From 2415081164323ecb402926187b72ee59162c5bcd Mon Sep 17 00:00:00 2001
From: Remco <remco@dutchcoders.io>
Date: Wed, 25 May 2016 10:27:46 +0200
Subject: [PATCH] several fixes * moved files to suite * integrated @eke
dictionaries * added arch support to fuzz.sh
---
suite/afl/dict/arm64/arm64.dict | 59 +++
suite/afl/dict/ppc64/ppc64.dict | 165 ++++++++
suite/afl/dict/x64/x64.dict | 716 ++++++++++++++++++++++++++++++++
suite/afl/tests/instr- | 1 +
suite/afl/tests/instr-1 | 1 +
suite/afl/tests/instr-10 | 1 +
suite/afl/tests/instr-11 | 1 +
suite/afl/tests/instr-12 | 1 +
suite/afl/tests/instr-13 | 1 +
suite/afl/tests/instr-14 | 1 +
suite/afl/tests/instr-15 | 1 +
suite/afl/tests/instr-16 | 1 +
suite/afl/tests/instr-17 | 1 +
suite/afl/tests/instr-18 | 1 +
suite/afl/tests/instr-19 | 1 +
suite/afl/tests/instr-2 | 1 +
suite/afl/tests/instr-20 | 1 +
suite/afl/tests/instr-21 | 1 +
suite/afl/tests/instr-22 | 1 +
suite/afl/tests/instr-23 | 1 +
suite/afl/tests/instr-24 | 1 +
suite/afl/tests/instr-3 | 1 +
suite/afl/tests/instr-4 | 1 +
suite/afl/tests/instr-5 | 1 +
suite/afl/tests/instr-6 | 1 +
suite/afl/tests/instr-7 | 1 +
suite/afl/tests/instr-8 | 1 +
suite/afl/tests/instr-9 | 1 +
suite/fuzz.sh | 23 +
29 files changed, 988 insertions(+)
create mode 100644 suite/afl/dict/arm64/arm64.dict
create mode 100644 suite/afl/dict/ppc64/ppc64.dict
create mode 100644 suite/afl/dict/x64/x64.dict
create mode 100644 suite/afl/tests/instr-
create mode 100644 suite/afl/tests/instr-1
create mode 100644 suite/afl/tests/instr-10
create mode 100644 suite/afl/tests/instr-11
create mode 100644 suite/afl/tests/instr-12
create mode 100644 suite/afl/tests/instr-13
create mode 100644 suite/afl/tests/instr-14
create mode 100644 suite/afl/tests/instr-15
create mode 100644 suite/afl/tests/instr-16
create mode 100644 suite/afl/tests/instr-17
create mode 100644 suite/afl/tests/instr-18
create mode 100644 suite/afl/tests/instr-19
create mode 100644 suite/afl/tests/instr-2
create mode 100644 suite/afl/tests/instr-20
create mode 100644 suite/afl/tests/instr-21
create mode 100644 suite/afl/tests/instr-22
create mode 100644 suite/afl/tests/instr-23
create mode 100644 suite/afl/tests/instr-24
create mode 100644 suite/afl/tests/instr-3
create mode 100644 suite/afl/tests/instr-4
create mode 100644 suite/afl/tests/instr-5
create mode 100644 suite/afl/tests/instr-6
create mode 100644 suite/afl/tests/instr-7
create mode 100644 suite/afl/tests/instr-8
create mode 100644 suite/afl/tests/instr-9
create mode 100755 suite/fuzz.sh
diff --git a/suite/afl/dict/arm64/arm64.dict b/suite/afl/dict/arm64/arm64.dict
new file mode 100644
index 0000000..730128f
--- /dev/null
+++ b/suite/afl/dict/arm64/arm64.dict
@@ -0,0 +1,59 @@
+# arm 64 assembly
+#
+inst_stp="stp"
+inst_mov="mov"
+inst_mov="movz"
+inst_add="add"
+inst_addrp="addrp"
+inst_bne="b.ne"
+inst_bls="b.ls"
+inst_br="br"
+inst_blr="blr"
+inst_b="b"
+inst_str="str"
+inst_ldp="ldp"
+inst_ret="ret"
+inst_cbz="cbz"
+
+reg_x0="x0"
+reg_x1="x1"
+reg_x2="x2"
+reg_x3="x3"
+reg_x4="x4"
+reg_x5="x5"
+reg_x6="x6"
+reg_x7="x7"
+reg_x8="x8"
+reg_x9="x9"
+reg_x10="x10"
+reg_x11="x11"
+reg_x29="x29"
+reg_w1="w1"
+reg_w2="w2"
+reg_w29="w29"
+reg_sp="sp"
+
+delim_comma=","
+delim_semi=";"
+delim_parenopen="["
+delim_parenclose="]"
+delim_parenboth="[]"
+delim_exclamation="!"
