Re: Mapping Rust panics to MOZ_CRASH on non-Rust-created threads

Henri Sivonen wrote: > I think for release builds, we should have the following: > 1) Rust panic!() causes a crash that's MOZ_CRASH()-compatible for > crash-reporting purposes. (See > https://mxr.mozilla.org/mozilla-central/source/mfbt/Assertions.h#269 > and particularly >

Re: Mapping Rust panics to MOZ_CRASH on non-Rust-created threads

On Tue, Mar 22, 2016 at 3:03 AM, Henri Sivonen wrote: > It seems that the Rust MP4 parser is run a new Rust-created thread in > order to catch panics. > Is the Rust MP4 parser using panics for flow control (like is common in JS and Java with exceptions), or only for

Re: Linux distro readiness for Rust in Gecko

Henri Sivonen wrote: > An example of this *not* being the case: I expect to have to import > https://github.com/gz/rust-cpuid into Gecko in order to cater to the > Mozilla-side policy sadness of having to support Windows XP users > whose computers don't have SSE2. With my

Re: C++ Core Guidelines

Henri Sivonen <hsivo...@hsivonen.fi> wrote: > On Wed, Jan 6, 2016 at 9:27 PM, Brian Smith <br...@briansmith.org> wrote: > > Henri Sivonen <hsivo...@hsivonen.fi> wrote: > >> > >> On Thu, Oct 1, 2015 at 9:58 PM, Jonathan Watt <jw...@jwatt

Re: C++ Core Guidelines

Henri Sivonen wrote: > On Thu, Oct 1, 2015 at 9:58 PM, Jonathan Watt wrote: > > For those who are interested in this, there's a bug to consider > integrating > > the Guidelines Support Library (GSL) into the tree: > > > >

Re: Merging comm-central into mozilla-central

On Mon, Oct 26, 2015 at 1:45 PM, Joshua Cranmer  <pidgeo...@gmail.com> wrote: > FWIW, when Brian Smith made his comments on mozilla.dev.security.policy, I > did try to find a bug detailing what he was talking about... and I couldn't > find what he was talking about, which means th

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

Mike Hommey m...@glandium.org wrote: Brian Smith wrote: It is very inconvenient to have a minimum supported compiler version that we cannot even do test builds with using tryserver. Why this sudden requirement when our *current* minimum supported version is 4.6 and 4.6 is nowhere close

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

bo...@mozilla.com wrote: Also, from what I can tell of the C++ features that gcc-4.8 enables (from [1]), none of them are available until MSVC 2015. It seems likely that we'll be supporting MSVC 2013 until the next ESR, so I don't see that moving to 4.8 gives us any immediate benefits. [1]

Re: Intent to not fix: Building with gcc-4.6 for Fx38+

Ryan VanderMeulen rya...@gmail.com wrote: (2) The trychooser tool should be extended to make it possible to build with GCC 4.7 on any platforms where it is supported, and bootstrap.py be updated to install GCC 4.7 alongside the currently-installed compiler. All Android and B2G JB/KK emulator

Re: Intent to Ship: Fetch API

nsm.nik...@gmail.com wrote: Target release: FF 38 or 39 (feedback requested) Currently hidden behind: dom.fetch.enabled. Bug to enable by default: https://bugzilla.mozilla.org/show_bug.cgi?id=1133861 Great work! Is there a test that verifies that fetch is correctly handled by nsIContentPolicy

Re: Proposed W3C Charter: Web Application Security (WebAppSec) Working Group

at http://cowl.ws/. Note, in particular, that the prototype is a modification of Firefox. Also note this acknowledgement from the second COWL paper: We thank Bobby Holley, Blake Kaplan, Ian Melven, Garret Robinson, Brian Smith, and Boris Zbarsky for helpful discussions of the design and implementation

