From 14aa35d19ab1a29afdf284869953bc39e7e128d5 Mon Sep 17 00:00:00 2001 From: Erin Date: Wed, 26 Jul 2023 03:27:31 +0200 Subject: [PATCH] Fixed page size, fuzzer now does memory. --- hbvm/fuzz/fuzz_targets/vm.rs | 24 ++++++++++++++++++++++++ hbvm/src/mem/mod.rs | 4 ++-- 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/hbvm/fuzz/fuzz_targets/vm.rs b/hbvm/fuzz/fuzz_targets/vm.rs index 4f27fbb7..3a30dac0 100644 --- a/hbvm/fuzz/fuzz_targets/vm.rs +++ b/hbvm/fuzz/fuzz_targets/vm.rs @@ -10,10 +10,34 @@ use { fuzz_target!(|data: &[u8]| { if let Ok(mut vm) = Vm::<_, 16384>::new_validated(data, TestTrapHandler, Default::default()) { + let page = Box::into_raw(Box::::default()); + + unsafe { + vm.memory + .map( + page.cast(), + 0, + hbvm::mem::paging::Permission::Write, + PageSize::Size4K, + ) + .unwrap() + }; + let _ = vm.run(); + + vm.memory.unmap(0).unwrap(); + let _ = unsafe { Box::from_raw(page) }; } }); +#[repr(align(4096))] +struct Page([u8; 4096]); +impl Default for Page { + fn default() -> Self { + unsafe { std::mem::MaybeUninit::zeroed().assume_init() } + } +} + struct TestTrapHandler; impl HandlePageFault for TestTrapHandler { fn page_fault( diff --git a/hbvm/src/mem/mod.rs b/hbvm/src/mem/mod.rs index 493de635..76809bfb 100644 --- a/hbvm/src/mem/mod.rs +++ b/hbvm/src/mem/mod.rs @@ -365,7 +365,7 @@ impl Iterator for AddrPageLookuper { perm, PageSize::from_lvl(lvl)?, // In-page offset - self.addr as usize & ((1 << (lvl * 9 + 12)) - 1), + addr_extract_index(self.addr, lvl), ); } } @@ -393,7 +393,7 @@ impl Iterator for AddrPageLookuper { /// the output of the function is unspecified (yes, it can also panic :) pub fn addr_extract_index(addr: u64, lvl: u8) -> usize { debug_assert!(lvl <= 4); - usize::try_from((addr >> (lvl * 9 + 12)) & ((1 << 9) - 1)).expect("?conradluget a better CPU") + usize::try_from((addr >> (lvl * 8 + 12)) & ((1 << 8) - 1)).expect("?conradluget a better CPU") } /// Page size