|
@@ -758,8 +758,13 @@ static int locate_fuzz_memory_regions(Object *child, void *opaque)
|
|
|
|
|
|
static int locate_fuzz_objects(Object *child, void *opaque)
|
|
static int locate_fuzz_objects(Object *child, void *opaque)
|
|
{
|
|
{
|
|
|
|
+ GString *type_name;
|
|
|
|
+ GString *path_name;
|
|
char *pattern = opaque;
|
|
char *pattern = opaque;
|
|
- if (g_pattern_match_simple(pattern, object_get_typename(child))) {
|
|
|
|
|
|
+
|
|
|
|
+ type_name = g_string_new(object_get_typename(child));
|
|
|
|
+ g_string_ascii_down(type_name);
|
|
|
|
+ if (g_pattern_match_simple(pattern, type_name->str)) {
|
|
/* Find and save ptrs to any child MemoryRegions */
|
|
/* Find and save ptrs to any child MemoryRegions */
|
|
object_child_foreach_recursive(child, locate_fuzz_memory_regions, NULL);
|
|
object_child_foreach_recursive(child, locate_fuzz_memory_regions, NULL);
|
|
|
|
|
|
@@ -776,8 +781,9 @@ static int locate_fuzz_objects(Object *child, void *opaque)
|
|
g_ptr_array_add(fuzzable_pci_devices, PCI_DEVICE(child));
|
|
g_ptr_array_add(fuzzable_pci_devices, PCI_DEVICE(child));
|
|
}
|
|
}
|
|
} else if (object_dynamic_cast(OBJECT(child), TYPE_MEMORY_REGION)) {
|
|
} else if (object_dynamic_cast(OBJECT(child), TYPE_MEMORY_REGION)) {
|
|
- if (g_pattern_match_simple(pattern,
|
|
|
|
- object_get_canonical_path_component(child))) {
|
|
|
|
|
|
+ path_name = g_string_new(object_get_canonical_path_component(child));
|
|
|
|
+ g_string_ascii_down(path_name);
|
|
|
|
+ if (g_pattern_match_simple(pattern, path_name->str)) {
|
|
MemoryRegion *mr;
|
|
MemoryRegion *mr;
|
|
mr = MEMORY_REGION(child);
|
|
mr = MEMORY_REGION(child);
|
|
if ((memory_region_is_ram(mr) ||
|
|
if ((memory_region_is_ram(mr) ||
|
|
@@ -786,7 +792,9 @@ static int locate_fuzz_objects(Object *child, void *opaque)
|
|
g_hash_table_insert(fuzzable_memoryregions, mr, (gpointer)true);
|
|
g_hash_table_insert(fuzzable_memoryregions, mr, (gpointer)true);
|
|
}
|
|
}
|
|
}
|
|
}
|
|
|
|
+ g_string_free(path_name, true);
|
|
}
|
|
}
|
|
|
|
+ g_string_free(type_name, true);
|
|
return 0;
|
|
return 0;
|
|
}
|
|
}
|
|
|
|
|
|
@@ -814,6 +822,7 @@ static void generic_pre_fuzz(QTestState *s)
|
|
MemoryRegion *mr;
|
|
MemoryRegion *mr;
|
|
QPCIBus *pcibus;
|
|
QPCIBus *pcibus;
|
|
char **result;
|
|
char **result;
|
|
|
|
+ GString *name_pattern;
|
|
|
|
|
|
if (!getenv("QEMU_FUZZ_OBJECTS")) {
|
|
if (!getenv("QEMU_FUZZ_OBJECTS")) {
|
|
usage();
|
|
usage();
|
|
@@ -843,10 +852,17 @@ static void generic_pre_fuzz(QTestState *s)
|
|
|
|
|
|
result = g_strsplit(getenv("QEMU_FUZZ_OBJECTS"), " ", -1);
|
|
result = g_strsplit(getenv("QEMU_FUZZ_OBJECTS"), " ", -1);
|
|
for (int i = 0; result[i] != NULL; i++) {
|
|
for (int i = 0; result[i] != NULL; i++) {
|
|
|
|
+ name_pattern = g_string_new(result[i]);
|
|
|
|
+ /*
|
|
|
|
+ * Make the pattern lowercase. We do the same for all the MemoryRegion
|
|
|
|
+ * and Type names so the configs are case-insensitive.
|
|
|
|
+ */
|
|
|
|
+ g_string_ascii_down(name_pattern);
|
|
printf("Matching objects by name %s\n", result[i]);
|
|
printf("Matching objects by name %s\n", result[i]);
|
|
object_child_foreach_recursive(qdev_get_machine(),
|
|
object_child_foreach_recursive(qdev_get_machine(),
|
|
locate_fuzz_objects,
|
|
locate_fuzz_objects,
|
|
- result[i]);
|
|
|
|
|
|
+ name_pattern->str);
|
|
|
|
+ g_string_free(name_pattern, true);
|
|
}
|
|
}
|
|
g_strfreev(result);
|
|
g_strfreev(result);
|
|
printf("This process will try to fuzz the following MemoryRegions:\n");
|
|
printf("This process will try to fuzz the following MemoryRegions:\n");
|