TL;DR: we're rolling out PHC, currently at 1% soon at 10%. If you already know about PHC that's the new information.
I've been filing a few extra crash reports with memory errors such as buffer overruns and use after frees. I found a comment on one of them this morning "Where do these extra stacks come from?". That's a great question and tells me I haven't communicated this widely enough yet. I'd like to do that properly later, but for now I'd like this e-mail to serve as an informal introduction. The Probabilistic Heap Checker (PHC) is a component in Firefox that will, probabilistically, redirect a `malloc()` request into a special area where it can perform extra checking for memory errors. It can detect buffer overruns and use-after-free errors. But the really cool thing is that it records the stack at the time of allocation and free. So that for a use-after-free, the crash report constrains not only the stack where the error occurred, but stacks that describe the object's lifetime. It also records the address and size of the memory allocation. This information is behind "Protected Data Access", engineers with the appropriate crash-stats permission have access, it's also not symbolicised so far. So most people are going to notice it when bugs are filed against their components. They'll see the extra stacks in the bug report and might wonder where it came from if they don't have protected data access. Right now this runs for everybody in Firefox Nightly (and has done for years), now we're rolling it out in Firefox Release, it's enabled for roughly 1% of our population in Firefox 120 and 121 and we already have 13 crash reports annotated with PHC stacks from december (not all of them are genuine). We're planning to roll out to 10% of release in January which means we could expect ~130 crash reports (some percentage of which will be genuine bugs). We're looking forward to having this new capability to find and diagnose memory errors. I'll be filing bugs for these as appropriate and attaching these extra stacks. I'll also continue to be making improvements to PHC in the new year. Until then, if you're taking a break this time of year have a safe and happy holiday season. Cheers. -- You received this message because you are subscribed to the Google Groups "[email protected]" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/mozilla.org/d/msgid/dev-platform/CANdLaqBq3JsDrbRSOPCMAFQF41N%3D%3DRjCFvojF4%3DpV9K2Tq2zAQ%40mail.gmail.com.
