19:00:13 <GeKo> #startmeeting tor browser
19:00:13 <MeetBot> Meeting started Mon Mar 13 19:00:13 2017 UTC.  The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot.
19:00:13 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
19:00:17 <GeKo> hi!
19:00:27 <GeKo> welcome to another tor browser meeting
19:01:00 <GeKo> i hope we have everyone on board despite some daylight saving things that started on the weekend
19:01:15 <mcs> hi
19:01:15 * GeKo is looking at the us folks like mcs
19:01:18 <GeKo> aha!
19:01:23 <mcs> present and accounted for :)
19:01:32 <GeKo> neat, neat :)
19:01:45 <boklm> hi!
19:01:53 <GeKo> arthuredelstein: i guess you are around, too?
19:02:09 <GeKo> who wants to go first today?
19:02:32 * mcs will go first
19:02:33 <arthuredelstein> hi!
19:02:43 <mcs> Last week, Kathy and I finished our revised fix for #20761.
19:02:48 <mcs> We filled out the Trac replacement survey.
19:02:52 <mcs> We reviewed some patches.
19:02:57 <mcs> Then we started to look at the Firefox 52 release notes and bug lists (for #19048) but we did not finish.
19:03:05 <mcs> This week we will finish reviewing the Firefox 52 bugs and we will add anything new that we find to #19048.
19:03:17 <mcs> We will review patches (there are a few more pending now).
19:03:23 <mcs> Then we will work on one or more of the “tbb-7.0-must” tickets.
19:03:28 <mcs> That’s all for now.
19:04:33 <mikeperry> I started reviewing FF52 networking code last week. not sure if I will finish by the 1st due to the dev meeting, but I'm working on it
19:05:05 <mikeperry> going forward I'm a little worried about the switch to rust causing mozilla to forget about proxy safety in rust. their bindings expose a lot of bare socket calls
19:05:26 <GeKo> yeah, luckily that's an esr59 item
19:05:30 <mikeperry> it looks like they don't use them yet, but something to keep an eye on and bring up with them at the Tor meeting
19:06:32 <mikeperry> there is some rust in 52. the mp4 decoder and a url parser. not sure if it is used or not though
19:06:42 <mikeperry> iirc the ticket for the mp4 parser said it was in for ff52
19:07:03 <GeKo> but we don't have rust compilers yet we use
19:07:47 <GeKo> so, there won't be rust code compiled in esr52
19:07:53 <mikeperry> ah yeah, that reminds me we should yell at them about only providing self-hosting compilers. that is kind of insane. and the longer it goes on, the harder it will get to stop the practice :/
19:08:28 <mikeperry> (ie: you have to download a binary blob rust compiler from mozilla to compile the rust compiler)
19:08:31 <GeKo> yes, but it feels we lost in the rust case
19:08:51 <GeKo> yeah, i know it makes me upset as fuck
19:09:12 <mikeperry> has this been discussed already is public?
19:09:21 <mikeperry> I am happy to flame a mailinglist a bit if it might help :)
19:09:36 <GeKo> i don't think so, please do :)
19:09:42 <meejah> today-i-learned ^
19:09:45 <GeKo> i just discussed it with ximin a while back
19:09:53 <tjr> mikeperry: Do you want me to try and figure out the list? That does sound shitty.
19:10:51 <tjr> I don't know if this would get more support if it went to platform or something instead of just rust internals
19:10:56 <mikeperry> tjr: yeah, that would help. thanks. even better if you run into anyonw who knows if/where this was discussed before
19:11:11 <tjr> I will try and figure it out!
19:11:23 <arthuredelstein> Just curious -- isn't there also a binary blob needed to compile gcc, for example?
19:12:24 <mikeperry> iirc, the gcc compilation process proceeds in stages that add more and more language features, and you can use an alternate more-easy-to-audit minimial compiler (such as tinycc) for the early stage(s)
19:13:09 <mikeperry> the problem is the longer rust goes with the practice of "you need to be able to compile all of rust to compile the rust compiler" the harder it will get to do that sort of thing
19:14:02 <arthuredelstein> yeah, that does sound bad.
19:14:28 <GeKo> who is next?
