Hello, My name is Nikita, I am a researcher at a university in Brussels and I am currently trying to modify simulavr to produce data for side-channel analysis (SCA) ofr security & cryptography research purposes. I am very happy with the way this simulator works and I figured out how to modify it in order to make something that I need for my research. However I have a small problem that I can not figure out and I hope that you can help me with it.
I took the latest version of your code on the official website (1.0.0). I am modifiyng avrdevice.cpp in the following way: there are several Get and Set reg methods in the class AvrDevice What I need is to output the value beeing read and/or written at each memory access, so for example: unsigned char AvrDevice::GetCoreReg(unsigned addr) { assert(addr < registerSpaceSize); return *(rw[addr]); } Became: unsigned char AvrDevice::GetCoreReg(unsigned addr) { assert(addr < registerSpaceSize); leakValue( *(rw[addr]) ); // funciton that actually appends the value into a file "trace.txt" return *(rw[addr]); } These modifications work ok on all these Get and Set functions except the ons that work with IOReg: - AvrDevice::GetIOReg - AvrDevice::SetIOReg - AvrDevice::SetIORegBit If I do something like that on AvrDevice::GetIOReg it changes the behaviour of the program when I test it: only each 2nd character entered by the used is actually handled by the program (I am testing it on examples/simple_ex1 that is also on the website). I found a hack to me it work for AvrDevice::GetIOReg by just reading the value once in a tmp variable and then using it in my leakValue funciton and in the return, like that: unsigned char AvrDevice::GetIOReg(unsigned addr) { assert(addr < ioSpaceSize); // callers do use 0x00 base, not 0x20 unsigned char tmp = *(rw[addr + registerSpaceSize]); leakOnRead( tmp ); return tmp; } However as soon as I try to do something similar on AvrDevice::SetIOReg I get the following error during the execution: simulavr: hwstack.cpp:282: void ThreadList::OnSPRead(int): Assertion `0 != SP_value' failed. Aborted (core dumped) This is the command that I am using: ./simulavr -d atmega128 -f ../examples/simple_ex1/simple_atmega128.elf -W 0x20,- -R 0x22,- -T exit For the Set command what I would like to have it the previous value stored in the memory and the new one beeing written, something like that (which works perfectly for CoreReg): bool AvrDevice::SetCoreReg(unsigned addr, unsigned char val) { assert(addr < registerSpaceSize); leakOnWrite(*(rw[addr]), val); // this is my only addition to the original code *(rw[addr]) = val; return true; } And here is the gdb execution trace: _______________________________________________________________________________________ simulavr: hwstack.cpp:282: void ThreadList::OnSPRead(int): Assertion `0 != SP_value' failed. Program received signal SIGABRT, Aborted. 0x00007ffff720ecc9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 56 ../nptl/sysdeps/unix/sysv/linux/raise.c: No such file or directory. (gdb) bt #0 0x00007ffff720ecc9 in __GI_raise (sig=sig@entry=6) at ../nptl/sysdeps/unix/sysv/linux/raise.c:56 #1 0x00007ffff72120d8 in __GI_abort () at abort.c:89 #2 0x00007ffff7207b86 in __assert_fail_base ( fmt=0x7ffff7358830 "%s%s%s:%u: %s%sAssertion `%s' failed.\n%n", assertion=assertion@entry=0x47d28c "0 != SP_value", file=file@entry=0x47d24a "hwstack.cpp", line=line@entry=282, function=function@entry=0x47d3a0 <ThreadList::OnSPRead(int)::__PRETTY_FUNCTION__> "void ThreadList::OnSPRead(int)") at assert.c:92 #3 0x00007ffff7207c32 in __GI___assert_fail ( assertion=0x47d28c "0 != SP_value", file=0x47d24a "hwstack.cpp", line=282, function=0x47d3a0 <ThreadList::OnSPRead(int)::__PRETTY_FUNCTION__> "void ThreadList::OnSPRead(int)") at assert.c:101 #4 0x000000000044a30d in ThreadList::OnSPRead (this=this@entry=0x15aa418, SP_value=<optimised out>) at hwstack.cpp:282 #5 0x000000000044a31c in HWStackSram::OnSPReadByTarget ( this=this@entry=0x15aa3d0) at hwstack.cpp:182 #6 0x000000000044a329 in HWStackSram::GetSph (this=0x15aa3d0) at hwstack.cpp:173 #7 0x000000000044ba88 in IOReg<HWStackSram>::get (this=<optimised out>) at rwmem.h:199 #8 0x000000000042b016 in AvrDevice::SetIOReg (this=0x6a43c0, addr=<optimised out>, val=<optimised out>) at avrdevice.cpp:636 ---Type <return> to continue, or q <return> to quit--- #9 0x00000000004328b1 in avr_op_OUT::operator() (this=0x6a5d30) at decoder.cpp:1183 #10 0x000000000042ca4e in AvrDevice::Step (this=0x6a43c0, untilCoreStepFinished=@0x7fffffffd91f: false, nextStepIn_ns=0x7fffffffd8e8) at avrdevice.cpp:512 #11 0x000000000046f59a in SystemClock::Step ( this=this@entry=0x6a2240 <SystemClock::Instance()::obj>, untilCoreStepFinished=@0x7fffffffd91f: false) at systemclock.cpp:157 #12 0x000000000046f778 in SystemClock::Endless ( this=0x6a2240 <SystemClock::Instance()::obj>) at systemclock.cpp:222 #13 0x0000000000406772 in main (argc=<optimised out>, argv=<optimised out>) at cmd/main.cpp:410 (gdb) quit A debugging session is active. Inferior 1 [process 20712] will be killed. _______________________________________________________________________________________ this is, basically, the only modificaiton that I am trying to do, I've looked throug the IOReg, RWMem and some other classes that are involved in this memory access, but I can not figure out what exactly is the problem there. Is there any way of getting the old value that was in the IOReg just before writing into it? I would really appreciate if you can help me with this task. Best regards, -- Nikita _______________________________________________ Simulavr-devel mailing list Simulavr-devel@nongnu.org https://lists.nongnu.org/mailman/listinfo/simulavr-devel