+
+op_plus="+"
+op_min="-"
+op_mul="*"
+op_mod="%"
+op_or="|"
+op_xor="^"
+op_and="&"
+
+imm_0="0"
+imm_1="1"
+imm_min1="-1"
+imm_a="0xfffffffffffffff0"
+
+label_a="local_6"
+label_b="<main+0x59d>"
+label_c="<func>"
+label_d="func"
diff --git a/suite/afl/dict/ppc64/ppc64.dict b/suite/afl/dict/ppc64/ppc64.dict
new file mode 100644
index 0000000..58c3e88
--- /dev/null
+++ b/suite/afl/dict/ppc64/ppc64.dict
@@ -0,0 +1,165 @@
+# PowerPC assembly
+#
+keyword_add="add"
+keyword_addc="addc"
+keyword_adde="adde"
+keyword_addi="addi"
+keyword_addic="addic"
+keyword_addic="addic"
+keyword_addis="addis"
+keyword_addme="addme"
+keyword_addze="addze"
+keyword_and="and"
+keyword_andc="andc"
+keyword_andi="andi"
+keyword_andis="andis"
+keyword_b="b"
+keyword_ba="ba"
+keyword_bl="bl"
+keyword_bla="bla"
+keyword_bc="bc"
+keyword_bca="bca"
+keyword_bcl="bcl"
+keyword_bcla="bcla"
+keyword_bcctr="bcctr"
+keyword_bcctrl="bcctrl"
+keyword_bclr="bclr"
+keyword_cmp="cmp"
+keyword_cmpi="cmpi"
+keyword_cmpl="cmpl"
+keyword_cmpli="cmpli"
+keyword_cntlzw="cntlzw"
+keyword_crand="crand"
+keyword_crandc="crandc"
+keyword_creqv="creqv"
+keyword_crnand="crnand"
+keyword_crnor="crnor"
+keyword_cror="cror"
+keyword_crorc="crorc"
+keyword_crxor="crxor"
+keyword_divw="divw"
+keyword_divwu="divwu"
+keyword_eqv="eqv"
+keyword_extsb="extsb"
+keyword_extsh="extsh"
+keyword_lbz="lbz"
+keyword_lbzu="lbzu"
+keyword_lbzux="lbzux"
+keyword_lbzx="lbzx"
+keyword_lha="lha"
+keyword_lhau="lhau"
+keyword_lhaux="lhaux"
+keyword_lhax="lhax"
+keyword_lhbrx="lhbrx"
+keyword_lhz="lhz"
+keyword_lhzu="lhzu"
+keyword_lhzux="lhzux"
+keyword_lhzx="lhzx"
+keyword_lmw="lmw"
+keyword_lswi="lswi"
+keyword_lswx="lswx"
+keyword_lwbrx="lwbrx"
+keyword_lwz="lwz"
+keyword_lwzu="lwzu"
+keyword_lwzux="lwzux"
+keyword_lwzx="lwzx"
+keyword_mcrf="mcrf"
+keyword_mcrxr="mcrxr"
+keyword_mfcr="mfcr"
+keyword_mfspr="mfspr"
+keyword_mftb="mftb"
+keyword_mtcrf="mtcrf"
+keyword_mtspr="mtspr"
+keyword_mulhw="mulhw"
+keyword_mulhwu="mulhwu"
+keyword_mulli="mulli"
+keyword_mullw="mullw"
+keyword_nand="nand"
+keyword_neg="neg"
+keyword_nor="nor"
+keyword_or="or"
+keyword_orc="orc"
+keyword_ori="ori"
+keyword_oris="oris"
+keyword_rlwimi="rlwimi"
+keyword_rlwinm="rlwinm"
+keyword_rotlwi="rotlwi"
+keyword_clrlwi="clrlwi"
+keyword_rlwnm="rlwnm"
+keyword_slw="slw"
+keyword_sraw="sraw"
+keyword_srawi="srawi"
+keyword_srw="srw"
+keyword_stb="stb"
+keyword_stbu="stbu"
+keyword_stbux="stbux"
+keyword_stbx="stbx"
+keyword_sth="sth"
+keyword_sthbrx="sthbrx"
+keyword_sthu="sthu"
+keyword_sthux="sthux"
+keyword_sthx="sthx"
+keyword_stmw="stmw"
+keyword_stswi="stswi"
+keyword_stswx="stswx"
+keyword_stw="stw"
+keyword_stwbrx="stwbrx"
+keyword_stwu="stwu"
+keyword_stwux="stwux"
+keyword_stwx="stwx"
+keyword_subf="subf"
+keyword_subfc="subfc"
+keyword_subfe="subfe"
+keyword_subfic="subfic"
+keyword_subfme="subfme"
+keyword_subfze="subfze"
+keyword_xor="xor"
+keyword_xori="xori"
+keyword_xoris="xoris"
+
+reg_lr="lr"
+reg_cr="cr"
+reg_r0="r0"
+reg_r1="r1"
+reg_r2="r2"
+reg_r3="r3"
+reg_r4="r4"
+reg_r5="r5"
+reg_r6="r6"
+reg_r7="r7"
+reg_r8="r8"
+reg_r9="r9"
+reg_r10="r10"
+reg_r11="r11"
+reg_r29="r29"
+reg_r31="r31"
+
+delim_comma=","
+delim_semi=";"
+delim_bracketopen="["
+delim_bracketclose="]"
+delim_bracketboth="[]"
+delim_exclamation="!"
+delim_parenopen="("
+delim_parenclose=")"
+delim_parenboth="()"
+delim_comment="#"
+
+op_plus="+"
+op_min="-"
+op_mul="*"
+op_mod="%"
+op_or="|"
+op_xor="^"
+op_question="?"
