@@ -1,4 +1,5 @@
#include <assert.h>
+#include <limits.h>
#include <stdint.h>
#include <stdio.h>
#include <stdlib.h>
@@ -24,11 +25,13 @@ int main(int argc, char **argv)
OPT_MIN_SIZE,
OPT_COMPACT,
OPT_RERUN,
+ OPT_INSTRUCTION_LIMIT,
};
static const struct option lopts[] = {
{ "min-input-size", no_argument, NULL, OPT_MIN_SIZE },
{ "compact", required_argument, NULL, OPT_COMPACT },
{ "rerun", no_argument, NULL, OPT_RERUN },
+ { "instruction-limit", required_argument, NULL, OPT_INSTRUCTION_LIMIT },
{ 0, 0, 0, 0 }
};
int c = getopt_long_only(argc, argv, "", lopts, NULL);
@@ -51,8 +54,14 @@ int main(int argc, char **argv)
opt_rerun = true;
break;
+ case OPT_INSTRUCTION_LIMIT:
+ opt_instruction_limit = atoi(optarg);
+ if ( !opt_instruction_limit )
+ opt_instruction_limit = UINT_MAX;
+ break;
+
case '?':
- printf("Usage: %s [--compact=0|1] [--rerun] $FILE [$FILE...] | [--min-input-size]\n", argv[0]);
+ printf("Usage: %s [--compact=0|1] [--rerun] [--instruction-limit=N] $FILE [$FILE...] | [--min-input-size]\n", argv[0]);
exit(-1);
break;
@@ -984,10 +984,13 @@ static void setup_fuzz_state(struct fuzz_state *state, const void *data_p, size_
state->data_num = size;
}
+unsigned int opt_instruction_limit = UINT_MAX;
+
static int runtest(struct fuzz_state *state) {
int rc;
struct x86_emulate_ctxt *ctxt = &state->ctxt;
+ unsigned int icount = 0;
state->ops = all_fuzzer_ops;
@@ -1011,7 +1014,7 @@ static int runtest(struct fuzz_state *state) {
rc = x86_emulate(ctxt, &state->ops);
printf("Emulation result: %d\n", rc);
- } while ( rc == X86EMUL_OKAY );
+ } while ( rc == X86EMUL_OKAY && ++icount < opt_instruction_limit );
save_fpu_state(state->fxsave);
@@ -7,6 +7,7 @@ extern unsigned int fuzz_minimal_input_size(void);
extern bool opt_compact;
extern bool opt_rerun;
+extern unsigned int opt_instruction_limit;
#define INPUT_SIZE 4096