There's an intermittent that is showing up now that test_register_sign.html
checks state.attestationCert.verify(); to ensure hte SoftToken's certificate
is valid. This patch prints the offending certificate when it's encountered,
to help diagnose the root cause.

MozReview-Commit-ID: 4QSobq9fBGK

Now that we have a Docker image with newer library versions on it, we
can move our builds over.  The new images differ from the old
CentOS-based images in two important ways, though:

1) The system compilers in the new image are new enough to be used as
   host compilers; additionally, our CentOS-built GCC compilers will not
   work.  We need to change the Android mozconfigs to reflect that.  We
   also need to change the Android tasks to not depend on the GCC
   toolchain builds.

2) In a similar fashion, we can use the system JDK; we no longer need to
   use the JDK from the Android NDK, which we had packaged up via the
   Android dependencies task.

Both of these changes come with caveats: our l10n repack jobs continue
to run on the CentOS-based images; l10n repacks have not been completely
converted to Taskcluster.  So we need to:

1) Retain the use of our custom GCC toolchain for HOST_CC/HOST_CXX on
   the CentOS-based images.

2) Retain the JDK packages in the tooltool manifests, and referencing
   them when we build on the CentOS-based images.

This seems like the obvious thing to want to happen.

CentOS 6 is pinned to glibc 2.12, but newer Android build-tools (like
aapt) require glibc 2.14.  It's not possible to safely upgrade CentOS
6 distributions to glibc 2.14.

CentOS 7 is pinned to glibc 2.17, which is new enough for newer
Android build-tools. However, I had great difficulty bringing forward
our existing centos:6 Docker image to centos:7.  In particular,
installing recent enough Mercurial, git, Python, and pip versions was
difficult enough that I elected to not pursue this approach.

Instead, I've elected to follow glandium's suggestion from
https://bugzilla.mozilla.org/show_bug.cgi?id=1370119#c5: base on
Debian with snapshots.debian.org for reproducibility.

The most significant changes here:

- using Debian's snapshots repository
- using Python and related tools provided by Debian and baked into the
  build image
- using the JDK and JRE provided by Debian and baked into the build
  image, rather than versions from tooltool (or eventually a toolchain
  build)

Moving the builds over to use this image will follow in the patches
ahead.

Bug 1399605 - [intersection-observer] Check if target is actually being observed when unobserving. r=mrbkap

--HG--
extra : rebase_source : d3c8c012dba2941b230cdfbf332ab3c77b7a26ef

--HG--
extra : rebase_source : b3b6ab2109f6af9e474ea164f0c520f02233dd45

UPGRADE_NSPR_RELEASE
DONTBUILD

Bug 1398766 - Disable toolkit/mozapps/extensions/test/browser/browser_gmpProvider.js on linux debug for frequent failures. r=me, a=test-only

Bug 13707836 - Disable netwerk/test/browser/browser_child_resource.js on debug for frequent failures. r=me, a=test-only

MozReview-Commit-ID: LutFJRayTOX

--HG--
extra : rebase_source : 17c71e4384d5f4106660214f04bf0e67df0ed719

This should be an easy solution. We can't stop the sign() or register()
runloop from calling the callback, so we need the callback to simply return
early when the U2FHIDTokenManager shuts down.

Bug #: 1400940

Differential Revision: https://phabricator.services.mozilla.com/D67

Bug 1400442 - Trim down whitelists to only what is required, and mark all known issues with bug numbers, r=jonco

I also snuck in some last-minute assertions and minor fixes into this patch:

- don't stop reporting for a callee if we've seen it already (or rather, make the reachable set local to a root rather than global to all roots). This slows down runs with hundreds of hazards, but results in every problematic root being reported, for a more accurate count.

