fuzz/fuzz_targets/small_reg_is_always_old_bank_if_possible.rs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56

//! if a register has a single-byte register operand, and it's one of `al`, `bl`, `cl`, or `dl`, it
//! should compare equal to the `RegSpec` produced by `RegSpec::al()` and so on.
//!
//! at one point this was a bug; `RegSpec::al()` would use `RegisterBank::B`, but an instruction
//! with `rex.w` set could get an `al` backed by a `RegSpec` in `RegisterBank::rB`.

#![no_main]
#[macro_use] extern crate libfuzzer_sys;
extern crate yaxpeax_x86;

// this test is not meaningful for 32-bit or 16-bit modes, there are no register synonyms in those
// cases. leaving them in for fuzz targets to match other cases, and In Case Of Future Change.
fuzz_target!(|data: &[u8]| {
    let x86_64_decoder = yaxpeax_x86::long_mode::InstDecoder::default();
    // let x86_32_decoder = yaxpeax_x86::protected_mode::InstDecoder::default();
    // let x86_16_decoder = yaxpeax_x86::real_mode::InstDecoder::default();

    if let Ok(inst) = x86_64_decoder.decode_slice(data) {
        for i in 0..inst.operand_count() {
            match inst.operand(i) {
                yaxpeax_x86::long_mode::Operand::Register(reg) => {
                    if reg.num() < 4 && reg.class() == yaxpeax_x86::long_mode::register_class::RB {
                        assert!(false, "instruction has rex.w register that aliases old byte registers");
                    } else {
                        /* not a potentially-unwanted register */
                    }
                },
                _ => { /* not a relevant operand kind. immediate or memory of some kind. */ }
            }
        }
    };

    /*
    if let Ok(inst) = x86_32_decoder.decode_slice(data) {
        for i in 0..inst.operand_count() {
            match inst.operand(i) {
                Operand::Register(_reg) => {
                    /* not a potentially-unwanted register */
                },
                _ => { /* not a relevant operand kind. immediate or memory of some kind. */ }
            }
        }
    };

    if let Ok(inst) = x86_16_decoder.decode_slice(data) {
        for i in 0..inst.operand_count() {
            match inst.operand(i) {
                Operand::Register(_reg) => {
                    /* not a potentially-unwanted register */
                },
                _ => { /* not a relevant operand kind. immediate or memory of some kind. */ }
            }
        }
    };
    */
});