DP_05_001 - Address Sanitizer

Project Scope

Enable/optimize AddressSanitizer function on RISC-V architecture. The major work is to port AddressSanitizer to RISC-V architecture both in GCC and LLVM, both for RV32 and RV64, both from pure software and hardware-software co-design.

Components and Repos

The tool consists of a compiler instrumentation module which works as an LLVM pass and a run-time library which replaces the malloc function.

  • For LLVM:

The instrumentation module is maintained in LLVM backend. (llvm/lib/Transforms/Instrumentation/AddressSanitizer.cpp)

The run-time libraries tailored for AddressSanitizer can be found in compiler-rt/lib/asan and compiler-rt/lib/sanitizer_common.

  • For GCC:

The instrumentation module is maintained in GCC backend.

(gcc/asan.c; gcc/config/riscv/riscv.c)

There are no individually developed run-time libraries for gcc. All the codes in libsanitzier/asan are merged from compiler-rt/lib/asan. So is sanitizer_common.

Stakeholders and Partners

  • RISE-T-Head
  • External
    • GCC and LLVM community

Measure of Success

Compare to ARM, RISC-V developer can get a fully functional and efficient AddressSanitizer tool to find the bug in the application. There are three milestones for the project.

  • M1: Base functional(finish)
  • M2: Fully functional with software solution(develop complete, upstreaming)
  • M3: Fully functional with hardware extensions, more fast with new extension or new hardware feature.

Timeline

  1. Enable AddressSanitizer for RISCV64 in GCC and LLVM - before
  2. Enable Scudo for RISCV64 in LLVM on both clang side and compiler-rt side - Mar, 2023
  3. Enable AddressSanitizer for RISCV32 in GCC and LLVM. (develop completed, upstreaming)- depend on the timeline of 32bit linux kernel
  4. Enable RISCV memory tagging for Scudo, with the support of hardware extension. - 12/30/2023
  5. Enable RISCV stack tagging in LLVM, with the support of hardware extension. - 12/30/2023

RISE Requirements

  • Push the definition/standard for 32bit ecosystem move forward(linux kernel, ABI)

Dependencies

  • 32bit-linux kernel
  • ABI for 32bit application

Status

Development

COMPLETED


Development Timeline2H 2023
Upstreaming

ONGOING


Upstream Version

N/A

depend on the definition of TASK_UNMAPPED_BASE in ABI.

Contacts

dillon (T-Head)

Joshua

shangyunhai@gmail.com
Dependencies

32bit - Linux Kernel 

ABI for 32bit application( definition of TASK_UNMAPPED_BASE)



 

Replace malloc with Scudo in glibc, similar with what bionic does

 

Enable RISCV memory tagging for malloc in glibc

 

Enable AddressSanitizer for RISCV32 in GCC and LLVM. (develop completed, upstreaming)- depend on the timeline of 32bit linux kernel

 

Enable Scudo for RISCV64 in LLVM on both clang side and compiler-rt side.