The AllocSite::hasScript method was broken by the wasm GC changes. This should
return false when the script pointer is null too.
The only thing this actually affects is the output when JS_GC_REPORT_PRETENURE
is set, since we don't otherwise call it when the script pointer is null.
While we're here, add a header line to this output to help understand it.
Differential Revision: https://phabricator.services.mozilla.com/D195765
When using semispace collection this will allow us to add store buffer entries
to a new empty storebuffer associated with to space while tracing the previous
store buffer associated with from space.
Differential Revision: https://phabricator.services.mozilla.com/D195541
For semispace colletion it's convenient to have two store buffers existing at
the same time (for from space and to space). Therefore we need to move the
store buffer lock to a central location so we don't duplicate this.
The patch replaces use of a nullable a StoreBuffer pointer to indicate whether
locking is required with a flag. StoreBuffer is no longer exposed.
Differential Revision: https://phabricator.services.mozilla.com/D195540
GetCellChunkBase gets called from IsInsideNursery and is supposed to take a
valid GC cell pointer but does no validation on this. Even adding this simple
check that the runtime field of the chunk header is non-zero caught a few
times which this was called with a bogus pointer during development.
Differential Revision: https://phabricator.services.mozilla.com/D195539
This class is internal to tenuring and is only used from there, so there's no
reason to put these in the header file.
I suspect this doesn't need to be templated but I left it as it was.
Differential Revision: https://phabricator.services.mozilla.com/D195538
#selectedElement may end up pointing to disconnected nodes. And so the public
.selectedElement getter.
This is how it was happening: a first call to onQueryResults adds and selects a
heuristic result. Then a second call to onQueryResults brings a new heuristic
result that requires new content (not compatible with the previous one), so the
old heuristic is emptied out, and new DOM is generated.
Because the code in onQueryResults relies on .selectedElement, at the second
invokation it thinks the selection is still valid, and doesn't select the new
heuristic. In reality .selectedElement at that time is pointing to a removed
DOM node.
The patch introduces a #rawSelectedElement and converts #selectedElement
into a getter.
Plus some minor logging improvements, and removing unused #mainContainer property.
Differential Revision: https://phabricator.services.mozilla.com/D195779
We are seeing crashes on the european Samsung S22 family of devices in
eglTerminate after updating to Android 14. To work around this we
deliberately leak the EGLDisplay on affected devices. In practice we
only ever use the default EGLDisplay on Android, and calling
eglInitialize multiple times is allowed, so this is fine.
Note this only occurs when running webgl in the content process, which
will occur naturally following enough GPU process crashes that we
disable the GPU process. When webgl is running in the GPU process
webrender keeps the EGLDisplay alive, meaning we never terminate it.
Differential Revision: https://phabricator.services.mozilla.com/D196146
To help investigate the crash in bug 1761208, this patch adds code to
register the top frames of the call stack when reservedClientInfo is
set, such that it can be recovered from crash dumps.
We only add this code for Nightly Windows x64 builds because we get a
Nightly crash on this assertion for almost every Nightly build, always
coming from Windows x64. So this should be enough and there is no need
to impact other builds.
This code only needs to live for a few Nightly builds and can/should be
removed once we have caught the faulty call stack.
Differential Revision: https://phabricator.services.mozilla.com/D195525
This patch changes the cooldown mechansim. The original behavior is stop
executing cookie banner clicking after loading the site in the browsing
session. We modify it to that the cooldown mechanism takes effect after
loading the site several times in the browsing session..
Differential Revision: https://phabricator.services.mozilla.com/D193906
AC_SUBSTs with a lower-case key are not really supposed to be used,
although that has never been enforced, and at least one of them is
used in practice.
At least, that's the theory behind using files to store their value in
config.statusd (added in bug 1402012). Because obviously, on
case-insensitive file systems, a variable that is upper case will use
the same file as the lower case one. If their value is the same, then
fine, but if they aren't, thing go bad.
Until bug 1867457, that held true for TARGET_CPU and target_cpu: their
value was the same. But bug 1867457 changed that. But target_cpu is only
there because it's set by autoconf itself, and we don't care about it.
