 +1,1201 @@
+/*
+ * fault-model.c -- fault injection code for drivers
+ *
+ * Copyright (C) 2003 Mike Swift
+ * Copyright (c) 1999 Wee Teck Ng
+ *
+ * The source code in this file can be freely used, adapted,
+ * and redistributed in source or binary form, so long as an
+ * acknowledgment appears in derived source files.  No warranty 
+ * is attached; * we cannot take responsibility for errors or 
+ * fitness for use.
+ *
+ */
+
+
+/*
+ * Fault injector for testing the usefulness of NOOKS
+ * 
+ * Adapted from the SWIFI tools used by Wee Teck Ng to evaluate the RIO
+ * file cache at the University of Michigan
+ * 
+ */
+
+/* 
+ * This tool can inject faults into modules, whether they are loaded into a 
+ * nook or loaded into the kernel (for comparison testing).
+ * 
+ * There are several classes of faults emulated:
+ * - Corruption of text
+ *    - corruption
+ *    - simulated programming faults
+ *         - skip initialization (immediate write to EBP-x)
+ *         - remove instruction (replace with NOP)
+ *        - incorrect source/destination (corrupted)
+ *         - remove jmp or rep instruction
+ *         - change address computation for memory access (not stack)
+ *        - change termination condition for loop (change repeat to repeat 
+ *           -while equal, change condition to !condition
+          - remove instructions loading registers from arguments (ebp+x)
+ *        
+ * - Corruption of stack
+ * - Corruption of heap
+ * - copy overruns
+ * - use after free
+ */
+
+#include <linux/kernel.h>
+#include <linux/kallsyms.h>
+#include <linux/module.h>
+#include <linux/mm.h>
+#include <linux/slab.h>
+#include <linux/vmalloc.h>
+#include <linux/smp_lock.h>
+#include <asm/uaccess.h>
+#include <asm/delay.h>
+#include <asm/page.h>
+#include "ddb.h"
+#include "db_sym.h"
+#include "swifi.h"
+
+
+#define CRASH_INTERVAL 8192
+#define FI_MASK                        0xfff
+#define P50     0x3fffffff      /* 50% of max rand */
+#define P94     0x7851eb84      /* 94% of max rand */
+#define NOP            0x90
+
+unsigned long randomSeed=0;            /* random number */
+unsigned long injectFault=1;           /* inject fault ? */
+unsigned long diskTest=0;              /* run disk test instead of rio */
+unsigned long faultInjected=0;         /* has fault been injected? */
+unsigned long crashInterval=0;         /* interval between injecting fault */
+unsigned long crashCount=0;            /* number of times fault is injected */
+unsigned long faultType;                        
+unsigned long numFaults;
+char *crashAddr=0;                     /* track current malloc */
+int crashToggle=1;
+int text_fault(struct module * module, pswifi_result_t res);
+int stack_fault(pswifi_result_t res);
+int heap_fault(pswifi_result_t res);
+int direct_fault(int fault_address, int fault_content, pswifi_result_t res);
+int direct_fault1(int fault_address, int fault_content, pswifi_result_t res);
+int while1(void);
+
+int *testVA;
+
+#if 0
+#define PDEBUG(fmt, args...) \
+do { \
+      printk( KERN_ALERT "SWIFI: " fmt, ## args); \
+} while (0)
+#else
+#define PDEBUG(fmt, args...)
+#endif
+
+
+#ifdef CONFIG_SWIFI
+
+static inline long
+get_mod_name(const char *user_name, char **buf)
+{
+       unsigned long page;
+       long retval;
+
+       page = __get_free_page(GFP_KERNEL);
+       if (!page)
+               return -ENOMEM;
+
+       retval = strncpy_from_user((char *)page, user_name, PAGE_SIZE);
+       if (retval > 0) {
+               if (retval < PAGE_SIZE) {
+                       *buf = (char *)page;
+                       return retval;
+               }
+               retval = -ENAMETOOLONG;
+       } else if (!retval)
+               retval = -EINVAL;
+
+       free_page(page);
+       return retval;
+}
+
+static inline void
+put_mod_name(char *buf)
+{
+       free_page((unsigned long)buf);
+}
+
+long 
+sys_inject_fault(char * module_name,
+                unsigned long argFaultType,
+                unsigned long argRandomSeed,
+                unsigned long argNumFaults,
+                pswifi_result_t result_record,
+                unsigned long argInjectFault)
+{   
+  int result = 0;
+  unsigned long fault_address = 0; 
+  unsigned long fault_data = 0 ; 
+  char * kern_name = NULL;
+  struct module * mod = NULL;
+  int found = 0;
+  pswifi_result_t res = NULL;
+
+  if (argNumFaults > SWIFI_MAX_FAULTS) {
+    result = -E2BIG;
+    goto Cleanup;
+  }
+  res = (pswifi_result_t) kmalloc((1+argNumFaults) * sizeof(swifi_result_t), 
+                                 GFP_KERNEL);
+  if (res == NULL) {
+    result = -ENOMEM;
+    goto Cleanup;
+  }
+  memset(res, 0, (1 + argNumFaults) * sizeof(swifi_result_t));
+  
+  //
+  // Capture the name of the module from usermode
+  //
+
+  result = get_mod_name(module_name, &kern_name);
+  if (result < 0) {
+    goto Cleanup;
+  }
+
+
+
+
+
+    lock_kernel();
+
+    for (mod = module_list; mod ; mod = mod->next) {
+      if (strcmp(kern_name, mod->name) == 0) {
+       found = 1;
+       break;
+      }
+    }
+    unlock_kernel(); 
+    if (!found) {
+      result = -ENOENT;
+      goto Cleanup;
+    }
+               
+  numFaults = argNumFaults;
+  faultType = argFaultType;
+  randomSeed = argRandomSeed;
+  injectFault = argInjectFault;
+
+
+  if(faultType>=DISK_TEST) {
+    faultType=faultType-DISK_TEST;
+    diskTest=1;
+  }
+  if(faultType==STATS) {
+#if 0    
+    extern long time_vmp, n_vmp;
+    extern long time_pmp, n_pmp;
+
+    PDEBUG("# vm_map_protect=%ld, total cycle=%ld\n", n_vmp, time_vmp);
+    PDEBUG("# pmap_protect=%ld, total cycle=%ld\n", n_pmp, time_pmp);
+    n_vmp=0; time_vmp=0;
+    n_pmp=0; time_pmp=0;
+#endif
+  } else if (faultType == DIRECT_FAULT) {
+    fault_address = numFaults;
+    fault_data = randomSeed;
+    PDEBUG("sys inject fault, type %ld, addr=%lx, flip bit%lx\n", 
+          faultType, fault_address, fault_data);
+  } else if (faultType == DIRECT_FAULT1) {
+    fault_address = numFaults;
+    fault_data = randomSeed;
+    PDEBUG("sys inject fault, type %ld, addr=%lx, zero bytes %lx\n", 
+          faultType, fault_address, fault_data);
+  } else {
+    PDEBUG("sys inject fault, type %ld, seed=%ld, fault=%ld, config=%ld\n", 
+          faultType, randomSeed, numFaults, config);
+  }
+  faultInjected=1;
+  
+  srandom(randomSeed);
+  /* set warm reboot, leave RAM unchanged  
+   * 0 : don't inject fault
+   * 1 : run POST, wipe out memory
+   * 2 : don't test memory
+   * 3 : don't change memory (doesn't work)
+   * 4 : don't sync registry
+   */
+  
+  /* default number of faults is 5 */
+  if(numFaults<=0 || numFaults>100) numFaults=5;
+  
+  switch(faultType)
+    {
+    case TEXT_FAULT: 
+      result = text_fault(mod, res); 
+      break;
+    case STACK_FAULT: 
+      result = stack_fault(res); 
+      break;
+    case HEAP_FAULT: 
+      result = heap_fault(res); 
+      break;
+    case INIT_FAULT:
+    case NOP_FAULT: 
+    case DST_FAULT: 
+    case SRC_FAULT: 
+    case BRANCH_FAULT: 
+    case PTR_FAULT: 
+    case LOOP_FAULT: 
+    case INTERFACE_FAULT: 
+    case IRQ_FAULT:
+      result = text_fault(mod, res); 
+      break;
+    case FREE_FAULT: 
+    case BCOPY_FAULT: 
+    case SYNC_FAULT:
+    case ALLOC_FAULT:
+      crashInterval=CRASH_INTERVAL;    /* interval between crash */
+      break;
+    case MEM_LEAK_FAULT: 
+      crashToggle=0;
+      crashInterval=CRASH_INTERVAL;    /* interval between crash */
+      break;
+    case PANIC_FAULT: 
+      panic("testing panic"); 
+      result = 0;
+      break;
+      /*        case WP_FAULT: page_reg_fault(random()); break; */
+    case DIRECT_FAULT:
+      {
+       direct_fault(fault_address, fault_data, res);
+       break;
+      }
+    case DIRECT_FAULT1: 
+      {
+       result = direct_fault1(fault_address, fault_data, res);
+       
+       break;
+      }
+      /*       case PAGE_REG_DUMP: rio_dump(); break; */
+    case WHILE1_FAULT: 
+      {
+       
+       result = while1();
+       
+       break;
+      }
+      /* case CPU_RESET_FAULT: cpu_reset(); break; */;
+    case COW_FAULT: 
+      {
+                               /* test writing to kernel text. freebsd currently do a COW on a
+                                * write to kernel text.
