18:00:45 <GeKo> #startmeeting tor browser
18:00:45 <MeetBot> Meeting started Mon Apr  3 18:00:45 2017 UTC.  The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot.
18:00:45 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic.
18:00:49 <GeKo> hi all!
18:00:56 <GeKo> welcome to another tor browser meeting
18:01:01 <boklm> hi!
18:01:19 <karsten> hello! (lurking here on behalf of the metrics team.)
18:01:24 <GeKo> i hope everybody had a nice and pleasant trip home from ams
18:01:27 <GeKo> hi hi!
18:01:41 <GeKo> okay, i think i can go first i guess
18:01:55 <arthuredelstein> hi!
18:01:57 <GeKo> this week i spent a lot of time reviewing stuff in #20680
18:02:12 <GeKo> i think i have everything, i need to post my final notes after the meeting
18:02:33 <GeKo> i h elped getting the nightly builds going again (#21748)
18:03:32 <GeKo> i spent time getting our toolchains in shape, #18831 etc.
18:03:49 <GeKo> and i got sucked into #21795
18:04:06 <GeKo> i think i found the culrpit for the letter
18:04:29 <GeKo> i need to get back to mozilla and hopefully they can investigate furtehr and provide a fix
18:04:49 <GeKo> this week i plan to merge everything we need for esr52 to get nightly builds going
18:05:04 <GeKo> i need to install our new authenticode cert
18:05:28 <mcs> GeKo: Can you please add me to the cc for ​https://bugzilla.mozilla.org/show_bug.cgi?id=1351278 ?
18:05:42 <GeKo> and then i get back to investigate #16010
18:05:50 <GeKo> and work on other blockers for the alpha
18:05:54 <GeKo> mcs: will do later
18:05:58 <GeKo> that's it for me
18:05:59 <mcs> thx
18:06:32 <GeKo> oh , and there is the monthly admin stuff i need to do
18:07:42 <GeKo> who is next?
18:07:43 <mikeperry> for me: I finished the review for #21625. I already posted the must-patch. will post the other two updates (current patches at risk, and stuff that needs another look) today.
18:07:59 <GeKo> thanks.
18:08:00 <mikeperry> I think we should also take this stuff back to mozilla and ask for those component owners to be more proactive for us in the future
18:08:08 <GeKo> indeed
18:08:11 <mikeperry> this release looks like it added a lot of leaks comparatively
18:08:52 <mikeperry> which is not a great sign of the adoption of our threat model, at least with respect to options to make FF proxy safe
18:09:29 <GeKo> i guess that just did not trickly down into the organizazion yet
18:10:12 <mikeperry> yeah, I'm sure it is not super-widely discussed by all teams there. which kinda makes sense at this stage, I suppose
18:10:40 <mikeperry> anyway that's it for me. I will update that ticket later and push my notes too
18:11:05 <GeKo> who is next?
18:11:14 <arthuredelstein> Is there any way we could write an automated test that would catch such leaks?
18:11:25 <tjr> arthuredelstein: Yes.
18:11:32 <GeKo> that's the proxy test framework
18:11:39 <GeKo> at least i hope so
18:11:45 <tjr> https://bugzilla.mozilla.org/show_bug.cgi?id=1314449
18:12:01 <GeKo> ther it is
18:12:04 <GeKo> *there
18:12:08 <tjr> I tentatively have that as my next big Tor todo after getting MinGW into TaskCluster
18:12:24 <arthuredelstein> Aha, awesome.
18:13:25 * mcs will go next
18:13:33 <mcs> Since our last meeting, I attended the Tor meeting in Amsterdam and debriefed Kathy when I got back.
18:13:38 <mcs> I also edited and submitted notes for a couple of sessions.
18:13:43 <mcs> After the dev meeting Kathy and I caught up on some non-Tor work.
18:13:48 <mcs> Then we reviewed the patch for #21757 and spent some time debugging #21766.
