Import Cobalt 2.10060 2016-08-29
diff --git a/src/third_party/WebKit/codereview.settings b/src/third_party/WebKit/codereview.settings
deleted file mode 100644
index a4b341a..0000000
--- a/src/third_party/WebKit/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
diff --git a/src/third_party/angle/codereview.settings b/src/third_party/angle/codereview.settings
deleted file mode 100644
index 1295fd9..0000000
--- a/src/third_party/angle/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
diff --git a/src/third_party/dlmalloc/codereview.settings b/src/third_party/dlmalloc/codereview.settings
deleted file mode 100644
index a4b341a..0000000
--- a/src/third_party/dlmalloc/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
diff --git a/src/third_party/freetype2/codereview.settings b/src/third_party/freetype2/codereview.settings
deleted file mode 100644
index a4b341a..0000000
--- a/src/third_party/freetype2/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
diff --git a/src/third_party/icu/codereview.settings b/src/third_party/icu/codereview.settings
deleted file mode 100644
index a4b341a..0000000
--- a/src/third_party/icu/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
diff --git a/src/third_party/libvpx/codereview.settings b/src/third_party/libvpx/codereview.settings
deleted file mode 100644
index d7c8d39..0000000
--- a/src/third_party/libvpx/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: chromium-review.googlesource.com
-GERRIT_PORT: 29418
-CODE_REVIEW_SERVER: chromium-review.googlesource.com
diff --git a/src/third_party/mozjs/codereview.settings b/src/third_party/mozjs/codereview.settings
deleted file mode 100644
index a4b341a..0000000
--- a/src/third_party/mozjs/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
diff --git a/src/third_party/mozjs/js/src/assembler/wtf/Platform.h b/src/third_party/mozjs/js/src/assembler/wtf/Platform.h
index 2e440e3..05b1155 100644
--- a/src/third_party/mozjs/js/src/assembler/wtf/Platform.h
+++ b/src/third_party/mozjs/js/src/assembler/wtf/Platform.h
@@ -1033,14 +1033,6 @@
#define ENABLE_REPAINT_THROTTLING 0
#endif
-#if defined(WTF_OS_STARBOARD)
-#if SB_CAN(MAP_EXECUTABLE_MEMORY)
-#define ENABLE_JIT 1
-#else
-#define ENABLE_JIT 0
-#endif
-#endif
-
/* Disable the JIT on versions of GCC prior to 4.1 */
#if !defined(ENABLE_JIT) && WTF_COMPILER_GCC && !GCC_VERSION_AT_LEAST(4, 1, 0)
#define ENABLE_JIT 0
@@ -1050,7 +1042,7 @@
#if !defined(ENABLE_JIT) \
&& (WTF_CPU_X86 || WTF_CPU_X86_64 || WTF_CPU_ARM || WTF_CPU_SPARC32 || WTF_CPU_MIPS) \
&& (WTF_OS_DARWIN || !WTF_COMPILER_GCC || GCC_VERSION_AT_LEAST(4, 1, 0)) \
- && !WTF_OS_WINCE
+ && !WTF_OS_WINCE && !defined(WTF_OS_STARBOARD)
#define ENABLE_JIT 1
#endif
diff --git a/src/third_party/mozjs/js/src/jit/CodeGenerator.cpp b/src/third_party/mozjs/js/src/jit/CodeGenerator.cpp
index 294a955..ab8ea02 100644
--- a/src/third_party/mozjs/js/src/jit/CodeGenerator.cpp
+++ b/src/third_party/mozjs/js/src/jit/CodeGenerator.cpp
@@ -715,6 +715,12 @@
}
bool
+CodeGenerator::visitMop(LMop *lir)
+{
+ return true;
+}
+
+bool
CodeGenerator::visitOsiPoint(LOsiPoint *lir)
{
// Note: markOsiPoint ensures enough space exists between the last
@@ -4254,6 +4260,13 @@
masm.add32(Imm32(min), temp);
if (!bailoutIf(Assembler::Overflow, lir->snapshot()))
