The Mozilla Blog: Mozilla Open Source Support Program: Applications are Open |
Last week we launched the Mozilla Open Source Support Program (MOSS) – an award program specifically focused on supporting open source and free software. The first track within MOSS provides support for open source and free software projects that Mozilla uses or relies on. Our goal is to identify up to 10 such projects that we can fund in a thoughtful, meaningful way by December 12th.
You can find the link to apply along with more on the criteria and resources you will need to submit, in a longer post on my blog.
https://blog.mozilla.org/blog/2015/10/30/mozilla-open-source-support-program-applications-are-open/
|
|
Support.Mozilla.Org: What’s up with SUMO – 30th October |
Hello, SUMO Nation!
October is almost gone, here comes November… Are you ready? Are you celebrating something scary and gloomy in the coming days? We recommend you keep warm and happy using the most ancient of alchemies… tea & cookies!
Oh, right, one more thing… Have you heard about MOSS already? Nope? Read more here!
We salute you!
https://blog.mozilla.org/sumo/2015/10/30/whats-up-with-sumo-30th-october/
|
|
Mike Conley: A printing story and a PSA: outparams over the IPC layer might not behave like you’d expect |
Here’s a story about a printing bug on OS X, and a lesson about how our IPC layer works.
Last week, :ehsan came up to my desk and said “Mike… printing is broken on OS X with e10s enabled. Did you know this?”
It was sad to hear. Nobody, as far as I knew, had been touching printing code (besides bobowen, but he hadn’t landed his patches yet), which meant that some mystery change had landed and it was my responsibility (as the one who had implemented printing on OS X for e10s) to fix it.
The first step was to confirm it. Yep, it looked like I couldn’t print on my Nightly. Crap1. So we get the bug filed, and then I fired up my local build and lldb, and tried to trace out where the problem was occurring.
The problem was that my local build printed just fine. Eyebrow raised, I tried using my default profile with my local build to see if something about my profile was causing printing to break. Printing continued to work with my local build2.
Scratching my head, I used mozregression to bisect the problem down to a single changeset.
Here’s the bug it spat out:
Bug 1209930 – Update Mac clang to match the version in use everywhere else
The hair stood up on the back of my neck. Printing got broken by a compiler upgrade? This had bad news written all over it.
So that, I guess, explained why I couldn’t reproduce the problem locally. I needed to build with a particular compiler in order to experience the bug.
The bad news was that I found out that the version of clang that we’d upgraded to didn’t work on my version of OS X (10.10.5). It was supposed to work on machines running OS X 10.7, but I didn’t have access to any3.
I was able to get debug builds off of try, but I had no luck convincing lldb to let me step through it, despite having the symbols and the right revision checked out4.
So this meant a lot of try builds. The good news is that I was able to add a bunch of logging to try, and just kinda walk away while it built. A few hours later, I’d have my build, and I’d get my results. I wasn’t blocked waiting on it to build, so I could work on other things.
Our printing code sometimes shows this progress dialog when printing starts. It’s put up so that while we’re laying out the page for printing, the user knows that stuff is happening. We show this progress dialog on Linux and Windows, but not on OS X (I guess OS X users don’t expect such a progress window… this was a decision made way back in the day).
The printing engine in the content process sends up a message to the parent saying, “I’m all set to print, let’s show the progress dialog!”. On OS X, the parent responds, “Uh, nope” (which is a return code of NS_ERROR_NOT_IMPLEMENTED), and the child is supposed to go, “Oh okay, I’ll just print right away”.
But here’s the kicker – along with message to show the progress dialog, the child sends an outparam5. That outparam is sent because for some platforms that show the progress dialog, we want to wait until the dialog closes before starting the actual print. On other platforms, we may just want to start printing right away when laying out the page finishes without waiting for the dialog to close.
That outparam is a bool initialized to a value of false in the print engine, and in the non-e10s case where we return “Sorry, no progress dialog” with NS_ERROR_NOT_IMPLEMENTED, that bool stays false, and when it stays false, it means that we start printing right away.
