On Thu, Mar 26, 2020 at 3:44 PM Andrey Konovalov <andreyknvl@xxxxxxxxxx> wrote: > > This patchset extends kcov to allow collecting coverage from soft > interrupts and then uses the new functionality to collect coverage from > USB code. > > Any subsystem that uses softirqs (e.g. timers) can make use of this in > the future. Looking at the recent syzbot reports, an obvious candidate > is the networking subsystem [1, 2, 3 and many more]. > > [1] https://syzkaller.appspot.com/bug?extid=522ab502c69badc66ab7 > [2] https://syzkaller.appspot.com/bug?extid=57f89d05946c53dbbb31 > [3] https://syzkaller.appspot.com/bug?extid=df358e65d9c1b9d3f5f4 > > This patchset has been pushed to the public Linux kernel Gerrit instance: > > https://linux-review.googlesource.com/c/linux/kernel/git/torvalds/linux/+/2225 > > Changes v3 -> v4: > - Turn current->kcov_softirq into unsigned int to fix objtool warning. > - Fix commit author email address. > > Changes v2 -> v3: > - New patch: "kcov: fix potential use-after-free in kcov_remote_start". > - New patch: "kcov: move t->kcov assignments into kcov_start/stop". > - New patch: "kcov: move t->kcov_sequence assignment". > - New patch: "kcov: use t->kcov_mode as enabled indicator". > - Dropped out-of-memory error message from kcov_init() as checkpatch > complains. > - Use a single local_irq_disable section when accessing per-task kcov > variables in kcov_remote_start/stop(). > > Changes v1 -> v2: > - Add local_irq_save/restore() critical sections to simplify dealing with > softirqs happening during kcov_remote_start/stop(). > - Set kcov_softirq after flag kcov_start() in kcov_remote_start(). > > Changes RFC -> v1: > - Don't support hardirq or nmi, only softirq, to avoid issues with nested > interrupts. > - Combined multiple per-cpu variables into one. > - Used plain accesses and kcov_start/stop() instead of xchg()'s. > - Simplified handling of per-cpu variables. > - Avoid disabling interrupts for the whole kcov_remote_start/stop() > region. > - Avoid overwriting t->kcov_sequence when saving/restoring state. > - Move kcov_remote_start/stop_usb() annotations into > __usb_hcd_giveback_urb() to cover all urb complete() callbacks at once. > - Drop unneeded Dummy HCD changes. > - Split out a patch that removed debug messages. > > Signed-off-by: Andrey Konovalov <andreyknvl@xxxxxxxxxx> > > Andrey Konovalov (7): > kcov: cleanup debug messages > kcov: fix potential use-after-free in kcov_remote_start > kcov: move t->kcov assignments into kcov_start/stop > kcov: move t->kcov_sequence assignment > kcov: use t->kcov_mode as enabled indicator > kcov: collect coverage from interrupts > usb: core: kcov: collect coverage from usb complete callback > > Documentation/dev-tools/kcov.rst | 17 +- > drivers/usb/core/hcd.c | 3 + > include/linux/sched.h | 3 + > kernel/kcov.c | 266 ++++++++++++++++++++++--------- > lib/Kconfig.debug | 9 ++ > 5 files changed, 213 insertions(+), 85 deletions(-) > > -- > 2.26.0.rc2.310.g2932bb562d-goog > Hi Andrew, This series is ready to be sent upstream. Thanks for bearing with us!
