Closed
Bug 1501126
Opened 6 years ago
Closed 6 years ago
[Mac] Enable sandbox early startup by default on Nightly
Categories
(Core :: Security: Process Sandboxing, enhancement, P1)
Tracking
()
RESOLVED
FIXED
mozilla65
Tracking | Status | |
---|---|---|
firefox65 | --- | fixed |
People
(Reporter: haik, Assigned: haik)
References
(Depends on 1 open bug)
Details
Attachments
(1 file)
Enable the early startup mode of the Mac content sandbox by default in Nightly by default (by setting security.sandbox.content.mac.earlyinit=true).
Assignee | ||
Updated•6 years ago
|
Assignee | ||
Comment 1•6 years ago
|
||
From bug 1431441 comment 33 by Ionut > Before the backout, we noticed these big performance regressions: > > == Change summary for alert #16766 (as of Fri, 12 Oct 2018 13:23:55 GMT) == > > Regressions: > > 16% sessionrestore osx-10-10 opt e10s stylo 640.67 -> 745.17 > 13% ts_paint osx-10-10 opt e10s stylo 707.67 -> 802.83 > 13% sessionrestore_no_auto_restore osx-10-10 opt e10s stylo 675.29 -> 764.67 > 13% ts_paint_webext osx-10-10 opt e10s stylo 712.33 -> 803.92 > > For up to date results, see: https://treeherder.mozilla.org/perf.html#/alerts?id=16766 The changes move our call to sandbox_init_with_parameters() in content processes from being run on the main thread event loop during initialization to early in main. I do not think the regressions in sessionrestore, ts_paint, or ts_paint_webext are meaningful because it appears that those tests previously (without the code changes) didn't include the execution time of sandbox_init_with_parameters(), but do now that the function has been moved. I tested this by adding a 0.5 second busy loop in the original code site and found that it didn't affect those benchmarks. That wasn't the case for sessionrestore_no_auto_restore. I need some help understanding exactly what these tests are timing though. Ionut, are you able to help with that or is there someone you can recommend? I also found that sandbox_init_with_parameters() is much slower on older hardware like we have on try. Some rough numbers I collected for the average execution time: 2008 MacBook with macOS 10.9: 500ms try hardware (t-yosemite-r7-186) with macOS 10.10: 122ms 2015 MacBook Air with macOS 10.14: 15ms 2012 MacBook Pro with macOS 10.11: 14ms 2018 MacBook Pro with macOS 10.14: 8ms
Flags: needinfo?(igoldan)
Assignee | ||
Comment 2•6 years ago
|
||
@Ionut, jmaher offered to help with my questions. Is it OK to land while still resolving this?
Comment 3•6 years ago
|
||
(In reply to Haik Aftandilian [:haik] from comment #1) > From bug 1431441 comment 33 by Ionut > > Before the backout, we noticed these big performance regressions: > > > > == Change summary for alert #16766 (as of Fri, 12 Oct 2018 13:23:55 GMT) == > > > > Regressions: > > > > 16% sessionrestore osx-10-10 opt e10s stylo 640.67 -> 745.17 > > 13% ts_paint osx-10-10 opt e10s stylo 707.67 -> 802.83 > > 13% sessionrestore_no_auto_restore osx-10-10 opt e10s stylo 675.29 -> 764.67 > > 13% ts_paint_webext osx-10-10 opt e10s stylo 712.33 -> 803.92 > > > > For up to date results, see: https://treeherder.mozilla.org/perf.html#/alerts?id=16766 > > I need some help understanding exactly what these tests are timing though. > Ionut, are you able to help with that or is there someone you can recommend? Yes, for sessionrestore* test you can contact :mikedeboer. As for ts_paint, it used to be :milan, but now I think one of the contacts would be :davidb.
Comment 4•6 years ago
|
||
(In reply to Haik Aftandilian [:haik] from comment #2) > @Ionut, jmaher offered to help with my questions. Is it OK to land while > still resolving this? You can land this, it's just that I need constant feedback on the evolution of the fix, from your behalf.
Flags: needinfo?(igoldan)
Assignee | ||
Comment 5•6 years ago
|
||
I think bug 1505445 will address the talos regressions listed in comment 3. I plan to land this fix after bug 1505445 which is out for review.
Assignee | ||
Comment 6•6 years ago
|
||
Set security.sandbox.content.mac.earlyinit=true to enable sandbox early startup by default on Nightly only.
Pushed by haftandilian@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/22d335fc020f [Mac] Enable sandbox early startup by default on Nightly r=Alex_Gaynor
Comment 8•6 years ago
|
||
bugherder |
https://hg.mozilla.org/mozilla-central/rev/22d335fc020f
Status: NEW → RESOLVED
Closed: 6 years ago
Resolution: --- → FIXED
Target Milestone: --- → mozilla65
You need to log in
before you can comment on or make changes to this bug.
Description
•