[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Xen-devel] [PATCH v3 09/11] fuzz/x86emul: update fuzzer

To: "Wei Liu" <wei.liu2@xxxxxxxxxx>
From: "Jan Beulich" <JBeulich@xxxxxxxx>
Date: Thu, 02 Feb 2017 10:01:46 -0700
Cc: George Dunlap <george.dunlap@xxxxxxxxxxxxx>, Andrew Cooper <andrew.cooper3@xxxxxxxxxx>, Ian Jackson <ian.jackson@xxxxxxxxxxxxx>, George Dunlap <george.dunlap@xxxxxxxxxx>, Xen-devel <xen-devel@xxxxxxxxxxxxxxxxxxxx>
Delivery-date: Thu, 02 Feb 2017 17:01:57 +0000
List-id: Xen developer discussion <xen-devel.lists.xen.org>

>>> On 02.02.17 at 17:50, <wei.liu2@xxxxxxxxxx> wrote:
> On Thu, Feb 02, 2017 at 05:20:56AM -0700, Jan Beulich wrote:
>> >>> On 01.02.17 at 13:02, <wei.liu2@xxxxxxxxxx> wrote:
>> > +static int fuzz_read_segment(
>> > +    enum x86_segment seg,
>> > +    struct segment_register *reg,
>> > +    struct x86_emulate_ctxt *ctxt)
>> > +{
>> > +    int rc;
>> > +
>> > +    if ( seg >= SEG_NUM )
>> > +        return X86EMUL_UNHANDLEABLE;
>> > +
>> > +    rc = maybe_fail("read_segment", true);
>> > +
>> > +    if ( rc == X86EMUL_OKAY )
>> > +        *reg = input.segments[seg];
>> > +
>> > +    return rc;
>> > +}
>> 
>> Just like with ->read_cr(), this must not vary in returned state
>> between multiple invocations.
> 
> Fixed for both read_segment and write_segment.

Why for write_segment? That one may fail at any time (and wouldn't
normally be invoked more than once for a given segment anyway).

>> > +static int _fuzz_read_msr(
>> > +    unsigned int reg,
>> > +    uint64_t *val,
>> > +    struct x86_emulate_ctxt *ctxt)
>> > +{
>> > +    unsigned int idx;
>> > +
>> > +    switch ( reg )
>> > +    {
>> > +    case MSR_TSC_AUX:
>> > +    case MSR_IA32_TSC:
>> > +        return data_read("read_msr", val, sizeof(*val));
>> 
>> Strictly speaking the above applies to TSC_AUX too. And TSC should
>> return monotonically increasing values. I don't think though that
>> producing random output here matters right now. A comment may
>> be worthwhile.
>> 
> 
> Right, I will add the following:
> 
>         /*
>          * TSC should return monotonically increasing values, but
>          * returning random values is fine in fuzzer.
>          */

What about TSC_AUX then?

Jan


_______________________________________________
Xen-devel mailing list
Xen-devel@xxxxxxxxxxxxx
https://lists.xen.org/xen-devel

Follow-Ups:
- Re: [Xen-devel] [PATCH v3 09/11] fuzz/x86emul: update fuzzer
  - From: Wei Liu

References:
- [Xen-devel] [PATCH v3 00/11] fuzz: update x86emul fuzzer
  - From: Wei Liu
- [Xen-devel] [PATCH v3 09/11] fuzz/x86emul: update fuzzer
  - From: Wei Liu
- Re: [Xen-devel] [PATCH v3 09/11] fuzz/x86emul: update fuzzer
  - From: Jan Beulich
- Re: [Xen-devel] [PATCH v3 09/11] fuzz/x86emul: update fuzzer
  - From: Wei Liu

Prev by Date: Re: [Xen-devel] [PATCH] xen: sched: improve debug dump output.
Next by Date: Re: [Xen-devel] [PATCH v2 5/9] xen/pvh: Prevent PVH guests from using PIC, RTC and IOAPIC
Previous by thread: Re: [Xen-devel] [PATCH v3 09/11] fuzz/x86emul: update fuzzer
Next by thread: Re: [Xen-devel] [PATCH v3 09/11] fuzz/x86emul: update fuzzer
Index(es):
- Date
- Thread

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.