18:14:26 <mcs> umm… #21747
18:14:35 <mcs> This week we will work more on #21766.
18:14:41 <mcs> We will also review patches.
18:14:49 <mcs> After that, we will work on additional tbb-7.0-must tickets.
18:14:54 <mcs> That's all for us.
18:15:12 <Yawning> (are there binary builds for the ESR52 based tbb anywhere?)
18:15:30 <GeKo> not yet but hopefully on wednesday/thursday
18:16:07 <Yawning> ideally before it's "an alpha, that general useres use that are pushed to people"
18:16:15 <Yawning> so I can see how much of my sandbox broke
18:16:22 <GeKo> yeah, that's the plan
18:16:29 <GeKo> the alpha is scheduled for april 19
18:16:52 <Yawning> hm
18:17:02 <Yawning> ok I assume there will be e-mail somewhere
18:17:05 <Yawning> when it's available?
18:17:22 <GeKo> i can ping you and write you an email
18:17:25 <Yawning> kk
18:17:32 <Yawning> or to tbb-dev@?
18:17:37 <Yawning> I'm still on that list I think
18:17:50 <GeKo> yeah, tbb-dev sounds like a good idea
18:18:44 <Yawning> thanks, and sorry to randomly interject
18:18:53 <tjr> I can go next
18:19:03 <tjr> I successfully built and ran a mingw build built off mozilla's esr52 with GeKo's patches from bug_21240 and the moz changeset used in that branch; then I did it again with an updated esr52 branch (which merged in the RegisterIdlePeriod commit). I had to add a single line patch to add an include to the up to date branch for some reason.
18:19:10 <tjr> Then I took the same branch and compiled it with the sandbox. I used all the non-__try patches from https://bugzilla.mozilla.org/show_bug.cgi?id=1230910 (including the one that just annihilates SmartStub) AND I commented out all __try blocks so it should just crash immediately.
18:19:16 <tjr> It turns out e10s was not enabled, so sandboxing (I believe) wasn't doing anything. youtube.com showed some messed up rendering on the homepage even without e10s/sbox though: http://imgur.com/a/7X8ZP
18:19:30 <tjr> When I enabled it, the browser did not work at all. So something is breaking with regards to the sandbox. The debug build is blocked on the std::__throw issue (https://bugzilla.mozilla.org/show_bug.cgi?id=1332747). I will investigate a fix for that.
18:19:39 <tjr> I also made a build trying out mingw's __try1 construct. This does not have the youtube artifact! But when I enable e10s it also doesn't work.
18:19:49 <tjr> (That's all the the sandboxing stuff)
18:19:56 <tjr> I also tried to get a TB build going. I filed a few papercuts I ran into that I saw got tagged. I got boklm's vms which got me further but I am blocked on logging into them because I don't know if they have a password (or what it is) and his ssh key is hardcoded. Open to suggestions.
18:20:07 <tjr> And then finally, over at Moz I have been working on our WER access, and will mention #21353 again :)
18:21:14 <tjr> That's it for me
18:21:47 * arthuredelstein can go
18:22:00 <GeKo> tjr: do you need a full-blown debug build?
18:22:28 <tjr> Not sure. I used WinDBG and got generic errors about a Promise failing, and didn't have much to go on from that
18:22:46 <GeKo> hm, okay
18:23:31 <GeKo> arthuredelstein: sorry, please go
18:23:58 <arthuredelstein> np :)
18:24:06 <arthuredelstein> Since last time, apart from the Amsterdam meeting:
18:24:12 <arthuredelstein> I made a fixup for #21755.
18:24:21 <arthuredelstein> I wrote a manual test for #21756.
18:24:36 <arthuredelstein> I investigated #19479 and decided we don't need to fix it for now.
18:24:46 <arthuredelstein> And I tried to get a stack trace for #21795 but didn't succeed so far.
18:24:53 <arthuredelstein> And I took a couple of days off.
