[webkit-dev] rolling out a buggy security patch

Ryosuke Niwa rniwa at webkit.org
Tue Mar 12 01:43:22 PDT 2013

It seems like Oliver has already r+ed the patch.

I wish we had a better way of dealing with regressions from security bug
fixes. In theory, sheriffbot should be able to roll out security bug fixes
without having to access the original bug.

- R. Niwa

On Tue, Mar 12, 2013 at 1:15 AM, Osztrogonác Csaba <oszi at inf.u-szeged.hu>wrote:

> Hi All,
> https://trac.webkit.org/**changeset/145482<https://trac.webkit.org/changeset/145482>which is a security
> fix, broke 33 JSC tests and made zillion layout test timeout
> on all platform. (It seems the author forgot to run tests at
> least on his own platform and watching the bots after landing.)
> It made bots early exit and very long test runtime. Now bots can't
> catch any new regression because of this patch. I tried to ping the
> author and reviewer on #webkit, but they are unavailable.
> Unfortunately rolling out isn't possible with sheriffbot. And I
> don't think if I have authorization for rolling out a security fix
> without review irrespectively of its goodness/buginess. Additionally
> EWS bots can't test security patches without security group access.
> And gardeners can't comment the original security bug report because
> of the same reason.
> So I filed a new bug report about this serious and blocker regression:
> https://bugs.webkit.org/show_**bug.cgi?id=112112<https://bugs.webkit.org/show_bug.cgi?id=112112>and I propose that we
> should roll it out until the author can fix it offline. Could you
> review this rollout patch, please?
> Otherwise it would be great if EWS bots can test security patches
> before committing to avoid similar problems. I noticed that a security
> fix broke the build and/or many tests several times.
> br,
> Ossy
> ______________________________**_________________
> webkit-dev mailing list
> webkit-dev at lists.webkit.org
> https://lists.webkit.org/**mailman/listinfo/webkit-dev<https://lists.webkit.org/mailman/listinfo/webkit-dev>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.webkit.org/pipermail/webkit-dev/attachments/20130312/65fcf7d8/attachment.html>

More information about the webkit-dev mailing list