1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
|
#include "utils.h"
/* Random number seed
*/
uint32_t lcg_seed;
/*----------------------------------------------------------------------------*\
* CRC-32 version 2.0.0 by Craig Bruce, 2006-04-29.
*
* This program generates the CRC-32 values for the files named in the
* command-line arguments. These are the same CRC-32 values used by GZIP,
* PKZIP, and ZMODEM. The Crc32_ComputeBuf () can also be detached and
* used independently.
*
* THIS PROGRAM IS PUBLIC-DOMAIN SOFTWARE.
*
* Based on the byte-oriented implementation "File Verification Using CRC"
* by Mark R. Nelson in Dr. Dobb's Journal, May 1992, pp. 64-67.
*
* v1.0.0: original release.
* v1.0.1: fixed printf formats.
* v1.0.2: fixed something else.
* v1.0.3: replaced CRC constant table by generator function.
* v1.0.4: reformatted code, made ANSI C. 1994-12-05.
* v2.0.0: rewrote to use memory buffer & static table, 2006-04-29.
\*----------------------------------------------------------------------------*/
/*----------------------------------------------------------------------------*\
* NAME:
* Crc32_ComputeBuf () - computes the CRC-32 value of a memory buffer
* DESCRIPTION:
* Computes or accumulates the CRC-32 value for a memory buffer.
* The 'inCrc32' gives a previously accumulated CRC-32 value to allow
* a CRC to be generated for multiple sequential buffer-fuls of data.
* The 'inCrc32' for the first buffer must be zero.
* ARGUMENTS:
* inCrc32 - accumulated CRC-32 value, must be 0 on first call
* buf - buffer to compute CRC-32 value for
* bufLen - number of bytes in buffer
* RETURNS:
* crc32 - computed CRC-32 value
* ERRORS:
* (no errors are possible)
\*----------------------------------------------------------------------------*/
uint32_t
compute_crc32 (uint32_t in_crc32,
const void *buf,
size_t buf_len)
{
static const uint32_t crc_table[256] = {
0x00000000, 0x77073096, 0xEE0E612C, 0x990951BA, 0x076DC419, 0x706AF48F,
0xE963A535, 0x9E6495A3, 0x0EDB8832, 0x79DCB8A4, 0xE0D5E91E, 0x97D2D988,
0x09B64C2B, 0x7EB17CBD, 0xE7B82D07, 0x90BF1D91, 0x1DB71064, 0x6AB020F2,
0xF3B97148, 0x84BE41DE, 0x1ADAD47D, 0x6DDDE4EB, 0xF4D4B551, 0x83D385C7,
0x136C9856, 0x646BA8C0, 0xFD62F97A, 0x8A65C9EC, 0x14015C4F, 0x63066CD9,
0xFA0F3D63, 0x8D080DF5, 0x3B6E20C8, 0x4C69105E, 0xD56041E4, 0xA2677172,
0x3C03E4D1, 0x4B04D447, 0xD20D85FD, 0xA50AB56B, 0x35B5A8FA, 0x42B2986C,
0xDBBBC9D6, 0xACBCF940, 0x32D86CE3, 0x45DF5C75, 0xDCD60DCF, 0xABD13D59,
0x26D930AC, 0x51DE003A, 0xC8D75180, 0xBFD06116, 0x21B4F4B5, 0x56B3C423,
0xCFBA9599, 0xB8BDA50F, 0x2802B89E, 0x5F058808, 0xC60CD9B2, 0xB10BE924,
0x2F6F7C87, 0x58684C11, 0xC1611DAB, 0xB6662D3D, 0x76DC4190, 0x01DB7106,
0x98D220BC, 0xEFD5102A, 0x71B18589, 0x06B6B51F, 0x9FBFE4A5, 0xE8B8D433,
0x7807C9A2, 0x0F00F934, 0x9609A88E, 0xE10E9818, 0x7F6A0DBB, 0x086D3D2D,
0x91646C97, 0xE6635C01, 0x6B6B51F4, 0x1C6C6162, 0x856530D8, 0xF262004E,
0x6C0695ED, 0x1B01A57B, 0x8208F4C1, 0xF50FC457, 0x65B0D9C6, 0x12B7E950,
0x8BBEB8EA, 0xFCB9887C, 0x62DD1DDF, 0x15DA2D49, 0x8CD37CF3, 0xFBD44C65,
0x4DB26158, 0x3AB551CE, 0xA3BC0074, 0xD4BB30E2, 0x4ADFA541, 0x3DD895D7,
0xA4D1C46D, 0xD3D6F4FB, 0x4369E96A, 0x346ED9FC, 0xAD678846, 0xDA60B8D0,
0x44042D73, 0x33031DE5, 0xAA0A4C5F, 0xDD0D7CC9, 0x5005713C, 0x270241AA,
0xBE0B1010, 0xC90C2086, 0x5768B525, 0x206F85B3, 0xB966D409, 0xCE61E49F,
0x5EDEF90E, 0x29D9C998, 0xB0D09822, 0xC7D7A8B4, 0x59B33D17, 0x2EB40D81,
0xB7BD5C3B, 0xC0BA6CAD, 0xEDB88320, 0x9ABFB3B6, 0x03B6E20C, 0x74B1D29A,
