From: Wei Liu <wei.liu2@citrix.com>
To: Jan Beulich <JBeulich@suse.com>
Cc: Wei Liu <wei.liu2@citrix.com>,
George Dunlap <george.dunlap@eu.citrix.com>,
Andrew Cooper <andrew.cooper3@citrix.com>,
Ian Jackson <ian.jackson@eu.citrix.com>,
George Dunlap <george.dunlap@citrix.com>,
Xen-devel <xen-devel@lists.xenproject.org>
Subject: Re: [PATCH v3 09/11] fuzz/x86emul: update fuzzer
Date: Fri, 3 Feb 2017 11:22:33 +0000 [thread overview]
Message-ID: <20170203112233.yizt33ewmo2ewpfe@citrix.com> (raw)
In-Reply-To: <589439740200007800136659@prv-mh.provo.novell.com>
On Fri, Feb 03, 2017 at 12:04:04AM -0700, Jan Beulich wrote:
> >>> On 02.02.17 at 18:12, <wei.liu2@citrix.com> wrote:
> > On Thu, Feb 02, 2017 at 10:01:46AM -0700, Jan Beulich wrote:
> >> >>> On 02.02.17 at 17:50, <wei.liu2@citrix.com> wrote:
> >> > On Thu, Feb 02, 2017 at 05:20:56AM -0700, Jan Beulich wrote:
> >> >> >>> On 01.02.17 at 13:02, <wei.liu2@citrix.com> wrote:
> >> >> > +static int _fuzz_read_msr(
> >> >> > + unsigned int reg,
> >> >> > + uint64_t *val,
> >> >> > + struct x86_emulate_ctxt *ctxt)
> >> >> > +{
> >> >> > + unsigned int idx;
> >> >> > +
> >> >> > + switch ( reg )
> >> >> > + {
> >> >> > + case MSR_TSC_AUX:
> >> >> > + case MSR_IA32_TSC:
> >> >> > + return data_read("read_msr", val, sizeof(*val));
> >> >>
> >> >> Strictly speaking the above applies to TSC_AUX too. And TSC should
> >> >> return monotonically increasing values. I don't think though that
> >> >> producing random output here matters right now. A comment may
> >> >> be worthwhile.
> >> >>
> >> >
> >> > Right, I will add the following:
> >> >
> >> > /*
> >> > * TSC should return monotonically increasing values, but
> >> > * returning random values is fine in fuzzer.
> >> > */
> >>
> >> What about TSC_AUX then?
> >>
> >
> > What model would you like it to follow? I suppose returning random value
> > is also fine? I.e. I should just add TSC_AUX to the comment as well.
>
> That's one option. Even better would be to consistently return
> the same (possibly random) value. But the value itself isn't being
> looked at by the emulator, and iirc the MSR also isn't ever being
> read multiple times, so it really doesn't matter as long as the
> caller(s) of x86_emulate() do(es)n't care.
Returning consistent doable but that would involve rewriting a
significant portion of the fuzzer. Let's leave it for another day.
I will modify the comment as follows:
/*
* TSC should return monotonically increasing values, TSC_AUX should
* preferably return consistent value, but returning random values
* is fine in fuzzer.
*/
>
> Jan
>
_______________________________________________
Xen-devel mailing list
Xen-devel@lists.xen.org
https://lists.xen.org/xen-devel
next prev parent reply other threads:[~2017-02-03 11:22 UTC|newest]
Thread overview: 28+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-02-01 12:02 [PATCH v3 00/11] fuzz: update x86emul fuzzer Wei Liu
2017-02-01 12:02 ` [PATCH v3 01/11] x86emul/test: add missing dependency for x86_emulate.o Wei Liu
2017-02-01 13:03 ` Jan Beulich
2017-02-02 17:43 ` Wei Liu
2017-02-03 7:01 ` Jan Beulich
2017-02-01 12:02 ` [PATCH v3 02/11] x86: extract macros to x86-defns.h Wei Liu
2017-02-01 13:05 ` Jan Beulich
2017-02-02 16:58 ` Wei Liu
2017-02-01 12:02 ` [PATCH v3 03/11] x86: extract vendor numeric id to x86-vendors.h Wei Liu
2017-02-01 12:02 ` [PATCH v3 04/11] x86emul/test: use x86-vendors.h Wei Liu
2017-02-01 13:09 ` Jan Beulich
2017-02-01 13:13 ` Andrew Cooper
2017-02-01 13:22 ` Wei Liu
2017-02-01 13:26 ` Jan Beulich
2017-02-01 12:02 ` [PATCH v3 05/11] x86emul: use eflags definitions in x86-defns.h Wei Liu
2017-02-01 12:02 ` [PATCH v3 06/11] x86emul: use msr definitions in msr-index.h Wei Liu
2017-02-01 12:02 ` [PATCH v3 07/11] x86: add UMIP CR4 bit Wei Liu
2017-02-01 12:02 ` [PATCH v3 08/11] x86emul: use CR definitions in x86-defns.h Wei Liu
2017-02-01 12:02 ` [PATCH v3 09/11] fuzz/x86emul: update fuzzer Wei Liu
2017-02-01 16:57 ` Wei Liu
2017-02-02 12:20 ` Jan Beulich
2017-02-02 16:50 ` Wei Liu
2017-02-02 17:01 ` Jan Beulich
2017-02-02 17:12 ` Wei Liu
2017-02-03 7:04 ` Jan Beulich
2017-02-03 11:22 ` Wei Liu [this message]
2017-02-01 12:02 ` [PATCH v3 10/11] fuzz/x86emul: print out minimal input size Wei Liu
2017-02-01 12:02 ` [PATCH v3 11/11] fuzz: update README.afl example Wei Liu
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20170203112233.yizt33ewmo2ewpfe@citrix.com \
--to=wei.liu2@citrix.com \
--cc=JBeulich@suse.com \
--cc=andrew.cooper3@citrix.com \
--cc=george.dunlap@citrix.com \
--cc=george.dunlap@eu.citrix.com \
--cc=ian.jackson@eu.citrix.com \
--cc=xen-devel@lists.xenproject.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).