more wip stuff

frg/work-js/mozilla-release/patches/1346211-6-63a1.patch

@@ -2,7 +2,7 @@
 # User Andre Bargull <andre.bargull@gmail.com>
 # Date 1534500279 25200
 # Node ID 7b1a3a49547dc9564aaa6ecf90b919b66b7ada8d
-# Parent  2bf9e6f3316cf8511f6299eb6cc5cf1b6a8302ed
+# Parent  3007514b6576d01dadf0061fdd30be70fb8acf68
 Bug 1346211 - Part 6: Use ICU for all time zone computations when available. r=Waldo
 
 diff --git a/browser/components/resistfingerprinting/test/browser/browser_timezone.js b/browser/components/resistfingerprinting/test/browser/browser_timezone.js
@@ -95,7 +95,7 @@ diff --git a/js/src/builtin/TestingFunctions.cpp b/js/src/builtin/TestingFunctio
  #if defined(XP_UNIX) && !defined(XP_DARWIN)
  #include <time.h>
  #else
-@@ -4986,16 +4988,95 @@ SetTimeZone(JSContext* cx, unsigned argc
+@@ -4983,16 +4985,95 @@ SetTimeZone(JSContext* cx, unsigned argc
  #endif /* _WIN32 */
  
      JS::ResetTimeZone();
@@ -191,7 +191,7 @@ diff --git a/js/src/builtin/TestingFunctions.cpp b/js/src/builtin/TestingFunctio
  
      uint32_t max_cnt;
      if (!ToUint32(cx, args.get(0), &max_cnt))
-@@ -5900,16 +5981,20 @@ gc::ZealModeHelpText),
+@@ -5897,16 +5978,20 @@ gc::ZealModeHelpText),
      JS_FN_HELP("isLegacyIterator", IsLegacyIterator, 1, 0,
  "isLegacyIterator(value)",
  "  Returns whether the value is considered is a legacy iterator.\n"),
@@ -212,7 +212,7 @@ diff --git a/js/src/builtin/TestingFunctions.cpp b/js/src/builtin/TestingFunctio
  "  running the jitcode rather than staying in the interpreter:\n"
  "    baselineCompile();  for (var i=0; i<1; i++) {} ...\n"
  "  The interpreter will enter the new jitcode at the loop header.\n"),
-@@ -5933,16 +6018,22 @@ static const JSFunctionSpecWithHelp Fuzz
+@@ -5930,16 +6015,22 @@ static const JSFunctionSpecWithHelp Fuzz
  "  Returns an array of error notes."),
  
      JS_FN_HELP("setTimeZone", SetTimeZone, 1, 0,
@@ -3446,7 +3446,7 @@ diff --git a/js/src/vm/MutexIDs.h b/js/src/vm/MutexIDs.h
    _(BufferStreamState,           500) \
    _(SharedArrayGrow,             500) \
    _(RuntimeScriptData,           500) \
-   _(WasmSigIdSet,                500) \
+   _(WasmFuncTypeIdSet,           500) \
    _(WasmCodeProfilingLabels,     500) \
    _(WasmModuleTieringLock,       500) \
    _(WasmCompileTaskState,        500) \

