[PATCH] sandbox: add memory leak debugging tooling around LeakSanitizer

[PATCH] sandbox: add memory leak debugging tooling around LeakSanitizer

[Ahmad Fatoum]

When enabled, this allows calling barebox_memleak_check() or running the
checkleak command to instruct LeakSanitizer to sweep the memory and find
unreferenced allocations.

LeakSanitizier is also enabled along AddressSanitizer and runs on AMD64
Linux automatically on exit already.

Signed-off-by: Ahmad Fatoum <a.fatoum@barebox.org>
---
 arch/sandbox/Makefile         |  2 +-
 arch/sandbox/os/libc_malloc.c |  9 ++++++
 commands/Kconfig              |  9 ++++++
 commands/Makefile             |  1 +
 commands/checkleak.c          | 52 +++++++++++++++++++++++++++++++++++
 common/Kconfig.debug          |  6 ++++
 include/malloc.h              |  6 ++++
 7 files changed, 84 insertions(+), 1 deletion(-)
 create mode 100644 commands/checkleak.c

diff --git a/arch/sandbox/Makefile b/arch/sandbox/Makefile
index fdff09c07cb9..1b1774cc4b0a 100644
--- a/arch/sandbox/Makefile
+++ b/arch/sandbox/Makefile
@@ -36,7 +36,7 @@ TEXT_BASE = $(CONFIG_TEXT_BASE)
 
 SANDBOX_PBL2PROPER_GLUE_SYMS := \
 	putchar errno setjmp longjmp \
-	malloc_stats memalign malloc free realloc calloc brk sbrk
+	malloc_stats memalign malloc free realloc calloc memleak_check brk sbrk
 
 KBUILD_CFLAGS += $(foreach s,$(SANDBOX_PBL2PROPER_GLUE_SYMS),-D$(s)=barebox_$(s))
 
diff --git a/arch/sandbox/os/libc_malloc.c b/arch/sandbox/os/libc_malloc.c
index bb4fb1c9ead4..fee4550f327c 100644
--- a/arch/sandbox/os/libc_malloc.c
+++ b/arch/sandbox/os/libc_malloc.c
@@ -98,3 +98,12 @@ void *barebox_calloc(size_t n, size_t elem_size)
 
 	return mem;
 }
+
+#ifdef CONFIG_DEBUG_MEMLEAK
+void barebox_memleak_check(void)
+{
+	void __lsan_do_leak_check(void);
+
+	__lsan_do_leak_check();
+}
+#endif
diff --git a/commands/Kconfig b/commands/Kconfig
index 78b1e69dd38e..c7c03a65477b 100644
--- a/commands/Kconfig
+++ b/commands/Kconfig
@@ -210,6 +210,15 @@ config CMD_MEMINFO
 	  system bytes     =     282616
 	  in use bytes     =     274752
 
