more std:: cleanups

mozilla-release/patches/1302449-62a1.patch

@@ -0,0 +1,1160 @@
+# HG changeset patch
+# User Andrea Marchesini <amarchesini@mozilla.com>
+# Date 1525864508 -7200
+# Node ID eeaae6812d825fad8bb92be7f496f74952d82654
+# Parent  257afcbbaf6db32010d7b4ec822ac3a4e673542d
+Bug 1302449 - Remove the "referrer" directive in CSP, r=ckerschb
+
+diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
+--- a/dom/base/nsDocument.cpp
++++ b/dom/base/nsDocument.cpp
+@@ -1417,17 +1417,16 @@ nsIDocument::nsIDocument()
+     mIsInitialDocumentInWindow(false),
+     mIgnoreDocGroupMismatches(false),
+     mLoadedAsData(false),
+     mLoadedAsInteractiveData(false),
+     mMayStartLayout(true),
+     mHaveFiredTitleChange(false),
+     mIsShowing(false),
+     mVisible(true),
+-    mHasReferrerPolicyCSP(false),
+     mRemovedFromDocShell(false),
+     // mAllowDNSPrefetch starts true, so that we can always reliably && it
+     // with various values that might disable it.  Since we never prefetch
+     // unless we get a window, and in that case the docshell value will get
+     // &&-ed in, this is safe.
+     mAllowDNSPrefetch(true),
+     mIsStaticDocument(false),
+     mCreatingStaticClone(false),
+@@ -2778,26 +2777,16 @@ nsDocument::ApplySettingsFromCSP(bool aS
+ {
+   nsresult rv = NS_OK;
+   if (!aSpeculative) {
+     // 1) apply settings from regular CSP
+     nsCOMPtr<nsIContentSecurityPolicy> csp;
+     rv = NodePrincipal()->GetCsp(getter_AddRefs(csp));
+     NS_ENSURE_SUCCESS_VOID(rv);
+     if (csp) {
+-      // Set up any Referrer Policy specified by CSP
+-      bool hasReferrerPolicy = false;
+-      uint32_t referrerPolicy = mozilla::net::RP_Unset;
+-      rv = csp->GetReferrerPolicy(&referrerPolicy, &hasReferrerPolicy);
+-      NS_ENSURE_SUCCESS_VOID(rv);
+-      if (hasReferrerPolicy) {
+-        mReferrerPolicy = static_cast<ReferrerPolicy>(referrerPolicy);
+-        mReferrerPolicySet = true;
+-      }
+-
+       // Set up 'block-all-mixed-content' if not already inherited
+       // from the parent context or set by any other CSP.
+       if (!mBlockAllMixedContent) {
+         rv = csp->GetBlockAllMixedContent(&mBlockAllMixedContent);
+         NS_ENSURE_SUCCESS_VOID(rv);
+       }
+       if (!mBlockAllMixedContentPreloads) {
+         mBlockAllMixedContentPreloads = mBlockAllMixedContent;
+diff --git a/dom/base/nsIDocument.h b/dom/base/nsIDocument.h
+--- a/dom/base/nsIDocument.h
++++ b/dom/base/nsIDocument.h
+@@ -717,24 +717,16 @@ public:
+    * Get mixed display content blocked flag for this document.
+    */
+   bool GetHasMixedDisplayContentBlocked()
+   {
+     return mHasMixedDisplayContentBlocked;
+   }
+ 
+   /**
+-  * Set referrer policy CSP flag for this document.
+-  */
+-  void SetHasReferrerPolicyCSP(bool aHasReferrerPolicyCSP)
+-  {
+-    mHasReferrerPolicyCSP = aHasReferrerPolicyCSP;
+-  }
+-
+-  /**
+    * Set the mixed display content blocked flag for this document.
+    */
+   void SetHasMixedDisplayContentBlocked(bool aHasMixedDisplayContentBlocked)
+   {
+     mHasMixedDisplayContentBlocked = aHasMixedDisplayContentBlocked;
+   }
+ 
+   /**
+@@ -3430,19 +3422,16 @@ protected:
+   // true otherwise.
+   bool mIsShowing : 1;
+ 
+   // State for IsVisible(). mVisible starts off true. It becomes false when
+   // OnPageHide happens, and becomes true again when OnPageShow happens.  So
+   // it's false only when we're in bfcache or unloaded.
+   bool mVisible : 1;
+ 
+-  // True if a document load has a CSP with referrer attached.
+-  bool mHasReferrerPolicyCSP : 1;
+-
+   // True if our content viewer has been removed from the docshell
+   // (it may still be displayed, but in zombie state). Form control data
+   // has been saved.
+   bool mRemovedFromDocShell : 1;
+ 
+   // True iff DNS prefetch is allowed for this document.  Note that if the
+   // document has no window, DNS prefetch won't be performed no matter what.
+   bool mAllowDNSPrefetch : 1;
+diff --git a/dom/interfaces/security/nsIContentSecurityPolicy.idl b/dom/interfaces/security/nsIContentSecurityPolicy.idl
+--- a/dom/interfaces/security/nsIContentSecurityPolicy.idl
++++ b/dom/interfaces/security/nsIContentSecurityPolicy.idl
+@@ -48,24 +48,23 @@ interface nsIContentSecurityPolicy : nsI
+   const unsigned short FRAME_SRC_DIRECTIVE            = 7;
+   const unsigned short FONT_SRC_DIRECTIVE             = 8;
+   const unsigned short CONNECT_SRC_DIRECTIVE          = 9;
+   const unsigned short REPORT_URI_DIRECTIVE           = 10;
+   const unsigned short FRAME_ANCESTORS_DIRECTIVE      = 11;
+   const unsigned short REFLECTED_XSS_DIRECTIVE        = 12;
+   const unsigned short BASE_URI_DIRECTIVE             = 13;
+   const unsigned short FORM_ACTION_DIRECTIVE          = 14;
+-  const unsigned short REFERRER_DIRECTIVE             = 15;
+-  const unsigned short WEB_MANIFEST_SRC_DIRECTIVE     = 16;
+-  const unsigned short UPGRADE_IF_INSECURE_DIRECTIVE  = 17;
+-  const unsigned short CHILD_SRC_DIRECTIVE            = 18;
+-  const unsigned short BLOCK_ALL_MIXED_CONTENT        = 19;
+-  const unsigned short REQUIRE_SRI_FOR                = 20;
+-  const unsigned short SANDBOX_DIRECTIVE              = 21;
+-  const unsigned short WORKER_SRC_DIRECTIVE           = 22;
++  const unsigned short WEB_MANIFEST_SRC_DIRECTIVE     = 15;
++  const unsigned short UPGRADE_IF_INSECURE_DIRECTIVE  = 16;
++  const unsigned short CHILD_SRC_DIRECTIVE            = 17;
++  const unsigned short BLOCK_ALL_MIXED_CONTENT        = 18;
++  const unsigned short REQUIRE_SRI_FOR                = 19;
++  const unsigned short SANDBOX_DIRECTIVE              = 20;
++  const unsigned short WORKER_SRC_DIRECTIVE           = 21;
+ 
+   /**
+    * Accessor method for a read-only string version of the policy at a given
+    * index.
+    */
+   [binaryname(GetPolicyString)] AString getPolicy(in unsigned long index);
+ 
+   /**
+@@ -98,31 +97,16 @@ interface nsIContentSecurityPolicy : nsI
+   readonly attribute bool blockAllMixedContent;
+ 
+   /**
+    * Returns whether this policy enforces the frame-ancestors directive.
+    */
+   readonly attribute bool enforcesFrameAncestors;
+ 
+   /**
+-   * Obtains the referrer policy (as integer) for this browsing context as
+-   * specified in CSP.  If there are multiple policies and...
+-   *  - only one sets a referrer policy: that policy is returned
+-   *  - more than one sets different referrer policies: no-referrer is returned
+-   *  - more than one set equivalent policies: that policy is returned
+-   * For the enumeration of policies see ReferrerPolicy.h and nsIHttpChannel.
+-   *
+-   * @param aPolicy
+-   *        The referrer policy to use for the protected resource.
+-   * @return
+-   *        true if a referrer policy is specified, false if it's unspecified.
+-   */
+-  bool getReferrerPolicy(out unsigned long policy);
+-
+-  /**
+    * Parse and install a CSP policy.
+    * @param aPolicy
+    *        String representation of the policy
+    *        (e.g., header value, meta content)
+    * @param reportOnly
+    *        Should this policy affect content, script and style processing or
+    *        just send reports if it is violated?
+    * @param deliveredViaMetaTag
+diff --git a/dom/security/nsCSPContext.cpp b/dom/security/nsCSPContext.cpp
+--- a/dom/security/nsCSPContext.cpp
++++ b/dom/security/nsCSPContext.cpp
+@@ -392,58 +392,16 @@ nsCSPContext::GetEnforcesFrameAncestors(
+       *outEnforcesFrameAncestors = true;
+       return NS_OK;
+     }
+   }
+   return NS_OK;
+ }
+ 
+ NS_IMETHODIMP
+-nsCSPContext::GetReferrerPolicy(uint32_t* outPolicy, bool* outIsSet)
+-{
+-  *outIsSet = false;
+-  *outPolicy = mozilla::net::RP_Unset;
+-  nsAutoString refpol;
+-  mozilla::net::ReferrerPolicy previousPolicy = mozilla::net::RP_Unset;
+-  for (uint32_t i = 0; i < mPolicies.Length(); i++) {
+-    mPolicies[i]->getReferrerPolicy(refpol);
+-    // only set the referrer policy if not delievered through a CSPRO and
+-    // note that and an empty string in refpol means it wasn't set
+-    // (that's the default in nsCSPPolicy).
+-    if (!mPolicies[i]->getReportOnlyFlag() && !refpol.IsEmpty()) {
+-      // Referrer Directive in CSP is no more used and going to be replaced by
+-      // Referrer-Policy HTTP header. But we still keep using referrer directive,
+-      // and would remove it later.
+-      // Referrer Directive specs is not fully compliant with new referrer policy
+-      // specs. What we are using here:
+-      // - If the value of the referrer directive is invalid, the user agent
+-      // should set the referrer policy to no-referrer.
+-      // - If there are two policies that specify a referrer policy, then they
+-      // must agree or the employed policy is no-referrer.
+-      if (!mozilla::net::IsValidReferrerPolicy(refpol)) {
+-        *outPolicy = mozilla::net::RP_No_Referrer;
+-        *outIsSet = true;
+-        return NS_OK;
+-      }
+-
+-      uint32_t currentPolicy = mozilla::net::ReferrerPolicyFromString(refpol);
+-      if (*outIsSet && previousPolicy != currentPolicy) {
+-        *outPolicy = mozilla::net::RP_No_Referrer;
+-        return NS_OK;
+-      }
+-
+-      *outPolicy = currentPolicy;
+-      *outIsSet = true;
+-    }
+-  }
+-
+-  return NS_OK;
+-}
+-
+-NS_IMETHODIMP
+ nsCSPContext::AppendPolicy(const nsAString& aPolicyString,
+                            bool aReportOnly,
+                            bool aDeliveredViaMetaTag)
+ {
+   CSPCONTEXTLOG(("nsCSPContext::AppendPolicy: %s",
+                  NS_ConvertUTF16toUTF8(aPolicyString).get()));
+ 
+   // Use the mSelfURI from setRequestContext, see bug 991474
+diff --git a/dom/security/nsCSPParser.cpp b/dom/security/nsCSPParser.cpp
+--- a/dom/security/nsCSPParser.cpp
++++ b/dom/security/nsCSPParser.cpp
+@@ -13,17 +13,16 @@
+ #include "nsIConsoleService.h"
+ #include "nsIContentPolicy.h"
+ #include "nsIScriptError.h"
+ #include "nsIStringBundle.h"
+ #include "nsNetUtil.h"
+ #include "nsReadableUtils.h"
+ #include "nsServiceManagerUtils.h"
+ #include "nsUnicharUtils.h"
+-#include "mozilla/net/ReferrerPolicy.h"
+ 
+ using namespace mozilla;
+ 
+ static LogModule*
+ GetCspParserLog()
+ {
+   static LazyLogModule gCspParserPRLog("CSPParser");
+   return gCspParserPRLog;
+@@ -868,53 +867,16 @@ nsCSPParser::sourceList(nsTArray<nsCSPBa
+       const char16_t* params[] = { CSP_EnumToUTF16Keyword(CSP_NONE) };
+       logWarningErrorToConsole(nsIScriptError::warningFlag, "ignoringUnknownOption",
+                                params, ArrayLength(params));
+     }
+   }
+ }
+ 
+ void
+-nsCSPParser::referrerDirectiveValue(nsCSPDirective* aDir)
+-{
+-  // directive-value   = "none" / "none-when-downgrade" / "origin" / "origin-when-cross-origin" / "unsafe-url"
+-  // directive name is token 0, we need to examine the remaining tokens (and
+-  // there should only be one token in the value).
+-  CSPPARSERLOG(("nsCSPParser::referrerDirectiveValue"));
+-
+-  if (mCurDir.Length() != 2) {
+-    CSPPARSERLOG(("Incorrect number of tokens in referrer directive, got %zu expected 1",
+-                 mCurDir.Length() - 1));
+-    delete aDir;
+-    return;
+-  }
+-
+-  if (!mozilla::net::IsValidReferrerPolicy(mCurDir[1])) {
+-    CSPPARSERLOG(("invalid value for referrer directive: %s",
+-                  NS_ConvertUTF16toUTF8(mCurDir[1]).get()));
+-    delete aDir;
+-    return;
+-  }
+-
+-  //referrer-directive deprecation warning
+-  const char16_t* params[] = { mCurDir[1].get() };
+-  logWarningErrorToConsole(nsIScriptError::warningFlag, "deprecatedReferrerDirective",
+-                             params, ArrayLength(params));
+-
+-  // the referrer policy is valid, so go ahead and use it.
+-  nsWeakPtr ctx = mCSPContext->GetLoadingContext();
+-  nsCOMPtr<nsIDocument> doc = do_QueryReferent(ctx);
+-  if (doc) {
+-    doc->SetHasReferrerPolicyCSP(true);
+-  }
+-  mPolicy->setReferrerPolicy(&mCurDir[1]);
+-  mPolicy->addDirective(aDir);
+-}
+-
+-void
+ nsCSPParser::requireSRIForDirectiveValue(nsRequireSRIForDirective* aDir)
+ {
+   CSPPARSERLOG(("nsCSPParser::requireSRIForDirectiveValue"));
+ 
+   // directive-value = "style" / "script"
+   // directive name is token 0, we need to examine the remaining tokens
+   for (uint32_t i = 1; i < mCurDir.Length(); i++) {
+     // mCurToken is only set here and remains the current token
+@@ -1208,23 +1170,16 @@ nsCSPParser::directive()
+ 
+   // special case handling for require-sri-for, which has directive values that
+   // are well-defined tokens but are not sources
+   if (cspDir->equals(nsIContentSecurityPolicy::REQUIRE_SRI_FOR)) {
+     requireSRIForDirectiveValue(static_cast<nsRequireSRIForDirective*>(cspDir));
+     return;
+   }
+ 
+-  // special case handling of the referrer directive (since it doesn't contain
+-  // source lists)
+-  if (cspDir->equals(nsIContentSecurityPolicy::REFERRER_DIRECTIVE)) {
+-    referrerDirectiveValue(cspDir);
+-    return;
+-  }
+-
+   // special case handling for report-uri directive (since it doesn't contain
+   // a valid source list but rather actual URIs)
+   if (CSP_IsDirective(mCurDir[0], nsIContentSecurityPolicy::REPORT_URI_DIRECTIVE)) {
+     reportURIList(cspDir);
+     return;
+   }
+ 
+   // special case handling for sandbox directive (since it doe4sn't contain
+diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp
+--- a/dom/security/nsCSPUtils.cpp
++++ b/dom/security/nsCSPUtils.cpp
+@@ -1195,17 +1195,17 @@ nsCSPDirective::toDomCSPStruct(mozilla::
+       outCSP.mSandbox.Value() = mozilla::Move(srcs);
+       return;
+ 
+     case nsIContentSecurityPolicy::WORKER_SRC_DIRECTIVE:
+       outCSP.mWorker_src.Construct();
+       outCSP.mWorker_src.Value() = mozilla::Move(srcs);
+       return;
+ 
+-    // REFERRER_DIRECTIVE and REQUIRE_SRI_FOR are handled in nsCSPPolicy::toDomCSPStruct()
++    // REQUIRE_SRI_FOR is handled in nsCSPPolicy::toDomCSPStruct()
+ 
+     default:
+       NS_ASSERTION(false, "cannot find directive to convert CSP to JSON");
+   }
+ }
+ 
+ 
+ bool
+@@ -1564,44 +1564,30 @@ nsCSPPolicy::allows(nsContentPolicyType 
+   return allows(aContentType, aKeyword, NS_LITERAL_STRING(""), false);
+ }
+ 
+ void
+ nsCSPPolicy::toString(nsAString& outStr) const
+ {
+   uint32_t length = mDirectives.Length();
+   for (uint32_t i = 0; i < length; ++i) {
+-
+-    if (mDirectives[i]->equals(nsIContentSecurityPolicy::REFERRER_DIRECTIVE)) {
+-      outStr.AppendASCII(CSP_CSPDirectiveToString(nsIContentSecurityPolicy::REFERRER_DIRECTIVE));
+-      outStr.AppendASCII(" ");
+-      outStr.Append(mReferrerPolicy);
+-    } else {
+-      mDirectives[i]->toString(outStr);
+-    }
++    mDirectives[i]->toString(outStr);
+     if (i != (length - 1)) {
+       outStr.AppendASCII("; ");
+     }
+   }
+ }
+ 
+ void
+ nsCSPPolicy::toDomCSPStruct(mozilla::dom::CSP& outCSP) const
+ {
+   outCSP.mReport_only = mReportOnly;
+ 
+   for (uint32_t i = 0; i < mDirectives.Length(); ++i) {
+-    if (mDirectives[i]->equals(nsIContentSecurityPolicy::REFERRER_DIRECTIVE)) {
+-      mozilla::dom::Sequence<nsString> srcs;
+-      srcs.AppendElement(mReferrerPolicy, mozilla::fallible);
+-      outCSP.mReferrer.Construct();
+-      outCSP.mReferrer.Value() = srcs;
+-    } else {
+-      mDirectives[i]->toDomCSPStruct(outCSP);
+-    }
++    mDirectives[i]->toDomCSPStruct(outCSP);
+   }
+ }
+ 
+ bool
+ nsCSPPolicy::hasDirective(CSPDirective aDir) const
+ {
+   for (uint32_t i = 0; i < mDirectives.Length(); i++) {
+     if (mDirectives[i]->equals(aDir)) {
+diff --git a/dom/security/nsCSPUtils.h b/dom/security/nsCSPUtils.h
+--- a/dom/security/nsCSPUtils.h
++++ b/dom/security/nsCSPUtils.h
+@@ -85,17 +85,16 @@ static const char* CSPStrDirectives[] = 
+   "frame-src",                 // FRAME_SRC_DIRECTIVE
+   "font-src",                  // FONT_SRC_DIRECTIVE
+   "connect-src",               // CONNECT_SRC_DIRECTIVE
+   "report-uri",                // REPORT_URI_DIRECTIVE
+   "frame-ancestors",           // FRAME_ANCESTORS_DIRECTIVE
+   "reflected-xss",             // REFLECTED_XSS_DIRECTIVE
+   "base-uri",                  // BASE_URI_DIRECTIVE
+   "form-action",               // FORM_ACTION_DIRECTIVE
+-  "referrer",                  // REFERRER_DIRECTIVE
+   "manifest-src",              // MANIFEST_SRC_DIRECTIVE
+   "upgrade-insecure-requests", // UPGRADE_IF_INSECURE_DIRECTIVE
+   "child-src",                 // CHILD_SRC_DIRECTIVE
+   "block-all-mixed-content",   // BLOCK_ALL_MIXED_CONTENT
+   "require-sri-for",           // REQUIRE_SRI_FOR
+   "sandbox",                   // SANDBOX_DIRECTIVE
+   "worker-src"                 // WORKER_SRC_DIRECTIVE
+ };
+@@ -671,25 +670,16 @@ class nsCSPPolicy {
+     bool hasDirective(CSPDirective aDir) const;
+ 
+     inline void setReportOnlyFlag(bool aFlag)
+       { mReportOnly = aFlag; }
+ 
+     inline bool getReportOnlyFlag() const
+       { return mReportOnly; }
+ 
+-    inline void setReferrerPolicy(const nsAString* aValue)
+-      {
+-        mReferrerPolicy = *aValue;
+-        ToLowerCase(mReferrerPolicy);
+-      }
+-
+-    inline void getReferrerPolicy(nsAString& outPolicy) const
+-      { outPolicy.Assign(mReferrerPolicy); }
+-
+     void getReportURIs(nsTArray<nsString> &outReportURIs) const;
+ 
+     void getDirectiveStringForContentType(nsContentPolicyType aContentType,
+                                           nsAString& outDirective) const;
+ 
+     void getDirectiveAsString(CSPDirective aDir, nsAString& outDirective) const;
+ 
+     uint32_t getSandboxFlags() const;
+@@ -700,12 +690,11 @@ class nsCSPPolicy {
+       { return mDirectives.Length(); }
+ 
+     bool visitDirectiveSrcs(CSPDirective aDir, nsCSPSrcVisitor* aVisitor) const;
+ 
+   private:
+     nsUpgradeInsecureDirective* mUpgradeInsecDir;
+     nsTArray<nsCSPDirective*>   mDirectives;
+     bool                        mReportOnly;
+-    nsString                    mReferrerPolicy;
+ };
+ 
+ #endif /* nsCSPUtils_h___ */
+diff --git a/dom/security/test/csp/file_referrerdirective.html b/dom/security/test/csp/file_referrerdirective.html
+deleted file mode 100644
+--- a/dom/security/test/csp/file_referrerdirective.html
++++ /dev/null
+@@ -1,55 +0,0 @@
+-<!DOCTYPE HTML>
+-<html>
+-<head>
+-<title>Subframe test for bug 965727</title>
+-
+-<script type="text/javascript">
+-// we can get the ID out of the querystring.
+-var args = document.location.search.substring(1).split('&');
+-var id = "unknown";
+-for (var i=0; i < args.length; i++) {
+-  var arg = unescape(args[i]);
+-  if (arg.indexOf('=') > 0 && arg.indexOf('id') == 0) {
+-    id = arg.split('=')[1].trim();
+-  }
+-}
+-
+-var results = {
+-  'id': id,
+-  'referrer': document.location.href,
+-  'results': {
+-    'sameorigin': false,
+-    'crossorigin': false,
+-    'downgrade': false
+-  }
+-};
+-
+-// this is called back by each script load.
+-var postResult = function(loadType, referrerLevel, referrer) {
+-  results.results[loadType] = referrerLevel;
+-
+-  // and then check if all three have loaded.
+-  for (var id in results.results) {
+-    if (!results.results[id]) {
+-      return;
+-    }
+-  }
+-  //finished if we don't return early
+-  window.parent.postMessage(JSON.stringify(results), "*");
+-  console.log(JSON.stringify(results));
+-}
+-
+-</script>
+-</head>
+-<body>
+-Testing ...
+-
+-<script src="https://example.com/tests/dom/security/test/csp/referrerdirective.sjs?type=sameorigin&"
+-        onerror="postResult('sameorigin', 'error');"></script>
+-<script src="https://test2.example.com/tests/dom/security/test/csp/referrerdirective.sjs?type=crossorigin&"
+-        onerror="postResult('crossorigin', 'error');"></script>
+-<script src="http://example.com/tests/dom/security/test/csp/referrerdirective.sjs?type=downgrade&"
+-        onerror="postResult('downgrade', 'error');"></script>
+-
+-</body>
+-</html>
+diff --git a/dom/security/test/csp/file_upgrade_insecure_referrer.sjs b/dom/security/test/csp/file_upgrade_insecure_referrer.sjs
+deleted file mode 100644
+--- a/dom/security/test/csp/file_upgrade_insecure_referrer.sjs
++++ /dev/null
+@@ -1,55 +0,0 @@
+-// special *.sjs specifically customized for the needs of
+-// Bug 1139297 and Bug 663570
+-
+-const PRE_HEAD =
+-  "<!DOCTYPE HTML>" +
+-  "<html>" +
+-  "<head>";
+-
+- const POST_HEAD =
+-   "<meta charset='utf-8'>" +
+-   "<title>Bug 1139297 - Implement CSP upgrade-insecure-requests directive</title>" +
+-   "</head>" +
+-   "<body>" +
+-  "<img id='testimage' src='http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_referrer_server.sjs?img'></img>" +
+-  "</body>" +
+-  "</html>";
+-
+-const PRE_CSP = "upgrade-insecure-requests; default-src https:; ";
+-const CSP_REFERRER_ORIGIN = "referrer origin";
+-const CSP_REFEFFER_NO_REFERRER = "referrer no-referrer";
+-
+-function handleRequest(request, response)
+-{
+-  // avoid confusing cache behaviors
+-  response.setHeader("Cache-Control", "no-cache", false);
+-  var queryString = request.queryString;
+-
+-  if (queryString === "test1") {
+-    response.setHeader("Content-Security-Policy", PRE_CSP + CSP_REFERRER_ORIGIN, false);
+-    response.write(PRE_HEAD + POST_HEAD);
+-  	return;
+-  }
+-
+-  if (queryString === "test2") {
+-    response.setHeader("Content-Security-Policy", PRE_CSP + CSP_REFEFFER_NO_REFERRER, false);
+-    response.write(PRE_HEAD + POST_HEAD);
+-  	return;
+-  }
+-
+-  if (queryString === "test3") {
+-  	var metacsp =  "<meta http-equiv=\"Content-Security-Policy\" content = \"" + PRE_CSP + CSP_REFERRER_ORIGIN + "\" >";
+-    response.write(PRE_HEAD + metacsp + POST_HEAD);
+-  	return;
+-  }
+-
+-  if (queryString === "test4") {
+-  	var metacsp =  "<meta http-equiv=\"Content-Security-Policy\" content = \"" + PRE_CSP + CSP_REFEFFER_NO_REFERRER + "\" >";
+-    response.write(PRE_HEAD + metacsp + POST_HEAD);
+-  	return;
+-  }
+-
+-  // we should never get here, but just in case return
+-  // something unexpected
+-  response.write("do'h");
+-}
+diff --git a/dom/security/test/csp/file_upgrade_insecure_referrer_server.sjs b/dom/security/test/csp/file_upgrade_insecure_referrer_server.sjs
