[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Qemu-devel] [PATCH 2/3] fuzz: Add fuzzing functions for entries of
|
From: |
Fam Zheng |
|
Subject: |
Re: [Qemu-devel] [PATCH 2/3] fuzz: Add fuzzing functions for entries of refcount table and blocks |
|
Date: |
Tue, 19 Aug 2014 15:36:01 +0800 |
|
User-agent: |
Mutt/1.5.23 (2014-03-12) |
On Mon, 08/11 15:55, Maria Kustova wrote:
> Signed-off-by: Maria Kustova <address@hidden>
> ---
> tests/image-fuzzer/qcow2/fuzz.py | 16 +++++++++++++++-
> 1 file changed, 15 insertions(+), 1 deletion(-)
>
> diff --git a/tests/image-fuzzer/qcow2/fuzz.py
> b/tests/image-fuzzer/qcow2/fuzz.py
> index 57527f9..5852b4d 100644
> --- a/tests/image-fuzzer/qcow2/fuzz.py
> +++ b/tests/image-fuzzer/qcow2/fuzz.py
> @@ -18,8 +18,8 @@
>
> import random
>
> -
> UINT8 = 0xff
> +UINT16 = 0xffff
> UINT32 = 0xffffffff
> UINT64 = 0xffffffffffffffff
> # Most significant bit orders
> @@ -28,6 +28,8 @@ UINT64_M = 63
> # Fuzz vectors
> UINT8_V = [0, 0x10, UINT8/4, UINT8/2 - 1, UINT8/2, UINT8/2 + 1, UINT8 - 1,
> UINT8]
> +UINT16_V = [0, 0x100, 0x1000, UINT16/4, UINT16/2 - 1, UINT16/2, UINT16/2 + 1,
> + UINT16 - 1, UINT16]
> UINT32_V = [0, 0x100, 0x1000, 0x10000, 0x100000, UINT32/4, UINT32/2 - 1,
> UINT32/2, UINT32/2 + 1, UINT32 - 1, UINT32]
> UINT64_V = UINT32_V + [0x1000000, 0x10000000, 0x100000000, UINT64/4,
Seeing some pattern in the vectors, but since the types are very few, we can
just construct it like this for now.
> @@ -353,3 +355,15 @@ def l2_entry(current):
> value = offset + (is_cow << UINT64_M) + \
> (is_compressed << UINT64_M - 1) + is_zero
> return value
> +
> +
> +def refcount_table_entry(current):
> + """Fuzz an entry of the refcount table."""
> + constraints = UINT64_V
> + return selector(current, constraints)
> +
> +
> +def refcount_block_entry(current):
> + """Fuzz an entry of a refcount block."""
> + constraints = UINT16_V
> + return selector(current, constraints)
> --
> 1.9.3
>
Reviewed-by: Fam Zheng <address@hidden>