About  Project Blog Resources

Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

Eliminating Data Races in Firefox – A Technical Report- 448

Mozilla Posted 4 Years Ago
  • Race conditions are a common bug in multi-thread and multi-process applications that are incredibly hard to track down. Using Thread Sanitizer the Mozilla essentially eliminated a bug class from Firefox! The Clang Thread Sanitizer is a tool that can help detect data races in C/C++ code by adding a significant amount of instrumentation.
  • Running this tool is no where near enough to figure out what is going on. The tool returns TWO types of races: Benign and Impactful. But, in reality, the classification is not sound. So, the Mozilla team decided to go with a no data race policy in order to have the best security.
  • At first, this seemed like a very large task. However, most of the fixes were trivial and/or improved code quality. So, this task was taken on by the Mozilla team!
  • While running through the Thread Sanitizer cases, they found some interesting issues. First, bitfields were a common spot were issues occurred for races and real world bugs. Because the fields are abstracted away and atomic operations are not the default, this bug occurred all over the place. They created an abstract atomic class to make this easier to fix.
  • An additional cause was code that was expected to be single threaded by was being used in a multi-threaded way. Of course, this yielded many bad bugs, especially in the configuration settings.
  • They have a mention of a Late-Validated Races. This is essentially a boolean checking for initialization then taking the Mutex if needed. However, if the data is initialized after this check by two different threads, it created undefined behavior. Instead, just write proper atomic code.
  • Even some Rust code had concurrency issues! The solution to these problems was to make the variables being accessed atomic.
  • Overall, the Thread Sanitizer looks like an amazing piece of software that can be used to find race conditions. In the future, I'll be using the whole bag of *SAN's to test my software.

Maxwell DulinEmail me!TwitterGithubAdminBlog RSS FeedResources RSS Feed