This KCOV extension by Andrey allows syzkaller to collect coverage from background kernel threads e.g. parsing incoming USB packets and unambiguously associate it with one of multiple parallel test processes running. To some degree unique for fuzzing coverage. Moar bugs coming!https://twitter.com/andreyknvl/status/1221784089340121088 …
-
-
Nice!
@dvyukov how does it map back the syscall <-> coverage relationship? For regular syscalls you have per-thread coverage, which is fine. -
Good Q. It needs explicit annotations for code regions in kernel threads with some ID that matches ID armed in the test process KCOV. Eg USB code says "here I process request for USB bus 42", test process - "I am working with USB bus 42, gimme that coverage".
Kraj razgovora
Novi razgovor -
Čini se da učitavanje traje već neko vrijeme.
Twitter je možda preopterećen ili ima kratkotrajnih poteškoća u radu. Pokušajte ponovno ili potražite dodatne informacije u odjeljku Status Twittera.