Re: Fwd: [blink-dev] Intent to Ship: Plugin Power Saver Poster Images

On Mon, Feb 9, 2015 at 8:03 AM, Benjamin Smedberg benja...@smedbergs.us wrote: On 2/7/2015 4:38 AM, Jet Villegas wrote: I'm skeptical of the immediate value. We need to focus on Flash hangs and also the security issues surrounding Flash 0-days especially as distributed by ad networks. Power

Re: Proposed W3C Charter: Web Application Security (WebAppSec) Working Group

L. David Baron dba...@dbaron.org wrote: Is the argument you're making that if the site can serve the ads from the same hostname rather than having to use a different hostname to get same-origin protection, then ad-blocking (or tracking-blocking) tools will no longer be able to block the ads?

Re: Proposed W3C Charter: Web Application Security (WebAppSec) Working Group

L. David Baron dba...@dbaron.org wrote: The W3C is proposing a revised charter for: Web Application Security Working Group http://www.w3.org/2014/12/webappsec-charter-2015.html https://lists.w3.org/Archives/Public/public-new-work/2014Dec/0008.html Mozilla has the opportunity to send

Re: Dropping support for MSVC2012

Ehsan Akhgari ehsan.akhg...@gmail.com wrote: On 2015-01-02 2:03 PM, Brian Smith wrote: In this case, the problem is that I wrote a patch to explicitly delete (= delete) some members of classes in mozilla::pkix. mozilla::pkix cannot depend on MFBT for licensing and build independence reasons

RE: Dropping support for MSVC2012

Ehsan wrote: Note that MSVC 2012 is supported in the sense that we'd accept patches that help fix it, and we won't check in patches that require compiler features that 2012 does not support. In this case, the problem is that I wrote a patch to explicitly delete (= delete) some members of

Fwd: David Keeler is now the module owner of PSM

-- Forwarded message -- From: Brian Smith br...@briansmith.org Date: Fri, Aug 1, 2014 at 9:24 AM Subject: David Keeler is now the module owner of PSM To: mozilla-governa...@lists.mozilla.org, mozilla's crypto code discussion list dev-tech-cry...@lists.mozilla.org, David Keeler dkee

Re: Try-based code coverage results

On Mon, Jul 7, 2014 at 11:11 AM, Jonathan Griffin jgrif...@mozilla.com wrote: I guess a related question is, if we could run this periodically on TBPL, what would be the right frequency? We could potentially create a job in buidlbot that would handle the downloading/post-processing, which

Re: C++ standards proposals of potential interest, and upcoming committee meeting

On Tue, Jun 10, 2014 at 4:19 PM, Botond Ballo bba...@mozilla.com wrote: Why put this into core C++? Why not leave it to libraries? The standard library is a library :) One of the biggest criticisms C++ faces is that its standard library is very narrow in scope compared to other languages

Re: Google announces Chrome builds for Win64

On Tue, Jun 3, 2014 at 11:37 AM, Chris Peterson cpeter...@mozilla.com wrote: http://blog.chromium.org/2014/06/try-out-new-64-bit-windows- canary-and.html What is the status of Firefox builds for Win64? When Mozilla releases Win64 builds (again), we'll be seen as reacting to Google when we've

Re: B2G, email, and SSL/TLS certificate exceptions for invalid certificates

On Thu, May 29, 2014 at 2:03 PM, Andrew Sutherland asutherl...@asutherland.org wrote: This is a good proposal, thank you. To restate my understanding, I think the key points of this versus the proposal I've made here or the variant in the https://bugzil.la/874346#c11 ISPDB proposal are: *

Re: B2G, email, and SSL/TLS certificate exceptions for invalid certificates

On Wed, May 28, 2014 at 5:13 PM, Andrew Sutherland asutherl...@asutherland.org wrote: On 05/28/2014 07:16 PM, David Keeler wrote: * there is only a single certificate store on the device and therefore that all exceptions are device-wide This is an implementation detail - it would not be

Re: nsRefPtr vs RefPtr

On Mon, May 12, 2014 at 9:36 AM, Kyle Huey m...@kylehuey.com wrote: We should get rid of RefPtr, just like we did the MFBT refcounting classes. The main thing stopping a mechanical search and replace is that the two smart pointers have different semantics around already_AddRefed/TemporaryRef

Re: Policing dead/zombie code in m-c

On Thu, Apr 24, 2014 at 4:03 PM, Ehsan Akhgari ehsan.akhg...@gmail.comwrote: * Are there obvious places that people should inspect for code that's being built but not used? Some libs that got imported for WebRTC maybe? Nothing big comes to my mind. Perhaps hunspell on b2g?