+                                */
+       unsigned long *addr1, *addr2;
+       
+       addr1 = (unsigned long *) 0xf0212000;
+       addr2 = (unsigned long *) 0xf0212010;
+       PDEBUG("%p=%lx, %p=%lx\n", addr1, *addr1, addr2, *addr2);
+       __asm__ ("movl $0xf0212000, %eax\n\t" \
+                "movl $6, 0(%eax)\n\t" \
+                "movl $6, 4(%eax)\n\t");
+       addr1 = (unsigned long *) 0xf0212000;
+       addr2 = (unsigned long *) 0xf0212010;
+       PDEBUG("after injecting fault\n");
+       PDEBUG("%p=%lx, %p=%lx\n", addr1, *addr1, addr2, *addr2);
+       result = 0;
+       break;
+      }
+    
+    case DEBUGGER_FAULT: 
+      PDEBUG("Debugger fault"); 
+      __asm__ ("movl %cr4, %ecx\n\t" \
+              "movl $42, %ecx; .byte 0x0f, 0x32\n\t" \
+              "movl $377, %ecx; .byte 0x0f, 0x32\n\t");
+      result = 0;
+      break;
+    default: PDEBUG("unknown fault type %ld\n", faultType); break;
+    }
+  if (copy_to_user(result_record, res, argNumFaults * sizeof(swifi_result_t))) {
+    result = -EFAULT;
+  }
+ Cleanup:
+  if (kern_name != NULL) {
+    put_mod_name(kern_name);
+  }
+  if (res != NULL) {
+    kfree(res);
+  }
+
+  return (result);
+}
+
+int while1(void)
+{
+  int i=0;
+
+  PDEBUG("entering into while 1 loop\n");
+  while(1) { 
+    udelay(20000); 
+    PDEBUG("delay %4d secs, cpl=0x%x, ipend=0x%x\n", i+=5, 20, 30); 
+    if(i>(100 * 2500)) 
+      break;
+  }
+  return(0);
+}
+
+
+int direct_fault(int fault_address, int fault_content, pswifi_result_t res)
+{   
+  unsigned long *addr;
+  int flip_bit=0;
+
+
+  addr = (unsigned long *) (PAGE_OFFSET + fault_address);
+
+  PDEBUG("%p:0x%lx => ", addr, *addr);
+  
+  flip_bit = 1 << fault_content;
+
+  res[0].address = (unsigned long) addr;
+  res[0].old = *addr;
+  res[0].new = (*addr) ^ flip_bit;
+
+  if (injectFault) {
+    *addr = (*addr) ^ flip_bit; 
+  }
+  PDEBUG("%lx\n", *addr);
+  return(0);
+}
+
+int direct_fault1(int fault_address, int fault_content, pswifi_result_t res)
+{   
+  unsigned long *addr, data;
+
+
+  addr = (unsigned long *) (PAGE_OFFSET + fault_address);
+  
+  PDEBUG("%p:%lx => ", addr, *addr);
+  
+  
+  data = *addr;
+  if(fault_content==1) {
+    data = data & 0xffffff00;
+    data = data | 0x00000090;
+  } else if(fault_content==2) {
+    data = data & 0xffff0000;
+    data = data | 0x00009090;
+  } else if(fault_content==3) {
+    data = data & 0xff000000;
+    data = data | 0x00909090;
+  } else if(fault_content==4) {
+    data = 0x90909090;
+  } 
+  res[0].address = (unsigned long) addr;
+  res[0].old = *addr;
+  res[0].new = data;
+  if (injectFault) {
+    *addr = data;
+  }
+
+  PDEBUG("%lx\n", *addr);
+  
+    
+  return(0);
+}
+
+
+
+
+#include <linux/sched.h>
+
+#define MAX_NUM_TASKS 20
+
+struct task_struct *
+find_task(void)
+{
+  struct task_struct * task = NULL, *result = NULL ;
+  int i,j;
+  i = 1 + (random() % MAX_NUM_TASKS);
+  j = i;
+
+  
+  do {
+    read_lock(&tasklist_lock);
+    for_each_task(task) { 
+      if (--i == 0) {
+       result = task;
+       break;
+      }
+    }
+    read_unlock(&tasklist_lock);
+  } while ((i > 0) && (i != j));
+
+  return(result);
+}
+
+int
+stack_fault(pswifi_result_t res)
+{   
+  unsigned long *addr, size, taddr;
+  int flip_bit=0;
+  int count=0;
+  struct task_struct *task = NULL;
+
+  while(count < numFaults) {
+    task = find_task();
+    if (task == NULL) {
+      return(-1);
+    }
+
+    size = (unsigned long) task + TASK_SIZE - task->thread.esp; 
+
+    PDEBUG("stack range=%lx-%lx\n", 
+          (unsigned long) task->thread.esp, 
+          (unsigned long) task + TASK_SIZE);
+
+    addr = (unsigned long *) ((long) task->thread.esp + 
+                             (random()&~0x3)%size);  
+    taddr=(unsigned long) addr;
+    flip_bit = random() & 0x1f;
+    PDEBUG("%lx:%lx flip bit %d => ", taddr, *addr, flip_bit);
+    flip_bit = 1 << flip_bit;
+    res[count].address = taddr;
+    res[count].old = *addr;
+    res[count].new = (*addr) ^ flip_bit;
+    if (injectFault) {
+      *addr = ((*addr)^flip_bit); 
+    }
+    PDEBUG("%lx\n", *addr);
+    count++;
+  }
+  return(0);
+}
+
+
+//
+// Instead of dealing with heaps directly, we look at the area cache of pages 
+// and vm pages and find an address there.
+//
+
+
+int heap_fault(pswifi_result_t res)
+{   
+#ifdef notdef
+  unsigned long *addr, taddr;
+  int flip_bit=0;
+  int count=0;
+  unsigned long flags;
+  struct list_head *next;
+
+   addr = (unsigned long *) (map->address + (random()&~0xf)%map->size); 
+   
+   taddr=(unsigned long) addr;
+   flip_bit = random() & 0x1f;
+   PDEBUG("heap range=%lx-%lx ", map->address, map->address + map->size);
+   PDEBUG("%lx:%lx flip bit %d => ", taddr, *addr, flip_bit);
+   flip_bit = 1 << flip_bit;
+   res[count].address = taddr;
+   res[count].old = *addr;
+   res[count].new = (*addr) ^ flip_bit;
+
+   if (injectFault) {
+     *addr = ((*addr)^flip_bit); 
+   }
+   PDEBUG("%lx\n", *addr);
+   count++;   
+ } while (count < numFaults);
+#endif
+  return(-1);
+  
+}
+
+
+unsigned long  
+do_fault_copy_from_user (void *kaddr, const void *udaddr, unsigned long len,
+                     unsigned long (* copy_fn) (void *, const void *, unsigned long))
+{   
+  unsigned int prob, i=0;
+
+  if ( faultInjected && (faultType==BCOPY_FAULT) ) {
+
+    if (++crashCount == crashInterval) {   
+      
+      crashCount=0;
+      prob = random();
+      crashInterval = CRASH_INTERVAL + (random() & FI_MASK);
+      
+      if (prob < P50) {                    /* corrupt 1 QW         */
+       i=1; 
+      } else if (prob < P94) {               /* corrupt 2 - 1024 QW  */
+       i = prob & 0x3fe;
+       while(!i) {
+         i = random() & 0x3fe; 
+       }
+      } else {                            /* corrupt 2-4 pages    */
+       i= prob & 0xc00;
+       while(!i) {
+         i = random() & 0xc00; 
+       }
+      }
+      PDEBUG("copyin: %p to %p, len=%ld overrun=%d, Intvl=%ld, inj=%ld\n", 
+            udaddr, kaddr, len, i, crashInterval, faultInjected);
+      if (faultInjected++ <numFaults) {
+       len += i;
+      } else {
+       faultInjected = 0;
+      }
+      i = 1;
+    }
+    return(copy_fn(kaddr, udaddr, len));
+  } else {
+    return(copy_fn(kaddr, udaddr, len));
+  }
+}
+
+unsigned long
+do_fault_copy_to_user(void *udaddr, const void *kaddr, unsigned long len,
+                  unsigned long (* copy_fn) (void *, 
+                                             const void *, 
+                                             unsigned long))
+{   
+  unsigned int prob, i=0;
+
+  if( faultInjected && (faultType==BCOPY_FAULT) ){
+    crashCount++;
+    if (crashCount == crashInterval) {
+      crashCount=0;
+      prob = random();
+      crashInterval = CRASH_INTERVAL + (random() & FI_MASK);
+
+      if ( prob < P50) {                    /* corrupt 1 QW         */
+       i=1; 
+      } else if(prob < P94) {               /* corrupt 2 - 1024 QW  */
+       i = prob & 0x3fe;
+       while (!i) {
+         i = random() & 0x3fe; 
+       }
+      } else {
+       i = prob & 0xc00;
+       while(!i) {
+         i = random() & 0xc00; 
+       }
+      }
+      PDEBUG("copyout: %p to %p, len=%ld overrun=%d, Intvl=%ld, inj=%ld\n",
+            kaddr, udaddr, len, i, crashInterval, faultInjected);
+      if (faultInjected++ <numFaults) {
+       len+=i;
+      } else  {
+       faultInjected = 0;
+      }
+      i=1;
+    }
+    return(copy_fn(udaddr, kaddr, len));
+  } else 
+    return(copy_fn(udaddr, kaddr, len));
+}
+
+
+unsigned long
+swifi___generic_copy_from_user (void *kaddr, void *udaddr, unsigned long len)
+{
+  return(do_fault_copy_from_user(kaddr, 
+                                udaddr, 
+                                len, 
+                                __generic_copy_from_user));
+}
+
+unsigned long  
+swifi___generic_copy_to_user(void *udaddr, void *kaddr, unsigned long len)
+{
+  return(do_fault_copy_to_user(udaddr, 
+                              kaddr, 
+                              len, 
+                              __generic_copy_to_user));
+}
+
+
+
+void *
+swifi_memcpy_fn (void *to, void *from, size_t len)
+{   
+  unsigned int prob, i=0;
+
+  if( faultInjected && (faultType==BCOPY_FAULT) ) {
+    crashCount++;
+    if (crashCount == crashInterval) {
+      crashCount=0;
+      prob = random();
+      crashInterval = CRASH_INTERVAL + (random() & FI_MASK);
+
+      if (prob < P50) {                    /* corrupt 1 QW         */
+               i=1; 
+      } else if (prob < P94) {               /* corrupt 2 - 1024 QW  */
+       i= prob & 0x3fe;
+       while(!i) {
+         i = random() & 0x3fe; 
+       }
+      } else {                            /* corrupt 2-4 pages    */
+       i=prob&0xc00;
+       while(!i) {
+         i = random() & 0xc00; 
+       }
+      }
+    
+      PDEBUG("memcpy: %p to %p, len=%d overrun=%d, Intvl=%ld, inj=%ld\n", 
+            from, to, len, i, crashInterval, faultInjected);
+      if(faultInjected++ <numFaults) len+=i;
+      else faultInjected=0;
+      i=1;
+    }
+    return(memcpy(to, from, len));
+  } else 
+    return(memcpy(to, from, len));
+}
+
+
+void *
+swifi_memmove_fn (void *to, void *from, size_t len)
