From ec8573b1f61d4321a736204c9e14d62f8a5e5405 Mon Sep 17 00:00:00 2001
From: Alexey Kardashevskiy <aik@linux.ibm.com>
Date: Sat, 28 Aug 2021 12:45:16 +1000
Subject: pkg/ifuzz/powerpc: fuzz instruction bits which are not opcodes

The instructions are made of opcode (split in 1..3 groups of fields) and
parameters (immediate values, register numbers, flags). The insns.go is
expected to have all the bits covered but some bits might be missing which
this randomizes.

This adds preloading of "RS" for better fuzzing of "mtmsr(d)"
instructions ("Move To Machine State Register (Doubleword)").

Signed-off-by: Alexey Kardashevskiy <aik@linux.ibm.com>
---
 pkg/ifuzz/powerpc/powerpc.go | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

(limited to 'pkg')

diff --git a/pkg/ifuzz/powerpc/powerpc.go b/pkg/ifuzz/powerpc/powerpc.go
index 48c39d4a1..920712b7c 100644
--- a/pkg/ifuzz/powerpc/powerpc.go
+++ b/pkg/ifuzz/powerpc/powerpc.go
@@ -80,10 +80,15 @@ func (insn Insn) Encode(cfg *iset.Config, r *rand.Rand) []byte {
 
 	ret := make([]byte, 0)
 	insn32 := insn.Opcode
+	if len(cfg.MemRegions) != 0 {
+		// The PowerISA pdf parser could have missed some fields,
+		// randomize them there.
+		insn32 |= r.Uint32() & ^insn.Mask
+	}
 	for reg, bits := range insn.Fields {
 		field := uint(r.Intn(1 << 16))
 		insn32 |= encodeBits(field, bits)
-		if len(cfg.MemRegions) != 0 && (reg == "RA" || reg == "RB") {
+		if len(cfg.MemRegions) != 0 && (reg == "RA" || reg == "RB" || reg == "RS") {
 			val := iset.GenerateInt(cfg, r, 8)
 			ret = append(ret, insn.insnMap.ld64(field, val)...)
 		}
-- 
cgit mrf-deployment