mirror of
https://github.com/yuzu-emu/unicorn.git
synced 2024-12-23 10:55:34 +00:00
two more testcases
This commit is contained in:
parent
c7a97ac0be
commit
bfbe91834e
|
@ -44,14 +44,14 @@ uint64_t get_aligned_len(){
|
||||||
void perform_map_step(uc_engine *uc){
|
void perform_map_step(uc_engine *uc){
|
||||||
uint64_t addr = get_aligned_addr();
|
uint64_t addr = get_aligned_addr();
|
||||||
uint64_t len = get_aligned_len();
|
uint64_t len = get_aligned_len();
|
||||||
printf("map(0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
|
printf("map(uc,0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
|
||||||
uc_mem_map(uc, addr, len, UC_PROT_READ | UC_PROT_WRITE);
|
uc_mem_map(uc, addr, len, UC_PROT_READ | UC_PROT_WRITE);
|
||||||
}
|
}
|
||||||
|
|
||||||
void perform_unmap_step(uc_engine *uc){
|
void perform_unmap_step(uc_engine *uc){
|
||||||
uint64_t addr = get_aligned_addr();
|
uint64_t addr = get_aligned_addr();
|
||||||
uint64_t len = get_aligned_len();
|
uint64_t len = get_aligned_len();
|
||||||
printf("unmap(0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
|
printf("unmap(uc,0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
|
||||||
uc_mem_unmap(uc, addr, len);
|
uc_mem_unmap(uc, addr, len);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -60,7 +60,7 @@ void perform_write_step(uc_engine *uc){
|
||||||
memset(buff, 0, 4096*4);
|
memset(buff, 0, 4096*4);
|
||||||
uint64_t addr = get_addr();
|
uint64_t addr = get_addr();
|
||||||
uint64_t len = get_len()%(4096*3);
|
uint64_t len = get_len()%(4096*3);
|
||||||
printf("write(0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
|
printf("write(uc,0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
|
||||||
uc_mem_write(uc, addr, buff, len);
|
uc_mem_write(uc, addr, buff, len);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -68,16 +68,16 @@ void perform_read_step(uc_engine *uc){
|
||||||
char* buff[4096*4];
|
char* buff[4096*4];
|
||||||
uint64_t addr = get_addr();
|
uint64_t addr = get_addr();
|
||||||
uint64_t len = get_len()%(4096*3);
|
uint64_t len = get_len()%(4096*3);
|
||||||
printf("read(0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
|
printf("read(uc,0x%"PRIx64",0x%"PRIx64"); //%d\n", addr, len, step);
|
||||||
uc_mem_read(uc, addr, buff, len);
|
uc_mem_read(uc, addr, buff, len);
|
||||||
}
|
}
|
||||||
|
|
||||||
void perform_fuzz_step(uc_engine *uc){
|
void perform_fuzz_step(uc_engine *uc){
|
||||||
switch( ((uint32_t)rand())%2 ){
|
switch( ((uint32_t)rand())%4 ){
|
||||||
case 0: perform_map_step(uc); break;
|
case 0: perform_map_step(uc); break;
|
||||||
case 1: perform_unmap_step(uc); break;
|
case 1: perform_unmap_step(uc); break;
|
||||||
//case 2: perform_read_step(uc); break;
|
case 2: perform_read_step(uc); break;
|
||||||
//case 3: perform_write_step(uc); break;
|
case 3: perform_write_step(uc); break;
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -158,6 +158,52 @@ static void test_strange_map(void **state)
|
||||||
uc_mem_unmap(uc, 0x0,0x1000);
|
uc_mem_unmap(uc, 0x0,0x1000);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
void write(uc_engine* uc, uint64_t addr, uint64_t len){
|
||||||
|
uint8_t* buff = alloca(len);
|
||||||
|
memset(buff,0,len);
|
||||||
|
uc_mem_write(uc, addr, buff, len);
|
||||||
|
|
||||||
|
}
|
||||||
|
|
||||||
|
void read(uc_engine* uc, uint64_t addr, uint64_t len){
|
||||||
|
uint8_t* buff = alloca(len);
|
||||||
|
uc_mem_read(uc, addr, buff, len);
|
||||||
|
}
|
||||||
|
|
||||||
|
void map(uc_engine* uc, uint64_t addr, uint64_t len){
|
||||||
|
uc_mem_map(uc, addr, len, UC_PROT_READ | UC_PROT_WRITE);
|
||||||
|
}
|
||||||
|
|
||||||
|
void unmap(uc_engine* uc, uint64_t addr, uint64_t len){
|
||||||
|
uc_mem_unmap(uc, addr, len);
|
||||||
|
}
|
||||||
|
|
||||||
|
//most likely same bug as in test_strange_map, but looked different in fuzzer (sefault instead of assertion fail)
|
||||||
|
static void test_assertion_fail(void **state){
|
||||||
|
uc_engine *uc = *state;
|
||||||
|
|
||||||
|
map(uc,0x2000,0x4000); //5
|
||||||
|
unmap(uc,0x3000,0x2000); //11
|
||||||
|
map(uc,0x0,0x2000); //23
|
||||||
|
map(uc,0x3000,0x2000); //24
|
||||||
|
map(uc,0x9000,0x4000); //32
|
||||||
|
map(uc,0x8000,0x1000); //34
|
||||||
|
unmap(uc,0x1000,0x4000); //35
|
||||||
|
}
|
||||||
|
|
||||||
|
static void test_bad_offset(void **state){
|
||||||
|
uc_engine *uc = *state;
|
||||||
|
map(uc,0x9000,0x4000); //17
|
||||||
|
map(uc,0x4000,0x2000); //32
|
||||||
|
unmap(uc,0x5000,0x1000); //35
|
||||||
|
map(uc,0x0,0x1000); //42
|
||||||
|
map(uc,0x5000,0x4000); //51
|
||||||
|
map(uc,0x2000,0x1000); //53
|
||||||
|
map(uc,0x1000,0x1000); //55
|
||||||
|
unmap(uc,0x7000,0x3000); //58
|
||||||
|
unmap(uc,0x5000,0x1000); //59
|
||||||
|
unmap(uc,0x4000,0x2000); //70
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
@ -167,6 +213,8 @@ int main(void) {
|
||||||
test(test_basic),
|
test(test_basic),
|
||||||
//test(test_bad_read),
|
//test(test_bad_read),
|
||||||
//test(test_bad_write),
|
//test(test_bad_write),
|
||||||
|
test(test_bad_offset),
|
||||||
|
test(test_assertion_fail),
|
||||||
test(test_bad_unmap),
|
test(test_bad_unmap),
|
||||||
test(test_rw_across_boundaries),
|
test(test_rw_across_boundaries),
|
||||||
test(test_unmap_double_map),
|
test(test_unmap_double_map),
|
||||||
|
|
Loading…
Reference in a new issue