| Message ID | 32bce32c8b88c2f88cd0a8acfcdb5d3a6e894632.1583778264.git.andreyknvl@google.com (mailing list archive) |
|---|---|
| State | Superseded |
| Headers | show |
| Series | kcov: collect coverage from usb soft interrupts | expand |
On 20-03-09 19:27:06, Andrey Konovalov wrote: > This patch adds kcov_remote_start/stop() callbacks around the urb > complete() callback that is executed in softirq context when dummy_hcd > is in use. As the result, kcov can be used to collect coverage from those > those callbacks, which is used to facilitate coverage-guided fuzzing with Typo, One more "those" Peter > syzkaller. > > Signed-off-by: Andrey Konovalov <andreyknvl@google.com> > --- > drivers/usb/core/hcd.c | 3 +++ > 1 file changed, 3 insertions(+) > > diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c > index aa45840d8273..de624c47e190 100644 > --- a/drivers/usb/core/hcd.c > +++ b/drivers/usb/core/hcd.c > @@ -31,6 +31,7 @@ > #include <linux/types.h> > #include <linux/genalloc.h> > #include <linux/io.h> > +#include <linux/kcov.h> > > #include <linux/phy/phy.h> > #include <linux/usb.h> > @@ -1645,7 +1646,9 @@ static void __usb_hcd_giveback_urb(struct urb *urb) > > /* pass ownership to the completion handler */ > urb->status = status; > + kcov_remote_start_usb((u64)urb->dev->bus->busnum); > urb->complete(urb); > + kcov_remote_stop(); > > usb_anchor_resume_wakeups(anchor); > atomic_dec(&urb->use_count); > -- > 2.25.1.481.gfbce0eb801-goog >
On Thu, Mar 12, 2020 at 10:39 AM Peter Chen <peter.chen@nxp.com> wrote: > > On 20-03-09 19:27:06, Andrey Konovalov wrote: > > This patch adds kcov_remote_start/stop() callbacks around the urb > > complete() callback that is executed in softirq context when dummy_hcd > > is in use. As the result, kcov can be used to collect coverage from those > > those callbacks, which is used to facilitate coverage-guided fuzzing with > > Typo, One more "those" Will fix in v3, thanks Peter! > > Peter > > > syzkaller. > > > > Signed-off-by: Andrey Konovalov <andreyknvl@google.com> > > --- > > drivers/usb/core/hcd.c | 3 +++ > > 1 file changed, 3 insertions(+) > > > > diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c > > index aa45840d8273..de624c47e190 100644 > > --- a/drivers/usb/core/hcd.c > > +++ b/drivers/usb/core/hcd.c > > @@ -31,6 +31,7 @@ > > #include <linux/types.h> > > #include <linux/genalloc.h> > > #include <linux/io.h> > > +#include <linux/kcov.h> > > > > #include <linux/phy/phy.h> > > #include <linux/usb.h> > > @@ -1645,7 +1646,9 @@ static void __usb_hcd_giveback_urb(struct urb *urb) > > > > /* pass ownership to the completion handler */ > > urb->status = status; > > + kcov_remote_start_usb((u64)urb->dev->bus->busnum); > > urb->complete(urb); > > + kcov_remote_stop(); > > > > usb_anchor_resume_wakeups(anchor); > > atomic_dec(&urb->use_count); > > -- > > 2.25.1.481.gfbce0eb801-goog > > > > -- > > Thanks, > Peter Chen
diff --git a/drivers/usb/core/hcd.c b/drivers/usb/core/hcd.c index aa45840d8273..de624c47e190 100644 --- a/drivers/usb/core/hcd.c +++ b/drivers/usb/core/hcd.c @@ -31,6 +31,7 @@ #include <linux/types.h> #include <linux/genalloc.h> #include <linux/io.h> +#include <linux/kcov.h> #include <linux/phy/phy.h> #include <linux/usb.h> @@ -1645,7 +1646,9 @@ static void __usb_hcd_giveback_urb(struct urb *urb) /* pass ownership to the completion handler */ urb->status = status; + kcov_remote_start_usb((u64)urb->dev->bus->busnum); urb->complete(urb); + kcov_remote_stop(); usb_anchor_resume_wakeups(anchor); atomic_dec(&urb->use_count);
This patch adds kcov_remote_start/stop() callbacks around the urb complete() callback that is executed in softirq context when dummy_hcd is in use. As the result, kcov can be used to collect coverage from those those callbacks, which is used to facilitate coverage-guided fuzzing with syzkaller. Signed-off-by: Andrey Konovalov <andreyknvl@google.com> --- drivers/usb/core/hcd.c | 3 +++ 1 file changed, 3 insertions(+)