[nnethercote]

> _infested_ with memory leaks and UAFs

Really? That doesn't match my experience -- the full Firefox test suite is run through ASAN on every check-in. (See the "Linux x64 ASAN" results at https://tbpl.mozilla.org/?tree=Mozilla-Inbound, for example).

So I'd be interested to know what you base this claim on.

[Ono-Sendai]

I wonder how many functions are suppressed from issuing error reports, if any.

[nnethercote]

There are suppressions for LSAN (http://mxr.mozilla.org/mozilla-central/source/build/sanitize...) and TSAN (http://mxr.mozilla.org/mozilla-central/source/build/sanitize...). But none for ASAN that I could find.

I've talked to the person who implemented the LSAN support, and he says that the LSAN leaks being suppressed are not particularly large.

I also know a person who has recently been running the main test suite through Valgrind. (We do smoketests with Valgrind on every checkin, but not the full suite because it's too slow.) He found a few undefined value errors, which ASAN cannot detect, and which are getting fixed, but no UAFs as far as I know.

[Ono-Sendai]

Interesting, thanks! Valgrind is indeed very very slow :) I have tried 'undefined behaviour sanitizer' (part of ASAN project I believe), it's not bad.