Re: Always brace your ifs

On Sat, Feb 22, 2014 at 5:06 PM, Neil n...@parkwaycc.co.uk wrote: Joshua Cranmer wrote: Being serious here, early-return and RTTI (to handle the cleanup prior to exit) would have eliminated the need for gotos in the first place. I assume you mean RAII. Unfortunately that requires C++. (I was

Re: Cairo being considered as the basis of a standard C++ drawing API

On Sun, Feb 9, 2014 at 2:38 PM, Robert O'Callahan rob...@ocallahan.org wrote: I've already given my feedback on the cairo mailing list. Summary: Moz2D is the right thing for us, and probably for other application frameworks, but for applications that just want to draw their stuff on the screen

Re: Cairo being considered as the basis of a standard C++ drawing API

On Sun, Feb 9, 2014 at 2:54 PM, Robert O'Callahan rob...@ocallahan.org wrote: On Mon, Feb 10, 2014 at 11:49 AM, Brian Smith br...@briansmith.org wrote: It seems likely that if something like Moz2D became the standard API then we'd be able to optimize it more easily than we'd be able to optimize

Re: Tagging legitimate main thread I/O

On Fri, Feb 7, 2014 at 11:13 AM, David Keeler dkee...@mozilla.com wrote: On 02/07/14 10:31, ISHIKAWA, Chiaki wrote: Message: [10549] WARNING: Security network blocking I/O on Main Thread: file /REF-COMM-CENTRAL/comm-central/mozilla/security/manager/ssl/src/nsNSSCallbacks.cpp, line 422

Re: A proposal to reduce the number of styles in Mozilla code

On Sun, Jan 5, 2014 at 6:34 PM, Nicholas Nethercote n.netherc...@gmail.com wrote: - There is an semi-official policy that the owner of a module can dictate its style. Examples: SpiderMonkey, Storage, MFBT. AFAICT, there are not many rules that module owners are bound by. The reason module

Re: On the usefulness of style guides (Was: style guide proposal)

On Thu, Dec 19, 2013 at 6:13 PM, Ehsan Akhgari ehsan.akhg...@gmail.comwrote: But to address the main point of this paragraph, what's wrong with having *one* style that *everybody* follows? I can't tell if you have something against that, or if you just care about a small subset of the tree

Re: NSPR logging dropping log messages

On Thu, Dec 5, 2013 at 9:46 PM, Robert O'Callahan rob...@ocallahan.org wrote: bug 924253 I think we should also be careful that, when we have multiple processes (which is always, because of e10s-based about:newtab fetching), that those multiple processes are not clobbering each other's output,

Re: Deciding whether to change the number of unified sources

On Tue, Dec 3, 2013 at 8:53 AM, Ted Mielczarek t...@mielczarek.org wrote: On 12/2/2013 11:39 PM, Mike Hommey wrote: Current setup (16): real11m7.986s user63m48.075s sys 3m24.677s Size of the objdir: 3.4GiB Size of libxul.so: 455MB Just out of curiosity, did you try

David Keeler is now a PSM peer

Hi all, Please join me in welcoming David Keeler as a PSM peer! Amongst many other things, David implemented the HSTS preload list, integrated OCSP stapling into Firefox, and is current implementing the OCSP Must-Staple feature, which is a key part of our goal of making certificate status

Re: Plug-in feature not available in the web platform. Alternatives?

