Hi Shawn,

I am glad that you found these sanitizers useful. Presently, Ubsan is available in ramstage on all platforms whereas ASan is only available on x86 platforms. You can refer to this page to learn more about ASan in coreboot.

Regarding the type mismatch in memory_is_poisoned_16(), I don't see any problem with the current implementation. Dereferencing shadow_addr returns either 0 or unsigned chars FA, F1, F2, etc depending upon the type of memory bug found. However, if we just want to silence Ubsan here, I think we change it to something like return *shadow_addr != 0 ? true : false. I would like to hear others' opinions on this.

Best,

Harshit

On Mon, Jan 4, 2021 at 9:30 PM Shawn C <citypw@hardenedlinux.org> wrote:

Hi,

coreboot have two types of sanitizers already: Ubsan and Asan. This is good starting point. I found a few catches by simply enabling CONFIG_COVERAGE, CONFIG_UBSAN and CONFIG_ASAN:
https://ticket.coreboot.org/issues/288

The developer seems haven't enable them in the testing process yet. It would be better if we add those debug features by default during the development which could possibly kill more bugs in the coreboot and the sanitizers themselves. Any ideas?

regards
Shawn C

_______________________________________________
coreboot mailing list -- coreboot@coreboot.org
To unsubscribe send an email to coreboot-leave@coreboot.org