return false;
+ }
+
+ masm.cmp32(temp, Imm32(0));
+ if (!bailoutIf(Assembler::LessThan, lir->snapshot()))
+ return false;
+
+ if (min != 0) {
int32_t diff;
if (SafeSub(max, min, &diff))
max = diff;
@@ -4261,9 +4274,6 @@
masm.sub32(Imm32(min), temp);
}
- masm.cmp32(temp, Imm32(0));
- if (!bailoutIf(Assembler::LessThan, lir->snapshot()))
- return false;
}
// Compute the maximum possible index. No overflow check is needed when
diff --git a/src/third_party/mozjs/js/src/jit/CodeGenerator.h b/src/third_party/mozjs/js/src/jit/CodeGenerator.h
index 873d7f2..94854d4 100644
--- a/src/third_party/mozjs/js/src/jit/CodeGenerator.h
+++ b/src/third_party/mozjs/js/src/jit/CodeGenerator.h
@@ -51,6 +51,7 @@
bool visitLabel(LLabel *lir);
bool visitNop(LNop *lir);
+ bool visitMop(LMop *lir);
bool visitOsiPoint(LOsiPoint *lir);
bool visitGoto(LGoto *lir);
bool visitTableSwitch(LTableSwitch *ins);
diff --git a/src/third_party/mozjs/js/src/jit/IonCaches.cpp b/src/third_party/mozjs/js/src/jit/IonCaches.cpp
index 30d3711..f833d0f 100644
--- a/src/third_party/mozjs/js/src/jit/IonCaches.cpp
+++ b/src/third_party/mozjs/js/src/jit/IonCaches.cpp
@@ -2522,6 +2522,9 @@
cache.getScriptedLocation(&script, &pc);
RootedValue lval(cx, ObjectValue(*obj));
+ // Override the return value if the script is invalidated (bug 728188).
+ AutoDetectInvalidation adi(cx, res.address(), ion);
+
if (cache.isDisabled()) {
if (!GetElementOperation(cx, JSOp(*pc), &lval, idval, res))
return false;
@@ -2529,9 +2532,7 @@
return true;
}
- // Override the return value if we are invalidated (bug 728188).
- AutoFlushCache afc ("GetElementCache");
- AutoDetectInvalidation adi(cx, res.address(), ion);
+ AutoFlushCache afc("GetElementCache");
RootedId id(cx);
if (!ValueToId<CanGC>(cx, idval, &id))
diff --git a/src/third_party/mozjs/js/src/jit/LIR-Common.h b/src/third_party/mozjs/js/src/jit/LIR-Common.h
index 5a87e04..fb43cfc 100644
--- a/src/third_party/mozjs/js/src/jit/LIR-Common.h
+++ b/src/third_party/mozjs/js/src/jit/LIR-Common.h
@@ -46,6 +46,12 @@
LIR_HEADER(Nop)
};
+class LMop : public LInstructionHelper<0, 0, 0>
+{
+ public:
+ LIR_HEADER(Mop)
+};
+
// An LOsiPoint captures a snapshot after a call and ensures enough space to
// patch in a call to the invalidation mechanism.
//
diff --git a/src/third_party/mozjs/js/src/jit/LOpcodes.h b/src/third_party/mozjs/js/src/jit/LOpcodes.h
index 1520829..dfbd53a 100644
--- a/src/third_party/mozjs/js/src/jit/LOpcodes.h
+++ b/src/third_party/mozjs/js/src/jit/LOpcodes.h
@@ -10,6 +10,7 @@
#define LIR_COMMON_OPCODE_LIST(_) \
_(Label) \
_(Nop) \
+ _(Mop) \
_(OsiPoint) \
_(MoveGroup) \
_(Integer) \
diff --git a/src/third_party/mozjs/js/src/jit/Lowering.cpp b/src/third_party/mozjs/js/src/jit/Lowering.cpp
index fd1dc57..19e7425 100644
--- a/src/third_party/mozjs/js/src/jit/Lowering.cpp
+++ b/src/third_party/mozjs/js/src/jit/Lowering.cpp
@@ -2836,13 +2836,25 @@
ins->setInWorklistUnchecked();
#endif
+ // If we added a Nop for this instruction, we'll also add a Mop, so that
+ // that live-ranges for fixed register defs, which with LSRA extend through
+ // the Nop so that they can extend through the OsiPoint don't, with their
+ // one-extra extension, extend into a position where they use the input
+ // move group for the following instruction.