My logging showed that for some reason, that value was getting flipped to true despite not being touched by (seemingly) anything in the IPC sender / receiver nor the print progress dialog backend (which still just returns NS_ERROR_NOT_IMPLEMENTED when asked to open the printing dialog).
What the hell?
Ehsan helped me dig into what was going on, and we figured it out. Here’s the big lesson / PSA here:
outparams over IPC, when untouched on the receiver side, get filled with values from uninitialized memory when returned to the sender.
I’ll give you an example. Here’s some sorta-pseudocode:
#include
void someFunc(bool* aOutParam) {
}
int main(int argc, char** argv) {
bool myBool = false;
someFunc(&myBool);
if (myBool) {
printf("Wait, WHAT?");
return 1;
}
return 0;
}
We should never enter that “Wait, WHAT?” conditional block because myBool remains false throughout. It’s initialized to false, and even though we pass a pointer to it to someFunc, someFunc never touches it, so it stays false, and so we skip the conditional and return 0 as expected.
If, however, you did the same thing, but over IPC… well, now you’re in for a fun treat.
On the receiver side of the IPC message, here’s a chunk of the generated code that calls into RecvShowPrintProgress on the parent side:
bool notifyOnOpen;
bool success;
int32_t id__ = mId;
if \((!(RecvShowProgress(mozilla::Move(browser), mozilla::Move(printProgressDialog), mozilla::Move(isForPrinting), (&(notifyOnOpen)), (&(success)))))) {
mozilla::ipc::ProtocolErrorBreakpoint("Handler for ShowProgress returned error code");
return MsgProcessingError;
}
reply__ = new PPrinting::Reply_ShowProgress(id__);
Write(notifyOnOpen, reply__);
Write(success, reply__);
(reply__)->set_sync();
(reply__)->set_reply();
That notifyOnOpen bool is the one that is the outparam in the child. Notice that it’s not being initialized to any value! That means its current value could be, well, anything. When we call into RecvShowProgress, we pass a pointer to that anything value. If RecvShowProgress doesn’t do anything with that pointer (like in the OS X case), well… that random value is what gets written to the IPC message that gets sent back to the child.
And somehow a clang upgrade made it far more likely that this value would evaluate to TRUE as a boolean instead of FALSE.
And so the child assumed that it’d have to wait for a dialog to close before starting to print – a dialog that would never open, because we don’t show it on OS X.
So the patch I eventually wrote initializes the outparam to false before calling into the OS X widget code that just returns NS_ERROR_NOT_IMPLEMENTED, and that fixed the bug.
It’s a small patch, but in my mind, it’s a big lesson, at least for me. I had assumed that outparams would work the same over IPC as they do in the same process, and that’s simply not the case.
I’ve filed bug 1220168 to try to make this sort of thing easier to spot in the future.
|
|
Mozilla Open Policy & Advocacy Blog: Vulnerability disclosure should come next for Congress on cybersecurity |
This week, the U.S. Senate passed the Cybersecurity Information Sharing Act (CISA), a bill intended to promote the sharing of cybersecurity threat information. Mozilla joined the major tech companies and civil society groups in opposing this bill with concerns that it would undermine user trust, privacy, and security. Unnecessary and harmful sharing of private user information could be a real consequence of this bill.
But CISA is not law yet; CISA must be reconciled with the two cybersecurity bills that the U.S. House passed earlier this year, and both chambers will then need to pass the reconciled version. Unfortunately, it’s hard to see how any marginal improvements during these negotiations will be enough to fix its flaws.
If CISA follows this path and becomes U.S. law, it might be tempting for Members of Congress to feel like that they can “check the box” of cybersecurity and move on to the next hot topic. However, CISA and its counterparts will do little to stop exploits like the Target hack, the OPM breach, or the Heartbleed vulnerability.
If Congress wants to make meaningful progress toward improved cybersecurity, it should move now to ensuring that the government is disclosing critical vulnerabilities in computer networks and systems. Responsible disclosure of vulnerabilities would build on any information sharing legislation in a way that could gain widespread support.
