[meta] PHC (Probabilistic Heap Checker): a port of Chromium's GWP-ASan project to Firefox
Categories
(Core :: Memory Allocator, enhancement, P2)
Tracking
()
People
(Reporter: decoder, Assigned: decoder)
References
(Depends on 3 open bugs, )
Details
(Keywords: meta, sec-want)
The GWP-ASan project is a debug tool written by Google for Chrome. It’s purpose is to detect certain types of memory errors (including use-after-free). Unlike regular AddressSanitizer (ASan), the GWP-ASan project does this in a more lightweight and sampled way, meaning that each allocation is only checked with a certain probability.
The overall goal of our project is to port gwp-asan to Firefox including crash reporter support and deploy it to various channels, depending on how performance works out.
|
||
Updated•7 years ago
|
|
||
Updated•6 years ago
|
|
||
Comment 1•6 years ago
|
||
Is this bug also going to be used to track crashes found with PHC, or is there a separate meta for that?
|
|
||
Comment 2•6 years ago
|
||
It is currently being used to track crashes, but if someone wanted to create a separate bug for that I wouldn't object.
|
||
Updated•6 years ago
|
|
||
Comment 3•4 years ago
|
||
Notes from discussion:
- It might be handy to have some way to mark certain allocations as having a higher probability of being covered by PHC, but this may need significant code work.
- It may be useful to apply PHC selectively to some processes (especially wrt Fission), but then make the "backlog" of not-freed-to-the-os allocations much larger to increase the probability of finding UAF.
|
|
||
Updated•4 years ago
|
|
|
||
Updated•4 years ago
|
Description
•