Bug 1386297 (asan-nightly-project)

[meta] AddressSanitizer Nightly Project

NEW
Assigned to

Status

()

enhancement
P5
normal
2 years ago
12 days ago

People

(Reporter: decoder, Assigned: decoder)

Tracking

(Depends on 10 bugs, {meta, sec-want})

Trunk
x86_64
Unspecified
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(firefox57 wontfix)

Details

()

Assignee

Description

2 years ago
This bug should serve as a tracking bug for all bugs related to the AddressSanitizer (ASan) Nightly Project. The goal of the project is to provide a version of Nightly that is built with ASan and automatically reports back any ASan crash information to us.

The project will be opt-in and targeting users that are willing to run these kinds of builds for daily browsing despite the performance overhead that comes with ASan.

Since ASan detects memory corruptions much better (e.g. triggers on use-after-free, which often does not crash) and also provides much better diagnostic information, the results might allow us to fix additional stability and security bugs in our codebase.

In terms of operating systems, the first OS to be supported will be Linux, maybe we can extend this to Mac later. ASan for Firefox on Windows is in its early stages so it is not clear when it will be stable enough.
Assignee

Updated

2 years ago
Alias: asan-nightly-project
Assignee

Updated

2 years ago
Depends on: 1386304
Assignee

Updated

2 years ago
Depends on: 1399917

Updated

2 years ago
Keywords: meta
This could be a problem for sandboxing: currently we disable sandboxing on Linux ASan builds, because of problems with LeakSanitizer (see bug 1287971 comment #9), and to a certain extent we rely on Nightly users to catch problems on unusual configurations or distributions that Mozilla's test infrastructure doesn't cover.  So if the more experimental parts of the Linux Nightly population start using ASan builds, this would increase our risk of brokenness making it to Release.  

It sounds like this ASan Nightly won't need Leak Sanitizer, which suggests a possibility: get sandboxing + ASan working again, have it disable LSan in child processes by default, and allow tests to choose LSan instead of sandboxing.

The one weak point there is getting test coverage for ASan + sandboxing, but as long as ASan and sandboxing are tested separately, the risks are mainly around the ASan crash handler working as expected in child processes (including media plugins if possible), and that should be testable much more cheaply than running an extra copy of the entire test suite.
Assignee

Comment 2

2 years ago
(In reply to Jed Davis [:jld] (⏰UTC-6) from comment #1)

I don't think this is an issue at the moment, because we don't expect that a substantial amount of the Nightly population will participate in this program. This program is entirely opt-in and requires a separate build to be downloaded. It is not that we move a percentage of Nightly users to this type of channel.

That said, if you can get sandboxing to work properly with ASan (and the ASan reporter system addon), that would of course be nice :)
Assignee

Updated

2 years ago
Depends on: 1403548
Assignee

Updated

2 years ago
Depends on: 1413696
Assignee

Updated

2 years ago
Depends on: 1415689
Assignee

Updated

2 years ago
Depends on: 1419371
Assignee

Updated

2 years ago
Depends on: 1419608
Assignee

Updated

2 years ago
Depends on: 1422269
Assignee

Updated

Last year
Depends on: 1471532
Assignee

Updated

Last year
Depends on: 1471647
Assignee

Updated

Last year
Depends on: 1472990
Assignee

Updated

Last year
Depends on: 1473259
Assignee

Updated

11 months ago
Depends on: 1475514
Depends on: 1476098
Assignee

Updated

11 months ago
Depends on: 1476080
Depends on: 1477037
Depends on: 1465545
Depends on: 1477057
Assignee

Updated

11 months ago
Depends on: 1477073
Depends on: 1477212
Assignee

Updated

11 months ago
Depends on: 1477324
Assignee

Updated

11 months ago
Depends on: 1477434
Assignee

Updated

11 months ago
Depends on: 1477490
Assignee

Updated

11 months ago
Depends on: 1477493
Assignee

Updated

11 months ago
Depends on: 1477981
Assignee

Updated

11 months ago
Depends on: 1478096
Assignee

Updated

11 months ago
Depends on: 1426176
Assignee

Updated

11 months ago
Depends on: 1478143
Assignee

Updated

11 months ago
Depends on: 1478312
Depends on: 1478331
Assignee

Updated

11 months ago
Depends on: 1478573
Assignee

Updated

11 months ago
Depends on: 1478575
Assignee

Updated

11 months ago
Depends on: 1478577
Assignee

Updated

11 months ago
Depends on: 1478581
Assignee

Updated

11 months ago
Depends on: 1478585
Assignee

Updated

11 months ago
Depends on: 1478591
Assignee

Updated

11 months ago
Depends on: 1478849
Assignee

Updated

11 months ago
Depends on: 1478853
Assignee

Updated

11 months ago
Depends on: 1479268
Assignee

Updated

11 months ago
Depends on: 1479269
Assignee

Updated

11 months ago
Depends on: 1479385
Assignee

Updated

11 months ago
Depends on: 1479399
Assignee

Updated

11 months ago
No longer depends on: 1477073
Assignee

Updated

11 months ago
Depends on: 1480044
Assignee

Updated

10 months ago
Depends on: 1484655
Assignee

Updated

10 months ago
Depends on: 1486400
Depends on: 1492508
Depends on: 1493050
Depends on: 1494021
Depends on: 1494052

Updated

8 months ago
Depends on: 1503225
Summary: AddressSanitizer Nightly Project → [meta] AddressSanitizer Nightly Project
Depends on: 1520801
Assignee

Updated

22 days ago
Depends on: 1554600
Depends on: 1557095
You need to log in before you can comment on or make changes to this bug.