Created attachment 538290 [details] [diff] [review] update to r686 Updating ANGLE to r686 (from r653) will get us many improvement, in particular r662 fixes a security issue, bug 661283. The patch also updates our patchset: adds the patch to work around the msvc2005 intrinsics compilation issue, removes the angle-makefiles patch because it only applies to files that are not present in upstream ANGLE so there's little point in maintaining this patch. Updated the README. Joe -> not sure what 'reviewing' can mean for this kind of patch. Please advise.
Comment on attachment 538290 [details] [diff] [review] update to r686 consider this a permanent rs=joe for any and all angle updates, so long as they pass try
Test failure on WinXP. We had an intermittent like this, bug 658802, but it seems to have turned permaorange, good occasion to look into it. The bug is that the test asks for a joint DEPTH_STENCIL renderbuffer, which we implement by trying to get a packed DEPTH24_STENCIL8 renderbuffer, which apparently is not supported on the WinXP test slaves. Implementing this in a fully portable way would be quite a bit of work and probably not worth it since that's part of the OpenGL 3.1 standard i.e. could well be fixed just by a driver update (the WinXP test slaves have outdated drivers, the Win7 test slaves succeed on the same hardware). -> new tryserver push just marking this test as expected-to-fail on WinXP: http://tbpl.mozilla.org/?tree=Try&rev=076bc094a359
There were more test failures, new try: http://tbpl.mozilla.org/?tree=Try&rev=a1477bee4cbc
Comment on attachment 538290 [details] [diff] [review] update to r686 Requesting approval for aurora because of the dependent sg:low issue
The security team is going to loop around and drive figuring out if there are additional security fixes in here we need that would cause us to take it.
Aurora is still on r653. Between 653 and 686, there is 678, http://code.google.com/p/angleproject/source/detail?r=678 , which looks serious to me from a security perspective. This sounds like the kind of things that can give access to uninitialized video memory, though you'd have to ask a ANGLE developer to be sure. I support taking ANGLE r686 on Aurora, it's been well tested on Nightly, it has useful improvements (removes crashes in debug builds on the conformance test suite, removes wrong-rendering bugs).
Landed on Aurora: http://hg.mozilla.org/releases/mozilla-aurora/rev/33e04b375a05
We are comfortable with where fuzzing is for this and as long as that continues we don't see further need to track this.
Can anyone please help me with a test case or with STR / guidelines that I can use to verify this fix? Thank you
This is easy to check on Windows: go to about:support, scroll down to 'WebGL renderer', it should report ANGLE and the ANGLE revision number. On other platforms, or on Windows machines where ANGLE isn't used for WebGL rendering, this would be a lot harder to check from the executable.
Could anyone please help me with guidelines on how to verify this fix on Linux and Mac OS? Thank you Jacob, thank you for the help with Windows.
(In reply to Ioana Budnar from comment #13) > Could anyone please help me with guidelines on how to verify this fix on > Linux and Mac OS? It's not really verifiable from the Firefox binaries outside of Windows, but don't worry about it: this is the kind of thing that doesn't really need verification as it follows clearly from the source code modification that we made.
Verified fixed on: Mozilla/5.0 (Windows NT 6.1; rv:7.0) Gecko/20100101 Firefox/7.0 Mozilla/5.0 (Windows NT 5.1; rv:7.0) Gecko/20100101 Firefox/7.0 Steps to verify: 1. Go to about:support. 2. Scroll down to 'WebGL renderer' 3. Observe the ANGLE revision number. It should be 'r686'.