0xEAD54739, 0x9DD277AF, 0x04DB2615, 0x73DC1683, 0xE3630B12, 0x94643B84,
0x0D6D6A3E, 0x7A6A5AA8, 0xE40ECF0B, 0x9309FF9D, 0x0A00AE27, 0x7D079EB1,
0xF00F9344, 0x8708A3D2, 0x1E01F268, 0x6906C2FE, 0xF762575D, 0x806567CB,
0x196C3671, 0x6E6B06E7, 0xFED41B76, 0x89D32BE0, 0x10DA7A5A, 0x67DD4ACC,
0xF9B9DF6F, 0x8EBEEFF9, 0x17B7BE43, 0x60B08ED5, 0xD6D6A3E8, 0xA1D1937E,
0x38D8C2C4, 0x4FDFF252, 0xD1BB67F1, 0xA6BC5767, 0x3FB506DD, 0x48B2364B,
0xD80D2BDA, 0xAF0A1B4C, 0x36034AF6, 0x41047A60, 0xDF60EFC3, 0xA867DF55,
0x316E8EEF, 0x4669BE79, 0xCB61B38C, 0xBC66831A, 0x256FD2A0, 0x5268E236,
0xCC0C7795, 0xBB0B4703, 0x220216B9, 0x5505262F, 0xC5BA3BBE, 0xB2BD0B28,
0x2BB45A92, 0x5CB36A04, 0xC2D7FFA7, 0xB5D0CF31, 0x2CD99E8B, 0x5BDEAE1D,
0x9B64C2B0, 0xEC63F226, 0x756AA39C, 0x026D930A, 0x9C0906A9, 0xEB0E363F,
0x72076785, 0x05005713, 0x95BF4A82, 0xE2B87A14, 0x7BB12BAE, 0x0CB61B38,
0x92D28E9B, 0xE5D5BE0D, 0x7CDCEFB7, 0x0BDBDF21, 0x86D3D2D4, 0xF1D4E242,
0x68DDB3F8, 0x1FDA836E, 0x81BE16CD, 0xF6B9265B, 0x6FB077E1, 0x18B74777,
0x88085AE6, 0xFF0F6A70, 0x66063BCA, 0x11010B5C, 0x8F659EFF, 0xF862AE69,
0x616BFFD3, 0x166CCF45, 0xA00AE278, 0xD70DD2EE, 0x4E048354, 0x3903B3C2,
0xA7672661, 0xD06016F7, 0x4969474D, 0x3E6E77DB, 0xAED16A4A, 0xD9D65ADC,
0x40DF0B66, 0x37D83BF0, 0xA9BCAE53, 0xDEBB9EC5, 0x47B2CF7F, 0x30B5FFE9,
0xBDBDF21C, 0xCABAC28A, 0x53B39330, 0x24B4A3A6, 0xBAD03605, 0xCDD70693,
0x54DE5729, 0x23D967BF, 0xB3667A2E, 0xC4614AB8, 0x5D681B02, 0x2A6F2B94,
0xB40BBE37, 0xC30C8EA1, 0x5A05DF1B, 0x2D02EF8D
};
uint32_t crc32;
unsigned char * byte_buf;
size_t i;
/* accumulate crc32 for buffer */
crc32 = in_crc32 ^ 0xFFFFFFFF;
byte_buf = (unsigned char*) buf;
for (i = 0; i < buf_len; i++)
crc32 = (crc32 >> 8) ^ crc_table[(crc32 ^ byte_buf[i]) & 0xFF];
return (crc32 ^ 0xFFFFFFFF);
}
/* perform endian conversion of pixel data
*/
void
image_endian_swap (pixman_image_t *img, int bpp)
{
int stride = pixman_image_get_stride (img);
uint32_t *data = pixman_image_get_data (img);
int height = pixman_image_get_height (img);
int i, j;
/* swap bytes only on big endian systems */
volatile uint16_t endian_check_var = 0x1234;
if (*(volatile uint8_t *)&endian_check_var != 0x12)
return;
for (i = 0; i < height; i++)
{
uint8_t *line_data = (uint8_t *)data + stride * i;
/* swap bytes only for 16, 24 and 32 bpp for now */
switch (bpp)
{
case 1:
for (j = 0; j < stride; j++)
{
line_data[j] =
((line_data[j] & 0x80) >> 7) |
((line_data[j] & 0x40) >> 5) |
((line_data[j] & 0x20) >> 3) |
((line_data[j] & 0x10) >> 1) |
((line_data[j] & 0x08) << 1) |
((line_data[j] & 0x04) << 3) |
((line_data[j] & 0x02) << 5) |
((line_data[j] & 0x01) << 7);
}
break;
case 4:
for (j = 0; j < stride; j++)
{
line_data[j] = (line_data[j] >> 4) | (line_data[j] << 4);
}
break;
case 16:
for (j = 0; j + 2 <= stride; j += 2)
{
char t1 = line_data[j + 0];
char t2 = line_data[j + 1];
line_data[j + 1] = t1;
line_data[j + 0] = t2;
}
break;
case 24:
for (j = 0; j + 3 <= stride; j += 3)
{
char t1 = line_data[j + 0];
char t2 = line_data[j + 1];
char t3 = line_data[j + 2];
line_data[j + 2] = t1;
line_data[j + 1] = t2;
line_data[j + 0] = t3;
}
break;
case 32:
for (j = 0; j + 4 <= stride; j += 4)
{
char t1 = line_data[j + 0];
char t2 = line_data[j + 1];
char t3 = line_data[j + 2];
char t4 = line_data[j + 3];
line_data[j + 3] = t1;
line_data[j + 2] = t2;
line_data[j + 1] = t3;
line_data[j + 0] = t4;
}
break;
default:
break;
}
}
}
uint8_t *
make_random_bytes (int n_bytes)
