Differential Revision: https://phabricator.services.mozilla.com/D174766

Differential Revision: https://phabricator.services.mozilla.com/D173440

Bug 1824301: Update time zone data to tzdata2023a (ESR102 backport). r=#platform-i18n-reviewers!, a=dsmith

Differential Revision: https://phabricator.services.mozilla.com/D173658

Original Revision: https://phabricator.services.mozilla.com/D173171

Differential Revision: https://phabricator.services.mozilla.com/D173995

Differential Revision: https://phabricator.services.mozilla.com/D173136

The latter relies on being able to access the former.

Differential Revision: https://phabricator.services.mozilla.com/D171723

Differential Revision: https://phabricator.services.mozilla.com/D170909

Differential Revision: https://phabricator.services.mozilla.com/D169274

Bug 1804493 - Remove the PDIR mechanism formerly used for Windows compatibility. r=jmaher, a=release

Bug 1811939 - Check whether module load request was already cancelled when a load fails r=smaug a=pascalc

Differential Revision: https://phabricator.services.mozilla.com/D167927

Differential Revision: https://phabricator.services.mozilla.com/D167105

Differential Revision: https://phabricator.services.mozilla.com/D159517

Differential Revision: https://phabricator.services.mozilla.com/D163570

Bug 1774111 - Check for already-completed request in ModuleLoaderBase::FinishDynamicImport r=yulia, a=RyanVM

I've looked at this for a while and still don't know how this can happen but it
does seem reasonable to add a check here that we haven't already completed the
request.

Depends on D162386

Differential Revision: https://phabricator.services.mozilla.com/D162387

We're getting a bunch of crashes related to initializing AutoJSAPI from a
JSObject pointer that turns out to be null. That overload of Init() gets the
native global from the JSObject and since we already have a native global in
the module loader we can use the overload that takes that instead. This
overload does a null check so we will catch the case where the global is null
(although that should also not happen).

This might just move crashes elsewhere but it's a reasonable tidyup.

Differential Revision: https://phabricator.services.mozilla.com/D162386

Differential Revision: https://phabricator.services.mozilla.com/D161087

Bug 1798623: Update time zone data to tzdata2022f (ESR102 backport). r=#platform-i18n-reviewers, a=dmeehan


Backport for ESR102.

Differential Revision: https://phabricator.services.mozilla.com/D161009

Bug 1798623: Update time zone data to tzdata2022f (ESR102 backport). r=#platform-i18n-reviewers, a=dmeehan


Backport for ESR102.

Differential Revision: https://phabricator.services.mozilla.com/D161009

Bug 1796901 - Clear realm incremental marking state at the start of GC rather than at the end r=jandem, a=dmeehan

GC can be aborted in several states and zones GCRuntime::finishCollection
doesn't always get called. It's easier to clear this state in a signle place at
the start.

Differential Revision: https://phabricator.services.mozilla.com/D160056

When marking a BaseShape we mark its global, and we read the pointer to that
global from the realm. If a realm doesn't have a live global we can sweep the
realm but there may still be pointers to it in base shapes and these are left
dangling.

This happens when we hit OOM while creating a global during an incremental GC.
The BaseShape survives because it was allocated after the start of the GC. The
global itself is never successfully created and so the realm doesn't have a
live global and is swept. In this case, we trigger UAF when we try to compact
the heap and trace the base shape.

The patch adds an extra case for keeping a realm alive if it was created during
an incremental GC. This matches the way that GC things are not collected if
they are allocated after the start of a GC.

Differential Revision: https://phabricator.services.mozilla.com/D158022

Differential Revision: https://phabricator.services.mozilla.com/D157735

It's pretty confusing that this name is sometimes used for local variables and
sometimes refers to the current mark color.

Depends on D157733

Differential Revision: https://phabricator.services.mozilla.com/D157734

Delayed marking may push more (normal, non-delayed) marking work. We need to do
this before switch mark color from black to gray since we cannot add gray
marking work while there is black marking work on the stack.

Differential Revision: https://phabricator.services.mozilla.com/D157733

Differential Revision: https://phabricator.services.mozilla.com/D157612

Differential Revision: https://phabricator.services.mozilla.com/D156605

Differential Revision: https://phabricator.services.mozilla.com/D152305

Differential Revision: https://phabricator.services.mozilla.com/D152304

Differential Revision: https://phabricator.services.mozilla.com/D155068

Differential Revision: https://phabricator.services.mozilla.com/D152822

We can't exit early if src.IsEmpty() if the stack is non-empty.

Differential Revision: https://phabricator.services.mozilla.com/D152899

The paradigm for DEBUG is that it is defined or not defined, not 1 or 0,
so we have to use ifdef here. Otherwise we get a build error in embedded
SpiderMonkey when DEBUG is not defined.

Differential Revision: https://phabricator.services.mozilla.com/D152556

When installing embedded SpiderMonkey, we need to install the generated
header ProfilingCategoryList.h into /usr/include/mozjs-___/js/ because
that's where the rest of the SpiderMonkey code expects to find it.
It's not automatically installed already, because it's generated.

Thanks to Arai for the suggestion of where to look.

Differential Revision: https://phabricator.services.mozilla.com/D152549

Bug 1774249 - Fallibly generate unique ID for new prototypes in JSObject::setProtoUnchecked r=jandem a=pascalc

Generate unique IDs for objects that are used as prototypes ahead of time, so
we can do it fallibly.

Differential Revision: https://phabricator.services.mozilla.com/D149356

Differential Revision: https://phabricator.services.mozilla.com/D150097

Differential Revision: https://phabricator.services.mozilla.com/D147305

Differential Revision: https://phabricator.services.mozilla.com/D147281

The implementation was incomplete. It is possible to have the same
control data field in the SimdShuffle. The ValueNumberer algorithm
wrongfully merging non-congruent values.

Compare all SimdShuffle fields, including opd, permuteOp, and shuffleOp.

Differential Revision: https://phabricator.services.mozilla.com/D148569

Bug 1770167 - Self-test switch from CLI to evaluate options, to follow the test suite. r=arai, a=test-only

The CLI options seems good while testing manually, or while fuzzing, but seems
to cause issues in CI which are hard to reproduce. None of our test cases are
using the CLI options as of today, and instead they all rely on the evaluate
function provided with a delazification mode.

This patch changes the usage to fit what our test suite is actually using for
testing instead of testing CLI options.

Differential Revision: https://phabricator.services.mozilla.com/D147869