Date: Sat, 3 Mar 2018 00:52:38 +0000 (UTC) From: Jan Beich <jbeich@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r463455 - in head/www/waterfox: . files Message-ID: <201803030052.w230qc3x039695@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: jbeich Date: Sat Mar 3 00:52:38 2018 New Revision: 463455 URL: https://svnweb.freebsd.org/changeset/ports/463455 Log: www/waterfox: apply some FF59 fixes Added: head/www/waterfox/files/patch-bug1382359 (contents, props changed) head/www/waterfox/files/patch-bug1404297 (contents, props changed) head/www/waterfox/files/patch-bug1425520 (contents, props changed) head/www/waterfox/files/patch-bug1437450 (contents, props changed) head/www/waterfox/files/patch-bug1440775 (contents, props changed) head/www/waterfox/files/patch-bug1441006 (contents, props changed) Modified: head/www/waterfox/Makefile (contents, props changed) Modified: head/www/waterfox/Makefile ============================================================================== --- head/www/waterfox/Makefile Sat Mar 3 00:16:22 2018 (r463454) +++ head/www/waterfox/Makefile Sat Mar 3 00:52:38 2018 (r463455) @@ -3,7 +3,7 @@ PORTNAME= waterfox DISTVERSION= 56.0.4-20 DISTVERSIONSUFFIX= -ge03e284b083d -PORTREVISION= 2 +PORTREVISION= 3 CATEGORIES= www ipv6 MAINTAINER= jbeich@FreeBSD.org Added: head/www/waterfox/files/patch-bug1382359 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1382359 Sat Mar 3 00:52:38 2018 (r463455) @@ -0,0 +1,138 @@ +commit dd4fb3ba9f14 +Author: Georg Koppen <gk@torproject.org> +Date: Thu Mar 1 09:44:30 2018 +0100 + + Bug 1382359: Treat .onion as a secure context + + Websites which collect passwords but don't use HTTPS start showing scary + warnings from Firefox 51 onwards and mixed context blocking has been + available even longer. + + .onion sites without HTTPS support are affected as well, although their + traffic is encrypted and authenticated. This patch addresses this + shortcoming by making sure .onion sites are treated as potentially + trustworthy origins. + + The secure context specification + (https://w3c.github.io/webappsec-secure-contexts/) is pretty much focused + on tying security and trustworthiness to the protocol over which domains + are accessed. However, it is not obvious why .onion sites should not be + treated as potentially trustworthy given: + + "A potentially trustworthy origin is one which a user agent can + generally trust as delivering data securely. + + This algorithms [sic] considers certain hosts, scheme, and origins as + potentially trustworthy, even though they might not be authenticated and + encrypted in the traditional sense." + (https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy) + + We use step 8 in the algorithm to establish trustworthiness of .onion + sites by whitelisting them given the encrypted and authenticated nature + of their traffic. +--- + dom/html/HTMLFormElement.cpp | 4 ++++ + dom/security/nsContentSecurityManager.cpp | 7 +++++++ + dom/security/nsMixedContentBlocker.cpp | 29 +++++++++++++++++++++++++++++ + dom/security/nsMixedContentBlocker.h | 1 + + 4 files changed, 41 insertions(+) + +diff --git dom/html/HTMLFormElement.cpp dom/html/HTMLFormElement.cpp +index 02b3553c8a14..0e00b961ed45 100644 +--- dom/html/HTMLFormElement.cpp ++++ dom/html/HTMLFormElement.cpp +@@ -867,6 +867,10 @@ HTMLFormElement::DoSecureToInsecureSubmitCheck(nsIURI* aActionURL, + return NS_OK; + } + ++ if (nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(aActionURL)) { ++ return NS_OK; ++ } ++ + nsCOMPtr<nsPIDOMWindowOuter> window = OwnerDoc()->GetWindow(); + if (!window) { + return NS_ERROR_FAILURE; +diff --git dom/security/nsContentSecurityManager.cpp dom/security/nsContentSecurityManager.cpp +index ed83d490ca3f..d0e50d51bfd2 100644 +--- dom/security/nsContentSecurityManager.cpp ++++ dom/security/nsContentSecurityManager.cpp +@@ -13,6 +13,7 @@ + #include "nsIImageLoadingContent.h" + + #include "mozilla/dom/Element.h" ++#include "mozilla/dom/nsMixedContentBlocker.h" + + NS_IMPL_ISUPPORTS(nsContentSecurityManager, + nsIContentSecurityManager, +@@ -879,6 +880,12 @@ nsContentSecurityManager::IsOriginPotentiallyTrustworthy(nsIPrincipal* aPrincipa + } + } + } ++ // Maybe we have a .onion URL. Treat it as whitelisted as well if ++ // `dom.securecontext.whitelist_onions` is `true`. ++ if (nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(uri)) { ++ *aIsTrustWorthy = true; ++ return NS_OK; ++ } + } + + return NS_OK; +diff --git dom/security/nsMixedContentBlocker.cpp dom/security/nsMixedContentBlocker.cpp +index 918a6ce53132..0361e744c800 100644 +--- dom/security/nsMixedContentBlocker.cpp ++++ dom/security/nsMixedContentBlocker.cpp +@@ -395,6 +395,28 @@ nsMixedContentBlocker::IsPotentiallyTrustworthyLoopbackURL(nsIURI* aURL) { + return host.EqualsLiteral("127.0.0.1") || host.EqualsLiteral("::1"); + } + ++/* Maybe we have a .onion URL. Treat it as whitelisted as well if ++ * `dom.securecontext.whitelist_onions` is `true`. ++ */ ++bool ++nsMixedContentBlocker::IsPotentiallyTrustworthyOnion(nsIURI* aURL) { ++ static bool sInited = false; ++ static bool sWhiteListOnions = false; ++ if (!sInited) { ++ Preferences::AddBoolVarCache(&sWhiteListOnions, ++ "dom.securecontext.whitelist_onions"); ++ sInited = true; ++ } ++ if (!sWhiteListOnions) { ++ return false; ++ } ++ ++ nsAutoCString host; ++ nsresult rv = aURL->GetHost(host); ++ NS_ENSURE_SUCCESS(rv, false); ++ return StringEndsWith(host, NS_LITERAL_CSTRING(".onion")); ++} ++ + /* Static version of ShouldLoad() that contains all the Mixed Content Blocker + * logic. Called from non-static ShouldLoad(). + */ +@@ -725,6 +747,13 @@ nsMixedContentBlocker::ShouldLoad(bool aHadInsecureImageRedirect, + return NS_OK; + } + ++ // .onion URLs are encrypted and authenticated. Don't treat them as mixed ++ // content if potentially trustworthy (i.e. whitelisted). ++ if (isHttpScheme && IsPotentiallyTrustworthyOnion(innerContentLocation)) { ++ *aDecision = ACCEPT; ++ return NS_OK; ++ } ++ + // The page might have set the CSP directive 'upgrade-insecure-requests'. In such + // a case allow the http: load to succeed with the promise that the channel will + // get upgraded to https before fetching any data from the netwerk. +diff --git dom/security/nsMixedContentBlocker.h dom/security/nsMixedContentBlocker.h +index b7e4a7457bd2..a9b4dbdb612e 100644 +--- dom/security/nsMixedContentBlocker.h ++++ dom/security/nsMixedContentBlocker.h +@@ -48,6 +48,7 @@ public: + // See: + // https://w3c.github.io/webappsec-secure-contexts/#is-origin-trustworthy + static bool IsPotentiallyTrustworthyLoopbackURL(nsIURI* aURL); ++ static bool IsPotentiallyTrustworthyOnion(nsIURI* aURL); + + /* Static version of ShouldLoad() that contains all the Mixed Content Blocker + * logic. Called from non-static ShouldLoad(). Added: head/www/waterfox/files/patch-bug1404297 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1404297 Sat Mar 3 00:52:38 2018 (r463455) @@ -0,0 +1,260 @@ +commit 586e13b2b708 +Author: Blake Kaplan <mrbkap@gmail.com> +Date: Wed Jan 10 18:48:26 2018 -0500 + + Bug 1404297 - Temporarily assert that we don't re-enter this function. r=bzbarsky + + MozReview-Commit-ID: FoQGVDWtwN1 + + --HG-- + extra : rebase_source : c22cc3a022dc01923696940fc0b0aae708232db0 +--- + dom/base/nsDocument.cpp | 8 ++------ + dom/base/nsIDocument.h | 2 -- + 2 files changed, 2 insertions(+), 8 deletions(-) + +diff --git dom/base/nsDocument.cpp dom/base/nsDocument.cpp +index 1b98f94341c2..ad08c02d51dc 100644 +--- dom/base/nsDocument.cpp ++++ dom/base/nsDocument.cpp +@@ -1496,9 +1496,7 @@ nsIDocument::nsIDocument() + mType(eUnknown), + mDefaultElementType(0), + mAllowXULXBL(eTriUnset), +-#ifdef DEBUG + mIsLinkUpdateRegistrationsForbidden(false), +-#endif + mBidiOptions(IBMBIDI_DEFAULT_BIDI_OPTIONS), + mSandboxFlags(0), + mPartID(0), +@@ -10117,7 +10115,7 @@ nsIDocument::EnumerateActivityObservers(ActivityObserverEnumerator aEnumerator, + void + nsIDocument::RegisterPendingLinkUpdate(Link* aLink) + { +- MOZ_ASSERT(!mIsLinkUpdateRegistrationsForbidden); ++ MOZ_RELEASE_ASSERT(!mIsLinkUpdateRegistrationsForbidden); + + if (aLink->HasPendingLinkUpdate()) { + return; +@@ -10156,14 +10154,12 @@ nsIDocument::FlushPendingLinkUpdatesFromRunnable() + void + nsIDocument::FlushPendingLinkUpdates() + { +- MOZ_ASSERT(!mIsLinkUpdateRegistrationsForbidden); ++ MOZ_RELEASE_ASSERT(!mIsLinkUpdateRegistrationsForbidden); + if (!mHasLinksToUpdate) + return; + +-#ifdef DEBUG + AutoRestore<bool> saved(mIsLinkUpdateRegistrationsForbidden); + mIsLinkUpdateRegistrationsForbidden = true; +-#endif + for (auto iter = mLinksToUpdate.Iter(); !iter.Done(); iter.Next()) { + Link* link = iter.Get(); + Element* element = link->GetElement(); +diff --git dom/base/nsIDocument.h dom/base/nsIDocument.h +index f0a3a32ede08..59deb3289f56 100644 +--- dom/base/nsIDocument.h ++++ dom/base/nsIDocument.h +@@ -3621,13 +3621,11 @@ protected: + + Tri mAllowXULXBL; + +-#ifdef DEBUG + /** + * This is true while FlushPendingLinkUpdates executes. Calls to + * [Un]RegisterPendingLinkUpdate will assert when this is true. + */ + bool mIsLinkUpdateRegistrationsForbidden; +-#endif + + // The document's script global object, the object from which the + // document can get its script context and scope. This is the +commit 75a57d01385d +Author: Blake Kaplan <mrbkap@gmail.com> +Date: Thu Mar 1 11:26:54 2018 -0800 + + Bug 1404297 - Change