From 1e578ed20c733e7b2b6ac1e01a4e33338db45b5a Mon Sep 17 00:00:00 2001 From: Andrew Scull Date: Mon, 30 May 2022 10:00:05 +0000 Subject: sandbox: Add support for Address Sanitizer Add CONFIG_ASAN to build with the Address Sanitizer. This only works with the sandbox so the config is likewise dependent. The resulting executable will have ASAN instrumentation, including the leak detector that can be disabled with the ASAN_OPTIONS environment variable: ASAN_OPTIONS=detect_leaks=0 ./u-boot Since u-boot uses its own dlmalloc, dynamic allocations aren't automatically instrumented, but stack variables and globals are. Instrumentation could be added to dlmalloc to poison and unpoison memory as it is allocated and deallocated, and to introduce redzones between allocations. Alternatively, the sandbox may be able to play games with the system allocator and somehow still keep the required memory abstraction. No effort to address dynamic allocation is made by this patch. The config is not yet enabled for any targets by default. Signed-off-by: Andrew Scull Reviewed-by: Simon Glass --- Kconfig | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'Kconfig') diff --git a/Kconfig b/Kconfig index 429b5f9a70..6b97a0236f 100644 --- a/Kconfig +++ b/Kconfig @@ -154,6 +154,13 @@ config CC_COVERAGE Enabling this option will pass "--coverage" to gcc to compile and link code instrumented for coverage analysis. +config ASAN + bool "Enable AddressSanitizer" + depends on SANDBOX + help + Enables AddressSanitizer to discover out-of-bounds accesses, + use-after-free, double-free and memory leaks. + config CC_HAS_ASM_INLINE def_bool $(success,echo 'void foo(void) { asm inline (""); }' | $(CC) -x c - -c -o /dev/null) -- cgit v1.2.3