+{   
+  unsigned int prob, i=0;
+
+  if( faultInjected && (faultType==BCOPY_FAULT) ) {
+    crashCount++;
+    if (crashCount == crashInterval) {
+      crashCount=0;
+      prob = random();
+      crashInterval = CRASH_INTERVAL + (random() & FI_MASK);
+
+      if (prob < P50) {                    /* corrupt 1 QW         */
+               i=1; 
+      } else if (prob < P94) {               /* corrupt 2 - 1024 QW  */
+       i= prob & 0x3fe;
+       while(!i) {
+         i = random() & 0x3fe; 
+       }
+      } else {                            /* corrupt 2-4 pages    */
+       i=prob&0xc00;
+       while(!i) {
+         i = random() & 0xc00; 
+       }
+      }
+    
+      PDEBUG("memmove: %p to %p, len=%d overrun=%d, Intvl=%ld, inj=%ld\n", 
+            from, to, len, i, crashInterval, faultInjected);
+      if(faultInjected++ <numFaults) len+=i;
+      else faultInjected=0;
+      i=1;
+    }
+    return(memmove(to, from, len));
+  } else 
+    return(memmove(to, from, len));
+}
+
+
+void *
+memmove_fn(void *to, void *from, size_t len)
+{
+  return(memmove(to, from, len));
+}
+
+
+
+void *
+memcpy_fn(void *to, void *from, size_t len)
+{
+  return(memcpy(to, from, len));
+}
+
+
+
+
+void
+do_fault_kfree(void *addr, void (* kfree_fn)(const void *))
+{   
+  if(addr == crashAddr) {
+    crashAddr=0;
+  }
+  if (faultInjected && (faultType==FREE_FAULT || 
+                       faultType==MEM_LEAK_FAULT)) {
+    crashCount++;
+    if(crashCount>=crashInterval) {   
+      
+      /* alternate between premature freeing and non-free */
+      if(crashToggle) {
+       if(crashAddr) { 
+         PDEBUG("malloc : freeing %p prematurely\n", 
+                crashAddr);
+         kfree_fn(crashAddr);
+         kfree_fn(addr);
+         crashAddr=0;
+         crashToggle=0;
+         crashCount=0;
+         crashInterval = CRASH_INTERVAL + (random()&FI_MASK);
+         if (faultInjected++ > numFaults) {
+           faultInjected=0;
+         }
+       } 
+      } else {
+       PDEBUG("free: don't free %p\n", addr); 
+       if(faultInjected++ > numFaults) {
+         faultInjected=0;
+       }
+       if(faultType==FREE_FAULT) {
+         crashToggle=1;
+       }
+       crashCount=0;
+       crashInterval = CRASH_INTERVAL + (random()&FI_MASK);
+      }
+    }
+  } else {
+    kfree_fn(addr);
+  }
+}
+
+void
+swifi_kfree(const void *addr)
+{
+  do_fault_kfree((void *) addr, kfree);
+}
+
+
+void do_vfree(const void * addr)
+{
+  vfree((void *) addr);
+}
+
+
+void
+swifi_vfree(void *addr)
+{
+  do_fault_kfree(addr, do_vfree);
+}
+
+
+
+
+void *
+do_fault_kmalloc(size_t size, 
+                int flags,
+                void * (* kmalloc_fn)(size_t size, int flags))
+{
+  if (faultInjected && (faultType==ALLOC_FAULT)) {
+    crashCount++;
+    if(crashCount>=crashInterval) {   
+      PDEBUG("kmalloc : returning null\n");
+      crashCount=0;
+      crashInterval = CRASH_INTERVAL + (random()&FI_MASK);
+      if (faultInjected++ > numFaults) {
+       faultInjected=0;
+       return(NULL);
+      }
+
+    }
+  }
+
+  return(kmalloc_fn(size, flags));
+}
+
+
+void *
+swifi_kmalloc(size_t size, int flags)
+{
+  return(do_fault_kmalloc(size, flags, kmalloc));
+}
+
+
+
+void * do_fault_vmalloc(unsigned long size, 
+                       int gfp_mask, 
+                       pgprot_t prot,
+                       void * (*vmalloc_fn)(unsigned long size, 
+                                            int gfp_mask, 
+                                            pgprot_t prot))
+{
+  if (faultInjected && (faultType==ALLOC_FAULT)) {
+    crashCount++;
+    if(crashCount>=crashInterval) {   
+      PDEBUG("vmalloc : returning null\n");
+      crashCount=0;
+      crashInterval = CRASH_INTERVAL + (random()&FI_MASK);
+      if (faultInjected++ > numFaults) {
+       faultInjected=0;
+       return(NULL);
+      }
+
+    }
+  }
+  return(vmalloc_fn(size, gfp_mask, prot));
+}
+
+void *
+swifi___vmalloc(unsigned long size, int gfp_mask, pgprot_t prot)
+{
+  return(do_fault_vmalloc(size, gfp_mask, prot, __vmalloc));
+}
+ 
+
+
+typedef struct section_callback {
+  const char * module_name;
+  const char * section_name;
+  unsigned long sec_start;
+  unsigned long sec_end;
+} section_callback_t;
+
+static int
+text_section_callback(void *token, 
+                     const char *modname, 
+                     const char *secname,
+                     ElfW(Addr) secstart, 
+                     ElfW(Addr) secend, 
+                     ElfW(Word) secflags)
+{
+  section_callback_t * info = (section_callback_t *) token;
+  
+  if ((strcmp(modname, info->module_name) == 0) &&
+      (strcmp(secname, info->section_name) == 0)) {
+    info->sec_start = secstart;
+    info->sec_end = secend;
+    return(1);
+  }
+  return(0);
+}
+
+
+
+
+
+int text_fault(struct module * mod, pswifi_result_t res)
+{   
+  unsigned long *addr, text_size, offset, page, taddr;
+  unsigned long btext, etext;
+
+  int count, flip_bit=0, len, rc;
+  unsigned char *c;
+  struct module * module;
+  section_callback_t info;
+
+  //
+
+#define MAX_NUM_MODULES 10
+
+  /* inject faults into text space */
+
+  for(count=0; count<numFaults; count++) {
+    int i = 1 + (random() % MAX_NUM_MODULES);
+    int j = i;
+    module = mod;
+
+    info.module_name = module->name;
+    info.section_name = ".text";
+
+    kallsyms_sections(&info, text_section_callback);
+    if (info.sec_start == 0 ) {
+      return(-1);
+    }
+
+    btext = info.sec_start;
+    etext = info.sec_end;
+    text_size = etext - btext;
+    
+    PDEBUG("text=%lx-%lx, size=%lx\n", btext, etext, text_size);
+    
+    addr = (unsigned long *) 
+      (btext + ((unsigned long) (random()&~0xf) % text_size)); 
+    
+    /* now the tricky part */
+
+    taddr=(unsigned long) addr;
+    if( faultType==INIT_FAULT || 
+       faultType==NOP_FAULT || 
+       faultType==DST_FAULT || 
+       faultType==SRC_FAULT ||
+       faultType==BRANCH_FAULT || 
+       faultType==PTR_FAULT || 
+       faultType==LOOP_FAULT || 
+       faultType==INTERFACE_FAULT ||
+       faultType==IRQ_FAULT ) {
+      addr = (unsigned long *) find_faulty_instr(taddr, faultType, &len);
+      /* do it over again if we can't find the right instruction */
+      if(!addr || !len ) {
+       i--;
+       continue;
+      }
+    }
+    PDEBUG("target addr=%lx, instr addr=%p, %lx=>", taddr, addr, *addr); 
+      
+    offset = (unsigned long) addr&PAGE_MASK;
+    page = (unsigned long) addr&~PAGE_MASK;
+    
+    /* it doesn't matter what we used here to unprotect page,
+     * as this routine will not be in production code.
+     */
+      
+    res[count].address = taddr;
+    res[count].old = *addr;
+    res[count].new = *addr;
+
+    if (faultType==TEXT_FAULT) {
+
+      flip_bit = random() & 0x1f;
+      PDEBUG("flip bit %d => ", flip_bit);
+      flip_bit = 1 << flip_bit;
+
+      res[count].new = (*addr) ^ flip_bit;
+      
+      if (injectFault) {
+       *addr = ((*addr)^flip_bit); 
+      }
+
+    } else if (faultType==NOP_FAULT || 
+              faultType==INIT_FAULT ||
+              faultType==BRANCH_FAULT || 
+              faultType==INTERFACE_FAULT ||
+              faultType==IRQ_FAULT) {
+      c = (unsigned char *) addr;
+
+      for (j = 0; j < len; j++) {
+       /* replace these bytes with NOP (*c=NOP) */
+       if (j < sizeof(unsigned long)) {
+         ((unsigned char *) &res[count].new)[j] = NOP;
+       }
+       if (injectFault) {
+         *c=NOP;
+       }       
+
+       c++;
+      }
+    } else if (faultType==DST_FAULT || faultType==SRC_FAULT) {
+      /* skip thru the prefix and opcode, and flip bits in following bytes */
+      int prefix;
+      c=(unsigned char *) addr;
+      do {
+       switch (*c) {
+       case 0x66: case 0x67: case 0x26: case 0x36:
+       case 0x2e: case 0x3e: case 0x64: case 0x65:
+       case 0xf0: case 0xf2: case 0xf3:
+         prefix = 1;
+         break;
+       default:
+         prefix = 0;
+         break;
+       }
+       if (prefix) {
+         c++;
+       }
+      } while (prefix);
+      if(*c>=0xd8 && *c<=0xdf) {
+       /* don't mess with fp instruction, yet.
+        * but there shouldn't be any fp instr in kernel.
+        */
+       PDEBUG("floating point instruction, bailing out\n");
+       i--;
+       continue;
+      } else if(*c==0x0f) {
+       c++;
+      }
+      if(*c==0x0f) {
+       c++;
+      }
+      c++;
+      len = len-((long) c - (long) addr);
+      flip_bit = random() % (len*8);
+      PDEBUG("flip bit %d (len=%d) => ", flip_bit, len);
+      for(j=0; j<len; j++) {
+       /* go to the right byte */
+       if(flip_bit<8) {
+         flip_bit = 1 << flip_bit;
+
+         if (j < sizeof(unsigned long)) {
+           ((unsigned char *) &res[count].new)[j] = (*c) ^ flip_bit;
+         }
+
+
+         if (injectFault) {
+           *c=(*c^flip_bit);
+         }
+
+         j=len;
+       }
+       c++;
+       flip_bit = flip_bit-8;
+      }
+    } else if(faultType==PTR_FAULT) {
+      /* 5f) ptr: if instruction has regmodrm byte (i_has_modrm),
+       *     flip 1 bit in lower byte (0x0f) or any bit in following
+       *     bytes (sib, imm or disp).