18:25:08 <arthuredelstein> This week I will work on making fixups to the 20680 branch after Georg's review (thanks!) to be ready for nightly builds.
18:25:22 <arthuredelstein> Then I will keep working on tickets for tbb-7.0-must, and maybe try some more on #21756.
18:25:39 <arthuredelstein> And I will be taking Wednesday and Thursday off but available by email if anything arises re esr52.
18:25:43 <arthuredelstein> that's it for me.
18:26:14 * boklm can go
18:26:26 <GeKo> arthuredelstein: could you put work on #20680 on top of your list?
18:26:51 <GeKo> ideally I'd like to have all the fixups ready by tomorrow so we can have nightly builds on wednesday
18:26:55 <arthuredelstein> GeKo: Yes, already is!
18:26:59 <GeKo> thx
18:27:12 <boklm> This past week I investigated a build reproducibility problem in #21328, reviewed #21328 and child tickets and made similar changes to the rbm based build.
18:27:16 <boklm> I did test builds to check status of #20426.
18:27:20 <GeKo> i think we are fine toolchain-wise for the nightlies jsut #20680 is missing
18:27:35 <boklm> This week I'm planning to test a fix for #19316, look at #18530 and #20426, and review patches.
18:27:40 <boklm> That's it for me.
18:27:49 <Yawning> (is clang just used to build the brower, or everything?)
18:27:59 <GeKo> everything now on os x
18:28:21 <GeKo> or better: when cross-compiling for os x
18:28:49 <Yawning> hm
18:29:00 <Yawning> one of my branches uses code that breaks with clang
18:29:13 <Yawning> well "has crap performance with clang"
18:29:14 <arthuredelstein> GeKo: One thing I need for #20680 is a review of #21745.
18:29:15 <Yawning> is more accurage
18:29:26 <GeKo> boklm: could we get rb, nightlies going first before looking at the reproducibility rabbit hole?
18:29:32 <Yawning> oh well
18:29:34 <boklm> ok
18:29:45 <GeKo> arthuredelstein: yeah, i am doing that tomorrow
18:29:50 <arthuredelstein> GeKo: thanks!
18:30:21 <GeKo> Yawning: gcc for os x is not flying anymore.
18:30:32 <GeKo> 4.2 was the last one
18:30:40 <GeKo> and we finally got rid of it
18:30:45 <boklm> I will get rbm nightlies going this week
18:30:49 <GeKo> cool
18:30:56 <Yawning> I mean, the code works, just will be slow
18:31:01 <Yawning> so not a big deal I guess
18:32:28 <GeKo> who else is here for the status update?
18:34:29 <GeKo> okay, do we have anything to dicuss today?
18:34:46 <tjr> Anyone have suggestions on how to break into the gitian vms?
18:34:58 <GeKo> as i said hightest prio is getting #20680 resolved. i look over mikeperry's must fix things
18:35:11 <GeKo> and file additional tickets and tag them with tbb-7.0-must
18:35:32 <GeKo> once we have nightlies out i'll retag things with tbb-7.0-must-alpha i guess
18:35:55 <GeKo> to give all of us a better overview about what is important in this and the next week
18:36:16 <GeKo> tjr: dunno, alas
18:36:38 <yulax> how many developers are there for the browser? this was a point of discussion with someone i know.
18:36:54 <yulax> i said there are two "main devs"... is this correct?
18:37:02 <GeKo> i guess this depends on how you count
18:37:11 <GeKo> more like five or six
18:37:35 <arthuredelstein> tjr: I vaguely remember sshing or logging into them a long time ago. Is that what you mean?
18:37:44 <boklm> tjr: I think I can send you the private ssh key
18:38:44 <tjr> boklm: Thanks :) Alternately, you probably could just clone a new tor-browser-builder and gitian checkout and  gen new vms and send me that new privkey (if you think this one might have some other sues)
18:39:17 <GeKo> alright, thanks all i guess *baf*
18:39:21 <GeKo> #endmeeting