On Thu, Mar 26, 2020 at 3:44 PM Andrey Konovalov <andreyknvl@xxxxxxxxxx> wrote: > > This patch adds kcov_remote_start/stop() callbacks around the urb > complete() callback that is executed in softirq context when dummy_hcd > is in use. As the result, kcov can be used to collect coverage from those > callbacks, which is used to facilitate coverage-guided fuzzing with > syzkaller. > > Signed-off-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx> Reviewed-by: Dmitry Vyukov <dvyukov@xxxxxxxxxx> > --- > drivers/usb/core/hcd.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c > index aa45840d8273..de624c47e190 100644 > --- a/drivers/usb/core/hcd.c > +++ b/drivers/usb/core/hcd.c > @@ -31,6 +31,7 @@ > #include <linux/types.h> > #include <linux/genalloc.h> > #include <linux/io.h> > +#include <linux/kcov.h> > > #include <linux/phy/phy.h> > #include <linux/usb.h> > @@ -1645,7 +1646,9 @@ static void __usb_hcd_giveback_urb(struct urb *urb) > > /* pass ownership to the completion handler */ > urb->status = status; > + kcov_remote_start_usb((u64)urb->dev->bus->busnum); > urb->complete(urb); > + kcov_remote_stop(); > > usb_anchor_resume_wakeups(anchor); > atomic_dec(&urb->use_count); > -- > 2.26.0.rc2.310.g2932bb562d-goog >