frg/work-js/mozilla-release/patches/1471272-63a1.patch

@@ -0,0 +1,1234 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1530028979 14400
+# Node ID 67c0442a7a44a0618504911b3239aa0117b3d4ee
+# Parent  b191f8615822c23711be30055eed5f85a6102a2b
+Bug 1471272 - Add [SMDOC] tags for in-source documentation. r=jandem,nbp
+
+MozReview-Commit-ID: I038aYgvwe4
+
+diff --git a/js/public/CallArgs.h b/js/public/CallArgs.h
+--- a/js/public/CallArgs.h
++++ b/js/public/CallArgs.h
+@@ -1,15 +1,17 @@
+ /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+  * vim: set ts=8 sts=4 et sw=4 tw=99:
+  * This Source Code Form is subject to the terms of the Mozilla Public
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ /*
++ * [SMDOC] JS::CallArgs API
++ *
+  * Helper classes encapsulating access to the callee, |this| value, arguments,
+  * and argument count for a call/construct operation.
+  *
+  * JS::CallArgs encapsulates access to a JSNative's un-abstracted
+  * |unsigned argc, Value* vp| arguments.  The principal way to create a
+  * JS::CallArgs is using JS::CallArgsFromVp:
+  *
+  *   // If provided no arguments or a non-numeric first argument, return zero.
+@@ -41,20 +43,17 @@
+  *   }
+  *
+  * CallArgs is exposed publicly and used internally.  Not all parts of its
+  * public interface are meant to be used by embedders!  See inline comments to
+  * for details.
+  *
+  * It's possible (albeit deprecated) to manually index into |vp| to access the
+  * callee, |this|, and arguments of a function, and to set its return value.
+- * It's also possible to use the supported API of JS_CALLEE, JS_THIS, JS_ARGV,
+- * JS_RVAL, and JS_SET_RVAL to the same ends.
+- *
+- * But neither API has the error-handling or moving-GC correctness of CallArgs.
++ * This does not have the error-handling or moving-GC correctness of CallArgs.
+  * New code should use CallArgs instead whenever possible.
+  *
+  * The eventual plan is to change JSNative to take |const CallArgs&| directly,
+  * for automatic assertion of correct use and to make calling functions more
+  * efficient.  Embedders should start internally switching away from using
+  * |argc| and |vp| directly, except to create a |CallArgs|.  Then, when an
+  * eventual release making that change occurs, porting efforts will require
+  * changing methods' signatures but won't require invasive changes to the
+diff --git a/js/public/Debug.h b/js/public/Debug.h
+--- a/js/public/Debug.h
++++ b/js/public/Debug.h
+@@ -22,16 +22,18 @@
+ 
+ namespace js {
+ class Debugger;
+ } // namespace js
+ 
+ namespace JS {
+ namespace dbg {
+ 
++// [SMDOC] Debugger builder API
++//
+ // Helping embedding code build objects for Debugger
+ // -------------------------------------------------
+ //
+ // Some Debugger API features lean on the embedding application to construct
+ // their result values. For example, Debugger.Frame.prototype.scriptEntryReason
+ // calls hooks provided by the embedding to construct values explaining why it
+ // invoked JavaScript; if F is a frame called from a mouse click event handler,
+ // F.scriptEntryReason would return an object of the form:
+diff --git a/js/public/Proxy.h b/js/public/Proxy.h
+--- a/js/public/Proxy.h
++++ b/js/public/Proxy.h
+@@ -32,16 +32,18 @@ using JS::PrivateValue;
+ using JS::PropertyDescriptor;
+ using JS::Value;
+ 
+ class RegExpShared;
+ 
+ class JS_FRIEND_API(Wrapper);
+ 
+ /*
++ * [SMDOC] Proxy Objects
++ *
+  * A proxy is a JSObject with highly customizable behavior. ES6 specifies a
+  * single kind of proxy, but the customization mechanisms we use to implement
+  * ES6 Proxy objects are also useful wherever an object with weird behavior is
+  * wanted. Proxies are used to implement:
+  *
+  * -   the scope objects used by the Debugger's frame.eval() method
+  *     (see js::GetDebugScopeForFunction)
+  *
+diff --git a/js/public/Result.h b/js/public/Result.h
+--- a/js/public/Result.h
++++ b/js/public/Result.h
+@@ -1,15 +1,17 @@
+ /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+  * vim: set ts=8 sts=4 et sw=4 tw=99:
+  * This Source Code Form is subject to the terms of the Mozilla Public
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ /*
++ * [SMDOC] JS::Result
++ *
+  * `Result` is used as the return type of many SpiderMonkey functions that
+  * can either succeed or fail. See "/mfbt/Result.h".
+  *
+  *
+  * ## Which return type to use
+  *
+  * `Result` is for return values. Obviously, if you're writing a function that
+  * can't fail, don't use Result. Otherwise:
+diff --git a/js/public/RootingAPI.h b/js/public/RootingAPI.h
+--- a/js/public/RootingAPI.h
++++ b/js/public/RootingAPI.h
+@@ -23,16 +23,18 @@
+ #include "js/HeapAPI.h"
+ #include "js/ProfilingStack.h"
+ #include "js/Realm.h"
+ #include "js/TypeDecls.h"
+ #include "js/UniquePtr.h"
+ #include "js/Utility.h"
+ 
+ /*
++ * [SMDOC] Stack Rooting
++ *
+  * Moving GC Stack Rooting
+  *
+  * A moving GC may change the physical location of GC allocated things, even
+  * when they are rooted, updating all pointers to the thing to refer to its new
+  * location. The GC must therefore know about all live pointers to a thing,
+  * not just one of them, in order to behave correctly.
+  *
+  * The |Rooted| and |Handle| classes below are used to root stack locations
+diff --git a/js/public/UbiNode.h b/js/public/UbiNode.h
+--- a/js/public/UbiNode.h
++++ b/js/public/UbiNode.h
+@@ -24,17 +24,17 @@
+ #include "js/HashTable.h"
+ #include "js/RootingAPI.h"
+ #include "js/TracingAPI.h"
+ #include "js/TypeDecls.h"
+ #include "js/UniquePtr.h"
+ #include "js/Value.h"
+ #include "js/Vector.h"
+ 
+-// JS::ubi::Node
++// [SMDOC] ubi::Node (Heap Analysis framework)
+ //
+ // JS::ubi::Node is a pointer-like type designed for internal use by heap
+ // analysis tools. A ubi::Node can refer to:
+ //
+ // - a JS value, like a string, object, or symbol;
+ // - an internal SpiderMonkey structure, like a shape or a scope chain object
+ // - an instance of some embedding-provided type: in Firefox, an XPCOM
+ //   object, or an internal DOM node class instance
+diff --git a/js/public/Value.h b/js/public/Value.h
+--- a/js/public/Value.h
++++ b/js/public/Value.h
+@@ -263,16 +263,18 @@ static inline double
+ CanonicalizeNaN(double d)
+ {
+     if (MOZ_UNLIKELY(mozilla::IsNaN(d)))
+         return GenericNaN();
+     return d;
+ }
+ 
+ /**
++ * [SMDOC] JS::Value type
++ *
+  * JS::Value is the interface for a single JavaScript Engine value.  A few
+  * general notes on JS::Value:
+  *
+  * - JS::Value has setX() and isX() members for X in
+  *
+  *     { Int32, Double, String, Symbol, BigInt, Boolean, Undefined, Null, Object, Magic }
+  *
+  *   JS::Value also contains toX() for each of the non-singleton types.
+diff --git a/js/src/builtin/TypedObject.h b/js/src/builtin/TypedObject.h
+--- a/js/src/builtin/TypedObject.h
++++ b/js/src/builtin/TypedObject.h
+@@ -13,17 +13,17 @@
+ #include "gc/WeakMap.h"
+ #include "js/Conversions.h"
+ #include "vm/ArrayBufferObject.h"
+ #include "vm/JSObject.h"
+ #include "vm/ShapedObject.h"
+ 
+ /*
+  * -------------
+- * Typed Objects
++ * [SMDOC] Typed Objects
+  * -------------
+  *
+  * Typed objects are a special kind of JS object where the data is
+  * given well-structured form. To use a typed object, users first
+  * create *type objects* (no relation to the type objects used in TI)
+  * that define the type layout. For example, a statement like:
+  *
+  *    var PointType = new StructType({x: uint8, y: uint8});
+diff --git a/js/src/frontend/Parser.h b/js/src/frontend/Parser.h
+--- a/js/src/frontend/Parser.h
++++ b/js/src/frontend/Parser.h
+@@ -5,16 +5,18 @@
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ /* JS parser. */
+ 
+ #ifndef frontend_Parser_h
+ #define frontend_Parser_h
+ 
+ /*
++ * [SMDOC] JS Parser
++ *
+  * JS parsers capable of generating ASTs from source text.
+  *
+  * A parser embeds token stream information, then gets and matches tokens to
+  * generate a syntax tree that, if desired, BytecodeEmitter will use to compile
+  * bytecode.
+  *
+  * Like token streams (see the comment near the top of TokenStream.h), parser
+  * classes are heavily templatized -- along the token stream's character-type
+diff --git a/js/src/frontend/TokenStream.h b/js/src/frontend/TokenStream.h
+--- a/js/src/frontend/TokenStream.h
++++ b/js/src/frontend/TokenStream.h
+@@ -11,16 +11,18 @@
+  * regular expression *or* a division operator depending on context -- the
+  * various token stream classes are mostly not useful outside of the Parser
+  * where they reside.  We should probably eventually merge the two concepts.
+  */
+ #ifndef frontend_TokenStream_h
+ #define frontend_TokenStream_h
+ 
+ /*
++ * [SMDOC] Parser Token Stream
++ *
+  * A token stream exposes the raw tokens -- operators, names, numbers,
+  * keywords, and so on -- of JavaScript source code.
+  *
+  * These are the components of the overall token stream concept:
+  * TokenStreamShared, TokenStreamAnyChars, TokenStreamCharsBase<CharT>,
+  * TokenStreamChars<CharT>, and TokenStreamSpecific<CharT, AnyCharsAccess>.
+  *
+  * == TokenStreamShared → ∅ ==
+diff --git a/js/src/gc/AtomMarking.cpp b/js/src/gc/AtomMarking.cpp
+--- a/js/src/gc/AtomMarking.cpp
++++ b/js/src/gc/AtomMarking.cpp
+@@ -10,17 +10,17 @@
+ #include "vm/JSCompartment.h"
+ 
+ #include "gc/GC-inl.h"
+ #include "gc/Heap-inl.h"
+ 
+ namespace js {
+ namespace gc {
+ 
+-// Atom Marking Overview
++// [SMDOC] GC Atom Marking
+ //
+ // Things in the atoms zone (which includes atomized strings and other things,
+ // all of which we will refer to as 'atoms' here) may be pointed to freely by
+ // things in other zones. To avoid the need to perform garbage collections of
+ // the entire runtime to collect atoms, we compute a separate atom mark bitmap
+ // for each zone that is always an overapproximation of the atoms that zone is
+ // using. When an atom is not in the mark bitmap for any zone, it can be
+ // destroyed.
+diff --git a/js/src/gc/Barrier.h b/js/src/gc/Barrier.h
+--- a/js/src/gc/Barrier.h
++++ b/js/src/gc/Barrier.h
+@@ -12,16 +12,18 @@
+ #include "gc/Cell.h"
+ #include "gc/StoreBuffer.h"
+ #include "js/HeapAPI.h"
+ #include "js/Id.h"
+ #include "js/RootingAPI.h"
+ #include "js/Value.h"
+ 
+ /*
++ * [SMDOC] GC Barriers
++ *
+  * A write barrier is a mechanism used by incremental or generation GCs to
+  * ensure that every value that needs to be marked is marked. In general, the
+  * write barrier should be invoked whenever a write can cause the set of things
+  * traced through by the GC to change. This includes:
+  *   - writes to object properties
+  *   - writes to array slots
+  *   - writes to fields like JSObject::shape_ that we trace through
+  *   - writes to fields in private data
+diff --git a/js/src/gc/GC.cpp b/js/src/gc/GC.cpp
+--- a/js/src/gc/GC.cpp
++++ b/js/src/gc/GC.cpp
+@@ -1,15 +1,17 @@
+ /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+  * vim: set ts=8 sts=4 et sw=4 tw=99:
+  * This Source Code Form is subject to the terms of the Mozilla Public
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ /*
++ * [SMDOC] Garbage Collector
++ *
+  * This code implements an incremental mark-and-sweep garbage collector, with
+  * most sweeping carried out in the background on a parallel thread.
+  *
+  * Full vs. zone GC
+  * ----------------
+  *
+  * The collector can collect all zones at once, or a subset. These types of
+  * collection are referred to as a full GC and a zone GC respectively.
+diff --git a/js/src/gc/Marking.cpp b/js/src/gc/Marking.cpp
+--- a/js/src/gc/Marking.cpp
++++ b/js/src/gc/Marking.cpp