CISA is far from the only mechanism for the private sector to share cybersecurity threat information with the government, and by itself is unlikely to result in meaningful improvements in cybersecurity. But information sharing through CISA will likely lead the government to acquire knowledge of critical vulnerabilities in computer networks and systems, and the government’s expeditious disclosure of those vulnerabilities with the relevant vendor(s), in contrast, would be highly valuable. Information sharing was never supposed to be a one-way street. Yet, there is currently no presumption in law that the U.S. government should disclose vulnerabilities. This makes CISA’s provisions requiring information shared with the Department of Homeland Security to be automatically shared with the NSA, DOD, and others in the intelligence community even more concerning.
While the Obama Administration has claimed that it discloses the vast majority of vulnerabilities, we know from recent FOIA documentation that the government currently lets the NSA lead the disclosure determination process, a discussion dominated by the intelligence community with inadequate participation from critical federal agencies like the Departments of Homeland Security or Commerce, and lacks accountability and transparency.
Indeed, the President’s own Review Group on Intelligence and Communications Technologies, which had security clearances and access to classified documents, found that there needed to be a significantly more robust and accountable process around vulnerability disclosure (see Recommendation #30). Implicit in this recommendation is the idea that the presumption should be that all vulnerabilities should be disclosed to the relevant vendor(s) so that they can be patched, and then in due course disclosed to the public. However, there may be times when delay in disclosure may prove so valuable to an ongoing intelligence operation, for example, that such a delay is merited.
Delays in disclosure should be few and far between, and the determination to delay disclosure must involve all of the relevant stakeholders in the government and be guided by a more detailed set of criteria than those Michael Daniel, the White House Cybersecurity Coordinator, laid out last year in a blog post about the Heartbleed vulnerability (although those are a good start).
Members of Congress should not think that their work on cybersecurity is done. With the passage of these information sharing bills, now more than ever, Congress should turns its attention to government vulnerability disclosure in order to meaningfully improve cybersecurity.
|
|
Joel Maher: Looking for hackers interested in hacking for 6-8 weeks on a Quarter of Contribution project |
Today I am happy to announce the second iteration of the Quarter of Contribution. This will take place between November 23 and run until January 18th.
We are looking for contributors who want to tackle more bugs or a larger project and who are looking to prove existing skills or work on learning new skills.
There are 4 great projects that we have:
There are no requirements to be an accomplished developer. Instead we are looking for folks who know the basics and want to improve. If you are interested, please read about the program and the projects and ask questions to the mentors or in the #ateam channel on irc.mozilla.org.
Happy hacking!
|
|
Air Mozilla: Firefox OS Participation - ESCP Europe Business School Consultancy Project |
We asked Ann, Aur'elien, Elena, Sandra, and Varuzhan, 5 students from the ESCP Europe Business School to help us understand how to engage non-technical audiences...
https://air.mozilla.org/firefox-os-participation-escp-europe-business-school-consultancy-project/
|
|
Air Mozilla: Participation Call, 29 Oct 2015 |
The Participation Call helps connect Mozillians who are thinking about how we can achieve crazy and ambitious goals by bringing new people into the project...
|
|
Air Mozilla: Reps weekly, 29 Oct 2015 |
This is a weekly call with some of the Reps council members to discuss all matters Reps, share best practices and invite Reps to share...
|
|
Daniel Pocock: Lumicall rapid provisioning, Opus support and other enhancements |
Thanks to feedback from many people at DebConf15, Lumicall has had a range of improvements over the last couple of months and it is now easier to use and more reliable than ever.
1. Setup your SIP password in the Debian LDAP or the FedRTC account setup (using Fedora OpenID) or any other SIP service that supports rapid provisioning (see the FAQ).
2. Install the Lumicall app from F-Droid, Google Play or by direct download.
3. When the app starts the first time, you can verify your phone number (so other users can call you using the number they know) or just click the "Manual account setup" link underneath the verification button. If you do verify your number, the "Add account" link is also available in the menu from the main screen.
If a friend installs Lumicall too and you dial their number, the Lumicall popup should appear and give you the option to make the call over SIP.
You can also make test calls using this link for a recorded announcement.