+deleted file mode 100644
+--- a/dom/security/test/csp/file_upgrade_insecure_referrer_server.sjs
++++ /dev/null
+@@ -1,56 +0,0 @@
+-// Custom *.sjs file specifically for the needs of Bug:
+-// Bug 1139297 - Implement CSP upgrade-insecure-requests directive
+-
+-// small red image
+-const IMG_BYTES = atob(
+-  "iVBORw0KGgoAAAANSUhEUgAAAAUAAAAFCAYAAACNbyblAAAAHElEQVQI12" +
+-  "P4//8/w38GIAXDIBKE0DHxgljNBAAO9TXL0Y4OHwAAAABJRU5ErkJggg==");
+-
+-function handleRequest(request, response)
+-{
+-  // avoid confusing cache behaviors
+-  response.setHeader("Cache-Control", "no-cache", false);
+-  var queryString = request.queryString;
+-
+-  // (1) lets process the queryresult request async and
+-  // wait till we have received the image request.
+-  if (queryString == "queryresult") {
+-    response.processAsync();
+-    setObjectState("queryResult", response);
+-    return;
+-  }
+-
+-  // (2) Handle the image request and return the referrer
+-  // result back to the stored queryresult request.
+-  if (request.queryString == "img") {
+-    response.setHeader("Content-Type", "image/png");
+-    response.write(IMG_BYTES);
+-
+-    let referrer = "";
+-    try {
+-      referrer = request.getHeader("referer");
+-    } catch (e) {
+-      referrer = "";
+-    }
+-    // make sure the received image request was upgraded to https,
+-    // otherwise we return not only the referrer but also indicate
+-    // that the request was not upgraded to https. Note, that
+-    // all upgrades happen in the browser before any non-secure
+-    // request hits the wire.
+-    referrer += (request.scheme == "https") ?
+-                 "" : " but request is not https";
+-
+-    getObjectState("queryResult", function(queryResponse) {
+-      if (!queryResponse) {
+-        return;
+-      }
+-      queryResponse.write(referrer);
+-      queryResponse.finish();
+-    });
+-    return;
+-  }
+-
+-  // we should not get here ever, but just in case return
+-  // something unexpected.
+-  response.write("doh!");
+-}
+diff --git a/dom/security/test/csp/mochitest.ini b/dom/security/test/csp/mochitest.ini
+--- a/dom/security/test/csp/mochitest.ini
++++ b/dom/security/test/csp/mochitest.ini
+@@ -119,26 +119,23 @@ support-files =
+   file_subframe_run_js_if_allowed.html^headers^
+   file_leading_wildcard.html
+   file_multi_policy_injection_bypass.html
+   file_multi_policy_injection_bypass.html^headers^
+   file_multi_policy_injection_bypass_2.html
+   file_multi_policy_injection_bypass_2.html^headers^
+   file_null_baseuri.html
+   file_form-action.html
+-  file_referrerdirective.html
+   referrerdirective.sjs
+   file_upgrade_insecure.html
+   file_upgrade_insecure_meta.html
+   file_upgrade_insecure_server.sjs
+   file_upgrade_insecure_wsh.py
+   file_upgrade_insecure_reporting.html
+   file_upgrade_insecure_reporting_server.sjs
+-  file_upgrade_insecure_referrer.sjs
+-  file_upgrade_insecure_referrer_server.sjs
+   file_upgrade_insecure_cors.html
+   file_upgrade_insecure_cors_server.sjs
+   file_report_for_import.css
+   file_report_for_import.html
+   file_report_for_import_server.sjs
+   file_service_worker.html
+   file_service_worker.js
+   file_child-src_iframe.html
+@@ -267,25 +264,22 @@ skip-if = toolkit == 'android' # Times o
+ [test_301_redirect.html]
+ [test_302_redirect.html]
+ [test_303_redirect.html]
+ [test_307_redirect.html]
+ [test_subframe_run_js_if_allowed.html]
+ [test_leading_wildcard.html]
+ [test_multi_policy_injection_bypass.html]
+ [test_null_baseuri.html]
+-[test_referrerdirective.html]
+ [test_dual_header.html]
+ [test_upgrade_insecure.html]
+ # no ssl support as well as websocket tests do not work (see test_websocket.html)
+ skip-if = (toolkit == 'android') || (os != 'linux' && !debug) # Bug 1183300
+ [test_upgrade_insecure_reporting.html]
+ skip-if = toolkit == 'android'
+-[test_upgrade_insecure_referrer.html]
+-skip-if = toolkit == 'android'
+ [test_upgrade_insecure_cors.html]
+ skip-if = toolkit == 'android'
+ [test_report_for_import.html]
+ [test_blocked_uri_in_reports.html]
+ [test_service_worker.html]
+ [test_child-src_worker.html]
+ [test_child-src_worker_data.html]
+ [test_child-src_worker-redirect.html]
+diff --git a/dom/security/test/csp/test_referrerdirective.html b/dom/security/test/csp/test_referrerdirective.html
+deleted file mode 100644
+--- a/dom/security/test/csp/test_referrerdirective.html
++++ /dev/null
+@@ -1,143 +0,0 @@
+-<!--
+-  Any copyright is dedicated to the Public Domain.
+-  http://creativecommons.org/publicdomain/zero/1.0/
+--->
+-<!DOCTYPE HTML>
+-<html>
+-<!--
+-https://bugzilla.mozilla.org/show_bug.cgi?id=965727
+--->
+-<head>
+-  <meta charset="utf-8">
+-  <title>Test for Content Security Policy referrer Directive (Bug 965727)</title>
+-  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+-</head>
+-<body>
+-<div id="content" style="display: none">
+-
+-</div>
+-<pre id="test">
+-<script class="testbody" type="application/javascript">
+-/*
+- * This tests various referrer policies and the referrer-sending behavior when
+- * requesting scripts in different ways:
+- *  - cross-origin (https://example.com -> https://test2.example.com)
+- *  - same-origin (https://example.com -> https://example.com)
+- *  - downgrade (https://example.com -> http://example.com)
+- *
+- * Each test creates an iframe that loads scripts for each of the checks.  If
+- * the scripts are blocked, the test fails (they should run).  When loaded,
+- * each script updates a results object in the test page, and then when the
+- * test page has finished loading all the scripts, it postMessages back to this
+- * page.  Once all tests are done, the results are checked.
+- */
+-
+-var testData = {
+-  'default': { 'csp': "script-src * 'unsafe-inline'; referrer default",
+-          'expected': {  'sameorigin': 'full',
+-                        'crossorigin': 'full',
+-                          'downgrade': 'none' }},
+-
+-  'origin':  { 'csp': "script-src * 'unsafe-inline'; referrer origin",
+-          'expected': {  'sameorigin': 'origin',
+-                        'crossorigin': 'origin',
+-                          'downgrade': 'origin' }},
+-
+-  'origin-when-cross-origin':  { 'csp': "script-src * 'unsafe-inline'; referrer origin-when-cross-origin",
+-          'expected': {  'sameorigin': 'full',
+-                        'crossorigin': 'origin',
+-                          'downgrade': 'origin' }},
+-
+-  'unsafe-url':  { 'csp': "script-src * 'unsafe-inline'; referrer unsafe-url",
+-          'expected': {  'sameorigin': 'full',
+-                        'crossorigin': 'full',
+-                          'downgrade': 'full' }},
+-
+-  'none':   { 'csp': "script-src * 'unsafe-inline'; referrer no-referrer",
+-          'expected': {  'sameorigin': 'none',
+-                        'crossorigin': 'none',
+-                          'downgrade': 'none' }},
+-
+-  // referrer delivered through CSPRO should be ignored
+-  'ignore-cspro':  { 'cspro': "script-src * 'unsafe-inline'; referrer origin",
+-          'expected': {  'sameorigin': 'full',
+-                        'crossorigin': 'full',
+-                          'downgrade': 'none' }},
+-
+-  // referrer delivered through CSPRO should be ignored
+-  'ignore-cspro2':   { 'csp'  : "script-src * 'unsafe-inline'; referrer no-referrer",
+-                       'cspro': "script-src * 'unsafe-inline'; referrer origin",
+-         'expected': {  'sameorigin': 'none',
+-                        'crossorigin': 'none',
+-                          'downgrade': 'none' }},
+-  };
+-
+-var referrerDirectiveTests = {
+-  // called via postMessage when one of the iframes is done running.
+-  onIframeComplete: function(event) {
+-    try {
+-      var results = JSON.parse(event.data);
+-      ok(results.hasOwnProperty('id'), "'id' property required in posted message " + event.data);
+-
+-      ok(testData.hasOwnProperty(results['id']), "Test " + results['id'] + " must be expected.");
+-
+-      // check all the various load types' referrers.
+-      var expected = testData[results['id']].expected;
+-      for (var t in expected) {
+-        is(results.results[t], expected[t],
+-          " referrer must match expected for " + t + " in " + results['id']);
+-      }
+-      testData[results['id']]['complete'] = true;
+-
+-    } catch(e) {
+-      // fail -- should always be JSON
+-      ok(false, "failed to parse posted message + " + event.data);
+-      // have to end as well since not all messages were valid.
+-      SimpleTest.finish();
+-    }
+-
+-    referrerDirectiveTests.checkForCompletion();
+-  },
+-
+-  // checks to see if all the parallel tests are done and validates results.
+-  checkForCompletion: function() {
+-    for (var id in testData) {
+-      if (!testData[id].hasOwnProperty('complete')) {
+-        return;
+-      }
+-    }
+-    SimpleTest.finish();
+-  }
+-};
+-
+-SimpleTest.waitForExplicitFinish();
+-// have to disable mixed content blocking to test https->http referrers.
+-SpecialPowers.pushPrefEnv({
+-    'set': [['security.mixed_content.block_active_content',   false],
+-            ['security.mixed_content.block_display_content',  false],
+-    ]
+-    },
+-    function() {
+-      // each of the iframes we create will call us back when its contents are loaded.
+-      window.addEventListener("message", referrerDirectiveTests.onIframeComplete.bind(window));
+-
+-      // one iframe created for each test case
+-      for (var id in testData) {
+-        var elt = document.createElement("iframe");
+-        var src = "https://example.com/tests/dom/security/test/csp/file_testserver.sjs?id=" + id;
+-        if (testData[id]['csp']) {
+-          src += "&csp=" + escape(testData[id]['csp']);
+-        }
+-        if (testData[id]['cspro']) {
+-          src += "&cspro=" + escape(testData[id]['cspro']);
+-        }
+-        src += "&file=tests/dom/security/test/csp/file_referrerdirective.html";
+-        elt.src = src;
+-        document.getElementById("content").appendChild(elt);
+-      }
+-    });
+-</script>
+-</pre>
+-</body>
+-</html>
+diff --git a/dom/security/test/csp/test_upgrade_insecure_referrer.html b/dom/security/test/csp/test_upgrade_insecure_referrer.html
+deleted file mode 100644
+--- a/dom/security/test/csp/test_upgrade_insecure_referrer.html
++++ /dev/null
+@@ -1,85 +0,0 @@
+-<!DOCTYPE HTML>
+-<html>
+-<head>
+-  <meta charset="utf-8">
+-  <title>Bug 1139297 - Implement CSP upgrade-insecure-requests directive</title>
+-  <!-- Including SimpleTest.js so we can use waitForExplicitFinish !-->
+-  <script type="text/javascript" src="/tests/SimpleTest/SimpleTest.js"></script>
+-  <link rel="stylesheet" type="text/css" href="/tests/SimpleTest/test.css" />
+-</head>
+-<body>
+-<iframe style="width:100%;" id="testframe"></iframe>
+-
+-<script class="testbody" type="text/javascript">
+-
+-/* Description of the test:
+- * We load a page that makes use of the CSP referrer directive as well
+- * as upgrade-insecure-requests. The page loads an image over http.
+- * The test makes sure the request gets upgraded to https and the
+- * correct referrer gets sent.
+- */
+-
+-var tests = [
+-  {
+-    query: "test1",
+-    description: "upgrade insecure request with 'referrer = origin' (CSP in header)",
+-    result: "http://example.com/"
+-  },
+-  {
+-    query: "test2",
+-    description: "upgrade insecure request with 'referrer = no-referrer' (CSP in header)",
+-    result: ""
+-  },
+-  {
+-    query: "test3",
+-    description: "upgrade insecure request with 'referrer = origin' (Meta CSP)",
+-    result: "http://example.com/"
+-  },
+-  {
+-    query: "test4",
+-    description: "upgrade insecure request with 'referrer = no-referrer' (Meta CSP)",
+-    result: ""
+-  }
+-];
+-
+-var counter = 0;
+-var curTest;
+-
+-function loadTestPage() {
+-  curTest = tests[counter++];
+-  var src = "http://example.com/tests/dom/security/test/csp/file_upgrade_insecure_referrer.sjs?";
+-  // append the query
+-  src += curTest.query;
+-  document.getElementById("testframe").src = src;
+-}
+-
+-function runNextTest() {
+-  // sends a request to the server which is processed async and returns
+-  // once the server received the expected image request
+-  var myXHR = new XMLHttpRequest();
+-  myXHR.open("GET", "file_upgrade_insecure_referrer_server.sjs?queryresult");
+-  myXHR.onload = function(e) {
+-    is(myXHR.responseText, curTest.result, curTest.description);
+-    if (counter == tests.length) {
+-      SimpleTest.finish();
+-      return;
+-    }
+-    // move on to the next test by setting off another query request.
+-    runNextTest();
+-  }
+-  myXHR.onerror = function(e) {
+-    ok(false, "could not query results from server (" + e.message + ")");
+-    SimpleTest.finish();
+-  }
+-  myXHR.send();
+-
+-  // give it some time and load the testpage
+-  SimpleTest.executeSoon(loadTestPage);
+-}
+-
+-SimpleTest.waitForExplicitFinish();
+-runNextTest();
+-
+-</script>
+-</body>
+-</html>
+diff --git a/dom/security/test/gtest/TestCSPParser.cpp b/dom/security/test/gtest/TestCSPParser.cpp
+--- a/dom/security/test/gtest/TestCSPParser.cpp
++++ b/dom/security/test/gtest/TestCSPParser.cpp
+@@ -207,18 +207,16 @@ TEST(CSPParser, Directives)
+     { "script-src 'nonce-correctscriptnonce'",
+       "script-src 'nonce-correctscriptnonce'" },
+     { "script-src 'nonce-a'",
+       "script-src 'nonce-a'" },
+     { "script-src 'sha256-a'",
+       "script-src 'sha256-a'" },
+     { "script-src 'sha256-siVR8vAcqP06h2ppeNwqgjr0yZ6yned4X2VF84j4GmI='",
+       "script-src 'sha256-siVR8vAcqP06h2ppeNwqgjr0yZ6yned4X2VF84j4GmI='" },
+-    { "referrer no-referrer",
+-      "referrer no-referrer" },
+     { "require-sri-for script style",
+       "require-sri-for script style"},
+     { "script-src 'nonce-foo' 'unsafe-inline' ",
+       "script-src 'nonce-foo' 'unsafe-inline'" },
+     { "script-src 'nonce-foo' 'strict-dynamic' 'unsafe-inline' https:  ",
+       "script-src 'nonce-foo' 'strict-dynamic' 'unsafe-inline' https:" },
+     { "default-src 'sha256-siVR8' 'strict-dynamic' 'unsafe-inline' https:  ",
+       "default-src 'sha256-siVR8' 'unsafe-inline' https:" },
+@@ -283,18 +281,16 @@ TEST(CSPParser, IgnoreUpperLowerCasePoli
+     { "script-src 'none' test.com;",
+       "script-src http://test.com" },
+     { "script-src 'NoNCE-correctscriptnonce'",
+       "script-src 'nonce-correctscriptnonce'" },
+     { "script-src 'NoncE-NONCENEEDSTOBEUPPERCASE'",
+       "script-src 'nonce-NONCENEEDSTOBEUPPERCASE'" },
+     { "script-src 'SHA256-siVR8vAcqP06h2ppeNwqgjr0yZ6yned4X2VF84j4GmI='",
+       "script-src 'sha256-siVR8vAcqP06h2ppeNwqgjr0yZ6yned4X2VF84j4GmI='" },
+-    { "refERRer No-refeRRer",
+-      "referrer no-referrer" },
+     { "upgrade-INSECURE-requests",
+       "upgrade-insecure-requests" },
+     { "sanDBox alloW-foRMs",
+       "sandbox allow-forms"},
+     { "require-SRI-for sCript stYle",
+       "require-sri-for script style"},
+   };
+ 
+@@ -578,18 +574,16 @@ TEST(CSPParser, BadPolicies)
+   static const PolicyTest policies[] =
+   {
+     { "script-sr 'self", "" },
+     { "", "" },
+     { "; ; ; ; ; ; ;", "" },
+     { "defaut-src asdf", "" },
+     { "default-src: aaa", "" },
+     { "asdf http://test.com", ""},
+-    { "referrer", ""},
+-    { "referrer foo", ""},
+     { "require-sri-for", ""},
+     { "require-sri-for foo", ""},
+     { "report-uri", ""},
+     { "report-uri http://:foo", ""},
+   };
+ 
+   uint32_t policyCount = sizeof(policies) / sizeof(PolicyTest);
+   ASSERT_TRUE(NS_SUCCEEDED(runTestSuite(policies, policyCount, 0)));
+diff --git a/dom/workers/WorkerLoadInfo.cpp b/dom/workers/WorkerLoadInfo.cpp
+--- a/dom/workers/WorkerLoadInfo.cpp
++++ b/dom/workers/WorkerLoadInfo.cpp
+@@ -173,26 +173,16 @@ WorkerLoadInfo::SetPrincipalOnMainThread
+   mPrincipal = aPrincipal;
+   mPrincipalIsSystem = nsContentUtils::IsSystemPrincipal(aPrincipal);
+ 
+   nsresult rv = aPrincipal->GetCsp(getter_AddRefs(mCSP));
+   NS_ENSURE_SUCCESS(rv, rv);
+ 
+   if (mCSP) {
+     mCSP->GetAllowsEval(&mReportCSPViolations, &mEvalAllowed);
+-    // Set ReferrerPolicy
+-    bool hasReferrerPolicy = false;
+-    uint32_t rp = mozilla::net::RP_Unset;
+-
+-    rv = mCSP->GetReferrerPolicy(&rp, &hasReferrerPolicy);
+-    NS_ENSURE_SUCCESS(rv, rv);
+-
+-    if (hasReferrerPolicy) {
+-      mReferrerPolicy = static_cast<net::ReferrerPolicy>(rp);
+-    }
+   } else {
+     mEvalAllowed = true;
+     mReportCSPViolations = false;
+   }
+ 
+   mLoadGroup = aLoadGroup;
+ 
+   mPrincipalInfo = new PrincipalInfo();
+diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp
+--- a/dom/workers/WorkerPrivate.cpp
++++ b/dom/workers/WorkerPrivate.cpp
+@@ -1691,30 +1691,20 @@ WorkerPrivateParent<Derived>::SetCSPFrom
+   }
+ 
+   // Set evalAllowed, default value is set in GetAllowsEval
+   bool evalAllowed = false;
+   bool reportEvalViolations = false;
+   rv = csp->GetAllowsEval(&reportEvalViolations, &evalAllowed);
+   NS_ENSURE_SUCCESS(rv, rv);
+ 
+-  // Set ReferrerPolicy, default value is set in GetReferrerPolicy
+-  bool hasReferrerPolicy = false;
+-  uint32_t rp = mozilla::net::RP_Unset;
+-  rv = csp->GetReferrerPolicy(&rp, &hasReferrerPolicy);
+-  NS_ENSURE_SUCCESS(rv, rv);
+-
+   mLoadInfo.mCSP = csp;
+   mLoadInfo.mEvalAllowed = evalAllowed;
+   mLoadInfo.mReportCSPViolations = reportEvalViolations;
+ 
+-  if (hasReferrerPolicy) {
+-    mLoadInfo.mReferrerPolicy = static_cast<net::ReferrerPolicy>(rp);
+-  }
+-
+   return NS_OK;
+ }
+ 
+ template <class Derived>
+ void
+ WorkerPrivateParent<Derived>::SetReferrerPolicyFromHeaderValue(
+                                   const nsACString& aReferrerPolicyHeaderValue)
+ {
+diff --git a/netwerk/base/ReferrerPolicy.h b/netwerk/base/ReferrerPolicy.h
+--- a/netwerk/base/ReferrerPolicy.h
++++ b/netwerk/base/ReferrerPolicy.h
+@@ -108,40 +108,16 @@ ReferrerPolicyFromString(const nsAString
+       lowerContent.EqualsLiteral(kRPS_Unsafe_URL)) {
+     return RP_Unsafe_URL;
+   }
+   // Spec says if none of the previous match, use empty string.
+   return RP_Unset;
+ 
+ }
+ 
+-inline bool
+-IsValidReferrerPolicy(const nsAString& content)
+-{
+-  if (content.IsEmpty()) {
+-    return true;
+-  }
+-
+-  nsString lowerContent(content);
+-  ToLowerCase(lowerContent);
+-
+-  return lowerContent.EqualsLiteral(kRPS_Never)
+-      || lowerContent.EqualsLiteral(kRPS_No_Referrer)
+-      || lowerContent.EqualsLiteral(kRPS_Origin)
+-      || lowerContent.EqualsLiteral(kRPS_Default)
+-      || lowerContent.EqualsLiteral(kRPS_No_Referrer_When_Downgrade)
+-      || lowerContent.EqualsLiteral(kRPS_Origin_When_Cross_Origin)
+-      || lowerContent.EqualsLiteral(kRPS_Origin_When_Crossorigin)
+-      || lowerContent.EqualsLiteral(kRPS_Same_Origin)
+-      || lowerContent.EqualsLiteral(kRPS_Strict_Origin)
+-      || lowerContent.EqualsLiteral(kRPS_Strict_Origin_When_Cross_Origin)
+-      || lowerContent.EqualsLiteral(kRPS_Always)
+-      || lowerContent.EqualsLiteral(kRPS_Unsafe_URL);
+-}
+-
+ inline ReferrerPolicy
+ AttributeReferrerPolicyFromString(const nsAString& content)
+ {
+   // Specs : https://html.spec.whatwg.org/multipage/infrastructure.html#referrer-policy-attribute
+   // Spec says the empty string "" corresponds to no referrer policy, or RP_Unset
+   if (content.IsEmpty()) {
+     return RP_Unset;
+   }
+diff --git a/parser/html/nsHtml5TreeOpExecutor.cpp b/parser/html/nsHtml5TreeOpExecutor.cpp
+--- a/parser/html/nsHtml5TreeOpExecutor.cpp
++++ b/parser/html/nsHtml5TreeOpExecutor.cpp
+@@ -1171,25 +1171,16 @@ nsHtml5TreeOpExecutor::AddSpeculationCSP
+ 
+   // please note that meta CSPs and CSPs delivered through a header need
+   // to be joined together.
+   rv = preloadCsp->AppendPolicy(aCSP,
+                                 false, // csp via meta tag can not be report only
+                                 true); // delivered through the meta tag
+   NS_ENSURE_SUCCESS_VOID(rv);
+ 
+-  // Record "speculated" referrer policy for preloads
+-  bool hasReferrerPolicy = false;
+-  uint32_t referrerPolicy = mozilla::net::RP_Unset;
+-  rv = preloadCsp->GetReferrerPolicy(&referrerPolicy, &hasReferrerPolicy);
+-  NS_ENSURE_SUCCESS_VOID(rv);
+-  if (hasReferrerPolicy) {
+-    SetSpeculationReferrerPolicy(static_cast<ReferrerPolicy>(referrerPolicy));
+-  }
+-
+   mDocument->ApplySettingsFromCSP(true);
+ }
+ 
+ void
+ nsHtml5TreeOpExecutor::SetSpeculationReferrerPolicy(ReferrerPolicy aReferrerPolicy)
+ {
+   // Record "speculated" referrer policy locally and thread through the
+   // speculation phase.  The actual referrer policy will be set by
+diff --git a/toolkit/components/telemetry/Histograms.json b/toolkit/components/telemetry/Histograms.json
+--- a/toolkit/components/telemetry/Histograms.json
++++ b/toolkit/components/telemetry/Histograms.json
+@@ -2627,24 +2627,16 @@
+   "CSP_UNSAFE_EVAL_DOCUMENTS_COUNT": {
+     "record_in_processes": ["main", "content"],
+     "alert_emails": ["seceng-telemetry@mozilla.com"],
+     "bug_numbers": [1252829],
+     "expires_in_version": "60",
+     "kind": "count",
+     "description": "Number of unique pages that contain an unsafe-eval CSP directive"
+   },
+-  "CSP_REFERRER_DIRECTIVE": {
+-    "record_in_processes": ["main", "content"],
+-    "alert_emails": ["seceng-telemetry@mozilla.com"],
+-    "bug_numbers": [1303685],
+-    "expires_in_version": "60",
+-    "kind": "boolean",
+-    "description": "Whether a document with a CSP policy (report-only or enforcing) contains a referrer directive ('true') or not ('false')."
+-  },
+   "LINK_ICON_SIZES_ATTR_USAGE": {
+     "record_in_processes": ["main", "content"],
+     "expires_in_version" : "never",
+     "kind": "enumerated",
+     "n_values": 4,
+     "description": "The possible types of the 'sizes' attribute for <link rel=icon>. 0: Attribute not specified, 1: 'any', 2: Integer dimensions, 3: Invalid value."
+   },
+   "LINK_ICON_SIZES_ATTR_DIMENSION": {