The result is that the value of target_cpu takes precedence because it's
set last, and overwrites the value of TARGET_CPU in config.statusd,
subsequently making the value read in GenerateAtomicOperations.py wrong.
Differential Revision: https://phabricator.services.mozilla.com/D195959
Pixel 6, 7, and 8 devices running Android 14 are affected by a bug
where video frames with SMPTE 432 color primaries are rendered
incorrectly when sampled from an external texture in GLES. To work
around this, we force these frames to be converted to RGB using BT709
colorspace instead. While this won't look exactly right, it is much
better than the current situation.
When we detect that a frame is decoded with that color space on an
affected device, we set a "ForceBT709" flag which gets passed through
to webrender as a new ImageBufferKind. Rendering this ImageBufferKind
is handled via a new shader feature TEXTURE_EXTERNAL_BT709, which
works much like the existing TEXTURE_EXTERNAL feature, but
additionally uses the EXT_YUV_TARGET extension to override the
colorspace transformation.
This approach could be extended in the future to handle additional
colorspace transformations, but for now only handles the one required
to workaround this particular driver bug.
Differential Revision: https://phabricator.services.mozilla.com/D195800
`nsIEditor.setShouldTxnSetSelection` can preserve selection across multiple
editing. Therefore, we cannot manage the state only in the stack.
It's used only in comm-central, and used only with `insertNode` and
`deleteNode`. Therefore, adding new param to them to preserve selection
must be enough.
While I'm writing this patch, I realized that `input` event is not fired
by these methods because nobody set a placeholder transaction. That may
lead Thunderbird only IME crash bugs due to `IMEContentObserver` is not
notified editor properly. Therefore, this may fix some Thunderbird only
crashes.
Note that `deleteNode` should not update selection. However, I'm not 100%
sure that. Therefore, I add new param to `deleteNode` too. However,
some reviewers think it's unnecessary, I'll remove it before landing.
Finally, `beforeinput` and `input` caused by the method calls start updating
selection. However, I think that it should be better behavior. If Thunderbird
needs to guarantee that selection is set to whether the user expected when
it calls these methods with preserving selection.
Differential Revision: https://phabricator.services.mozilla.com/D196004
Currently, the method ignores synthesized `eMouseMove` events coming from the
parent process if
* the last mouse location was updated by a synthesized mouse event for tests
* the event comes from parent process
* the event is not marked as synthesized for tests
However, `eMouseExitFromWidget` is also handled as a synthesized `eMouseMove` [1].
Therefore, the method needs to ignore this event too in the same conditions.
Additionally, `eMouseEnterIntoWidget` may cause updating the `:hover` state
under the event position which may be different from the last cursor position
in the content process [2]. Therefore, the method needs to ignore this too.
On the other hand, if the event is caused by a test API synthesizing mouse
events, e.g., when `test.events.async.enabled` is set to `true`, the running
test must expect the events. Therefore, these events need to be marked as
synthesized for tests correctly. Therefore, this patch updates the
initializers of the events.
1. https://searchfox.org/mozilla-central/rev/78a2c17cc80680a5a82446e4ce7c45a73b935383/dom/events/EventStateManager.cpp#773,794-796,800-801
2. https://searchfox.org/mozilla-central/rev/78a2c17cc80680a5a82446e4ce7c45a73b935383/dom/events/EventStateManager.cpp#4063,4068
Differential Revision: https://phabricator.services.mozilla.com/D195638
The popup manager is in the parent process and the parent process may store
the last mouse cursor position which is set by a preceding test, but the
test synthesizes mouse events only in the content process. Therefore, the
parent may have unexpected state.
For solving these issues, this patch makes the test synthesize the events via
the parent process with enabling the async event dispatcher.
Then, new issue appeared. When I run this test in the verify mode, it
high-frequently failed with no mouse event logs. Therefore, this patch makes
the content process waits first `mousemove` outside the target before starting
the test.