On Fri, Nov 8, 2013 at 1:33 AM, fma spew fmas...@gmail.com wrote: We have a npapi-npruntime plug-in that access the Windows certificate store via CAPI to provide the end-user with its personal certificates to perform different operations. We can and should switch from using NSS to using the

Re: Cost of ICU data

On Thu, Oct 17, 2013 at 3:46 AM, Axel Hecht l...@mozilla.com wrote: We have issues with disk space, currently. We're already in the situation where all our keyboard data doesn't fit on quite a few of the devices out there. Where can one read more about this? This ICU data is not *that* huge.

Re: devolution of cleartype rendering in Fx chrome

On Wed, Oct 16, 2013 at 1:39 PM, al...@yahoo.com wrote: In general, if I understand correctly, it's hard to use native subpixel AA in layers that use hardware accelerated compositing. So in some cases we might need to choose between speed and subpixel rendering. (I'm not at all an expert in

Re: Cost of ICU data

On Tue, Oct 15, 2013 at 9:06 AM, Benjamin Smedberg benja...@smedbergs.us wrote: Do we need this data for any language other than the language Firefox ships in? Can we just include the relevant language data in each localized build of Firefox, and allow users to get other language data via

Re: Cost of ICU data

On Tue, Oct 15, 2013 at 10:50 AM, Anne van Kesteren ann...@annevk.nl wrote: On Tue, Oct 15, 2013 at 6:45 PM, Benjamin Smedberg benja...@smedbergs.us wrote: On 10/15/2013 1:18 PM, Brian Smith wrote: My understanding is that web content should not be able to tell which locale the browser

Re: What platform features can we kill?

On Thu, Oct 10, 2013 at 3:43 AM, Till Schneidereit t...@tillschneidereit.net wrote: On Thu, Oct 10, 2013 at 12:00 PM, Gabriele Svelto gsve...@mozilla.com wrote: On 10/10/2013 02:36, Zack Weinberg wrote: In that vein, I think we should take a hard look at the image decoders. Not only is that a

Re: What platform features can we kill?

On Wed, Oct 9, 2013 at 9:01 AM, Gervase Markham g...@mozilla.org wrote: * Windows integrated auth I would love to kill Windows integrated auth. It seems like doing so would mean almost the same thing as saying we don't care about intranets though. That's something I would be very interested in

Re: What platform features can we kill?

On Wed, Oct 9, 2013 at 9:01 AM, Gervase Markham g...@mozilla.org wrote: Attack surface reduction works: http://blog.gerv.net/2013/10/attack-surface-reduction-works/ In the spirit of learning from this, what's next on the chopping block? Master password. The UI is prone to phishing, it causes

Re: Poll: What do you need in MXR/DXR?

On Wed, Oct 2, 2013 at 12:33 PM, Erik Rose e...@mozilla.com wrote: What features do you most use in MXR and DXR? Blame. I wish blame mode was the default (only?) view. What keeps you off DXR? (What are the MXR things you use constantly? Or the things which are seldom-used but vital?) *

Re: Implementing Pepper since Google is dropping NPAPI for good

On Mon, Sep 23, 2013 at 2:41 PM, Benjamin Smedberg benja...@smedbergs.uswrote: On 9/23/2013 4:59 PM, Brian Smith wrote: Given that Pepper presents little benefit to users, Pepper presents a huge benefit to users because it allows the browser to sandbox the plugin. Once we have a sandbox

Re: Implementing Pepper since Google is dropping NPAPI for good

On Mon, Sep 23, 2013 at 3:40 PM, Chris Peterson cpeter...@mozilla.comwrote: On 9/23/13 2:41 PM, Benjamin Smedberg wrote: Even if Firefox supported the Pepper API, we would still need a Pepper version of Flash. And Adobe doesn't have one; Google does. When I was an engineer on Adobe's Flash

Re: You want faster builds, don't you?

