fuzz tester for ZFS fiemap ioctl

fiefuzz.c

#include <stdio.h>
#include <fcntl.h>
#include <unistd.h>
#include <stdlib.h>
#include <stdint.h>
#include <sys/types.h>
#include <sys/stat.h>
#include <sys/ioctl.h>
#include <linux/fs.h>
#include <linux/fiemap.h>
#include <errno.h>

unsigned int saferand(void)
{
	static int start = 1;
	if (start % 1000000 == 0)
		printf("Fuzzing with randoms between 0-%d (RAND_MAX=%d)\n", start, RAND_MAX);
	return rand() % ++start;
}
static int
fiemap_ioctl(int fd)
{
	struct fiemap *fiemap;
	size_t size;
	unsigned extents;
	int error;

	extents = saferand();
	size += sizeof(*fiemap) + sizeof (struct fiemap_extent) * extents;

	fiemap = calloc(1, size);
	if (fiemap == NULL)
		return (errno);

	/*
	 * Read all reported extents.
	 */
	fiemap->fm_start = saferand();
	fiemap->fm_length = saferand();
	fiemap->fm_flags = saferand();
	if (rand() % 2 == 1)
		fiemap->fm_extent_count = extents;
	else
		fiemap->fm_extent_count = saferand();

	fiemap->fm_mapped_extents = saferand();

	error = ioctl(fd, FS_IOC_FIEMAP, fiemap);
	if (error >= 0) {
		printf("%s: no error! %d\n", __func__, error);
	}
	free(fiemap);

	return (error);
}

int main(int argc, char **argv)
{
	int fd;

	srand(getpid());
	if ((fd = open(argv[1], O_RDONLY)) < 0) {
		printf("%s: bad file num\n", __func__);
		return (errno);
	}
	while (1) 
		fiemap_ioctl(fd);
	close(fd);

}