From cd46cefdd74b9ad0b225706f4d4b5864e87d97d6 Mon Sep 17 00:00:00 2001
From: Marvin Borner
Date: Sat, 24 Apr 2021 22:44:13 +0200
Subject: Started syscall fuzzer

---
 apps/test/Makefile |  2 +-
 apps/test/fuzz.c   | 53 +++++++++++++++++++++++++++++++++++++++++++++++++++++
 apps/test/test.c   |  4 ++++
 apps/test/test.h   |  8 ++++++++
 4 files changed, 66 insertions(+), 1 deletion(-)
 create mode 100644 apps/test/fuzz.c
 create mode 100644 apps/test/test.h

(limited to 'apps')

diff --git a/apps/test/Makefile b/apps/test/Makefile
index 2b4a33b..78a913d 100644
--- a/apps/test/Makefile
+++ b/apps/test/Makefile
@@ -1,6 +1,6 @@
 # MIT License, Copyright (c) 2021 Marvin Borner
 
-OBJS = test.o
+OBJS = test.o fuzz.o
 
 all: $(OBJS)
 	@mkdir -p $(BUILD)/apps/test/
diff --git a/apps/test/fuzz.c b/apps/test/fuzz.c
new file mode 100644
index 0000000..c871038
--- /dev/null
+++ b/apps/test/fuzz.c
@@ -0,0 +1,53 @@
+// MIT License, Copyright (c) 2021 Marvin Borner
+
+#include "test.h"
+
+#include <def.h>
+#include <print.h>
+#include <rand.h>
+#include <sys.h>
+
+#define FUZZ_COUNT 1000
+
+static res syscall(enum sys num, int d1, int d2, int d3, int d4, int d5)
+{
+	int a;
+	__asm__ volatile("int $0x80"
+			 : "=a"(a)
+			 : "0"(num), "b"((int)d1), "c"((int)d2), "d"((int)d3), "S"((int)d4),
+			   "D"((int)d5));
+	return a;
+}
+
+static u8 deadly_call(enum sys num)
+{
+	return num == SYS_EXIT;
+}
+
+static enum sys random_call(void)
+{
+	u32 num;
+	do {
+		num = rand_range(SYS_MIN, SYS_MAX);
+	} while (deadly_call(num));
+	return num;
+}
+
+void fuzz(void)
+{
+	u32 cnt = FUZZ_COUNT;
+	while (cnt) {
+		enum sys num = random_call();
+		u32 d1 = rand();
+		u32 d2 = rand();
+		u32 d3 = rand();
+		u32 d4 = rand();
+		u32 d5 = rand();
+
+		log("%d\n", syscall(num, d1, d2, d3, d4, d5));
+
+		cnt--;
+	}
+
+	log("Fuzzer: OK!\n");
+}
diff --git a/apps/test/test.c b/apps/test/test.c
index ac1bb2c..2101412 100644
--- a/apps/test/test.c
+++ b/apps/test/test.c
@@ -1,5 +1,7 @@
 // MIT License, Copyright (c) 2020 Marvin Borner
 
+#include "test.h"
+
 #include <conv.h>
 #include <crypto.h>
 #include <math.h>
@@ -93,6 +95,8 @@ int main(void)
 	test_conv();
 	test_mem();
 
+	/* fuzz(); */
+
 	if (failed)
 		log("%d tests failed\n", failed);
 	else
diff --git a/apps/test/test.h b/apps/test/test.h
new file mode 100644
index 0000000..0c2305c
--- /dev/null
+++ b/apps/test/test.h
@@ -0,0 +1,8 @@
+// MIT License, Copyright (c) 2021 Marvin Borner
+
+#ifndef TEST_H
+#define TEST_H
+
+void fuzz(void);
+
+#endif
-- 
cgit v1.2.3