19:14:32 * arthuredelstein can go
19:14:42 <arthuredelstein> Over the past week I worked on #21657,
19:14:51 <arthuredelstein> I opened #21656 and #21714,
19:15:03 <arthuredelstein> I opened #21656 and #21714,
19:15:09 <arthuredelstein> I reviewed #21201 and #21268,
19:15:19 <arthuredelstein> I fixed up my patch for #21309
19:15:33 <arthuredelstein> I looked into cfi a little for #20361,
19:15:42 <arthuredelstein> I made a patch to back out the content sizer: (#21267),
19:15:50 <arthuredelstein> I backported some patches for #21340,
19:16:03 <arthuredelstein> I rebased our patches to gecko-dev/esr52 for #20680,
19:16:12 <arthuredelstein> and I worked a lot on #20905 but I have run into a problem where GTK does not correctly report the titlebar height before the window is drawn onscreen. So still puzzling over that.
19:16:19 <arthuredelstein> That's it for me.
19:16:50 <GeKo> what's your plan for this week?
19:17:32 <arthuredelstein> Ah yes, look into patches for TBB/ESR52 and more backporting for #21340.
19:17:49 <arthuredelstein> And if there's time work on #20905 some more.
19:18:32 <arthuredelstein> Oh, I forgot to mention last week I met with the Mozilla folks and we made a list of discussion topics for Amsterdam. I think everyone here should have gotten the Google doc but let me know if you need the link.
19:18:40 <GeKo> okay, see my comment on the backport ticket. it might save some work :)
19:19:10 <GeKo> oh, the doc. could you send me a link which does not need a google account to view the document?
19:19:28 <arthuredelstein> GeKo: Yeah, I was planning to focus on the HSTS/HPKP patches. Although looks like a horrible mess.
19:19:38 <GeKo> that's sad
19:19:47 <arthuredelstein> I'll see if I can make the doc a public link.
19:19:55 <arthuredelstein> Yeah. There just seem to be a lot of intervening patches.
19:20:04 <tjr> Try not to post that publicly anywhere
19:20:10 <arthuredelstein> Maybe we can just cherry-pick them all.
19:20:17 <tjr> I just finished going through and adding a bunch of stuff and rearranging
19:20:36 <GeKo> thanks. or just attach me a copy if that works
19:21:16 <arthuredelstein> Yeah, I just meant a link that doesn't require an account.
19:21:25 <GeKo> okay, i can go next i guess
19:21:41 <GeKo> this week i worked on #15988 which is finally done
19:22:00 <GeKo> i spent a bit of time on my talk
19:22:40 <GeKo> i look a bit at the rebased patches in #20680
19:22:51 <GeKo> i spent most of my time on #19048
19:23:15 <GeKo> and am almost done with firefox50 now and have filed patches where needed and triaged the issues
19:23:28 <GeKo> and i wrote a patch for #21239
19:23:55 <GeKo> i spent quite some time debugging the result as my linux bundles were not working properly.
19:24:10 <GeKo> it seems rebasing onto the latest gecko-dev/esr52 helped
19:24:24 <GeKo> still i found a torbutton bug i need to file
19:24:47 <GeKo> this week i'll fix #19048 and hopefully #20680 as well
19:25:05 <GeKo> i'll work on getting the macOS toolchain in shape
19:25:24 <GeKo> and then i might have to deal with pwn2own fallout
19:25:41 <GeKo> if so, and we are lucky we might be done by tuesday next week
19:26:00 <GeKo> just before the meeting in ams starts but that's not clear yet
19:26:34 <GeKo> i might squeeze some code review in, not sure, but no code will land until we know whether we need to do the checmspill or not
19:26:38 <GeKo> that's it for me
19:27:06 * boklm can go next
19:27:27 <boklm> This past week I helped publish the new releases. I worked on #17380 and started looking at #19316 and #21655
19:27:35 <boklm> This week I'm planning to test a patch for #19316, work on #17380, and draft a blog post about how we use fastly for distributing mar files
19:27:45 <boklm> That's it for me
19:28:20 <tjr> I can go
19:28:38 <tjr> I worked on the mingw sandboxing stuff a little bit: https://bugzilla.mozilla.org/show_bug.cgi?id=1230910
19:28:59 <tjr> I went through and seperate the patches out by content and tried to understand what we were dealing with.
