MSVC Address Sanitizer adoption in .NET’s CoreCLR

Introduction

The MSVC Address Sanitizer (ASan) team collaborated with the CoreCLR team to integrate ASan into the .NET development platform to improve its reliability and security. ASan's promise of zero false positive memory safety error reports enhances security confidence in existing codebases.

Previous Challenges

Previous attempts to enable ASan for CoreCLR on gcc faced incompatibilities on Windows with build infrastructure, mixed configurations during testing, and runtime issues. Both build and runtime changes were needed from the ASan team for adoption in CoreCLR on Windows.

Changes Made

Significant changes were made to the ASan implementation for CoreCLR on Windows, particularly in shadow memory implementation on x64. These changes involved on-demand mapping schemes and exception handlers to map shadow memory efficiently.

Adoption Process

After the necessary changes were made, a weekly pipeline run was established for CoreCLR on Windows to integrate ASan into the development workflow. This weekly cadence balances feedback frequency with code velocity, ensuring that any memory safety errors can be promptly identified and addressed.

Call to Action

Developers are encouraged to download Visual Studio and try out the Address Sanitizer tool to improve the reliability and security of their .NET projects. Questions or feedback can be shared in the comments section.