Dear coreboot community. A few of you may already have noticed that one of this years GSoC projects coreboot hosts is the adding of "Address Sanitizer" feature to our code base. This project has been taken by Harshit Sharma and he has spent the first period of coding on adding the needed code and enabling this feature for our ramstage on x86 platform. So far Harshit was very productive and the outcome of this first period is a working feature for ramstage that you can find in the patches [1]...[4]. Though these patches are not finally cleaned up yet they are good enough for first test and reviews. I did a first test by enabling this feature on mc_apl3. So far it looks good to me: The code is compliable (no surprise since Jenkins has proven that already) and it runs in qemu and real hardware (Apollo Lake based mc_apl3). I introduced a few out-of-bounds errors in mainboard_init() and mainboard_final() to test this feature and ASAN was able to detect both of them.
I was surprised by the very low runtime overhead ASAN has introduced in my case, I would have expected more. I have attached the timestamps I have gathered with and without ASAN during my tests (with console log level ERR) so that you can have a look. In the case where an error has been caught by ASAN the log looks like the following snippet (this is the error I introduced in mainboard_final): ASan: stack-out-of-bounds in 0x7ab30c03 Write of 1 byte at addr 0x7ab90ef6 ASan: stack-out-of-bounds in 0x7ab30c03 Write of 1 byte at addr 0x7ab90ef5 ASan: stack-out-of-bounds in 0x7ab30c03 Write of 1 byte at addr 0x7ab90ef4 ASan: stack-out-of-bounds in 0x7ab30c03 Write of 1 byte at addr 0x7ab90ef3 I hope I was able to depict the current status Harshit have achieved in his first coding period. The second aim of my message is to encourage you to test this feature on your hardware to get a better test coverage and review the code. So you have a test lab with multiple PCs and laptops under your control: perfectly, please give this feature a try and see what it does on your diverse hardware. Or you just own a single mainboard which runs on coreboot and you have a way to program it properly: fine, too. Go ahead and pull in the patches. Wait, you do not own a proper hardware or don't have access to it right now: OK, there is still a way how you can help. Take a look at the patches and provide a review. The broader the feedback will be for this brand new feature the better we can ensure it has a high quality and holds what it promises. The next steps for the ASAN feature Harshit will work on will be support in romstage. Since romstage by nature have a very limited amount of RAM to use and this even varies from platform to platform, the enablement will take place now for just a few dedicated platforms (the ones Harshit and I have access to for test purposes). We though hope to design this feature as generic as possible so that further platforms can be added easily. Again, please help Harshit to get a broad test coverage and a wide code review so that we all will have a high quality feature in our code base. Thank you in advance for the support. Werner [1] https://review.coreboot.org/c/coreboot/+/42271 [2] https://review.coreboot.org/c/coreboot/+/42794 [3] https://review.coreboot.org/c/coreboot/+/43164 [4] https://review.coreboot.org/c/coreboot/+/42496
