static struct ptunit_result next_null(void)
{
struct pt_packet_decoder decoder;
struct pt_packet packet;
int errcode;
errcode = pt_pkt_next(NULL, &packet, sizeof(packet));
ptu_int_eq(errcode, -pte_invalid);
errcode = pt_pkt_next(&decoder, NULL, sizeof(packet));
ptu_int_eq(errcode, -pte_invalid);
return ptu_passed();
}
static struct ptunit_result pfix_test(struct packet_fixture *pfix)
{
int size;
size = pt_enc_next(&pfix->encoder, &pfix->packet[0]);
ptu_int_gt(size, 0);
pfix->packet[0].size = (uint8_t) size;
size = pt_pkt_next(&pfix->decoder, &pfix->packet[1],
sizeof(pfix->packet[1]));
ptu_int_gt(size, 0);
return ptu_pkt_eq(&pfix->packet[0], &pfix->packet[1]);
}
static struct ptunit_result cutoff_cyc(struct packet_fixture *pfix)
{
int size;
pfix->packet[0].type = ppt_cyc;
pfix->packet[0].payload.cyc.value = 0xa8;
size = pt_enc_next(&pfix->encoder, &pfix->packet[0]);
ptu_int_gt(size, 0);
pfix->decoder.config.end = pfix->encoder.pos - 1;
size = pt_pkt_next(&pfix->decoder, &pfix->packet[1],
sizeof(pfix->packet[1]));
ptu_int_eq(size, -pte_eos);
return ptu_passed();
}
static struct ptunit_result cutoff(struct packet_fixture *pfix,
enum pt_packet_type type)
{
int size;
pfix->packet[0].type = type;
size = pt_enc_next(&pfix->encoder, &pfix->packet[0]);
ptu_int_gt(size, 0);
pfix->decoder.config.end = pfix->encoder.pos - 1;
size = pt_pkt_next(&pfix->decoder, &pfix->packet[1],
sizeof(pfix->packet[1]));
ptu_int_eq(size, -pte_eos);
return ptu_passed();
}
static struct ptunit_result cutoff_mode(struct packet_fixture *pfix,
enum pt_mode_leaf leaf)
{
int size;
pfix->packet[0].type = ppt_mode;
pfix->packet[0].payload.mode.leaf = leaf;
size = pt_enc_next(&pfix->encoder, &pfix->packet[0]);
ptu_int_gt(size, 0);
pfix->decoder.config.end = pfix->encoder.pos - 1;
size = pt_pkt_next(&pfix->decoder, &pfix->packet[1],
sizeof(pfix->packet[1]));
ptu_int_eq(size, -pte_eos);
return ptu_passed();
}
void arch_ptAnalyze(honggfuzz_t * hfuzz, fuzzer_t * fuzzer)
{
struct perf_event_mmap_page *pem = (struct perf_event_mmap_page *)fuzzer->linux.perfMmapBuf;
struct pt_config ptc;
pt_config_init(&ptc);
ptc.begin = &fuzzer->linux.perfMmapAux[pem->aux_tail];
ptc.end = &fuzzer->linux.perfMmapAux[pem->aux_head - 1];
int errcode = pt_cpu_errata(&ptc.errata, &ptc.cpu);
if (errcode < 0) {
LOG_F("pt_errata() failed: %s", pt_errstr(errcode));
}
struct pt_packet_decoder *ptd = pt_pkt_alloc_decoder(&ptc);
if (ptd == NULL) {
LOG_F("pt_pkt_alloc_decoder() failed");
}
defer {
pt_pkt_free_decoder(ptd);
};
errcode = pt_pkt_sync_forward(ptd);
if (errcode < 0) {
LOG_W("pt_pkt_sync_forward() failed: %s", pt_errstr(errcode));
return;
}
struct pt_last_ip last_ip;
pt_last_ip_init(&last_ip);
for (;;) {
struct pt_packet packet;
errcode = pt_pkt_next(ptd, &packet, sizeof(packet));
if (errcode == -pte_eos) {
break;
}
if (errcode < 0) {
LOG_W("pt_pkt_next() failed: %s", pt_errstr(errcode));
break;
}
perf_ptAnalyzePkt(hfuzz, fuzzer, &packet, &ptc, &last_ip);
}
}
static struct ptunit_result unknown(struct packet_fixture *pfix, int exp)
{
int size;
pfix->buffer[0] = pt_opc_bad;
pfix->unknown = exp;
size = pt_pkt_next(&pfix->decoder, &pfix->packet[1],
sizeof(pfix->packet[1]));
ptu_int_eq(size, pfix->unknown);
if (size >= 0) {
ptu_int_eq(pfix->packet[1].type, ppt_unknown);
ptu_uint_eq(pfix->packet[1].size, (uint8_t) size);
ptu_ptr_eq(pfix->packet[1].payload.unknown.packet,
pfix->buffer);
ptu_ptr_eq(pfix->packet[1].payload.unknown.priv, pfix);
}
return ptu_passed();
}