+ bool needsMop = !current->instructions().empty() && current->rbegin()->isNop();
+
// If no safepoint was created, there's no need for an OSI point.
if (LOsiPoint *osiPoint = popOsiPoint()) {
if (!add(osiPoint))
return false;
}
- return true;
+ if (needsMop) {
+ if (!add(new LMop()))
+ return false;
+ }
+
+ return true;
}
bool
diff --git a/src/third_party/mozjs/js/src/jit/RangeAnalysis.cpp b/src/third_party/mozjs/js/src/jit/RangeAnalysis.cpp
index fd68f91..c8cbc20 100644
--- a/src/third_party/mozjs/js/src/jit/RangeAnalysis.cpp
+++ b/src/third_party/mozjs/js/src/jit/RangeAnalysis.cpp
@@ -339,7 +339,9 @@
// Instead, we should use it to eliminate the dead block.
// (Bug 765127)
if (r->upper_ < r->lower_) {
- *emptyRange = true;
+ // If both ranges can be NaN, the result can still be NaN.
+ if (!lhs->isInfinite() || !rhs->isInfinite())
+ *emptyRange = true;
r->makeRangeInfinite();
}
diff --git a/src/third_party/mozjs/js/src/jit/arm/MacroAssembler-arm.h b/src/third_party/mozjs/js/src/jit/arm/MacroAssembler-arm.h
index 04d68af..c46883a 100644
--- a/src/third_party/mozjs/js/src/jit/arm/MacroAssembler-arm.h
+++ b/src/third_party/mozjs/js/src/jit/arm/MacroAssembler-arm.h
@@ -763,8 +763,9 @@
if (lhs.getTag() == Operand::OP2) {
branch32(cond, lhs.toReg(), rhs, label);
} else {
- ma_ldr(lhs, ScratchRegister);
- branch32(cond, ScratchRegister, rhs, label);
+ // branch32 will use ScratchRegister.
+ ma_ldr(lhs, secondScratchReg_);
+ branch32(cond, secondScratchReg_, rhs, label);
}
}
void branch32(Condition cond, const Address &lhs, Register rhs, Label *label) {
@@ -772,8 +773,9 @@
branch32(cond, ScratchRegister, rhs, label);
}
void branch32(Condition cond, const Address &lhs, Imm32 rhs, Label *label) {
- load32(lhs, ScratchRegister);
- branch32(cond, ScratchRegister, rhs, label);
+ // branch32 will use ScratchRegister.
+ load32(lhs, secondScratchReg_);
+ branch32(cond, secondScratchReg_, rhs, label);
}
void branchPtr(Condition cond, const Address &lhs, Register rhs, Label *label) {
branch32(cond, lhs, rhs, label);
@@ -856,8 +858,9 @@
ma_b(label, cond);
}
void branchTest32(Condition cond, const Address &address, Imm32 imm, Label *label) {
- ma_ldr(Operand(address.base, address.offset), ScratchRegister);
- branchTest32(cond, ScratchRegister, imm, label);
+ // branchTest32 will use ScratchRegister.