+@@ -49,16 +49,18 @@ using namespace js::gc;
+ using JS::MapTypeToTraceKind;
+ 
+ using mozilla::DebugOnly;
+ using mozilla::IntegerRange;
+ using mozilla::IsBaseOf;
+ using mozilla::IsSame;
+ using mozilla::PodCopy;
+ 
++// [SMDOC] GC Tracing
++//
+ // Tracing Overview
+ // ================
+ //
+ // Tracing, in this context, refers to an abstract visitation of some or all of
+ // the GC-controlled heap. The effect of tracing an edge of the graph depends
+ // on the subclass of the JSTracer on whose behalf we are tracing.
+ //
+ // Marking
+diff --git a/js/src/gc/Scheduling.h b/js/src/gc/Scheduling.h
+--- a/js/src/gc/Scheduling.h
++++ b/js/src/gc/Scheduling.h
+@@ -1,15 +1,17 @@
+ /* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
+  * vim: set ts=8 sts=4 et sw=4 tw=99:
+  * This Source Code Form is subject to the terms of the Mozilla Public
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ /*
++ * [SMDOC] GC Scheduling
++ *
+  * GC Scheduling Overview
+  * ======================
+  *
+  * Scheduling GC's in SpiderMonkey/Firefox is tremendously complicated because
+  * of the large number of subtle, cross-cutting, and widely dispersed factors
+  * that must be taken into account. A summary of some of the more important
+  * factors follows.
+  *
+diff --git a/js/src/gc/Zone.h b/js/src/gc/Zone.h
+--- a/js/src/gc/Zone.h
++++ b/js/src/gc/Zone.h
+@@ -96,16 +96,18 @@ class MOZ_NON_TEMPORARY_CLASS FunctionTo
+     MOZ_ALWAYS_INLINE JSString* lookup(JSScript* script) const;
+     MOZ_ALWAYS_INLINE void put(JSScript* script, JSString* string);
+ };
+ 
+ } // namespace js
+ 
+ namespace JS {
+ 
++// [SMDOC] GC Zones
++//
+ // A zone is a collection of compartments. Every compartment belongs to exactly
+ // one zone. In Firefox, there is roughly one zone per tab along with a system
+ // zone for everything else. Zones mainly serve as boundaries for garbage
+ // collection. Unlike compartments, they have no special security properties.
+ //
+ // Every GC thing belongs to exactly one zone. GC things from the same zone but
+ // different compartments can share an arena (4k page). GC things from different
+ // zones cannot be stored in the same arena. The garbage collector is capable of
+diff --git a/js/src/irregexp/RegExpEngine.cpp b/js/src/irregexp/RegExpEngine.cpp
+--- a/js/src/irregexp/RegExpEngine.cpp
++++ b/js/src/irregexp/RegExpEngine.cpp
+@@ -1321,16 +1321,17 @@ Analysis::VisitBackReference(BackReferen
+ }
+ 
+ void
+ Analysis::VisitAssertion(AssertionNode* that)
+ {
+     EnsureAnalyzed(that->on_success());
+ }
+ 
++// [SMDOC] Irregexp internals
+ // -------------------------------------------------------------------
+ // Implementation of the Irregexp regular expression engine.
+ //
+ // The Irregexp regular expression engine is intended to be a complete
+ // implementation of ECMAScript regular expressions.  It generates either
+ // bytecodes or native code.
+ 
+ //   The Irregexp regexp engine is structured in three steps.
+diff --git a/js/src/jit/AliasAnalysis.cpp b/js/src/jit/AliasAnalysis.cpp
+--- a/js/src/jit/AliasAnalysis.cpp
++++ b/js/src/jit/AliasAnalysis.cpp
+@@ -111,16 +111,18 @@ IonSpewAliasInfo(const char* pre, MInstr
+ 
+     Fprinter& out = JitSpewPrinter();
+     out.printf("%s ", pre);
+     ins->printName(out);
+     out.printf(" %s\n", post);
+ #endif
+ }
+ 
++// [SMDOC] IonMonkey Alias Analysis
++//
+ // This pass annotates every load instruction with the last store instruction
+ // on which it depends. The algorithm is optimistic in that it ignores explicit
+ // dependencies and only considers loads and stores.
+ //
+ // Loads inside loops only have an implicit dependency on a store before the
+ // loop header if no instruction inside the loop body aliases it. To calculate
+ // this efficiently, we maintain a list of maybe-invariant loads and the combined
+ // alias set for all stores inside the loop. When we see the loop's backedge, this
+diff --git a/js/src/jit/AtomicOperations.h b/js/src/jit/AtomicOperations.h
+--- a/js/src/jit/AtomicOperations.h
++++ b/js/src/jit/AtomicOperations.h
+@@ -10,16 +10,18 @@
+ #include "mozilla/Types.h"
+ 
+ #include "vm/SharedMem.h"
+ 
+ namespace js {
+ namespace jit {
+ 
+ /*
++ * [SMDOC] Atomic Operations
++ *
+  * The atomic operations layer defines types and functions for
+  * JIT-compatible atomic operation.
+  *
+  * The fundamental constraints on the functions are:
+  *
+  * - That their realization here MUST be compatible with code the JIT
+  *   generates for its Atomics operations, so that an atomic access
+  *   from the interpreter or runtime - from any C++ code - really is
+diff --git a/js/src/jit/Bailouts.h b/js/src/jit/Bailouts.h
+--- a/js/src/jit/Bailouts.h
++++ b/js/src/jit/Bailouts.h
+@@ -11,18 +11,20 @@
+ 
+ #include "jit/JitFrames.h"
+ #include "jit/JSJitFrameIter.h"
+ #include "vm/Stack.h"
+ 
+ namespace js {
+ namespace jit {
+ 
+-// A "bailout" is a condition in which we need to recover an interpreter frame
+-// from an IonFrame. Bailouts can happen for the following reasons:
++// [SMDOC] IonMonkey Bailouts
++//
++// A "bailout" is a condition in which we need to recover a baseline frame from
++// an IonFrame. Bailouts can happen for the following reasons:
+ //   (1) A deoptimization guard, for example, an add overflows or a type check
+ //       fails.
+ //   (2) A check or assumption held by the JIT is invalidated by the VM, and
+ //       JIT code must be thrown away. This includes the GC possibly deciding
+ //       to evict live JIT code, or a Type Inference reflow.
+ //
+ // Note that bailouts as described here do not include normal Ion frame
+ // inspection, for example, if an exception must be built or the GC needs to
+@@ -31,30 +33,30 @@ namespace jit {
+ // The second type of bailout needs a different name - "deoptimization" or
+ // "deep bailout". Here we are concerned with eager (or maybe "shallow")
+ // bailouts, that happen from JIT code. These happen from guards, like:
+ //
+ //  cmp [obj + shape], 0x50M37TH1NG
+ //  jmp _bailout
+ //
+ // The bailout target needs to somehow translate the Ion frame (whose state
+-// will differ at each program point) to an interpreter frame. This state is
++// will differ at each program point) to a baseline frame. This state is
+ // captured into the IonScript's snapshot buffer, and for each bailout we know
+ // which snapshot corresponds to its state.
+ //
+ // Roughly, the following needs to happen at the bailout target.
+ //   (1) Move snapshot ID into a known stack location (registers cannot be
+ //       mutated).
+ //   (2) Spill all registers to the stack.
+ //   (3) Call a Bailout() routine, whose argument is the stack pointer.
+ //   (4) Bailout() will find the IonScript on the stack, use the snapshot ID
+ //       to find the structure of the frame, and then use the stack and spilled
+ //       registers to perform frame conversion.
+ //   (5) Bailout() returns, and the JIT must immediately return to the
+-//       interpreter (all frames are converted at once).
++//       baseline JIT code (all frames are converted at once).
+ //
+ // (2) and (3) are implemented by a trampoline held in the compartment.
+ // Naively, we could implement (1) like:
+ //
+ //   _bailout_ID_1:
+ //     push 1
+ //     jmp _global_bailout_handler
+ //   _bailout_ID_2:
+diff --git a/js/src/jit/CacheIR.cpp b/js/src/jit/CacheIR.cpp
+--- a/js/src/jit/CacheIR.cpp
++++ b/js/src/jit/CacheIR.cpp
+@@ -620,17 +620,17 @@ GeneratePrototypeGuards(CacheIRWriter& w
+     // ensure |holder| is still on the prototype chain of |obj| and we haven't
+     // introduced any shadowing definitions.
+     //
+     // For each item in the proto chain before holder, we must ensure that
+     // [[GetPrototypeOf]] still has the expected result, and that
+     // [[GetOwnProperty]] has no definition of the target property.
+     //
+     //
+-    // Shape Teleporting Optimization
++    // [SMDOC] Shape Teleporting Optimization
+     // ------------------------------
+     //
+     // Starting with the assumption (and guideline to developers) that mutating
+     // prototypes is an uncommon and fair-to-penalize operation we move cost
+     // from the access side to the mutation side.
+     //
+     // Consider the following proto chain, with B defining a property 'x':
+     //
+diff --git a/js/src/jit/CacheIR.h b/js/src/jit/CacheIR.h
+--- a/js/src/jit/CacheIR.h
++++ b/js/src/jit/CacheIR.h
+@@ -17,16 +17,18 @@
+ #include "jit/SharedIC.h"
+ 
+ namespace js {
+ namespace jit {
+ 
+ 
+ enum class BaselineCacheIRStubKind;
+ 
++// [SMDOC] CacheIR
++//
+ // CacheIR is an (extremely simple) linear IR language for inline caches.
+ // From this IR, we can generate machine code for Baseline or Ion IC stubs.
+ //
+ // IRWriter
+ // --------
+ // CacheIR bytecode is written using IRWriter. This class also records some
+ // metadata that's used by the Baseline and Ion code generators to generate
+ // (efficient) machine code.
+diff --git a/js/src/jit/MacroAssembler.h b/js/src/jit/MacroAssembler.h
+--- a/js/src/jit/MacroAssembler.h
++++ b/js/src/jit/MacroAssembler.h
+@@ -36,16 +36,18 @@
+ #include "jit/JitRealm.h"
+ #include "jit/TemplateObject.h"
+ #include "jit/VMFunctions.h"
+ #include "vm/ProxyObject.h"
+ #include "vm/Shape.h"
+ #include "vm/TypedArrayObject.h"
+ #include "vm/UnboxedObject.h"
+ 
++// [SMDOC] MacroAssembler multi-platform overview
++//
+ // * How to read/write MacroAssembler method declarations:
+ //
+ // The following macros are made to avoid #ifdef around each method declarations
+ // of the Macro Assembler, and they are also used as an hint on the location of
+ // the implementations of each method.  For example, the following declaration
+ //
+ //   void Pop(FloatRegister t) DEFINED_ON(x86_shared, arm);
+ //
+diff --git a/js/src/jit/RangeAnalysis.cpp b/js/src/jit/RangeAnalysis.cpp
+--- a/js/src/jit/RangeAnalysis.cpp
++++ b/js/src/jit/RangeAnalysis.cpp
+@@ -32,16 +32,18 @@ using mozilla::IsInfinite;
+ using mozilla::IsNaN;
+ using mozilla::IsNegativeZero;
+ using mozilla::NegativeInfinity;
+ using mozilla::PositiveInfinity;
+ using mozilla::Swap;
+ using JS::GenericNaN;
+ using JS::ToInt32;
+ 
++// [SMDOC] IonMonkey Range Analysis
++//
+ // This algorithm is based on the paper "Eliminating Range Checks Using
+ // Static Single Assignment Form" by Gough and Klaren.
+ //
+ // We associate a range object with each SSA name, and the ranges are consulted
+ // in order to determine whether overflow is possible for arithmetic
+ // computations.
+ //
+ // An important source of range information that requires care to take
+diff --git a/js/src/jit/Recover.h b/js/src/jit/Recover.h
+--- a/js/src/jit/Recover.h
++++ b/js/src/jit/Recover.h
+@@ -12,16 +12,18 @@
+ #include "builtin/Array.h"
+ 
+ #include "jit/MIR.h"
+ #include "jit/Snapshots.h"
+ 
+ namespace js {
+ namespace jit {
+ 
++// [SMDOC] IonMonkey Recover Instructions
++//
+ // This file contains all recover instructions.
+ //
+ // A recover instruction is an equivalent of a MIR instruction which is executed
+ // before the reconstruction of a baseline frame. Recover instructions are used
+ // by resume points to fill the value which are not produced by the code
+ // compiled by IonMonkey. For example, if a value is optimized away by
+ // IonMonkey, but required by Baseline, then we should have a recover
+ // instruction to fill the missing baseline frame slot.
+diff --git a/js/src/jit/RegisterSets.h b/js/src/jit/RegisterSets.h
+--- a/js/src/jit/RegisterSets.h
++++ b/js/src/jit/RegisterSets.h
+@@ -461,16 +461,18 @@ class RegisterSet {
+     FloatRegisterSet& fpus() {