+op_and="&"
+
+imm_0="0"
+imm_1="1"
+imm_min1="-1"
+imm_a="0xfffffffffffffff0"
+
+label_a="local_6"
+label_b="<main+0x59d>"
+label_c="<func>"
+label_d="func"
diff --git a/suite/afl/dict/x64/x64.dict b/suite/afl/dict/x64/x64.dict
new file mode 100644
index 0000000..59ad9a8
--- /dev/null
+++ b/suite/afl/dict/x64/x64.dict
@@ -0,0 +1,716 @@
+# x86 assembly
+#
+instruction_aaa="aaa"
+instruction_aad="aad"
+instruction_aam="aam"
+instruction_aas="aas"
+instruction_adc="adc"
+instruction_adcx="adcx"
+instruction_add="add"
+instruction_addpd="addpd"
+instruction_addps="addps"
+instruction_addsd="addsd"
+instruction_addss="addss"
+instruction_addsubpd="addsubpd"
+instruction_addsubps="addsubps"
+instruction_adox="adox"
+instruction_aesdec="aesdec"
+instruction_aesdeclast="aesdeclast"
+instruction_aesenc="aesenc"
+instruction_aesenclast="aesenclast"
+instruction_aesimc="aesimc"
+instruction_aeskeygenassist="aeskeygenassist"
+instruction_and="and"
+instruction_andn="andn"
+instruction_andnpd="andnpd"
+instruction_andnps="andnps"
+instruction_andpd="andpd"
+instruction_andps="andps"
+instruction_arpl="arpl"
+instruction_bextr="bextr"
+instruction_blendpd="blendpd"
+instruction_blendps="blendps"
+instruction_blendvpd="blendvpd"
+instruction_blendvps="blendvps"
+instruction_blsi="blsi"
+instruction_blsmsk="blsmsk"
+instruction_blsr="blsr"
+instruction_bound="bound"
+instruction_bsf="bsf"
+instruction_bsr="bsr"
+instruction_bswap="bswap"
+instruction_bt="bt"
+instruction_btc="btc"
+instruction_btr="btr"
+instruction_bts="bts"
+instruction_bzhi="bzhi"
+instruction_call="call"
+instruction_cbw="cbw"
+instruction_cdq="cdq"
+instruction_cdqe="cdqe"
+instruction_clac="clac"
+instruction_clc="clc"
+instruction_cld="cld"
+instruction_clflush="clflush"
+instruction_cli="cli"
+instruction_clts="clts"
+instruction_cmc="cmc"
+instruction_cmovcc="cmovcc"
+instruction_cmp="cmp"
+instruction_cmppd="cmppd"
+instruction_cmpps="cmpps"
+instruction_cmps="cmps"
+instruction_cmpsb="cmpsb"
+instruction_cmpsd="cmpsd"
+instruction_cmpsd="cmpsd"
+instruction_cmpsq="cmpsq"
+instruction_cmpss="cmpss"
+instruction_cmpsw="cmpsw"
+instruction_cmpxchg="cmpxchg"
+instruction_cmpxchg16b="cmpxchg16b"
+instruction_cmpxchg8b="cmpxchg8b"
+instruction_comisd="comisd"
+instruction_comiss="comiss"
+instruction_cpuid="cpuid"
+instruction_cqo="cqo"
+instruction_crc32="crc32"
+instruction_cvtdq2pd="cvtdq2pd"
+instruction_cvtdq2ps="cvtdq2ps"
+instruction_cvtpd2dq="cvtpd2dq"
+instruction_cvtpd2pi="cvtpd2pi"
+instruction_cvtpd2ps="cvtpd2ps"
+instruction_cvtpi2pd="cvtpi2pd"
+instruction_cvtpi2ps="cvtpi2ps"
+instruction_cvtps2dq="cvtps2dq"
+instruction_cvtps2pd="cvtps2pd"
+instruction_cvtps2pi="cvtps2pi"
+instruction_cvtsd2si="cvtsd2si"
+instruction_cvtsd2ss="cvtsd2ss"
+instruction_cvtsi2sd="cvtsi2sd"
+instruction_cvtsi2ss="cvtsi2ss"
+instruction_cvtss2sd="cvtss2sd"
+instruction_cvtss2si="cvtss2si"
+instruction_cvttpd2dq="cvttpd2dq"
+instruction_cvttpd2pi="cvttpd2pi"
+instruction_cvttps2dq="cvttps2dq"
+instruction_cvttps2pi="cvttps2pi"
+instruction_cvttsd2si="cvttsd2si"
+instruction_cvttss2si="cvttss2si"
+instruction_cwd="cwd"
+instruction_cwde="cwde"
+instruction_daa="daa"
+instruction_das="das"
+instruction_dec="dec"
+instruction_div="div"
+instruction_divpd="divpd"
+instruction_divps="divps"
+instruction_divsd="divsd"
+instruction_divss="divss"
+instruction_dppd="dppd"
+instruction_dpps="dpps"
+instruction_emms="emms"
+instruction_enter="enter"
+instruction_extractps="extractps"
+instruction_f2xm1="f2xm1"
+instruction_fabs="fabs"
+instruction_fadd="fadd"
+instruction_faddp="faddp"
+instruction_fbld="fbld"
+instruction_fbstp="fbstp"
+instruction_fchs="fchs"
+instruction_fclex="fclex"
+instruction_fcmovcc="fcmovcc"
+instruction_fcom="fcom"
+instruction_fcomi="fcomi"
+instruction_fcomip="fcomip"
+instruction_fcomp="fcomp"
+instruction_fcompp="fcompp"
+instruction_fcos="fcos"
+instruction_fdecstp="fdecstp"
+instruction_fdiv="fdiv"
+instruction_fdivp="fdivp"
+instruction_fdivr="fdivr"
+instruction_fdivrp="fdivrp"
+instruction_ffree="ffree"
+instruction_fiadd="fiadd"
+instruction_ficom="ficom"
+instruction_ficomp="ficomp"
+instruction_fidiv="fidiv"
+instruction_fidivr="fidivr"
+instruction_fild="fild"
+instruction_fimul="fimul"
+instruction_fincstp="fincstp"
+instruction_finit="finit"
+instruction_fist="fist"