+ load32(address, secondScratchReg_);
+ branchTest32(cond, secondScratchReg_, imm, label);
}
void branchTestPtr(Condition cond, const Register &lhs, const Register &rhs, Label *label) {
branchTest32(cond, lhs, rhs, label);
diff --git a/src/third_party/mozjs/js/src/jit/shared/IonAssemblerBufferWithConstantPools.h b/src/third_party/mozjs/js/src/jit/shared/IonAssemblerBufferWithConstantPools.h
index ec0886c..eed3ffd 100644
--- a/src/third_party/mozjs/js/src/jit/shared/IonAssemblerBufferWithConstantPools.h
+++ b/src/third_party/mozjs/js/src/jit/shared/IonAssemblerBufferWithConstantPools.h
@@ -216,8 +216,6 @@
isBranch[idx >> 3] |= 1 << (idx & 0x7);
}
bool isNextBranch() {
- if (this->nodeSize == InstBaseSize)
- return false;
int idx = this->nodeSize / InstBaseSize;
return (isBranch[idx >> 3] >> (idx & 0x7)) & 1;
}
diff --git a/src/third_party/mozjs/js/src/jsbool.cpp b/src/third_party/mozjs/js/src/jsbool.cpp
index 3b97d25..1df3511 100644
--- a/src/third_party/mozjs/js/src/jsbool.cpp
+++ b/src/third_party/mozjs/js/src/jsbool.cpp
@@ -200,7 +200,8 @@
bool
js::BooleanGetPrimitiveValueSlow(HandleObject wrappedBool, JSContext *cx)
{
- JSObject *obj = GetProxyTargetObject(wrappedBool);
- JS_ASSERT(obj);
+ JSObject *obj = CheckedUnwrap(wrappedBool);
+ if (!obj || !obj->is<BooleanObject>())
+ return false;
return obj->as<BooleanObject>().unbox();
}
diff --git a/src/third_party/mozjs/js/src/jsobj.cpp b/src/third_party/mozjs/js/src/jsobj.cpp
index d922358..c8fc252 100644
--- a/src/third_party/mozjs/js/src/jsobj.cpp
+++ b/src/third_party/mozjs/js/src/jsobj.cpp
@@ -279,11 +279,18 @@
if (pobj->isNative()) {
desc->attrs = GetShapeAttributes(shape);
if (desc->attrs & (JSPROP_GETTER | JSPROP_SETTER)) {
+ MOZ_ASSERT(desc.isShared());
doGet = false;
if (desc->attrs & JSPROP_GETTER)
desc->getter = CastAsPropertyOp(shape->getterObject());
if (desc->attrs & JSPROP_SETTER)
desc->setter = CastAsStrictPropertyOp(shape->setterObject());
+ } else {
+ // This is either a straight-up data property or (rarely) a
+ // property with a JSPropertyOp getter/setter. The latter must be
+ // reported to the caller as a plain data property, so don't
+ // populate desc.getter/setter, and mask away the SHARED bit.
+ desc->attrs &= ~JSPROP_SHARED;
}
} else {
if (!JSObject::getGenericAttributes(cx, pobj, id, &desc->attrs))
@@ -5337,4 +5344,3 @@
#endif
}
}
-
diff --git a/src/third_party/mozjs/js/src/jsproxy.cpp b/src/third_party/mozjs/js/src/jsproxy.cpp
index 2dbad14..eddf34f 100644
--- a/src/third_party/mozjs/js/src/jsproxy.cpp
+++ b/src/third_party/mozjs/js/src/jsproxy.cpp
@@ -2328,7 +2328,9 @@
AutoEnterPolicy policy(cx, handler, proxy, id, BaseProxyHandler::GET, true);
if (!policy.allowed())
return policy.returnValue();
- return handler->getOwnPropertyDescriptor(cx, proxy, id, desc, flags);
+ bool ok = handler->getOwnPropertyDescriptor(cx, proxy, id, desc, flags);
+ MOZ_ASSERT_IF(ok && desc.isShared(), desc.hasGetterOrSetterObject());
+ return ok;
}
bool
diff --git a/src/third_party/mozjs/mozjs.gyp b/src/third_party/mozjs/mozjs.gyp
index c3ed096..c646032 100644
--- a/src/third_party/mozjs/mozjs.gyp
+++ b/src/third_party/mozjs/mozjs.gyp
@@ -17,10 +17,11 @@
],
'variables': {