All feedback is welcome. If you can come in person to the workshop in Manchester (2 November) or the mini-DebConf in Cambridge (I'll be there Saturday, 7 November) then we can look at any problems in person and access logs with the Android tools if necessary.
Discussion is also welcome on the Lumicall users mailing list or the Free RTC mailing list.
http://danielpocock.com/lumicall-rapid-provisioning-opus-and-other-enhancements
|
|
Daniel Pocock: reSIProcate 1.10 release |
reSIProcate 1.10.0 was released a few weeks ago and after going through the various QA cycles has become available in packages for Debian jessie-backports, EPEL6 and EPEL7 and the latest releases of Fedora and Ubuntu.
Key features of the 1.10.x branch:
A 1.10.1 release was tagged yesterday and is not yet widely available in packages. This release is only significant for people using RADIUS authentication and keen to change from the FreeRADIUS-client library to radcli.
|
|
Emily Dunham: PSA: Pin Versions |
Today, the website’s build broke. We made no changes to the tests, yet a wild dependency error emerged:
Generating...
Dependency Error: Yikes! It looks like you don't have redcarpet or one of
its dependencies installed. In order to use Jekyll as currently configured,
you'll need to install this gem. The full error message from Ruby is: 'cannot
load such file -- redcarpet' If you run into trouble, you can find helpful
resources at http://jekyllrb.com/help/!
Conversion error: Jekyll::Converters::Markdown encountered an error while
converting 'conduct.md':
redcarpet
ERROR: YOUR SITE COULD NOT BE BUILT:
------------------------------------
redcarpet
The command "jekyll build" exited with 1.
Although Googling the error was unhelpful, a bit more digging revealed that our last working build had been on Jekyll 2.5.3 and the builds breaking on a Redcarpet error all used 3.0.0.
The moral of the story is that where the .travis.yml said - gem install jekyll, it should have said - gem install jekyll -v 2.5.3.
|
|
The Rust Programming Language Blog: Announcing Rust 1.4 |
Choo choo! The trains have kept rolling, and today, we’re happy to announce the release of Rust 1.4, the newest stable release. Rust is a systems programming language focused on safety, speed, and concurrency.
As always, you can install Rust 1.4 from the appropriate page on our website, and check out the detailed release notes for 1.4 on GitHub as well. About 1200 patches were landed in this release.
The story of 1.4 is mostly one of improvements and stabilizations, rather than new features.
However, there is one particular change which is a language fix that enables a new feature: RFC 1214, “Clarify (and improve) rules for projections and well-formedness”. While that’s a deeply technical title, the TL;DR is that we found some weaknesses in the definition and implementation of a few aspects of the type system. This RFC fixes these problems. Given that changes to the type system like this can cause regressions, but fixes like this are important for soundness, Rust 1.4 will warn on any code that violates the new rules, but still compile. These warnings will turn into errors in Rust 1.5. However, given the train model, the community has had time to deal with these changes while 1.4 was in beta, and the small number of crates we were aware of have already been fixed.
These soundness fixes enable the return of the ‘scoped threads’ feature, in which you can create threads that reference data stored on the stack in a safe manner. A few crates have implemented this feature, most notably crossbeam and scoped_threadpool. See their documentation for more information.
RFC 1212
is also in this release, which changes all functions dealing with reading
‘lines’ to treat both \n and \r\n as a valid line-ending. This was
determined during the RFC process to be a bugfix, but we’re mentioning it
here to raise awareness. The older behavior of only dealing with \n made
for surprising behavior, where your crate would work well on Linux and Mac OS
X, but fail on Windows. This fix brings these functions more in-line (
|
|
Air Mozilla: Quality Team (QA) Public Meeting, 28 Oct 2015 |
This is the meeting where all the Mozilla quality teams meet, swap ideas, exchange notes on what is upcoming, and strategize around community building and...
https://air.mozilla.org/quality-team-qa-public-meeting-20151028/
|
|
Air Mozilla: MozFest Volunteer Briefing - October 28th 2015 |
In case you're not able to attend in person, here you can watch the briefing on what all the volunteers at MozFest will be getting...
