holey-bytes/hbvm/fuzz/fuzz_targets/vm.rs

#![no_main]

use {
    hbbytecode::valider::validate,
    hbvm::{
        mem::softpaging::{
            paging::{PageTable, Permission},
            HandlePageFault, PageSize, SoftPagedMem,
        },
        MemoryAccessReason, Vm,
    },
    libfuzzer_sys::fuzz_target,
};

fuzz_target!(|data: &[u8]| {
    if validate(data).is_ok() {
        let mut vm = unsafe {
            Vm::<_, 16384>::new(
                SoftPagedMem::<_, true> {
                    pf_handler: TestTrapHandler,
                    program:    data,
                    root_pt:    Box::into_raw(Default::default()),
                    icache:     Default::default(),
                },
                0,
            )
        };

        // Alloc and map some memory
        let pages = [
            alloc_and_map(&mut vm.memory, 0),
            alloc_and_map(&mut vm.memory, 4096),
        ];

        unsafe { vm.memory.write() };

        // Run VM
        let _ = vm.run();

        // Unmap and dealloc the memory
        for (i, page) in pages.into_iter().enumerate() {
            unmap_and_dealloc(&mut vm.memory, page, i as u64 * 4096);
        }

        let _ = unsafe { Box::from_raw(vm.memory.root_pt) };
    }
});

fn alloc_and_map(memory: &mut SoftPagedMem<TestTrapHandler>, at: u64) -> *mut u8 {
    let ptr = Box::into_raw(Box::<Page>::default()).cast();
    unsafe {
        memory
            .map(ptr, at, Permission::Write, PageSize::Size4K)
            .unwrap()
    };
    ptr
}

fn unmap_and_dealloc(memory: &mut SoftPagedMem<TestTrapHandler>, ptr: *mut u8, from: u64) {
    memory.unmap(from).unwrap();
    let _ = unsafe { Box::from_raw(ptr.cast::<Page>()) };
}

#[repr(align(4096))]
struct Page([u8; 4096]);
impl Default for Page {
    fn default() -> Self {
        unsafe { std::mem::MaybeUninit::zeroed().assume_init() }
    }
}

struct TestTrapHandler;
impl HandlePageFault for TestTrapHandler {
    fn page_fault(
        &mut self,
        _: MemoryAccessReason,
        _: &mut PageTable,
        _: u64,
        _: PageSize,
        _: *mut u8,
    ) -> bool {
        false
    }
}
Added fuzzy tests 2023-07-25 23:01:53 +00:00			`#![no_main]`

			`use {`
Von-Neumann? 2023-08-09 00:33:03 +00:00			`hbbytecode::valider::validate,`
restruct + no-alloc support 2023-07-25 23:11:21 +00:00			`hbvm::{`
Move stuff, deprecate softpage 2023-08-15 14:32:59 +00:00			`mem::softpaging::{`
Von-Neumann? 2023-08-09 00:33:03 +00:00			`paging::{PageTable, Permission},`
			`HandlePageFault, PageSize, SoftPagedMem,`
			`},`
			`MemoryAccessReason, Vm,`
Added fuzzy tests 2023-07-25 23:01:53 +00:00			`},`
			`libfuzzer_sys::fuzz_target,`
			`};`

			`fuzz_target!(\|data: &[u8]\| {`
Von-Neumann? 2023-08-09 00:33:03 +00:00			`if validate(data).is_ok() {`
			`let mut vm = unsafe {`
			`Vm::<_, 16384>::new(`
Softpage improvements 2023-08-17 23:28:02 +00:00			`SoftPagedMem::<_, true> {`
Von-Neumann? 2023-08-09 00:33:03 +00:00			`pf_handler: TestTrapHandler,`
			`program: data,`
			`root_pt: Box::into_raw(Default::default()),`
Softpage improvements 2023-08-17 23:28:02 +00:00			`icache: Default::default(),`
Von-Neumann? 2023-08-09 00:33:03 +00:00			`},`
			`0,`
			`)`
			`};`

Fixed memory (un)mapping 2023-07-26 10:22:28 +00:00			`// Alloc and map some memory`
			`let pages = [`
			`alloc_and_map(&mut vm.memory, 0),`
			`alloc_and_map(&mut vm.memory, 4096),`
			`];`
Fixed page size, fuzzer now does memory. 2023-07-26 01:27:31 +00:00
Softpage improvements 2023-08-17 23:28:02 +00:00			`unsafe { vm.memory.write() };`

Fixed memory (un)mapping 2023-07-26 10:22:28 +00:00			`// Run VM`
Added fuzzy tests 2023-07-25 23:01:53 +00:00			`let _ = vm.run();`
Fixed page size, fuzzer now does memory. 2023-07-26 01:27:31 +00:00
Fixed memory (un)mapping 2023-07-26 10:22:28 +00:00			`// Unmap and dealloc the memory`
			`for (i, page) in pages.into_iter().enumerate() {`
			`unmap_and_dealloc(&mut vm.memory, page, i as u64 * 4096);`
			`}`
Softpage improvements 2023-08-17 23:28:02 +00:00
			`let _ = unsafe { Box::from_raw(vm.memory.root_pt) };`
Added fuzzy tests 2023-07-25 23:01:53 +00:00			`}`
			`});`

Von-Neumann? 2023-08-09 00:33:03 +00:00			`fn alloc_and_map(memory: &mut SoftPagedMem<TestTrapHandler>, at: u64) -> *mut u8 {`
Fixed memory (un)mapping 2023-07-26 10:22:28 +00:00			`let ptr = Box::into_raw(Box::<Page>::default()).cast();`
			`unsafe {`
			`memory`
Von-Neumann? 2023-08-09 00:33:03 +00:00			`.map(ptr, at, Permission::Write, PageSize::Size4K)`
Fixed memory (un)mapping 2023-07-26 10:22:28 +00:00			`.unwrap()`
			`};`
			`ptr`
			`}`

Von-Neumann? 2023-08-09 00:33:03 +00:00			`fn unmap_and_dealloc(memory: &mut SoftPagedMem<TestTrapHandler>, ptr: *mut u8, from: u64) {`
Fixed memory (un)mapping 2023-07-26 10:22:28 +00:00			`memory.unmap(from).unwrap();`
			`let _ = unsafe { Box::from_raw(ptr.cast::<Page>()) };`
			`}`

Fixed page size, fuzzer now does memory. 2023-07-26 01:27:31 +00:00			`#[repr(align(4096))]`
			`struct Page([u8; 4096]);`
			`impl Default for Page {`
			`fn default() -> Self {`
			`unsafe { std::mem::MaybeUninit::zeroed().assume_init() }`
			`}`
			`}`

Added fuzzy tests 2023-07-25 23:01:53 +00:00			`struct TestTrapHandler;`
			`impl HandlePageFault for TestTrapHandler {`
			`fn page_fault(`
			`&mut self,`
			`_: MemoryAccessReason,`
Von-Neumann? 2023-08-09 00:33:03 +00:00			`_: &mut PageTable,`
Added fuzzy tests 2023-07-25 23:01:53 +00:00			`_: u64,`
			`_: PageSize,`
			`_: *mut u8,`
			`) -> bool {`
			`false`
			`}`
			`}`