Re: [PATCH] x86/kexec: Disable KCOV instrumentation after load_segments()

Next message: Alice Ryhl: "Re: [PATCH 10/79] block: rust: add `command` getter to `Request`"
Previous message: Alice Ryhl: "Re: [PATCH 11/79] block: rust: mq: use GFP_KERNEL from prelude"
In reply to: Aleksandr Nogikh: "Re: [PATCH] x86/kexec: Disable KCOV instrumentation after load_segments()"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: Borislav Petkov

Date: Mon Mar 16 2026 - 06:31:49 EST

On Mon, Mar 16, 2026 at 11:07:15AM +0100, Aleksandr Nogikh wrote:
> Some more context:
> The problem I am trying to solve is enabling crash dump collection in
> syzkaller. For this, the tool loads a panic kernel before fuzzing and
> then calls makedumpfile after the panic (which fails due to the bug I
> mentioned in the patch). It requires both KEXEC and KCOV.
>
> The most whack-a-mole solution was to disable instrumentation for
> several functions called after load_segments(); this particular patch
> is more generic, but yes, it can still be fragile. Another approach
> would be to add more checks to
> __sanitizer_cov_trace_pc()/check_kcov_mode(), but this would also be
> somewhat undesirable as it would slow KCOV down even further.

I guess...

So I'd like the *real* justification - the context you just gave - for this
to be put somewhere over the code, I guess in both Makefiles so that it is
clear why we're doing this.

I guess those two compilation units will be excluded from KCOV fuzzing and if
someone wants to do coverage-guided fuzzing for them, then someone would have
to come up with a different solution, like, I dunno, putting only the
relevant, simple functions into a separate compilation unit which would be the
only one excluded from KCOV instrumentation or something more clever and less
whack-a-mole-y...

Thx.

--
Regards/Gruss,
Boris.

https://people.kernel.org/tglx/notes-about-netiquette