https://air.mozilla.org/mozfest-volunteer-briefing-october-28th-2015/
|
|
Gervase Markham: Mozilla Strategy and Vision |
Not sure if I wasn’t paying enough attention, but I entirely missed the “Mozilla Strategy Articulation and 2016 Topline Targets” session from two weeks ago, recorded on Air Mozilla. This was the start of the 2016 planning process, where Chris Beard outlines our mission and 5-year vision. It should be required viewing for everyone interested in where Mozilla is or should be going in 2016, and in the next 5 years. We are planning for 2016 now; your input is welcomed.
http://feedproxy.google.com/~r/HackingForChrist/~3/aaMDbsvUrFs/
|
|
Sean McArthur: httparse v1.0 |
The HTTP/1.1 parser used in hyper, hasn’t really seen any API changes since it was designed, and in the spirit of moving “stable” things to 1.0, I bumped that magical number up.
If you mainly use hyper (or a framework on top, like iron, nickel, rustless, etc), then this really shouldn’t affect you at all. It’s just the parsing logic for the HTTP/1.1 spec in a standalone crate.
If you work on some other project that requires parsing HTTP11, then you may want to try using httparse. Why?
First, some buzz words. It’s stateless. It’s zero-copy. It performs zero allocations. It’s design piggybacks on the design of picohttpparser, which does the same.
To be fast, and yet safe, an Iterator is used to prevent unnecessary bounds checks. That implementation is encapsulated in an inner private module, so the safety is easier to audit, and a safe API is exposed from the module, so the main API must use the iterator safely.2
There’s two lower hanging fruit that could provide noticeable speed improvements: branch predictions, and SIMD. There’s an accepted Rust RFC for adding a likely intrinsic that gives us branch prediction, but its implementation needs an extra push to get in.
There’s the simd crate, with only 2 things preventing it from speeding up httparse: its using an unstable feature or three, and SSE4 support is needed to get _mm_cmpestri, which would provide the biggest boost.
Or maybe both of these will be available at the same time, and they both can be added in httparse 1.1.
|
|
Air Mozilla: The Joy of Coding - Episode 32 |
mconley livehacks on real Firefox bugs while thinking aloud.
|
|
Christian Heilmann: Quick tip: stop Powerpoint from breaking words into a new line |
With my talk decks needing more re-use in the Windows/Microsoft community, I am trying to use Powerpoint more and wean myself off the beauty of Keynote (and its random crashes – yes, all software sucks).
One thing I realised today is that Powerpoint thinks it is sensible to break words anywhere to go to a new line, not by word, or even syllable, but by character:
Words are broken into new lines at any character, which makes alignment a not enjoyable game of “find the breakpoint”This is the preset! To get rid of it, you don’t need to summon the dark lord, but all you need to do is to unset the default. You can find this in:
Format
|
|
Daniel Pocock: Free Real-Time Communications workshop in Manchester, 2 November |
Manchester Free Software and MadLab are hosting a workshop on Free and Federated Real-Time Communications with Free Software next Monday night, 2 November from 7pm.
Add this to your calendar (iCalendar link)
Users and developers are invited to come and discover the opportunities for truly free and secure chat, voice and video with WebRTC, mobile VoIP and the free desktop.
This is an interactive workshop with practical, hands-on opportunities to explore this topic, see what works and what doesn't and learn about troubleshooting techniques to help developers like myself improve the software. This is also a great opportunity for any Java developers who would like to get some exposure to the Android platform.
People wishing to fully participate in all the activities are encouraged to bring a laptop with the Wireshark software and Android tools (especially adb, the command line utility) or if you prefer to focus on WebRTC, have the latest version of Firefox and Chrome installed.
If you are keen to run the DruCall module for WebRTC or your own SIP or XMPP server, you can try setting it up as described in the RTC Quick Start Guide and come along to the workshop with any questions you have.
Manchester has a history of great technological innovation, including the first stored program computer and it is a real thrill for me to offer this workshop there.
FSFE Manchester ran a workshop evaluating the performance of free software softphones back in 2012.