On Sun, Sep 22, 2013 at 6:20 PM, Mark Hammond mhamm...@skippinet.com.auwrote: [I also see a clobber build spend 5 minutes in various configure runs, which frustrates me every time I see it - so I minimize the shell ;] Yep, and the amazing thing is that we basically don't even need to run

Re: Removing xml:base

On Mon, Sep 16, 2013 at 5:06 PM, Adam Kowalczyk adam-kowalcz...@o2.pl wrote: For what it's worth, I find xml:base very useful in my extension. It is a feed reader and it displays content from many third-party sources on a single page, so there's a need for multiple base URIs in order to resolve

Re: On builds getting slower

I talked to gps today and told him I would let him know my numbers on my machine. I will share them with everybody: My Win32 debug clobber build (mach build after mach clobber) was 39:54.84 today, up from ~33:00 a few months ago. Not sure if it is my system. Immediate rebuild (no-op) was

Re: Rethinking build defaults

On Fri, Aug 16, 2013 at 2:43 AM, Andreas Gal andreas@gmail.com wrote: I would like to propose the opposite approach: - Remove all conditional feature configuration from configure. WebRTC et al are always on. Features should be disabled dynamically (prefs), if at all. - Reduce configure

Re: Rethinking build defaults

On Fri, Aug 16, 2013 at 4:27 AM, Mike Hommey m...@glandium.org wrote: - Remove all conditional feature configuration from configure. WebRTC et al are always on. Features should be disabled dynamically (prefs), if at all. - Reduce configure settings to choice of OS and release or

Re: Standard C/C++ and Mozilla

On Wed, Aug 7, 2013 at 6:47 PM, Ehsan Akhgari ehsan.akhg...@gmail.comwrote: (Sorry for the late reply, please blame it on Canadian statutory holidays, and my birthday date!) Happy birthday! On Fri, Aug 2, 2013 at 11:09 PM, Brian Smith br...@briansmith.org wrote: 1. It avoids a phase

Re: Standard C/C++ and Mozilla

On Wed, Aug 7, 2013 at 6:47 PM, Ehsan Akhgari ehsan.akhg...@gmail.comwrote: But for whatever it's worth, I think that in general, for the std replacement code living in MFBT, it's best for us to try really hard to match the C++ standard where it makes sense. We sometimes go through a crazy

Re: reminder: content processes (e10s) are now used by desktop Firefox

On Wed, Jul 31, 2013 at 1:10 AM, Gavin Sharp ga...@gavinsharp.com wrote: Bug 870100 enabled use of the background thumbnail service in Firefox desktop, which uses a browser remote=true to do thumbnailing of pages in the background. That means that desktop Firefox now makes use of E10S

Re: std::unique_ptr, std::move,

On Fri, Aug 2, 2013 at 2:58 PM, Mike Hommey m...@glandium.org wrote: Upgrading minimum compiler requirements doesn't imply backporting those requirements to Aurora where ESR24 is right now. Are you opposed to updating our minimum supported gcc to 4.7 on trunk when Firefox OS is ready to

Re: std::unique_ptr, std::move,

On Fri, Aug 2, 2013 at 1:36 AM, Joshua Cranmer  pidgeo...@gmail.comwrote: On 8/1/2013 5:46 PM, Brian Smith wrote: FWIW, I talked about this issue with a group of ~10 Mozillians here in Berlin and all of them (AFAICT) were in favor of requiring that the latest versions of GCC be used

Re: Standard C/C++ and Mozilla

On Wed, Jul 31, 2013 at 7:41 PM, Joshua Cranmer  pidgeo...@gmail.comwrote: implementation, libc++, libstdc++, and stlport. Since most nice charts of C++11 compatibility focus on what the compiler needs to do, I've put together a high-level overview of the major additions to the standard

Re: std::unique_ptr, std::move,

On Sat, Aug 3, 2013 at 12:51 AM, Ehsan Akhgari ehsan.akhg...@gmail.comwrote: This adds too much risk of security patches failing to backport from mozilla-central to ESR 24. Remember that one of the design goals of ESR is to minimize the amount of effort we put into it so that ESR doesn't

