19:00:13 <GeKo> #startmeeting tor browser 19:00:13 <MeetBot> Meeting started Mon Mar 13 19:00:13 2017 UTC. The chair is GeKo. Information about MeetBot at http://wiki.debian.org/MeetBot. 19:00:13 <MeetBot> Useful Commands: #action #agreed #help #info #idea #link #topic. 19:00:17 <GeKo> hi! 19:00:27 <GeKo> welcome to another tor browser meeting 19:01:00 <GeKo> i hope we have everyone on board despite some daylight saving things that started on the weekend 19:01:15 <mcs> hi 19:01:15 * GeKo is looking at the us folks like mcs 19:01:18 <GeKo> aha! 19:01:23 <mcs> present and accounted for :) 19:01:32 <GeKo> neat, neat :) 19:01:45 <boklm> hi! 19:01:53 <GeKo> arthuredelstein: i guess you are around, too? 19:02:09 <GeKo> who wants to go first today? 19:02:32 * mcs will go first 19:02:33 <arthuredelstein> hi! 19:02:43 <mcs> Last week, Kathy and I finished our revised fix for #20761. 19:02:48 <mcs> We filled out the Trac replacement survey. 19:02:52 <mcs> We reviewed some patches. 19:02:57 <mcs> Then we started to look at the Firefox 52 release notes and bug lists (for #19048) but we did not finish. 19:03:05 <mcs> This week we will finish reviewing the Firefox 52 bugs and we will add anything new that we find to #19048. 19:03:17 <mcs> We will review patches (there are a few more pending now). 19:03:23 <mcs> Then we will work on one or more of the “tbb-7.0-must” tickets. 19:03:28 <mcs> That’s all for now. 19:04:33 <mikeperry> I started reviewing FF52 networking code last week. not sure if I will finish by the 1st due to the dev meeting, but I'm working on it 19:05:05 <mikeperry> going forward I'm a little worried about the switch to rust causing mozilla to forget about proxy safety in rust. their bindings expose a lot of bare socket calls 19:05:26 <GeKo> yeah, luckily that's an esr59 item 19:05:30 <mikeperry> it looks like they don't use them yet, but something to keep an eye on and bring up with them at the Tor meeting 19:06:32 <mikeperry> there is some rust in 52. the mp4 decoder and a url parser. not sure if it is used or not though 19:06:42 <mikeperry> iirc the ticket for the mp4 parser said it was in for ff52 19:07:03 <GeKo> but we don't have rust compilers yet we use 19:07:47 <GeKo> so, there won't be rust code compiled in esr52 19:07:53 <mikeperry> ah yeah, that reminds me we should yell at them about only providing self-hosting compilers. that is kind of insane. and the longer it goes on, the harder it will get to stop the practice :/ 19:08:28 <mikeperry> (ie: you have to download a binary blob rust compiler from mozilla to compile the rust compiler) 19:08:31 <GeKo> yes, but it feels we lost in the rust case 19:08:51 <GeKo> yeah, i know it makes me upset as fuck 19:09:12 <mikeperry> has this been discussed already is public? 19:09:21 <mikeperry> I am happy to flame a mailinglist a bit if it might help :) 19:09:36 <GeKo> i don't think so, please do :) 19:09:42 <meejah> today-i-learned ^ 19:09:45 <GeKo> i just discussed it with ximin a while back 19:09:53 <tjr> mikeperry: Do you want me to try and figure out the list? That does sound shitty. 19:10:51 <tjr> I don't know if this would get more support if it went to platform or something instead of just rust internals 19:10:56 <mikeperry> tjr: yeah, that would help. thanks. even better if you run into anyonw who knows if/where this was discussed before 19:11:11 <tjr> I will try and figure it out! 19:11:23 <arthuredelstein> Just curious -- isn't there also a binary blob needed to compile gcc, for example? 