- annotate away some thread assertions

- special-case annotation for bug 1400435 since it's a whole family of hazards

--HG--
extra : rebase_source : ac7335d45e3e0772d34cb42cc6a3f628564fd3d1

--HG--
extra : rebase_source : 0029b7764332896fd882d68e429800662d9178b2

Bug 1400442 - Assert that Gecko_ShouldCreateStyleThreadPool is only called on the main thread, r=emilio

--HG--
extra : rebase_source : 4b6354e0db13489693d7df6d3ea56c4f38c9a193

--HG--
extra : rebase_source : d22cdb4f63009949b538541c82d41db6fc57c7aa

--HG--
extra : rebase_source : 9b828ee29363fcff1f5be587958b822a29f3d5be

Bug 1400442 - Annotate nsTArray::InsertElementAt as returning a value that propagates safety of the array, r=jonco

--HG--
extra : rebase_source : f69a5bf2e2d01f55453d6df0d077b3f9a0bfa7d4

nsStyleStruct has the field:

  nsBorderColors** mBorderColors;

It starts out nullptr, and when it is needed, it allocates an array of 4 nsBorderColors pointers. But the nsStyleStruct exclusively owns the array; nothing else can get at it. This change teaches the analysis that if 'this' is a safe nsStyleStruct*, then it should treat mBorderColors as if it were an inline length-4 array.

--HG--
extra : rebase_source : e9d4a550a728e403b3bb30e7dd61341c2680962d

--HG--
extra : rebase_source : eac8e39bab5a3979c1e18a5494c899af777a1958

Bug 1400442 - analyzeHeapWrites: getter_Copies preserves safety (similar to getter_AddRefs), r=bhackett

--HG--
extra : rebase_source : 4ae6297aa5725532bec513055dd451b8cbcf7bde

Bug 1400442 - analyzeHeapWrites: implement a cache for checking whether local variables are safe pointers, r=jonco

--HG--
extra : rebase_source : fce58842604238e6102f43057301fff27ee58d6f

Bug 1400442 - Refactor the --function debugging command line option (and alias it to -f) to analyzeHeapWrites.js, r=me

--HG--
extra : rebase_source : b8f81284ffe70712f2a245c495158c3584650ce4

This is for nicer output only, and does not affect the computation. A WorkListEntry contains a stack of CallSites, and the top of the stack represents the entry itself and so should share parameterNames. This changes fixes cases where some names were being registered in a different table than ended up being used by printouts.

--HG--
extra : rebase_source : e52bbc9ab3e4596d748ca2d729772a61cde1430a

--HG--
extra : rebase_source : c55d9900278cf6a31a16567e5ff658306c08e87c

--HG--
extra : rebase_source : 0ea91eb0373a1b0c848ce7e97f43a2006c190f29

Bug 1400442 - Targeted annotation for static local array of member pointers in LangGroupFontPrefs::Initialize, r=bhackett

The code is

    void
    LangGroupFontPrefs::Initialize(nsIAtom* aLangGroupAtom)
    {
        nsFont* fontTypes[] = {
            &mDefaultVariableFont,
            &mDefaultFixedFont,
            &mDefaultSerifFont,
            &mDefaultSansSerifFont,
            &mDefaultMonospaceFont,
            &mDefaultCursiveFont,
            &mDefaultFantasyFont
        };

        nsFont* font = fontTypes[3];
        font->size = 42;
    }

'this' is known to be a safe pointer (exclusively owned by the current thread), so a pointer to one of its members is also safe. But the analysis can't track safety across all that, so I have a special-case annotation here that says that fontTypes[3] returns a safe pointer if and only if 'this' is safe.

Note that all of those fields (eg mDefaultVariableFont) are nsFont structs, not pointers, so although you'd expect this to be one dereference away from a safe pointer's memory, it is not; assigning to font->size ends up being a write to some offset within the 'this' pointer, which is known to be safe here.

--HG--
extra : rebase_source : 60bf982911b8a66bc612cb5c7eeb04ec766ecf70

--HG--
extra : rebase_source : 206bba89c68e8dc37c135fed03490282eff61d76

--HG--
extra : rebase_source : 187dda47209195746d88a00733d9b806da2c4f14

--HG--
extra : rebase_source : ca41fae3c6f0507ed0be567ca5cd641e59475c8b

--HG--
extra : rebase_source : 950699da0c0d8c894542c71881cce3359a8c6697

--HG--
extra : rebase_source : 1cf32c7b383b2f2e8bbe44f8d09cb027b086ebbf

--HG--
extra : rebase_source : de700225cbfcfc4a3fad56327d9007eabff02859

Bug 1400466 - Cache the information loaded from src_comp.xdb into a structured clone buffer, r=jonco

Note that this requires some enhancements to the JS engine to support reading and writing structured clone data from/to files.

--HG--
extra : rebase_source : 444a2d407bd231efbba4b6b648eeb151f02177db