pkg/ifuzz/powerpc: fuzz instruction bits which are not opcodes

The instructions are made of opcode (split in 1..3 groups of fields) and parameters (immediate values, register numbers, flags). The insns.go is expected to have all the bits covered but some bits might be missing which this randomizes. This adds preloading of "RS" for better fuzzing of "mtmsr(d)" instructions ("Move To Machine State Register (Doubleword)"). Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
author: Alexey Kardashevskiy <aik@linux.ibm.com> 2021-08-28 12:45:16 +1000
committer: Dmitry Vyukov <dvyukov@google.com> 2021-09-16 21:37:48 +0200
commit: ec8573b1f61d4321a736204c9e14d62f8a5e5405 (patch)
tree: 3e2a8d9bba6225d96138e7b0bebc284a263c92d4 /pkg
parent: ca8716cc3a7a2ca6b077951ee3c0629a18f7bc28 (diff)
1 files changed, 6 insertions, 1 deletions
diff --git a/pkg/ifuzz/powerpc/powerpc.go b/pkg/ifuzz/powerpc/powerpc.go
index 48c39d4a1..920712b7c 100644
--- a/pkg/ifuzz/powerpc/powerpc.go
+++ b/pkg/ifuzz/powerpc/powerpc.go
@@ -80,10 +80,15 @@ func (insn Insn) Encode(cfg *iset.Config, r *rand.Rand) []byte {
 
 	ret := make([]byte, 0)
 	insn32 := insn.Opcode
+	if len(cfg.MemRegions) != 0 {
+		// The PowerISA pdf parser could have missed some fields,
+		// randomize them there.
+		insn32 |= r.Uint32() & ^insn.Mask
+	}
 	for reg, bits := range insn.Fields {
 		field := uint(r.Intn(1 << 16))
 		insn32 |= encodeBits(field, bits)
-		if len(cfg.MemRegions) != 0 && (reg == "RA" || reg == "RB") {
+		if len(cfg.MemRegions) != 0 && (reg == "RA" || reg == "RB" || reg == "RS") {
 			val := iset.GenerateInt(cfg, r, 8)
 			ret = append(ret, insn.insnMap.ld64(field, val)...)
 		}
author	Alexey Kardashevskiy <aik@linux.ibm.com>	2021-08-28 12:45:16 +1000
committer	Dmitry Vyukov <dvyukov@google.com>	2021-09-16 21:37:48 +0200
commit	ec8573b1f61d4321a736204c9e14d62f8a5e5405 (patch)
tree	3e2a8d9bba6225d96138e7b0bebc284a263c92d4 /pkg
parent	ca8716cc3a7a2ca6b077951ee3c0629a18f7bc28 (diff)