qemu-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [PATCH v2 0/2] gitlab-ci.yml: Add jobs to test CFI

From: Daniele Buono
Subject: Re: [PATCH v2 0/2] gitlab-ci.yml: Add jobs to test CFI
Date: Mon, 1 Mar 2021 15:39:42 -0500
User-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 
Hi Daniel,

On 3/1/2021 10:08 AM, Daniel P. Berrangé wrote:

What are the unique failure scenarios for CFI that these jobs are
likely to expose ? Is it likely that we'll have cases where
CFI succeeds in say, x86_64 target, but fails in aarch64 target ?
For CFI to fail (even if it shouldn't) you'll need code that is calling a function pointer that was not well defined at compile time. Although 
unlikely, that could happen everywhere in the code.
So by just testing one (or few) targets we are are not covering the code in the TCG frontend used to compile the target ISA to tcg ops, which should be the in target/, and the architecture-dependent code in linux-user.
That code seems unlikely (at least to me) to cause a false positive with CFI. Examples that I've seen in QEMU so far are: 
- Calling code that was JIT-ed at runtime
- Callbacks to functions that were loaded from shared libraries
- Signal Handlers
And none of those should happen there IMHO. But you know, corner cases are still possible, and it's quite difficult to predict what new code may bring.
We could also consider always testing one or two targets, and keep an optional job to test them all when deemed necessary. I'm thinking for example full testing when code in target/ or linux-user/ is considered, or for testing pre-release code. Would be nice to have this automated but I am not sure that's possible. 

Regards,
Daniele
reply via email to
[Prev in Thread] Current Thread [Next in Thread]