Re: [PATCH 0/3] kcov: collect coverage from usb and vhost
From: Dmitry Vyukov
Date: Wed Oct 23 2019 - 04:37:27 EST
On Tue, Oct 22, 2019 at 6:46 PM Andrey Konovalov <andreyknvl@xxxxxxxxxx> wrote:
>
> This patchset extends kcov to allow collecting coverage from the USB
> subsystem and vhost workers. See the first patch description for details
> about the kcov extension. The other two patches apply this kcov extension
> to USB and vhost.
>
> These patches have been used to enable coverage-guided USB fuzzing with
> syzkaller for the last few years, see the details here:
>
> https://github.com/google/syzkaller/blob/master/docs/linux/external_fuzzing_usb.md
>
> This patchset has been pushed to the public Linux kernel Gerrit instance:
>
> https://linux-review.googlesource.com/c/linux/kernel/git/torvalds/linux/+/1524
Oh, so much easier to review with side-by-side diffs, context and
smart in-line colouring!
> Changes from RFC v1:
> - Remove unnecessary #ifdef's from drivers/vhost/vhost.c.
> - Reset t->kcov when area allocation fails in kcov_remote_start().
> - Use struct_size to calculate array size in kcov_ioctl().
> - Add a limit on area_size in kcov_remote_arg.
> - Added kcov_disable() helper.
> - Changed encoding of kcov remote handle ids, see the documentation.
> - Added a comment reference for kcov_sequence task_struct field.
> - Change common_handle type to u32.
> - Add checks for handle validity into kcov_ioctl_locked() and
> kcov_remote_start().
> - Updated documentation to reflect the changes.
>
> Andrey Konovalov (3):
> kcov: remote coverage support
> usb, kcov: collect coverage from hub_event
> vhost, kcov: collect coverage from vhost_worker
>
> Documentation/dev-tools/kcov.rst | 120 ++++++++
> drivers/usb/core/hub.c | 5 +
> drivers/vhost/vhost.c | 6 +
> drivers/vhost/vhost.h | 1 +
> include/linux/kcov.h | 6 +
> include/linux/sched.h | 6 +
> include/uapi/linux/kcov.h | 20 ++
> kernel/kcov.c | 464 ++++++++++++++++++++++++++++---
> 8 files changed, 593 insertions(+), 35 deletions(-)
>
> --
> 2.23.0.866.gb869b98d4c-goog
>