+instruction_fistp="fistp"
+instruction_fisttp="fisttp"
+instruction_fisub="fisub"
+instruction_fisubr="fisubr"
+instruction_fld="fld"
+instruction_fld1="fld1"
+instruction_fldcw="fldcw"
+instruction_fldenv="fldenv"
+instruction_fldl2e="fldl2e"
+instruction_fldl2t="fldl2t"
+instruction_fldlg2="fldlg2"
+instruction_fldln2="fldln2"
+instruction_fldpi="fldpi"
+instruction_fldz="fldz"
+instruction_fmul="fmul"
+instruction_fmulp="fmulp"
+instruction_fnclex="fnclex"
+instruction_fninit="fninit"
+instruction_fnop="fnop"
+instruction_fnsave="fnsave"
+instruction_fnstcw="fnstcw"
+instruction_fnstenv="fnstenv"
+instruction_fnstsw="fnstsw"
+instruction_fpatan="fpatan"
+instruction_fprem="fprem"
+instruction_fprem1="fprem1"
+instruction_fptan="fptan"
+instruction_frndint="frndint"
+instruction_frstor="frstor"
+instruction_fsave="fsave"
+instruction_fscale="fscale"
+instruction_fsin="fsin"
+instruction_fsincos="fsincos"
+instruction_fsqrt="fsqrt"
+instruction_fst="fst"
+instruction_fstcw="fstcw"
+instruction_fstenv="fstenv"
+instruction_fstp="fstp"
+instruction_fstsw="fstsw"
+instruction_fsub="fsub"
+instruction_fsubp="fsubp"
+instruction_fsubr="fsubr"
+instruction_fsubrp="fsubrp"
+instruction_ftst="ftst"
+instruction_fucom="fucom"
+instruction_fucomi="fucomi"
+instruction_fucomip="fucomip"
+instruction_fucomp="fucomp"
+instruction_fucompp="fucompp"
+instruction_fwait="fwait"
+instruction_fxam="fxam"
+instruction_fxch="fxch"
+instruction_fxrstor="fxrstor"
+instruction_fxsave="fxsave"
+instruction_fxtract="fxtract"
+instruction_fyl2x="fyl2x"
+instruction_fyl2xp1="fyl2xp1"
+instruction_haddpd="haddpd"
+instruction_haddps="haddps"
+instruction_hlt="hlt"
+instruction_hsubpd="hsubpd"
+instruction_hsubps="hsubps"
+instruction_idiv="idiv"
+instruction_imul="imul"
+instruction_in="in"
+instruction_inc="inc"
+instruction_ins="ins"
+instruction_insb="insb"
+instruction_insd="insd"
+instruction_insertps="insertps"
+instruction_insw="insw"
+instruction_int="int"
+instruction_int="int"
+instruction_into="into"
+instruction_invd="invd"
+instruction_invlpg="invlpg"
+instruction_invpcid="invpcid"
+instruction_iret="iret"
+instruction_iretd="iretd"
+instruction_jmp="jmp"
+instruction_jcc="jcc"
+instruction_lahf="lahf"
+instruction_lar="lar"
+instruction_lddqu="lddqu"
+instruction_ldmxcsr="ldmxcsr"
+instruction_lds="lds"
+instruction_lea="lea"
+instruction_leave="leave"
+instruction_les="les"
+instruction_lfence="lfence"
+instruction_lfs="lfs"
+instruction_lgdt="lgdt"
+instruction_lgs="lgs"
+instruction_lidt="lidt"
+instruction_lldt="lldt"
+instruction_lmsw="lmsw"
+instruction_lock="lock"
+instruction_lods="lods"
+instruction_lodsb="lodsb"
+instruction_lodsd="lodsd"
+instruction_lodsq="lodsq"
+instruction_lodsw="lodsw"
+instruction_loop="loop"
+instruction_loopcc="loopcc"
+instruction_lsl="lsl"
+instruction_lss="lss"
+instruction_ltr="ltr"
+instruction_lzcnt="lzcnt"
+instruction_maskmovdqu="maskmovdqu"
+instruction_maskmovq="maskmovq"
+instruction_maxpd="maxpd"
+instruction_maxps="maxps"
+instruction_maxsd="maxsd"
+instruction_maxss="maxss"
+instruction_mfence="mfence"
+instruction_minpd="minpd"
+instruction_minps="minps"
+instruction_minsd="minsd"
+instruction_minss="minss"
+instruction_monitor="monitor"
+instruction_mov="mov"
+instruction_mov="mov"
+instruction_mov="mov"
+instruction_movapd="movapd"
+instruction_movaps="movaps"
+instruction_movbe="movbe"
+instruction_movd="movd"
+instruction_movddup="movddup"
+instruction_movdq2q="movdq2q"
+instruction_movdqa="movdqa"
+instruction_movdqu="movdqu"
+instruction_movhlps="movhlps"
+instruction_movhpd="movhpd"
+instruction_movhps="movhps"
+instruction_movlhps="movlhps"
+instruction_movlpd="movlpd"
+instruction_movlps="movlps"
+instruction_movmskpd="movmskpd"
+instruction_movmskps="movmskps"
+instruction_movntdq="movntdq"
+instruction_movntdqa="movntdqa"
+instruction_movnti="movnti"
+instruction_movntpd="movntpd"
+instruction_movntps="movntps"
+instruction_movntq="movntq"
+instruction_movq="movq"
+instruction_movq="movq"
+instruction_movq2dq="movq2dq"
+instruction_movs="movs"
+instruction_movsb="movsb"
+instruction_movsd="movsd"
+instruction_movsd="movsd"
+instruction_movshdup="movshdup"
+instruction_movsldup="movsldup"
+instruction_movsq="movsq"
+instruction_movss="movss"
+instruction_movsw="movsw"
+instruction_movsx="movsx"