+       */
+      int prefix;
+      c=(unsigned char *) addr;
+      do {
+       switch (*c) {
+       case 0x66: case 0x67: case 0x26: case 0x36:
+       case 0x2e: case 0x3e: case 0x64: case 0x65:
+       case 0xf0: case 0xf2: case 0xf3:
+         prefix = 1;
+         break;
+       default:
+         prefix = 0;
+         break;
+       }
+       if (prefix) {
+         c++;
+       }
+      } while (prefix);
+      if(*c>=0xd8 && *c<=0xdf) {
+       /* don't mess with fp instruction, yet */
+       PDEBUG("floating point instruction, bailing out\n");
+       i--;
+       continue;
+      } else if(*c==0x0f) {
+       c++;
+      }
+      if(*c==0x0f) {
+       c++;
+      }
+      c++;
+      len = len-((long) c - (long) addr);
+      flip_bit = random() % (len*8-4);
+      PDEBUG("flip bit %d (len=%d) => ", flip_bit, len);
+
+      /* mod/rm byte is special */
+
+      if (flip_bit < 4) {
+       flip_bit = 1 << flip_bit;
+
+       rc = c - (unsigned char *) addr;
+       if (rc < sizeof(unsigned long)) {
+         ((unsigned char *) &res[count].new)[rc] = (*c) ^ flip_bit;
+         
+       }
+       if (injectFault) {
+         *c=(*c^flip_bit);
+       }
+
+      }
+      c++; 
+      flip_bit=flip_bit-4;
+
+      for(j=1; j<len; j++) {
+       /* go to the right byte */
+       if (flip_bit<8) {
+         flip_bit = 1 << flip_bit;
+
+         rc = (c - (unsigned char *) addr);
+         if (rc < sizeof(unsigned long)) {
+           ((unsigned char *) &res[count].new)[rc] = (*c) ^ flip_bit;
+           
+         }
+         if (injectFault) {
+           *c=(*c^flip_bit);
+         }
+
+         j=len;
+       }
+       c++;
+       flip_bit = flip_bit-8;
+      }
+    } else if(faultType==LOOP_FAULT) {
+      c=(unsigned char *) addr;
+      /* replace rep with repe, and vice versa */
+       if(*c==0xf3) {
+         if (j < sizeof(unsigned long)) {
+           ((unsigned char *) &res[count].new)[j] = NOP;
+         }
+
+         rc = (c - (unsigned char *) addr);
+         if (rc < sizeof(unsigned long)) {
+           ((unsigned char *) &res[count].new)[rc] = 0xf2;
+           
+         }
+         if (injectFault) {
+           *c=0xf2;
+         }
+       } else if(*c==0xf2) {
+         rc = (c - (unsigned char *) addr);
+         if (rc < sizeof(unsigned long)) {
+           ((unsigned char *) &res[count].new)[rc] = 0xf3;
+           
+         }
+         if (injectFault) {
+           *c=0xf3;
+         }
+       } else if( ((*c)&0xf0)==0x70 ) {
+         /* if we've jxx imm8 instruction, 
+          * incl even byte instruction, eg jo (70) to jno (71)
+          * decl odd byte instruction,  eg jnle (7f) to jle (7e)
+          */ 
+         if(*c%2 == 0) { 
+           rc = (c - (unsigned char *) addr);
+           if (rc < sizeof(unsigned long)) {
+             ((unsigned char *) &res[count].new)[rc] = (*c) + 1;
+           
+           }
+
+           if (injectFault) {
+             *c = *c+1;
+           }
+         }  else {
+
+           rc = (c - (unsigned char *) addr);
+           if (rc < sizeof(unsigned long)) {
+             ((unsigned char *) &res[count].new)[rc] = (*c) - 1;
+             
+           }
+
+           if (injectFault) {
+             *c = *c-1;
+           }
+         }
+       } else if(*c==0x66 || *c==0x67) {       /* override prefix */
+         c++;
+       } else if(*(c++)==0xf && ((*c)&0xf0)==0x80 ) {
+         /* if we've jxx imm16/32 instruction, 
+          * incl even byte instruction, eg jo (80) to jno (81)
+          * decl odd byte instruction,  eg jnle (8f) to jle (8e)
+          */ 
+         if(*c%2 == 0) {
+           rc = (c - (unsigned char *) addr);
+           if (rc < sizeof(unsigned long)) {
+             ((unsigned char *) &res[count].new)[rc] = (*c) + 1;
+             
+           }
+           if (injectFault) {
+             *c = *c+1;
+           }
+         } else {
+           rc = (c - (unsigned char *) addr);
+           if (rc < sizeof(unsigned long)) {
+             ((unsigned char *) &res[count].new)[rc] = (*c) -1;
+             
+           }
+
+           if (injectFault) {
+             *c = *c-1;
+           }
+         }
+       }
+      
+    }
+    PDEBUG("%lx\n", *addr);
+  }
+  return(0);
+}
+
+
+#else // CONFIG_SWIFI
+
+long
+sys_inject_fault(char * module_name,
+                unsigned long argFaultType,
+                unsigned long argRandomSeed,
+                unsigned long argNumFaults,
+                pswifi_result_t result_record,
+                unsigned long do_inject)
+{
+  return(0);
+}
+
+#endif // CONFIG_SWIFI
+

diff --git a/commands/swifi/random.c b/commands/swifi/random.c
new file mode 100644 (file)
index 0000000..fd5845c
--- /dev/null
+++ b/commands/swifi/random.c
@@ -0,0 +1,72 @@
+/*-
+ * Copyright (c) 1992, 1993
+ *     The Regents of the University of California.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in the
+ *    documentation and/or other materials provided with the distribution.
+ * 3. All advertising materials mentioning features or use of this software
+ *    must display the following acknowledgement:
+ *     This product includes software developed by the University of
+ *     California, Berkeley and its contributors.
+ * 4. Neither the name of the University nor the names of its contributors
+ *    may be used to endorse or promote products derived from this software
+ *    without specific prior written permission.
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
+ * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
+ * ARE DISCLAIMED.  IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
+ * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
+ * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
+ * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
+ * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
+ * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
+ * SUCH DAMAGE.
+ *
+ *     @(#)random.c    8.1 (Berkeley) 6/10/93
+ * $Id: random.c,v 1.1 2003/01/15 21:50:59 mikesw Exp $
+ */
+
+#include "ddb.h"
+
+static unsigned long randseed = 1;
+
+void
+srandom(seed)
+       unsigned long seed;
+{
+       randseed = seed;
+}
+
+/*
+ * Pseudo-random number generator for randomizing the profiling clock,
+ * and whatever else we might use it for.  The result is uniform on
+ * [0, 2^31 - 1].
+ */
+unsigned long
+random()
+{
+       register long x, hi, lo, t;
+
+       /*
+        * Compute x[n + 1] = (7^5 * x[n]) mod (2^31 - 1).
+        * From "Random number generators: good ones are hard to find",
+        * Park and Miller, Communications of the ACM, vol. 31, no. 10,
+        * October 1988, p. 1195.
+        */
+       x = randseed;
+       hi = x / 127773;
+       lo = x % 127773;
+       t = 16807 * lo - 2836 * hi;
+       if (t <= 0)
+               t += 0x7fffffff;
+       randseed = t;
+       return (t);
+}

diff --git a/commands/swifi/swifi-2.4.18-a-patch b/commands/swifi/swifi-2.4.18-a-patch
new file mode 100644 (file)
index 0000000..49f40df
