[PATCH 04/11] sandbox: Add support for Address Sanitizer

[Simon Glass]

Hi Andrew,

On Thu, 7 Apr 2022 at 03:41, Andrew Scull <ascull at google.com> wrote:
>
> Add CONFIG_ASAN to build with the Address Sanitizer. This only works
> with the sandbox so the config is likewise dependent. The resulting
> executable will have ASAN instrumentation, including the leak detector
> that can be disabled with the ASAN_OPTIONS environment variable:
>
>    ASAN_OPTIONS=detect_leaks=0 ./u-boot
>
> Since u-boot uses its own dlmalloc, dynamic allocations aren't
> automatically instrumented, but stack variables and globals are.
>
> Instrumentation could be added to dlmalloc to poison and unpoison memory
> as it is allocated and deallocated, and to introduce redzones between
> allocations. Alternatively, the sandbox may be able to play games with
> the system allocator and somehow still keep the required memory
> abstraction. No effort to address dynamic allocation is made by this
> patch.

I have toyed with what to do here. I originally was thinking of using
normal malloc() instead of dlmalloc() when running sandbox. But then
of course it makes sandbox very diffferent from other archs, so it is
not desirable. So I did not go down that path. Having said that,
os_malloc() is used for some sandbox-specific things.

I would love to have an extra string parameter to malloc() which
indicates what is doing the allocation (malloc_tag(size_t size, char
*id)), so it is easier to see failures and get an annotated 'core
dump'. But again, changing the alloc API is not so nice.

One weird thing to be aware of is that truetype fonts cause constant
allocs and frees. It happens in the background but you'll notice it if
you start tracing things.

>
> Signed-off-by: Andrew Scull <ascull at google.com>
> ---
>  Kconfig                   | 7 +++++++
>  arch/sandbox/config.mk    | 8 ++++++++
>  configs/sandbox_defconfig | 1 +
>  3 files changed, 16 insertions(+)

Reviewed-by: Simon Glass <sjg at chromium.org>

Regards,
Simon