Over the coming months, I would like to be able to hold further workshops in other locations to get feedback from people who are trying this technology, including the Lumicall app, JSCommunicator and DruCall. If you are interested in helping organize such an event or you have any other feedback about this topic, please come and discuss it on the Free RTC mailing list.
http://danielpocock.com/2015-11-02-free-rtc-workshop-manchester
|
|
Mozilla Release Management Team: Firefox 42 beta9 to rc1 |
In this RC release, we disabled async plugin init. Besides this change, we took the usual kind of fixes (crashes, last bug fixes, etc).
| Extension | Occurrences |
| py | 25 |
| cpp | 9 |
| js | 5 |
| h | 5 |
| json | 2 |
| java | 2 |
| xml | 1 |
| webidl | 1 |
| txt | 1 |
| sh | 1 |
| ini | 1 |
| html | 1 |
| hgtags | 1 |
| css | 1 |
| Module | Occurrences |
| testing | 27 |
| mobile | 17 |
| dom | 14 |
| browser | 4 |
| widget | 2 |
| js | 2 |
| ipc | 2 |
| netwerk | 1 |
| modules | 1 |
List of changesets:
| Dragana Damjanovic | Bug 1214786 - Channelwrapper: Fix up maybeWrapChannel to wrap if not gecko internal channel (r=mayhemer,sicking) a=sylvestre - 5927d34ab471 |
| Nick Thomas | Bug 1213721 - Tracking bug for migration from ftp.m.o to S3, r=rail - 920d1c0c8d1d |
| Nick Thomas | Bug 1216907 - Uploads are broken on try for desktop and mobile builds since S3 migration, r=bustage, a=release-automation - 569a9bdffe0a |
| Aaron Klotz | Bug 1216665 - Disable dom.ipc.plugins.asyncInit.enabled in 42. r=aklotz, a=sylvestre - ad9b70fef588 |
| Jason Orendorff | Bug 1206700 - Fix an bug in property assignment, recently exposed by Reflect.set. r=waldo, a=al - 556adfdf68c3 |
| Masayuki Nakano | Bug 1217275 - Fix missing \n in IMMHandler::HandleDocumentFeed(), it was replaced to empty string accidentally. r=m_kato, a=sylvestre - 322adf3cdef3 |
| Markus Stange | Bug 1210245 - Don't let the form validation anchor impact browser layout. r=Gijs, a=sylvestre - f25c880e125d |
| Sebastian Kaspari | Bug 1215950 - GeckoInputConnection: Run re-focus workaround on the UI thread. r=jchen, a=sylvestre - 233ab8d5b962 |
| Jason Orendorff | Bug 1206700 - Followup to add extra test assertion requested by jwalden in review. a=test-only - cda83cc1aae0 |
| Chenxia Liu | Bug 1201081 - UnsupportedOperationException crash at Canvas.clipPath. r=sebastian, a=sylvestre - 45403faf67cf |
| Chenxia Liu | Bug 1201081 - Skip some code paths. r=sebastian, a=sylvestre - 13d1f4216f93 |
| Ehsan Akhgari | Bug 1216697 - Unship Request.cache until the implementation is finished; r=bzbarsky, a=sylvestre - 5c768aafbaa7 |
| Ehsan Akhgari | Bug 1216697 - follow-up: enable the dom.requestcache.enabled pref in DOM Cache tests. a=test-only - 3f2ff85b2f16 |
| Wes Kocher | Backed out changeset 451d4a04dae4 (Bug 1160890) a=backout - de3239af77ff |
| Wes Kocher | Backed out changeset 451d4a04dae4 (Bug 1160890) a=backout CLOSED TREE - da2fdb1f0eca |
| Aaron Klotz | Bug 1218473: Back out 45ab7cdffbb4 on suspicion of causing spike in CreateWindowEx crashes; r=backout a=lizzard CLOSED TREE - 4d60b9516805 |
| Wes Kocher | Merge beta to release a=merge - 82fa2a19a9b9 |
http://release.mozilla.org/statistics/42/2015/10/28/fx-42-b9-to-rc.html
|
|