+         return fpu_;
+     }
+     bool operator ==(const RegisterSet& other) const {
+         return other.gpr_ == gpr_ && other.fpu_ == fpu_;
+     }
+ };
+ 
++// [SMDOC] JIT Register-Set overview
++//
+ // There are 2 use cases for register sets:
+ //
+ //   1. To serve as a pool of allocatable register. This is useful for working
+ //      on the code produced by some stub where free registers are available, or
+ //      when we can release some registers.
+ //
+ //   2. To serve as a list of typed registers. This is useful for working with
+ //      live registers and to manipulate them with the proper instructions. This
+@@ -499,16 +501,18 @@ class RegisterSet {
+ // false positive.
+ 
+ template <typename RegisterSet>
+ class AllocatableSet;
+ 
+ template <typename RegisterSet>
+ class LiveSet;
+ 
++// [SMDOC] JIT Register-Set (Allocatable)
++//
+ // Base accessors classes have the minimal set of raw methods to manipulate the register set
+ // given as parameter in a consistent manner.  These methods are:
+ //
+ //    - all<Type>: Returns a bit-set of all the register of a specific type
+ //      which are present.
+ //
+ //    - has: Returns if all the bits needed to take a register are present.
+ //
+@@ -615,16 +619,18 @@ class AllocatableSetAccessors<RegisterSe
+         set_.gprs().takeAllocatable(reg);
+     }
+     void takeUnchecked(FloatRegister reg) {
+         set_.fpus().takeAllocatable(reg);
+     }
+ };
+ 
+ 
++// [SMDOC] JIT Register-Set (Live)
++//
+ // The LiveSet accessors are used to collect a list of allocated
+ // registers. Taking or adding a register should *not* consider the aliases, as
+ // we care about interpreting the registers with the correct type.  For example,
+ // on x64, where one float registers can be interpreted as an Simd128, a Double,
+ // or a Float, adding xmm0 as an Simd128, does not make the register available
+ // as a Double.
+ //
+ //     LiveFloatRegisterSet regs;
+diff --git a/js/src/jit/SharedIC.h b/js/src/jit/SharedIC.h
+--- a/js/src/jit/SharedIC.h
++++ b/js/src/jit/SharedIC.h
+@@ -17,16 +17,17 @@
+ #include "vm/JSCompartment.h"
+ #include "vm/JSContext.h"
+ #include "vm/ReceiverGuard.h"
+ #include "vm/TypedArrayObject.h"
+ 
+ namespace js {
+ namespace jit {
+ 
++// [SMDOC] JIT Inline Caches (ICs)
+ //
+ // Baseline Inline Caches are polymorphic caches that aggressively
+ // share their stub code.
+ //
+ // Every polymorphic site contains a linked list of stubs which are
+ // specific to that site.  These stubs are composed of a |StubData|
+ // structure that stores parametrization information (e.g.
+ // the shape pointer for a shape-check-and-property-get stub), any
+diff --git a/js/src/jit/Snapshots.cpp b/js/src/jit/Snapshots.cpp
+--- a/js/src/jit/Snapshots.cpp
++++ b/js/src/jit/Snapshots.cpp
+@@ -14,16 +14,18 @@
+ #include "jit/MIR.h"
+ #include "jit/Recover.h"
+ #include "vm/JSScript.h"
+ #include "vm/Printer.h"
+ 
+ using namespace js;
+ using namespace js::jit;
+ 
++// [SMDOC] IonMonkey Snapshot encoding
++//
+ // Encodings:
+ //   [ptr] A fixed-size pointer.
+ //   [vwu] A variable-width unsigned integer.
+ //   [vws] A variable-width signed integer.
+ //    [u8] An 8-bit unsigned integer.
+ //   [u8'] An 8-bit unsigned integer which is potentially extended with packed
+ //         data.
+ //   [u8"] Packed data which is stored and packed in the previous [u8'].
+diff --git a/js/src/jit/ValueNumbering.cpp b/js/src/jit/ValueNumbering.cpp
+--- a/js/src/jit/ValueNumbering.cpp
++++ b/js/src/jit/ValueNumbering.cpp
+@@ -10,16 +10,18 @@
+ #include "jit/IonAnalysis.h"
+ #include "jit/JitSpewer.h"
+ #include "jit/MIRGenerator.h"
+ 
+ using namespace js;
+ using namespace js::jit;
+ 
+ /*
++ * [SMDOC] IonMonkey Value Numbering
++ *
+  * Some notes on the main algorithm here:
+  *  - The SSA identifier id() is the value number. We do replaceAllUsesWith as
+  *    we go, so there's always at most one visible value with a given number.
+  *
+  *  - Consequently, the GVN algorithm is effectively pessimistic. This means it
+  *    is not as powerful as an optimistic GVN would be, but it is simpler and
+  *    faster.
+  *
+diff --git a/js/src/jit/shared/IonAssemblerBufferWithConstantPools.h b/js/src/jit/shared/IonAssemblerBufferWithConstantPools.h
+--- a/js/src/jit/shared/IonAssemblerBufferWithConstantPools.h
++++ b/js/src/jit/shared/IonAssemblerBufferWithConstantPools.h
+@@ -9,16 +9,18 @@
+ 
+ #include "mozilla/MathAlgorithms.h"
+ 
+ #include <algorithm>
+ 
+ #include "jit/JitSpewer.h"
+ #include "jit/shared/IonAssemblerBuffer.h"
+ 
++// [SMDOC] JIT AssemblerBuffer constant pooling (ARM/ARM64/MIPS)
++//
+ // This code extends the AssemblerBuffer to support the pooling of values loaded
+ // using program-counter relative addressing modes. This is necessary with the
+ // ARM instruction set because it has a fixed instruction size that can not
+ // encode all values as immediate arguments in instructions. Pooling the values
+ // allows the values to be placed in large chunks which minimizes the number of
+ // forced branches around them in the code. This is used for loading floating
+ // point constants, for loading 32 bit constants on the ARMv6, for absolute
+ // branch targets, and in future will be needed for large branches on the ARMv6.
+diff --git a/js/src/threading/ExclusiveData.h b/js/src/threading/ExclusiveData.h
+--- a/js/src/threading/ExclusiveData.h
++++ b/js/src/threading/ExclusiveData.h
+@@ -12,16 +12,18 @@
+ #include "mozilla/OperatorNewExtensions.h"
+ 
+ #include "threading/ConditionVariable.h"
+ #include "threading/Mutex.h"
+ 
+ namespace js {
+ 
+ /**
++ * [SMDOC] ExclusiveData API
++ *
+  * A mutual exclusion lock class.
+  *
+  * `ExclusiveData` provides an RAII guard to automatically lock and unlock when
+  * accessing the protected inner value.
+  *
+  * Unlike the STL's `std::mutex`, the protected value is internal to this
+  * class. This is a huge win: one no longer has to rely on documentation to
+  * explain the relationship between a lock and its protected data, and the type
+diff --git a/js/src/vm/ArgumentsObject.h b/js/src/vm/ArgumentsObject.h
+--- a/js/src/vm/ArgumentsObject.h
++++ b/js/src/vm/ArgumentsObject.h
+@@ -93,16 +93,18 @@ struct ArgumentsData
+ // Maximum supported value of arguments.length. This bounds the maximum
+ // number of arguments that can be supplied to Function.prototype.apply.
+ // This value also bounds the number of elements parsed in an array
+ // initializer.
+ // NB: keep this in sync with the copy in builtin/SelfHostingDefines.h.
+ static const unsigned ARGS_LENGTH_MAX = 500 * 1000;
+ 
+ /*
++ * [SMDOC] ArgumentsObject
++ *
+  * ArgumentsObject instances represent |arguments| objects created to store
+  * function arguments when a function is called.  It's expensive to create such
+  * objects if they're never used, so they're only created when they are
+  * potentially used.
+  *
+  * Arguments objects are complicated because, for non-strict mode code, they
+  * must alias any named arguments which were provided to the function.  Gnarly
+  * example:
+diff --git a/js/src/vm/ArrayBufferObject.cpp b/js/src/vm/ArrayBufferObject.cpp
+--- a/js/src/vm/ArrayBufferObject.cpp
++++ b/js/src/vm/ArrayBufferObject.cpp
+@@ -587,16 +587,18 @@ ArrayBufferObject::changeContents(JSCont
+         for (size_t i = 0; i < views->length(); i++)
+             changeViewContents(cx, (*views)[i], oldDataPointer, newContents);
+     }
+     if (firstView())
+         changeViewContents(cx, firstView(), oldDataPointer, newContents);
+ }
+ 
+ /*
++ * [SMDOC] WASM Linear Memory structure
++ *
+  * Wasm Raw Buf Linear Memory Structure
+  *
+  * The linear heap in Wasm is an mmaped array buffer. Several
+  * constants manage its lifetime:
+  *
+  *  - length - the wasm-visible current length of the buffer. Accesses in the
+  *    range [0, length] succeed. May only increase.
+  *
+diff --git a/js/src/vm/BytecodeUtil.h b/js/src/vm/BytecodeUtil.h
+--- a/js/src/vm/BytecodeUtil.h
++++ b/js/src/vm/BytecodeUtil.h
+@@ -30,17 +30,17 @@ typedef enum JSOp {
+ #define ENUMERATE_OPCODE(op, val, ...) op = val,
+ FOR_EACH_OPCODE(ENUMERATE_OPCODE)
+ #undef ENUMERATE_OPCODE
+ 
+     JSOP_LIMIT
+ } JSOp;
+ 
+ /*
+- * JS bytecode formats.
++ * [SMDOC] Bytecode Format flags (JOF_*)
+  */
+ enum {
+     JOF_BYTE            = 0,        /* single bytecode, no immediates */
+     JOF_JUMP            = 1,        /* signed 16-bit jump offset immediate */
+     JOF_ATOM            = 2,        /* unsigned 16-bit constant index */
+     JOF_UINT16          = 3,        /* unsigned 16-bit immediate operand */
+     JOF_TABLESWITCH     = 4,        /* table switch */
+     /* 5 is unused */
+diff --git a/js/src/vm/EnvironmentObject.h b/js/src/vm/EnvironmentObject.h
+--- a/js/src/vm/EnvironmentObject.h
++++ b/js/src/vm/EnvironmentObject.h
+@@ -40,16 +40,18 @@ EnvironmentCoordinateFunctionScript(JSSc
+ 
+ 
+ /*** Environment objects *****************************************************/
+ 
+ 
+ /*** Environment objects *****************************************************/
+ 
+ /*
++ * [SMDOC] Environment Objects
++ *
+  * About environments
+  * ------------------
+  *
+  * (See also: ecma262 rev c7952de (19 Aug 2016) 8.1 "Lexical Environments".)
+  *
+  * Scoping in ES is specified in terms of "Environment Records". There's a
+  * global Environment Record per realm, and a new Environment Record is created
+  * whenever control enters a function, block, or other scope.
+diff --git a/js/src/vm/JSCompartment.h b/js/src/vm/JSCompartment.h
+--- a/js/src/vm/JSCompartment.h
++++ b/js/src/vm/JSCompartment.h
+@@ -432,16 +432,18 @@ class WrapperMap
+             InnerMap& m = e.front().value();
+             m.sweep();
+             if (m.empty())
+                 e.removeFront();
+         }
+     }
+ };
+ 
++// [SMDOC] Object MetadataBuilder API
++//
+ // We must ensure that all newly allocated JSObjects get their metadata
+ // set. However, metadata builders may require the new object be in a sane
+ // state (eg, have its reserved slots initialized so they can get the
+ // sizeOfExcludingThis of the object). Therefore, for objects of certain
+ // JSClasses (those marked with JSCLASS_DELAY_METADATA_BUILDER), it is not safe
+ // for the allocation paths to call the object metadata builder
+ // immediately. Instead, the JSClass-specific "constructor" C++ function up the
+ // stack makes a promise that it will ensure that the new object has its
+diff --git a/js/src/vm/JSObject.h b/js/src/vm/JSObject.h
+--- a/js/src/vm/JSObject.h
++++ b/js/src/vm/JSObject.h
+@@ -44,16 +44,18 @@ enum class IntegrityLevel {
+ 
+ // Forward declarations, required for later friend declarations.
+ bool PreventExtensions(JSContext* cx, JS::HandleObject obj, JS::ObjectOpResult& result);
+ bool SetImmutablePrototype(JSContext* cx, JS::HandleObject obj, bool* succeeded);
+ 
+ }  /* namespace js */
+ 
+ /*
++ * [SMDOC] JSObject layout
++ *
+  * A JavaScript object.
+  *
+  * This is the base class for all objects exposed to JS script (as well as some
+  * objects that are only accessed indirectly). Subclasses add additional fields
+  * and execution semantics. The runtime class of an arbitrary JSObject is
+  * identified by JSObject::getClass().
+  *
+  * The members common to all objects are as follows:
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -2326,16 +2326,18 @@ ScriptSource::setSourceMapURL(JSContext*
+     if (len == 1)
+         return true;
+ 
+     sourceMapURL_ = DuplicateString(cx, sourceMapURL);
+     return sourceMapURL_ != nullptr;
+ }
+ 
+ /*