+instruction_movsxd="movsxd"
+instruction_movupd="movupd"
+instruction_movups="movups"
+instruction_movzx="movzx"
+instruction_mpsadbw="mpsadbw"
+instruction_mul="mul"
+instruction_mulpd="mulpd"
+instruction_mulps="mulps"
+instruction_mulsd="mulsd"
+instruction_mulss="mulss"
+instruction_mwait="mwait"
+instruction_mulx="mulx"
+instruction_mwait="mwait"
+instruction_neg="neg"
+instruction_nop="nop"
+instruction_not="not"
+instruction_or="or"
+instruction_orpd="orpd"
+instruction_orps="orps"
+instruction_out="out"
+instruction_outs="outs"
+instruction_outsb="outsb"
+instruction_outsd="outsd"
+instruction_outsw="outsw"
+instruction_pabsb="pabsb"
+instruction_pabsd="pabsd"
+instruction_pabsw="pabsw"
+instruction_packssdw="packssdw"
+instruction_packsswb="packsswb"
+instruction_packusdw="packusdw"
+instruction_packuswb="packuswb"
+instruction_paddb="paddb"
+instruction_paddd="paddd"
+instruction_paddq="paddq"
+instruction_paddsb="paddsb"
+instruction_paddsw="paddsw"
+instruction_paddusb="paddusb"
+instruction_paddusw="paddusw"
+instruction_paddw="paddw"
+instruction_palignr="palignr"
+instruction_pand="pand"
+instruction_pandn="pandn"
+instruction_pause="pause"
+instruction_pavgb="pavgb"
+instruction_pavgw="pavgw"
+instruction_pblendvb="pblendvb"
+instruction_pblendw="pblendw"
+instruction_pclmulqdq="pclmulqdq"
+instruction_pcmpeqb="pcmpeqb"
+instruction_pcmpeqd="pcmpeqd"
+instruction_pcmpeqq="pcmpeqq"
+instruction_pcmpeqw="pcmpeqw"
+instruction_pcmpestri="pcmpestri"
+instruction_pcmpestrm="pcmpestrm"
+instruction_pcmpgtb="pcmpgtb"
+instruction_pcmpgtd="pcmpgtd"
+instruction_pcmpgtq="pcmpgtq"
+instruction_pcmpgtw="pcmpgtw"
+instruction_pcmpistri="pcmpistri"
+instruction_pcmpistrm="pcmpistrm"
+instruction_pdep="pdep"
+instruction_pext="pext"
+instruction_pextrb="pextrb"
+instruction_pextrd="pextrd"
+instruction_pextrq="pextrq"
+instruction_pextrw="pextrw"
+instruction_phaddd="phaddd"
+instruction_phaddsw="phaddsw"
+instruction_phaddw="phaddw"
+instruction_phminposuw="phminposuw"
+instruction_phsubd="phsubd"
+instruction_phsubsw="phsubsw"
+instruction_phsubw="phsubw"
+instruction_pinsrb="pinsrb"
+instruction_pinsrd="pinsrd"
+instruction_pinsrq="pinsrq"
+instruction_pinsrw="pinsrw"
+instruction_pmaddubsw="pmaddubsw"
+instruction_pmaddwd="pmaddwd"
+instruction_pmaxsb="pmaxsb"
+instruction_pmaxsd="pmaxsd"
+instruction_pmaxsw="pmaxsw"
+instruction_pmaxub="pmaxub"
+instruction_pmaxud="pmaxud"
+instruction_pmaxuw="pmaxuw"
+instruction_pminsb="pminsb"
+instruction_pminsd="pminsd"
+instruction_pminsw="pminsw"
+instruction_pminub="pminub"
+instruction_pminud="pminud"
+instruction_pminuw="pminuw"
+instruction_pmovmskb="pmovmskb"
+instruction_pmovsx="pmovsx"
+instruction_pmovzx="pmovzx"
+instruction_pmuldq="pmuldq"
+instruction_pmulhrsw="pmulhrsw"
+instruction_pmulhuw="pmulhuw"
+instruction_pmulhw="pmulhw"
+instruction_pmulld="pmulld"
+instruction_pmullw="pmullw"
+instruction_pmuludq="pmuludq"
+instruction_pop="pop"
+instruction_popa="popa"
+instruction_popad="popad"
+instruction_popcnt="popcnt"
+instruction_popf="popf"
+instruction_popfd="popfd"
+instruction_popfq="popfq"
+instruction_por="por"
+instruction_prefetchw="prefetchw"
+instruction_prefetchwt1="prefetchwt1"
+instruction_prefetchh="prefetchh"
+instruction_psadbw="psadbw"
+instruction_pshufb="pshufb"
+instruction_pshufd="pshufd"
+instruction_pshufhw="pshufhw"
+instruction_pshuflw="pshuflw"
+instruction_pshufw="pshufw"
+instruction_psignb="psignb"
+instruction_psignd="psignd"
+instruction_psignw="psignw"
+instruction_pslld="pslld"
+instruction_pslldq="pslldq"
+instruction_psllq="psllq"
+instruction_psllw="psllw"
+instruction_psrad="psrad"
+instruction_psraw="psraw"
+instruction_psrld="psrld"
+instruction_psrldq="psrldq"
+instruction_psrlq="psrlq"
+instruction_psrlw="psrlw"
+instruction_psubb="psubb"
+instruction_psubd="psubd"
+instruction_psubq="psubq"
+instruction_psubsb="psubsb"
+instruction_psubsw="psubsw"
+instruction_psubusb="psubusb"
+instruction_psubusw="psubusw"
+instruction_psubw="psubw"
+instruction_ptest="ptest"
+instruction_punpckhbw="punpckhbw"
+instruction_punpckhdq="punpckhdq"
+instruction_punpckhqdq="punpckhqdq"
+instruction_punpckhwd="punpckhwd"
+instruction_punpcklbw="punpcklbw"
+instruction_punpckldq="punpckldq"
+instruction_punpcklqdq="punpcklqdq"
+instruction_punpcklwd="punpcklwd"