the way we iterate over our links to update. r=smaug, a=RyanVM + + MozReview-Commit-ID: BTADrB9itjh + + --HG-- + extra : source : 3ce55799da20fcf99ceb7a209db65b2830f38630 + extra : histedit_source : 413764b6db689b36ed74b176c382cd3600f05a77 +--- + dom/base/nsDocument.cpp | 36 +++++++++++++++++------------------- + dom/base/nsIDocument.h | 23 ++++++++++------------- + 2 files changed, 27 insertions(+), 32 deletions(-) + +diff --git dom/base/nsDocument.cpp dom/base/nsDocument.cpp +index 3045f0f20ef2..336670b96c76 100644 +--- dom/base/nsDocument.cpp ++++ dom/base/nsDocument.cpp +@@ -1450,8 +1450,8 @@ nsIDocument::nsIDocument() + mHasHadScriptHandlingObject(false), + mIsBeingUsedAsImage(false), + mIsSyntheticDocument(false), +- mHasLinksToUpdate(false), + mHasLinksToUpdateRunnable(false), ++ mFlushingPendingLinkUpdates(false), + mMayHaveDOMMutationObservers(false), + mMayHaveAnimationObservers(false), + mHasMixedActiveContentLoaded(false), +@@ -1496,7 +1496,6 @@ nsIDocument::nsIDocument() + mType(eUnknown), + mDefaultElementType(0), + mAllowXULXBL(eTriUnset), +- mIsLinkUpdateRegistrationsForbidden(false), + mBidiOptions(IBMBIDI_DEFAULT_BIDI_OPTIONS), + mSandboxFlags(0), + mPartID(0), +@@ -10017,15 +10016,13 @@ nsIDocument::EnumerateActivityObservers(ActivityObserverEnumerator aEnumerator, + void + nsIDocument::RegisterPendingLinkUpdate(Link* aLink) + { +- MOZ_RELEASE_ASSERT(!mIsLinkUpdateRegistrationsForbidden); +- + if (aLink->HasPendingLinkUpdate()) { + return; + } + + aLink->SetHasPendingLinkUpdate(); + +- if (!mHasLinksToUpdateRunnable) { ++ if (!mHasLinksToUpdateRunnable && !mFlushingPendingLinkUpdates) { + nsCOMPtr<nsIRunnable> event = + NewRunnableMethod("nsIDocument::FlushPendingLinkUpdatesFromRunnable", + this, +@@ -10042,7 +10039,6 @@ nsIDocument::RegisterPendingLinkUpdate(Link* aLink) + } + + mLinksToUpdate.InfallibleAppend(aLink); +- mHasLinksToUpdate = true; + } + + void +@@ -10056,24 +10052,26 @@ nsIDocument::FlushPendingLinkUpdatesFromRunnable() + void + nsIDocument::FlushPendingLinkUpdates() + { +- MOZ_RELEASE_ASSERT(!mIsLinkUpdateRegistrationsForbidden); +- if (!mHasLinksToUpdate) ++ if (mFlushingPendingLinkUpdates) { + return; ++ } + +- AutoRestore<bool> saved(mIsLinkUpdateRegistrationsForbidden); +- mIsLinkUpdateRegistrationsForbidden = true; +- for (auto iter = mLinksToUpdate.Iter(); !iter.Done(); iter.Next()) { +- Link* link = iter.Get(); +- Element* element = link->GetElement(); +- if (element->OwnerDoc() == this) { +- link->ClearHasPendingLinkUpdate(); +- if (element->IsInComposedDoc()) { +- element->UpdateLinkState(link->LinkState()); ++ auto restore = MakeScopeExit([&] { mFlushingPendingLinkUpdates = false; }); ++ mFlushingPendingLinkUpdates = true; ++ ++ while (!mLinksToUpdate.IsEmpty()) { ++ LinksToUpdateList links(Move(mLinksToUpdate)); ++ for (auto iter = links.Iter(); !iter.Done(); iter.Next()) { ++ Link* link = iter.Get(); ++ Element* element = link->GetElement(); ++ if (element->OwnerDoc() == this) { ++ link->ClearHasPendingLinkUpdate(); ++ if (element->IsInComposedDoc()) { ++ element->UpdateLinkState(link->LinkState()); ++ } + } + } + } +- mLinksToUpdate.Clear(); +- mHasLinksToUpdate = false; + } + + already_AddRefed<nsIDocument> +diff --git dom/base/nsIDocument.h dom/base/nsIDocument.h +index 42e7a07ebf2a..e1c2ea24339d 100644 +--- dom/base/nsIDocument.h ++++ dom/base/nsIDocument.h +@@ -3353,10 +3353,13 @@ protected: + // The array of all links that need their status resolved. Links must add themselves + // to this set by calling RegisterPendingLinkUpdate when added to a document. + static const size_t kSegmentSize = 128; +- mozilla::SegmentedVector<nsCOMPtr<mozilla::dom::Link>, +- kSegmentSize, +- InfallibleAllocPolicy> +- mLinksToUpdate; ++ ++ typedef mozilla::SegmentedVector<nsCOMPtr<mozilla::dom::Link>, ++ kSegmentSize, ++ InfallibleAllocPolicy> ++ LinksToUpdateList; ++ ++ LinksToUpdateList mLinksToUpdate; + + // SMIL Animation Controller, lazily-initialized in GetAnimationController + RefPtr<nsSMILAnimationController> mAnimationController; +@@ -3448,12 +3451,12 @@ protected: + // file, etc. + bool mIsSyntheticDocument : 1; + +- // True if this document has links whose state needs updating +- bool mHasLinksToUpdate : 1; +- + // True is there is a pending runnable which will call FlushPendingLinkUpdates(). + bool mHasLinksToUpdateRunnable : 1; + ++ // True if we're flushing pending link updates. ++ bool mFlushingPendingLinkUpdates : 1; ++ + // True if a DOMMutationObserver is perhaps attached to a node in the document. + bool mMayHaveDOMMutationObservers : 1; + +@@ -3605,12 +3608,6 @@ protected: + + Tri mAllowXULXBL; + +- /** +- * This is true while FlushPendingLinkUpdates executes. Calls to +- * [Un]RegisterPendingLinkUpdate will assert when this is true. +- */ +- bool mIsLinkUpdateRegistrationsForbidden; +- + // The document's script global object, the object from which the + // document can get its script context and scope. This is the + // *inner* window object. +commit c22a2a29bde1 +Author: Blake Kaplan <mrbkap@gmail.com> +Date: Thu Mar 1 11:26:54 2018 -0800 + + Bug 1404297 - Add a move constructor to SegmentedVector. r=smaug, a=RyanVM + + Given that we have a SegmentedVector of nsCOMPtrs, it's probably worth + avoiding copying it. + + MozReview-Commit-ID: GHyfVLrdnlQ + + --HG-- + extra : source : 1d53ede1a1d3c1afd847fb50f31aa9ab3e48cc21 + extra : histedit_source : 4f77aeff6b56fffc31af54a5d032588cc4f8c8c0 +--- + mfbt/SegmentedVector.h | 5 +++++ + 1 file changed, 5 insertions(+) + +diff --git mfbt/SegmentedVector.h mfbt/SegmentedVector.h +index d1aa9c886c72..923a467f5d68 100644 +--- mfbt/SegmentedVector.h ++++ mfbt/SegmentedVector.h +@@ -139,6 +139,11 @@ public: + aIdealSegmentSize - sizeof(Segment) < sizeof(T)); + } + ++ SegmentedVector(SegmentedVector&& aOther) ++ : mSegments(mozilla::Move(aOther.mSegments)) ++ { ++ } ++ + ~SegmentedVector() { Clear(); } + + bool IsEmpty() const { return !mSegments.getFirst(); } Added: head/www/waterfox/files/patch-bug1425520 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1425520 Sat Mar 3 00:52:38 2018 (r463455) @@ -0,0 +1,27 @@ +commit c4088252ee68 +Author: Henri Sivonen <hsivonen@hsivonen.fi> +Date: Wed Feb 28 13:53:29 2018 +0200 + + Bug 1425520. r=smaug. a=abillings + + MozReview-Commit-ID: IoZeR5BGjmQ + + --HG-- + extra : source : e20052aa341d6da4505eb84be6e061bb7f37de51 +--- + dom/base/nsDocumentEncoder.cpp | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git dom/base/nsDocumentEncoder.cpp dom/base/nsDocumentEncoder.cpp +index d591f61c6244..9c0eaaa63bc4 100644 +--- dom/base/nsDocumentEncoder.cpp ++++ dom/base/nsDocumentEncoder.cpp +@@ -517,7 +517,7 @@ nsDocumentEncoder::SerializeToStringRecursive(nsINode* aNode, + } + + if (!aDontSerializeRoot) { +- rv = SerializeNodeEnd(node, aStr); ++ rv = SerializeNodeEnd(maybeFixedNode, aStr); + NS_ENSURE_SUCCESS(rv, rv); + } + Added: head/www/waterfox/files/patch-bug1437450 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1437450 Sat Mar 3 00:52:38 2018 (r463455) @@ -0,0 +1,30 @@ +commit 0f7fe8623060 +Author: Jan de Mooij <jdemooij@mozilla.com> +Date: Thu Mar 1 15:36:13 2018 +0100 + + Bug 1437450 - Disable Ion no-clone optimization for regexps if the graph contains try blocks. r=nbp, a=RyanVM + + --HG-- + extra : source : 61b461277369e0cec89c79d8526a82c575818e94 + extra : histedit_source : 6bc47921de07340f563a8d7d81b260579483c753 +--- + js/src/jit/IonAnalysis.cpp | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git js/src/jit/IonAnalysis.cpp js/src/jit/IonAnalysis.cpp +index ff8de4dc9a83..3bb7f5fa0754 100644 +--- js/src/jit/IonAnalysis.cpp ++++ js/src/jit/IonAnalysis.cpp +@@ -2231,6 +2231,12 @@ IsRegExpHoistable(MIRGenerator* mir, MDefinition* regexp, MDefinitionVector& wor + bool + jit::MakeMRegExpHoistable(MIRGenerator* mir, MIRGraph& graph) + { ++ // If we are compiling try blocks, regular expressions may be observable ++ // from catch blocks (which Ion does not compile). For now just disable the ++ // pass in this case. ++ if (graph.hasTryBlock()) ++ return true; ++ + MDefinitionVector worklist(graph.alloc()); + + for (ReversePostorderIterator block(graph.rpoBegin()); block != graph.rpoEnd(); block++) { Added: head/www/waterfox/files/patch-bug1440775 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1440775 Sat Mar 3 00:52:38 2018 (r463455) @@ -0,0 +1,48 @@ +commit ee49d895ca4d +Author: Ben Kelly <ben@wanderview.com> +Date: Thu Mar 1 07:37:31 2018 -0800 + + Bug 1440775 - Make fetch API force-cache and only-if-cached use VALIDATE_NEVER instead of LOAD_FROM_CACHE. r=mayhemer, a=lizzard + + --HG-- + extra : source : 60fb09de57ec145923da102f856399d3323f632b + extra : amend_source : 8313874cbe86a98931cec9300705c413925ab86e + extra : histedit_source : 460a462c383183c353eb1bebff0f349261908d6a +--- + netwerk/protocol/http/HttpBaseChannel.cpp | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git netwerk/protocol/http/HttpBaseChannel.cpp netwerk/protocol/http/HttpBaseChannel.cpp +index 8c984e6531e0..8b56edd01bde 100644 +--- netwerk/protocol/http/HttpBaseChannel.cpp ++++ netwerk/protocol/http/HttpBaseChannel.cpp +@@ -2825,9 +2825,9 @@ HttpBaseChannel::GetFetchCacheMode(uint32_t* aFetchCacheMode) + *aFetchCacheMode = nsIHttpChannelInternal::FETCH_CACHE_MODE_RELOAD; + } else if (mLoadFlags & VALIDATE_ALWAYS) { + *aFetchCacheMode = nsIHttpChannelInternal::FETCH_CACHE_MODE_NO_CACHE; +- } else