mozilla-release/patches/1348273-63a1.patch

@@ -2,7 +2,7 @@
 # User Gabriele Svelto <gsvelto@mozilla.com>
 # Date 1530798131 -7200
 # Node ID 42e2eeaca65d313926e962b6583d52d4bcab6d15
-# Parent  6a7bd481bf085d68a8f4b17118ec40cf07bf87d5
+# Parent  6f8c3951178f805650325a9fecc821a34ea4a21c
 Bug 1348273 - Convert crash annotations into a machine-readable list of constants; r=ted.mielczarek,njn,dholbert,mak,cpearce,mcmanus,froydnj,Dexter,jrmuizel,jchen,jimm,bz,surkov
 
 This introduces the machinery needed to generate crash annotations from a YAML
@@ -130,7 +130,7 @@ diff --git a/accessible/windows/msaa/Platform.cpp b/accessible/windows/msaa/Plat
 diff --git a/docshell/base/nsDocShell.cpp b/docshell/base/nsDocShell.cpp
 --- a/docshell/base/nsDocShell.cpp
 +++ b/docshell/base/nsDocShell.cpp
-@@ -2407,18 +2407,18 @@ nsDocShell::GetUseRemoteTabs(bool* aUseR
+@@ -1814,18 +1814,18 @@ nsDocShell::GetUseRemoteTabs(bool* aUseR
    *aUseRemoteTabs = mUseRemoteTabs;
    return NS_OK;
  }
@@ -184,7 +184,7 @@ new file mode 100644
 diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp
 --- a/dom/ipc/ContentChild.cpp
 +++ b/dom/ipc/ContentChild.cpp
-@@ -1626,26 +1626,23 @@ ContentChild::RecvSetProcessSandbox(cons
+@@ -1664,26 +1664,23 @@ ContentChild::RecvSetProcessSandbox(cons
    }
  #elif defined(XP_WIN)
    mozilla::SandboxTarget::Instance()->StartSandbox();
@@ -215,7 +215,7 @@ diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp
  
  mozilla::ipc::IPCResult
  ContentChild::RecvBidiKeyboardNotify(const bool& aIsLangRTL,
-@@ -2244,17 +2241,18 @@ ContentChild::ProcessingError(Result aCo
+@@ -2282,17 +2279,18 @@ ContentChild::ProcessingError(Result aCo
      case MsgValueError:
        break;
  
@@ -235,7 +235,7 @@ diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp
  ContentChild::AddRemoteAlertObserver(const nsString& aData,
                                       nsIObserver* aObserver)
  {
-@@ -2831,18 +2829,19 @@ ContentChild::ForceKillTimerCallback(nsI
+@@ -2869,18 +2867,19 @@ ContentChild::ForceKillTimerCallback(nsI
  
  mozilla::ipc::IPCResult
  ContentChild::RecvShutdown()
@@ -257,7 +257,7 @@ diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp
    // SchedulerGroup, there can be no other cooperative threads doing work while
    // we're running.
    if (mainThread && mainThread->RecursionDepth() > 1) {
-@@ -2885,20 +2884,21 @@ ContentChild::RecvShutdown()
+@@ -2923,20 +2922,21 @@ ContentChild::RecvShutdown()
    }
  #endif
  
@@ -285,7 +285,7 @@ diff --git a/dom/ipc/ContentChild.cpp b/dom/ipc/ContentChild.cpp
 diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
 --- a/dom/ipc/ContentParent.cpp
 +++ b/dom/ipc/ContentParent.cpp
-@@ -3041,23 +3041,21 @@ ContentParent::KillHard(const char* aRea
+@@ -3054,23 +3054,21 @@ ContentParent::KillHard(const char* aRea
    // of the parent and child for submission to the crash server.
    if (mCrashReporter) {
      // GeneratePairedMinidump creates two minidumps for us - the main
@@ -316,7 +316,7 @@ diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
 diff --git a/dom/ipc/TabChild.cpp b/dom/ipc/TabChild.cpp
 --- a/dom/ipc/TabChild.cpp
 +++ b/dom/ipc/TabChild.cpp
-@@ -1157,17 +1157,17 @@ TabChild::RecvLoadURL(const nsCString& a
+@@ -1156,17 +1156,17 @@ TabChild::RecvLoadURL(const nsCString& a
      WebNavigation()->LoadURI(NS_ConvertUTF8toUTF16(aURI).get(),
                               nsIWebNavigation::LOAD_FLAGS_ALLOW_THIRD_PARTY_FIXUP |
                               nsIWebNavigation::LOAD_FLAGS_DISALLOW_INHERIT_PRINCIPAL,
@@ -775,7 +775,7 @@ diff --git a/ipc/glue/CrashReporterHost.cpp b/ipc/glue/CrashReporterHost.cpp
  public:
 @@ -214,21 +215,21 @@ CrashReporterHost::GenerateMinidumpAndPa
                                          getter_AddRefs(mTargetDump),
-                                         Move(callback),
+                                         std::move(callback),
                                          aAsync);
  }
  
@@ -1744,7 +1744,7 @@ new file mode 100644
 diff --git a/layout/style/ServoBindings.h b/layout/style/ServoBindings.h
 --- a/layout/style/ServoBindings.h
 +++ b/layout/style/ServoBindings.h
-@@ -688,17 +688,17 @@ void Gecko_UnregisterProfilerThread();
+@@ -690,17 +690,17 @@ void Gecko_UnregisterProfilerThread();
  bool Gecko_DocumentRule_UseForPresentation(RawGeckoPresContextBorrowed,
                                             const nsACString* aPattern,
                                             mozilla::css::URLMatchingFunction aURLMatchingFunction);
@@ -4627,7 +4627,7 @@ diff --git a/toolkit/crashreporter/test/unit/test_oom_annotation_windows.js b/to
 diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
 --- a/toolkit/xre/nsAppRunner.cpp
 +++ b/toolkit/xre/nsAppRunner.cpp
-@@ -1210,17 +1210,50 @@ nsXULAppInfo::GetExtraFileForID(const ns
+@@ -1199,17 +1199,50 @@ nsXULAppInfo::GetExtraFileForID(const ns
  
    return NS_OK;
  }
@@ -4679,7 +4679,7 @@ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
    return CrashReporter::AppendAppNotesToCrashReport(data);
  }
  
-@@ -3299,49 +3332,49 @@ XREMain::XRE_mainInit(bool* aExitFlag)
+@@ -3288,49 +3321,49 @@ XREMain::XRE_mainInit(bool* aExitFlag)
      rv = mDirProvider.GetUserAppDataDirectory(getter_AddRefs(file));
      if (NS_SUCCEEDED(rv)) {
        CrashReporter::SetUserAppDataDirectory(file);
@@ -4742,7 +4742,7 @@ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
  
      // annotate other data (user id etc)
      nsCOMPtr<nsIFile> userAppDataDir;
-@@ -3486,26 +3519,25 @@ XREMain::XRE_mainInit(bool* aExitFlag)
+@@ -3475,26 +3508,25 @@ XREMain::XRE_mainInit(bool* aExitFlag)
              cpuUpdateRevision = static_cast<int>(updateRevision[0]);
              break;
            }
@@ -4774,7 +4774,7 @@ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
    if (ar == ARG_BAD) {
      PR_fprintf(PR_STDERR, "Error: argument --no-remote is invalid when argument --osint is specified\n");
      return 1;
-@@ -3618,18 +3650,19 @@ static void AnnotateSystemManufacturer()
+@@ -3607,18 +3639,19 @@ static void AnnotateSystemManufacturer()
    }
  
    VARIANT value;
@@ -4796,7 +4796,7 @@ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
  static void PR_CALLBACK AnnotateSystemManufacturer_ThreadStart(void*)
  {
    HRESULT hr = CoInitialize(nullptr);
-@@ -4229,34 +4262,33 @@ void AddSandboxAnnotations()
+@@ -4218,34 +4251,33 @@ void AddSandboxAnnotations()
  {
    // Include the sandbox content level, regardless of platform
    int level = GetEffectiveContentSandboxLevel();
@@ -4833,7 +4833,7 @@ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
   * the calling of appStartup->Run().
   */
  nsresult
-@@ -4300,26 +4332,28 @@ XREMain::XRE_mainRun()
+@@ -4289,26 +4321,28 @@ XREMain::XRE_mainRun()
    if (NS_SUCCEEDED(rv)) {
      nsCOMPtr<nsIPrefBranch> defaultPrefBranch;
      rv = prefs->GetDefaultBranch(nullptr, getter_AddRefs(defaultPrefBranch));
@@ -4868,7 +4868,7 @@ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
  #ifdef XP_WIN
    PR_CreateThread(PR_USER_THREAD, AnnotateSystemManufacturer_ThreadStart, 0,
                    PR_PRIORITY_LOW, PR_GLOBAL_THREAD, PR_UNJOINABLE_THREAD, 0);
-@@ -4458,17 +4492,18 @@ XREMain::XRE_mainRun()
+@@ -4447,17 +4481,18 @@ XREMain::XRE_mainRun()
    // As FilePreferences need the profile directory, we must initialize right here.
    mozilla::FilePreferences::InitDirectoriesWhitelist();
    mozilla::FilePreferences::InitPrefs();
@@ -4888,7 +4888,7 @@ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
    nsCOMPtr<nsIFile> workingDir;
    rv = NS_GetSpecialDirectory(NS_OS_CURRENT_WORKING_DIR, getter_AddRefs(workingDir));
    NS_ENSURE_SUCCESS(rv, NS_ERROR_FAILURE);
-@@ -4549,18 +4584,18 @@ XREMain::XRE_mainRun()
+@@ -4538,18 +4573,18 @@ XREMain::XRE_mainRun()
  
      nsCOMPtr<nsIObserverService> obsService =
        mozilla::services::GetObserverService();
@@ -4909,7 +4909,7 @@ diff --git a/toolkit/xre/nsAppRunner.cpp b/toolkit/xre/nsAppRunner.cpp
      rv = cmdLine->Run();
      NS_ENSURE_SUCCESS_LOG(rv, NS_ERROR_FAILURE);
  
-@@ -4595,17 +4630,17 @@ XREMain::XRE_mainRun()
+@@ -4584,17 +4619,17 @@ XREMain::XRE_mainRun()
  #if defined(MOZ_SANDBOX) && defined(XP_LINUX)
    // If we're on Linux, we now have information about the OS capabilities
    // available to us.
@@ -5093,7 +5093,7 @@ diff --git a/xpcom/base/AvailableMemoryTracker.cpp b/xpcom/base/AvailableMemoryT
 diff --git a/xpcom/base/CycleCollectedJSRuntime.cpp b/xpcom/base/CycleCollectedJSRuntime.cpp
 --- a/xpcom/base/CycleCollectedJSRuntime.cpp
 +++ b/xpcom/base/CycleCollectedJSRuntime.cpp
-@@ -1440,29 +1440,45 @@ CycleCollectedJSRuntime::FinalizeDeferre
+@@ -1447,29 +1447,45 @@ CycleCollectedJSRuntime::FinalizeDeferre
    if (aType == CycleCollectedJSContext::FinalizeIncrementally) {
      NS_IdleDispatchToCurrentThread(do_AddRef(mFinalizeRunnable), 2500);
    } else {

mozilla-release/patches/1440771-1-60a1.patch

@@ -0,0 +1,154 @@
+# HG changeset patch
+# User Nika Layzell <nika@thelayzells.com>
+# Date 1519417598 18000
+#      Fri Feb 23 15:26:38 2018 -0500
+# Node ID d506f9eb0db6d368cd0155d8088e362db64daa41
+# Parent  14c593ecf7259dd98abb81f51bb4dd63edc4ebf9
+Bug 1440771 - Part 1: Add a ParamTraits impl for nsCOMPtr<nsIInputStream>, r=baku
+
+MozReview-Commit-ID: dfZJH1cWnW
+
+diff --git a/ipc/glue/IPCStreamUtils.cpp b/ipc/glue/IPCStreamUtils.cpp
+--- a/ipc/glue/IPCStreamUtils.cpp
++++ b/ipc/glue/IPCStreamUtils.cpp
+@@ -4,18 +4,18 @@
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ #include "IPCStreamUtils.h"
+ 
+ #include "nsIIPCSerializableInputStream.h"
+ 
+ #include "mozilla/Assertions.h"
+-#include "mozilla/dom/nsIContentChild.h"
+-#include "mozilla/dom/PContentParent.h"
++#include "mozilla/dom/ContentChild.h"
++#include "mozilla/dom/ContentParent.h"
+ #include "mozilla/dom/File.h"
+ #include "mozilla/ipc/FileDescriptorSetChild.h"
+ #include "mozilla/ipc/FileDescriptorSetParent.h"
+ #include "mozilla/ipc/InputStreamUtils.h"
+ #include "mozilla/ipc/IPCStreamDestination.h"
+ #include "mozilla/ipc/IPCStreamSource.h"
+ #include "mozilla/ipc/PBackgroundChild.h"
+ #include "mozilla/ipc/PBackgroundParent.h"
+@@ -620,10 +620,74 @@ AutoIPCStream::TakeOptionalValue()
+   MOZ_ASSERT(!mTaken);
+   MOZ_ASSERT(!mValue);
+   MOZ_ASSERT(mOptionalValue);
+   mTaken = true;
+   AssertValidValueToTake(*mOptionalValue);
+   return *mOptionalValue;
+ }
+ 
++void
++IPDLParamTraits<nsCOMPtr<nsIInputStream>>::Write(IPC::Message* aMsg,
++                                                 IProtocol* aActor,
++                                                 const nsCOMPtr<nsIInputStream>& aParam)
++{
++  mozilla::ipc::AutoIPCStream autoStream;
++  bool ok = false;
++  bool found = false;
++
++  // We can only serialize our nsIInputStream if it's going to be sent over one
++  // of the protocols we support, or a protocol which is managed by one of the
++  // protocols we support.
++  IProtocol* actor = aActor;
++  while (!found && actor) {
++    switch (actor->GetProtocolTypeId()) {
++      case PContentMsgStart:
++        if (actor->GetSide() == mozilla::ipc::ParentSide) {
++          ok = autoStream.Serialize(
++            aParam, static_cast<mozilla::dom::ContentParent*>(actor));
++        } else {
++          MOZ_RELEASE_ASSERT(actor->GetSide() == mozilla::ipc::ChildSide);
++          ok = autoStream.Serialize(
++            aParam, static_cast<mozilla::dom::ContentChild*>(actor));
++        }
++        found = true;
++        break;
++      case PBackgroundMsgStart:
++        if (actor->GetSide() == mozilla::ipc::ParentSide) {
++          ok = autoStream.Serialize(
++            aParam, static_cast<mozilla::ipc::PBackgroundParent*>(actor));
++        } else {
++          MOZ_RELEASE_ASSERT(actor->GetSide() == mozilla::ipc::ChildSide);
++          ok = autoStream.Serialize(
++            aParam, static_cast<mozilla::ipc::PBackgroundChild*>(actor));
++        }
++        found = true;
++        break;
++    }
++
++    // Try the actor's manager.
++    actor = actor->Manager();
++  }
++
++  if (!found) {
++    aActor->FatalError("Attempt to send nsIInputStream over an unsupported ipdl protocol");
++  }
++  MOZ_RELEASE_ASSERT(ok, "Failed to serialize nsIInputStream");
++
++  WriteIPDLParam(aMsg, aActor, autoStream.TakeOptionalValue());
++}
++
++bool
++IPDLParamTraits<nsCOMPtr<nsIInputStream>>::Read(const IPC::Message* aMsg, PickleIterator* aIter,
++                                                IProtocol* aActor, nsCOMPtr<nsIInputStream>* aResult)
++{
++  mozilla::ipc::OptionalIPCStream ipcStream;
++  if (!ReadIPDLParam(aMsg, aIter, aActor, &ipcStream)) {
++    return false;
++  }
++
++  *aResult = mozilla::ipc::DeserializeIPCStream(ipcStream);
++  return true;
++}
++
+ } // namespace ipc
+ } // namespace mozilla
+diff --git a/ipc/glue/IPCStreamUtils.h b/ipc/glue/IPCStreamUtils.h
+--- a/ipc/glue/IPCStreamUtils.h
++++ b/ipc/glue/IPCStreamUtils.h
+@@ -3,16 +3,17 @@
+ /* This Source Code Form is subject to the terms of the Mozilla Public
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ #ifndef mozilla_ipc_IPCStreamUtils_h
+ #define mozilla_ipc_IPCStreamUtils_h
+ 
+ #include "mozilla/ipc/IPCStream.h"
++#include "nsCOMPtr.h"
+ #include "nsIInputStream.h"
+ 
+ namespace mozilla {
+ 
+ namespace dom {
+ class nsIContentChild;
+ class nsIContentParent;
+ }
+@@ -182,12 +183,23 @@ public:
+   TakeOptionalValue();
+ 
+ private:
+   AutoIPCStream(const AutoIPCStream& aOther) = delete;
+   AutoIPCStream& operator=(const AutoIPCStream& aOther) = delete;
+   AutoIPCStream& operator=(const AutoIPCStream&& aOther) = delete;
+ };
+ 
++template<>
++struct IPDLParamTraits<nsCOMPtr<nsIInputStream>>
++{
++  typedef nsCOMPtr<nsIInputStream> paramType;
++
++  static void Write(IPC::Message* aMsg, IProtocol* aActor,
++                    const paramType& aParam);
++  static bool Read(const IPC::Message* aMsg, PickleIterator* aIter,
++                   IProtocol* aActor, paramType* aResult);
++};
++
+ } // namespace ipc
+ } // namespace mozilla
+ 
+ #endif // mozilla_ipc_IPCStreamUtils_h