+instruction_push="push"
+instruction_pusha="pusha"
+instruction_pushad="pushad"
+instruction_pushf="pushf"
+instruction_pushfd="pushfd"
+instruction_pxor="pxor"
+instruction_rcl="rcl"
+instruction_rcpps="rcpps"
+instruction_rcpss="rcpss"
+instruction_rcr="rcr"
+instruction_rdfsbase="rdfsbase"
+instruction_rdgsbase="rdgsbase"
+instruction_rdmsr="rdmsr"
+instruction_rdpmc="rdpmc"
+instruction_rdrand="rdrand"
+instruction_rdseed="rdseed"
+instruction_rdtsc="rdtsc"
+instruction_rdtscp="rdtscp"
+instruction_rep="rep"
+instruction_repe="repe"
+instruction_repne="repne"
+instruction_repnz="repnz"
+instruction_repz="repz"
+instruction_ret="ret"
+instruction_rol="rol"
+instruction_ror="ror"
+instruction_rorx="rorx"
+instruction_roundpd="roundpd"
+instruction_roundps="roundps"
+instruction_roundsd="roundsd"
+instruction_roundss="roundss"
+instruction_rsm="rsm"
+instruction_rsqrtps="rsqrtps"
+instruction_rsqrtss="rsqrtss"
+instruction_sahf="sahf"
+instruction_sal="sal"
+instruction_sar="sar"
+instruction_sarx="sarx"
+instruction_sbb="sbb"
+instruction_scas="scas"
+instruction_scasb="scasb"
+instruction_scasd="scasd"
+instruction_scasw="scasw"
+instruction_setcc="setcc"
+instruction_sfence="sfence"
+instruction_sgdt="sgdt"
+instruction_shl="shl"
+instruction_shld="shld"
+instruction_shlx="shlx"
+instruction_shr="shr"
+instruction_shrd="shrd"
+instruction_shrx="shrx"
+instruction_shufpd="shufpd"
+instruction_shufps="shufps"
+instruction_sidt="sidt"
+instruction_sldt="sldt"
+instruction_smsw="smsw"
+instruction_sqrtpd="sqrtpd"
+instruction_sqrtps="sqrtps"
+instruction_sqrtsd="sqrtsd"
+instruction_sqrtss="sqrtss"
+instruction_stac="stac"
+instruction_stc="stc"
+instruction_std="std"
+instruction_sti="sti"
+instruction_stmxcsr="stmxcsr"
+instruction_stos="stos"
+instruction_stosb="stosb"
+instruction_stosd="stosd"
+instruction_stosq="stosq"
+instruction_stosw="stosw"
+instruction_str="str"
+instruction_sub="sub"
+instruction_subpd="subpd"
+instruction_subps="subps"
+instruction_subsd="subsd"
+instruction_subss="subss"
+instruction_swapgs="swapgs"
+instruction_syscall="syscall"
+instruction_sysenter="sysenter"
+instruction_sysexit="sysexit"
+instruction_sysret="sysret"
+instruction_test="test"
+instruction_tzcnt="tzcnt"
+instruction_ucomisd="ucomisd"
+instruction_ucomiss="ucomiss"
+instruction_ud2="ud2"
+instruction_unpckhpd="unpckhpd"
+instruction_unpckhps="unpckhps"
+instruction_unpcklpd="unpcklpd"
+instruction_unpcklps="unpcklps"
+instruction_vbroadcast="vbroadcast"
+instruction_vcvtph2ps="vcvtph2ps"
+instruction_vcvtps2ph="vcvtps2ph"
+instruction_verr="verr"
+instruction_verw="verw"
+instruction_vextractf128="vextractf128"
+instruction_vextracti128="vextracti128"
+instruction_vfmadd132pd="vfmadd132pd"
+instruction_vfmadd132ps="vfmadd132ps"
+instruction_vfmadd132sd="vfmadd132sd"
+instruction_vfmadd132ss="vfmadd132ss"
+instruction_vfmadd213pd="vfmadd213pd"
+instruction_vfmadd213ps="vfmadd213ps"
+instruction_vfmadd213sd="vfmadd213sd"
+instruction_vfmadd213ss="vfmadd213ss"
+instruction_vfmadd231pd="vfmadd231pd"
+instruction_vfmadd231ps="vfmadd231ps"
+instruction_vfmadd231sd="vfmadd231sd"
+instruction_vfmadd231ss="vfmadd231ss"
+instruction_vfmaddsub132pd="vfmaddsub132pd"
+instruction_vfmaddsub132ps="vfmaddsub132ps"
+instruction_vfmaddsub213pd="vfmaddsub213pd"
+instruction_vfmaddsub213ps="vfmaddsub213ps"
+instruction_vfmaddsub231pd="vfmaddsub231pd"
+instruction_vfmaddsub231ps="vfmaddsub231ps"
+instruction_vfmsub132pd="vfmsub132pd"
+instruction_vfmsub132ps="vfmsub132ps"
+instruction_vfmsub132sd="vfmsub132sd"
+instruction_vfmsub132ss="vfmsub132ss"
+instruction_vfmsub213pd="vfmsub213pd"
+instruction_vfmsub213ps="vfmsub213ps"
+instruction_vfmsub213sd="vfmsub213sd"
+instruction_vfmsub213ss="vfmsub213ss"
+instruction_vfmsub231pd="vfmsub231pd"
+instruction_vfmsub231ps="vfmsub231ps"
+instruction_vfmsub231sd="vfmsub231sd"
+instruction_vfmsub231ss="vfmsub231ss"
+instruction_vfmsubadd132pd="vfmsubadd132pd"
+instruction_vfmsubadd132ps="vfmsubadd132ps"
+instruction_vfmsubadd213pd="vfmsubadd213pd"
+instruction_vfmsubadd213ps="vfmsubadd213ps"
+instruction_vfmsubadd231pd="vfmsubadd231pd"
+instruction_vfmsubadd231ps="vfmsubadd231ps"
+instruction_vfnmadd132pd="vfnmadd132pd"
+instruction_vfnmadd132ps="vfnmadd132ps"
+instruction_vfnmadd132sd="vfnmadd132sd"
+instruction_vfnmadd132ss="vfnmadd132ss"
