1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
|
ASan Nightly
============
.. warning::
As of July 2025, the ASan Nightly Project has been **deprecated**.
Please see the :ref:`Deprecation FAQ <Deprecation FAQ>` section for more information.
The **ASan Nightly Project** involves building a Firefox Nightly browser
with the popular
`AddressSanitizer <https://github.com/google/sanitizers/wiki/AddressSanitizer>`__
tool and enhancing it with remote crash reporting capabilities for any
errors detected.
The purpose of the project is to find subtle memory corruptions
occurring during regular browsing that would either not crash at all or
crash in a way that we cannot figure out what the exact problem is just
from the crash dump. We have a lot of inactionable crash reports and
AddressSanitizer traces are usually a lot more actionable on their own
(especially use-after-free traces). Part of this project is to figure
out if and how many actionable crash reports ASan can give us just by
surfing around. The success of the project of course also depends on the
number of participants.
You can download the latest build using one of the links below. The
builds are self-updating daily like regular nightly builds (like with
regular builds, you can go to *"Help"* → *"About Nightly"* to force an
update check or confirm that you run the latest version).
.. note::
If you came here looking for regular ASan builds (e.g. for fuzzing or
as a developer to reproduce a crash), you should probably go to the
:ref:`Address Sanitizer` doc instead.
.. _Requirements:
Requirements
~~~~~~~~~~~~
Current requirements are:
- Windows or Linux-based Operating System
- 16 GB of RAM recommended
- Special ASan Nightly Firefox Build
- `Linux
Download <https://firefox-ci-tc.services.mozilla.com/api/index/v1/task/gecko.v2.mozilla-central.shippable.latest.firefox.linux64-asan-reporter-opt/artifacts/public/build/target.tar.xz>`__
- `Windows
Download <https://firefox-ci-tc.services.mozilla.com/api/index/v1/task/gecko.v2.mozilla-central.shippable.latest.firefox.win64-asan-reporter-shippable-repackage-signing/artifacts/public/build/target.installer.exe>`__
If you are already using regular Nightly, it should be safe to share the
profile with the regular Nightly instance. If you normally use a beta or
release build (and you would like to be able to switch back to these),
you should consider using a second profile.
.. warning::
**Windows Users:** Please note that the Windows builds currently show
an error during setup (see "*Known Issues*" section below), but
installation works nonetheless. We are working on the problem.
.. note::
If you run in an environment with any sorts of additional security
restrictions (e.g. custom process sandboxing), please make sure that
your /tmp directory is writable and the shipped ``llvm-symbolizer``
binary is executable from within the Firefox process.
Preferences
~~~~~~~~~~~
If you wish for your crash report to be identifiable, you can go to
``about:config`` and set the **``asanreporter.clientid``** to your
**valid email address**. This isn't mandatory, you can of course report
crash traces anonymously. If you decide to send reports with your email
address and you have a Bugzilla account, consider using the same email
as your Bugzilla account uses. We will then Cc you on any bugs filed
from your crash reports. If your email does not belong to a Bugzilla
account, then we will not publish it but only use it to resolve
questions about your crash reports.
.. note::
Setting this preference helps us to get back to you in case we have
questions about your setup/OS. Please consider using it so we can get
back to you if necessary.
Bug Bounty Program
~~~~~~~~~~~~~~~~~~
As a special reward for participating in the program, we decided to
treat all submitted reports as if they were filed directly in Bugzilla.
This means that reports that
- indicate a security issue of critical or high rating
- **and** that can be fixed by our developers
are eligible for a bug bounty according to our `client bug bounty
program
rules <https://www.mozilla.org/security/client-bug-bounty/>`__. As
the report will usually not include any steps to reproduce or a test
case, it will most likely receive a lower-end bounty. Like with regular
bug reports, we would typically reward the first (identifiable) report of
an issue.
.. warning::
If you would like to participate in the bounty program, make sure you
set your **``asanreporter.clientid``** preference as specified above.
We cannot reward any reports that are submitted with no email
address.
Known Issues
~~~~~~~~~~~~
This section lists all currently known limitations of the ASan Nightly
builds that are considered bugs.