19:12:24 <mikeperry> iirc, the gcc compilation process proceeds in stages that add more and more language features, and you can use an alternate more-easy-to-audit minimial compiler (such as tinycc) for the early stage(s) 19:13:09 <mikeperry> the problem is the longer rust goes with the practice of "you need to be able to compile all of rust to compile the rust compiler" the harder it will get to do that sort of thing 19:14:02 <arthuredelstein> yeah, that does sound bad. 19:14:28 <GeKo> who is next? 19:14:32 * arthuredelstein can go 19:14:42 <arthuredelstein> Over the past week I worked on #21657, 19:14:51 <arthuredelstein> I opened #21656 and #21714, 19:15:03 <arthuredelstein> I opened #21656 and #21714, 19:15:09 <arthuredelstein> I reviewed #21201 and #21268, 19:15:19 <arthuredelstein> I fixed up my patch for #21309 19:15:33 <arthuredelstein> I looked into cfi a little for #20361, 19:15:42 <arthuredelstein> I made a patch to back out the content sizer: (#21267), 19:15:50 <arthuredelstein> I backported some patches for #21340, 19:16:03 <arthuredelstein> I rebased our patches to gecko-dev/esr52 for #20680, 19:16:12 <arthuredelstein> and I worked a lot on #20905 but I have run into a problem where GTK does not correctly report the titlebar height before the window is drawn onscreen. So still puzzling over that. 19:16:19 <arthuredelstein> That's it for me. 19:16:50 <GeKo> what's your plan for this week? 19:17:32 <arthuredelstein> Ah yes, look into patches for TBB/ESR52 and more backporting for #21340. 19:17:49 <arthuredelstein> And if there's time work on #20905 some more. 19:18:32 <arthuredelstein> Oh, I forgot to mention last week I met with the Mozilla folks and we made a list of discussion topics for Amsterdam. I think everyone here should have gotten the Google doc but let me know if you need the link. 19:18:40 <GeKo> okay, see my comment on the backport ticket. it might save some work :) 19:19:10 <GeKo> oh, the doc. could you send me a link which does not need a google account to view the document? 19:19:28 <arthuredelstein> GeKo: Yeah, I was planning to focus on the HSTS/HPKP patches. Although looks like a horrible mess. 19:19:38 <GeKo> that's sad 19:19:47 <arthuredelstein> I'll see if I can make the doc a public link. 19:19:55 <arthuredelstein> Yeah. There just seem to be a lot of intervening patches. 19:20:04 <tjr> Try not to post that publicly anywhere 19:20:10 <arthuredelstein> Maybe we can just cherry-pick them all. 19:20:17 <tjr> I just finished going through and adding a bunch of stuff and rearranging 19:20:36 <GeKo> thanks. or just attach me a copy if that works 19:21:16 <arthuredelstein> Yeah, I just meant a link that doesn't require an account. 19:21:25 <GeKo> okay, i can go next i guess 19:21:41 <GeKo> this week i worked on #15988 which is finally done 19:22:00 <GeKo> i spent a bit of time on my talk 19:22:40 <GeKo> i look a bit at the rebased patches in #20680 19:22:51 <GeKo> i spent most of my time on #19048 19:23:15 <GeKo> and am almost done with firefox50 now and have filed patches where needed and triaged the issues 19:23:28 <GeKo> and i wrote a patch for #21239 19:23:55 <GeKo> i spent quite some time debugging the result as my linux bundles were not working properly. 19:24:10 <GeKo> it seems rebasing onto the latest gecko-dev/esr52 helped 19:24:24 <GeKo> still i found a torbutton bug i need to file 19:24:47 <GeKo> this week i'll fix #19048 and hopefully #20680 as well 19:25:05 <GeKo> i'll work on getting the macOS toolchain in shape 19:25:24 <GeKo> and then i might have to deal with pwn2own fallout 19:25:41 <GeKo> if so, and we are lucky we might be done by tuesday next week 19:26:00 <GeKo> just before the meeting in ams starts but that's not clear yet 19:26:34 <GeKo> i might squeeze some code review in, not sure, but no code will land until we know whether we need to do the checmspill or not 19:26:38 <GeKo> that's it for me 19:27:06 * boklm can go next 19:27:27 <boklm> This past week I helped publish the new releases. I worked on #17380 and started looking at #19316 and #21655 19:27:35 <boklm> This week I'm planning to test a patch for #19316, work on #17380, and draft a blog post about how we use fastly for distributing mar files 19:27:45 <boklm> That's it for me 19:28:20 <tjr> I can go 19:28:38 <tjr> I worked on the mingw sandboxing stuff a little bit: https://bugzilla.mozilla.org/show_bug.cgi?id=1230910 19:28:59 <tjr> I went through and seperate the patches out by content and tried to understand what we were dealing with. 19:29:11 <tjr> I looked medium-closely at all the __try blocks. 