Official repository for ASAP: High System-code Security at Low Overhead
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Failed to load latest commit information.
asap Update ASAP docs (use LLVM 3.7 and https clone URL). Dec 3, 2015
autoconf Change version from '3.7.0svn' to '3.7.0' Jul 14, 2015
bindings Merge r242372 to 3.7 so that it goes out in 3.7.1 Sep 9, 2015
cmake Merging r242993: Jul 23, 2015
docs ReleaseNotes: add a note about libunwind moving Aug 27, 2015
examples Simplify the Mangler interface now that DataLayout is mandatory. Jun 23, 2015
include Merge r242372 to 3.7 so that it goes out in 3.7.1 Sep 9, 2015
lib Update ASAP to LLVM 3.7 Sep 28, 2015
llvm Update ASAP to LLVM 3.7 Sep 28, 2015
projects build: make libunwind a proper project Apr 25, 2015
resources In MSVC builds embed a VERSIONINFO resource in our exe and DLL files. Jun 12, 2015
test Update ASAP to LLVM 3.7 Sep 28, 2015
tools Merging r245064: Aug 17, 2015
unittests Merging r243891 and r244644: Aug 11, 2015
utils Merging r245902: Aug 24, 2015
.arcconfig Updated phabricator server. Apr 7, 2014
.clang-format Test commit. Mar 2, 2014
.clang-tidy Enable display of compiler diagnostics in clang-tidy by default. Oct 29, 2014
.gitignore Minor updates to gitignore so that symlinks are ignored in the projec… Jul 7, 2015 Update to use CMake's compilation database. Dec 3, 2015
CMakeLists.txt Merging r244232 and r244659: Aug 14, 2015
CODE_OWNERS.TXT [WebAssembly] Initial WebAssembly backend Jun 29, 2015
CREDITS.TXT Updating with 2 more contributors Aug 28, 2015
LICENSE.TXT Update ASAP to LLVM 3.7 Sep 28, 2015
LLVMBuild.txt Remove the very substantial, largely unmaintained legacy PGO Oct 2, 2013
Makefile [configure/make] Propagate names of build host tools when making Buil… Mar 25, 2014
Makefile.common Makefile.common: Update a description, s/Source/SOURCES/ , according … Dec 7, 2012 Merging r243999: Aug 12, 2015
Makefile.rules Add support for SunOS function/data sections and associated Mar 3, 2015 Update ASAP docs (use LLVM 3.7 and https clone URL). Dec 3, 2015
configure Change version from '3.7.0svn' to '3.7.0' Jul 14, 2015 Tidy up. s/Low Level Virtual Machine/LLVM/. Jan 25, 2012

ASAP: High System Code Security at Low Overhead

ASAP is a system for instrumenting software using sanity checks, subject to performance constraints.

ASAP is based on the LLVM compiler framework. For more information about LLVM please consult llvm/README.txt and llvm/LICENSE.txt. ASAP itself is distributed under the terms of LICENSE.txt in the same folder as this file.


The files in asap/doc/ and the remainder of this README contain various examples of using ASAP.

Obtaining and Compiling ASAP

  1. Check out ASAP's source code:

     # Create a project folder
     mkdir asap
     cd asap
     export ASAP_DIR=$(pwd)
     # Clone the source code
     git clone
     git clone asap/tools/clang
     ( cd asap/tools/clang && git checkout release_37 )
     git clone asap/projects/compiler-rt
     ( cd asap/projects/compiler-rt && git checkout release_37 )
  2. On Linux, compiling ASAP also depends on binutils development files, since we need to build the LLVM Gold linker plugin:

     sudo aptitude install binutils-dev
  3. Compile ASAP:

     cd $ASAP_DIR
     mkdir build
     cd build
     # For configuring, these settings are recommended:
     # - -G Ninja finishes the build sooner (you want your build ASAP, after all :) )
     # - -DLLVM_ENABLE_ASSERTIONS=ON makes bugs a bit easier to understand
     # - -DCMAKE_EXPORT_COMPILE_COMMANDS=ON causes a compile_commands.json
     #   file to be generated. This file is useful if you're editing the ASAP
     #   source code or running code analysis tools.
     # Launch the compilation
     cmake --build .

    On Linux, add -DLLVM_BINUTILS_INCDIR=/usr/include to the cmake command line.

Trying ASAP on a small example

A small example for ASAP is available in llvm/lib/Transforms/SanityChecks/doc/sum/. It contains a small program vulnerable to a buffer overflow. The program is protected by compiling it with AddressSanitizer. ASAP then measures the effect of each ASan check, and removes the most expensive ones.

To run the example:

export PATH=$ASAP_DIR/build/bin:$PATH
cd $ASAP_DIR/asap/lib/Transforms/SanityChecks/doc/sum

Please have a look at the Makefile to see the individual steps performed by ASAP.