++ * [SMDOC] JSScript data layout (shared)
++ *
+  * Shared script data management.
+  *
+  * SharedScriptData::data contains data that can be shared within a
+  * runtime. The atoms() data is placed first to simplify its alignment.
+  *
+  * Array elements   Pointed to by         Length
+  * --------------   -------------         ------
+  * GCPtrAtom        atoms()               natoms()
+@@ -2499,16 +2501,18 @@ js::FreeScriptData(JSRuntime* rt)
+ #endif
+         js_free(e.front());
+     }
+ 
+     table.clear();
+ }
+ 
+ /*
++ * [SMDOC] JSScript data layout (unshared)
++ *
+  * JSScript::data and SharedScriptData::data have complex,
+  * manually-controlled, memory layouts.
+  *
+  * JSScript::data begins with some optional array headers. They are optional
+  * because they often aren't needed, i.e. the corresponding arrays often have
+  * zero elements. Each header has a bit in JSScript::hasArrayBits that
+  * indicates if it's present within |data|; from this the offset of each
+  * present array header can be computed. Each header has an accessor function
+diff --git a/js/src/vm/NativeObject.h b/js/src/vm/NativeObject.h
+--- a/js/src/vm/NativeObject.h
++++ b/js/src/vm/NativeObject.h
+@@ -87,16 +87,18 @@ class ArrayObject;
+  * changed length property, |value| is the value for the new length, and
+  * |result| receives an error code if the change is invalid.
+  */
+ extern bool
+ ArraySetLength(JSContext* cx, Handle<ArrayObject*> obj, HandleId id,
+                unsigned attrs, HandleValue value, ObjectOpResult& result);
+ 
+ /*
++ * [SMDOC] NativeObject Elements layout
++ *
+  * Elements header used for native objects. The elements component of such objects
+  * offers an efficient representation for all or some of the indexed properties
+  * of the object, using a flat array of Values rather than a shape hierarchy
+  * stored in the object's slots. This structure is immediately followed by an
+  * array of elements, with the elements member in an object pointing to the
+  * beginning of that array (the end of this structure).
+  * See below for usage of this structure.
+  *
+@@ -154,16 +156,19 @@ ArraySetLength(JSContext* cx, Handle<Arr
+  * as small as possible: if the object is known to have no hole values below
+  * its initialized length, then it is "packed" and can be accessed much faster
+  * by JIT code.
+  *
+  * Elements do not track property creation order, so enumerating the elements
+  * of an object does not necessarily visit indexes in the order they were
+  * created.
+  *
++ *
++ * [SMDOC] NativeObject shifted elements optimization
++ *
+  * Shifted elements
+  * ----------------
+  * It's pretty common to use an array as a queue, like this:
+  *
+  *    while (arr.length > 0)
+  *        foo(arr.shift());
+  *
+  * To ensure we don't get quadratic behavior on this, elements can be 'shifted'
+@@ -427,16 +432,18 @@ enum class DenseElementResult {
+ };
+ 
+ enum class ShouldUpdateTypes {
+     Update,
+     DontUpdate
+ };
+ 
+ /*
++ * [SMDOC] NativeObject layout
++ *
+  * NativeObject specifies the internal implementation of a native object.
+  *
+  * Native objects use ShapedObject::shape to record property information. Two
+  * native objects with the same shape are guaranteed to have the same number of
+  * fixed slots.
+  *
+  * Native objects extend the base implementation of an object with storage for
+  * the object's named properties and indexed elements.
+diff --git a/js/src/vm/ObjectGroup.h b/js/src/vm/ObjectGroup.h
+--- a/js/src/vm/ObjectGroup.h
++++ b/js/src/vm/ObjectGroup.h
+@@ -60,17 +60,17 @@ enum NewObjectKind {
+      * Objects which will not benefit from being allocated in the nursery
+      * (e.g. because they are known to have a long lifetime) may be allocated
+      * with this kind to place them immediately into the tenured generation.
+      */
+     TenuredObject
+ };
+ 
+ /*
+- * Lazy object groups overview.
++ * [SMDOC] Type-Inference lazy ObjectGroup
+  *
+  * Object groups which represent at most one JS object are constructed lazily.
+  * These include groups for native functions, standard classes, scripted
+  * functions defined at the top level of global/eval scripts, objects which
+  * dynamically become the prototype of some other object, and in some other
+  * cases. Typical web workloads often create many windows (and many copies of
+  * standard natives) and many scripts, with comparatively few non-singleton
+  * groups.
+@@ -104,16 +104,18 @@ class ObjectGroup : public gc::TenuredCe
+     /* Flags for this group. */
+     ObjectGroupFlags flags_; // set by constructor
+ 
+     // If non-null, holds additional information about this object, whose
+     // format is indicated by the object's addendum kind.
+     void* addendum_ = nullptr;
+ 
+     /*
++     * [SMDOC] Type-Inference object properties
++     *
+      * Properties of this object.
+      *
+      * The type sets in the properties of a group describe the possible values
+      * that can be read out of that property in actual JS objects. In native
+      * objects, property types account for plain data properties (those with a
+      * slot and no getter or setter hook) and dense elements. In typed objects
+      * and unboxed objects, property types account for object and value
+      * properties and elements in the object, and expando properties in unboxed
+diff --git a/js/src/vm/Opcodes.h b/js/src/vm/Opcodes.h
+--- a/js/src/vm/Opcodes.h
++++ b/js/src/vm/Opcodes.h
+@@ -8,16 +8,18 @@
+ #ifndef vm_Opcodes_h
+ #define vm_Opcodes_h
+ 
+ #include "mozilla/Attributes.h"
+ 
+ #include <stddef.h>
+ 
+ /*
++ * [SMDOC] Bytecode Definitions
++ *
+  * JavaScript operation bytecodes.  Add a new bytecode by claiming one of the
+  * JSOP_UNUSED* here or by extracting the first unused opcode from
+  * FOR_EACH_TRAILING_UNUSED_OPCODE and updating js::detail::LastDefinedOpcode
+  * below.
+  *
+  * Includers must define a macro with the following form:
+  *
+  * #define MACRO(op,val,name,image,length,nuses,ndefs,format) ...
+diff --git a/js/src/vm/Runtime.h b/js/src/vm/Runtime.h
+--- a/js/src/vm/Runtime.h
++++ b/js/src/vm/Runtime.h
+@@ -97,17 +97,17 @@ class CompileRuntime;
+ 
+ #ifdef JS_SIMULATOR_ARM64
+ typedef vixl::Simulator Simulator;
+ #elif defined(JS_SIMULATOR)
+ class Simulator;
+ #endif
+ } // namespace jit
+ 
+-// JS Engine Threading
++// [SMDOC] JS Engine Threading
+ //
+ // Threads interacting with a runtime are divided into two categories:
+ //
+ // - The main thread is capable of running JS. There's at most one main thread
+ //   per runtime.
+ //
+ // - Helper threads do not run JS, and are controlled or triggered by activity
+ //   on the main thread (or main threads, since all runtimes in a process share
+diff --git a/js/src/vm/Shape.h b/js/src/vm/Shape.h
+--- a/js/src/vm/Shape.h
++++ b/js/src/vm/Shape.h
+@@ -29,16 +29,18 @@
+ #include "js/UbiNode.h"
+ #include "vm/JSAtom.h"
+ #include "vm/ObjectGroup.h"
+ #include "vm/Printer.h"
+ #include "vm/StringType.h"
+ #include "vm/SymbolType.h"
+ 
+ /*
++ * [SMDOC] Shapes
++ *
+  * In isolation, a Shape represents a property that exists in one or more
+  * objects; it has an id, flags, etc. (But it doesn't represent the property's
+  * value.)  However, Shapes are always stored in linked linear sequence of
+  * Shapes, called "shape lineages". Each shape lineage represents the layout of
+  * an entire object.
+  *
+  * Every JSObject has a pointer, |shape_|, accessible via lastProperty(), to
+  * the last Shape in a shape lineage, which identifies the property most
+diff --git a/js/src/vm/Stack.h b/js/src/vm/Stack.h
+--- a/js/src/vm/Stack.h
++++ b/js/src/vm/Stack.h
+@@ -64,17 +64,17 @@ class SavedFrame;
+ namespace jit {
+ class CommonFrameLayout;
+ }
+ namespace wasm {
+ class DebugFrame;
+ class Instance;
+ }
+ 
+-// VM stack layout
++// [SMDOC] VM stack layout
+ //
+ // A JSRuntime's stack consists of a linked list of activations. Every activation
+ // contains a number of scripted frames that are either running in the interpreter
+ // (InterpreterActivation) or JIT code (JitActivation). The frames inside a single
+ // activation are contiguous: whenever C++ calls back into JS, a new activation is
+ // pushed.
+ //
+ // Every activation is tied to a single JSContext and JSCompartment. This means we
+diff --git a/js/src/vm/StringType.h b/js/src/vm/StringType.h
+--- a/js/src/vm/StringType.h
++++ b/js/src/vm/StringType.h
+@@ -39,17 +39,17 @@ class StaticStrings;
+ class PropertyName;
+ 
+ /* The buffer length required to contain any unsigned 32-bit integer. */
+ static const size_t UINT32_CHAR_BUFFER_LENGTH = sizeof("4294967295") - 1;
+ 
+ } /* namespace js */
+ 
+ /*
+- * JavaScript strings
++ * [SMDOC] JavaScript Strings
+  *
+  * Conceptually, a JS string is just an array of chars and a length. This array
+  * of chars may or may not be null-terminated and, if it is, the null character
+  * is not included in the length.
+  *
+  * To improve performance of common operations, the following optimizations are
+  * made which affect the engine's representation of strings:
+  *
+diff --git a/js/src/vm/SymbolType.h b/js/src/vm/SymbolType.h
+--- a/js/src/vm/SymbolType.h
++++ b/js/src/vm/SymbolType.h
+@@ -117,16 +117,18 @@ struct HashSymbolsByDescription
+         return HashNumber(l->hash());
+     }
+     static bool match(Key sym, Lookup l) {
+         return sym->description() == l;
+     }
+ };
+ 
+ /*
++ * [SMDOC] Symbol.for() registry (ES6 GlobalSymbolRegistry)
++ *
+  * The runtime-wide symbol registry, used to implement Symbol.for().
+  *
+  * ES6 draft rev 25 (2014 May 22) calls this the GlobalSymbolRegistry List. In
+  * our implementation, it is not global. There is one per JSRuntime. The
+  * symbols in the symbol registry, like all symbols, are allocated in the atoms
+  * compartment and can be directly referenced from any compartment. They are
+  * never shared across runtimes.
+  *
+diff --git a/js/src/vm/TypeInference.h b/js/src/vm/TypeInference.h
+--- a/js/src/vm/TypeInference.h
++++ b/js/src/vm/TypeInference.h
+@@ -208,16 +208,18 @@ enum : uint32_t {
+ };
+ typedef uint32_t ObjectGroupFlags;
+ 
+ class StackTypeSet;
+ class HeapTypeSet;
+ class TemporaryTypeSet;
+ 
+ /*
++ * [SMDOC] Type-Inference TypeSet
++ *
+  * Information about the set of types associated with an lvalue. There are
+  * three kinds of type sets:
+  *
+  * - StackTypeSet are associated with TypeScripts, for arguments and values
+  *   observed at property reads. These are implicitly frozen on compilation
+  *   and only have constraints added to them which can trigger invalidation of
+  *   TypeNewScript information.
+  *
+diff --git a/js/src/wasm/WasmBaselineCompile.cpp b/js/src/wasm/WasmBaselineCompile.cpp
+--- a/js/src/wasm/WasmBaselineCompile.cpp
++++ b/js/src/wasm/WasmBaselineCompile.cpp
+@@ -11,17 +11,18 @@
+  *
+  * Unless required by applicable law or agreed to in writing, software
+  * distributed under the License is distributed on an "AS IS" BASIS,
+  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+  * See the License for the specific language governing permissions and
+  * limitations under the License.
+  */
+ 
+-/* WebAssembly baseline compiler ("RabaldrMonkey")
++/*
++ * [SMDOC] WebAssembly baseline compiler (RabaldrMonkey)
+  *
+  * General assumptions for 32-bit vs 64-bit code:
+  *
+  * - A 32-bit register can be extended in-place to a 64-bit register on 64-bit
+  *   systems.
+  *
+  * - Code that knows that Register64 has a '.reg' member on 64-bit systems and
+  *   '.high' and '.low' members on 32-bit systems, or knows the implications