- [STRIKEOUT:Flash is currently not working]
- `Bug
1477490 <https://bugzilla.mozilla.org/show_bug.cgi?id=1477490>`__\ [STRIKEOUT:-
Windows: Stack instrumentation disabled due to false positives]
- `Bug
1478096 <https://bugzilla.mozilla.org/show_bug.cgi?id=1478096>`__ -
**Windows:** Error during install with maintenanceservice_tmp.exe
- It has been reported that ASan Nightly performance is particularly
bad if you run on a screen with 120hz refresh rate. Switching to 60hz
should improve performance drastically.
Note that these bugs are **specific** to ASan Nightly as listed in the
`tracking bug dependency
list <https://bugzilla.mozilla.org/showdependencytree.cgi?id=1386297&hide_resolved=0>`__.
For the full list of bugs found by this project, see `this
list <https://bugzilla.mozilla.org/showdependencytree.cgi?id=1479399&hide_resolved=0>`__
instead and note that some bugs might not be shown because they are
security bugs.
If you encounter a bug not listed here, please file a bug at
`bugzilla.mozilla.org <https://bugzilla.mozilla.org/>`__ or send an
email to
`choller@mozilla.com <mailto:choller@mozilla.com?subject=%5BASan%20Nightly%20Project%5D%5BBug%20Report%5D>`__.
When filing a bug, it greatly helps if you Cc that email address and
make the bug block `bug
1386297 <https://bugzilla.mozilla.org/show_bug.cgi?id=1386297>`__.
FAQ
~~~
What additional data is collected?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The project only collects ASan traces and (if you set it in the
preferences) your email address. We don't collect any other browser
data, in particular not the sites you were visiting or page contents. It
is really just crash traces submitted to a remote location.
.. note::
The ASan Nightly browser also still has all the data collection
capabilities of a regular Nightly browser. The answer above only
refers to what this project collects **in addition** to what the
regular Nightly browser can collect.
What's the performance impact?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
The ASan Nightly build only comes with a slight slowdown at startup and
browsing, sometimes it is not even noticeable. The RAM consumption
however is much higher than with a regular build. Be prepared to restart
your browser sometimes, especially if you use a lot of tabs at once.
Also, the updates are larger than the regular ones, so download times
for updates will be higher, especially if you have a slower internet
connection.
.. warning::
If you experience performance issues, see also the *"Known Issues"*
section above, in particular the problem about screen refresh rate
slowing down Firefox.
What about stability?
^^^^^^^^^^^^^^^^^^^^^
The browser is as stable as a regular Nightly build. Various people have
been surfing around with it for their daily work for weeks now and we
have barely received any crash reports.
How do I confirm that I'm running the correct build?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
If you open ``about:config`` and type *"asanreporter"* into the search
field, you should see an entry called ``asanreporter.apiurl`` associated
with a URL. Do not modify this value.
.. warning::
Since Firefox 64, the *"ASan Crash Reporter"* feature is no longer
listed in ``about:support``
Will there be support for Mac?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
We are working on support for Mac, but it might take longer because we
have no ASan CI coverage on Mac due to hardware constraints. If you work
on Release Engineering and would like to help make e.g. Mac happen
earlier, feel free to `contact
me <mailto:choller@mozilla.com?subject=%5BASan%20Nightly%20Project%5D%20>`__.
.. _Deprecation FAQ:
Deprecation FAQ
~~~~~~~~~~~~~~~
I received the deprecation warning in my browser, what do I need to do?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
Please `download <https://www.mozilla.org/firefox/channel/desktop/>`__ the
regular Nightly version of Firefox and install it instead.
Why are you deprecating the ASan Nightly Program?
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
While the ASan Nightly Program was a crucial improvement at the time it was
started, it has since been replaced by Probabilistic Heap Checker (PHC), which
is a memory sampling approach deployed in all eligible Firefox release
installations. Instead of checking all memory accesses, it only tracks the
lifetime of a small number of randomly selected allocations and enhances the
information submitted in regular crash reports if such a memory allocation is
involved in a crash. Overall, this approach scales much better as it can be
deployed to most Firefox installations without a significant performance
impact.
|