--- /dev/null
+++ b/commands/swifi/swifi-2.4.18-a-patch
@@ -0,0 +1,980 @@
+diff -ruN linux/arch/i386/kernel/entry.S linux-nonooks/arch/i386/kernel/entry.S
+--- linux/arch/i386/kernel/entry.S     2002-02-25 14:37:53.000000000 -0500
++++ linux-nonooks/arch/i386/kernel/entry.S     2005-01-12 15:30:51.000000000 -0500
+@@ -635,6 +635,61 @@
+       .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for lremovexattr */
+       .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
+ 
++#ifdef CONFIG_SWIFI   
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 240 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 245 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 250 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 255 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 260 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 265 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 270 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 275 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 280 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_ni_syscall)       /* 285 reserved for fremovexattr */
++      .long SYMBOL_NAME(sys_inject_fault)
++#endif /* CONFIG_SWIFI        */
++
+       .rept NR_syscalls-(.-sys_call_table)/4
+               .long SYMBOL_NAME(sys_ni_syscall)
+       .endr
++
++      
+diff -ruN linux/config-swifi linux-nonooks/config-swifi
+--- linux/config-swifi 1969-12-31 19:00:00.000000000 -0500
++++ linux-nonooks/config-swifi 2005-01-12 15:10:12.000000000 -0500
+@@ -0,0 +1,911 @@
++#
++# Automatically generated by make menuconfig: don't edit
++#
++CONFIG_X86=y
++CONFIG_ISA=y
++# CONFIG_SBUS is not set
++CONFIG_UID16=y
++
++#
++# Code maturity level options
++#
++CONFIG_EXPERIMENTAL=y
++
++#
++# Loadable module support
++#
++CONFIG_MODULES=y
++# CONFIG_MODVERSIONS is not set
++CONFIG_KMOD=y
++
++#
++# Processor type and features
++#
++# CONFIG_M386 is not set
++# CONFIG_M486 is not set
++# CONFIG_M586 is not set
++# CONFIG_M586TSC is not set
++# CONFIG_M586MMX is not set
++# CONFIG_M686 is not set
++CONFIG_MPENTIUMIII=y
++# CONFIG_MPENTIUM4 is not set
++# CONFIG_MK6 is not set
++# CONFIG_MK7 is not set
++# CONFIG_MELAN is not set
++# CONFIG_MCRUSOE is not set
++# CONFIG_MWINCHIPC6 is not set
++# CONFIG_MWINCHIP2 is not set
++# CONFIG_MWINCHIP3D is not set
++# CONFIG_MCYRIXIII is not set
++CONFIG_X86_WP_WORKS_OK=y
++CONFIG_X86_INVLPG=y
++CONFIG_X86_CMPXCHG=y
++CONFIG_X86_XADD=y
++CONFIG_X86_BSWAP=y
++CONFIG_X86_POPAD_OK=y
++# CONFIG_RWSEM_GENERIC_SPINLOCK is not set
++CONFIG_RWSEM_XCHGADD_ALGORITHM=y
++CONFIG_X86_L1_CACHE_SHIFT=5
++CONFIG_X86_TSC=y
++CONFIG_X86_GOOD_APIC=y
++CONFIG_X86_PGE=y
++CONFIG_X86_USE_PPRO_CHECKSUM=y
++# CONFIG_TOSHIBA is not set
++# CONFIG_I8K is not set
++CONFIG_MICROCODE=y
++CONFIG_X86_MSR=y
++CONFIG_X86_CPUID=y
++CONFIG_NOHIGHMEM=y
++# CONFIG_HIGHMEM4G is not set
++# CONFIG_HIGHMEM64G is not set
++# CONFIG_MATH_EMULATION is not set
++CONFIG_MTRR=y
++# CONFIG_SMP is not set
++# CONFIG_X86_UP_APIC is not set
++# CONFIG_X86_UP_IOAPIC is not set
++
++#
++# General setup
++#
++CONFIG_NET=y
++CONFIG_PCI=y
++# CONFIG_PCI_GOBIOS is not set
++# CONFIG_PCI_GODIRECT is not set
++CONFIG_PCI_GOANY=y
++CONFIG_PCI_BIOS=y
++CONFIG_PCI_DIRECT=y
++CONFIG_PCI_NAMES=y
++CONFIG_EISA=y
++# CONFIG_MCA is not set
++CONFIG_HOTPLUG=y
++
++#
++# PCMCIA/CardBus support
++#
++# CONFIG_PCMCIA is not set
++
++#
++# PCI Hotplug Support
++#
++# CONFIG_HOTPLUG_PCI is not set
++# CONFIG_HOTPLUG_PCI_COMPAQ is not set
++# CONFIG_HOTPLUG_PCI_COMPAQ_NVRAM is not set
++CONFIG_SYSVIPC=y
++CONFIG_BSD_PROCESS_ACCT=y
++CONFIG_SYSCTL=y
++CONFIG_KCORE_ELF=y
++# CONFIG_KCORE_AOUT is not set
++CONFIG_BINFMT_AOUT=y
++CONFIG_BINFMT_ELF=y
++# CONFIG_BINFMT_MISC is not set
++CONFIG_PM=y
++# CONFIG_ACPI is not set
++CONFIG_APM=y
++# CONFIG_APM_IGNORE_USER_SUSPEND is not set
++# CONFIG_APM_DO_ENABLE is not set
++CONFIG_APM_CPU_IDLE=y
++# CONFIG_APM_DISPLAY_BLANK is not set
++CONFIG_APM_RTC_IS_GMT=y
++# CONFIG_APM_ALLOW_INTS is not set
++# CONFIG_APM_REAL_MODE_POWER_OFF is not set
++
++#
++# Memory Technology Devices (MTD)
++#
++# CONFIG_MTD is not set
++
++#
++# Parallel port support
++#
++CONFIG_PARPORT=y
++CONFIG_PARPORT_PC=y
++CONFIG_PARPORT_PC_CML1=y
++# CONFIG_PARPORT_SERIAL is not set
++# CONFIG_PARPORT_PC_FIFO is not set
++# CONFIG_PARPORT_PC_SUPERIO is not set
++# CONFIG_PARPORT_AMIGA is not set
++# CONFIG_PARPORT_MFC3 is not set
++# CONFIG_PARPORT_ATARI is not set
++# CONFIG_PARPORT_GSC is not set
++# CONFIG_PARPORT_SUNBPP is not set
++# CONFIG_PARPORT_OTHER is not set
++CONFIG_PARPORT_1284=y
++
++#
++# Plug and Play configuration
++#
++CONFIG_PNP=y
++CONFIG_ISAPNP=y
++
++#
++# Block devices
++#
++CONFIG_BLK_DEV_FD=y
++# CONFIG_BLK_DEV_XD is not set
++# CONFIG_PARIDE is not set
++# CONFIG_BLK_CPQ_DA is not set
++# CONFIG_BLK_CPQ_CISS_DA is not set
++# CONFIG_BLK_DEV_DAC960 is not set
++CONFIG_BLK_DEV_LOOP=y
++CONFIG_BLK_DEV_NBD=y
++# CONFIG_BLK_DEV_RAM is not set
++# CONFIG_BLK_DEV_INITRD is not set
++
++#
++# Multi-device support (RAID and LVM)
++#
++# CONFIG_MD is not set
++# CONFIG_BLK_DEV_MD is not set
++# CONFIG_MD_LINEAR is not set
++# CONFIG_MD_RAID0 is not set
++# CONFIG_MD_RAID1 is not set
++# CONFIG_MD_RAID5 is not set
++# CONFIG_MD_MULTIPATH is not set
++# CONFIG_BLK_DEV_LVM is not set
++
++#
++# Networking options
++#
++CONFIG_PACKET=y
++CONFIG_PACKET_MMAP=y
++CONFIG_NETLINK_DEV=y
++CONFIG_NETFILTER=y
++# CONFIG_NETFILTER_DEBUG is not set
++CONFIG_FILTER=y
++CONFIG_UNIX=y
++CONFIG_INET=y
++CONFIG_IP_MULTICAST=y
++# CONFIG_IP_ADVANCED_ROUTER is not set
++# CONFIG_IP_PNP is not set
++# CONFIG_NET_IPIP is not set
++# CONFIG_NET_IPGRE is not set
++# CONFIG_IP_MROUTE is not set
++# CONFIG_ARPD is not set
++CONFIG_INET_ECN=y
++CONFIG_SYN_COOKIES=y
++
++#
++#   IP: Netfilter Configuration
++#
++# CONFIG_IP_NF_CONNTRACK is not set
++# CONFIG_IP_NF_QUEUE is not set
++# CONFIG_IP_NF_IPTABLES is not set
++# CONFIG_IP_NF_COMPAT_IPCHAINS is not set
++# CONFIG_IP_NF_COMPAT_IPFWADM is not set
++# CONFIG_IPV6 is not set
++CONFIG_KHTTPD=m
++# CONFIG_ATM is not set
++# CONFIG_VLAN_8021Q is not set
++# CONFIG_IPX is not set
++# CONFIG_ATALK is not set
++# CONFIG_DECNET is not set
++# CONFIG_BRIDGE is not set
++# CONFIG_X25 is not set
++# CONFIG_LAPB is not set
++# CONFIG_LLC is not set
++# CONFIG_NET_DIVERT is not set
++# CONFIG_ECONET is not set
++# CONFIG_WAN_ROUTER is not set
++# CONFIG_NET_FASTROUTE is not set
++# CONFIG_NET_HW_FLOWCONTROL is not set
++
++#
++# QoS and/or fair queueing
++#
++# CONFIG_NET_SCHED is not set
++
++#
++# Telephony Support
++#
++# CONFIG_PHONE is not set
++# CONFIG_PHONE_IXJ is not set
++# CONFIG_PHONE_IXJ_PCMCIA is not set
++
++#
++# ATA/IDE/MFM/RLL support
++#
++CONFIG_IDE=y
++
++#
++# IDE, ATA and ATAPI Block devices
++#
++CONFIG_BLK_DEV_IDE=y
++# CONFIG_BLK_DEV_HD_IDE is not set
++# CONFIG_BLK_DEV_HD is not set
++CONFIG_BLK_DEV_IDEDISK=y
++CONFIG_IDEDISK_MULTI_MODE=y
++# CONFIG_BLK_DEV_IDEDISK_VENDOR is not set
++# CONFIG_BLK_DEV_IDEDISK_FUJITSU is not set