frg/work-js/mozilla-release/patches/1473272-63a1.patch

@@ -0,0 +1,187 @@
+# HG changeset patch
+# User Jim Blandy <jimb@mozilla.com>
+# Date 1532834806 25200
+# Node ID 714f1a873154e3435a212c8ef62196fd93613bbf
+# Parent  8adf8ebedf96509c8ee48adc3a7ac22052c8acc6
+Bug 1473272 - Don't treat classes with default constructors as self-hosted code. r=tcampbell
+
+diff --git a/js/src/builtin/Classes.js b/js/src/builtin/Classes.js
+--- a/js/src/builtin/Classes.js
++++ b/js/src/builtin/Classes.js
+@@ -1,17 +1,15 @@
+ // Give a builtin constructor that we can use as the default. When we give
+ // it to our newly made class, we will be sure to set it up with the correct name
+ // and .prototype, so that everything works properly.
+ 
++// The template classes should have all their code on a single line, so that
++// bytecodes' line offsets within the script don't contribute spurious offsets
++// when we transplant them into the real class definition. Punting on column numbers.
++
+ var DefaultDerivedClassConstructor =
+-    class extends null {
+-        constructor(...args) {
+-            super(...allowContentIter(args));
+-        }
+-    };
++    class extends null { constructor(...args) { super(...allowContentIter(args)); } };
+ MakeDefaultConstructor(DefaultDerivedClassConstructor);
+ 
+ var DefaultBaseClassConstructor =
+-    class {
+-        constructor() { }
+-    };
++    class { constructor() { } };
+ MakeDefaultConstructor(DefaultBaseClassConstructor);
+diff --git a/js/src/jit-test/tests/class/bug1473272-default-constructors.js b/js/src/jit-test/tests/class/bug1473272-default-constructors.js
+new file mode 100644
+--- /dev/null
++++ b/js/src/jit-test/tests/class/bug1473272-default-constructors.js
+@@ -0,0 +1,24 @@
++// Test the source location info in a derived-class default constructor.
++
++function W() { test(); }
++class Z extends W {}  // line 4
++class Y extends Z {}  // line 5
++
++class X extends Y {}  // line 7
++
++function test() {
++    for (let frame of new Error().stack.split('\n')) {
++        function lineNumber(frame) {
++            return +frame.match(/(\d+):\d+$/)[1];
++        }
++
++        if (frame.startsWith("Z@"))
++            assertEq(lineNumber(frame), 4);
++        if (frame.startsWith("Y@"))
++            assertEq(lineNumber(frame), 5);
++        if (frame.startsWith("X@"))
++            assertEq(lineNumber(frame), 7);
++    }
++}
++
++new X;
+diff --git a/js/src/jit-test/tests/debug/class-default-constructor-01.js b/js/src/jit-test/tests/debug/class-default-constructor-01.js
+new file mode 100644
+--- /dev/null
++++ b/js/src/jit-test/tests/debug/class-default-constructor-01.js
+@@ -0,0 +1,34 @@
++// We should be able to retrieve the script of a class's default constructor.
++
++var g = newGlobal();
++var dbg = new Debugger;
++var gDO = dbg.addDebuggee(g);
++
++// Class definitions go in the global's lexical environment, so we can't use
++// getOwnPropertyDescriptor or g.X to retrieve their constructor.
++//
++// Derived clasess use a different script from the self-hosted compartment, so
++// check those too.
++gDO.executeInGlobal(`   // 1729
++  class X {};           // 1730
++                        // 1731
++                        // 1732
++  class Y extends X {}; // 1733
++`, { lineNumber: 1729 });
++
++function check(name, text, startLine) {
++  print(`checking ${name}`);
++  var desc = gDO.executeInGlobal(name).return;
++  assertEq(desc.class, 'Function');
++  assertEq(desc.name, name);
++  var script = desc.script;
++  assertEq(script instanceof Debugger.Script, true,
++           "default constructor's script should be available");
++  assertEq(script.startLine, startLine,
++           "default constructor's starting line should be set");
++  var source = script.source;
++  assertEq(source.text.substr(script.sourceStart, script.sourceLength), text);
++}
++
++check('X', 'class X {}', 1730);
++check('Y', 'class Y extends X {}', 1733);
+diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp
+--- a/js/src/vm/Interpreter.cpp
++++ b/js/src/vm/Interpreter.cpp
+@@ -301,18 +301,21 @@ js::MakeDefaultConstructor(JSContext* cx
+     // Create the script now, as the source span needs to be overridden for
+     // toString. Calling toString on a class constructor must not return the
+     // source for just the constructor function.
+     JSScript *ctorScript = JSFunction::getOrCreateScript(cx, ctor);
+     if (!ctorScript)
+         return nullptr;
+     uint32_t classStartOffset = GetSrcNoteOffset(classNote, 0);
+     uint32_t classEndOffset = GetSrcNoteOffset(classNote, 1);
+-    ctorScript->setDefaultClassConstructorSpan(script->sourceObject(), classStartOffset,
+-                                               classEndOffset);
++    unsigned column;
++    unsigned line = PCToLineNumber(script, pc, &column);
++    ctorScript->setDefaultClassConstructorSpan(script->sourceObject(),
++                                               classStartOffset, classEndOffset,
++                                               line, column);
+ 
+     return ctor;
+ }
+ 
+ bool
+ js::ReportIsNotFunction(JSContext* cx, HandleValue v, int numToSkip, MaybeConstruct construct)
+ {
+     unsigned error = construct ? JSMSG_NOT_CONSTRUCTOR : JSMSG_NOT_FUNCTION;
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -992,22 +992,30 @@ js::XDRLazyScript(XDRState<XDR_DECODE>*,
+ void
+ JSScript::setSourceObject(JSObject* object)
+ {
+     MOZ_ASSERT(compartment() == object->compartment());
+     sourceObject_ = object;
+ }
+ 
+ void
+-JSScript::setDefaultClassConstructorSpan(JSObject* sourceObject, uint32_t start, uint32_t end)
++JSScript::setDefaultClassConstructorSpan(JSObject* sourceObject, uint32_t start, uint32_t end,
++                                         unsigned line, unsigned column)
+ {
+     MOZ_ASSERT(isDefaultClassConstructor());
+     setSourceObject(sourceObject);
+     toStringStart_ = start;
+     toStringEnd_ = end;
++    sourceStart_ = start;
++    sourceEnd_ = end;
++    lineno_ = line;
++    column_ = column;
++    // Since this script has been changed to point into the user's source, we
++    // can clear its self-hosted flag, allowing Debugger to see it.
++    bitFields_.selfHosted_ = false;
+ }
+ 
+ js::ScriptSourceObject&
+ JSScript::scriptSourceUnwrap() const {
+     // This may be called off the main thread. It's OK not to expose the source
+     // object here as it doesn't escape.
+     return UncheckedUnwrapWithoutExpose(sourceObject())->as<ScriptSourceObject>();
+ }
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1707,17 +1707,18 @@ class JSScript : public js::gc::TenuredC
+     void setSourceObject(JSObject* object);
+     JSObject* sourceObject() const {
+         return sourceObject_;
+     }
+     js::ScriptSourceObject& scriptSourceUnwrap() const;
+     js::ScriptSource* scriptSource() const;
+     js::ScriptSource* maybeForwardedScriptSource() const;
+ 
+-    void setDefaultClassConstructorSpan(JSObject* sourceObject, uint32_t start, uint32_t end);
++    void setDefaultClassConstructorSpan(JSObject* sourceObject, uint32_t start, uint32_t end,
++                                        unsigned line, unsigned column);
+ 
+     bool mutedErrors() const { return scriptSource()->mutedErrors(); }
+     const char* filename() const { return scriptSource()->filename(); }
+     const char* maybeForwardedFilename() const { return maybeForwardedScriptSource()->filename(); }
+ 
+ #ifdef MOZ_VTUNE
+     uint32_t vtuneMethodID() const { return vtuneMethodId_; }
+ #endif