mozilla-release/patches/1440771-2-60a1.patch

@@ -0,0 +1,107 @@
+# HG changeset patch
+# User Nika Layzell <nika@thelayzells.com>
+# Date 1519417691 18000
+#      Fri Feb 23 15:28:11 2018 -0500
+# Node ID 945995a0a8dbc0230b0dee0e2dc9fa0e0a4d5ce5
+# Parent  d506f9eb0db6d368cd0155d8088e362db64daa41
+Bug 1440771 - Part 2: Use nsCOMPtr<nsIInputStream> directly in PCacheStreamControl, r=baku
+
+MozReview-Commit-ID: 1Ab49lZtxTI
+
+diff --git a/dom/cache/CacheStreamControlChild.cpp b/dom/cache/CacheStreamControlChild.cpp
+--- a/dom/cache/CacheStreamControlChild.cpp
++++ b/dom/cache/CacheStreamControlChild.cpp
+@@ -120,19 +120,18 @@ CacheStreamControlChild::OpenStream(cons
+   // If we are on a worker, then we need to hold it alive until the async
+   // IPC operation below completes.  While the IPC layer will trigger a
+   // rejection here in many cases, we must handle the case where the
+   // MozPromise resolve runnable is already in the event queue when the
+   // worker wants to shut down.
+   RefPtr<CacheWorkerHolder> holder = GetWorkerHolder();
+ 
+   SendOpenStream(aId)->Then(GetCurrentThreadSerialEventTarget(), __func__,
+-  [aResolver, holder](const OptionalIPCStream& aOptionalStream) {
+-    nsCOMPtr<nsIInputStream> stream = DeserializeIPCStream(aOptionalStream);
+-    aResolver(Move(stream));
++  [aResolver, holder](const nsCOMPtr<nsIInputStream>& aOptionalStream) {
++    aResolver(nsCOMPtr<nsIInputStream>(aOptionalStream));
+   }, [aResolver, holder](ResponseRejectReason aReason) {
+     aResolver(nullptr);
+   });
+ }
+ 
+ void
+ CacheStreamControlChild::NoteClosedAfterForget(const nsID& aId)
+ {
+diff --git a/dom/cache/CacheStreamControlParent.cpp b/dom/cache/CacheStreamControlParent.cpp
+--- a/dom/cache/CacheStreamControlParent.cpp
++++ b/dom/cache/CacheStreamControlParent.cpp
+@@ -122,30 +122,18 @@ CacheStreamControlParent::ActorDestroy(A
+ }
+ 
+ mozilla::ipc::IPCResult
+ CacheStreamControlParent::RecvOpenStream(const nsID& aStreamId,
+                                          OpenStreamResolver&& aResolver)
+ {
+   NS_ASSERT_OWNINGTHREAD(CacheStreamControlParent);
+ 
+-  // This is safe because:
+-  //  1. We add ourself to the Manager as an operation Listener in OpenStream().
+-  //  2. We remove ourself as a Listener from the Manager in ActorDestroy().
+-  //  3. The Manager will not "complete" the operation if the Listener has
+-  //     been removed.  This means the lambda will not be invoked.
+-  //  4. The ActorDestroy() will also cause the child-side MozPromise for
+-  //     this async returning method to be rejected.  So we don't have to
+-  //     call the resolver in this case.
+-  CacheStreamControlParent* self = this;
+-
+-  OpenStream(aStreamId, [self, aResolver](nsCOMPtr<nsIInputStream>&& aStream) {
+-      AutoIPCStream stream;
+-      Unused << stream.Serialize(aStream, self->Manager());
+-      aResolver(stream.TakeOptionalValue());
++  OpenStream(aStreamId, [aResolver](nsCOMPtr<nsIInputStream>&& aStream) {
++      aResolver(aStream);
+     });
+ 
+   return IPC_OK();
+ }
+ 
+ mozilla::ipc::IPCResult
+ CacheStreamControlParent::RecvNoteClosed(const nsID& aId)
+ {
+diff --git a/dom/cache/PCacheStreamControl.ipdl b/dom/cache/PCacheStreamControl.ipdl
+--- a/dom/cache/PCacheStreamControl.ipdl
++++ b/dom/cache/PCacheStreamControl.ipdl
+@@ -1,30 +1,30 @@
+ /* This Source Code Form is subject to the terms of the Mozilla Public
+  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+  * You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ include protocol PBackground;
+ include protocol PFileDescriptorSet;
+ include protocol PChildToParentStream;
+ include protocol PParentToChildStream;
+-include IPCStream;
+ 
+ using struct nsID from "nsID.h";
++using nsCOMPtr<nsIInputStream> from "mozilla/ipc/IPCStreamUtils.h";
+ 
+ namespace mozilla {
+ namespace dom {
+ namespace cache {
+ 
+ protocol PCacheStreamControl
+ {
+   manager PBackground;
+ 
+ parent:
+-  async OpenStream(nsID aStreamId) returns(OptionalIPCStream aStream);
++  async OpenStream(nsID aStreamId) returns(nsCOMPtr<nsIInputStream> aStream);
+   async NoteClosed(nsID aStreamId);
+ 
+ child:
+   async Close(nsID aStreamId);
+   async CloseAll();
+   async __delete__();
+ };
+ 

mozilla-release/patches/1440771-3-60a1.patch

@@ -0,0 +1,176 @@
+# HG changeset patch
+# User Nika Layzell <nika@thelayzells.com>
+# Date 1519417762 18000
+#      Fri Feb 23 15:29:22 2018 -0500
+# Node ID 02049d16a352bd71963579c0b7b29c96efb5244d
+# Parent  5805599f0ad34c2c87fbe23ae506c953aad3ca99
+Bug 1440771 - Part 3: Use nsCOMPtr<nsIInputStream> directly in PContent, r=baku
+
+MozReview-Commit-ID: 32gMROoF1qU
+
+diff --git a/docshell/base/nsDefaultURIFixup.cpp b/docshell/base/nsDefaultURIFixup.cpp
+--- a/docshell/base/nsDefaultURIFixup.cpp
++++ b/docshell/base/nsDefaultURIFixup.cpp
+@@ -434,30 +434,29 @@ nsDefaultURIFixup::KeywordToURI(const ns
+   keyword.Trim(" ");
+ 
+   if (XRE_IsContentProcess()) {
+     dom::ContentChild* contentChild = dom::ContentChild::GetSingleton();
+     if (!contentChild) {
+       return NS_ERROR_NOT_AVAILABLE;
+     }
+ 
+-    ipc::OptionalIPCStream postData;
++    nsCOMPtr<nsIInputStream> postData;
+     ipc::OptionalURIParams uri;
+     nsAutoString providerName;
+     if (!contentChild->SendKeywordToURI(keyword, &providerName, &postData,
+                                         &uri)) {
+       return NS_ERROR_FAILURE;
+     }
+ 
+     CopyUTF8toUTF16(keyword, info->mKeywordAsSent);
+     info->mKeywordProviderName = providerName;
+ 
+     if (aPostData) {
+-      nsCOMPtr<nsIInputStream> temp = ipc::DeserializeIPCStream(postData);
+-      temp.forget(aPostData);
++      postData.forget(aPostData);
+     }
+ 
+     nsCOMPtr<nsIURI> temp = DeserializeURI(uri);
+     info->mPreferredURI = temp.forget();
+     return NS_OK;
+   }
+ 
+ #ifdef MOZ_TOOLKIT_SEARCH
+diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
+--- a/dom/ipc/ContentParent.cpp
++++ b/dom/ipc/ContentParent.cpp
+@@ -3941,43 +3941,35 @@ ContentParent::SendPBrowserConstructor(P
+                                                  aChromeFlags,
+                                                  aCpId,
+                                                  aIsForBrowser);
+ }
+ 
+ mozilla::ipc::IPCResult
+ ContentParent::RecvKeywordToURI(const nsCString& aKeyword,
+                                 nsString* aProviderName,
+-                                OptionalIPCStream* aPostData,
++                                nsCOMPtr<nsIInputStream>* aPostData,
+                                 OptionalURIParams* aURI)
+ {
+-  *aPostData = void_t();
++  *aPostData = nullptr;
+   *aURI = void_t();
+ 
+   nsCOMPtr<nsIURIFixup> fixup = do_GetService(NS_URIFIXUP_CONTRACTID);
+   if (!fixup) {
+     return IPC_OK();
+   }
+ 
+-  nsCOMPtr<nsIInputStream> postData;
+   nsCOMPtr<nsIURIFixupInfo> info;
+ 
+-  if (NS_FAILED(fixup->KeywordToURI(aKeyword, getter_AddRefs(postData),
++  if (NS_FAILED(fixup->KeywordToURI(aKeyword, getter_AddRefs(*aPostData),
+                                     getter_AddRefs(info)))) {
+     return IPC_OK();
+   }
+   info->GetKeywordProviderName(*aProviderName);
+ 
+-  AutoIPCStream autoStream;
+-  if (NS_WARN_IF(!autoStream.Serialize(postData, this))) {
+-    NS_ENSURE_SUCCESS(NS_ERROR_FAILURE, IPC_FAIL_NO_REASON(this));
+-  }
+-
+-  *aPostData = autoStream.TakeOptionalValue();
+-
+   nsCOMPtr<nsIURI> uri;
+   info->GetPreferredURI(getter_AddRefs(uri));
+   SerializeURI(uri, *aURI);
+   return IPC_OK();
+ }
+ 
+ mozilla::ipc::IPCResult
+ ContentParent::RecvNotifyKeywordSearchLoading(const nsString &aProvider,
+diff --git a/dom/ipc/ContentParent.h b/dom/ipc/ContentParent.h
+--- a/dom/ipc/ContentParent.h
++++ b/dom/ipc/ContentParent.h
+@@ -1046,17 +1046,17 @@ public:
+   virtual mozilla::ipc::IPCResult RecvPrivateDocShellsExist(const bool& aExist) override;
+ 
+   virtual mozilla::ipc::IPCResult RecvFirstIdle() override;
+ 
+   virtual mozilla::ipc::IPCResult RecvDeviceReset() override;
+ 
+   virtual mozilla::ipc::IPCResult RecvKeywordToURI(const nsCString& aKeyword,
+                                                    nsString* aProviderName,
+-                                                   OptionalIPCStream* aPostData,
++                                                   nsCOMPtr<nsIInputStream>* aPostData,
+                                                    OptionalURIParams* aURI) override;
+ 
+   virtual mozilla::ipc::IPCResult RecvNotifyKeywordSearchLoading(const nsString &aProvider,
+                                                                  const nsString &aKeyword) override;
+ 
+   virtual mozilla::ipc::IPCResult RecvCopyFavicon(const URIParams& aOldURI,
+                                                   const URIParams& aNewURI,
+                                                   const IPC::Principal& aLoadingPrincipal,
+diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl
+--- a/dom/ipc/PContent.ipdl
++++ b/dom/ipc/PContent.ipdl
+@@ -41,17 +41,16 @@ include protocol PURLClassifier;
+ include protocol PURLClassifierLocal;
+ include protocol PVRManager;
+ include protocol PVideoDecoderManager;
+ include protocol PProfiler;
+ include protocol PScriptCache;
+ include DOMTypes;
+ include JavaScriptTypes;
+ include IPCBlob;
+-include IPCStream;
+ include PTabContext;
+ include URIParams;
+ include ProtocolTypes;
+ include PBackgroundSharedTypes;
+ include PContentPermission;
+ include ServiceWorkerConfiguration;
+ include GraphicsMessages;
+ include MemoryReportTypes;
+@@ -88,16 +87,17 @@ using struct mozilla::layers::TextureFac
+ using mozilla::layers::CompositorOptions from "mozilla/layers/CompositorOptions.h";
+ using mozilla::Telemetry::Accumulation from "mozilla/TelemetryComms.h";
+ using mozilla::Telemetry::KeyedAccumulation from "mozilla/TelemetryComms.h";
+ using mozilla::Telemetry::ScalarAction from "mozilla/TelemetryComms.h";
+ using mozilla::Telemetry::KeyedScalarAction from "mozilla/TelemetryComms.h";
+ using mozilla::Telemetry::ChildEventData from "mozilla/TelemetryComms.h";
+ using mozilla::Telemetry::DiscardedData from "mozilla/TelemetryComms.h";
+ using mozilla::CrossProcessMutexHandle from "mozilla/ipc/CrossProcessMutex.h";
++using nsCOMPtr<nsIInputStream> from "mozilla/ipc/IPCStreamUtils.h";
+ 
+ union ChromeRegistryItem
+ {
+     ChromePackage;
+     OverrideMapping;
+     SubstitutionMapping;
+ };
+ 
+@@ -804,17 +804,17 @@ parent:
+     async PrivateDocShellsExist(bool aExist);
+ 
+     // Tell the parent that the child has gone idle for the first time.
+     async FirstIdle();
+ 
+     async DeviceReset();
+ 
+     sync KeywordToURI(nsCString keyword)
+-        returns (nsString providerName, OptionalIPCStream postData, OptionalURIParams uri);
++        returns (nsString providerName, nsCOMPtr<nsIInputStream> postData, OptionalURIParams uri);
+ 
+     sync NotifyKeywordSearchLoading(nsString providerName, nsString keyword);
+ 
+     async CopyFavicon(URIParams oldURI, URIParams newURI, Principal aLoadingPrincipal, bool isPrivate);
+ 
+     // Tell the compositor to allocate a layer tree id for nested remote mozbrowsers.
+     sync AllocateLayerTreeId(ContentParentId cpId, TabId tabId)
+         returns (uint64_t id);

mozilla-release/patches/1440771-4-60a1.patch

@@ -0,0 +1,131 @@
+# HG changeset patch
+# User Nika Layzell <nika@thelayzells.com>
+# Date 1519417794 18000
+#      Fri Feb 23 15:29:54 2018 -0500
+# Node ID cd28092ce59a3055258af00afc35b2d05ef93d88
+# Parent  02049d16a352bd71963579c0b7b29c96efb5244d
+Bug 1440771 - Part 4: Use nsCOMPtr<nsIInputStream> directly in PNecko, r=baku
+
+MozReview-Commit-ID: COnMiadbCjn
+
+diff --git a/netwerk/ipc/NeckoParent.cpp b/netwerk/ipc/NeckoParent.cpp
+--- a/netwerk/ipc/NeckoParent.cpp
++++ b/netwerk/ipc/NeckoParent.cpp
+@@ -57,17 +57,16 @@ using mozilla::dom::ServiceWorkerManager
+ using mozilla::dom::TabContext;
+ using mozilla::dom::TabParent;
+ using mozilla::net::PTCPSocketParent;
+ using mozilla::dom::TCPSocketParent;
+ using mozilla::net::PTCPServerSocketParent;
+ using mozilla::dom::TCPServerSocketParent;
+ using mozilla::net::PUDPSocketParent;
+ using mozilla::dom::UDPSocketParent;
+-using mozilla::ipc::AutoIPCStream;
+ using mozilla::ipc::OptionalPrincipalInfo;
+ using mozilla::ipc::PrincipalInfo;
+ using mozilla::ipc::LoadInfoArgsToLoadInfo;
+ using IPC::SerializedLoadContext;
+ 
+ namespace mozilla {
+ namespace net {
+ 
+@@ -961,30 +960,27 @@ NeckoParent::RecvGetExtensionStream(cons
+   // Ask the ExtensionProtocolHandler to give us a new input stream for
+   // this URI. The request comes from an ExtensionProtocolHandler in the
+   // child process, but is not guaranteed to be a valid moz-extension URI,
+   // and not guaranteed to represent a resource that the child should be
+   // allowed to access. The ExtensionProtocolHandler is responsible for
+   // validating the request. Specifically, only URI's for local files that
+   // an extension is allowed to access via moz-extension URI's should be
+   // accepted.
+-  AutoIPCStream autoStream;
+   nsCOMPtr<nsIInputStream> inputStream;
+   bool terminateSender = true;
+   auto inputStreamOrReason = ph->NewStream(deserializedURI, &terminateSender);
+   if (inputStreamOrReason.isOk()) {
+     inputStream = inputStreamOrReason.unwrap();
+-    ContentParent* contentParent = static_cast<ContentParent*>(Manager());
+-    Unused << autoStream.Serialize(inputStream, contentParent);
+   }
+ 
+   // If NewStream failed, we send back an invalid stream to the child so
+   // it can handle the error. MozPromise rejection is reserved for channel
+   // errors/disconnects.
+-  aResolve(autoStream.TakeOptionalValue());
++  aResolve(inputStream);
+ 
+   if (terminateSender) {
+     return IPC_FAIL_NO_REASON(this);
+   } else {
+     return IPC_OK();
+   }
+ }
+ 
+diff --git a/netwerk/ipc/PNecko.ipdl b/netwerk/ipc/PNecko.ipdl
+--- a/netwerk/ipc/PNecko.ipdl
++++ b/netwerk/ipc/PNecko.ipdl
+@@ -31,16 +31,17 @@ include IPCStream;
+ include URIParams;
+ include NeckoChannelParams;
+ include PBrowserOrId;
+ include protocol PAltDataOutputStream;
+ 
+ using class IPC::SerializedLoadContext from "SerializedLoadContext.h";
+ using mozilla::dom::TabId from "mozilla/dom/ipc/IdType.h";
+ using class IPC::Principal from "mozilla/dom/PermissionMessageUtils.h";
++using nsCOMPtr<nsIInputStream> from "mozilla/ipc/IPCStreamUtils.h";
+ 
+ namespace mozilla {
+ namespace net {
+ 
+ //-------------------------------------------------------------------
+ nested(upto inside_cpow) sync protocol PNecko
+ {
+   manager PContent;
+@@ -122,17 +123,17 @@ parent:
+ 
+   async PAltDataOutputStream(nsCString type, PHttpChannel channel);
+ 
+   async PStunAddrsRequest();
+ 
+   /**
+    * WebExtension-specific remote resource loading
+    */
+-  async GetExtensionStream(URIParams uri) returns (OptionalIPCStream stream);
++  async GetExtensionStream(URIParams uri) returns (nsCOMPtr<nsIInputStream> stream);
+   async GetExtensionFD(URIParams uri) returns (FileDescriptor fd);
+ 
+ child:
+   /*
+    * Bring up the http auth prompt for a nested remote mozbrowser.
+    * NestedFrameId is the id corresponding to the PBrowser.  It is the same id
+    * that was passed to the PBrowserOrId param in to the PHttpChannel constructor
+    */
+diff --git a/netwerk/protocol/res/ExtensionProtocolHandler.cpp b/netwerk/protocol/res/ExtensionProtocolHandler.cpp
+--- a/netwerk/protocol/res/ExtensionProtocolHandler.cpp
++++ b/netwerk/protocol/res/ExtensionProtocolHandler.cpp
+@@ -234,22 +234,18 @@ ExtensionStreamGetter::GetAsync(nsIStrea
+     );
+     return Ok();
+   }
+ 
+   // Request an input stream for this moz-extension URI
+   gNeckoChild->SendGetExtensionStream(uri)->Then(
+     mMainThreadEventTarget,
+     __func__,
+-    [self] (const OptionalIPCStream& stream) {
+-      nsCOMPtr<nsIInputStream> inputStream;
+-      if (stream.type() == OptionalIPCStream::OptionalIPCStream::TIPCStream) {
+-        inputStream = ipc::DeserializeIPCStream(stream);
+-      }
+-      self->OnStream(inputStream.forget());
++    [self] (const nsCOMPtr<nsIInputStream>& stream) {
++      self->OnStream(do_AddRef(stream));
+     },
+     [self] (const mozilla::ipc::ResponseRejectReason) {
+       self->OnStream(nullptr);
+     }
+   );
+   return Ok();
+ }
+ 

