[PATCH v2 05/12] sandbox: Add support for Address Sanitizer

Andrew Scull ascull at google.com
Thu Apr 14 15:59:34 CEST 2022 

Add CONFIG_ASAN to build with the Address Sanitizer. This only works
with the sandbox so the config is likewise dependent. The resulting
executable will have ASAN instrumentation, including the leak detector
that can be disabled with the ASAN_OPTIONS environment variable:

   ASAN_OPTIONS=detect_leaks=0 ./u-boot

Since u-boot uses its own dlmalloc, dynamic allocations aren't
automatically instrumented, but stack variables and globals are.

Instrumentation could be added to dlmalloc to poison and unpoison memory
as it is allocated and deallocated, and to introduce redzones between
allocations. Alternatively, the sandbox may be able to play games with
the system allocator and somehow still keep the required memory
abstraction. No effort to address dynamic allocation is made by this
patch.

Signed-off-by: Andrew Scull <ascull at google.com>
Reviewed-by: Simon Glass <sjg at chromium.org>
---
 Kconfig                   | 7 +++++++
 arch/sandbox/config.mk    | 8 ++++++++
 configs/sandbox_defconfig | 1 +
 3 files changed, 16 insertions(+)

diff --git a/Kconfig b/Kconfig
index 0ee3068b9a..a2577bcce6 100644
--- a/Kconfig
+++ b/Kconfig
@@ -154,6 +154,13 @@ config CC_COVERAGE
 	  Enabling this option will pass "--coverage" to gcc to compile
 	  and link code instrumented for coverage analysis.
 
+config ASAN
+	bool "Enable AddressSanitizer"
+	depends on SANDBOX
+	help
+	  Enables AddressSanitizer to discover out-of-bounds accesses,
+	  use-after-free, double-free and memory leaks.
+
 config CC_HAS_ASM_INLINE
 	def_bool $(success,echo 'void foo(void) { asm inline (""); }' | $(CC) -x c - -c -o /dev/null)
 
diff --git a/arch/sandbox/config.mk b/arch/sandbox/config.mk
index c42de2ff27..d7ce66fb6c 100644
--- a/arch/sandbox/config.mk
+++ b/arch/sandbox/config.mk
@@ -15,7 +15,14 @@ PLATFORM_LIBS += $(shell $(SDL_CONFIG) --libs)
 PLATFORM_CPPFLAGS += $(shell $(SDL_CONFIG) --cflags)
 endif
 
+SANITIZERS :=
+ifdef CONFIG_ASAN
+SANITIZERS	+= -fsanitize=address
+endif
+KBUILD_CFLAGS	+= $(SANITIZERS)
+
 cmd_u-boot__ = $(CC) -o $@ -Wl,-T u-boot.lds $(u-boot-init) \
+	$(SANITIZERS) \
 	$(LTO_FINAL_LDFLAGS) \
 	-Wl,--whole-archive \
 		$(u-boot-main) \
@@ -24,6 +31,7 @@ cmd_u-boot__ = $(CC) -o $@ -Wl,-T u-boot.lds $(u-boot-init) \
 	$(PLATFORM_LIBS) -Wl,-Map -Wl,u-boot.map
 
 cmd_u-boot-spl = (cd $(obj) && $(CC) -o $(SPL_BIN) -Wl,-T u-boot-spl.lds \
+	$(SANITIZERS) \
 	$(LTO_FINAL_LDFLAGS) \
 	$(patsubst $(obj)/%,%,$(u-boot-spl-init)) \
 	-Wl,--whole-archive \
diff --git a/configs/sandbox_defconfig b/configs/sandbox_defconfig
index cb8d590eb6..462a0afb2e 100644
--- a/configs/sandbox_defconfig
+++ b/configs/sandbox_defconfig
@@ -1,3 +1,4 @@
+CONFIG_ASAN=y
 CONFIG_SYS_TEXT_BASE=0
 CONFIG_SYS_MALLOC_LEN=0x2000000
 CONFIG_NR_DRAM_BANKS=1
-- 
2.35.1.1178.g4f1659d476-goog

More information about the U-Boot mailing list