if (mLoadFlags & (LOAD_FROM_CACHE | nsICachingChannel::LOAD_ONLY_FROM_CACHE)) { ++ } else if (mLoadFlags & (VALIDATE_NEVER | nsICachingChannel::LOAD_ONLY_FROM_CACHE)) { + *aFetchCacheMode = nsIHttpChannelInternal::FETCH_CACHE_MODE_ONLY_IF_CACHED; +- } else if (mLoadFlags & LOAD_FROM_CACHE) { ++ } else if (mLoadFlags & VALIDATE_NEVER) { + *aFetchCacheMode = nsIHttpChannelInternal::FETCH_CACHE_MODE_FORCE_CACHE; + } else { + *aFetchCacheMode = nsIHttpChannelInternal::FETCH_CACHE_MODE_DEFAULT; +@@ -2863,7 +2863,7 @@ HttpBaseChannel::SetFetchCacheMode(uint32_t aFetchCacheMode) + break; + case nsIHttpChannelInternal::FETCH_CACHE_MODE_FORCE_CACHE: + // force-cache means don't validate unless if the response would vary. +- mLoadFlags |= LOAD_FROM_CACHE; ++ mLoadFlags |= VALIDATE_NEVER; + break; + case nsIHttpChannelInternal::FETCH_CACHE_MODE_ONLY_IF_CACHED: + // only-if-cached means only from cache, no network, no validation, generate +@@ -2872,7 +2872,7 @@ HttpBaseChannel::SetFetchCacheMode(uint32_t aFetchCacheMode) + // the user has things in their cache without any network traffic side + // effects) are addressed in the Request constructor which enforces/requires + // same-origin request mode. +- mLoadFlags |= LOAD_FROM_CACHE | nsICachingChannel::LOAD_ONLY_FROM_CACHE; ++ mLoadFlags |= VALIDATE_NEVER | nsICachingChannel::LOAD_ONLY_FROM_CACHE; + break; + } + Added: head/www/waterfox/files/patch-bug1441006 ============================================================================== --- /dev/null 00:00:00 1970 (empty, because file is newly added) +++ head/www/waterfox/files/patch-bug1441006 Sat Mar 3 00:52:38 2018 (r463455) @@ -0,0 +1,109 @@ +commit 2b7e4dc17f0e +Author: Jan de Mooij <jdemooij@mozilla.com> +Date: Thu Mar 1 15:37:29 2018 +0100 + + Bug 1441006 - Use unsigned type for SlotsEdge start/count. r=jonco, a=RyanVM + + --HG-- + extra : source : 1f4e74a5ace81acdcf8a973e841c62099f238251 + extra : histedit_source : 85b5a92599c8452a61da9c921546e73660c402a9 +--- + js/src/gc/Marking.cpp | 19 +++++++++++-------- + js/src/gc/StoreBuffer.h | 20 +++++++++++--------- + js/src/jit/VMFunctions.cpp | 5 ++++- + 3 files changed, 26 insertions(+), 18 deletions(-) + +diff --git js/src/gc/Marking.cpp js/src/gc/Marking.cpp +index 1998b2a397c4..5089b1e6dde5 100644 +--- js/src/gc/Marking.cpp ++++ js/src/gc/Marking.cpp +@@ -2762,18 +2762,21 @@ js::gc::StoreBuffer::SlotsEdge::trace(TenuringTracer& mover) const + return; + + if (kind() == ElementKind) { +- int32_t initLen = obj->getDenseInitializedLength(); +- int32_t numShifted = obj->getElementsHeader()->numShiftedElements(); +- int32_t clampedStart = Min(Max(0, start_ - numShifted), initLen); +- int32_t clampedEnd = Min(Max(0, start_ + count_ - numShifted), initLen); +- MOZ_ASSERT(clampedStart >= 0); ++ uint32_t initLen = obj->getDenseInitializedLength(); ++ uint32_t numShifted = obj->getElementsHeader()->numShiftedElements(); ++ uint32_t clampedStart = start_; ++ clampedStart = numShifted < clampedStart ? clampedStart - numShifted : 0; ++ clampedStart = Min(clampedStart, initLen); ++ uint32_t clampedEnd = start_ + count_; ++ clampedEnd = numShifted < clampedEnd ? clampedEnd - numShifted : 0; ++ clampedEnd = Min(clampedEnd, initLen); + MOZ_ASSERT(clampedStart <= clampedEnd); + mover.traceSlots(static_cast<HeapSlot*>(obj->getDenseElements() + clampedStart) + ->unsafeUnbarrieredForTracing(), clampedEnd - clampedStart); + } else { +- int32_t start = Min(uint32_t(start_), obj->slotSpan()); +- int32_t end = Min(uint32_t(start_) + count_, obj->slotSpan()); +- MOZ_ASSERT(end >= start); ++ uint32_t start = Min(start_, obj->slotSpan()); ++ uint32_t end = Min(start_ + count_, obj->slotSpan()); ++ MOZ_ASSERT(start <= end); + mover.traceObjectSlots(obj, start, end - start); + } + } +diff --git js/src/gc/StoreBuffer.h js/src/gc/StoreBuffer.h +index cf54928a6315..f848836533ca 100644 +--- js/src/gc/StoreBuffer.h ++++ js/src/gc/StoreBuffer.h +@@ -277,17 +277,17 @@ class StoreBuffer + const static int ElementKind = 1; + + uintptr_t objectAndKind_; // NativeObject* | Kind +- int32_t start_; +- int32_t count_; ++ uint32_t start_; ++ uint32_t count_; + + SlotsEdge() : objectAndKind_(0), start_(0), count_(0) {} +- SlotsEdge(NativeObject* object, int kind, int32_t start, int32_t count) ++ SlotsEdge(NativeObject* object, int kind, uint32_t start, uint32_t count) + : objectAndKind_(uintptr_t(object) | kind), start_(start), count_(count) + { + MOZ_ASSERT((uintptr_t(object) & 1) == 0); + MOZ_ASSERT(kind <= 1); +- MOZ_ASSERT(start >= 0); + MOZ_ASSERT(count > 0); ++ MOZ_ASSERT(start + count > start); + } + + NativeObject* object() const { return reinterpret_cast<NativeObject*>(objectAndKind_ & ~1); } +@@ -314,10 +314,12 @@ class StoreBuffer + // is particularly useful for coalescing a series of increasing or + // decreasing single index writes 0, 1, 2, ..., N into a SlotsEdge + // range of elements [0, N]. +- auto end = start_ + count_ + 1; +- auto start = start_ - 1; ++ uint32_t end = start_ + count_ + 1; ++ uint32_t start = start_ > 0 ? start_ - 1 : 0; ++ MOZ_ASSERT(start < end); + +- auto otherEnd = other.start_ + other.count_; ++ uint32_t otherEnd = other.start_ + other.count_; ++ MOZ_ASSERT(other.start_ <= otherEnd); + return (start <= other.start_ && other.start_ <= end) || + (start <= otherEnd && otherEnd <= end); + } +@@ -327,7 +329,7 @@ class StoreBuffer + // overlap. + void merge(const SlotsEdge& other) { + MOZ_ASSERT(overlaps(other)); +- auto end = Max(start_ + count_, other.start_ + other.count_); ++ uint32_t end = Max(start_ + count_, other.start_ + other.count_); + start_ = Min(start_, other.start_); + count_ = end - start_; + } +@@ -415,7 +417,7 @@ class StoreBuffer + void unputValue(JS::Value* vp) { unput(bufferVal, ValueEdge(vp)); } + void putCell(Cell** cellp) { put(bufferCell, CellPtrEdge(cellp)); } + void unputCell(Cell** cellp) { unput(bufferCell, CellPtrEdge(cellp)); } +- void putSlot(NativeObject* obj, int kind, int32_t start, int32_t count) { ++ void putSlot(NativeObject* obj, int kind, uint32_t start, uint32_t count) { + SlotsEdge edge(obj, kind, start, count); + if (bufferSlot.last_.overlaps(edge)) + bufferSlot.last_.merge(edge);
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201803030052.w230qc3x039695>