mozilla-release/patches/1442819-61a1.patch

@@ -0,0 +1,64 @@
+# HG changeset patch
+# User Gerald Squelart <gsquelart@mozilla.com>
+# Date 1520890012 -39600
+# Node ID e4e466004d34b06fec1e4abddb0f537f9e74493c
+# Parent  cf8982afa7df0f71dc1fca22a77e3553b207855f
+Bug 1442819 - Suppress UBSan false positive - r=froydnj
+
+MozReview-Commit-ID: 9pmmYc5gevV
+
+diff --git a/dom/media/doctor/DecoderDoctorLogger.h b/dom/media/doctor/DecoderDoctorLogger.h
+--- a/dom/media/doctor/DecoderDoctorLogger.h
++++ b/dom/media/doctor/DecoderDoctorLogger.h
+@@ -280,17 +280,18 @@ public:
+     Log(aSubjectTypeName,
+         aSubjectPointer,
+         DDLogCategory::_DerivedConstruction,
+         "",
+         DDLogValue{ DDLogObject{ DDLoggedTypeTraits<B>::Name(), aBase } });
+   }
+ 
+   template<typename Subject>
+-  static void LogConstruction(const Subject* aSubject)
++  static void
++  LogConstruction(const Subject* aSubject)
+   {
+     using Traits = DDLoggedTypeTraits<Subject>;
+     if (!Traits::HasBase::value) {
+       Log(DDLoggedTypeTraits<Subject>::Name(),
+           aSubject,
+           DDLogCategory::_Construction,
+           "",
+           DDLogValue{ DDNoValue{} });
+@@ -473,20 +474,30 @@ private:
+ // Base class to automatically record a class lifetime. Usage:
+ //   class SomeClass : public DecoderDoctorLifeLogger<SomeClass>
+ //   {
+ //     ...
+ template<typename T>
+ class DecoderDoctorLifeLogger
+ {
+ public:
++#if defined(__clang__)
++  // This constructor is called before the `T` object is fully constructed, and
++  // pointers are not dereferenced anyway, so UBSan shouldn't check vptrs.
++  __attribute__((no_sanitize("vptr")))
++#endif
+   DecoderDoctorLifeLogger()
+   {
+     DecoderDoctorLogger::LogConstruction(static_cast<const T*>(this));
+   }
++#if defined(__clang__)
++  // This destructor is called after the `T` object is partially destructed, and
++  // pointers are not dereferenced anyway, so UBSan shouldn't check vptrs.
++  __attribute__((no_sanitize("vptr")))
++#endif
+   ~DecoderDoctorLifeLogger()
+   {
+     DecoderDoctorLogger::LogDestruction(static_cast<const T*>(this));
+   }
+ };
+ 
+ // Macros to help lazily-evaluate arguments, only after we have checked that
+ // logging is enabled.
+

mozilla-release/patches/1448490-1-61a1.patch

@@ -2,7 +2,7 @@
 # User Kartikaya Gupta <kgupta@mozilla.com>
 # Date 1521932761 14400
 # Node ID 5d9f32557d7740c7c30f7bc6057c4de0c294d828
-# Parent  1e0735269b2bf9e6aa3dca09987f35f5a5983a27
+# Parent  9ed47417a1bfe33d326c30affb60d021211ab040
 Bug 1448490 - Make the layers id a struct instead of a uint64_t. r=mattwoodrow
 
 The new struct is in LayersTypes.h, all the rest of the changes are just
@@ -228,7 +228,7 @@ diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
    if (!contentParent->CanCommunicateWith(ChildID())) {
      return IPC_FAIL(this, "Spoofed DeallocateLayerTreeId call");
    }
-@@ -4691,17 +4691,17 @@ ContentParent::RecvCreateWindow(PBrowser
+@@ -4683,17 +4683,17 @@ ContentParent::RecvCreateWindow(PBrowser
                                  const uint32_t& aReferrerPolicy,
                                  CreateWindowResolver&& aResolve)
  {
@@ -393,7 +393,7 @@ diff --git a/dom/ipc/PBrowser.ipdl b/dom/ipc/PBrowser.ipdl
 diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl
 --- a/dom/ipc/PContent.ipdl
 +++ b/dom/ipc/PContent.ipdl
-@@ -81,16 +81,17 @@ using mozilla::dom::ContentParentId from
+@@ -80,16 +80,17 @@ using mozilla::dom::ContentParentId from
  using mozilla::LayoutDeviceIntPoint from "Units.h";
  using struct LookAndFeelInt from "mozilla/widget/WidgetMessageUtils.h";
  using class mozilla::dom::MessagePort from "mozilla/dom/MessagePort.h";
@@ -410,9 +410,9 @@ diff --git a/dom/ipc/PContent.ipdl b/dom/ipc/PContent.ipdl
  using mozilla::Telemetry::ChildEventData from "mozilla/TelemetryComms.h";
  using mozilla::Telemetry::DiscardedData from "mozilla/TelemetryComms.h";
  using mozilla::CrossProcessMutexHandle from "mozilla/ipc/CrossProcessMutex.h";
- 
+ using nsCOMPtr<nsIInputStream> from "mozilla/ipc/IPCStreamUtils.h";
 @@ -813,18 +814,18 @@ parent:
-         returns (nsString providerName, OptionalIPCStream postData, OptionalURIParams uri);
+         returns (nsString providerName, nsCOMPtr<nsIInputStream> postData, OptionalURIParams uri);
  
      sync NotifyKeywordSearchLoading(nsString providerName, nsString keyword);
  
@@ -665,7 +665,7 @@ diff --git a/dom/ipc/TabChild.h b/dom/ipc/TabChild.h
    RecvUpdateDimensions(const mozilla::dom::DimensionInfo& aDimensionInfo) override;
    virtual mozilla::ipc::IPCResult
    RecvSizeModeChanged(const nsSizeMode& aSizeMode) override;
-@@ -560,19 +560,19 @@ public:
+@@ -561,19 +561,19 @@ public:
    GetFrom(mozIDOMWindowProxy* aWindow)
    {
      nsCOMPtr<nsIWebNavigation> webNav = do_GetInterface(aWindow);
@@ -687,7 +687,7 @@ diff --git a/dom/ipc/TabChild.h b/dom/ipc/TabChild.h
  
    void DidRequestComposite(const TimeStamp& aCompositeReqStart,
                             const TimeStamp& aCompositeReqEnd);
-@@ -625,17 +625,17 @@ public:
+@@ -626,17 +626,17 @@ public:
  
    const mozilla::layers::CompositorOptions& GetCompositorOptions() const;
    bool AsyncPanZoomEnabled() const;
@@ -706,7 +706,7 @@ diff --git a/dom/ipc/TabChild.h b/dom/ipc/TabChild.h
                                   uint64_t aInputBlockId,
                                   bool aPreventDefault) const;
    void SetTargetAPZC(uint64_t aInputBlockId,
-@@ -779,17 +779,17 @@ private:
+@@ -782,17 +782,17 @@ private:
    // Update the frameType on our docshell.
    void UpdateFrameType();
  
@@ -725,7 +725,7 @@ diff --git a/dom/ipc/TabChild.h b/dom/ipc/TabChild.h
  
    void ApplyShowInfo(const ShowInfo& aInfo);
  
-@@ -835,17 +835,17 @@ private:
+@@ -838,17 +838,17 @@ private:
    RefPtr<mozilla::dom::TabGroup> mTabGroup;
    RefPtr<PuppetWidget> mPuppetWidget;
    nsCOMPtr<nsIURI> mLastURI;

mozilla-release/patches/1448494-1-61a1.patch

@@ -0,0 +1,403 @@
+# HG changeset patch
+# User Gerald Squelart <gsquelart@mozilla.com>
+# Date 1522219733 -39600
+# Node ID d97b8efcbc044a3998c70e10459abd24a43252c5
+# Parent  a9f5a8dc2e2299affb3be272705175c96dbbac87
+Bug 1448494 - NonDereferenceable<T> wraps a T* and prevents dereferencing ops - r=froydnj
+
+NonDereferenceable denotes the intent that a pointer will (most likely) not be
+dereferenced, but its numeric value may be used for e.g. logging purposes.
+
+Dereferencing operations are explicitly disabled to avoid unintentional misuses.
+Casting is still possible between related types (same as with raw pointers),
+but pointers stay safely stored inside NonDereferenceable objects. These casts
+do not trigger `clang++ -fsanitize=vptr` errors.
+
+MozReview-Commit-ID: 5885pB7hSFR
+
+diff --git a/mfbt/NonDereferenceable.h b/mfbt/NonDereferenceable.h
+new file mode 100644
+--- /dev/null
++++ b/mfbt/NonDereferenceable.h
+@@ -0,0 +1,139 @@
++/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
++/* vim: set ts=8 sts=2 et sw=2 tw=80: */
++/* This Source Code Form is subject to the terms of the Mozilla Public
++ * License, v. 2.0. If a copy of the MPL was not distributed with this
++ * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
++
++#ifndef mozilla_NonDereferenceable_h
++#define mozilla_NonDereferenceable_h
++
++/* A pointer wrapper indicating that the pointer should not be dereferenced. */
++
++#include "mozilla/Attributes.h"
++#include "mozilla/TypeTraits.h"
++
++#include <cstdint>
++
++// Macro indicating that a function manipulates a pointer that will not be
++// dereferenced, and therefore there is no need to check the object.
++#if defined(__clang__)
++#define NO_POINTEE_CHECKS __attribute__((no_sanitize("vptr")))
++#else
++#define NO_POINTEE_CHECKS /* nothing */
++#endif
++
++namespace mozilla {
++
++// NonDereferenceable<T> wraps a raw pointer value of type T*, but prevents
++// dereferencing.
++//
++// The main use case is for pointers that referencing memory that may not
++// contain a valid object, either because the object has already been freed, or
++// is under active construction or destruction (and hence parts of it may be
++// uninitialized or destructed.)
++// Such a pointer may still be useful, e.g., for its numeric value for
++// logging/debugging purposes, which may be accessed with `value()`.
++// Using NonDereferenceable with such pointers will make this intent clearer,
++// and prevent misuses.
++//
++// Note that NonDereferenceable is only a wrapper and is NOT an owning pointer,
++// i.e., it will not release/free the object.
++//
++// NonDereferenceable allows conversions between compatible pointer types, e.g.,
++// to navigate a class hierarchy and identify parent/sub-objects. Note that the
++// converted pointers stay safely NonDereferenceable.
++//
++// Use of NonDereferenceable is required to avoid errors from sanitization tools
++// like `clang++ -fsanitize=vptr`, and should prevent false positives while
++// pointers are manipulated within NonDereferenceable objects.
++//
++template<typename T>
++class NonDereferenceable
++{
++public:
++  // Default construction with a null value.
++  NonDereferenceable()
++    : mPtr(nullptr)
++  {
++  }
++
++  // Default copy construction and assignment.
++  NO_POINTEE_CHECKS
++  NonDereferenceable(const NonDereferenceable&) = default;
++  NO_POINTEE_CHECKS
++  NonDereferenceable<T>& operator=(const NonDereferenceable&) = default;
++  // No move operations, as we're only carrying a non-owning pointer, so
++  // copying is most efficient.
++
++  // Construct/assign from a T* raw pointer.
++  // A raw pointer should usually point at a valid object, however we want to
++  // leave the ability to the user to create a NonDereferenceable from any
++  // pointer. Also, strictly speaking, in a constructor or destructor, `this`
++  // points at an object still being constructed or already partially
++  // destructed, which some very sensitive sanitizers could complain about.
++  NO_POINTEE_CHECKS
++  explicit NonDereferenceable(T* aPtr)
++    : mPtr(aPtr)
++  {
++  }
++  NO_POINTEE_CHECKS
++  NonDereferenceable& operator=(T* aPtr)
++  {
++    mPtr = aPtr;
++    return *this;
++  }
++
++  // Construct/assign from a compatible pointer type.
++  template<typename U>
++  NO_POINTEE_CHECKS explicit NonDereferenceable(U* aOther)
++    : mPtr(static_cast<T*>(aOther))
++  {
++  }
++  template<typename U>
++  NO_POINTEE_CHECKS NonDereferenceable& operator=(U* aOther)
++  {
++    mPtr = static_cast<T*>(aOther);
++    return *this;
++  }
++
++  // Construct/assign from a NonDereferenceable with a compatible pointer type.
++  template<typename U>
++  NO_POINTEE_CHECKS MOZ_IMPLICIT
++  NonDereferenceable(const NonDereferenceable<U>& aOther)
++    : mPtr(static_cast<T*>(aOther.mPtr))
++  {
++  }
++  template<typename U>
++  NO_POINTEE_CHECKS NonDereferenceable& operator=(
++    const NonDereferenceable<U>& aOther)
++  {
++    mPtr = static_cast<T*>(aOther.mPtr);
++    return *this;
++  }
++
++  // Explicitly disallow dereference operators, so that compiler errors point
++  // at these lines:
++  T& operator*() = delete;  // Cannot dereference NonDereferenceable!
++  T* operator->() = delete; // Cannot dereference NonDereferenceable!
++
++  // Null check.
++  NO_POINTEE_CHECKS
++  explicit operator bool() const { return !!mPtr; }
++
++  // Extract the pointer value, untyped.
++  NO_POINTEE_CHECKS
++  uintptr_t value() const { return reinterpret_cast<uintptr_t>(mPtr); }
++
++private:
++  // Let other NonDereferenceable templates access mPtr, to permit construction/
++  // assignment from compatible pointer types.
++  template<typename> friend class NonDereferenceable;
++
++  T* MOZ_NON_OWNING_REF mPtr;
++};
++
++} // namespace mozilla
++
++#undef NO_POINTEE_CHECKS
++
++#endif /* mozilla_NonDereferenceable_h */
+diff --git a/mfbt/moz.build b/mfbt/moz.build
+--- a/mfbt/moz.build
++++ b/mfbt/moz.build
+@@ -53,16 +53,17 @@ EXPORTS.mozilla = [
+     'MacroArgs.h',
+     'MacroForEach.h',
+     'MathAlgorithms.h',
+     'Maybe.h',
+     'MaybeOneOf.h',
+     'MemoryChecking.h',
+     'MemoryReporting.h',
+     'Move.h',
++    'NonDereferenceable.h',
+     'NotNull.h',
+     'NullPtr.h',
+     'Opaque.h',
+     'OperatorNewExtensions.h',
+     'Pair.h',
+     'Path.h',
+     'PodOperations.h',
+     'Poison.h',
+diff --git a/mfbt/tests/TestNonDereferenceable.cpp b/mfbt/tests/TestNonDereferenceable.cpp
+new file mode 100644
+--- /dev/null
++++ b/mfbt/tests/TestNonDereferenceable.cpp
+@@ -0,0 +1,194 @@
++/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*- */
++/* vim: set ts=8 sts=2 et sw=2 tw=80: */
++/* This Source Code Form is subject to the terms of the Mozilla Public
++ * License, v. 2.0. If a copy of the MPL was not distributed with this file,
++ * You can obtain one at http://mozilla.org/MPL/2.0/. */
++
++#include "mozilla/NonDereferenceable.h"
++
++#include "mozilla/Assertions.h"
++#include "mozilla/Move.h"
++
++using mozilla::Move;
++using mozilla::NonDereferenceable;
++
++#define CHECK MOZ_RELEASE_ASSERT
++
++void
++TestNonDereferenceableSimple()
++{
++  // Default construction.
++  NonDereferenceable<int> nd0;
++  CHECK(!nd0);
++  CHECK(!nd0.value());
++
++  int i = 1;
++  int i2 = 2;
++
++  // Construction with pointer.
++  NonDereferenceable<int> nd1(&i);
++  CHECK(!!nd1);
++  CHECK(nd1.value() == reinterpret_cast<uintptr_t>(&i));
++
++  // Assignment with pointer.
++  nd1 = &i2;
++  CHECK(nd1.value() == reinterpret_cast<uintptr_t>(&i2));
++
++  // Copy-construction.
++  NonDereferenceable<int> nd2(nd1);
++  CHECK(nd2.value() == reinterpret_cast<uintptr_t>(&i2));
++
++  // Copy-assignment.
++  nd2 = nd0;
++  CHECK(!nd2.value());
++
++  // Move-construction.
++  NonDereferenceable<int> nd3{ NonDereferenceable<int>(&i) };
++  CHECK(nd3.value() == reinterpret_cast<uintptr_t>(&i));
++
++  // Move-assignment.
++  nd3 = Move(nd1);
++  CHECK(nd3.value() == reinterpret_cast<uintptr_t>(&i2));
++  // Note: Not testing nd1's value because we don't want to assume what state
++  // it is left in after move. But at least it should be reusable:
++  nd1 = &i;
++  CHECK(nd1.value() == reinterpret_cast<uintptr_t>(&i));
++}
++
++void
++TestNonDereferenceableHierarchy()
++{
++  struct Base1
++  {
++    // Member variable, to make sure Base1 is not empty.
++    int x1;
++  };
++  struct Base2
++  {
++    int x2;
++  };
++  struct Derived
++    : Base1
++    , Base2
++  {
++  };
++
++  Derived d;
++
++  // Construct NonDereferenceable from raw pointer.
++  NonDereferenceable<Derived> ndd = NonDereferenceable<Derived>(&d);
++  CHECK(ndd);
++  CHECK(ndd.value() == reinterpret_cast<uintptr_t>(&d));
++
++  // Cast Derived to Base1.
++  NonDereferenceable<Base1> ndb1 = ndd;
++  CHECK(ndb1);
++  CHECK(ndb1.value() == reinterpret_cast<uintptr_t>(static_cast<Base1*>(&d)));
++
++  // Cast Base1 back to Derived.
++  NonDereferenceable<Derived> nddb1 = ndb1;
++  CHECK(nddb1.value() == reinterpret_cast<uintptr_t>(&d));
++
++  // Cast Derived to Base2.
++  NonDereferenceable<Base2> ndb2 = ndd;
++  CHECK(ndb2);
++  CHECK(ndb2.value() == reinterpret_cast<uintptr_t>(static_cast<Base2*>(&d)));
++  // Sanity check that Base2 should be offset from the start of Derived.
++  CHECK(ndb2.value() != ndd.value());
++
++  // Cast Base2 back to Derived.
++  NonDereferenceable<Derived> nddb2 = ndb2;
++  CHECK(nddb2.value() == reinterpret_cast<uintptr_t>(&d));
++
++  // Note that it's not possible to jump between bases, as they're not obviously
++  // related, i.e.: `NonDereferenceable<Base2> ndb22 = ndb1;` doesn't compile.
++  // However it's possible to explicitly navigate through the derived object:
++  NonDereferenceable<Base2> ndb22 = NonDereferenceable<Derived>(ndb1);
++  CHECK(ndb22.value() == reinterpret_cast<uintptr_t>(static_cast<Base2*>(&d)));
++
++  // Handling nullptr; should stay nullptr even for offset bases.
++  ndd = nullptr;
++  CHECK(!ndd);
++  CHECK(!ndd.value());
++  ndb1 = ndd;
++  CHECK(!ndb1);
++  CHECK(!ndb1.value());
++  ndb2 = ndd;
++  CHECK(!ndb2);
++  CHECK(!ndb2.value());
++  nddb2 = ndb2;
++  CHECK(!nddb2);
++  CHECK(!nddb2.value());
++}
++
++template<typename T, size_t Index>
++struct CRTPBase
++{
++  // Convert `this` from `CRTPBase*` to `T*` while construction is still in
++  // progress; normally UBSan -fsanitize=vptr would catch this, but using
++  // NonDereferenceable should keep UBSan happy.
++  CRTPBase()
++    : mDerived(this)
++  {
++  }
++  NonDereferenceable<T> mDerived;
++};
++
++void
++TestNonDereferenceableCRTP()
++{
++  struct Derived
++    : CRTPBase<Derived, 1>
++    , CRTPBase<Derived, 2>
++  {
++  };
++  using Base1 = Derived::CRTPBase<Derived, 1>;
++  using Base2 = Derived::CRTPBase<Derived, 2>;
++
++  Derived d;
++  // Verify that base constructors have correctly captured the address of the
++  // (at the time still incomplete) derived object.
++  CHECK(d.Base1::mDerived.value() == reinterpret_cast<uintptr_t>(&d));
++  CHECK(d.Base2::mDerived.value() == reinterpret_cast<uintptr_t>(&d));
++
++  // Construct NonDereferenceable from raw pointer.
++  NonDereferenceable<Derived> ndd = NonDereferenceable<Derived>(&d);
++  CHECK(ndd);
++  CHECK(ndd.value() == reinterpret_cast<uintptr_t>(&d));
++
++  // Cast Derived to Base1.
++  NonDereferenceable<Base1> ndb1 = ndd;
++  CHECK(ndb1);
++  CHECK(ndb1.value() == reinterpret_cast<uintptr_t>(static_cast<Base1*>(&d)));
++
++  // Cast Base1 back to Derived.
++  NonDereferenceable<Derived> nddb1 = ndb1;
++  CHECK(nddb1.value() == reinterpret_cast<uintptr_t>(&d));
++
++  // Cast Derived to Base2.
++  NonDereferenceable<Base2> ndb2 = ndd;
++  CHECK(ndb2);
++  CHECK(ndb2.value() == reinterpret_cast<uintptr_t>(static_cast<Base2*>(&d)));
++  // Sanity check that Base2 should be offset from the start of Derived.
++  CHECK(ndb2.value() != ndd.value());
++
++  // Cast Base2 back to Derived.
++  NonDereferenceable<Derived> nddb2 = ndb2;
++  CHECK(nddb2.value() == reinterpret_cast<uintptr_t>(&d));
++
++  // Note that it's not possible to jump between bases, as they're not obviously
++  // related, i.e.: `NonDereferenceable<Base2> ndb22 = ndb1;` doesn't compile.
++  // However it's possible to explicitly navigate through the derived object:
++  NonDereferenceable<Base2> ndb22 = NonDereferenceable<Derived>(ndb1);
++  CHECK(ndb22.value() == reinterpret_cast<uintptr_t>(static_cast<Base2*>(&d)));
++}
++
++int
++main()
++{
++  TestNonDereferenceableSimple();
++  TestNonDereferenceableHierarchy();
++  TestNonDereferenceableCRTP();
++
++  return 0;
++}
+diff --git a/mfbt/tests/moz.build b/mfbt/tests/moz.build
+--- a/mfbt/tests/moz.build
++++ b/mfbt/tests/moz.build
+@@ -33,16 +33,17 @@ CppUnitTests([
+     'TestIntegerPrintfMacros',
+     'TestIntegerRange',
+     'TestJSONWriter',
+     'TestLinkedList',
+     'TestMacroArgs',
+     'TestMacroForEach',
+     'TestMathAlgorithms',
+     'TestMaybe',
++    'TestNonDereferenceable',
+     'TestNotNull',
+     'TestPair',
+     'TestRange',
+     'TestRefPtr',
+     'TestResult',
+     'TestRollingMean',
+     'TestSaturate',
+     'TestScopeExit',
+