++# CONFIG_BLK_DEV_IDEDISK_IBM is not set
++# CONFIG_BLK_DEV_IDEDISK_MAXTOR is not set
++# CONFIG_BLK_DEV_IDEDISK_QUANTUM is not set
++# CONFIG_BLK_DEV_IDEDISK_SEAGATE is not set
++# CONFIG_BLK_DEV_IDEDISK_WD is not set
++# CONFIG_BLK_DEV_COMMERIAL is not set
++# CONFIG_BLK_DEV_TIVO is not set
++# CONFIG_BLK_DEV_IDECS is not set
++CONFIG_BLK_DEV_IDECD=y
++# CONFIG_BLK_DEV_IDETAPE is not set
++# CONFIG_BLK_DEV_IDEFLOPPY is not set
++# CONFIG_BLK_DEV_IDESCSI is not set
++CONFIG_BLK_DEV_CMD640=y
++# CONFIG_BLK_DEV_CMD640_ENHANCED is not set
++CONFIG_BLK_DEV_ISAPNP=y
++CONFIG_BLK_DEV_RZ1000=y
++CONFIG_BLK_DEV_IDEPCI=y
++CONFIG_IDEPCI_SHARE_IRQ=y
++CONFIG_BLK_DEV_IDEDMA_PCI=y
++CONFIG_BLK_DEV_ADMA=y
++# CONFIG_BLK_DEV_OFFBOARD is not set
++CONFIG_IDEDMA_PCI_AUTO=y
++CONFIG_BLK_DEV_IDEDMA=y
++# CONFIG_IDEDMA_PCI_WIP is not set
++# CONFIG_IDEDMA_NEW_DRIVE_LISTINGS is not set
++CONFIG_BLK_DEV_AEC62XX=y
++CONFIG_AEC62XX_TUNING=y
++CONFIG_BLK_DEV_ALI15X3=y
++# CONFIG_WDC_ALI15X3 is not set
++CONFIG_BLK_DEV_AMD74XX=y
++# CONFIG_AMD74XX_OVERRIDE is not set
++CONFIG_BLK_DEV_CMD64X=y
++CONFIG_BLK_DEV_CY82C693=y
++CONFIG_BLK_DEV_CS5530=y
++CONFIG_BLK_DEV_HPT34X=y
++# CONFIG_HPT34X_AUTODMA is not set
++CONFIG_BLK_DEV_HPT366=y
++CONFIG_BLK_DEV_PIIX=y
++CONFIG_PIIX_TUNING=y
++# CONFIG_BLK_DEV_NS87415 is not set
++# CONFIG_BLK_DEV_OPTI621 is not set
++CONFIG_BLK_DEV_PDC202XX=y
++# CONFIG_PDC202XX_BURST is not set
++CONFIG_PDC202XX_FORCE=y
++CONFIG_BLK_DEV_SVWKS=y
++CONFIG_BLK_DEV_SIS5513=y
++CONFIG_BLK_DEV_SLC90E66=y
++# CONFIG_BLK_DEV_TRM290 is not set
++CONFIG_BLK_DEV_VIA82CXXX=y
++# CONFIG_IDE_CHIPSETS is not set
++CONFIG_IDEDMA_AUTO=y
++# CONFIG_IDEDMA_IVB is not set
++# CONFIG_DMA_NONPCI is not set
++CONFIG_BLK_DEV_IDE_MODES=y
++# CONFIG_BLK_DEV_ATARAID is not set
++# CONFIG_BLK_DEV_ATARAID_PDC is not set
++# CONFIG_BLK_DEV_ATARAID_HPT is not set
++
++#
++# SCSI support
++#
++# CONFIG_SCSI is not set
++
++#
++# Fusion MPT device support
++#
++# CONFIG_FUSION is not set
++# CONFIG_FUSION_BOOT is not set
++# CONFIG_FUSION_ISENSE is not set
++# CONFIG_FUSION_CTL is not set
++# CONFIG_FUSION_LAN is not set
++
++#
++# IEEE 1394 (FireWire) support (EXPERIMENTAL)
++#
++# CONFIG_IEEE1394 is not set
++
++#
++# I2O device support
++#
++# CONFIG_I2O is not set
++# CONFIG_I2O_PCI is not set
++# CONFIG_I2O_BLOCK is not set
++# CONFIG_I2O_LAN is not set
++# CONFIG_I2O_SCSI is not set
++# CONFIG_I2O_PROC is not set
++
++#
++# Network device support
++#
++CONFIG_NETDEVICES=y
++
++#
++# ARCnet devices
++#
++# CONFIG_ARCNET is not set
++CONFIG_DUMMY=m
++# CONFIG_BONDING is not set
++# CONFIG_EQUALIZER is not set
++# CONFIG_TUN is not set
++# CONFIG_ETHERTAP is not set
++# CONFIG_NET_SB1000 is not set
++
++#
++# Ethernet (10 or 100Mbit)
++#
++CONFIG_NET_ETHERNET=y
++# CONFIG_SUNLANCE is not set
++# CONFIG_HAPPYMEAL is not set
++# CONFIG_SUNBMAC is not set
++# CONFIG_SUNQE is not set
++# CONFIG_SUNGEM is not set
++CONFIG_NET_VENDOR_3COM=y
++# CONFIG_EL1 is not set
++# CONFIG_EL2 is not set
++# CONFIG_ELPLUS is not set
++# CONFIG_EL16 is not set
++# CONFIG_EL3 is not set
++# CONFIG_3C515 is not set
++# CONFIG_ELMC is not set
++# CONFIG_ELMC_II is not set
++CONFIG_VORTEX=m
++CONFIG_LANCE=m
++# CONFIG_NET_VENDOR_SMC is not set
++# CONFIG_NET_VENDOR_RACAL is not set
++# CONFIG_AT1700 is not set
++# CONFIG_DEPCA is not set
++# CONFIG_HP100 is not set
++# CONFIG_NET_ISA is not set
++CONFIG_NET_PCI=y
++CONFIG_PCNET32=m
++# CONFIG_ADAPTEC_STARFIRE is not set
++# CONFIG_AC3200 is not set
++# CONFIG_APRICOT is not set
++# CONFIG_CS89x0 is not set
++CONFIG_TULIP=m
++# CONFIG_TULIP_MWI is not set
++# CONFIG_TULIP_MMIO is not set
++# CONFIG_DE4X5 is not set
++# CONFIG_DGRS is not set
++# CONFIG_DM9102 is not set
++CONFIG_EEPRO100=m
++# CONFIG_LNE390 is not set
++# CONFIG_FEALNX is not set
++# CONFIG_NATSEMI is not set
++# CONFIG_NE2K_PCI is not set
++# CONFIG_NE3210 is not set
++# CONFIG_ES3210 is not set
++# CONFIG_8139CP is not set
++# CONFIG_8139TOO is not set
++# CONFIG_8139TOO_PIO is not set
++# CONFIG_8139TOO_TUNE_TWISTER is not set
++# CONFIG_8139TOO_8129 is not set
++# CONFIG_8139_NEW_RX_RESET is not set
++# CONFIG_SIS900 is not set
++# CONFIG_EPIC100 is not set
++# CONFIG_SUNDANCE is not set
++# CONFIG_TLAN is not set
++# CONFIG_VIA_RHINE is not set
++# CONFIG_VIA_RHINE_MMIO is not set
++# CONFIG_WINBOND_840 is not set
++# CONFIG_NET_POCKET is not set
++
++#
++# Ethernet (1000 Mbit)
++#
++# CONFIG_ACENIC is not set
++# CONFIG_DL2K is not set
++# CONFIG_MYRI_SBUS is not set
++# CONFIG_NS83820 is not set
++# CONFIG_HAMACHI is not set
++# CONFIG_YELLOWFIN is not set
++# CONFIG_SK98LIN is not set
++# CONFIG_FDDI is not set
++# CONFIG_HIPPI is not set
++# CONFIG_PLIP is not set
++# CONFIG_PPP is not set
++# CONFIG_SLIP is not set
++
++#
++# Wireless LAN (non-hamradio)
++#
++# CONFIG_NET_RADIO is not set
++
++#
++# Token Ring devices
++#
++# CONFIG_TR is not set
++# CONFIG_NET_FC is not set
++# CONFIG_RCPCI is not set
++# CONFIG_SHAPER is not set
++
++#
++# Wan interfaces
++#
++# CONFIG_WAN is not set
++
++#
++# Amateur Radio support
++#
++# CONFIG_HAMRADIO is not set
++
++#
++# IrDA (infrared) support
++#
++# CONFIG_IRDA is not set
++
++#
++# ISDN subsystem
++#
++# CONFIG_ISDN is not set
++
++#
++# Old CD-ROM drivers (not SCSI, not IDE)
++#
++# CONFIG_CD_NO_IDESCSI is not set
++
++#
++# Input core support
++#
++CONFIG_INPUT=m
++CONFIG_INPUT_KEYBDEV=m
++CONFIG_INPUT_MOUSEDEV=m
++CONFIG_INPUT_MOUSEDEV_SCREEN_X=1024
++CONFIG_INPUT_MOUSEDEV_SCREEN_Y=768
++# CONFIG_INPUT_JOYDEV is not set
++CONFIG_INPUT_EVDEV=m
++
++#
++# Character devices
++#
++CONFIG_VT=y
++CONFIG_VT_CONSOLE=y
++CONFIG_SERIAL=y
++CONFIG_SERIAL_CONSOLE=y
++CONFIG_SERIAL_EXTENDED=y
++CONFIG_SERIAL_MANY_PORTS=y
++CONFIG_SERIAL_SHARE_IRQ=y
++# CONFIG_SERIAL_DETECT_IRQ is not set
++CONFIG_SERIAL_MULTIPORT=y
++# CONFIG_HUB6 is not set
++# CONFIG_SERIAL_NONSTANDARD is not set
++CONFIG_UNIX98_PTYS=y
++CONFIG_UNIX98_PTY_COUNT=2048
++CONFIG_PRINTER=m
++CONFIG_LP_CONSOLE=y
++CONFIG_PPDEV=y
++
++#
++# I2C support
++#
++# CONFIG_I2C is not set
++
++#
++# Mice
++#
++CONFIG_BUSMOUSE=m
++CONFIG_ATIXL_BUSMOUSE=m
++CONFIG_LOGIBUSMOUSE=m
++CONFIG_MS_BUSMOUSE=m
++CONFIG_MOUSE=y
++CONFIG_PSMOUSE=y
++CONFIG_82C710_MOUSE=m
++CONFIG_PC110_PAD=m
++
++#
++# Joysticks
++#
++# CONFIG_INPUT_GAMEPORT is not set
++# CONFIG_INPUT_NS558 is not set
++# CONFIG_INPUT_LIGHTNING is not set
++# CONFIG_INPUT_PCIGAME is not set
++# CONFIG_INPUT_CS461X is not set
++# CONFIG_INPUT_EMU10K1 is not set
++# CONFIG_INPUT_SERIO is not set
++# CONFIG_INPUT_SERPORT is not set
++# CONFIG_INPUT_ANALOG is not set
++# CONFIG_INPUT_A3D is not set
++# CONFIG_INPUT_ADI is not set
++# CONFIG_INPUT_COBRA is not set
++# CONFIG_INPUT_GF2K is not set
++# CONFIG_INPUT_GRIP is not set
++# CONFIG_INPUT_INTERACT is not set
++# CONFIG_INPUT_TMDC is not set
++# CONFIG_INPUT_SIDEWINDER is not set
++# CONFIG_INPUT_IFORCE_USB is not set
++# CONFIG_INPUT_IFORCE_232 is not set
++# CONFIG_INPUT_WARRIOR is not set
++# CONFIG_INPUT_MAGELLAN is not set
