syzkaller: github.com/google/syzkaller/pkg/ifuzz Index | Files | Directories

package ifuzz

import "github.com/google/syzkaller/pkg/ifuzz"

Package ifuzz allows to generate and mutate x86 machine code.

Index

Package Files

decode.go encode.go ifuzz.go pseudo.go

Constants

const (
    ModeLong64 = iota
    ModeProt32
    ModeProt16
    ModeReal16
    ModeLast
)

Variables

var (
    Insns []*Insn
)
var XedDecode func(mode int, text []byte) (int, error)

func Decode Uses

func Decode(mode int, text []byte) (int, error)

Decode decodes instruction length for the given mode. It can have falsely decode incorrect instructions, but should not fail to decode correct instructions. nolint: gocyclo

func Generate Uses

func Generate(cfg *Config, r *rand.Rand) []byte

func Mutate Uses

func Mutate(cfg *Config, r *rand.Rand, text []byte) []byte

type Config Uses

type Config struct {
    Len        int         // number of instructions to generate
    Mode       int         // one of ModeXXX
    Priv       bool        // generate CPL=0 instructions
    Exec       bool        // generate instructions sequences interesting for execution
    MemRegions []MemRegion // generated instructions will reference these regions
}

type Insn Uses

type Insn struct {
    Name      string
    Extension string

    Mode   int  // bitmask of compatible modes
    Priv   bool // CPL=0
    Pseudo bool // pseudo instructions can consist of several real instructions

    Opcode      []byte
    Prefix      []byte
    Suffix      []byte
    Modrm       bool
    Mod         int8
    Reg         int8 // -6 - segment register, -8 - control register
    Rm          int8
    Srm         bool // register is embed in the first byte
    NoSibDisp   bool // no SIB/disp even if modrm says otherwise
    Imm         int8 // immediate size, -1 - immediate size, -2 - address size, -3 - operand size
    Imm2        int8
    NoRepPrefix bool
    No66Prefix  bool
    Rexw        int8 // 1 must be set, -1 must not be set
    Mem32       bool // instruction always references 32-bit memory operand, 0x67 is illegal
    Mem16       bool // instruction always references 16-bit memory operand

    Vex        byte
    VexMap     byte
    VexL       int8
    VexNoR     bool
    VexP       int8
    Avx2Gather bool
    // contains filtered or unexported fields
}

func ModeInsns Uses

func ModeInsns(cfg *Config) []*Insn

ModeInsns returns list of all instructions for the given mode.

func (*Insn) Encode Uses

func (insn *Insn) Encode(cfg *Config, r *rand.Rand) []byte

nolint: gocyclo

type MemRegion Uses

type MemRegion struct {
    Start uint64
    Size  uint64
}

Directories

PathSynopsis
gengen generates instruction tables (ifuzz/insns.go) from Intel XED tables.
generated

Package ifuzz imports 3 packages (graph) and is imported by 6 packages. Updated 2019-06-28. Refresh now. Tools for package owners.