'common_jit_defines': [
+ 'ENABLE_JIT=1',
+ 'ENABLE_YARR_JIT=1',
'JS_ION=1',
'JS_METHODJIT=1',
'JS_METHODJIT_TYPED_ARRAY=1',
- 'ENABLE_YARR_JIT=1',
],
},
'target_defaults': {
@@ -47,20 +48,22 @@
'defines': [
'JS_CPU_X64=1',
'JS_PUNBOX64=1',
- '<@(common_jit_defines)',
],
}],
[ 'target_arch == "x86"', {
'defines': [
'JS_CPU_X86=1',
'JS_NUNBOX32=1',
- '<@(common_jit_defines)',
],
}],
[ 'target_arch == "arm"', {
'defines': [
'JS_CPU_ARM=1',
'JS_NUNBOX32=1',
+ ],
+ }],
+ [ 'cobalt_enable_jit == 1', {
+ 'defines': [
'<@(common_jit_defines)',
],
}],
@@ -98,7 +101,7 @@
'js-confdefs.h',
],
'conditions': [
- [ 'target_arch == "x64"', {
+ [ 'target_arch == "x64" and cobalt_enable_jit == 1', {
'sources': [
'js/src/assembler/assembler/MacroAssemblerX86Common.cpp',
'js/src/jit/shared/Assembler-x86-shared.cpp',
@@ -119,7 +122,7 @@
'<@(mozjs_jit_sources)',
],
}],
- [ 'target_arch == "x86"', {
+ [ 'target_arch == "x86" and cobalt_enable_jit == 1', {
'sources': [
'js/src/assembler/assembler/MacroAssemblerX86Common.cpp',
'js/src/jit/shared/Assembler-x86-shared.cpp',
@@ -140,7 +143,7 @@
'<@(mozjs_jit_sources)',
],
}],
- [ 'target_arch == "arm"', {
+ [ 'target_arch == "arm" and cobalt_enable_jit == 1', {
'sources': [
'js/src/assembler/assembler/ARMAssembler.cpp',
'js/src/assembler/assembler/MacroAssemblerARM.cpp',
diff --git a/src/third_party/openssl/README.chromium b/src/third_party/openssl/README.chromium
index fbae0aa..6c8889b 100644
--- a/src/third_party/openssl/README.chromium
+++ b/src/third_party/openssl/README.chromium
@@ -1,6 +1,6 @@
Name: openssl
URL: http://openssl.org/source/
-Version: 1.0.1c
+Version: 1.0.1p
License: BSDish
License File: openssl/LICENSE
License Android Compatible: yes
diff --git a/src/third_party/openssl/codereview.settings b/src/third_party/openssl/codereview.settings
deleted file mode 100644
index a4b341a..0000000
--- a/src/third_party/openssl/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
diff --git a/src/third_party/ots/codereview.settings b/src/third_party/ots/codereview.settings
deleted file mode 100644
index acbc431..0000000
--- a/src/third_party/ots/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
\ No newline at end of file
diff --git a/src/third_party/ots/include/opentype-sanitiser.h b/src/third_party/ots/include/opentype-sanitiser.h
index fc76b90..1380ac7 100644
--- a/src/third_party/ots/include/opentype-sanitiser.h
+++ b/src/third_party/ots/include/opentype-sanitiser.h
@@ -82,8 +82,10 @@
}
while (length >= 4) {
- chksum_ += ntohl(*reinterpret_cast<const uint32_t*>(
- reinterpret_cast<const uint8_t*>(data) + offset));
+ uint32_t tmp;
+ std::memcpy(&tmp, reinterpret_cast<const uint8_t *>(data) + offset,
+ sizeof(uint32_t));
+ chksum_ += ntohl(tmp);
length -= 4;
offset += 4;
}
diff --git a/src/third_party/skia/codereview.settings b/src/third_party/skia/codereview.settings
deleted file mode 100644
index a4b341a..0000000
--- a/src/third_party/skia/codereview.settings
+++ /dev/null
@@ -1,4 +0,0 @@
-# This file is used by gcl to get repository specific information.
-GERRIT_HOST: lbshell-internal-review.googlesource.com
-GERRIT_AUTODETECT_BRANCH: true
-CODE_REVIEW_SERVER: lbshell-internal-review.googlesource.com