39 entries total: 0:1st timestamp 254,878 11:start of bootblock 256,565 (1,687) 12:end of bootblock 257,865 (1,299) 13:starting to load romstage 258,029 (164) 14:finished loading romstage 262,999 (4,969) 1:start of romstage 263,009 (9) 2:before ram initialization 305,020 (42,010) 950:calling FspMemoryInit 315,831 (10,811) 951:returning from FspMemoryInit 477,966 (162,135) 3:after ram initialization 486,310 (8,343) 4:end of romstage 489,707 (3,396) 100:start of postcar 489,912 (205) 101:end of postcar 489,912 (0) 8:starting to load ramstage 490,019 (106) 15:starting LZMA decompress (ignore for x86) 490,035 (16) 16:finished LZMA decompress (ignore for x86) 533,413 (43,378) 9:finished loading ramstage 533,512 (98) 10:start of ramstage 534,728 (1,215) 30:device enumeration 538,280 (3,551) 954:calling FspSiliconInit 616,578 (78,298) 955:returning from FspSiliconInit 644,837 (28,259) 40:device configuration 1,730,442 (1,085,605) 956:calling FspNotify(AfterPciEnumeration) 1,737,356 (6,913) 957:returning from FspNotify(AfterPciEnumeration) 1,738,577 (1,220) 50:device enable 1,740,926 (2,349) 60:device initialization 1,748,124 (7,197) 15:starting LZMA decompress (ignore for x86) 1,769,839 (21,715) 16:finished LZMA decompress (ignore for x86) 1,770,769 (929) 70:device setup done 1,840,590 (69,821) 75:cbmem post 1,841,787 (1,197) 80:write tables 1,842,983 (1,195) 85:finalize chips 1,846,616 (3,633) 90:load payload 1,879,537 (32,920) 15:starting LZMA decompress (ignore for x86) 1,879,689 (152) 16:finished LZMA decompress (ignore for x86) 1,920,800 (41,111) 958:calling FspNotify(ReadyToBoot) 1,921,334 (533) 959:returning from FspNotify(ReadyToBoot) 1,932,673 (11,338) 960:calling FspNotify(EndOfFirmware) 1,933,853 (1,179) 961:returning from FspNotify(EndOfFirmware) 1,937,498 (3,644) 99:selfboot jump 1,945,941 (8,443) Total Time: 1,691,043
39 entries total: 0:1st timestamp 254,583 11:start of bootblock 256,267 (1,683) 12:end of bootblock 257,569 (1,302) 13:starting to load romstage 257,733 (164) 14:finished loading romstage 262,697 (4,963) 1:start of romstage 262,707 (9) 2:before ram initialization 304,698 (41,991) 950:calling FspMemoryInit 315,516 (10,817) 951:returning from FspMemoryInit 477,637 (162,120) 3:after ram initialization 485,985 (8,348) 4:end of romstage 489,380 (3,394) 100:start of postcar 489,585 (205) 101:end of postcar 489,585 (0) 8:starting to load ramstage 489,693 (107) 15:starting LZMA decompress (ignore for x86) 489,709 (16) 16:finished LZMA decompress (ignore for x86) 519,230 (29,520) 9:finished loading ramstage 519,317 (87) 10:start of ramstage 520,514 (1,197) 30:device enumeration 524,061 (3,546) 954:calling FspSiliconInit 578,763 (54,701) 955:returning from FspSiliconInit 606,681 (27,918) 40:device configuration 1,736,907 (1,130,225) 956:calling FspNotify(AfterPciEnumeration) 1,741,545 (4,637) 957:returning from FspNotify(AfterPciEnumeration) 1,742,766 (1,221) 50:device enable 1,745,125 (2,359) 60:device initialization 1,753,599 (8,474) 15:starting LZMA decompress (ignore for x86) 1,774,639 (21,039) 16:finished LZMA decompress (ignore for x86) 1,775,231 (591) 70:device setup done 1,848,768 (73,537) 75:cbmem post 1,849,959 (1,190) 80:write tables 1,851,150 (1,190) 85:finalize chips 1,854,395 (3,244) 90:load payload 1,855,625 (1,230) 15:starting LZMA decompress (ignore for x86) 1,855,706 (81) 16:finished LZMA decompress (ignore for x86) 1,885,946 (30,239) 958:calling FspNotify(ReadyToBoot) 1,886,431 (485) 959:returning from FspNotify(ReadyToBoot) 1,897,772 (11,340) 960:calling FspNotify(EndOfFirmware) 1,898,947 (1,175) 961:returning from FspNotify(EndOfFirmware) 1,902,562 (3,614) 99:selfboot jump 1,910,960 (8,397) Total Time: 1,656,356
_______________________________________________ coreboot mailing list -- coreboot@coreboot.org To unsubscribe send an email to coreboot-le...@coreboot.org
