Open
Bug 1523268
(PHC)
Opened 6 years ago
Updated 2 years ago
[meta] PHC (Probabilistic Heap Checker): a port of Chromium's GWP-ASan project to Firefox
Categories
(Core :: Memory Allocator, enhancement, P2)
Core
Memory Allocator
Tracking
()
NEW
People
(Reporter: decoder, Assigned: decoder)
References
(Depends on 4 open bugs, )
Details
(Keywords: meta, sec-want)
The GWP-ASan project is a debug tool written by Google for Chrome. It’s purpose is to detect certain types of memory errors (including use-after-free). Unlike regular AddressSanitizer (ASan), the GWP-ASan project does this in a more lightweight and sampled way, meaning that each allocation is only checked with a certain probability.
The overall goal of our project is to port gwp-asan to Firefox including crash reporter support and deploy it to various channels, depending on how performance works out.
Updated•6 years ago
|
Priority: -- → P3
Updated•5 years ago
|
Alias: gwp-asan → PHC
Summary: [meta] Port the GWP-ASan project to Firefox → [meta] PHC (Probabilistic Heap Checker): a port of Chromium's GWP-ASan project to Firefox
Comment 1•5 years ago
|
||
Is this bug also going to be used to track crashes found with PHC, or is there a separate meta for that?
Comment 2•5 years ago
|
||
It is currently being used to track crashes, but if someone wanted to create a separate bug for that I wouldn't object.
Updated•5 years ago
|
Depends on: nv50_validate_tic
Comment 3•3 years ago
|
||
Notes from discussion:
- It might be handy to have some way to mark certain allocations as having a higher probability of being covered by PHC, but this may need significant code work.
- It may be useful to apply PHC selectively to some processes (especially wrt Fission), but then make the "backlog" of not-freed-to-the-os allocations much larger to increase the probability of finding UAF.
Updated•3 years ago
|
Severity: major → S4
Priority: P3 → P2
Updated•3 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•