frg/work-js/mozilla-release/patches/1482153-64a1.patch

@@ -2,7 +2,7 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1539693852 -3600
 # Node ID 180eb0ea89bcf02d511d4e05f493583d125177ea
-# Parent  97be1d70d0cd4637a4bd02e984d179b3f1a600e8
+# Parent  6d8994f35977ffb61f7d785e8a7b480c767f8203
 Bug 1482153 - Provide a way of associating a private value with a script or module r=jandem rs=hsivonen
 
 diff --git a/dom/script/ModuleScript.cpp b/dom/script/ModuleScript.cpp
@@ -52,7 +52,7 @@ diff --git a/dom/script/ModuleScript.cpp b/dom/script/ModuleScript.cpp
 diff --git a/dom/script/ScriptLoader.cpp b/dom/script/ScriptLoader.cpp
 --- a/dom/script/ScriptLoader.cpp
 +++ b/dom/script/ScriptLoader.cpp
-@@ -754,23 +754,23 @@ ScriptLoader::StartFetchingModuleAndDepe
+@@ -699,23 +699,23 @@ ScriptLoader::StartFetchingModuleAndDepe
      return ready;
    }
  
@@ -80,7 +80,7 @@ diff --git a/dom/script/ScriptLoader.cpp b/dom/script/ScriptLoader.cpp
      return nullptr;
    }
  
-@@ -787,29 +787,22 @@ HostResolveImportedModule(JSContext* aCx
+@@ -732,29 +732,22 @@ HostResolveImportedModule(JSContext* aCx
  
    MOZ_ASSERT(!ms->HasParseError());
    MOZ_ASSERT(ms->ModuleRecord());
@@ -117,7 +117,7 @@ diff --git a/dom/script/ScriptLoader.cpp b/dom/script/ScriptLoader.cpp
 diff --git a/dom/script/ScriptLoader.h b/dom/script/ScriptLoader.h
 --- a/dom/script/ScriptLoader.h
 +++ b/dom/script/ScriptLoader.h
-@@ -516,18 +516,19 @@ private:
+@@ -507,18 +507,19 @@ private:
  
    bool IsFetchingModule(ModuleLoadRequest* aRequest) const;
  
@@ -142,12 +142,12 @@ diff --git a/dom/script/ScriptLoader.h b/dom/script/ScriptLoader.h
 diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
 --- a/js/src/builtin/ModuleObject.cpp
 +++ b/js/src/builtin/ModuleObject.cpp
-@@ -868,32 +868,40 @@ ModuleObject::namespace_()
+@@ -841,31 +841,39 @@ ModuleNamespaceObject*
+ ModuleObject::namespace_()
  {
      Value value = getReservedSlot(NamespaceSlot);
-     if (value.isUndefined()) {
+     if (value.isUndefined())
          return nullptr;
-     }
      return &value.toObject().as<ModuleNamespaceObject>();
  }
  
@@ -161,9 +161,8 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
  ModuleObject::functionDeclarations()
  {
      Value value = getReservedSlot(FunctionDeclarationsSlot);
-     if (value.isUndefined()) {
+     if (value.isUndefined())
          return nullptr;
-     }
  
      return static_cast<FunctionDeclarationVector*>(value.toPrivate());
  }
@@ -183,7 +182,7 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
      initReservedSlot(EnvironmentSlot, ObjectValue(*initialEnvironment));
  }
  
-@@ -1050,28 +1058,16 @@ ModuleObject::metaObject() const
+@@ -1019,28 +1027,16 @@ ModuleObject::metaObject() const
  void
  ModuleObject::setMetaObject(JSObject* obj)
  {
@@ -212,8 +211,8 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
  
  /* static */ void
  ModuleObject::trace(JSTracer* trc, JSObject* obj)
-@@ -1795,16 +1791,17 @@ js::GetOrCreateModuleMetaObject(JSContex
-     }
+@@ -1688,15 +1684,17 @@ js::GetOrCreateModuleMetaObject(JSContex
+         return nullptr;
  
      JS::ModuleMetadataHook func = cx->runtime()->moduleMetadataHook;
      if (!func) {
@@ -221,11 +220,11 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
          return nullptr;
      }
  
--    if (!func(cx, module, metaObject)) {
+-    if (!func(cx, module, metaObject))
 +    RootedValue modulePrivate(cx, JS::GetModulePrivate(module));
 +    if (!func(cx, modulePrivate, metaObject)) {
          return nullptr;
-     }
++    }
  
      module->setMetaObject(metaObject);
  
@@ -234,7 +233,7 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
 diff --git a/js/src/builtin/ModuleObject.h b/js/src/builtin/ModuleObject.h
 --- a/js/src/builtin/ModuleObject.h
 +++ b/js/src/builtin/ModuleObject.h
-@@ -255,17 +255,17 @@ class ModuleObject : public NativeObject
+@@ -250,17 +250,17 @@ class ModuleObject : public NativeObject
      enum ModuleSlot
      {
          ScriptSlot = 0,
@@ -253,7 +252,7 @@ diff --git a/js/src/builtin/ModuleObject.h b/js/src/builtin/ModuleObject.h
          ImportBindingsSlot,
          FunctionDeclarationsSlot,
          DFSIndexSlot,
-@@ -307,34 +307,32 @@ class ModuleObject : public NativeObject
+@@ -302,34 +302,32 @@ class ModuleObject : public NativeObject
      Scope* enclosingScope() const;
      ModuleEnvironmentObject& initialEnvironment() const;
      ModuleEnvironmentObject* environment() const;
@@ -292,9 +291,9 @@ diff --git a/js/src/builtin/ModuleObject.h b/js/src/builtin/ModuleObject.h
 diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
 --- a/js/src/jsapi.cpp
 +++ b/js/src/jsapi.cpp
-@@ -4147,25 +4147,37 @@ JS::CompileModule(JSContext* cx, const R
+@@ -4892,25 +4892,37 @@ JS::CompileModule(JSContext* cx, const R
      AssertHeapIsIdle();
-     CHECK_THREAD(cx);
+     CHECK_REQUEST(cx);
  
      module.set(frontend::CompileModule(cx, options, srcBuf));
      return !!module;
@@ -334,19 +333,19 @@ diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
  JS::ModuleInstantiate(JSContext* cx, JS::HandleObject moduleArg)
  {
      AssertHeapIsIdle();
-     CHECK_THREAD(cx);
-     cx->check(moduleArg);
+     CHECK_REQUEST(cx);
+     releaseAssertSameCompartment(cx, moduleArg);
 diff --git a/js/src/jsapi.h b/js/src/jsapi.h
 --- a/js/src/jsapi.h
 +++ b/js/src/jsapi.h
-@@ -3016,31 +3016,31 @@ extern JS_PUBLIC_API(JSString*)
- JS_DecompileScript(JSContext* cx, JS::Handle<JSScript*> script);
- 
- extern JS_PUBLIC_API(JSString*)
- JS_DecompileFunction(JSContext* cx, JS::Handle<JSFunction*> fun);
- 
+@@ -3861,31 +3861,31 @@ Evaluate(JSContext* cx, const ReadOnlyCo
  