++# CONFIG_INPUT_SPACEORB is not set
++# CONFIG_INPUT_SPACEBALL is not set
++# CONFIG_INPUT_STINGER is not set
++# CONFIG_INPUT_DB9 is not set
++# CONFIG_INPUT_GAMECON is not set
++# CONFIG_INPUT_TURBOGRAFX is not set
++# CONFIG_QIC02_TAPE is not set
++
++#
++# Watchdog Cards
++#
++# CONFIG_WATCHDOG is not set
++CONFIG_INTEL_RNG=m
++# CONFIG_NVRAM is not set
++CONFIG_RTC=y
++CONFIG_DTLK=y
++# CONFIG_R3964 is not set
++# CONFIG_APPLICOM is not set
++# CONFIG_SONYPI is not set
++
++#
++# Ftape, the floppy tape device driver
++#
++# CONFIG_FTAPE is not set
++CONFIG_AGP=m
++CONFIG_AGP_INTEL=y
++CONFIG_AGP_I810=y
++CONFIG_AGP_VIA=y
++CONFIG_AGP_AMD=y
++CONFIG_AGP_SIS=y
++CONFIG_AGP_ALI=y
++CONFIG_AGP_SWORKS=y
++CONFIG_DRM=y
++# CONFIG_DRM_OLD is not set
++CONFIG_DRM_NEW=y
++CONFIG_DRM_TDFX=y
++CONFIG_DRM_R128=m
++CONFIG_DRM_RADEON=m
++CONFIG_DRM_I810=m
++CONFIG_DRM_MGA=m
++# CONFIG_DRM_SIS is not set
++# CONFIG_MWAVE is not set
++
++#
++# Multimedia devices
++#
++# CONFIG_VIDEO_DEV is not set
++
++#
++# File systems
++#
++CONFIG_QUOTA=y
++CONFIG_AUTOFS_FS=y
++CONFIG_AUTOFS4_FS=y
++CONFIG_REISERFS_FS=m
++# CONFIG_REISERFS_CHECK is not set
++CONFIG_REISERFS_PROC_INFO=y
++# CONFIG_ADFS_FS is not set
++# CONFIG_ADFS_FS_RW is not set
++# CONFIG_AFFS_FS is not set
++# CONFIG_HFS_FS is not set
++# CONFIG_BFS_FS is not set
++CONFIG_EXT3_FS=y
++CONFIG_JBD=y
++# CONFIG_JBD_DEBUG is not set
++CONFIG_FAT_FS=m
++CONFIG_MSDOS_FS=m
++# CONFIG_UMSDOS_FS is not set
++CONFIG_VFAT_FS=m
++# CONFIG_EFS_FS is not set
++# CONFIG_JFFS_FS is not set
++# CONFIG_JFFS2_FS is not set
++# CONFIG_CRAMFS is not set
++CONFIG_TMPFS=y
++CONFIG_RAMFS=m
++CONFIG_ISO9660_FS=y
++CONFIG_JOLIET=y
++CONFIG_ZISOFS=y
++# CONFIG_MINIX_FS is not set
++# CONFIG_VXFS_FS is not set
++# CONFIG_NTFS_FS is not set
++# CONFIG_NTFS_RW is not set
++# CONFIG_HPFS_FS is not set
++CONFIG_PROC_FS=y
++# CONFIG_DEVFS_FS is not set
++# CONFIG_DEVFS_MOUNT is not set
++# CONFIG_DEVFS_DEBUG is not set
++CONFIG_DEVPTS_FS=y
++# CONFIG_QNX4FS_FS is not set
++# CONFIG_QNX4FS_RW is not set
++# CONFIG_ROMFS_FS is not set
++CONFIG_EXT2_FS=y
++# CONFIG_SYSV_FS is not set
++# CONFIG_UDF_FS is not set
++# CONFIG_UDF_RW is not set
++# CONFIG_UFS_FS is not set
++# CONFIG_UFS_FS_WRITE is not set
++
++#
++# Network File Systems
++#
++# CONFIG_CODA_FS is not set
++# CONFIG_INTERMEZZO_FS is not set
++CONFIG_NFS_FS=y
++CONFIG_NFS_V3=y
++# CONFIG_ROOT_NFS is not set
++CONFIG_NFSD=y
++CONFIG_NFSD_V3=y
++CONFIG_SUNRPC=y
++CONFIG_LOCKD=y
++CONFIG_LOCKD_V4=y
++CONFIG_SMB_FS=m
++# CONFIG_SMB_NLS_DEFAULT is not set
++# CONFIG_NCP_FS is not set
++# CONFIG_NCPFS_PACKET_SIGNING is not set
++# CONFIG_NCPFS_IOCTL_LOCKING is not set
++# CONFIG_NCPFS_STRONG is not set
++# CONFIG_NCPFS_NFS_NS is not set
++# CONFIG_NCPFS_OS2_NS is not set
++# CONFIG_NCPFS_SMALLDOS is not set
++# CONFIG_NCPFS_NLS is not set
++# CONFIG_NCPFS_EXTRAS is not set
++CONFIG_ZISOFS_FS=y
++CONFIG_ZLIB_FS_INFLATE=y
++
++#
++# Partition Types
++#
++CONFIG_PARTITION_ADVANCED=y
++# CONFIG_ACORN_PARTITION is not set
++# CONFIG_OSF_PARTITION is not set
++# CONFIG_AMIGA_PARTITION is not set
++# CONFIG_ATARI_PARTITION is not set
++# CONFIG_MAC_PARTITION is not set
++CONFIG_MSDOS_PARTITION=y
++CONFIG_BSD_DISKLABEL=y
++# CONFIG_MINIX_SUBPARTITION is not set
++# CONFIG_SOLARIS_X86_PARTITION is not set
++# CONFIG_UNIXWARE_DISKLABEL is not set
++# CONFIG_LDM_PARTITION is not set
++# CONFIG_SGI_PARTITION is not set
++# CONFIG_ULTRIX_PARTITION is not set
++# CONFIG_SUN_PARTITION is not set
++CONFIG_SMB_NLS=y
++CONFIG_NLS=y
++
++#
++# Native Language Support
++#
++CONFIG_NLS_DEFAULT="iso8859-1"
++CONFIG_NLS_CODEPAGE_437=m
++CONFIG_NLS_CODEPAGE_737=m
++CONFIG_NLS_CODEPAGE_775=m
++CONFIG_NLS_CODEPAGE_850=m
++CONFIG_NLS_CODEPAGE_852=m
++CONFIG_NLS_CODEPAGE_855=m
++CONFIG_NLS_CODEPAGE_857=m
++CONFIG_NLS_CODEPAGE_860=m
++CONFIG_NLS_CODEPAGE_861=m
++CONFIG_NLS_CODEPAGE_862=m
++CONFIG_NLS_CODEPAGE_863=m
++CONFIG_NLS_CODEPAGE_864=m
++CONFIG_NLS_CODEPAGE_865=m
++CONFIG_NLS_CODEPAGE_866=m
++CONFIG_NLS_CODEPAGE_869=m
++CONFIG_NLS_CODEPAGE_936=m
++CONFIG_NLS_CODEPAGE_950=m
++CONFIG_NLS_CODEPAGE_932=m
++CONFIG_NLS_CODEPAGE_949=m
++CONFIG_NLS_CODEPAGE_874=m
++CONFIG_NLS_ISO8859_8=m
++CONFIG_NLS_CODEPAGE_1250=m
++CONFIG_NLS_CODEPAGE_1251=m
++CONFIG_NLS_ISO8859_1=m
++CONFIG_NLS_ISO8859_2=m
++CONFIG_NLS_ISO8859_3=m
++CONFIG_NLS_ISO8859_4=m
++CONFIG_NLS_ISO8859_5=m
++CONFIG_NLS_ISO8859_6=m
++CONFIG_NLS_ISO8859_7=m
++CONFIG_NLS_ISO8859_9=m
++CONFIG_NLS_ISO8859_13=m
++CONFIG_NLS_ISO8859_14=m
++CONFIG_NLS_ISO8859_15=m
++CONFIG_NLS_KOI8_R=m
++CONFIG_NLS_KOI8_U=m
++CONFIG_NLS_UTF8=m
++
++#
++# Console drivers
++#
++CONFIG_VGA_CONSOLE=y
++CONFIG_VIDEO_SELECT=y
++CONFIG_MDA_CONSOLE=m
++
++#
++# Frame-buffer support
++#
++CONFIG_FB=y
++CONFIG_DUMMY_CONSOLE=y
++# CONFIG_FB_RIVA is not set
++# CONFIG_FB_CLGEN is not set
++# CONFIG_FB_PM2 is not set
++# CONFIG_FB_CYBER2000 is not set
++CONFIG_FB_VESA=y
++CONFIG_FB_VGA16=m
++# CONFIG_FB_HGA is not set
++CONFIG_VIDEO_SELECT=y
++CONFIG_FB_MATROX=m
++CONFIG_FB_MATROX_MILLENIUM=y
++CONFIG_FB_MATROX_MYSTIQUE=y
++CONFIG_FB_MATROX_G100=y
++# CONFIG_FB_MATROX_G450 is not set
++CONFIG_FB_MATROX_MULTIHEAD=y
++CONFIG_FB_ATY=m
++CONFIG_FB_ATY_GX=y
++CONFIG_FB_ATY_CT=y
++CONFIG_FB_RADEON=m
++CONFIG_FB_ATY128=m
++# CONFIG_FB_SIS is not set
++# CONFIG_FB_3DFX is not set
++# CONFIG_FB_VOODOO1 is not set
++# CONFIG_FB_TRIDENT is not set
++# CONFIG_FB_VIRTUAL is not set
++# CONFIG_FBCON_ADVANCED is not set
++CONFIG_FBCON_CFB8=y
++CONFIG_FBCON_CFB16=y
++CONFIG_FBCON_CFB24=y
++CONFIG_FBCON_CFB32=y
++CONFIG_FBCON_VGA_PLANES=m
++# CONFIG_FBCON_FONTWIDTH8_ONLY is not set
++# CONFIG_FBCON_FONTS is not set
++CONFIG_FONT_8x8=y
++CONFIG_FONT_8x16=y
++
++#
++# Sound
++#
++CONFIG_SOUND=m
++# CONFIG_SOUND_BT878 is not set
++# CONFIG_SOUND_CMPCI is not set
++CONFIG_SOUND_EMU10K1=m
++# CONFIG_MIDI_EMU10K1 is not set
++# CONFIG_SOUND_FUSION is not set
++# CONFIG_SOUND_CS4281 is not set
++# CONFIG_SOUND_ES1370 is not set
++CONFIG_SOUND_ES1371=m
++# CONFIG_SOUND_ESSSOLO1 is not set
++# CONFIG_SOUND_MAESTRO is not set
++# CONFIG_SOUND_MAESTRO3 is not set
++CONFIG_SOUND_ICH=m
++# CONFIG_SOUND_RME96XX is not set
++# CONFIG_SOUND_SONICVIBES is not set
++# CONFIG_SOUND_TRIDENT is not set
++# CONFIG_SOUND_MSNDCLAS is not set
++# CONFIG_SOUND_MSNDPIN is not set
++# CONFIG_SOUND_VIA82CXXX is not set
++# CONFIG_MIDI_VIA82CXXX is not set
++CONFIG_SOUND_OSS=m
++# CONFIG_SOUND_TRACEINIT is not set
++CONFIG_SOUND_DMAP=y
++# CONFIG_SOUND_AD1816 is not set
++# CONFIG_SOUND_SGALAXY is not set
++# CONFIG_SOUND_ADLIB is not set
++# CONFIG_SOUND_ACI_MIXER is not set
++CONFIG_SOUND_CS4232=m
++# CONFIG_SOUND_SSCAPE is not set
++# CONFIG_SOUND_GUS is not set
++# CONFIG_SOUND_VMIDI is not set
++# CONFIG_SOUND_TRIX is not set
++# CONFIG_SOUND_MSS is not set
++# CONFIG_SOUND_MPU401 is not set
++# CONFIG_SOUND_NM256 is not set
++# CONFIG_SOUND_MAD16 is not set
++# CONFIG_SOUND_PAS is not set
++# CONFIG_PAS_JOYSTICK is not set
++# CONFIG_SOUND_PSS is not set
