Hi, sorry about the late respond. I tried your suggestion, it works. I'm kind
of surprised too, since such problem should exposed long time ago.
I looked deep into your suggestion. I believe you were right about it, since p
- ctxt->io_emul_stub won't overflow and the pointer overflow is likel
After patching it, this works fine and UBSAN dose not have any error report
about it.
-- Original --
From: "Andrew Cooper";
Hi, when I look the source code in Xen-4.15 source code, I found a type
mismatch.
In detailed, in xen/arch/x86/msi.c:find_msi_entry, there is a comparison
between entry->msi_attrib.type and cap_id. However, according to the
definition, the type appears to be __u8, where is a char variable, and
Hi, I compile Xen-4.13 with CONFIG_UBSAN, and try test it. However, during
testing, xl dmesg got the output as shown below.
It seems that there is a potential pointer overflow within
arch/x86/pv/emul-priv-op.c:131 where xen try to execute instruction '''
APPEND_CALL(save_guest_gprs) '''??where
Hi, I'm attempting to use address sanitizer in locating bugs in Xen 4-13, while
use address sanitizer in tools modules, while I ran some basic instructions
like xl, Xen report such bug:
=
==2863==ERROR: LeakSanitizer: detected memory
Hi, I'm attempting to use address sanitizer in locating bugs in Xen 4-13, while
use address sanitizer in tools modules, while I ran some basic instructions
like xl, Xen report such bug:
=
==2863==ERROR: LeakSanitizer: detected memory