mozilla-release/patches/1448494-2-61a1.patch

@@ -0,0 +1,154 @@
+# HG changeset patch
+# User Gerald Squelart <gsquelart@mozilla.com>
+# Date 1522246688 -39600
+# Node ID 51d020e4c2cbf4de620648d7dcded9d78b285ace
+# Parent  d97b8efcbc044a3998c70e10459abd24a43252c5
+Bug 1448494 - Use NonDereferenceable in DDLogger - r=froydnj
+
+DecoderDoctorLifeLogger now passes a NonDereferenceable pointer to
+LogConstruction/LogDestruction, to avoid UBSan errors. It is possible because
+DDLogger only keeps pointer values for logging (the pointer type is converted
+to a string), these pointers are never actually dereferenced.
+
+Note that the uintptr_t value() is converted to `const void*` because that's
+what DDLogger uses everywhere; an upcoming bug will make DDLogger use
+NonDereferenceable everywhere instead.
+
+MozReview-Commit-ID: K5wJrGVCub0
+
+diff --git a/dom/media/doctor/DecoderDoctorLogger.h b/dom/media/doctor/DecoderDoctorLogger.h
+--- a/dom/media/doctor/DecoderDoctorLogger.h
++++ b/dom/media/doctor/DecoderDoctorLogger.h
+@@ -8,16 +8,17 @@
+ #define DecoderDoctorLogger_h_
+ 
+ #include "DDLoggedTypeTraits.h"
+ #include "DDLogCategory.h"
+ #include "DDLogValue.h"
+ #include "mozilla/Atomics.h"
+ #include "mozilla/DefineEnum.h"
+ #include "mozilla/MozPromise.h"
++#include "mozilla/NonDereferenceable.h"
+ #include "nsString.h"
+ 
+ namespace mozilla {
+ 
+ // Main class used to capture log messages from the media stack, and to
+ // retrieve processed messages associated with an HTMLMediaElement.
+ //
+ // The logging APIs are designed to work as fast as possible (in most cases
+@@ -280,57 +281,70 @@ public:
+     Log(aSubjectTypeName,
+         aSubjectPointer,
+         DDLogCategory::_DerivedConstruction,
+         "",
+         DDLogValue{ DDLogObject{ DDLoggedTypeTraits<B>::Name(), aBase } });
+   }
+ 
+   template<typename Subject>
+-  static void
+-  LogConstruction(const Subject* aSubject)
++  static void LogConstruction(NonDereferenceable<const Subject> aSubject)
+   {
+     using Traits = DDLoggedTypeTraits<Subject>;
+     if (!Traits::HasBase::value) {
+       Log(DDLoggedTypeTraits<Subject>::Name(),
+-          aSubject,
++          reinterpret_cast<const void*>(aSubject.value()),
+           DDLogCategory::_Construction,
+           "",
+           DDLogValue{ DDNoValue{} });
+     } else {
+       Log(DDLoggedTypeTraits<Subject>::Name(),
+-          aSubject,
++          reinterpret_cast<const void*>(aSubject.value()),
+           DDLogCategory::_DerivedConstruction,
+           "",
+           DDLogValue{ DDLogObject{
+             DDLoggedTypeTraits<typename Traits::BaseType>::Name(),
+-            static_cast<const typename Traits::BaseType*>(aSubject) } });
++            reinterpret_cast<const void*>(
++              NonDereferenceable<const typename Traits::BaseType>(aSubject)
++                .value()) } });
+     }
+   }
+ 
++  template<typename Subject>
++  static void LogConstruction(const Subject* aSubject)
++  {
++    LogConstruction(NonDereferenceable<const Subject>(aSubject));
++  }
++
+   static void LogDestruction(const char* aSubjectTypeName,
+                              const void* aSubjectPointer)
+   {
+     Log(aSubjectTypeName,
+         aSubjectPointer,
+         DDLogCategory::_Destruction,
+         "",
+         DDLogValue{ DDNoValue{} });
+   }
+ 
+   template<typename Subject>
+-  static void LogDestruction(const Subject* aSubject)
++  static void LogDestruction(NonDereferenceable<const Subject> aSubject)
+   {
+     Log(DDLoggedTypeTraits<Subject>::Name(),
+-        aSubject,
++        reinterpret_cast<const void*>(aSubject.value()),
+         DDLogCategory::_Destruction,
+         "",
+         DDLogValue{ DDNoValue{} });
+   }
+ 
++  template<typename Subject>
++  static void LogDestruction(const Subject* aSubject)
++  {
++    LogDestruction(NonDereferenceable<const Subject>(aSubject));
++  }
++
+   template<typename P, typename C>
+   static void LinkParentAndChild(const P* aParent,
+                                  const char* aLinkName,
+                                  const C* aChild)
+   {
+     if (aChild) {
+       Log(DDLoggedTypeTraits<P>::Name(),
+           aParent,
+@@ -474,33 +488,23 @@ private:
+ // Base class to automatically record a class lifetime. Usage:
+ //   class SomeClass : public DecoderDoctorLifeLogger<SomeClass>
+ //   {
+ //     ...
+ template<typename T>
+ class DecoderDoctorLifeLogger
+ {
+ public:
+-#if defined(__clang__)
+-  // This constructor is called before the `T` object is fully constructed, and
+-  // pointers are not dereferenced anyway, so UBSan shouldn't check vptrs.
+-  __attribute__((no_sanitize("vptr")))
+-#endif
+   DecoderDoctorLifeLogger()
+   {
+-    DecoderDoctorLogger::LogConstruction(static_cast<const T*>(this));
++    DecoderDoctorLogger::LogConstruction(NonDereferenceable<const T>(this));
+   }
+-#if defined(__clang__)
+-  // This destructor is called after the `T` object is partially destructed, and
+-  // pointers are not dereferenced anyway, so UBSan shouldn't check vptrs.
+-  __attribute__((no_sanitize("vptr")))
+-#endif
+   ~DecoderDoctorLifeLogger()
+   {
+-    DecoderDoctorLogger::LogDestruction(static_cast<const T*>(this));
++    DecoderDoctorLogger::LogDestruction(NonDereferenceable<const T>(this));
+   }
+ };
+ 
+ // Macros to help lazily-evaluate arguments, only after we have checked that
+ // logging is enabled.
+ 
+ // Log a single value; see DDLogValue for allowed types.
+ #define DDLOG(_category, _label, _arg)                                         \
+

mozilla-release/patches/1463048-64a1.patch

@@ -2,7 +2,7 @@
 # User Gabriele Svelto <gsvelto@mozilla.com>
 # Date 1537217505 0
 # Node ID 588d96e4eec804258700aed86937c5ac1bfcab51
-# Parent  8581be9848a635c91fe8ee40a759be35f30e7cf7
+# Parent  e511c37373af4f45147eca6bec62a3fe3686f750
 Bug 1463048 - Remove asynchronous minidump generation r=ted
 
 This reverts the changes in bug 1360308, bug 1390143 and bug 1469603. Minidump
@@ -255,7 +255,7 @@ diff --git a/ipc/glue/CrashReporterHost.cpp b/ipc/glue/CrashReporterHost.cpp
 -    aCallback(false);
 -    return;
 -  }
--  mCreateMinidumpCallback.Init(Move(aCallback), aAsync);
+-  mCreateMinidumpCallback.Init(std::move(aCallback), aAsync);
 -
 -  if (!childHandle) {
 -    NS_WARNING("Failed to get child process handle.");
@@ -301,7 +301,7 @@ diff --git a/ipc/glue/CrashReporterHost.cpp b/ipc/glue/CrashReporterHost.cpp
 -                                        aPairName,
 -                                        aMinidumpToPair,
 -                                        getter_AddRefs(mTargetDump),
--                                        Move(callback),
+-                                        std::move(callback),
 -                                        aAsync);
 -}
 -
@@ -345,7 +345,7 @@ diff --git a/ipc/glue/CrashReporterHost.h b/ipc/glue/CrashReporterHost.h
 -  public:
 -    void Init(std::function<void(T)>&& aCallback, bool aAsync)
 -    {
--      mCallback = Move(aCallback);
+-      mCallback = std::move(aCallback);
 -      mAsync = aAsync;
 -      if (IsAsync()) {
 -        // Don't call do_GetCurrentThread() if this is called synchronously
@@ -368,7 +368,7 @@ diff --git a/ipc/glue/CrashReporterHost.h b/ipc/glue/CrashReporterHost.h
 -    void Invoke(T aResult)
 -    {
 -      if (IsAsync()) {
--        decltype(mCallback) callback = Move(mCallback);
+-        decltype(mCallback) callback = std::move(mCallback);
 -        mTargetThread->
 -          Dispatch(NS_NewRunnableFunction("ipc::CrashReporterHost::CallbackWrapper::Invoke",
 -                                          [callback, aResult](){
@@ -610,7 +610,7 @@ diff --git a/toolkit/crashreporter/nsExceptionHandler.cpp b/toolkit/crashreporte
 -  if (aAsync) {
 -    MOZ_ASSERT(!!aCallbackThread);
 -    Unused << aCallbackThread->Dispatch(NS_NewRunnableFunction("CrashReporter::InvokeCallback",
--                                                               Move(runnable)),
+-                                                               std::move(runnable)),
 -                                        NS_DISPATCH_SYNC);
 -  } else {
 -    runnable();
@@ -659,7 +659,7 @@ diff --git a/toolkit/crashreporter/nsExceptionHandler.cpp b/toolkit/crashreporte
           , GetMinidumpType()
  #endif
        )) {
--    NotifyDumpResult(false, aAsync, Move(aCallback), Move(aCallbackThread));
+-    NotifyDumpResult(false, aAsync, std::move(aCallback), std::move(aCallbackThread));
 -    return;
 +    return false;
    }
@@ -669,7 +669,7 @@ diff --git a/toolkit/crashreporter/nsExceptionHandler.cpp b/toolkit/crashreporte
 -  if (!targetExtra) {
 -    targetMinidump->Remove(false);
 -
--    NotifyDumpResult(false, aAsync, Move(aCallback), Move(aCallbackThread));
+-    NotifyDumpResult(false, aAsync, std::move(aCallback), std::move(aCallbackThread));
 -    return;
 -  }
 -
@@ -684,7 +684,7 @@ diff --git a/toolkit/crashreporter/nsExceptionHandler.cpp b/toolkit/crashreporte
 -
 -  targetMinidump.forget(aMainDumpOut);
 -
--  NotifyDumpResult(true, aAsync, Move(aCallback), Move(aCallbackThread));
+-  NotifyDumpResult(true, aAsync, std::move(aCallback), std::move(aCallbackThread));
 -}
 -
 -void
@@ -749,7 +749,7 @@ diff --git a/toolkit/crashreporter/nsExceptionHandler.cpp b/toolkit/crashreporte
    }
  
 -  nsCString incomingPairName(aIncomingPairName);
--  std::function<void(bool)> callback = Move(aCallback);
+-  std::function<void(bool)> callback = std::move(aCallback);
 -  // Don't call do_GetCurrentThread() if this is called synchronously because
 -  // 1. it's unnecessary, and 2. more importantly, it might create one if called
 -  // from a native thread, and the thread will be leaked.
@@ -762,14 +762,14 @@ diff --git a/toolkit/crashreporter/nsExceptionHandler.cpp b/toolkit/crashreporte
 -                                   incomingDumpToPair,
 -                                   aMainDumpOut,
 -                                   dump_path,
--                                   Move(callback),
--                                   Move(callbackThread),
+-                                   std::move(callback),
+-                                   std::move(callbackThread),
 -                                   aAsync);
 -  };
 -
 -  if (aAsync) {
 -    sMinidumpWriterThread->Dispatch(NS_NewRunnableFunction("CrashReporter::CreateMinidumpsAndPair",
--                                                           Move(doDump)),
+-                                                           std::move(doDump)),
 -                                    nsIEventTarget::DISPATCH_NORMAL);
 -  } else {
 -    doDump();

mozilla-release/patches/1465585-3-std-62a1.patch

@@ -2,7 +2,7 @@
 # User Emilio Cobos Alvarez <emilio@crisal.io>
 # Date 1527707735 -7200
 # Node ID b54db66223586b4e04f5cb926fccdacf8a176b91
-# Parent  b64991489d0f4edc23c977362a8170a785f1b4d6
+# Parent  058201fe87c7f8d14b6cf59a434fe38725db720d
 Bug 1465585: Switch from mozilla::Move to std::move. r=froydnj
 
 This was done automatically replacing:
@@ -3125,7 +3125,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
    MOZ_ASSERT(NS_IsMainThread());
    MOZ_ASSERT(aSelector);
  
-@@ -3201,19 +3201,19 @@ nsIDocument::GetDocGroup() const
+@@ -3190,19 +3190,19 @@ nsIDocument::GetDocGroup() const
  }
  
  nsresult
@@ -3148,7 +3148,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
    if (mDocGroup) {
      return mDocGroup->EventTargetFor(aCategory);
    }
-@@ -5693,39 +5693,39 @@ nsIDocument::GetAnonRootIfInAnonymousCon
+@@ -5682,39 +5682,39 @@ nsIDocument::GetAnonRootIfInAnonymousCon
    return nullptr;
  }
  
@@ -3197,7 +3197,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
  DocumentType*
  nsIDocument::GetDoctype() const
  {
-@@ -6646,17 +6646,17 @@ nsIDocument::CreateNodeIterator(nsINode&
+@@ -6635,17 +6635,17 @@ nsIDocument::CreateNodeIterator(nsINode&
  
  already_AddRefed<NodeIterator>
  nsIDocument::CreateNodeIterator(nsINode& aRoot, uint32_t aWhatToShow,
@@ -3216,7 +3216,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
                               uint32_t aWhatToShow,
                               nsIDOMNodeFilter *aFilter,
                               uint8_t aOptionalArgc,
-@@ -6686,17 +6686,17 @@ nsIDocument::CreateTreeWalker(nsINode& a
+@@ -6675,17 +6675,17 @@ nsIDocument::CreateTreeWalker(nsINode& a
    return CreateTreeWalker(aRoot, aWhatToShow, NodeFilterHolder(aFilter), rv);
  }
  
@@ -3235,7 +3235,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
  nsDocument::GetDefaultView(mozIDOMWindowProxy** aDefaultView)
  {
    *aDefaultView = nullptr;
-@@ -6945,17 +6945,17 @@ nsDocument::NotifyPossibleTitleChange(bo
+@@ -6934,17 +6934,17 @@ nsDocument::NotifyPossibleTitleChange(bo
  
    MOZ_RELEASE_ASSERT(NS_IsMainThread());
    RefPtr<nsRunnableMethod<nsDocument, void, false>> event =
@@ -3254,7 +3254,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
  {
    mPendingTitleChangeEvent.Forget();
    mHaveFiredTitleChange = true;
-@@ -10180,17 +10180,17 @@ nsIDocument::FlushPendingLinkUpdates()
+@@ -10169,17 +10169,17 @@ nsIDocument::FlushPendingLinkUpdates()
    if (mFlushingPendingLinkUpdates) {
      return;
    }
@@ -3273,7 +3273,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
          if (element->IsInComposedDoc()) {
            element->UpdateLinkState(link->LinkState());
          }
-@@ -11119,17 +11119,17 @@ ResetFullScreen(nsIDocument* aDocument, 
+@@ -11108,17 +11108,17 @@ ResetFullScreen(nsIDocument* aDocument, 
  // Since nsIDocument::ExitFullscreenInDocTree() could be called from
  // Element::UnbindFromTree() where it is not safe to synchronously run
  // script. This runnable is the script part of that function.
@@ -3292,7 +3292,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
      // Dispatch MozDOMFullscreen:Exited to the last document in
      // the list since we want this event to follow the same path
      // MozDOMFullscreen:Entered dispatched.
-@@ -11189,17 +11189,17 @@ nsIDocument::ExitFullscreenInDocTree(nsI
+@@ -11178,17 +11178,17 @@ nsIDocument::ExitFullscreenInDocTree(nsI
  
    NS_ASSERTION(!root->GetFullscreenElement(),
      "Fullscreen root should no longer be a fullscreen doc...");
@@ -3311,7 +3311,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
    if (aDoc->IsFullscreenLeaf()) {
      nsIDocument** result = static_cast<nsIDocument**>(aData);
      *result = aDoc;
-@@ -11316,23 +11316,23 @@ nsDocument::RestorePreviousFullScreenSta
+@@ -11305,23 +11305,23 @@ nsDocument::RestorePreviousFullScreenSta
    }
  }
  
@@ -3337,7 +3337,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
  
  void
  nsDocument::AsyncRequestFullScreen(UniquePtr<FullscreenRequest>&& aRequest)
-@@ -11340,17 +11340,17 @@ nsDocument::AsyncRequestFullScreen(Uniqu
+@@ -11329,17 +11329,17 @@ nsDocument::AsyncRequestFullScreen(Uniqu
    if (!aRequest->GetElement()) {
      MOZ_ASSERT_UNREACHABLE(
        "Must pass non-null element to nsDocument::AsyncRequestFullScreen");
@@ -3356,7 +3356,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
  {
    RefPtr<AsyncEventDispatcher> asyncDispatcher =
      new AsyncEventDispatcher(this,
-@@ -11524,17 +11524,17 @@ nsresult nsDocument::RemoteFrameFullscre
+@@ -11513,17 +11513,17 @@ nsresult nsDocument::RemoteFrameFullscre
  {
    // Ensure the frame element is the fullscreen element in this document.
    // If the frame element is already the fullscreen element in this document,
@@ -3375,7 +3375,7 @@ diff --git a/dom/base/nsDocument.cpp b/dom/base/nsDocument.cpp
  {
    RestorePreviousFullScreenState();
    return NS_OK;
-@@ -11822,17 +11822,17 @@ nsDocument::RequestFullScreen(UniquePtr<
+@@ -11811,17 +11811,17 @@ nsDocument::RequestFullScreen(UniquePtr<
    }
  