+instruction_vfnmadd213pd="vfnmadd213pd"
+instruction_vfnmadd213ps="vfnmadd213ps"
+instruction_vfnmadd213sd="vfnmadd213sd"
+instruction_vfnmadd213ss="vfnmadd213ss"
+instruction_vfnmadd231pd="vfnmadd231pd"
+instruction_vfnmadd231ps="vfnmadd231ps"
+instruction_vfnmadd231sd="vfnmadd231sd"
+instruction_vfnmadd231ss="vfnmadd231ss"
+instruction_vfnmsub132pd="vfnmsub132pd"
+instruction_vfnmsub132ps="vfnmsub132ps"
+instruction_vfnmsub132sd="vfnmsub132sd"
+instruction_vfnmsub132ss="vfnmsub132ss"
+instruction_vfnmsub213pd="vfnmsub213pd"
+instruction_vfnmsub213ps="vfnmsub213ps"
+instruction_vfnmsub213sd="vfnmsub213sd"
+instruction_vfnmsub213ss="vfnmsub213ss"
+instruction_vfnmsub231pd="vfnmsub231pd"
+instruction_vfnmsub231ps="vfnmsub231ps"
+instruction_vfnmsub231sd="vfnmsub231sd"
+instruction_vfnmsub231ss="vfnmsub231ss"
+instruction_vgatherdpd="vgatherdpd"
+instruction_vgatherdps="vgatherdps"
+instruction_vgatherqpd="vgatherqpd"
+instruction_vgatherqps="vgatherqps"
+instruction_vinsertf128="vinsertf128"
+instruction_vinserti128="vinserti128"
+instruction_vmaskmov="vmaskmov"
+instruction_vpblendd="vpblendd"
+instruction_vpbroadcast="vpbroadcast"
+instruction_vperm2f128="vperm2f128"
+instruction_vperm2i128="vperm2i128"
+instruction_vpermd="vpermd"
+instruction_vpermilpd="vpermilpd"
+instruction_vpermilps="vpermilps"
+instruction_vpermpd="vpermpd"
+instruction_vpermps="vpermps"
+instruction_vpermq="vpermq"
+instruction_vpgatherdd="vpgatherdd"
+instruction_vpgatherdq="vpgatherdq"
+instruction_vpgatherqd="vpgatherqd"
+instruction_vpgatherqq="vpgatherqq"
+instruction_vpmaskmov="vpmaskmov"
+instruction_vpsllvd="vpsllvd"
+instruction_vpsllvq="vpsllvq"
+instruction_vpsravd="vpsravd"
+instruction_vpsrlvd="vpsrlvd"
+instruction_vpsrlvq="vpsrlvq"
+instruction_vtestpd="vtestpd"
+instruction_vtestps="vtestps"
+instruction_vzeroall="vzeroall"
+instruction_vzeroupper="vzeroupper"
+instruction_wait="wait"
+instruction_wbinvd="wbinvd"
+instruction_wrfsbase="wrfsbase"
+instruction_wrgsbase="wrgsbase"
+instruction_wrmsr="wrmsr"
+instruction_xabort="xabort"
+instruction_xacquire="xacquire"
+instruction_xadd="xadd"
+instruction_xbegin="xbegin"
+instruction_xchg="xchg"
+instruction_xend="xend"
+instruction_xgetbv="xgetbv"
+instruction_xlat="xlat"
+instruction_xlatb="xlatb"
+instruction_xor="xor"
+instruction_xorpd="xorpd"
+instruction_xorps="xorps"
+instruction_xrelease="xrelease"
+instruction_xrstor="xrstor"
+instruction_xrstors="xrstors"
+instruction_xsave="xsave"
+instruction_xsavec="xsavec"
+instruction_xsaveopt="xsaveopt"
+instruction_xsaves="xsaves"
+instruction_xsetbv="xsetbv"
+instruction_xtest="xtest"
+
+register_ax="ax"
+register_eax="eax"
+register_rax="rax"
+register_rbx="rbx"
+register_rcx="rcx"
+register_rdx="rdx"
+register_r8="r8"
+register_r9="r9"
+register_r10="r10"
+register_11="r11"
+register_12="r12"
+register_13="r13"
+register_14="r14"
+register_15="r15"
+register_15b="r15b"
+register_15d="r15d"
+register_esp="esp"
+register_rsp="rsp"
+register_ebp="ebp"
+register_rbp="rbp"
+register_rip="rip"
+register_xmm0="xmm0"
+register_xmm1="xmm1"
+register_xmm2="xmm2"
+register_xmm15="xmm15"
+
+delim_comma=","
+delim_parenopen="["
+delim_parenclose="]"
+delim_parenboth="[]"
+
+misc_dword="DWORD PTR"
+misc_qword="QWORD PTR"
+
+op_plus="+"
+op_min="-"
+op_mul="*"
+op_mod="%"
+op_or="|"
+op_xor="^"
+op_and="&"
+
+imm_0="0"
+imm_1="1"
+imm_min1="-1"
+imm_a="0xfffffffffffffff0"
+
+label_a="<random@plt>"
+label_b="<main+0x59d>"
+label_c="<func>"
diff --git a/suite/afl/tests/instr- b/suite/afl/tests/instr-
new file mode 100644
index 0000000..5c4c260
--- /dev/null
+++ b/suite/afl/tests/instr-
@@ -0,0 +1 @@
+add rbx,r15
diff --git a/suite/afl/tests/instr-1 b/suite/afl/tests/instr-1
new file mode 100644
index 0000000..4222a3b
--- /dev/null
+++ b/suite/afl/tests/instr-1
@@ -0,0 +1 @@
+add rsp,0x438
diff --git a/suite/afl/tests/instr-10 b/suite/afl/tests/instr-10
new file mode 100644
index 0000000..7f2d4b8
--- /dev/null
+++ b/suite/afl/tests/instr-10
@@ -0,0 +1 @@
+lea rsp,[rsp-0x98]
diff --git a/suite/afl/tests/instr-11 b/suite/afl/tests/instr-11
new file mode 100644
index 0000000..9a0c23f
--- /dev/null
+++ b/suite/afl/tests/instr-11
@@ -0,0 +1 @@
+mov QWORD PTR [rsp+0x8],rcx
diff --git a/suite/afl/tests/instr-12 b/suite/afl/tests/instr-12
new file mode 100644
