diff --git a/hbvm/fuzz/.gitignore b/hbvm/fuzz/.gitignore new file mode 100644 index 000000000..615384a80 --- /dev/null +++ b/hbvm/fuzz/.gitignore @@ -0,0 +1,5 @@ +target +artifacts +corpus +coverage +Cargo.lock \ No newline at end of file diff --git a/hbvm/fuzz/Cargo.toml b/hbvm/fuzz/Cargo.toml new file mode 100644 index 000000000..f6bc61644 --- /dev/null +++ b/hbvm/fuzz/Cargo.toml @@ -0,0 +1,27 @@ +[package] +name = "hbvm-fuzz" +version = "0.0.0" +publish = false +edition = "2021" + +[package.metadata] +cargo-fuzz = true + +[dependencies] +libfuzzer-sys = "0.4" + +[dependencies.hbvm] +path = ".." + +# Prevent this from interfering with workspaces +[workspace] +members = ["."] + +[profile.release] +debug = 1 + +[[bin]] +name = "vm" +path = "fuzz_targets/vm.rs" +test = false +doc = false diff --git a/hbvm/fuzz/fuzz_targets/vm.rs b/hbvm/fuzz/fuzz_targets/vm.rs new file mode 100644 index 000000000..137190308 --- /dev/null +++ b/hbvm/fuzz/fuzz_targets/vm.rs @@ -0,0 +1,29 @@ +#![no_main] + +use { + hbvm::vm::{ + mem::{HandlePageFault, Memory, MemoryAccessReason, PageSize}, + Vm, + }, + libfuzzer_sys::fuzz_target, +}; + +fuzz_target!(|data: &[u8]| { + if let Ok(mut vm) = Vm::<_, 0>::new_validated(data, TestTrapHandler) { + let _ = vm.run(); + } +}); + +struct TestTrapHandler; +impl HandlePageFault for TestTrapHandler { + fn page_fault( + &mut self, + _: MemoryAccessReason, + _: &mut Memory, + _: u64, + _: PageSize, + _: *mut u8, + ) -> bool { + false + } +}