|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 07/10] tools/insn-fuzz: Provide IA32_DEBUGCTL consistently to the emulator
On 27/03/17 12:53, Jan Beulich wrote: >>>> On 27.03.17 at 11:56, <andrew.cooper3@xxxxxxxxxx> wrote: >> x86_emulates()'s is_branch_step() performs a speculative read of >> IA32_DEBUGCTL, but doesn't squash exceptions should they arise. In reality, >> this MSR is always available. >> >> Signed-off-by: Andrew Cooper <andrew.cooper3@xxxxxxxxxx> > Reviewed-by: Jan Beulich <jbeulich@xxxxxxxx> Thanks. > While looking at this I did notice though that the use of > MSR_INDEX_MAX leads to MSR index zero > (MSR_IA32_P5_MC_ADDR) to always have a value of zero (until > all array slots would actually be used). Not actively a problem > right now, but not entirely correct either. I have some plans to entirely rework the MSR/CR handing in the fuzzing harness. At the moment, AFL is wasting a lot of effort mutating large areas of the input corpus to try and find new paths, to no avail. This change is the minimum required to satisfy the existing assertions. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
 |
Lists.xenproject.org is hosted with RackSpace, monitoring our |