Run AddressSanitizer on Firefox

RESOLVED WORKSFORME

Status

()

Core
Security
RESOLVED WORKSFORME
7 years ago
4 years ago

People

(Reporter: azakai, Assigned: Ehsan)

Tracking

(Blocks: 1 bug, {sec-want})

Other Branch
x86
Linux
sec-want
Points:
---
Dependency tree / graph

Firefox Tracking Flags

(Not tracked)

Details

(Whiteboard: [sg:want])

(Reporter)

Description

7 years ago
AddressSanitizer was recently released by Google,

http://code.google.com/p/address-sanitizer/wiki/AddressSanitizer

It's a memory error detector. Sort of like valgrind, but can detect slightly different stuff, and faster/with less memory. Google have found bugs in Chromium with it.

The procedure is apparently to build with LLVM, then AddressSanitizer rewrites the LLVM code. You then run that normally (not inside a special environment like valgrind).

This bug is to track investigation of the tool, and seeing if we can use it in Firefox.
(Reporter)

Comment 1

7 years ago
cc'ing some people I hope will be interested.

Updated

7 years ago
Whiteboard: [sg:want]
(Assignee)

Comment 2

7 years ago
I've been working on this as a hobby(!), so I might just make it official.
Assignee: nobody → ehsan
(Assignee)

Updated

7 years ago
Depends on: 665056
(Assignee)

Updated

7 years ago
No longer depends on: 665056
(Assignee)

Comment 3

7 years ago
My experience with Address Sanitizer: http://ehsanakhgari.org/blog/2011-06-30/building-firefox-address-sanitizer
I've been trying to build Firefox just as Ehsan described in comment 3 because I think it would be very valuable for us to run fuzzers in Firefox with address sanitizer. Unfortunately I did not succeed but I remember that this worked before. It would be good if someone else could try to reproduce the build like Ehsan did it and let me know if it works. If not, then we should quickly work on getting this up and running.
See Also: → bug 699520

Updated

7 years ago
Depends on: 699520, 709483, 709580
See Also: bug 699520
Depends on: 727445
Depends on: 748727
Depends on: 748739
Depends on: 749588
Depends on: 749768
Depends on: 753135
Depends on: 768405
Depends on: 768406
Depends on: 777421
We've been running Firefox with ASAN for a year or so.
Status: NEW → RESOLVED
Last Resolved: 4 years ago
Resolution: --- → WORKSFORME

Updated

4 years ago
Blocks: 863846
You need to log in before you can comment on or make changes to this bug.