index 0000000..f78c106
--- /dev/null
+++ b/suite/afl/tests/instr-12
@@ -0,0 +1 @@
+mov eax,0x4
diff --git a/suite/afl/tests/instr-13 b/suite/afl/tests/instr-13
new file mode 100644
index 0000000..db4b6f4
--- /dev/null
+++ b/suite/afl/tests/instr-13
@@ -0,0 +1 @@
+mov ecx,eax
diff --git a/suite/afl/tests/instr-14 b/suite/afl/tests/instr-14
new file mode 100644
index 0000000..60e63ae
--- /dev/null
+++ b/suite/afl/tests/instr-14
@@ -0,0 +1 @@
+mov r13,QWORD PTR [r14+0x10]
diff --git a/suite/afl/tests/instr-15 b/suite/afl/tests/instr-15
new file mode 100644
index 0000000..512119d
--- /dev/null
+++ b/suite/afl/tests/instr-15
@@ -0,0 +1 @@
+mov ecx, 0x17e9
diff --git a/suite/afl/tests/instr-16 b/suite/afl/tests/instr-16
new file mode 100644
index 0000000..c27745a
--- /dev/null
+++ b/suite/afl/tests/instr-16
@@ -0,0 +1 @@
+nop
diff --git a/suite/afl/tests/instr-17 b/suite/afl/tests/instr-17
new file mode 100644
index 0000000..660173d
--- /dev/null
+++ b/suite/afl/tests/instr-17
@@ -0,0 +1 @@
+or edx,0x4
diff --git a/suite/afl/tests/instr-18 b/suite/afl/tests/instr-18
new file mode 100644
index 0000000..5a699ee
--- /dev/null
+++ b/suite/afl/tests/instr-18
@@ -0,0 +1 @@
+pop r12
diff --git a/suite/afl/tests/instr-19 b/suite/afl/tests/instr-19
new file mode 100644
index 0000000..ce273d2
--- /dev/null
+++ b/suite/afl/tests/instr-19
@@ -0,0 +1 @@
+push r12
diff --git a/suite/afl/tests/instr-2 b/suite/afl/tests/instr-2
new file mode 100644
index 0000000..284dc75
--- /dev/null
+++ b/suite/afl/tests/instr-2
@@ -0,0 +1 @@
+call 100002ce0 <_usage>
diff --git a/suite/afl/tests/instr-20 b/suite/afl/tests/instr-20
new file mode 100644
index 0000000..4c75d7d
--- /dev/null
+++ b/suite/afl/tests/instr-20
@@ -0,0 +1 @@
+ret
diff --git a/suite/afl/tests/instr-21 b/suite/afl/tests/instr-21
new file mode 100644
index 0000000..d1b0830
--- /dev/null
+++ b/suite/afl/tests/instr-21
@@ -0,0 +1 @@
+sub rsp,0x438
diff --git a/suite/afl/tests/instr-22 b/suite/afl/tests/instr-22
new file mode 100644
index 0000000..d90ae2d
--- /dev/null
+++ b/suite/afl/tests/instr-22
@@ -0,0 +1 @@
+test eax,eax
diff --git a/suite/afl/tests/instr-23 b/suite/afl/tests/instr-23
new file mode 100644
index 0000000..f003afd
--- /dev/null
+++ b/suite/afl/tests/instr-23
@@ -0,0 +1 @@
+xchg ax,ax
diff --git a/suite/afl/tests/instr-24 b/suite/afl/tests/instr-24
new file mode 100644
index 0000000..c29e7ec
--- /dev/null
+++ b/suite/afl/tests/instr-24
@@ -0,0 +1 @@
+xor r13d,r13d
diff --git a/suite/afl/tests/instr-3 b/suite/afl/tests/instr-3
new file mode 100644
index 0000000..9c9f788
--- /dev/null
+++ b/suite/afl/tests/instr-3
@@ -0,0 +1 @@
+cmove edx,eax
diff --git a/suite/afl/tests/instr-4 b/suite/afl/tests/instr-4
new file mode 100644
index 0000000..7701fa0
--- /dev/null
+++ b/suite/afl/tests/instr-4
@@ -0,0 +1 @@
+cmp QWORD PTR [rbp-0x450],0x0
diff --git a/suite/afl/tests/instr-5 b/suite/afl/tests/instr-5
new file mode 100644
index 0000000..3a4ade0
--- /dev/null
+++ b/suite/afl/tests/instr-5
@@ -0,0 +1 @@
+cmp eax,0xffffffff
diff --git a/suite/afl/tests/instr-6 b/suite/afl/tests/instr-6
new file mode 100644
index 0000000..4c4572f
--- /dev/null
+++ b/suite/afl/tests/instr-6
@@ -0,0 +1 @@
+inc rbx
diff --git a/suite/afl/tests/instr-7 b/suite/afl/tests/instr-7
new file mode 100644
index 0000000..53ab3d0
--- /dev/null
+++ b/suite/afl/tests/instr-7
@@ -0,0 +1 @@
+je 100002b58 <_main+0x1a58>
diff --git a/suite/afl/tests/instr-8 b/suite/afl/tests/instr-8
new file mode 100644
index 0000000..721071b
--- /dev/null
+++ b/suite/afl/tests/instr-8
@@ -0,0 +1 @@
+jne 100002c9a <_main+0x1b9a>
diff --git a/suite/afl/tests/instr-9 b/suite/afl/tests/instr-9
new file mode 100644
index 0000000..ac47d4c
--- /dev/null
+++ b/suite/afl/tests/instr-9
@@ -0,0 +1 @@
+lea r12,[rbp-0x430]
diff --git a/suite/fuzz.sh b/suite/fuzz.sh
new file mode 100755
index 0000000..be9e33e
--- /dev/null
+++ b/suite/fuzz.sh
@@ -0,0 +1,23 @@
+#!/bin/bash
+AFLFUZZ=afl-fuzz
+KSTOOL=$(pwd)/../build/kstool/kstool
+
+if [ $# -ne 1 ]; then
+ echo "Usage: fuzz.sh {arch}"
+ exit;
+fi
+
+pushd .
+cd ../build && ../make-afl.sh
+popd
+pushd .
+cd ./afl
+for arch in "$@"
+do
+ if [ -d "./dict/$arch" ]; then
+ $AFLFUZZ -i ./tests -o ./findings -x ./dict/$arch -- $KSTOOL $arch
+ else
+ $AFLFUZZ -i ./tests -o ./findings -- $KSTOOL $arch
+ fi
+done
+popd
--
GitLab