Differential Revision: https://phabricator.services.mozilla.com/D195637
`mouseover` should be fired by `EventStateManager` when it gets `mousemove`
events at that time, `PresShell` and `EventStateManager` update their member
to dispatch `mouseout` etc later correctly. So, the test should synthesize
`mousemove` instead.
Additionally, for making it easier to debug, this patch adds event logger
too. Number of logging events are just a few so that it's not problem from
the log size point of view.
Finally, this adds a clean up code to hide the tooltip which was shown by
this test. That may help to make it stable when continuously run the test.
Differential Revision: https://phabricator.services.mozilla.com/D195636
If not combo box, GeckoView shows the select picker. So `showPicker`
method should show it on mobile.
(This fix uses ANDROID define for KaiOS fork too)
Differential Revision: https://phabricator.services.mozilla.com/D194721
This adds both the current `os_version` and the `previous_os_version`
to both legacy and Glean pings. This appears to duplice the built-in
Glean `os_version` metric, but they are *not* the same format as the
legacy telemetry: Glean records the UBR as a separate metric.
Differential Revision: https://phabricator.services.mozilla.com/D196120
By splitting `ScheduledTask.cpp`, the proxy can include less CPP code.
In turn, this makes it easier to depend on Gecko in `toolkit/mozapps/defaultagent`.
Differential Revision: https://phabricator.services.mozilla.com/D196119
The agent/browser protocol is a request-response-acknowledge
format. We were only sending Acknowledge for the download case.
Differential Revision: https://phabricator.services.mozilla.com/D189579
Ensure the focusable and actionable control is also labeled, so an assistive technology user would know the purpose of this control. It should not only be announced as `Close` but also provide a context by referencing the search mode title text as well, so the "History" search would be announced as `Close History mode` or just `Close History` or similar.
Also, since there were a series of test cases failing the a11y-checks because of this unlabeled control, we remove the `fail-if` notations from their test manifests to allow for the accessibility tests to run and expect to pass, as they should be.
Differential Revision: https://phabricator.services.mozilla.com/D196095
QuotaInitRunnable is invoked by Context to set up cache directory. This is not always successful as it could be
interrupted by shutdown or other filesystem issues. By the time in ran into error, it's possible that some objects
needed by Context are not yet initialized in QuotaInitRunnable::Run. Since QuotaInitRunnable internal state machine
will always transition to 'COMPLETING' and Context::OnQuotaInit would always be called; it's possible that some objects
like mDirectoryLock, mCipherKeyManager and mDirectoryMetadata didn't get initialized yet. As an effect, we should
only assert these objects being non-null in Context::OnQuotaInit if the QuotaInitRunnable was successful.
Differential Revision: https://phabricator.services.mozilla.com/D196113
The text input of the multi-select combobox of Slack has the following
structure:
```
<div contenteditable style="display:flex">
<span class="c-multi_select_input__space"> </span>
<span class="c-multi_select_input__filter_query">text which you typed</span>
<span class="c-multi_select_input__space" contenteditable="false"> <span>
</div>
```
When you do "Select All", they adjust selection to start from start of the
text container `<span>` (i.e., `.c-multi_select_input__filter_query`).
Then, typing new character deletes selection first. At this time, in the
legacy mode, `AutoDeleteRangesHandler::ExtendOrShrinkRangeToDelete` does not
extend the deleting range because `<span>` is an inline element. However,
in the new mode, it extends the range because the `<span>` is a block since
it's a flex-item, and selection starts from current block boundary. Then,
deleting range starts before the text container. Finally, Gecko removes the
text container and the following non-editable `<span>`. Therefore, typing text
will be inserted as a child of the flex container which is the editing host.
Finally, Slack restores the previous structure and collapse selection to end
of the text.
Currently, Chrome does same thing for normal blocks without flex/gird container.
However, doing i in `AutoDeleteRangesHandler::ExtendOrShrinkRangeToDelete`
causes a lot of regressions. Therefore, this patch tries to avoid only the bug
in Slack. (I think that we need to redesign the deletion handler to fix it.)
Differential Revision: https://phabricator.services.mozilla.com/D195955
