diff options
author | Maria Kustova <maxa@catit.be> | 2014-08-11 15:01:09 +0400 |
---|---|---|
committer | Stefan Hajnoczi <stefanha@redhat.com> | 2014-08-15 18:03:14 +0100 |
commit | eeadd9248707c3952de22012974ebdc1e17f2cba (patch) | |
tree | 48f559abc5f251b80a26df3fc04b798a2293aeb3 /tests | |
parent | 489cb4d7f958f443556a6e47fbd23344183408ac (diff) | |
download | qemu-eeadd9248707c3952de22012974ebdc1e17f2cba.zip qemu-eeadd9248707c3952de22012974ebdc1e17f2cba.tar.gz qemu-eeadd9248707c3952de22012974ebdc1e17f2cba.tar.bz2 |
image-fuzzer: Add fuzzing functions for L1/L2 table entries
Signed-off-by: Maria Kustova <maria.k@catit.be>
Signed-off-by: Stefan Hajnoczi <stefanha@redhat.com>
Diffstat (limited to 'tests')
-rw-r--r-- | tests/image-fuzzer/qcow2/fuzz.py | 28 |
1 files changed, 28 insertions, 0 deletions
diff --git a/tests/image-fuzzer/qcow2/fuzz.py b/tests/image-fuzzer/qcow2/fuzz.py index a53c84f..57527f9 100644 --- a/tests/image-fuzzer/qcow2/fuzz.py +++ b/tests/image-fuzzer/qcow2/fuzz.py @@ -325,3 +325,31 @@ def feature_name(current): truncate_string(STRING_V, 46) # Fuzz padding (field length = 46) ] return selector(current, constraints, string_validator) + + +def l1_entry(current): + """Fuzz an entry of the L1 table.""" + constraints = UINT64_V + # Reserved bits are ignored + # Added a possibility when only flags are fuzzed + offset = 0x7fffffffffffffff & random.choice([selector(current, + constraints), + current]) + is_cow = random.randint(0, 1) + return offset + (is_cow << UINT64_M) + + +def l2_entry(current): + """Fuzz an entry of an L2 table.""" + constraints = UINT64_V + # Reserved bits are ignored + # Add a possibility when only flags are fuzzed + offset = 0x3ffffffffffffffe & random.choice([selector(current, + constraints), + current]) + is_compressed = random.randint(0, 1) + is_cow = random.randint(0, 1) + is_zero = random.randint(0, 1) + value = offset + (is_cow << UINT64_M) + \ + (is_compressed << UINT64_M - 1) + is_zero + return value |