From MozillaWiki
Jump to: navigation, search

« previous week | index | next week »

« previous week | index | next week »
  • Time: (Weekly) Tuesday at 13:30 PM PDT / 16:30 PM EDT / 21:30 PM UTC.
  • Place: Mozilla HQ, 3A-All Your Base (3rd Floor)
  • Phone (US/Intl): 650 903 0800 x92 Conf: 95316#
  • Phone (Toronto): 416 848 3114 x92 Conf: 95316#
  • Phone (US): 800 707 2533 (pin 369) Conf: 95316#


Second half

  • [decoder] ASan as a nightly and/or for hardened environments
  • B2G permissions model (dchan, want to chat?)

Project Updates Below


    • Discussions on the Permissions Model ongoing
    • Developer Phone release 4/1/12 [1]
    • Q1 Goals - complete review for developer phone
    • Q2 Goals - product phone aiming for release by end of Q2 so:
      • Complete all necessary security reviews
      • Complete documentation of B2G security architecture (is this something we are responsible for? I guess not, but I think we want to be involved)
      • Develop B2G fuzzing platform?

Automation Tools

    • Debate on whether Marionette should land on Gecko between devs and code reviewers in bug 712643.


    • [gkw, decoder] m-c, IonMonkey fuzzing continuously underway
      • decoder has a lot of asserts, gkw a lot of hard-to-reproduce-by-IM-devs GC bugs, Jesse a lot of general bugs
    • [decoder] Continue mobile fuzzing goal from Q1
      • In Q2: Deploy fuzzers compatible with ADBFuzz developed in Q1 (e.g. jsfunfuzz, domfuzz)
        • Involves getting necessary hardware and process in place
    • Move fuzzers to Releng hardware. jsfunfuzz harness migration underway.
      • Non-mobile hardware already in-place.
      • [gkw] Needed if we are to release funfuzz in April
        • why?
        • I wouldn't want to release old code from literally years ago only to overhaul them as they get released. Makes documentation easier (documenting the new code) as well.
    • I'd like if releng committed to fixing ;)
      • They rank it P3.
    • [gkw] Several Valgrind blockers for Mac OS X Snow Leopard & Lion fixed by sewardj
    • [jesse] tweaking jsfunfuzz to find bugs like our pwn2own bug


  • Q2 goal: get builds from RelEng
    • Get regular testing of Firefox setup
    • Integrate with our crash reporting so we can receive ASan crash reports once we decide to have more people testing ASan builds (e.g. a special nightly).
      • This could be great for troubleshooting. "Hitting an intermittent crash? Try an ASan build and see if it becomes a reliable crash."
  • ASan builds as a "hardened Firefox" for paranoid users?
    • For what kinds of does ASan really prevent exploitation, as opposed to just requiring attackers to change offsets or do more allocations?
      • Use-after-free as well as stack+heap buffer overruns should be covered
    • How many people are willing to take a 3x slowdown for it?
    • How would this compare to using debug builds with (at least some) assertions fatal?
      • Maybe we should enable the nsTArray and nsPresArena and compartment assertions for these builds, but not all assertions.
    • Target audience size not as big, asan builds likely Linux/Mac-only