1.4. Generate corpus
AFL++ needs some initial inputs, or corpus.
Ideally, we should provide some meaningful corpus as the ‘seed’ for fuzzing.
Corpora are generated by the python scripts in the tools/fuzz/python/corpus
directory.
Current corpora and their sizes:
973 smc_corpus/default.bin
309 smc_corpus/invalid.bin
26 smc_corpus/min.bin
104 smc_corpus/pmu.bin
295 smc_corpus/ripas.bin
177 smc_corpus/rtt_fold.bin
177 smc_corpus/rtt.bin
1.4.1. Command Support Matrix
Command |
default |
invalid |
min |
pmu |
ripas |
rtt |
rtt-fold |
|---|---|---|---|---|---|---|---|
AllocateGranule |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
Version |
✔ |
||||||
GranuleDelegate |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
GranuleUndelegate |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
RttDataMapInit |
✔ |
✔ |
✔ |
||||
RttDataUnmap |
✔ |
✔ |
✔ |
||||
RttDataMap |
|||||||
RealmActivate |
✔ |
✔ |
✔ |
✔ |
|||
RealmCreate |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
|
RealmDestroy |
✔ |
✔ |
✔ |
✔ |
✔ |
✔ |
|
RecCreate |
✔ |
✔ (2) |
✔ |
✔ |
|||
RecDestroy |
✔ |
✔ |
✔ |
✔ |
|||
RecEnter |
✔ |
✔ |
✔ |
✔ |
|||
RTTCreate |
✔ |
✔ |
✔ |
✔ |
✔ |
||
RTTDestroy |
✔ |
✔ |
✔ |
✔ |
✔ |
||
RTTMapUnprotected |
✔ |
||||||
RTTReadEntry |
✔ |
||||||
RTTUnmapUnprotected |
✔ |
||||||
PsciComplete |
✔ |
||||||
Features |
✔ |
✔ |
✔ |
||||
RttFold |
✔ |
||||||
RttInitRipas |
✔ |
✔ |
✔ |
||||
RttSetRipas |
✔ |
||||||
RmmConfigGet |
|||||||
RmmConfigSet |
|||||||
GranuleTrackingGet |
1.4.2. Command order in corpora
1.4.2.1. Default
Features
AllocateGranule
GranuleDelegate
RealmCreate
RTTCreate
RTTReadEntry
RttInitRipas
RttDataMapInit
RecCreate
RealmActivate
RTTMapUnprotected
RecEnter
--
RTTUnmapUnprotected
RecDestroy
RttDataUnmap
GranuleUndelegate
RTTDestroy
RealmDestroy
1.4.2.2. Invalid
AllocateGranule
GranuleDelegate
RealmCreate
RTTCreate
RttInitRipas
RttDataMapInit
RecCreate
RealmActivate
RecEnter
PsciComplete
--
RecDestroy
RttDataUnmap
GranuleUndelegate
RTTDestroy
RealmDestroy
1.4.2.3. Min
Version
Features
AllocateGranule
GranuleDelegate
GranuleUndelegate
1.4.2.4. Pmu
Features
AllocateGranule
GranuleDelegate
RealmCreate
RecCreate
RealmActivate
RecEnter
--
RecDestroy
GranuleUndelegate
RealmDestroy
1.4.2.5. Ripas
AllocateGranule
GranuleDelegate
RealmCreate
RTTCreate
RttInitRipas
RttDataMapInit
RecCreate
RealmActivate
RecEnter
RttSetRipas
--
RecDestroy
RttDataUnmap
GranuleUndelegate
RTTDestroy
RealmDestroy
1.4.2.6. Rtt
AllocateGranule
GranuleDelegate
RealmCreate
RTTCreate
--
RTTDestroy
GranuleUndelegate
RealmDestroy
1.4.2.7. RTT_Fold
AllocateGranule
GranuleDelegate
RealmCreate
RTTCreate
RttFold
--
RTTDestroy
GranuleUndelegate
RealmDestroy