New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 603656 link

Starred by 2 users
Status: Fixed
Owner:
ckrasic@chromium.org
Last visit > 30 days ago
Closed: Jul 2017
Cc:
alyssar@chromium.org
rch@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Windows
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Type casting bug in QUIC can cause errors for large (> 4GB) transfers.

Project Member Reported by ckrasic@chromium.org, Apr 14 2016 
Version: 49
OS: All 32 bit builds

This issue was originally reported by a customer through internal channels.  The internal bug number is 27038268.   

The bug effectively causes large transfers (> 4GB) over QUIC to fail.
See http://shortn/_35dQnVtamP for UMA data indicating a sharp rise as M49 went out, presently at about a rate of 8k occurences per day.

The fix is one line change described in 

https://codereview.chromium.org/1808013003/

As part of the normal QUIC merge process, that change was actually landed as a result of the following review:

https://codereview.chromium.org/1811043002/

It landed on 2016-03-17, but it did not make the M50 cut.  

This bug is created for the purpose of requesting the fix be included in the next post stable release for M50.   Our thinking would be to manually land a new change with the one line fix on the M50 branch for that purpose.

Comment 1 by ckrasic@chromium.org, Apr 14 2016

Owner: ckrasic@chromium.org

Comment 2 by ckrasic@chromium.org, Apr 14 2016

Labels: Merge-Request-50

Comment 3 by rdsmith@chromium.org, Apr 14 2016 

Is it reasonable to request net-dev@ not be cc'd on bugs like this?  I prefer the pattern that, if you want a bug to have a lot of exposure, send a separate email to net-dev@ with a pointer, and then people can subscribe individually.

Comment 4 by mmenke@chromium.org, Apr 14 2016

Cc: -net-dev@chromium.org
Indeed...net-dev has over 200 members, most of whom do not care about this bug, and have no interest in being emailed updates about it.

Comment 5 by tin...@google.com, Apr 15 2016

Labels: -Merge-Request-50 Merge-Review-50 Hotlist-Merge-Review
[Automated comment] Less than 2 weeks to go before stable on M50, manual review required.

Comment 6 by cbentzel@chromium.org, Apr 15 2016

Components: Internals>Network>QUIC
Project Member

Comment 7 by bugdroid1@chromium.org, Apr 18 2016

Labels: merge-merged-2661
The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/d2116bf269549309bf6272cab02e55bad406227f

commit d2116bf269549309bf6272cab02e55bad406227f
Author: ckrasic <ckrasic@chromium.org>
Date: Mon Apr 18 21:25:14 2016

QUIC - Fix a type casting bug in quic stream sequencer buffer.

This change is manually created against branch 2661 (M50) for post
release merge.

Without this change, a QUIC frame with offset higher than 2^32 might corrupt StreamSequencerBuffer's missing frame recording logic in a 32-bit machine.

Merge internal change: 117245736

BUG= 603656 
NOTRY=true
NOPRESUBMIT=true

Review URL: https://codereview.chromium.org/1893803002

Cr-Commit-Position: refs/branch-heads/2661@{#601}
Cr-Branched-From: ef6f6ae5e4c96622286b563658d5cd62a6cf1197-refs/heads/master@{#378081}

[modify] https://crrev.com/d2116bf269549309bf6272cab02e55bad406227f/net/quic/stream_sequencer_buffer.cc
[modify] https://crrev.com/d2116bf269549309bf6272cab02e55bad406227f/net/quic/stream_sequencer_buffer_test.cc

Comment 8 by tin...@google.com, Apr 18 2016

Labels: -Merge-Review-50 Merge-Approved-50

Comment 9 by tin...@google.com, Apr 18 2016 

Merge approved during email discussions to sort it out.

Comment 10 by tin...@google.com, Apr 18 2016

Labels: -Merge-Approved-50

Comment 11 by ckrasic@chromium.org, Jul 11 2017

Status: Fixed (was: Started)

Sign in to add a comment