+config CMD_CHECKLEAK
+	tristate
+	prompt "checkleak"
+	depends on DEBUG_MEMLEAK
+	default y
+	help
+	  List memory leaks encountered since the last time
+	  the command ran.
+
 config CMD_ARM_MMUINFO
 	bool "mmuinfo command"
 	depends on CPU_V7 || CPU_V8
diff --git a/commands/Makefile b/commands/Makefile
index 858e0c257eba..8fffac8fd442 100644
--- a/commands/Makefile
+++ b/commands/Makefile
@@ -47,6 +47,7 @@ obj-$(CONFIG_CMD_TRUNCATE)	+= truncate.o
 obj-$(CONFIG_CMD_SYNC)		+= sync.o
 obj-$(CONFIG_CMD_FLASH)		+= flash.o
 obj-$(CONFIG_CMD_MEMINFO)	+= meminfo.o
+obj-$(CONFIG_CMD_CHECKLEAK)	+= checkleak.o
 obj-$(CONFIG_CMD_TIMEOUT)	+= timeout.o
 obj-$(CONFIG_CMD_READLINE)	+= readline.o
 obj-$(CONFIG_CMD_SETENV)	+= setenv.o
diff --git a/commands/checkleak.c b/commands/checkleak.c
new file mode 100644
index 000000000000..c0449fc82e00
--- /dev/null
+++ b/commands/checkleak.c
@@ -0,0 +1,52 @@
+// SPDX-License-Identifier: GPL-2.0-only
+
+#include <command.h>
+#include <malloc.h>
+#include <abort.h>
+#include <getopt.h>
+#include <linux/kstrtox.h>
+
+static int do_checkleak(int argc, char *argv[])
+{
+	unsigned int count;
+	int opt;
+
+	while((opt = getopt(argc, argv, "l:")) > 0) {
+		switch(opt) {
+		case 'l':
+			if (kstrtouint(optarg, 0, &count))
+				return COMMAND_ERROR;
+			(void)malloc(count);
+			break;
+		default:
+			return COMMAND_ERROR_USAGE;
+		}
+	}
+
+	argv += optind;
+	argc -= optind;
+
+	if (argc)
+		return COMMAND_ERROR_USAGE;
+
+	memleak_check();
+
+	return 0;
+}
+
+BAREBOX_CMD_HELP_START(checkleak)
+BAREBOX_CMD_HELP_TEXT("list memory leaks encountered since the last time")
+BAREBOX_CMD_HELP_TEXT("the command ran.")
+BAREBOX_CMD_HELP_TEXT("")
+BAREBOX_CMD_HELP_TEXT("Options:")
+BAREBOX_CMD_HELP_OPT ("-l COUNT",  "force leak of COUNT bytes")
+BAREBOX_CMD_HELP_END
+
+BAREBOX_CMD_START(checkleak)
+	.cmd		= do_checkleak,
+	BAREBOX_CMD_DESC("check for memory leaks")
+	BAREBOX_CMD_OPTS("[-l]")
+	BAREBOX_CMD_GROUP(CMD_GRP_MISC)
+	BAREBOX_CMD_HELP(cmd_checkleak_help)
+BAREBOX_CMD_END
+
diff --git a/common/Kconfig.debug b/common/Kconfig.debug
index 9c70555eb83c..2de885ebb3f8 100644
--- a/common/Kconfig.debug
+++ b/common/Kconfig.debug
@@ -124,6 +124,12 @@ config PRINTF_FULL
 source "lib/Kconfig.ubsan"
 source "lib/kasan/Kconfig"
 
+config DEBUG_MEMLEAK
+	bool "barebox memory leak detector"
+	depends on MALLOC_LIBC && ASAN
+	help
+	  Say Y here if you want to enable LeakSanitizer.
+
 config COMPILE_TEST
 	bool "compile-test drivers of other platforms"
 	default n
diff --git a/include/malloc.h b/include/malloc.h
index 81ab0f457b01..31a2ff1b3d8e 100644
--- a/include/malloc.h
+++ b/include/malloc.h
@@ -88,4 +88,10 @@ static inline bool want_init_on_free(void)
 	return IS_ENABLED(CONFIG_INIT_ON_FREE_DEFAULT_ON);
 }
 
+#ifdef CONFIG_DEBUG_MEMLEAK
+void memleak_check(void);
+#else
+static inline void memleak_check(void) {}
+#endif
+
 #endif /* __MALLOC_H */
-- 
2.47.3

Re: [PATCH] sandbox: add memory leak debugging tooling around LeakSanitizer

[Sascha Hauer]

On Mon, Oct 27, 2025 at 08:44:45AM +0100, Ahmad Fatoum wrote:
> When enabled, this allows calling barebox_memleak_check() or running the
> checkleak command to instruct LeakSanitizer to sweep the memory and find
> unreferenced allocations.
> 
> LeakSanitizier is also enabled along AddressSanitizer and runs on AMD64
> Linux automatically on exit already.
> 
> +static int do_checkleak(int argc, char *argv[])
> +{
> +	unsigned int count;
> +	int opt;
> +
> +	while((opt = getopt(argc, argv, "l:")) > 0) {
> +		switch(opt) {
> +		case 'l':
> +			if (kstrtouint(optarg, 0, &count))
> +				return COMMAND_ERROR;
> +			(void)malloc(count);
> +			break;
> +		default:
> +			return COMMAND_ERROR_USAGE;
> +		}
> +	}
> +
> +	argv += optind;
> +	argc -= optind;
> +
> +	if (argc)
> +		return COMMAND_ERROR_USAGE;
> +
> +	memleak_check();

barebox exits in this call. Is this intended?

