how to generage code coverage for out-of-tree build linux pcie driver?

[erdong zhang]

I want to test my PCIe driver using syzkaller; this driver provides a character device. During testing, I don’t care about the code coverage of the Linux kernel itself, I want is  the code coverage of my PCIe driver. My PCIe driver is an out-of-tree kernel module. However, when I open the coverage information panel on the web server, I cannot find the code coverage data for my PCIe driver. What should I do to generate the code coverage for my module?

[Taras Madan]

Hi. Please share your syzkaller config to make the question more clear/specific.

On Tue, Aug 26, 2025 at 8:37 AM erdong zhang <zhanger...@gmail.com> wrote:

I want to test my PCIe driver using syzkaller; this driver provides a character device. During testing, I don’t care about the code coverage of the Linux kernel itself, I want is  the code coverage of my PCIe driver. My PCIe driver is an out-of-tree kernel module. However, when I open the coverage information panel on the web server, I cannot find the code coverage data for my PCIe driver. What should I do to generate the code coverage for my module?

--
You received this message because you are subscribed to the Google Groups "syzkaller" group.
To unsubscribe from this group and stop receiving emails from it, send an email to syzkaller+...@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/syzkaller/5a3f0455-9a69-44c1-855b-893ed4f36c69n%40googlegroups.com.

[erdong zhang]

Hi

My linux kernel src and build dir is `/home/zhanged/zhanged/code/linux` and my kernel module dir is `/opt/sw_home/sdk/ixdriver/kmd`.

syz-manage config as followings:

`

syzkaller # cat ilu.cfg
{
        "target": "linux/amd64",
        "http": "10.208.17.77:56740",
        "workdir": "/root/zhanged/syzkaller/work_dir/",
        "kernel_obj": "/home/zhanged/zhanged/code/linux/",
        "kernel_src": "/home/zhanged/zhanged/code/linux/",
"module_obj": ["/opt/sw_home/sdk/ixdriver/kmd/iluvatar.ko"],
        "image": "/root/zhanged/syzkaller/images/bullseye.img",
        "sshkey": "/root/zhanged/syzkaller/images/bullseye.id_rsa",
        "syzkaller": "/root/zhanged/syzkaller_1/syzkaller/",
        "procs": 8,
        "type": "qemu",
    "enable_syscalls": ["openat$ilu", "eventfd$ilu","openat$itr_link",
                "ioctl$AIP_CONTEXT_CREATE_IOCTL", "ioctl$AIP_CONTEXT_DESTROY_IOCTL", "ioctl$AIP_VA_SPACE_INIT_IOCTL",
                "ioctl$AIP_VA_SPACE_DESTROY_IOCTL", "ioctl$AIP_MEM_CREATE_IOCTL", "ioctl$AIP_MEM_DESTROY_IOCTL",
                "ioctl$AIP_MEM_OPEN_IOCTL", "ioctl$AIP_MEM_LOCK_IOCTL", "ioctl$AIP_MEM_UNLOCK_IOCTL",
                "ioctl$AIP_MEM_EXPORT_IOCTL", "ioctl$AIP_MEM_UNEXPORT_IOCTL", "ioctl$AIP_MEM_IMPORT_IOCTL"
                ],
    "vm": {
                "count": 1,
                "kernel": "/home/zhanged/zhanged/code/linux/arch/x86/boot/bzImage",
                "cpu": 24,
        "qemu_args": "-device vfio-pci,host=ac:00.0 -enable-kvm -cpu host,migratable=off -append nvme_core.default_ps_max_latency_us=5500",
        "mem": 122880
        }
}

`

When i click the coverage button on the web server, it report error ` failed to generate coverage profile: failed to symbolize: failed to parse pc '??:0' in addr2line output: strconv.ParseUint: parsing "??:0": invalid syntax `. it is ok when i remove the option ` module_obj `. 

thanks you very much.

[Taras Madan]

Gemini believes your kernel module was built w/o debug information. Let me quote it:

This error message, failed to parse pc '??:0', almost always means that your kernel module was compiled without debug symbols.

The coverage generation process relies on a tool called addr2line to map memory addresses from the running kernel back to specific lines in your source code. When addr2line returns ??:0, it's saying it has no idea where that address belongs because the necessary debug information is missing from the module file.

To view this discussion visit https://groups.google.com/d/msgid/syzkaller/1fb57cd6-4ccf-460c-872f-325704a3179dn%40googlegroups.com.