Re: On indirect feedback

On Sat, Aug 3, 2013 at 1:32 AM, Robert O'Callahan rob...@ocallahan.orgwrote: On Sat, Aug 3, 2013 at 9:13 AM, Gregory Szorc g...@mozilla.com wrote: Many of the complaints I've heard have been from overhearing hallway conversations, noticing non-directed complaints on IRC, having 3rd parties

Re: std::unique_ptr, std::move,

On Sat, Aug 3, 2013 at 12:50 AM, Ehsan Akhgari ehsan.akhg...@gmail.comwrote: On 2013-08-02 4:49 PM, Brian Smith wrote: That sounds reasonable to me. So, based on that then, let's get back to my original question that motivated the discussion of the policy: If we add std::move, std::forward

Re: Standard C/C++ and Mozilla

On Sat, Aug 3, 2013 at 12:47 AM, Ehsan Akhgari ehsan.akhg...@gmail.comwrote: On 2013-08-02 5:21 PM, Brian Smith wrote: 3. How should we handle bridge support for standardized features not yet universally-implemented? Generally, I would much rather we implement std::whatever ourselves than

Re: std::unique_ptr, std::move,

On Wed, Jul 31, 2013 at 2:19 PM, Mike Hommey m...@glandium.org wrote: On Wed, Jul 31, 2013 at 01:06:27PM +0200, Brian Smith wrote: On Wed, Jul 31, 2013 at 12:34 PM, Mike Hommey m...@glandium.org wrote: I strongly oppose to any requirement that would make ESR+2 (ESR31) not build

Re: std::unique_ptr, std::move,

On Wed, Jul 31, 2013 at 8:09 PM, Joshua Cranmer  pidgeo...@gmail.comwrote: More generally, nobody should be reasonably expected to write code that builds with any combination that isn't used on mozilla-central's TBPL. So, (clang, MSVC) is not really something to consider, for example.

Re: std::unique_ptr, std::move,

On Wed, Jul 31, 2013 at 6:53 AM, Joshua Cranmer  pidgeo...@gmail.comwrote: On 7/30/2013 10:39 PM, Brian Smith wrote: Yes: Then we can use std::unique_ptr in parts of Gecko that are intended to be buildable without MFBT (see below). One thing I want to point out is that, while compiler

Re: std::unique_ptr, std::move,

On Wed, Jul 31, 2013 at 12:34 PM, Mike Hommey m...@glandium.org wrote: I strongly oppose to any requirement that would make ESR+2 (ESR31) not build on the current Debian stable (gcc 4.7) and make ESR+1 (ESR24) not build on the old Debian stable (gcc 4.4). We're not going to change the

Re: Proposal: requiring build peer review for Makefile.in changes

On Fri, Jul 26, 2013 at 9:36 PM, Brad Lassey blas...@mozilla.com wrote: On 7/26/13 9:30 AM, Ehsan Akhgari wrote: I've written up the review policy at [1] and filed bug 898089 [2] to enforce/communicate this policy via Mercurial hooks. While I supported the review policy change here, I'm

std::unique_ptr, std::move, and std::forward (was Re: Using C++0x auto)

On Fri, Jul 19, 2013 at 4:46 AM, Mike Hommey m...@glandium.org wrote: Note that STL is another story. We're not using libstdc++ that comes with the compiler on android and b2g. We use STLport instead, and STLport has, afaik, no support for C++11 STL types. So, while we can now fix nsAutoPtr

Re: std::unique_ptr, std::move, and std::forward (was Re: Using C++0x auto)

On Wed, Jul 31, 2013 at 4:50 AM, Ehsan Akhgari ehsan.akhg...@gmail.comwrote: On Tue, Jul 30, 2013 at 7:40 PM, Brian Smith br...@briansmith.orgwrote: But, shouldn't we just name these std::move and std::forward and use these implementations only when we're using STLPort? I know we're

