Press on fuzzing the other unknowns
authorCafe <cafe@not.applicable>
Thu, 6 Jul 2017 00:00:00 +0000 (00:00 +0000)
committerCafe <cafe@not.applicable>
Thu, 6 Jul 2017 17:45:39 +0000 (17:45 +0000)
fuzz.c

diff --git a/fuzz.c b/fuzz.c
index 8e23397f94cf8292a254cee4373abb7bb471b7b7..5a5447da26274a5ee0ac8690974c64661392820b 100644 (file)
--- a/fuzz.c
+++ b/fuzz.c
@@ -95,9 +95,9 @@ int job_chain(int fd) {
                .min_tile_coord = 0,
                .max_tile_coord = 0x0FFF0FFF,
                .address_unknown = 0x02CAFE00,
-               .unknown1 = fuzz_rand(),
-               .unknown2 = fuzz_rand(),
-               .unknown3 = fuzz_rand(),
+               .unknown1 = fuzz_rand32(),
+               .unknown2 = /* fuzz_rand32() */ 0,
+               .unknown3 = /* fuzz_rand32() */ 0,
        };
 
        memcpy(buffer, &header, sizeof(header));
@@ -148,19 +148,14 @@ int job_chain(int fd) {
        };
 
        
-       hexdump(buffer, sizeof(header));
        m_ioctl(fd, submit, KBASE_FUNC_JOB_SUBMIT);
-       usleep(1000 * 50); /* Ensure job returns */
+       usleep(1000 * 100); /* Ensure job returns */
 
-       if(buffer[0] != 0x58) {
-               /* Not a Data Invalid fault! */
-
-               //hexdump(buffer, sizeof(header));
-               printf("(success)\n\n");
-               //exit(0);
-       } else {
-               printf("(fail)\n\n");
-       }
+       printf("%s (%X, %X, %X)\n",
+                       buffer[0] != 0x58 ? "✓" : "☠",
+                       header.unknown1,
+                       header.unknown2,
+                       header.unknown3);
 
        munmap(buffer, PAGE_SIZE);
 
@@ -223,8 +218,8 @@ int main(void)
 
        /* Fuzz the job chain */
 
-       srand(45);
-       for(int i = 0; i < 20; ++i) {
+       srand(46);
+       for(int i = 0; i < 50; ++i) {
                job_chain(fd);
        }