    // We don't need to check element ready before this point, because
@@ -3590,7 +3590,7 @@ diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp
 diff --git a/dom/base/nsIDocument.h b/dom/base/nsIDocument.h
 --- a/dom/base/nsIDocument.h
 +++ b/dom/base/nsIDocument.h
-@@ -1148,17 +1148,17 @@ public:
+@@ -1140,17 +1140,17 @@ public:
        public:
          SelectorList()
            : mIsServo(false)
@@ -4399,25 +4399,6 @@ diff --git a/dom/cache/CacheStreamControlChild.cpp b/dom/cache/CacheStreamContro
    NS_ASSERT_OWNINGTHREAD(CacheStreamControlChild);
  
    if (mDestroyStarted) {
-@@ -122,17 +122,17 @@ CacheStreamControlChild::OpenStream(cons
-   // rejection here in many cases, we must handle the case where the
-   // MozPromise resolve runnable is already in the event queue when the
-   // worker wants to shut down.
-   RefPtr<CacheWorkerHolder> holder = GetWorkerHolder();
- 
-   SendOpenStream(aId)->Then(GetCurrentThreadSerialEventTarget(), __func__,
-   [aResolver, holder](const OptionalIPCStream& aOptionalStream) {
-     nsCOMPtr<nsIInputStream> stream = DeserializeIPCStream(aOptionalStream);
--    aResolver(Move(stream));
-+    aResolver(std::move(stream));
-   }, [aResolver, holder](ResponseRejectReason aReason) {
-     aResolver(nullptr);
-   });
- }
- 
- void
- CacheStreamControlChild::NoteClosedAfterForget(const nsID& aId)
- {
 diff --git a/dom/cache/CacheStreamControlParent.cpp b/dom/cache/CacheStreamControlParent.cpp
 --- a/dom/cache/CacheStreamControlParent.cpp
 +++ b/dom/cache/CacheStreamControlParent.cpp
@@ -8744,7 +8725,7 @@ diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
                                            const bool& aHighAccuracy)
  {
    // To ensure no geolocation updates are skipped, we always force the
-@@ -4188,17 +4188,17 @@ ContentParent::RecvRequestAnonymousTempo
+@@ -4180,17 +4180,17 @@ ContentParent::RecvRequestAnonymousTempo
  
  mozilla::ipc::IPCResult
  ContentParent::RecvCreateAudioIPCConnection(CreateAudioIPCConnectionResolver&& aResolver)
@@ -8763,7 +8744,7 @@ diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
  mozilla::ipc::IPCResult
  ContentParent::RecvKeygenProcessValue(const nsString& oldValue,
                                        const nsString& challenge,
-@@ -4322,17 +4322,17 @@ ContentParent::RecvNotifyTabDestroying(c
+@@ -4314,17 +4314,17 @@ ContentParent::RecvNotifyTabDestroying(c
  {
    NotifyTabDestroying(aTabId, aCpId);
    return IPC_OK();
@@ -8782,7 +8763,7 @@ diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
                                                const URIParams& aDocumentURI,
                                                const PrincipalInfo& aLoadingPrincipalInfo,
                                                const bool& aStickDocument)
-@@ -4864,17 +4864,17 @@ ContentParent::RecvBeginDriverCrashGuard
+@@ -4856,17 +4856,17 @@ ContentParent::RecvBeginDriverCrashGuard
    }
  
    if (guard->Crashed()) {
@@ -8801,7 +8782,7 @@ diff --git a/dom/ipc/ContentParent.cpp b/dom/ipc/ContentParent.cpp
  {
    mDriverCrashGuard = nullptr;
    return IPC_OK();
-@@ -5039,17 +5039,17 @@ ContentParent::RecvGetA11yContentId(uint
+@@ -5031,17 +5031,17 @@ ContentParent::RecvGetA11yContentId(uint
  
  mozilla::ipc::IPCResult
  ContentParent::RecvA11yHandlerControl(const uint32_t& aPid,
@@ -16642,6 +16623,47 @@ diff --git a/dom/performance/PerformanceMainThread.cpp b/dom/performance/Perform
  {
    MOZ_ASSERT(aChannel);
    MOZ_ASSERT(!mDocEntry, "mDocEntry should be null.");
+@@ -339,17 +339,17 @@ PerformanceMainThread::CreateDocumentEnt
+     return;
+   }
+ 
+   nsAutoString name;
+   GetURLSpecFromChannel(aChannel, name);
+ 
+   UniquePtr<PerformanceTimingData> timing(
+       new PerformanceTimingData(aChannel, nullptr, 0));
+-  mDocEntry = new PerformanceNavigationTiming(Move(timing), this, name);
++  mDocEntry = new PerformanceNavigationTiming(std::move(timing), this, name);
+ }
+ 
+ void
+ PerformanceMainThread::GetEntries(nsTArray<RefPtr<PerformanceEntry>>& aRetval)
+ {
+   // We return an empty list when 'privacy.resistFingerprinting' is on.
+   if (nsContentUtils::ShouldResistFingerprinting()) {
+     aRetval.Clear();
+diff --git a/dom/performance/PerformanceNavigationTiming.h b/dom/performance/PerformanceNavigationTiming.h
+--- a/dom/performance/PerformanceNavigationTiming.h
++++ b/dom/performance/PerformanceNavigationTiming.h
+@@ -27,17 +27,17 @@ public:
+ 
+   // Note that aPerformanceTiming must be initalized with zeroTime = 0
+   // so that timestamps are relative to startTime, as opposed to the
+   // performance.timing object for which timestamps are absolute and has a
+   // zeroTime initialized to navigationStart
+   PerformanceNavigationTiming(UniquePtr<PerformanceTimingData>&& aPerformanceTiming,
+                               Performance* aPerformance,
+                               const nsAString& aName)
+-    : PerformanceResourceTiming(Move(aPerformanceTiming), aPerformance, aName)
++    : PerformanceResourceTiming(std::move(aPerformanceTiming), aPerformance, aName)
+   {
+     SetEntryType(NS_LITERAL_STRING("navigation"));
+     SetInitiatorType(NS_LITERAL_STRING("navigation"));
+   }
+ 
+   DOMHighResTimeStamp Duration() const override
+   {
+     return nsRFPService::ReduceTimePrecisionAsMSecs(LoadEventEnd() - StartTime());
 diff --git a/dom/performance/PerformanceResourceTiming.cpp b/dom/performance/PerformanceResourceTiming.cpp
 --- a/dom/performance/PerformanceResourceTiming.cpp
 +++ b/dom/performance/PerformanceResourceTiming.cpp
@@ -17246,7 +17268,7 @@ diff --git a/dom/security/nsCSPUtils.cpp b/dom/security/nsCSPUtils.cpp
 +      outCSP.mWorker_src.Value() = std::move(srcs);
        return;
  
-     // REFERRER_DIRECTIVE and REQUIRE_SRI_FOR are handled in nsCSPPolicy::toDomCSPStruct()
+     // REQUIRE_SRI_FOR is handled in nsCSPPolicy::toDomCSPStruct()
  
      default:
        NS_ASSERTION(false, "cannot find directive to convert CSP to JSON");
@@ -18470,7 +18492,7 @@ diff --git a/dom/workers/ScriptLoader.cpp b/dom/workers/ScriptLoader.cpp
 diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp
 --- a/dom/workers/WorkerPrivate.cpp
 +++ b/dom/workers/WorkerPrivate.cpp
-@@ -3080,17 +3080,17 @@ WorkerPrivate::Constructor(JSContext* aC
+@@ -3070,17 +3070,17 @@ WorkerPrivate::Constructor(JSContext* aC
    // WorkerThreadPrimaryRunnable::Run for workers just before running worker
    // code), so this is never SpiderMonkey's builtin default locale.
    JS::UniqueChars defaultLocale = JS_GetDefaultLocale(aCx);
@@ -18489,7 +18511,7 @@ diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp
  
    worker->EnableDebugger();
  
-@@ -3637,17 +3637,17 @@ WorkerPrivate::DispatchToMainThread(nsIR
+@@ -3627,17 +3627,17 @@ WorkerPrivate::DispatchToMainThread(nsIR
    nsCOMPtr<nsIRunnable> r = aRunnable;
    return DispatchToMainThread(r.forget(), aFlags);
  }
@@ -18508,7 +18530,7 @@ diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp
    return mWorkerControlEventTarget;
  }
  
-@@ -3725,17 +3725,17 @@ WorkerPrivate::GetClientInfo() const
+@@ -3715,17 +3715,17 @@ WorkerPrivate::GetClientInfo() const
  
  const ClientState
  WorkerPrivate::GetClientState() const
@@ -18527,7 +18549,7 @@ diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp
    AssertIsOnWorkerThread();
    MOZ_DIAGNOSTIC_ASSERT(mClientSource);
    return mClientSource->GetController();
-@@ -5434,17 +5434,17 @@ WorkerPrivate::GetOrCreateGlobalScope(JS
+@@ -5424,17 +5424,17 @@ WorkerPrivate::GetOrCreateGlobalScope(JS
  
      JS::Rooted<JSObject*> global(aCx);
      NS_ENSURE_TRUE(globalScope->WrapGlobalObject(aCx, &global), nullptr);
@@ -18546,7 +18568,7 @@ diff --git a/dom/workers/WorkerPrivate.cpp b/dom/workers/WorkerPrivate.cpp
  
      JS_FireOnNewGlobalObject(aCx, global);
    }
-@@ -5465,17 +5465,17 @@ WorkerPrivate::CreateDebuggerGlobalScope
+@@ -5455,17 +5455,17 @@ WorkerPrivate::CreateDebuggerGlobalScope
    JS::Rooted<JSObject*> global(aCx);
    NS_ENSURE_TRUE(globalScope->WrapGlobalObject(aCx, &global), nullptr);
  
@@ -28410,6 +28432,32 @@ diff --git a/intl/locale/LocaleService.cpp b/intl/locale/LocaleService.cpp
        // Kept for now for compatibility reasons
        obs->NotifyObservers(nullptr, "selected-locale-has-changed", nullptr);
      }
+diff --git a/intl/locale/LocaleService.cpp.1465585.later b/intl/locale/LocaleService.cpp.1465585.later
+new file mode 100644
+--- /dev/null
++++ b/intl/locale/LocaleService.cpp.1465585.later
+@@ -0,0 +1,21 @@
++--- LocaleService.cpp
+++++ LocaleService.cpp
++@@ -956,17 +956,17 @@ LocaleService::SetAvailableLocales(const
++     if (!SanitizeForBCP47(locale, true)) {
++       NS_ERROR("Invalid language tag provided to SetAvailableLocales!");
++       return NS_ERROR_INVALID_ARG;
++     }
++     newLocales.AppendElement(locale);
++   }
++ 
++   if (newLocales != mAvailableLocales) {
++-    mAvailableLocales = Move(newLocales);
+++    mAvailableLocales = std::move(newLocales);
++     LocalesChanged();
++   }
++ 
++   return NS_OK;
++ }
++ 
++ NS_IMETHODIMP
++ LocaleService::GetPackagedLocales(uint32_t* aCount, char*** aOutArray)
 diff --git a/intl/locale/OSPreferences.cpp b/intl/locale/OSPreferences.cpp
 --- a/intl/locale/OSPreferences.cpp
 +++ b/intl/locale/OSPreferences.cpp
@@ -29014,6 +29062,88 @@ diff --git a/ipc/glue/BackgroundUtils.cpp b/ipc/glue/BackgroundUtils.cpp
                            loadInfoArgs.serviceWorkerTaintingSynthesized()
                            );
  
+diff --git a/ipc/glue/CrashReporterHost.cpp b/ipc/glue/CrashReporterHost.cpp
+--- a/ipc/glue/CrashReporterHost.cpp
++++ b/ipc/glue/CrashReporterHost.cpp
+@@ -161,17 +161,17 @@ CrashReporterHost::GenerateMinidumpAndPa
+ #else
+   childHandle = aChildProcess->GetChildProcessHandle();
+ #endif
+ 
+   if (!mCreateMinidumpCallback.IsEmpty()) {
+     aCallback(false);
+     return;
+   }
+-  mCreateMinidumpCallback.Init(Move(aCallback), aAsync);
++  mCreateMinidumpCallback.Init(std::move(aCallback), aAsync);
+ 
+   if (!childHandle) {
+     NS_WARNING("Failed to get child process handle.");
+     mCreateMinidumpCallback.Invoke(false);
+     return;
+   }
+ 
+   nsCOMPtr<nsIAsyncShutdownBlocker> shutdownBlocker;
+@@ -207,17 +207,17 @@ CrashReporterHost::GenerateMinidumpAndPa
+       }
+     };
+ 
+   CrashReporter::CreateMinidumpsAndPair(childHandle,
+                                         mThreadId,
+                                         aPairName,
+                                         aMinidumpToPair,
+                                         getter_AddRefs(mTargetDump),
+-                                        Move(callback),
++                                        std::move(callback),
+                                         aAsync);
+ }
+ 
+ /* static */ void
+ CrashReporterHost::NotifyCrashService(GeckoProcessType aProcessType,
+                                       const nsString& aChildDumpID,
+                                       const AnnotationTable* aNotes)
+ {
+diff --git a/ipc/glue/CrashReporterHost.h b/ipc/glue/CrashReporterHost.h
+--- a/ipc/glue/CrashReporterHost.h
++++ b/ipc/glue/CrashReporterHost.h
+@@ -33,17 +33,17 @@ class CrashReporterHost
+ 
+ public:
+ 
+   template <typename T>
+   class CallbackWrapper {
+   public:
+     void Init(std::function<void(T)>&& aCallback, bool aAsync)
+     {
+-      mCallback = Move(aCallback);
++      mCallback = std::move(aCallback);
+       mAsync = aAsync;
+       if (IsAsync()) {
+         // Don't call do_GetCurrentThread() if this is called synchronously
+         // because 1. it's unnecessary, and 2. more importantly, it might create
+         // one if called from a native thread, and the thread will be leaked.
+         mTargetThread = do_GetCurrentThread();
+       }
+     }
+@@ -56,17 +56,17 @@ public:
+     bool IsAsync()
+     {
+       return mAsync;
+     }
+ 
+     void Invoke(T aResult)
+     {
+       if (IsAsync()) {
+-        decltype(mCallback) callback = Move(mCallback);
++        decltype(mCallback) callback = std::move(mCallback);
+         mTargetThread->
+           Dispatch(NS_NewRunnableFunction("ipc::CrashReporterHost::CallbackWrapper::Invoke",
+                                           [callback, aResult](){
+                      callback(aResult);
+                    }), NS_DISPATCH_NORMAL);
+       } else {
+         MOZ_ASSERT(!mTargetThread);
+         mCallback(aResult);
 diff --git a/ipc/glue/FileDescriptor.cpp b/ipc/glue/FileDescriptor.cpp
 --- a/ipc/glue/FileDescriptor.cpp
 +++ b/ipc/glue/FileDescriptor.cpp
@@ -46470,6 +46600,46 @@ diff --git a/mfbt/tests/TestMaybe.cpp b/mfbt/tests/TestMaybe.cpp
  }
  
  // These are quasi-implementation details, but we assert them here to prevent
+diff --git a/mfbt/tests/TestNonDereferenceable.cpp b/mfbt/tests/TestNonDereferenceable.cpp
+--- a/mfbt/tests/TestNonDereferenceable.cpp
++++ b/mfbt/tests/TestNonDereferenceable.cpp
+@@ -4,17 +4,16 @@
+  * License, v. 2.0. If a copy of the MPL was not distributed with this file,
+  * You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ #include "mozilla/NonDereferenceable.h"
+ 
+ #include "mozilla/Assertions.h"
+ #include "mozilla/Move.h"
+ 
+-using mozilla::Move;
+ using mozilla::NonDereferenceable;
+ 
+ #define CHECK MOZ_RELEASE_ASSERT
+ 
+ void
+ TestNonDereferenceableSimple()
+ {
+   // Default construction.
+@@ -42,17 +41,17 @@ TestNonDereferenceableSimple()
+   nd2 = nd0;
+   CHECK(!nd2.value());
+ 
+   // Move-construction.
+   NonDereferenceable<int> nd3{ NonDereferenceable<int>(&i) };
+   CHECK(nd3.value() == reinterpret_cast<uintptr_t>(&i));
+ 
+   // Move-assignment.
+-  nd3 = Move(nd1);
++  nd3 = std::move(nd1);
+   CHECK(nd3.value() == reinterpret_cast<uintptr_t>(&i2));
+   // Note: Not testing nd1's value because we don't want to assume what state
+   // it is left in after move. But at least it should be reusable:
+   nd1 = &i;
+   CHECK(nd1.value() == reinterpret_cast<uintptr_t>(&i));
+ }
+ 
+ void
 diff --git a/mfbt/tests/TestSegmentedVector.cpp b/mfbt/tests/TestSegmentedVector.cpp
 --- a/mfbt/tests/TestSegmentedVector.cpp
 +++ b/mfbt/tests/TestSegmentedVector.cpp
@@ -47160,6 +47330,100 @@ diff --git a/modules/libpref/Preferences.cpp b/modules/libpref/Preferences.cpp
  }
  
  /* static */ void
+diff --git a/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_Caret.cpp b/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_Caret.cpp
+--- a/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_Caret.cpp
++++ b/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_Caret.cpp
+@@ -108,26 +108,26 @@ void CPWL_Caret::SetCaret(bool bVisible,
+                           const CFX_PointF& ptHead,
+                           const CFX_PointF& ptFoot) {
+   if (bVisible) {
+     if (IsVisible()) {
+       if (m_ptHead != ptHead || m_ptFoot != ptFoot) {
+         m_ptHead = ptHead;
+         m_ptFoot = ptFoot;
+         m_bFlash = true;
+-        Move(m_rcInvalid, false, true);
++        std::move(m_rcInvalid, false, true);
+       }
+     } else {
+       m_ptHead = ptHead;
+       m_ptFoot = ptFoot;
+       EndTimer();
+       BeginTimer(PWL_CARET_FLASHINTERVAL);
+       CPWL_Wnd::SetVisible(true);
+       m_bFlash = true;
+-      Move(m_rcInvalid, false, true);
++      std::move(m_rcInvalid, false, true);
+     }
+   } else {
+     m_ptHead = CFX_PointF();
+     m_ptFoot = CFX_PointF();
+     m_bFlash = false;
+     if (IsVisible()) {
+       EndTimer();
+       CPWL_Wnd::SetVisible(false);
+diff --git a/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_ComboBox.cpp b/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_ComboBox.cpp
+--- a/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_ComboBox.cpp
++++ b/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_ComboBox.cpp
+@@ -473,28 +473,28 @@ void CPWL_ComboBox::SetPopup(bool bPopup
+             rcWindow.bottom -= fPopupRet;
+             break;
+           case 1:
+             rcWindow.top += fPopupRet;
+             break;
+         }
+ 
+         m_nPopupWhere = nWhere;
+-        Move(rcWindow, true, true);
++        std::move(rcWindow, true, true);
+ #ifdef PDF_ENABLE_XFA
+         bExit = false;
+         m_pFillerNotify->OnPopupPostOpen(GetAttachedData(), bExit, 0);
+         if (bExit)
+           return;
+ #endif  // PDF_ENABLE_XFA
+       }
+     }
+   } else {
+     m_bPopup = bPopup;
+-    Move(m_rcOldWindow, true, true);
++    std::move(m_rcOldWindow, true, true);
+   }
+ }
+ 
+ bool CPWL_ComboBox::OnKeyDown(uint16_t nChar, uint32_t nFlag) {
+   if (!m_pList)
+     return false;
+   if (!m_pEdit)
+     return false;
+diff --git a/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_Edit.cpp b/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_Edit.cpp
+--- a/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_Edit.cpp
++++ b/modules/pdfium/pdfium/fpdfsdk/pdfwindow/PWL_Edit.cpp
+@@ -578,22 +578,22 @@ CFX_FloatRect CPWL_Edit::GetFocusRect() 
+ void CPWL_Edit::ShowVScrollBar(bool bShow) {
+   if (CPWL_ScrollBar* pScroll = GetVScrollBar()) {
+     if (bShow) {
+       if (!pScroll->IsVisible()) {
+         pScroll->SetVisible(true);
+         CFX_FloatRect rcWindow = GetWindowRect();
+         m_rcOldWindow = rcWindow;
+         rcWindow.right += PWL_SCROLLBAR_WIDTH;
+-        Move(rcWindow, true, true);
++        std::move(rcWindow, true, true);
+       }
+     } else {
+       if (pScroll->IsVisible()) {
+         pScroll->SetVisible(false);
+-        Move(m_rcOldWindow, true, true);
++        std::move(m_rcOldWindow, true, true);
+       }
+     }
+   }
+ }
+ 
+ bool CPWL_Edit::IsVScrollBarVisible() const {
+   if (CPWL_ScrollBar* pScroll = GetVScrollBar()) {
+     return pScroll->IsVisible();
 diff --git a/mozglue/misc/interceptor/MMPolicies.h b/mozglue/misc/interceptor/MMPolicies.h
 --- a/mozglue/misc/interceptor/MMPolicies.h
 +++ b/mozglue/misc/interceptor/MMPolicies.h
@@ -47316,6 +47580,69 @@ diff --git a/mozglue/misc/interceptor/TargetFunction.h b/mozglue/misc/intercepto
      : mMMPolicy(aOther.mMMPolicy)
      , mBase(aOther.mBase)
    {
+@@ -477,32 +477,32 @@ class MOZ_STACK_CLASS ReadOnlyTargetFunc
+   template<>
+   class TargetBytesPtr<MMPolicyInProcess>
+   {
+   public:
+     typedef TargetBytesPtr<MMPolicyInProcess> Type;
+ 
+     static Type Make(const MMPolicyInProcess& aMMPolicy, const void* aFunc)
+     {
+-      return Move(TargetBytesPtr(aMMPolicy, aFunc));
++      return std::move(TargetBytesPtr(aMMPolicy, aFunc));
+     }
+ 
+     static Type CopyFromOffset(const TargetBytesPtr& aOther,
+                                const uint32_t aOffsetFromOther)
+     {
+-      return Move(TargetBytesPtr(aOther, aOffsetFromOther));
++      return std::move(TargetBytesPtr(aOther, aOffsetFromOther));
+     }
+ 
+     ReadOnlyTargetBytes<MMPolicyInProcess>* operator->()
+     {
+       return &mTargetBytes;
+     }
+ 
+     TargetBytesPtr(TargetBytesPtr&& aOther)
+-      : mTargetBytes(Move(aOther.mTargetBytes))
++      : mTargetBytes(std::move(aOther.mTargetBytes))
+     {
+     }
+ 
+     TargetBytesPtr(const TargetBytesPtr& aOther)
+       : mTargetBytes(aOther.mTargetBytes)
+     {
+     }
+ 
+@@ -527,24 +527,24 @@ class MOZ_STACK_CLASS ReadOnlyTargetFunc
+   template <>
+   class TargetBytesPtr<MMPolicyOutOfProcess>
+   {
+   public:
+     typedef std::shared_ptr<ReadOnlyTargetBytes<MMPolicyOutOfProcess>> Type;
+ 
+     static Type Make(const MMPolicyOutOfProcess& aMMPolicy, const void* aFunc)
+     {
+-      return Move(std::make_shared<ReadOnlyTargetBytes<MMPolicyOutOfProcess>>(
++      return std::move(std::make_shared<ReadOnlyTargetBytes<MMPolicyOutOfProcess>>(
+                     aMMPolicy, aFunc));
+     }
+ 
+     static Type CopyFromOffset(const Type& aOther,
+                                const uint32_t aOffsetFromOther)
+     {
+-      return Move(std::make_shared<ReadOnlyTargetBytes<MMPolicyOutOfProcess>>(
++      return std::move(std::make_shared<ReadOnlyTargetBytes<MMPolicyOutOfProcess>>(
+                     *aOther, aOffsetFromOther));
+     }
+   };
+ 
+ public:
+   ReadOnlyTargetFunction(const MMPolicy& aMMPolicy, const void* aFunc)
+     : mTargetBytes(TargetBytesPtr<MMPolicy>::Make(aMMPolicy, aFunc))
+     , mOffset(0)
 @@ -554,17 +554,17 @@ public:
    ReadOnlyTargetFunction(const MMPolicy& aMMPolicy, uintptr_t aFunc)
      : mTargetBytes(TargetBytesPtr<MMPolicy>::Make(aMMPolicy,
@@ -48354,7 +48681,7 @@ diff --git a/netwerk/protocol/res/ExtensionProtocolHandler.cpp b/netwerk/protoco
        MOZ_ASSERT(mJarChannel);
        MOZ_ASSERT(aJarFile);
  