19:29:11 <tjr> I looked medium-closely at all the __try blocks.
19:29:56 <tjr> The bad news is that most of them are in interception code, which means we'd have to examine all the places in FF everywhere what hits those system calls (or syscall callers) to understand how they handle the error cases
19:30:41 <tjr> The not-horrible news is that _most_ of those places are really simple blocks like __try { memset(src, dst….); } so if mingw's __try1 functionality works at _all_ it should work for those
19:30:56 <tjr> I was hoping to hear from Jacek about __try1 and his thoughts on it
19:31:13 <tjr> The other bad news is that there are some instances of complicated __try blocks
19:31:26 <tjr> And the other other bad news is that even after I completed the build the browser doesn't launch.
19:31:34 <tjr> GeKo: did you get a runnable browser from your patches?
19:32:09 <GeKo> i did not try actually because i thought the sandbox stuff would be the showstopper and jacek said so in the ticket
19:32:39 <GeKo> hm.
19:33:26 <GeKo> tjr: ah, you mean without the sandbox code?
19:33:38 <GeKo> that worked but i needed to set extra prefs
19:33:59 <GeKo> you might need those as well
19:34:02 <tjr> I meant with —enable-sandbox and your or Jacek's WIP patch
19:34:28 <GeKo> i did not try that one but i could i guess
19:35:14 <GeKo> basically we need to work around #9145
19:35:35 <GeKo> "gfx.direct2d.disabled and layers.acceleration.disabled should be set true by default"
19:36:17 <GeKo> if that's not the issue you ran into figuring out why it does not start might be a good first step
19:36:38 <GeKo> i guess i could try to find my old build and take a peek
19:36:52 <tjr> I can try changing those prefs too
19:37:15 <GeKo> yes, that would be good to rule that problem out
19:37:27 <tjr> I tried getting some input from the boxing team but did not succeed in getting anything useful on that try
19:37:39 <GeKo> :(
19:37:47 <tjr> I'd really like to hear what Jacek has to say about __try1
19:38:05 <GeKo> then let me poke him again
19:38:23 <tjr> I can talk to them again, but I'm not sure what, specifically, to ask them at this time…
19:38:24 <GeKo> he might be around in #build i have not checked
19:38:42 <tjr> I can ask when they think they'll uplift the next version of chromium sandbox though
19:39:01 <GeKo> i'd be interested to hear whether they can think of any shortcuts we can take
19:39:32 <GeKo> what about that assembly e.g.
19:39:54 <tjr> I'll try and ping paul today.  At the moment I don't know anything about the assembly…
19:40:40 <GeKo> okay, thanks for that.
19:41:03 <GeKo> anyone else here for a status update?
19:41:48 <GeKo> discusssion time then
19:42:21 <GeKo> i only have meeting related ones like whether we should keep the current time until eu does the daylight saving thing
19:42:30 <GeKo> and whether we want to have a meeting next monday
19:42:36 <GeKo> opinions?
19:43:17 <tjr> none :0
19:43:21 <mcs> Keeping the same UTC time until the eu switches seems fine.
19:44:01 <GeKo> okay, that's what we did so far and seems fine to me as well
19:44:06 <arthuredelstein> Fine with me as well.
19:44:16 <GeKo> (at  least it worked in the past reasonably well)
19:44:30 <mcs> When does the switch happen? 26 March?
19:44:44 <GeKo> yes, i think so
19:45:13 <GeKo> meeting next monday or do we say we enough meetings next week? :)
19:45:17 <GeKo> *have
19:45:41 <mcs> As for next week, I have no strong opinion.
19:46:25 <arthuredelstein> Nor do I
19:46:36 <boklm> Nor do I
19:46:45 <GeKo> let's have a meeting next monday and if folks are already travelling and can't make it then be it so
19:47:00 <GeKo> other items for dicussion?
19:47:32 <mcs> No items from me.
19:47:39 <arthuredelstein> Regarding the discussion document, if anyone else couldn't open the link, I can send an attachment.
19:48:15 <GeKo> thanks all then. *baf*
19:48:18 <tjr> Feel to ping me if you have questions about that doc also :)
19:48:18 <GeKo> #endmeeting