{
uint8_t *bytes = malloc (n_bytes);
int i;
if (!bytes)
return NULL;
for (i = 0; i < n_bytes; ++i)
bytes[i] = lcg_rand () & 0xff;
return bytes;
}
/*
* A function, which can be used as a core part of the test programs,
* intended to detect various problems with the help of fuzzing input
* to pixman API (according to some templates, aka "smart" fuzzing).
* Some general information about such testing can be found here:
* http://en.wikipedia.org/wiki/Fuzz_testing
*
* It may help detecting:
* - crashes on bad handling of valid or reasonably invalid input to
* pixman API.
* - deviations from the behavior of older pixman releases.
* - deviations from the behavior of the same pixman release, but
* configured in a different way (for example with SIMD optimizations
* disabled), or running on a different OS or hardware.
*
* The test is performed by calling a callback function a huge number
* of times. The callback function is expected to run some snippet of
* pixman code with pseudorandom variations to the data feeded to
* pixman API. A result of running each callback function should be
* some deterministic value which depends on test number (test number
* can be used as a seed for PRNG). When 'verbose' argument is nonzero,
* callback function is expected to print to stdout some information
* about what it does.
*
* Return values from many small tests are accumulated together and
* used as final checksum, which can be compared to some expected
* value. Running the tests not individually, but in a batch helps
* to reduce process start overhead and also allows to parallelize
* testing and utilize multiple CPU cores.
*
* The resulting executable can be run without any arguments. In
* this case it runs a batch of tests starting from 1 and up to
* 'default_number_of_iterations'. The resulting checksum is
* compared with 'expected_checksum' and FAIL or PASS verdict
* depends on the result of this comparison.
*
* If the executable is run with 2 numbers provided as command line
* arguments, they specify the starting and ending numbers for a test
* batch.
*
* If the executable is run with only one number provided as a command
* line argument, then this number is used to call the callback function
* once, and also with verbose flag set.
*/
int
fuzzer_test_main (const char *test_name,
int default_number_of_iterations,
uint32_t expected_checksum,
uint32_t (*test_function)(int testnum, int verbose),
int argc,
const char *argv[])
{
int i, n1 = 1, n2 = 0;
uint32_t checksum = 0;
int verbose = getenv ("VERBOSE") != NULL;
if (argc >= 3)
{
n1 = atoi (argv[1]);
n2 = atoi (argv[2]);
if (n2 < n1)
{
printf ("invalid test range\n");
return 1;
}
}
else if (argc >= 2)
{
n2 = atoi (argv[1]);
checksum = test_function (n2, 1);
printf ("%d: checksum=%08X\n", n2, checksum);
return 0;
}
else
{
n1 = 1;
n2 = default_number_of_iterations;
}
#pragma omp parallel for reduction(+:checksum) default(none) \
shared(n1, n2, test_function, verbose)
for (i = n1; i <= n2; i++)
{
uint32_t crc = test_function (i, 0);
if (verbose)
printf ("%d: %08X\n", i, crc);
checksum += crc;
}
if (n1 == 1 && n2 == default_number_of_iterations)
{
if (checksum == expected_checksum)
{
printf ("%s test passed (checksum=%08X)\n",
test_name, checksum);
}
else
{
printf ("%s test failed! (checksum=%08X, expected %08X)\n",
test_name, checksum, expected_checksum);
return 1;
}
}
else
{
printf ("%d-%d: checksum=%08X\n", n1, n2, checksum);
}
return 0;
}
|