-@@ -270,17 +270,17 @@ CancelRequest(nsIStreamListener* aListen
+@@ -266,17 +266,17 @@ CancelRequest(nsIStreamListener* aListen
  // Handle an input stream sent from the parent.
  void
  ExtensionStreamGetter::OnStream(already_AddRefed<nsIInputStream> aStream)
@@ -48477,61 +48804,6 @@ diff --git a/netwerk/system/mac/nsNetworkLinkService.mm b/netwerk/system/mac/nsN
  
      struct rt_msghdr *rtm;
      for (next = &buf[0]; next < lim; next += rtm->rtm_msglen) {
-diff --git a/other-licenses/7zstub/src/CPP/Windows/Control/Dialog.cpp b/other-licenses/7zstub/src/CPP/Windows/Control/Dialog.cpp
---- a/other-licenses/7zstub/src/CPP/Windows/Control/Dialog.cpp
-+++ b/other-licenses/7zstub/src/CPP/Windows/Control/Dialog.cpp
-@@ -173,27 +173,27 @@ void CDialog::NormalizeSize(bool fullNor
-     rect.bottom = workRect.bottom;
-     ySize2 = ySize;
-   }
-   if (needMove)
-   {
-     if (fullNormalize)
-       Show(SW_SHOWMAXIMIZED);
-     else
--      Move(rect.left, rect.top, xSize2, ySize2, true);
-+      std::move(rect.left, rect.top, xSize2, ySize2, true);
-   }
- }
- 
- void CDialog::NormalizePosition()
- {
-   RECT workRect, rect;
-   GetWorkAreaRect(&workRect);
-   GetWindowRect(&rect);
-   if (rect.bottom > workRect.bottom && rect.top > workRect.top)
--    Move(rect.left, workRect.top, RECT_SIZE_X(rect), RECT_SIZE_Y(rect), true);
-+    std::move(rect.left, workRect.top, RECT_SIZE_X(rect), RECT_SIZE_Y(rect), true);
- }
- 
- bool CModelessDialog::Create(LPCTSTR templateName, HWND parentWindow)
- {
-   HWND aHWND = CreateDialogParam(g_hInstance, templateName, parentWindow, DialogProcedure, (LPARAM)this);
-   if (aHWND == 0)
-     return false;
-   Attach(aHWND);
-diff --git a/other-licenses/7zstub/src/CPP/Windows/Window.h b/other-licenses/7zstub/src/CPP/Windows/Window.h
---- a/other-licenses/7zstub/src/CPP/Windows/Window.h
-+++ b/other-licenses/7zstub/src/CPP/Windows/Window.h
-@@ -125,17 +125,17 @@ public:
-     if (_window == NULL)
-       return true;
-     bool result = BOOLToBool(::DestroyWindow(_window));
-     if (result)
-       _window = NULL;
-     return result;
-   }
-   bool IsWindow() {  return BOOLToBool(::IsWindow(_window)); }
--  bool Move(int x, int y, int width, int height, bool repaint = true)
-+  bool std::move(int x, int y, int width, int height, bool repaint = true)
-     { return BOOLToBool(::MoveWindow(_window, x, y, width, height, BoolToBOOL(repaint))); }
- 
-   bool ChangeSubWindowSizeX(HWND hwnd, int xSize)
-   {
-     RECT rect;
-     ::GetWindowRect(hwnd, &rect);
-     POINT p1;
-     p1.x = rect.left;
 diff --git a/parser/html/nsHtml5Highlighter.cpp b/parser/html/nsHtml5Highlighter.cpp
 --- a/parser/html/nsHtml5Highlighter.cpp
 +++ b/parser/html/nsHtml5Highlighter.cpp
@@ -50563,7 +50835,7 @@ diff --git a/toolkit/components/telemetry/HangReports.h b/toolkit/components/tel
      {
        mHangIndices = aOther.mHangIndices;
 -      mAnnotations = Move(aOther.mAnnotations);
-+      mAnnotations = std:.move(aOther.mAnnotations);
++      mAnnotations = std::move(aOther.mAnnotations);
        return *this;
      }
      // To save memory, a single AnnotationInfo can be associated to multiple chrome
@@ -50688,6 +50960,115 @@ diff --git a/toolkit/components/url-classifier/tests/gtest/TestClassifier.cpp b/
                     const nsACString& aTable)
  {
    LookupCacheV4* lookupCache =
+diff --git a/toolkit/crashreporter/nsExceptionHandler.cpp b/toolkit/crashreporter/nsExceptionHandler.cpp
+--- a/toolkit/crashreporter/nsExceptionHandler.cpp
++++ b/toolkit/crashreporter/nsExceptionHandler.cpp
+@@ -3732,17 +3732,17 @@ NotifyDumpResult(bool aResult,
+ {
+   std::function<void()> runnable = [&](){
+     aCallback(aResult);
+   };
+ 
+   if (aAsync) {
+     MOZ_ASSERT(!!aCallbackThread);
+     Unused << aCallbackThread->Dispatch(NS_NewRunnableFunction("CrashReporter::InvokeCallback",
+-                                                               Move(runnable)),
++                                                               std::move(runnable)),
+                                         NS_DISPATCH_SYNC);
+   } else {
+     runnable();
+   }
+ }
+ 
+ static void
+ CreatePairedChildMinidumpAsync(ProcessHandle aTargetPid,
+@@ -3770,41 +3770,41 @@ CreatePairedChildMinidumpAsync(ProcessHa
+          targetThread,
+          aDumpPath,
+          PairedDumpCallbackExtra,
+          static_cast<void*>(&targetMinidump)
+ #ifdef XP_WIN32
+          , GetMinidumpType()
+ #endif
+       )) {
+-    NotifyDumpResult(false, aAsync, Move(aCallback), Move(aCallbackThread));
++    NotifyDumpResult(false, aAsync, std::move(aCallback), std::move(aCallbackThread));
+     return;
+   }
+ 
+   nsCOMPtr<nsIFile> targetExtra;
+   GetExtraFileForMinidump(targetMinidump, getter_AddRefs(targetExtra));
+   if (!targetExtra) {
+     targetMinidump->Remove(false);
+ 
+-    NotifyDumpResult(false, aAsync, Move(aCallback), Move(aCallbackThread));
++    NotifyDumpResult(false, aAsync, std::move(aCallback), std::move(aCallbackThread));
+     return;
+   }
+ 
+   RenameAdditionalHangMinidump(aIncomingDumpToPair,
+                                targetMinidump,
+                                aIncomingPairName);
+ 
+   if (ShouldReport()) {
+     MoveToPending(targetMinidump, targetExtra, nullptr);
+     MoveToPending(aIncomingDumpToPair, nullptr, nullptr);
+   }
+ 
+   targetMinidump.forget(aMainDumpOut);
+ 
+-  NotifyDumpResult(true, aAsync, Move(aCallback), Move(aCallbackThread));
++  NotifyDumpResult(true, aAsync, std::move(aCallback), std::move(aCallbackThread));
+ }
+ 
+ void
+ CreateMinidumpsAndPair(ProcessHandle aTargetPid,
+                        ThreadId aTargetBlamedThread,
+                        const nsACString& aIncomingPairName,
+                        nsIFile* aIncomingDumpToPair,
+                        nsIFile** aMainDumpOut,
+@@ -3852,37 +3852,37 @@ CreateMinidumpsAndPair(ProcessHandle aTa
+   if (aAsync &&
+       !sMinidumpWriterThread &&
+       NS_FAILED(NS_NewNamedThread("Minidump Writer", &sMinidumpWriterThread))) {
+     aCallback(false);
+     return;
+   }
+ 
+   nsCString incomingPairName(aIncomingPairName);
+-  std::function<void(bool)> callback = Move(aCallback);
++  std::function<void(bool)> callback = std::move(aCallback);
+   // Don't call do_GetCurrentThread() if this is called synchronously because
+   // 1. it's unnecessary, and 2. more importantly, it might create one if called
+   // from a native thread, and the thread will be leaked.
+   RefPtr<nsIThread> callbackThread = aAsync ? do_GetCurrentThread() : nullptr;
+ 
+   std::function<void()> doDump = [=]() mutable {
+     CreatePairedChildMinidumpAsync(aTargetPid,
+                                    aTargetBlamedThread,
+                                    incomingPairName,
+                                    incomingDumpToPair,
+                                    aMainDumpOut,
+                                    dump_path,
+-                                   Move(callback),
+-                                   Move(callbackThread),
++                                   std::move(callback),
++                                   std::move(callbackThread),
+                                    aAsync);
+   };
+ 
+   if (aAsync) {
+     sMinidumpWriterThread->Dispatch(NS_NewRunnableFunction("CrashReporter::CreateMinidumpsAndPair",
+-                                                           Move(doDump)),
++                                                           std::move(doDump)),
+                                     nsIEventTarget::DISPATCH_NORMAL);
+   } else {
+     doDump();
+   }
+ }
+ 
+ bool
+ CreateAdditionalChildMinidump(ProcessHandle childPid,
 diff --git a/toolkit/mozapps/extensions/AddonManagerStartup-inlines.h b/toolkit/mozapps/extensions/AddonManagerStartup-inlines.h
 --- a/toolkit/mozapps/extensions/AddonManagerStartup-inlines.h
 +++ b/toolkit/mozapps/extensions/AddonManagerStartup-inlines.h

mozilla-release/patches/1465585-3a-std-62a1.patch

@@ -1,10 +1,13 @@
 # HG changeset patch
 # User Emilio Cobos Alvarez <emilio@crisal.io>
 # Date 1527707735 -7200
+#      Wed May 30 21:15:35 2018 +0200
 # Node ID b54db66223586b4e04f5cb926fccdacf8a176b91
-# Parent  93800e678144eca61ba38c5d7d62cdada23e67c9
+# Parent  83c853a64cef99219f5a5d994f1bf793083115d3
 Bug 1465585: Switch from mozilla::Move to std::move. r=froydnj
 
+Files with crlf,
+
 This was done automatically replacing:
 
   s/mozilla::Move/std::move/
@@ -17,47 +20,58 @@ And then with a few manual fixups, see the bug for the split series..
 
 MozReview-Commit-ID: Jxze3adipUh
 
-diff --git a/dom/performance/PerformanceMainThread.cpp b/dom/performance/PerformanceMainThread.cpp
---- a/dom/performance/PerformanceMainThread.cpp
-+++ b/dom/performance/PerformanceMainThread.cpp
-@@ -339,17 +339,17 @@ PerformanceMainThread::CreateDocumentEnt
-     return;
-   }
- 
-   nsAutoString name;
-   GetURLSpecFromChannel(aChannel, name);
- 
-   UniquePtr<PerformanceTimingData> timing(
-       new PerformanceTimingData(aChannel, nullptr, 0));
--  mDocEntry = new PerformanceNavigationTiming(Move(timing), this, name);
-+  mDocEntry = new PerformanceNavigationTiming(std::move(timing), this, name);
- }
- 
- void
- PerformanceMainThread::GetEntries(nsTArray<RefPtr<PerformanceEntry>>& aRetval)
- {
-   // We return an empty list when 'privacy.resistFingerprinting' is on.
-   if (nsContentUtils::ShouldResistFingerprinting()) {
-     aRetval.Clear();
-diff --git a/dom/performance/PerformanceNavigationTiming.h b/dom/performance/PerformanceNavigationTiming.h
---- a/dom/performance/PerformanceNavigationTiming.h
-+++ b/dom/performance/PerformanceNavigationTiming.h
-@@ -27,17 +27,17 @@ public:
- 
-   // Note that aPerformanceTiming must be initalized with zeroTime = 0
-   // so that timestamps are relative to startTime, as opposed to the
-   // performance.timing object for which timestamps are absolute and has a
-   // zeroTime initialized to navigationStart
-   PerformanceNavigationTiming(UniquePtr<PerformanceTimingData>&& aPerformanceTiming,
-                               Performance* aPerformance,
-                               const nsAString& aName)
--    : PerformanceResourceTiming(Move(aPerformanceTiming), aPerformance, aName)
-+    : PerformanceResourceTiming(std::move(aPerformanceTiming), aPerformance, aName)
-   {
-     SetEntryType(NS_LITERAL_STRING("navigation"));
-     SetInitiatorType(NS_LITERAL_STRING("navigation"));
-   }
- 
-   DOMHighResTimeStamp Duration() const override
-   {
-     return nsRFPService::ReduceTimePrecisionAsMSecs(LoadEventEnd() - StartTime());
+diff --git a/other-licenses/7zstub/src/CPP/Windows/Control/Dialog.cpp b/other-licenses/7zstub/src/CPP/Windows/Control/Dialog.cpp
+--- a/other-licenses/7zstub/src/CPP/Windows/Control/Dialog.cpp
++++ b/other-licenses/7zstub/src/CPP/Windows/Control/Dialog.cpp
+@@ -173,27 +173,27 @@ void CDialog::NormalizeSize(bool fullNor
+     rect.bottom = workRect.bottom;
+     ySize2 = ySize;
+   }
+   if (needMove)
+   {
+     if (fullNormalize)
+       Show(SW_SHOWMAXIMIZED);
+     else
+-      Move(rect.left, rect.top, xSize2, ySize2, true);
++      std::move(rect.left, rect.top, xSize2, ySize2, true);
+   }
+ }
+ 
+ void CDialog::NormalizePosition()
+ {
+   RECT workRect, rect;
+   GetWorkAreaRect(&workRect);
+   GetWindowRect(&rect);
+   if (rect.bottom > workRect.bottom && rect.top > workRect.top)
+-    Move(rect.left, workRect.top, RECT_SIZE_X(rect), RECT_SIZE_Y(rect), true);
++    std::move(rect.left, workRect.top, RECT_SIZE_X(rect), RECT_SIZE_Y(rect), true);
+ }
+ 
+ bool CModelessDialog::Create(LPCTSTR templateName, HWND parentWindow)
+ {
+   HWND aHWND = CreateDialogParam(g_hInstance, templateName, parentWindow, DialogProcedure, (LPARAM)this);
+   if (aHWND == 0)
+     return false;
+   Attach(aHWND);
+diff --git a/other-licenses/7zstub/src/CPP/Windows/Window.h b/other-licenses/7zstub/src/CPP/Windows/Window.h
+--- a/other-licenses/7zstub/src/CPP/Windows/Window.h
++++ b/other-licenses/7zstub/src/CPP/Windows/Window.h
+@@ -125,17 +125,17 @@ public:
+     if (_window == NULL)
+       return true;
+     bool result = BOOLToBool(::DestroyWindow(_window));
+     if (result)
+       _window = NULL;
+     return result;
+   }
+   bool IsWindow() {  return BOOLToBool(::IsWindow(_window)); }
+-  bool Move(int x, int y, int width, int height, bool repaint = true)
++  bool std::move(int x, int y, int width, int height, bool repaint = true)
+     { return BOOLToBool(::MoveWindow(_window, x, y, width, height, BoolToBOOL(repaint))); }
+ 
+   bool ChangeSubWindowSizeX(HWND hwnd, int xSize)
+   {
+     RECT rect;
+     ::GetWindowRect(hwnd, &rect);
+     POINT p1;
+     p1.x = rect.left;

mozilla-release/patches/1490240-64a1.patch

@@ -2,7 +2,7 @@
 # User Gabriele Svelto <gsvelto@mozilla.com>
 # Date 1537962874 0
 # Node ID 8d6329af610eb827b07f3cc5782fa1c77af2a271
-# Parent  a630ec645a71228354e425c8b86a0462e3461f60
+# Parent  7617cbea4dc83a6c1ac1a34dce55ff866989a85f
 Bug 1490240 - Fix the remaining compiler warnings in the crash reporter r=ted,glandium
 
 Differential Revision: https://phabricator.services.mozilla.com/D5741
@@ -236,13 +236,13 @@ diff --git a/mozglue/misc/interceptor/TargetFunction.h b/mozglue/misc/intercepto
 -
 -    static Type Make(const MMPolicyInProcess& aMMPolicy, const void* aFunc)
 -    {
--      return Move(TargetBytesPtr(aMMPolicy, aFunc));
+-      return std::move(TargetBytesPtr(aMMPolicy, aFunc));
 -    }
 -
 -    static Type CopyFromOffset(const TargetBytesPtr& aOther,
 -                               const uint32_t aOffsetFromOther)
 -    {
--      return Move(TargetBytesPtr(aOther, aOffsetFromOther));
+-      return std::move(TargetBytesPtr(aOther, aOffsetFromOther));
 -    }
 -
 -    ReadOnlyTargetBytes<MMPolicyInProcess>* operator->()
@@ -251,7 +251,7 @@ diff --git a/mozglue/misc/interceptor/TargetFunction.h b/mozglue/misc/intercepto
 -    }
 -
 -    TargetBytesPtr(TargetBytesPtr&& aOther)
--      : mTargetBytes(Move(aOther.mTargetBytes))
+-      : mTargetBytes(std::move(aOther.mTargetBytes))
 -    {
 -    }
 -
@@ -286,14 +286,14 @@ diff --git a/mozglue/misc/interceptor/TargetFunction.h b/mozglue/misc/intercepto
 -
 -    static Type Make(const MMPolicyOutOfProcess& aMMPolicy, const void* aFunc)
 -    {
--      return Move(std::make_shared<ReadOnlyTargetBytes<MMPolicyOutOfProcess>>(
+-      return std::move(std::make_shared<ReadOnlyTargetBytes<MMPolicyOutOfProcess>>(
 -                    aMMPolicy, aFunc));
 -    }
 -
 -    static Type CopyFromOffset(const Type& aOther,
 -                               const uint32_t aOffsetFromOther)
 -    {
--      return Move(std::make_shared<ReadOnlyTargetBytes<MMPolicyOutOfProcess>>(
+-      return std::move(std::make_shared<ReadOnlyTargetBytes<MMPolicyOutOfProcess>>(
 -                    *aOther, aOffsetFromOther));
 -    }
 -  };

mozilla-release/patches/1503537-65a1.patch

@@ -2,7 +2,7 @@
 # User Sylvestre Ledru <sledru@mozilla.com>
 # Date 1543433481 0
 # Node ID 361a75deb3cedb5dd1c65d881fa16d97efb0f144
-# Parent  c1139e9a4fd3c93c872c0aa08514518038dcd400
+# Parent  fad2a77463490e29dbb3f11acc884740d8d4dbef
 Bug 1503537 - Get rid of the pdfium & mortar code r=peterv
 
 Differential Revision: https://phabricator.services.mozilla.com/D10352
@@ -35,7 +35,7 @@ diff --git a/browser/app/profile/firefox.js b/browser/app/profile/firefox.js
 diff --git a/browser/installer/package-manifest.in b/browser/installer/package-manifest.in
 --- a/browser/installer/package-manifest.in
 +++ b/browser/installer/package-manifest.in
-@@ -580,20 +580,16 @@
+@@ -581,20 +581,16 @@
  @BINPATH@/libEGL.dll
  @BINPATH@/libGLESv2.dll
  
@@ -268283,7 +268283,7 @@ deleted file mode 100644
 -        m_ptHead = ptHead;
 -        m_ptFoot = ptFoot;
 -        m_bFlash = true;
--        Move(m_rcInvalid, false, true);
+-        std::move(m_rcInvalid, false, true);
 -      }
 -    } else {
 -      m_ptHead = ptHead;
@@ -268292,7 +268292,7 @@ deleted file mode 100644
 -      BeginTimer(PWL_CARET_FLASHINTERVAL);
 -      CPWL_Wnd::SetVisible(true);
 -      m_bFlash = true;
--      Move(m_rcInvalid, false, true);
+-      std::move(m_rcInvalid, false, true);
 -    }
 -  } else {
 -    m_ptHead = CFX_PointF();
@@ -268858,7 +268858,7 @@ deleted file mode 100644
 -        }
 -
 -        m_nPopupWhere = nWhere;
--        Move(rcWindow, true, true);
+-        std::move(rcWindow, true, true);
 -#ifdef PDF_ENABLE_XFA
 -        bExit = false;
 -        m_pFillerNotify->OnPopupPostOpen(GetAttachedData(), bExit, 0);
@@ -268869,7 +268869,7 @@ deleted file mode 100644
 -    }
 -  } else {
 -    m_bPopup = bPopup;
--    Move(m_rcOldWindow, true, true);
+-    std::move(m_rcOldWindow, true, true);
 -  }
 -}
 -
@@ -269703,12 +269703,12 @@ deleted file mode 100644
 -        CFX_FloatRect rcWindow = GetWindowRect();
 -        m_rcOldWindow = rcWindow;
 -        rcWindow.right += PWL_SCROLLBAR_WIDTH;
--        Move(rcWindow, true, true);
+-        std::move(rcWindow, true, true);
 -      }
 -    } else {
 -      if (pScroll->IsVisible()) {
 -        pScroll->SetVisible(false);
--        Move(m_rcOldWindow, true, true);
+-        std::move(m_rcOldWindow, true, true);
 -      }
 -    }
 -  }

mozilla-release/patches/1722225-1-killtelemetry-bhr-2539.patch

@@ -431,7 +431,7 @@ deleted file mode 100644
 -    AnnotationInfo& operator=(AnnotationInfo&& aOther)
 -    {
 -      mHangIndices = aOther.mHangIndices;
--      mAnnotations = std:.move(aOther.mAnnotations);
+-      mAnnotations = std::move(aOther.mAnnotations);
 -      return *this;
 -    }
 -    // To save memory, a single AnnotationInfo can be associated to multiple chrome

mozilla-release/patches/series

@@ -2924,6 +2924,10 @@ servo-20211-60a1.patch
 1434822-2-60a1.patch
 1434822-3-60a1.patch
 1430438-1-60a1.patch
+1440771-1-60a1.patch
+1440771-2-60a1.patch
+1440771-3-60a1.patch
+1440771-4-60a1.patch
 1442748-1-60a1.patch
 1442748-2-60a1.patch
 1443357-60a1.patch
@@ -3189,6 +3193,7 @@ NOBUG-20180313-inspector-61a1.patch
 1443792-4-61a1.patch
 1443792-5-61a1.patch
 1445193-61a1.patch
+1442819-61a1.patch
 1444167-1only-61a1.patch
 1445019-61a1.patch
 1363900-61a1.patch
@@ -4054,6 +4059,8 @@ servo-20619-61a1.patch
 1459026-61a1.patch
 1458700-2no1-61a1.patch
 1458700-3no4to11-61a1.patch
+1448494-1-61a1.patch
+1448494-2-61a1.patch
 NOBUG-20180505-lint-61a1.patch
 1459074-62a1.patch
 1456112-62a1.patch
@@ -4093,6 +4100,7 @@ NOBUG-20180505-lint-61a1.patch
 1346291-1-62a1.patch
 1346291-2-62a1.patch
 1346291-3-62a1.patch
+1302449-62a1.patch
 1457359-62a1.patch
 1454640-1-62a1.patch
 1454640-2-62a1.patch