I'm working on porting kernel address sanitizer (KASan) from linux to another os (let's call it OS). This OS compiled with arm-none-eabi toolchain and I pass following asan related flags to compiler:
-fsanitize=kernel-address --param asan-globals=1 --param asan-stack=1 --param asan-instrumentation-with-call-threshold=0
Also I implement different __asan_* functions including __asan_register_globals and __asan_unregister_globals.
My problem is that compiler inserts only __asan_load*, __asan_store* and __asan_handle_no_return functions and ignores global variables and stack.
I made investigation and find out that in Linux compiler inserts instrumentation of globals and stack, but Linux use arm-linux-gnueabi toolchain.
Can anybody explain why --param asan-globals=1 and --param asan-stack=1 don't affect on generated code with arm-none-eabi toolchain?
Or just set direction for further searches.
Thanks.
You don't need any special functions calls for stack instrumentation - shadow memory is poisoned via inline stores in function prologue (and unpoisoned in epilogue).
Which GCC version do you use? Instrumentation of globals was done only in GCC 5.0 (in this patch) and wasn't backported to 4.9 branch. Another option option is that you forgot to use -fno-common which is necessary to instrument common symbols.