Closed
Bug 1693625
Opened 3 years ago
Closed 3 years ago
Use soft-error instead of/in addition to release assert during XDR decode
Categories
(Core :: JavaScript Engine, task, P3)
Core
JavaScript Engine
Tracking
()
RESOLVED
FIXED
88 Branch
People
(Reporter: arai, Assigned: arai)
References
Details
Attachments
(2 files)
|
48 bytes,
text/x-phabricator-request
|
Details | Review | |
|
48 bytes,
text/x-phabricator-request
|
jcristau
:
approval-mozilla-beta+
|
Details | Review |
We use mozilla::Span in the CompilationStencil, and out-of-range access hits release-assert.
If we have such branch anyway, it's better returning soft error (JS::TranscodeResult_Failure_BadDecode),
assuming that XDR buffer can contain error (bit flip etc).
|
Assignee | |
Comment 1•3 years ago
|
||
Depends on D105923
Pushed by arai_a@mac.com: https://hg.mozilla.org/integration/autoland/rev/5353d36c4846 Use soft-error for out-of-bound ParserAtomSpan index while decoding. r=mgaudet
|
||
Comment 3•3 years ago
|
||
Backout info: https://bugzilla.mozilla.org/show_bug.cgi?id=1693184#c4
Pushed by arai_a@mac.com: https://hg.mozilla.org/integration/autoland/rev/367741ac0bf5 Use soft-error for out-of-bound ParserAtomSpan index while decoding. r=mgaudet
|
|
Assignee | |
Comment 5•3 years ago
|
||
|
|
Assignee | |
Updated•3 years ago
|
Attachment #9207688 -
Attachment description: Bug 1693625 - Use soft-error for out-of-bound ParserAtomSpan index while decoding. r=mgaudet! → (mozilla-beta) Bug 1693625 - Use soft-error for out-of-bound ParserAtomSpan index while decoding. r=mgaudet!
|
|
Assignee | |
Comment 6•3 years ago
|
||
Comment on attachment 9207688 [details]
Bug 1693625 - Use soft-error for out-of-bound ParserAtomSpan index while decoding. r=mgaudet!
Beta/Release Uplift Approval Request
- User impact if declined: Crash while loading a webpage (bug 1693137), if there's data corruption in bytecode cache data.
That is likely a signature change from existing other bugs (see bug 1693137 comment #9).
There's no automated-test or manual-test. we'll check crash stats for the effect.
- Is this code covered by automated tests?: No
- Has the fix been verified in Nightly?: No
- Needs manual test from QE?: No
- If yes, steps to reproduce:
- List of other uplifts needed: None
- Risk to taking this patch: Low
- Why is the change risky/not risky? (and alternatives if risky): This changes a crash on cache data corruption to fallback path, that aborts using the cache.
- String changes made/needed: None
Attachment #9207688 -
Flags: approval-mozilla-beta?
|
||
Updated•3 years ago
|
Attachment #9207688 -
Attachment description: (mozilla-beta) Bug 1693625 - Use soft-error for out-of-bound ParserAtomSpan index while decoding. r=mgaudet! → Bug 1693625 - Use soft-error for out-of-bound ParserAtomSpan index while decoding. r=mgaudet!
|
||
Comment 7•3 years ago
|
||
| bugherder | ||
Status: ASSIGNED → RESOLVED
Closed: 3 years ago
status-firefox88:
--- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 88 Branch
|
||
Comment 8•3 years ago
|
||
Comment on attachment 9207688 [details]
Bug 1693625 - Use soft-error for out-of-bound ParserAtomSpan index while decoding. r=mgaudet!
approved for 87.0b8
Attachment #9207688 -
Flags: approval-mozilla-beta? → approval-mozilla-beta+
|
||
Updated•3 years ago
|
status-firefox86:
--- → affected
status-firefox87:
--- → affected
|
|
||
Comment 9•3 years ago
|
||
| bugherder uplift | ||
|
||
Updated•3 years ago
|
You need to log in
before you can comment on or make changes to this bug.
Description
•