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |

Re: [PATCH] sandbox: add memory leak debugging tooling around LeakSanitizer

[Ahmad Fatoum]

Hi Sascha,

On 10/28/25 8:57 AM, Sascha Hauer wrote:
> On Mon, Oct 27, 2025 at 08:44:45AM +0100, Ahmad Fatoum wrote:
>> When enabled, this allows calling barebox_memleak_check() or running the
>> checkleak command to instruct LeakSanitizer to sweep the memory and find
>> unreferenced allocations.
>>
>> LeakSanitizier is also enabled along AddressSanitizer and runs on AMD64
>> Linux automatically on exit already.
>>
>> +static int do_checkleak(int argc, char *argv[])
>> +{
>> +	unsigned int count;
>> +	int opt;
>> +
>> +	while((opt = getopt(argc, argv, "l:")) > 0) {
>> +		switch(opt) {
>> +		case 'l':
>> +			if (kstrtouint(optarg, 0, &count))
>> +				return COMMAND_ERROR;
>> +			(void)malloc(count);
>> +			break;
>> +		default:
>> +			return COMMAND_ERROR_USAGE;
>> +		}
>> +	}
>> +
>> +	argv += optind;
>> +	argc -= optind;
>> +
>> +	if (argc)
>> +		return COMMAND_ERROR_USAGE;
>> +
>> +	memleak_check();
> 
> barebox exits in this call. Is this intended?

Until I figure out how to suppress it, yes, unfortunately. Haven't dug
into the source code yet.

On the bright side my talloc series removes the long standing leak in
hush, so it's less of a bother. :D

Cheers,
Ahmad

> 
> Sascha
> 

-- 
Pengutronix e.K.                  |                             |
Steuerwalder Str. 21              | http://www.pengutronix.de/  |
31137 Hildesheim, Germany         | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686  | Fax:   +49-5121-206917-5555 |

Re: [PATCH] sandbox: add memory leak debugging tooling around LeakSanitizer

[Sascha Hauer]

On Tue, Oct 28, 2025 at 08:59:05AM +0100, Ahmad Fatoum wrote:
> Hi Sascha,
> 
> On 10/28/25 8:57 AM, Sascha Hauer wrote:
> > On Mon, Oct 27, 2025 at 08:44:45AM +0100, Ahmad Fatoum wrote:
> >> When enabled, this allows calling barebox_memleak_check() or running the
> >> checkleak command to instruct LeakSanitizer to sweep the memory and find
> >> unreferenced allocations.
> >>
> >> LeakSanitizier is also enabled along AddressSanitizer and runs on AMD64
> >> Linux automatically on exit already.
> >>
> >> +static int do_checkleak(int argc, char *argv[])
> >> +{
> >> +	unsigned int count;
> >> +	int opt;
> >> +
> >> +	while((opt = getopt(argc, argv, "l:")) > 0) {
> >> +		switch(opt) {
> >> +		case 'l':
> >> +			if (kstrtouint(optarg, 0, &count))
> >> +				return COMMAND_ERROR;
> >> +			(void)malloc(count);
> >> +			break;
> >> +		default:
> >> +			return COMMAND_ERROR_USAGE;
> >> +		}
> >> +	}
> >> +
> >> +	argv += optind;
> >> +	argc -= optind;
> >> +
> >> +	if (argc)
> >> +		return COMMAND_ERROR_USAGE;
> >> +
> >> +	memleak_check();
> > 
> > barebox exits in this call. Is this intended?
> 
> Until I figure out how to suppress it, yes, unfortunately. Haven't dug
> into the source code yet.

Until this is fixed we might want to adjust this text to reality:

BAREBOX_CMD_HELP_TEXT("list memory leaks encountered since the last time")
BAREBOX_CMD_HELP_TEXT("the command ran.")

> 
> On the bright side my talloc series removes the long standing leak in
> hush, so it's less of a bother. :D

Indeed, it's useful as is, but let's mention the issue somewhere.

Sascha

-- 
Pengutronix e.K.                           |                             |
Steuerwalder Str. 21                       | http://www.pengutronix.de/  |
31137 Hildesheim, Germany                  | Phone: +49-5121-206917-0    |
Amtsgericht Hildesheim, HRA 2686           | Fax:   +49-5121-206917-5555 |