[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [Xen-devel] [PATCH 10/10] tools/insn-fuzz: Always use x86_swint_emulate_all
On 27/03/17 12:00, George Dunlap wrote: > On 27/03/17 10:56, Andrew Cooper wrote: >> The swint_emulate parameter indicates how much extra work the emulator needs >> to do to cover issues with certain hardware injection methods. >> >> Using x86_swint_emulate_all opens up maximum coverage in the emulator. > Uh, no -- removing this means all of the x86_swint_emulate_none > codepaths don't get tested. Which codepaths are these? > > The idea here is to make sure that the emulator works for all possible > inputs. Changing this means that there could (in theory) be a bug that > is only triggered when ctx->swint_emulate != x86_swint_emulate_all that > we wouldn't catch. swint_emulate isn't a regular input. The only thing it gates is whether we do work in inject_swint() or not, and it only exists because of SVM's inability to correctly inject certain events. (In fact, the more I think about it, the more I think it ought to move into the svm code rather than polluting the common emulator.) This property is not going to change, and coverage inside inject_swint() is far more important from a fuzzing point of view. ~Andrew _______________________________________________ Xen-devel mailing list Xen-devel@xxxxxxxxxxxxx https://lists.xen.org/xen-devel
|
Lists.xenproject.org is hosted with RackSpace, monitoring our |