Re: Making proposal for API exposure official

Andrew Overholt wrote: On 25/06/13 10:11 AM, Brian Smith wrote: In the document, instead of creating a blacklist of web technologies to which the new policy would not apply (CSS, WebGL, WebRTC, etc.), please list the modules to which the policy would apply. I started building up a list

Re: Making proposal for API exposure official

Robert O'Callahan wrote: On Tue, Jun 25, 2013 at 3:08 PM, Brian Smith bsm...@mozilla.com wrote: At the same time, I doubt such a policy is necessary or helpful for the modules that I am owner/peer of (PSM/Necko), at least at this time. In fact, though I haven't thought about it deeply

Re: Making proposal for API exposure official

Henri Sivonen wrote: On Tue, Jun 25, 2013 at 6:08 AM, Brian Smith bsm...@mozilla.com wrote: At the same time, I doubt such a policy is necessary or helpful for the modules that I am owner/peer of (PSM/Necko), at least at this time. In fact, though I haven't thought about it deeply, most

Re: Ordering shutdown observers?

Ehsan Akhgari wrote: On 2013-05-15 5:18 PM, Vladan Djeric wrote: I'd like to know if these use-cases are sufficiently rare that we should just add new shutdown events when needed (e.g. we added profile-before-change2 for Telemetry in bug 844331), or if we should come up with a general way

Re: We should drop MathML

Benoit Jacob wrote: Can we focus on the other conversation now: should the Web have a math-specific markup format at all? I claim it shouldn't; I mostly mentioned TeX as a if we really wanted one side note and let it go out of hand. How many specific domains will want to have their own

Re: Proposal for an inbound2 branch

L. David Baron wrote: On Saturday 2013-04-27 08:26 +1000, Nicholas Nethercote wrote: If I have a patch ready to land when inbound closes, what would be the sequence of steps that I need to do to land it on inbound2? Would I need to have an up-to-date inbound2 clone and transplant the

Fwd: NSPR/NSS/JSS migrated to HG and updated directory layout

In addition to this change from CVS to Mercurial, the following changes will be made in mozilla-central the next time we update NSS: dbm/ will be moved security/nss/lib/dbm/ security/coreconf/ will be moved to security/nss/coreconf/ This should reduce some confusion about what parts of the tree

Re: Accessing @mozilla.org/xmlextras/xmlhttprequest;1 from content

- Original Message - From: Matthew Gertner matt...@salsitasoft.com To: dev-platform@lists.mozilla.org Sent: Friday, February 22, 2013 7:02:40 AM Subject: Accessing @mozilla.org/xmlextras/xmlhttprequest;1 from content I have an extension that loads an HTML file into a hidden browser

Re: LOAD_ANONYMOUS + LOAD_NOCOOKIES

bernhardr...@gmail.com wrote: i'm willing to fix https://bugzilla.mozilla.org/show_bug.cgi?id=836602 Summary: The rest api should not send cookies and thus now uses the LOAD_ANONYMOUS flag. But this flag also denies (client side) authentication like my custom firefox sync requires.

Re: Cycle collection for workers

Kyle Huey wrote: 1. Dealing with the different ownership model on worker threads (no cycle collector, all owning references go through JS). 2. Dealing with things that are not available off the main thread (no necko, no gfx APIs, etc). FWIW, I think the networking team has a goal

Re: Cycle collection for workers

Kyle Huey wrote: Brian Smith bsm...@mozilla.com wrote: At what point during XPCOM shutdown are workers destroyed? xpcom-shutdown-threads NSS gets shut down way before then, because it can write to the profile. Same with Necko. Cheers, Brian

Re: The future of PGO on Windows

Ehsan Akhgari wrote: Brian Smith wrote: 2. AFAICT, we did not seriously investigate the possibility of splitting things out of libxul more. So far we've tried cutting things off the top of the dependency tree. Maybe now we need to try cutting things off the bottom of the dependency tree

Re: The future of PGO on Windows

Ehsan Akhgari wrote: On 2013-02-04 11:44 AM, Ehsan Akhgari wrote: 3. What is the performance difference between Visual Studio 2012 PGO builds and Visual Studio 2010 builds? IMO, before we decide whether to disable PGO on Windows, we need to get good benchmark results for

Re: Let's never, ever, shut down NSS -- even in debug builds

Benjamin Smedberg wrote: On 1/28/2013 6:39 PM, Brian Smith wrote: This will greatly simplify lots of code--not just code in security/manager, but also code in WebRTC, DOM (DOMCrypt), Toolkit (toolkit/identity), and Necko (netwerk/). We already have a significant amount of code

Re: Investigation undergoing on the future of PGO

Ehsan Akhgari wrote: I have started an effort to gather some information on what options we have with regard to using PGO on Windows in the longer term[.] If you have ideas which are not covered by the bugs on file, please do let me know. Minimizing startup time is one of the biggest reasons

Let's never, ever, shut down NSS -- even in debug builds

Hi all, After seeing many, many bugs about difficulty of writing code that properly handles NSS shutdown during XPCOM profile teardown, I think the only reasonable way forward is to simply make it so that NSS never shuts down--including in debug builds. This will greatly simplify lots of

Re: Let's never, ever, shut down NSS -- even in debug builds

[+taras] Kyle Huey wrote: 2. Because NSS reads and writes to files in the profile directory, the profile directory must be readable and writable up until process exit. The current rules for XPCOM shutdown say that services must stop doing disk I/O well before then; we would need to change the

Re: Supporting the Windows Certificate Store

Joshua Toon wrote: I know that there are probably well thought out reasons that this isn't a features already...BUT! Lot's of US Government users can't use Firefox because it doesn't use the Windows certificate store. Please explain why NSS's trusted root store doesn't work for them. Is it

Re: C++11 atomics in Mozilla

Joshua Cranmer wrote: On 1/27/2013 11:48 PM, Brian Smith wrote: FWIW, in cases like this, I would rather we just use the C++11 API directly even if it means dropping support for common but out-of-date compilers like gcc 4.4 and VS2010. I personally prefer an API style where the memory

Re: Integrating ICU into Mozilla build

Jean-Marc Desperrier wrote: ICU is a massive, huge juggernaut. It fits the bill in professional application that have no download size constraints, and no requirement to support the low end of installed memory size. OS support is incredibly more efficient. Jean-Marc, I don't agree with

Re: Proposal: Remove Linux PGO Testing

David Anderson wrote: It's still unclear to me what our Linux PGO builds mean. Do distributions use them? If not, are they using the exact same compiler version and PGO environment data? If not, then they have a different configuration that we haven't tested. I agree that we should make sure

Why we avoid making private modifications to NSPR and NSS (was Re: Imported code)

Randell quoted: Ehsan wrote: It is entirely unreasonable to render ourselves unable to modify our imported code (just look at the current situation with NSPR which causes developers to go through huge pain in order to work around things which would be very simply dealt with if only we had

Re: Proposal: Remove Linux PGO Testing

Zack Weinberg wrote: Link-time optimization is described as an experimental new feature in the GCC 4.5.0 release notes[1]. The 4.6.0 release notes[2] say that it has now stabilized to the point of being usable, and the 4.7.0 release notes[3] describe it as still further improved both in

Re: Moving Away from Makefile's

Gregory Szorc wrote: 4. Native support for list and maps. Make files only support strings. The hacks this results in are barely tolerable. 5. Ability to handle conditionals. We need to be able to conditionally define things based on the presence or value of certain variables. e.g. if the

Re: Proposed policy change: reusability of tests by other browsers

Aryeh Gregor wrote: 1) Decide on guidelines for whether a test is internal or reusable. As a starting point, I suggest that all tests that are regular webpages that don't use any Mozilla-specific features should be candidates for reuse. Examples of internal tests would be tests written in