Hey Christian, This is great! I'm super excited.
ASAN helps in another way, besides just giving us much better UAF diagnostics: it catches issues besides crashes! It's very common for small buffer overflows to not corrupt things quite enough to crash. Two small questions: 1) Is there a metabug or anything to follow along with, for folks who interested to track the success of this? 2) My understanding is that we don't have macOS-ASAN-nightly (which, as a macOS user, I'm interested in) because we don't have enough macOS CI capacity to add ASAN builds to all pushes (as we do with Linux and Windows ASAN), is that right? Alex On Mon, Jul 9, 2018 at 11:43 AM Christian Holler <chol...@mozilla.com> wrote: > tl;dr If you run Linux with at least 16 GB of RAM and you would like to > help making Firefox even more secure and stable, please consider joining > the ASan Nightly Project by using a special Nightly browser [1][2]. Windows > Users: We are actively working on Windows support and will send more > communication once it is available. > > > Hi everyone, > > despite all of our testing efforts, Firefox still sometimes crashes in the > wild and some of these crashes even look like security problems (e.g. > use-after-free or other memory corruptions). Unfortunately, in many of > these cases, the data we have in our crash-stats are not actionable on > their own (i.e. do not provide enough information for a developer to be > able to find and fix the problem). > > In CI and fuzzing, we have been using AddressSanitizer (ASan), a > compile-time instrumentation, very successfully for quite a while now. In > particular the information it provides about use-after-free is much more > actionable than a simple crash stack. > > In order to leverage the combined power of Nightly testing and ASan, we > have come up with a special ASan Nightly build [1] that is equipped with a > special ASan reporter addon. This addon is capable of collecting and > reporting ASan errors back to us, once they are detected. We hope to find > such errors in the wild and then use the ASan error report to identify and > fix the problem, even though it might not be reproducible. > > Of course this approach comes with a drawback: While ASan’s performance is > really good, its memory usage is significantly higher compared to a regular > Nightly browser. Furthermore, ASan needs to retain free’d memory for a > while in order to detect use-after-free on it. Hence, running such a build > requires you to have enough RAM (at least 16 GB is recommended) and restart > the browser once or twice a day. > > This project can only succeed if enough people are using it. So if you > meet the requirements, I would be very happy if you joined the project [2]. > > Thanks! > > - Chris (:decoder) > > [1] > https://archive.mozilla.org/pub/firefox/nightly/latest-mozilla-central/firefox-63.0a1.en-US.linux-x86_64-asan-reporter.tar.bz2 > > [2] > https://developer.mozilla.org/en-US/docs/Mozilla/Testing/ASan_Nightly_Project > _______________________________________________ dev-platform mailing list dev-platform@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-platform
