Dear coreboot community.
A few of you may already have noticed that one of this years GSoC projects coreboot hosts is the adding of "Address Sanitizer" feature to our code base. This project has been taken by Harshit Sharma and he has spent the first period of coding on adding the needed code and enabling this feature for our ramstage on x86 platform. So far Harshit was very productive and the outcome of this first period is a working feature for ramstage that you can find in the patches [1]...[4]. Though these patches are not finally cleaned up yet they are good enough for first test and reviews. I did a first test by enabling this feature on mc_apl3. So far it looks good to me: The code is compliable (no surprise since Jenkins has proven that already) and it runs in qemu and real hardware (Apollo Lake based mc_apl3). I introduced a few out-of-bounds errors in mainboard_init() and mainboard_final() to test this feature and ASAN was able to detect both of them.
I was surprised by the very low runtime overhead ASAN has introduced in my case, I would have expected more. I have attached the timestamps I have gathered with and without ASAN during my tests (with console log level ERR) so that you can have a look. In the case where an error has been caught by ASAN the log looks like the following snippet (this is the error I introduced in mainboard_final):
ASan: stack-out-of-bounds in 0x7ab30c03 Write of 1 byte at addr 0x7ab90ef6
ASan: stack-out-of-bounds in 0x7ab30c03 Write of 1 byte at addr 0x7ab90ef5
ASan: stack-out-of-bounds in 0x7ab30c03 Write of 1 byte at addr 0x7ab90ef4
ASan: stack-out-of-bounds in 0x7ab30c03 Write of 1 byte at addr 0x7ab90ef3
I hope I was able to depict the current status Harshit have achieved in his first coding period.
The second aim of my message is to encourage you to test this feature on your hardware to get a better test coverage and review the code. So you have a test lab with multiple PCs and laptops under your control: perfectly, please give this feature a try and see what it does on your diverse hardware. Or you just own a single mainboard which runs on coreboot and you have a way to program it properly: fine, too. Go ahead and pull in the patches. Wait, you do not own a proper hardware or don't have access to it right now: OK, there is still a way how you can help. Take a look at the patches and provide a review. The broader the feedback will be for this brand new feature the better we can ensure it has a high quality and holds what it promises.
The next steps for the ASAN feature Harshit will work on will be support in romstage. Since romstage by nature have a very limited amount of RAM to use and this even varies from platform to platform, the enablement will take place now for just a few dedicated platforms (the ones Harshit and I have access to for test purposes). We though hope to design this feature as generic as possible so that further platforms can be added easily.
Again, please help Harshit to get a broad test coverage and a wide code review so that we all will have a high quality feature in our code base.
Thank you in advance for the support. Werner
[1] https://review.coreboot.org/c/coreboot/+/42271 [2] https://review.coreboot.org/c/coreboot/+/42794 [3] https://review.coreboot.org/c/coreboot/+/43164 [4] https://review.coreboot.org/c/coreboot/+/42496