19:29:56 <tjr> The bad news is that most of them are in interception code, which means we'd have to examine all the places in FF everywhere what hits those system calls (or syscall callers) to understand how they handle the error cases 19:30:41 <tjr> The not-horrible news is that _most_ of those places are really simple blocks like __try { memset(src, dst….); } so if mingw's __try1 functionality works at _all_ it should work for those 19:30:56 <tjr> I was hoping to hear from Jacek about __try1 and his thoughts on it 19:31:13 <tjr> The other bad news is that there are some instances of complicated __try blocks 19:31:26 <tjr> And the other other bad news is that even after I completed the build the browser doesn't launch. 19:31:34 <tjr> GeKo: did you get a runnable browser from your patches? 19:32:09 <GeKo> i did not try actually because i thought the sandbox stuff would be the showstopper and jacek said so in the ticket 19:32:39 <GeKo> hm. 19:33:26 <GeKo> tjr: ah, you mean without the sandbox code? 19:33:38 <GeKo> that worked but i needed to set extra prefs 19:33:59 <GeKo> you might need those as well 19:34:02 <tjr> I meant with —enable-sandbox and your or Jacek's WIP patch 19:34:28 <GeKo> i did not try that one but i could i guess 19:35:14 <GeKo> basically we need to work around #9145 19:35:35 <GeKo> "gfx.direct2d.disabled and layers.acceleration.disabled should be set true by default" 19:36:17 <GeKo> if that's not the issue you ran into figuring out why it does not start might be a good first step 19:36:38 <GeKo> i guess i could try to find my old build and take a peek 19:36:52 <tjr> I can try changing those prefs too 19:37:15 <GeKo> yes, that would be good to rule that problem out 19:37:27 <tjr> I tried getting some input from the boxing team but did not succeed in getting anything useful on that try 19:37:39 <GeKo> :( 19:37:47 <tjr> I'd really like to hear what Jacek has to say about __try1 19:38:05 <GeKo> then let me poke him again 19:38:23 <tjr> I can talk to them again, but I'm not sure what, specifically, to ask them at this time… 19:38:24 <GeKo> he might be around in #build i have not checked 19:38:42 <tjr> I can ask when they think they'll uplift the next version of chromium sandbox though 19:39:01 <GeKo> i'd be interested to hear whether they can think of any shortcuts we can take 19:39:32 <GeKo> what about that assembly e.g. 19:39:54 <tjr> I'll try and ping paul today. At the moment I don't know anything about the assembly… 19:40:40 <GeKo> okay, thanks for that. 19:41:03 <GeKo> anyone else here for a status update? 19:41:48 <GeKo> discusssion time then 19:42:21 <GeKo> i only have meeting related ones like whether we should keep the current time until eu does the daylight saving thing 19:42:30 <GeKo> and whether we want to have a meeting next monday 19:42:36 <GeKo> opinions? 19:43:17 <tjr> none :0 19:43:21 <mcs> Keeping the same UTC time until the eu switches seems fine. 19:44:01 <GeKo> okay, that's what we did so far and seems fine to me as well 19:44:06 <arthuredelstein> Fine with me as well. 19:44:16 <GeKo> (at least it worked in the past reasonably well) 19:44:30 <mcs> When does the switch happen? 26 March? 19:44:44 <GeKo> yes, i think so 19:45:13 <GeKo> meeting next monday or do we say we enough meetings next week? :) 19:45:17 <GeKo> *have 19:45:41 <mcs> As for next week, I have no strong opinion. 19:46:25 <arthuredelstein> Nor do I 19:46:36 <boklm> Nor do I 19:46:45 <GeKo> let's have a meeting next monday and if folks are already travelling and can't make it then be it so 19:47:00 <GeKo> other items for dicussion? 19:47:32 <mcs> No items from me. 19:47:39 <arthuredelstein> Regarding the discussion document, if anyone else couldn't open the link, I can send an attachment. 19:48:15 <GeKo> thanks all then. *baf* 19:48:18 <tjr> Feel to ping me if you have questions about that doc also :) 19:48:18 <GeKo> #endmeeting