Meeting 2019-02-21

Triage: https://mozilla-necko.github.io/necko-triage/

  • This week: Michal
  • Next week: Junior (21-28 feb) Triage Arrow

Round table items:

  • Crash [@ StrChrIA ] - https://bugzilla.mozilla.org/show_bug.cgi?id=530074
  • SSL proxies - https://bugzilla.mozilla.org/show_bug.cgi?id=1522781

Valentin

  • landed bug 1521808 (Cross Origin Opener Policy)
  • landed 1528188 - Crash in TriggerCrossProcessRedirect
  • looked into whether TRR ECS pref works correctly
  • 1520062 - HTTPChannel seems to incorrectly keep references to its mListener.
    • patch that fixes leak
    • patch that adds more tests for calling nsIChannel.cancel
    • TODO maybe? patch that closes the tab early so we call ActorDestroy
  • 1525036 - Implement Cross-Origin header (requiring CORS for subresources)

Michal

  • triage
  • 1525527 Crash in OOM | large | NS_ABORT_OOM | mozilla::dom::WebSocket::CreateAndDispatchMessage [landed]
  • 1499825 intermittent server not found
  • 1529498 null pointer writes in mozilla::net::Predictor::LearnNative
  • 1527293 Loading a large script transferred with Content-Range from cache returns empty file

Kershaw

  • Socket process
    1. Bug 1527256 - [socket process] make about:networking work
    2. Merge mc to larch
  • Bug 1521729 - Make nsHttpChannel::AsyncOpen wait (async) for HSTS data to be available before connecting to non-https URLs

Junior

  • land sec bug 1507110
  • uplift Bug 1505844 Crash in mozilla::dom::FetchDriver::HttpFetch to esr 60.5.2 since reuters used fetch data://

Valentin

Christian Holler (:decoder):

  • better necko fuzzing
  • no systematic approach for doing necko fuzzing from outside of the browser
  • create generic fuzzing layer to provide networking data in a buffer
  • prototyped by kershaw
  • integrated with libfuzzer - observes code coverage while testing.
  • gtest is fuzzing target
  • websocket as fuzzing target (a little more complicated) - doubles code coverage compared with our current tests
  • async is a problem for libfuzzer but that is mostly fixed
  • non-determinism in the fuzzer - some use cases aren't always reproducible
  • DNS should be disabled (network.dns.native-is-localhost can be used?)
  • needs another ENV variable to enable/disable?
  • not landing fuzzing target until most bugs are found
  • Honza to help with non-determinism
  • Fuzzing TLS is difficult
  • We could disable TLS for HTTP2
  • compression is already fuzzed - so we may want to disable compression
    • identity compression for websocket?
  • buildflags for libfuzzer. WS keychecking is disabled
  • goal is to cover all files in http/ folder
  • http2 is also undertested
  • TLS is another layer, like the fuzzer, we can fake it. maybe needs necko help
  • it scales
  • is run like a gtest
  • is very fast because is does no networking