Currently, Windows ERROR_FILE_CORRUPT is mapped to NS_ERROR_FILE_FS_CORRUPTED in our codebase.
This commit refactors the error mapping to distinguish between NS_ERROR_FILE_FS_CORRUPTED and NS_ERROR_FILE_CORRUPTED.
Details
- Reviewers
jstutte janv - Group Reviewers
dom-storage-reviewers - Bugzilla Bug ID
- 1870868
Diff Detail
- Repository
- rMOZILLACENTRAL mozilla-central
- Branch
- default
- Lint
No Lint Coverage - Unit
No Test Coverage
Event Timeline
The bug number seems to be incorrect.
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) | Hm, we still want to ignore NS_ERROR_FILE_FS_CORRUPTED as well, no ? |
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) | I do not think so, if we want to restore the original behavior from bug 1690234 ? That was the objective of having separate mappings, I think. |
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) |
But we first need bug 1705304, no ? |
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) | To recap my understanding:
So the initial reason why we did bug 1690234 (initialization failures caused by ERROR_FILE_CORRUPT) is not changed by this patch. And failing as early as possible on `ERROR_DISK_CORRUPT seems reasonable to me, I assume general Firefox operations will be not predictable in this case, anyways. I cannot really see what advantage it would give the user to continue to hammer on a corrupted device (assuming the windows error message means to be a non recoverable problem). Having bug 1705304 would be nice in general, but I do not think it is a prerequisite to do the proposed change back here. I'd thus think the risk for this change to cause a higher amount of storage initialization failures is low, but if we want to wait with landing after the holidays, we can do that, of course. |
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) |
Only one file or directory could be corrupted in the file system ? |
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) |
I'd expect Windows to be smart enough to use ERROR_FILE_CORRUPT in that case. The current situation hides ERROR_DISK_CORRUPT from the initialization error processing and I cannot believe that this helps with anything but our statistics via telemetry.
We need to do anything only if we want to do it both. Changing just the label of the shared mapping is equally meaningless as the current label, I do not see the point to do just that, at least if we trust Windows to be meaningful when distinguishing DISK from FILE here. |
What we could do in general would be to ignore fatal errors in the sense of bug 1705304 in our scripts that generate bug comments to reduce the noise we have to look at.
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) | As a side note, [here](https://searchfox.org/mozilla-central/source/dom/system/IOUtils.cpp#250) the current implementation throws the wrong error because of the mapping, although I don't know if the error is ever propagated to a JSPromise reject call. |
As a related sidenote should [[ https://searchfox.org/mozilla-central/source/dom/localstorage/ActorsParent.cpp#997 | ExistsAsFile ]] return true it we would encounter a ERROR_FILE_CORRUPT?
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) |
dom/quota/QuotaCommon.cpp | ||
---|---|---|
206 ↗ | (On Diff #801960) | The Comment about is a report from the error propagation bot, in this code location there are especially many hits in cases where the FS is corrupted. If we were to go through with this remapping, we could return from the recursion call on NS_ERROR_FILE_FS_CORRUPTED. |
As noted in D205317, mapping ERROR_FILE_CORRUPT to NS_ERROR_FILE_CORRUPTED might cause problems. For example we would start deleting origin directories when we get ERROR_FILE_CORRUPT during origin initialization, see https://phabricator.services.mozilla.com/D205317#7047018