Closed Bug 1955775 Opened 1 year ago Closed 1 year ago

nsIPrincipal::GetHashValue can change result over a principal's lifetime.

Categories

(Core :: Security: CAPS, defect)

Product:
Core
Component:
Security: CAPS
Type:
defect

Tracking

()

Status:
RESOLVED FIXED
Milestone:
139 Branch
Tracking Flags:
Tracking Status
firefox139 --- fixed

People

(Reporter: emilio, Assigned: emilio)

References

Details

(Keywords: perf-alert)

Attachments

(1 file)

Bug 1955775 - Don't include domain in ContentPrincipal::GetHashValue. r=nika,bholley
48 bytes, text/x-phabricator-request
Details | Review

This is the root cause of the linked bug:

EnsureHash(https://static01.nyt.com/images/2011/08/04/opinion/BOYLAN_NEW/BOYLAN_NEW-thumbLarge-v6.png): part = 7a7cb03feba0(hash=719293355), loader = 7a7cb03fed60, cd = 0, apptype = 0, cors = 0, result = 3754973933
...
EnsureHash(https://static01.nyt.com/images/2011/08/04/opinion/BOYLAN_NEW/BOYLAN_NEW-thumbLarge-v6.png): part = 7a7cb03feba0(hash=3071997195), loader = 7a7cb03fed60, cd = 0, apptype = 0, cors = 0, result = 288885748

Note how the principal pointer is the same (7a7cb03feba0), yet the hash is different. Nika, Christoph do you know if this is expected? Feels really off...

Flags: needinfo?(nika)
Flags: needinfo?(ckerschb)
No longer depends on: 1955624
See Also: → 1955624

I guess this is because of the document.domain setter...

As it can mutate over the lifetime of the principal.

Assignee: nobody → emilio
Status: NEW → ASSIGNED
Flags: needinfo?(nika)
Flags: needinfo?(ckerschb)
Pushed by ealvarez@mozilla.com: https://hg.mozilla.org/integration/autoland/rev/49c0ba840ebd Don't include domain in ContentPrincipal::GetHashValue. r=nika,ckerschb

https://hg.mozilla.org/mozilla-central/rev/49c0ba840ebd

Status: ASSIGNED → RESOLVED
Closed: 1 year ago
status-firefox139: --- → fixed
Resolution: --- → FIXED
Target Milestone: --- → 139 Branch

(In reply to Pulsebot from comment #3)

Pushed by ealvarez@mozilla.com:
https://hg.mozilla.org/integration/autoland/rev/49c0ba840ebd
Don't include domain in ContentPrincipal::GetHashValue. r=nika,ckerschb

Perfherder has detected a browsertime performance change from push 49c0ba840ebdfc5d41e297c8295dc1201de4f696.

If you have any questions, please reach out to a performance sheriff. Alternatively, you can find help on Slack by joining #perf-help, and on Matrix you can find help by joining #perftest.

Improvements:

Ratio Test Platform Options Absolute values (old vs new) Performance Profiles
88% nytimes largestContentfulPaint macosx1470-64-shippable fission warm webrender 545.42 -> 68.08 Before/After
86% nytimes largestContentfulPaint windows11-64-24h2-shippable fission warm webrender 389.08 -> 55.65 Before/After
78% nytimes largestContentfulPaint linux1804-64-shippable-qr fission warm webrender 441.80 -> 95.79 Before/After
19% nytimes ContentfulSpeedIndex windows11-64-24h2-shippable fission warm webrender 183.14 -> 148.80 Before/After
18% nytimes ContentfulSpeedIndex windows11-64-24h2-shippable fission warm webrender 187.10 -> 154.35 Before/After
3% nytimes SpeedIndex windows11-64-24h2-shippable fission warm webrender 607.00 -> 591.76 Before/After

Details of the alert can be found in the alert summary, including links to graphs and comparisons for each of the affected tests.

If you need the profiling jobs you can trigger them yourself from treeherder job view or ask a performance sheriff to do that for you.

You can run all of these tests on try with ./mach try perf --alert 44607

The following documentation link provides more information about this command.

Keywords: perf-alert
QA Whiteboard: [qa-triage-done-c140/b139]
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: