Closed Bug 575620 Opened 14 years ago Closed 14 years ago

upgrade to NSPR 4.8.6 + NSS 3.12.7 and link against mozsqlite3

Categories

(Core :: Security: PSM, defect)

Product:
Core
Component:
Security: PSM
Type:
defect
Priority:
Not set
Severity:
normal

Tracking

()

Status:
RESOLVED FIXED
Milestone:
mozilla2.0b3
Tracking Flags:
Tracking Status
blocking1.9.2 --- .9+
status1.9.2 --- .9-fixed
blocking1.9.1 --- .14+
status1.9.1 --- .14-fixed

People

(Reporter: KaiE, Assigned: KaiE)

References

(Blocks 1 open bug)

Details

(Keywords: verified1.9.2)

Attachments

(1 file, 1 obsolete file)

makefile patch v2
1.12 KB, patch
KaiE
: review+
dveditz
: approval1.9.2.9+
christian
: approval1.9.1.14+
Details | Diff | Splinter Review 
We would like to upgrade Mozilla and pick up:
- NSPR 4.8.5
- NSS 3.12.7

Because of bug 519550, this will require a small Makefile modification on trunk (only) to instruct NSS to link against mozsqlite3
Attached patch makefile patch (obsolete) — Splinter Review 

        Attachment #454864 -
        Flags: review?(wtc)

    
  
Summary: upgrade to NSPR 4.8.5 to NSS 3.12.7 and link against mozsqlite3 → upgrade to NSPR 4.8.5 + NSS 3.12.7 and link against mozsqlite3

    
    

    
  
I did a tryserver build, and saw the error messages described in bug 415563 comment 12:
../../../dist/bin/libnspr4.so: undefined reference to `__sync_sub_and_fetch_4'
../../../dist/bin/libnspr4.so: undefined reference to `__sync_add_and_fetch_4'

I conclude this is blocked by bug 559964.
Depends on: gcc4.5, 415563

    
    

    
  
We had other problems with updating to GCC 4.5 that caused us to revert to GCC 4.3.3. This is why I backed out bug 415563 on NSPR trunk.

I've created a NSPR_4_8_5_RTM tag which is after the backout, so should be safe to update to.

    
    

    
  
Ted, we've deleted the NSPR 4.8.5 RTM tag from CVS. We need to coordinate a new release tag and make sure we follow the release procedures.

We'll use 4.8.6 as the next official release version.
Summary: upgrade to NSPR 4.8.5 + NSS 3.12.7 and link against mozsqlite3 → upgrade to NSPR 4.8.6 + NSS 3.12.7 and link against mozsqlite3

    
    

    
  
We would like to wait for a fix for bug 556497 prior to releasing NSS 3.12.7, adding bug to dependency list.

    
  
Depends on: 556497

    
    

    
  
Does this bug depend on bug 415563 and/or bug 559964?
Awaiting clarification after bug 415563 comment 21.

    
    

    
  
Comment on attachment 454864 [details] [diff] [review]
makefile patch

r=wtc.

        Attachment #454864 -
        Flags: review?(wtc) → review+

    
    

    
  
ted,taras: can I log in to the tinderbox to take a look and try the -march=i486 fix?

    
    

    
  
You'd need to ask someone from Release Engineering, you can find them in #build (although we're all at the summit this week, so it may be tough to get a hold of people).

There's also a VMWare VM of the Linux build machines if you want to try that. It's a little bit out of date, but it has GCC 4.3.3:
https://wiki.mozilla.org/ReferencePlatforms/Linux-Public

    
    

    
  
(In reply to comment #10)

> There's also a VMWare VM of the Linux build machines if you want to try that.
> It's a little bit out of date, but it has GCC 4.3.3:
> https://wiki.mozilla.org/ReferencePlatforms/Linux-Public

Ted is right, you can reproduce this bug on that VM.

    
    

    
  
I pushed NSPR_4_8_6_BETA1 to mozilla-central in changeset c1c64067eeb8:
http://hg.mozilla.org/mozilla-central/rev/c1c64067eeb8

    
    

    
  
I pushed NSPR_4_8_6_BETA2 to mozilla-central in changeset 500d1bd6e71b:
http://hg.mozilla.org/mozilla-central/rev/500d1bd6e71b

    
    

    
  
I pushed NSPR_4_8_6_BETA3 to mozilla-central in changeset da2b4fad0ad1:
http://hg.mozilla.org/mozilla-central/rev/da2b4fad0ad1

Kai, you can push NSS_3_12_7_BETA2 to mozilla-central now.

    
    

    
  


  
second revision of makefile changes for PSM

Wan-Teh proposed that we can also stop setting the freebl variable, because NSS 3.12.7 does that by default now.

r=kaie

        Attachment #454864 -
        Attachment is obsolete: true

        Attachment #457659 -
        Flags: review+
Blocks: 451187
blocking1.9.2: --- → ?

          status1.9.2:
          --- → wanted

    
    

    
  
Comment on attachment 457659 [details] [diff] [review]
makefile patch v2

let's use this patch to represent the task of landing onto 1.9.2...

        Attachment #457659 -
        Flags: approval1.9.2.8?

    
  
Blocks: 567134

    
    

    
  
If this lands on 1.9.2 we need to be sure not to regress Bug 567134, since we've taken a temporary patch for that on 1.9.2.

    
    

    
  
I've landed nss 3.12.7 beta 2 and the makefile v2 patch into mozilla-central.

http://hg.mozilla.org/mozilla-central/rev/1eca03018726
http://hg.mozilla.org/mozilla-central/rev/e15f9edaa78f

Based on my earlier try-server build things are expected to go well.

Once we are certain to make final releases of nspr 4.8.6 and 3.12.7 we'll land the diffs (probably only the version number changes) and close this bug.

    
    

    
  
I've also cleaned up directory mozilla/security/patches, since patch for bug 519550 is no longer necessary with 3.12.7

    
    

    
  
(In reply to comment #17)

khuey: good point.  Two things.
1) We should create the mozilla/security/patches directory in
mozilla-1.9.2 to keep track of the patches you've applied on
top of an NSS CVS tag. Here is what that directory looks like in
mozilla-central:
http://mxr.mozilla.org/mozilla-central/source/security/patches/
2) The patch for bug 567134 should also be applied to
mozilla-central.
blocking1.9.2: ? → .8+

    
    

    
  
Comment on attachment 457659 [details] [diff] [review]
makefile patch v2

Approved for 1.9.2.9, a=dveditz for release-drivers

        Attachment #457659 -
        Flags: approval1.9.2.8? → approval1.9.2.8+

    
  
Assignee: nobody → kaie

    
    

    
  
This has been fixed in mozilla-central.
Status: NEW → RESOLVED
Closed: 14 years ago
OS: Linux → All
Hardware: x86 → All
Resolution: --- → FIXED
Target Milestone: --- → mozilla2.0b3

    
  
Depends on: 585061

    
  
No longer depends on: 585061

    
    

    
  
I've landed this into mozilla-1.9.2

Using the nice hg mq extension it's easy to partition patches, so I ended up landing this as 4 separate commits...:

http://hg.mozilla.org/releases/mozilla-1.9.2/rev/aa01d8aeacdc
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/8c356dd0a14a
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/4a5951bdc65f
http://hg.mozilla.org/releases/mozilla-1.9.2/rev/521c209771fd

I've also added the security/patches directory + contents.


Tinderbox tells me there was some orange reporting some leaks, but in my understanding, based on the history of this test machine (OSX moth), that's an intermittent random failure.

          status1.9.2:
          wanted.9-fixed

    
    

    
  
(Note I omitted the mozsqlite3 portion of the makefile patch, because it's doesn't apply to mozilla-1.9.2 - that branch still uses library name sqlite3)

    
    

    
  
Ehsan starred the orange with bug 505650.

    
    

    
  
Verified for 1.9.2 by checking the binaries in nightly builds.
Keywords: verified1.9.2

    
  
Depends on: 567620

    
  
No longer depends on: 567620

    
    

    
  
NSS 3.12.8 requires NSPR 4.8.6, so I'm requesting approval to
update to NSPR 4.8.6 in mozilla-1.9.1 at the same time or
before I update to NSS 3.12.8.
blocking1.9.1: --- → ?

    
  
blocking1.9.1: ? → .14+

    
    

    
  
Is it the same patch? If so I can approve the patch as well. Marked as blocking.

    
  

        Attachment #457659 -
        Flags: approval1.9.1.14+

    
    

    
  
Pushed NSPR 4.8.6 to mozilla-1.9.1 in changeset 5920f776e030:
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/5920f776e030

Pushed the second "hunk" of makefile patch v2 (attachment 457659 [details] [diff] [review])
to mozilla-1.9.1 in changeset 387e34496d69:
http://hg.mozilla.org/releases/mozilla-1.9.1/rev/387e34496d69

          status1.9.1:
          --- → .14-fixed
Depends on: CVE-2010-3173

          You need to log in
          before you can comment on or make changes to this bug.
        






  

    
  







  

    

      
Attachment

      

      
      
      
      
    

    

      

        

          

            
General

            

              Creator: 



            

            
Created: 

            
Updated: 

            
Size: