Allow testing leaky shutdown in "leak-checking" builds (NS_FREE_PERMANENT_DATA)
Categories
(Core :: XPCOM, enhancement)
Tracking
()
Tracking | Status | |
---|---|---|
firefox42 | --- | affected |
People
(Reporter: jruderman, Unassigned)
References
Details
Reporter | ||
Comment 1•9 years ago
|
||
Comment 2•9 years ago
|
||
Updated•2 years ago
|
Comment 3•3 months ago
|
||
Not sure if there is anything we want to do here, but moving the component for now.
Comment 4•3 months ago
|
||
I think this is still a legitimate issue, but that it is less of a concern nowadays. In content processes, where all of the scary web pages live, we just kill the process quite early in shutdown, in non-leakchecking builds. There's been some work to bail out earlier in the main process, but I think that stalled out so we still do a good chunk of XPCOM shutdown.
One interesting angle here is that our ASan builds are NS_FREE_PERMANENT_DATA. We need this for LSan, but this means we're hitting this issue for ASan memory safety stuff. One problem related to this that I have noticed is that, sort of the opposite of the initial concern in comment 0, is that various security researchers occasionally report UAFs or whatever in shutdown code that never runs in opt builds. I filed bug 1850021 about changing that for fuzzing ASan builds but I haven't gotten around to it. It doesn't seem to crop up more than a few times a year.
Description
•