++CONFIG_SOUND_SB=m
++# CONFIG_SOUND_AWE32_SYNTH is not set
++# CONFIG_SOUND_WAVEFRONT is not set
++# CONFIG_SOUND_MAUI is not set
++# CONFIG_SOUND_YM3812 is not set
++# CONFIG_SOUND_OPL3SA1 is not set
++# CONFIG_SOUND_OPL3SA2 is not set
++# CONFIG_SOUND_YMFPCI is not set
++# CONFIG_SOUND_YMFPCI_LEGACY is not set
++# CONFIG_SOUND_UART6850 is not set
++# CONFIG_SOUND_AEDSP16 is not set
++# CONFIG_SOUND_TVMIXER is not set
++
++#
++# USB support
++#
++CONFIG_USB=y
++# CONFIG_USB_DEBUG is not set
++CONFIG_USB_DEVICEFS=y
++# CONFIG_USB_BANDWIDTH is not set
++CONFIG_USB_LONG_TIMEOUT=y
++CONFIG_USB_UHCI=m
++CONFIG_USB_UHCI_ALT=m
++CONFIG_USB_OHCI=m
++# CONFIG_USB_AUDIO is not set
++CONFIG_USB_BLUETOOTH=y
++# CONFIG_USB_STORAGE is not set
++# CONFIG_USB_STORAGE_DEBUG is not set
++# CONFIG_USB_STORAGE_DATAFAB is not set
++# CONFIG_USB_STORAGE_FREECOM is not set
++# CONFIG_USB_STORAGE_ISD200 is not set
++# CONFIG_USB_STORAGE_DPCM is not set
++# CONFIG_USB_STORAGE_HP8200e is not set
++# CONFIG_USB_STORAGE_SDDR09 is not set
++# CONFIG_USB_STORAGE_JUMPSHOT is not set
++# CONFIG_USB_ACM is not set
++# CONFIG_USB_PRINTER is not set
++CONFIG_USB_HID=m
++CONFIG_USB_HIDDEV=y
++# CONFIG_USB_KBD is not set
++# CONFIG_USB_MOUSE is not set
++CONFIG_USB_WACOM=m
++# CONFIG_USB_DC2XX is not set
++# CONFIG_USB_MDC800 is not set
++# CONFIG_USB_SCANNER is not set
++# CONFIG_USB_MICROTEK is not set
++# CONFIG_USB_HPUSBSCSI is not set
++# CONFIG_USB_PEGASUS is not set
++# CONFIG_USB_KAWETH is not set
++# CONFIG_USB_CATC is not set
++# CONFIG_USB_CDCETHER is not set
++# CONFIG_USB_USBNET is not set
++# CONFIG_USB_USS720 is not set
++
++#
++# USB Serial Converter support
++#
++# CONFIG_USB_SERIAL is not set
++# CONFIG_USB_SERIAL_GENERIC is not set
++# CONFIG_USB_SERIAL_BELKIN is not set
++# CONFIG_USB_SERIAL_WHITEHEAT is not set
++# CONFIG_USB_SERIAL_DIGI_ACCELEPORT is not set
++# CONFIG_USB_SERIAL_EMPEG is not set
++# CONFIG_USB_SERIAL_FTDI_SIO is not set
++# CONFIG_USB_SERIAL_VISOR is not set
++# CONFIG_USB_SERIAL_IPAQ is not set
++# CONFIG_USB_SERIAL_IR is not set
++# CONFIG_USB_SERIAL_EDGEPORT is not set
++# CONFIG_USB_SERIAL_KEYSPAN_PDA is not set
++# CONFIG_USB_SERIAL_KEYSPAN is not set
++# CONFIG_USB_SERIAL_KEYSPAN_USA28 is not set
++# CONFIG_USB_SERIAL_KEYSPAN_USA28X is not set
++# CONFIG_USB_SERIAL_KEYSPAN_USA28XA is not set
++# CONFIG_USB_SERIAL_KEYSPAN_USA28XB is not set
++# CONFIG_USB_SERIAL_KEYSPAN_USA19 is not set
++# CONFIG_USB_SERIAL_KEYSPAN_USA18X is not set
++# CONFIG_USB_SERIAL_KEYSPAN_USA19W is not set
++# CONFIG_USB_SERIAL_KEYSPAN_USA49W is not set
++# CONFIG_USB_SERIAL_MCT_U232 is not set
++# CONFIG_USB_SERIAL_KLSI is not set
++# CONFIG_USB_SERIAL_PL2303 is not set
++# CONFIG_USB_SERIAL_CYBERJACK is not set
++# CONFIG_USB_SERIAL_XIRCOM is not set
++# CONFIG_USB_SERIAL_OMNINET is not set
++# CONFIG_USB_RIO500 is not set
++
++#
++# Bluetooth support
++#
++# CONFIG_BLUEZ is not set
++
++#
++# Kernel hacking
++#
++CONFIG_DEBUG_KERNEL=y
++# CONFIG_DEBUG_HIGHMEM is not set
++# CONFIG_DEBUG_SLAB is not set
++# CONFIG_DEBUG_IOVIRT is not set
++CONFIG_MAGIC_SYSRQ=y
++# CONFIG_DEBUG_SPINLOCK is not set
++CONFIG_DEBUG_BUGVERBOSE=y
++# CONFIG_KDB is not set
++# CONFIG_KDB_MODULES is not set
++CONFIG_KALLSYMS=y
++CONFIG_FRAME_POINTER=y
++CONFIG_SWIFI=y
++CONFIG_NOOKS=y

diff --git a/commands/swifi/swifi-ksyms.c b/commands/swifi/swifi-ksyms.c
new file mode 100644 (file)
index 0000000..f580924
--- /dev/null
+++ b/commands/swifi/swifi-ksyms.c
@@ -0,0 +1,32 @@
+/*
+ * swifi-ksyms.c -- exported symbols for wrappers od system functions
+ *
+ * Copyright (C) 2003 Mike Swift
+ *
+ * The source code in this file can be freely used, adapted,
+ * and redistributed in source or binary form, so long as an
+ * acknowledgment appears in derived source files.  
+ * No warranty is attached;
+ * we cannot take responsibility for errors or fitness for use.
+ *
+ */
+
+#include <linux/kernel.h>
+#include <linux/module.h>
+#include "swifi.h"
+
+
+EXPORT_SYMBOL(sys_inject_fault);
+ 
+EXPORT_SYMBOL(swifi_memmove_fn);
+EXPORT_SYMBOL(swifi_memcpy_fn);
+EXPORT_SYMBOL(memmove_fn);
+EXPORT_SYMBOL(memcpy_fn);
+EXPORT_SYMBOL(swifi_kfree);
+EXPORT_SYMBOL(swifi_vfree);
+EXPORT_SYMBOL(swifi_kmalloc);
+EXPORT_SYMBOL(swifi___vmalloc);
+EXPORT_SYMBOL(swifi___generic_copy_from_user);
+EXPORT_SYMBOL(swifi___generic_copy_to_user);
+
+

diff --git a/commands/swifi/swifi-user.h b/commands/swifi/swifi-user.h
new file mode 100644 (file)
index 0000000..d24aece
--- /dev/null
+++ b/commands/swifi/swifi-user.h
@@ -0,0 +1,46 @@
+#ifndef _SWIFI_USER_H
+#define _SWIFI_USER_H
+
+
+#define TEXT_FAULT     0
+#define STACK_FAULT    1
+#define HEAP_FAULT     2
+#define INIT_FAULT      3
+#define NOP_FAULT       4
+#define DST_FAULT       5
+#define SRC_FAULT       6
+#define BRANCH_FAULT    7
+#define PTR_FAULT       8
+#define FREE_FAULT      9      
+#define BCOPY_FAULT     10
+#define SYNC_FAULT      11
+#define LOOP_FAULT      12
+#define MEM_LEAK_FAULT  13
+#define INTERFACE_FAULT 14
+#define DIRECT_FAULT   15
+#define DIRECT_FAULT1  16
+#define STATS           17
+#define WP_FAULT       19
+#define PANIC_FAULT    20
+#define WHILE1_FAULT   21
+#define DEBUGGER_FAULT 22
+#define CPU_RESET_FAULT        23
+#define PAGE_REG_DUMP  24
+#define COW_FAULT      25
+#define IRQ_FAULT       26
+#define ALLOC_FAULT     27
+#define DISK_TEST              100
+
+
+#define SWIFI_MAX_FAULTS 1000
+
+typedef struct swifi_result {
+  unsigned long address;
+  unsigned long old;
+  unsigned long new;
+} swifi_result_t, *pswifi_result_t;
+
+ 
+
+#endif // _SWIFI_USER_H
+

diff --git a/commands/swifi/swifi.h b/commands/swifi/swifi.h
new file mode 100644 (file)
index 0000000..b5e5364
--- /dev/null
+++ b/commands/swifi/swifi.h
@@ -0,0 +1,61 @@
+#ifndef _LINUX_SWIFI_H
+#define _LINUX_SWIFI_H
+
+#include "swifi-user.h"
+
+long
+swifi_inject_fault(char * nook_name,
+                  unsigned long faultType,
+                  unsigned long randSeed,
+                  unsigned long numFaults,
+                  void * results,
+                  unsigned long do_inject);
+
+
+long 
+sys_inject_fault(char * module,
+                unsigned long argFaultType,
+                unsigned long argRandomSeed,
+                unsigned long argNumFaults,
+                pswifi_result_t result_record,
+                unsigned long argInjectFault);
+
+void
+swifi_kfree(const void *addr);
+
+
+void
+swifi_vfree(void *addr);
+
+
+void *
+swifi_memmove_fn(void *to, void *from, size_t len);
+
+
+void *
+swifi_memcpy_fn(void *to, void *from, size_t len);
+
+
+void *
+memmove_fn(void *to, void *from, size_t len);
+
+void *
+memcpy_fn(void *to, void *from, size_t len);
+
+unsigned long
+swifi___generic_copy_from_user (void *kaddr, void *udaddr, unsigned long len);
+
+unsigned long  
+swifi___generic_copy_to_user(void *udaddr, void *kaddr, unsigned long len);
+
+
+void *
+swifi_kmalloc(size_t size, int flags);
+
+
+void *
+swifi___vmalloc(unsigned long size, int gfp_mask, pgprot_t prot);
+ 
+
+#endif // _LINUX_SWIFI_H
+