Edk2 Address Sanitizer debugging - shijunjing/edk2 GitHub Wiki

Build steps:

~/wksp_efi/edk2$ git checkout sanitizer
~/wksp_efi/edk2$ build -p OvmfPkg/OvmfPkgIa32X64.dsc -t CLANGSAN40 -a IA32 -a X64 -b NOOPT -n 5 -DDEBUG_ON_SERIAL_PORT
~/wksp_efi/edk2$ cd Build/rootfs/
~/wksp_efi/edk2$ cp ../Ovmf3264/NOOPT_CLANGSAN40/X64/TestModuleDxe.efi .
~/wksp_efi/edk2/Build/rootfs$ sudo qemu-system-x86_64  -serial file:serial.txt -m 5120 -hda fat:. -monitor stdio --enable-kvm -smp 4 -bios ../Ovmf3264/NOOPT_CLANGSAN40/FV/OVMF.fd -global e1000.romfile="" -machine q35 -cpu SandyBridge,+rdrand
In qemu, boot into shell:
Shell> reconnect -r
Shell> fs0:
FS0:\> load TestModuleDxe.efi
~/wksp_efi/edk2/Build/rootfs$ cd ../..
~/wksp_efi/edk2$ python UbsanLogCheck.py Build/rootfs/serial.txt Build/Ovmf3264/NOOPT_CLANGSAN40/
Done!

Failure Test case：

EFI_STATUS
EFIAPI
TestModuleDxeEntryPoint (
  IN EFI_HANDLE           ImageHandle,
  IN EFI_SYSTEM_TABLE     *SystemTable
  )
{
  char a1[2];
  char a2[3];
  SerialOutput ("CopyMem Test begin \n");
  a1[0] = 'a';
  a1[1] = 'b';
  a2[0] = 'c';
  a2[1] = 'd';
  a2[2] = 'e';
  a1[2] = 'f';
  a2[3] = 'g';
  CopyMem(a1, a2, 3);
  CopyMem(a2, a1, 3);
  SetMem(a1, 10, 0xFF);
  SetMem(a2, 10, 0xFF);  
  return EFI_SUCCESS;
}

Current issue is the CopyMem and SetMem libraries are implemented in assembly code in the BaseMemoryLib|MdePkg/Library/BaseMemoryLibRepStr/BaseMemoryLibRepStr.inf, but the Asan cannot do the instrumentation in the assembly code. So, the CopyMem and SetMem assembly function's buffer overflow access cannot be detected by Asan.