- namespace JS {
+ /**
+  * Evaluate the given file in the scope of the current global of cx.
+  */
+ extern JS_PUBLIC_API(bool)
+ Evaluate(JSContext* cx, const ReadOnlyCompileOptions& options,
+          const char* filename, JS::MutableHandleValue rval);
  
 -using ModuleResolveHook = JSObject* (*)(JSContext*, HandleObject, HandleString);
 +using ModuleResolveHook = JSObject* (*)(JSContext*, HandleValue, HandleString);
@@ -373,7 +372,7 @@ diff --git a/js/src/jsapi.h b/js/src/jsapi.h
  GetModuleMetadataHook(JSRuntime* rt);
  
  /**
-@@ -3054,27 +3054,40 @@ SetModuleMetadataHook(JSRuntime* rt, Mod
+@@ -3899,27 +3899,40 @@ SetModuleMetadataHook(JSRuntime* rt, Mod
   * Parse the given source buffer as a module in the scope of the current global
   * of cx and return a source text module record.
   */
@@ -388,16 +387,19 @@ diff --git a/js/src/jsapi.h b/js/src/jsapi.h
   */
  extern JS_PUBLIC_API(void)
 -SetModuleHostDefinedField(JSObject* module, const JS::Value& value);
+-
+-/**
+- * Get the [[HostDefined]] field of a source text module record.
 +SetModulePrivate(JSObject* module, const JS::Value& value);
 +
 +/**
 + * Get the private value associated with a source text module record.
-+ */
-+extern JS_PUBLIC_API(JS::Value)
+  */
+ extern JS_PUBLIC_API(JS::Value)
+-GetModuleHostDefinedField(JSObject* module);
 +GetModulePrivate(JSObject* module);
- 
- /**
-- * Get the [[HostDefined]] field of a source text module record.
++
++/**
 + * Set a private value associated with a script. Note that this value is shared
 + * by all nested scripts compiled from a single source file.
 + */
@@ -407,9 +409,8 @@ diff --git a/js/src/jsapi.h b/js/src/jsapi.h
 +/**
 + * Get the private value associated with a script. Note that this value is
 + * shared by all nested scripts compiled from a single source file.
-  */
- extern JS_PUBLIC_API(JS::Value)
--GetModuleHostDefinedField(JSObject* module);
++ */
++extern JS_PUBLIC_API(JS::Value)
 +GetScriptPrivate(JSScript* script);
  
  /*
@@ -566,7 +567,7 @@ diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js
 diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 --- a/js/src/shell/js.cpp
 +++ b/js/src/shell/js.cpp
-@@ -4718,28 +4718,28 @@ SetModuleResolveHook(JSContext* cx, unsi
+@@ -4284,28 +4284,28 @@ SetModuleResolveHook(JSContext* cx, unsi
      Handle<GlobalObject*> global = cx->global();
      global->setReservedSlot(GlobalAppSlotModuleResolveHook, args[0]);
  
@@ -592,12 +593,12 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      args[1].setString(specifier);
  
      RootedValue result(cx);
-     if (!JS_CallFunctionValue(cx, nullptr, hookValue, args, &result)) {
+     if (!JS_CallFunctionValue(cx, nullptr, hookValue, args, &result))
          return nullptr;
-     }
  
      if (!result.isObject() || !result.toObject().is<ModuleObject>()) {
-@@ -4769,35 +4769,82 @@ SetModuleMetadataHook(JSContext* cx, uns
+          JS_ReportErrorASCII(cx, "Module resolve hook did not return Module object");
+@@ -4334,35 +4334,82 @@ SetModuleMetadataHook(JSContext* cx, uns
      Handle<GlobalObject*> global = cx->global();
      global->setReservedSlot(GlobalAppSlotModuleMetadataHook, args[0]);
  
@@ -681,8 +682,8 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      ShellContext* sc = GetShellContext(cx);
      if (sc->moduleLoadPath) {
          JSString* str = JS_NewStringCopyZ(cx, sc->moduleLoadPath.get());
-         if (!str) {
-@@ -8006,16 +8053,24 @@ static const JSFunctionSpecWithHelp shel
+         if (!str)
+@@ -6849,16 +6896,24 @@ static const JSFunctionSpecWithHelp shel
  "  be implemented by the module loader."),
  
      JS_FN_HELP("setModuleMetadataHook", SetModuleMetadataHook, 1, 0,
@@ -704,18 +705,18 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
  "  Return any --module-load-path argument passed to the shell.  Used by the\n"
  "  module loader.\n"),
  
- #if defined(JS_BUILD_BINAST)
- 
- JS_FN_HELP("parseBin", BinParse, 1, 0,
+     JS_FN_HELP("parse", Parse, 1, 0,
+ "parse(code)",
+ "  Parses a string, potentially throwing."),
 diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
 --- a/js/src/vm/JSScript.h
 +++ b/js/src/vm/JSScript.h
-@@ -1216,22 +1216,32 @@ class ScriptSourceObject : public Native
+@@ -746,22 +746,32 @@ class ScriptSourceObject : public Native
+     }
      JSScript* introductionScript() const {
          Value value = getReservedSlot(INTRODUCTION_SCRIPT_SLOT);
-         if (value.isUndefined()) {
+         if (value.isUndefined())
              return nullptr;
-         }
          return value.toGCThing()->as<JSScript>();
      }
  
@@ -751,7 +752,7 @@ diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
 diff --git a/js/src/vm/SelfHosting.cpp b/js/src/vm/SelfHosting.cpp
 --- a/js/src/vm/SelfHosting.cpp
 +++ b/js/src/vm/SelfHosting.cpp
-@@ -2185,17 +2185,18 @@ intrinsic_HostResolveImportedModule(JSCo
+@@ -2158,19 +2158,21 @@ intrinsic_HostResolveImportedModule(JSCo
  
      JS::ModuleResolveHook moduleResolveHook = cx->runtime()->moduleResolveHook;
      if (!moduleResolveHook) {
@@ -761,14 +762,17 @@ diff --git a/js/src/vm/SelfHosting.cpp b/js/src/vm/SelfHosting.cpp
  
      RootedObject result(cx);
 -    result = moduleResolveHook(cx, module, specifier);
+-    if (!result)
 +    RootedValue referencingPrivate(cx, JS::GetModulePrivate(module));
 +    result = moduleResolveHook(cx, referencingPrivate, specifier);
-     if (!result) {
++    if (!result) {
          return false;
-     }
++    }
  
      if (!result->is<ModuleObject>()) {
          JS_ReportErrorASCII(cx, "Module resolve hook did not return Module object");
          return false;
      }
-
+ 
+     args.rval().setObject(*result);
+     return true;

frg/work-js/mozilla-release/patches/1484948-64a1.patch

@@ -2,7 +2,7 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1536339169 -3600
 # Node ID d1b2141b1c454f28b8d35164c958e9ddcc7058fe
-# Parent  1668b9d0af172e26e4d76e58e21d3a436cb3c714
+# Parent  efba120868a6f5d9a8f13a2c252a74763ab47375
 Bug 1484948 - Parse dynamic module import syntax but throw SyntaxError if used r=jorendorff
 
 diff --git a/js/src/builtin/ReflectParse.cpp b/js/src/builtin/ReflectParse.cpp
@@ -59,7 +59,7 @@ diff --git a/js/src/builtin/ReflectParse.cpp b/js/src/builtin/ReflectParse.cpp
  
      return newNode(AST_SUPER, pos, dst);
  }
-@@ -2942,16 +2959,31 @@ ASTSerializer::expression(ParseNode* pn,
+@@ -2943,16 +2960,31 @@ ASTSerializer::expression(ParseNode* pn,
              secondStr = cx->names().meta;
          }
  
@@ -94,7 +94,7 @@ diff --git a/js/src/builtin/ReflectParse.cpp b/js/src/builtin/ReflectParse.cpp
 diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitter.cpp
 --- a/js/src/frontend/BytecodeEmitter.cpp
 +++ b/js/src/frontend/BytecodeEmitter.cpp
-@@ -3680,16 +3680,21 @@ BytecodeEmitter::checkSideEffects(ParseN
+@@ -1219,16 +1219,21 @@ BytecodeEmitter::checkSideEffects(ParseN
          return true;
  
        // Likewise.
@@ -116,7 +116,7 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
        case ParseNodeKind::DoWhile:
        case ParseNodeKind::While:
        case ParseNodeKind::For:
-@@ -11270,16 +11275,20 @@ BytecodeEmitter::emitTree(ParseNode* pn,
+@@ -8291,16 +8296,20 @@ BytecodeEmitter::emitTree(ParseNode* pn,
              return false;
          break;
  
@@ -134,9 +134,9 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
              return false;
          break;
  
+       case ParseNodeKind::PropertyName:
        case ParseNodeKind::PosHolder:
-         MOZ_FALLTHROUGH_ASSERT("Should never try to emit ParseNodeKind::PosHolder");
- 
+         MOZ_FALLTHROUGH_ASSERT("Should never try to emit ParseNodeKind::PosHolder or ::Property");
 diff --git a/js/src/frontend/FoldConstants.cpp b/js/src/frontend/FoldConstants.cpp
 --- a/js/src/frontend/FoldConstants.cpp
 +++ b/js/src/frontend/FoldConstants.cpp
@@ -158,7 +158,7 @@ diff --git a/js/src/frontend/FoldConstants.cpp b/js/src/frontend/FoldConstants.c
        case ParseNodeKind::DoWhile:
          return ContainsHoistedDeclaration(cx, node->pn_left, result);
  
-@@ -1725,16 +1726,21 @@ Fold(JSContext* cx, ParseNode** pnp, Per
+@@ -1750,16 +1751,21 @@ Fold(JSContext* cx, ParseNode** pnp, Per
  
        case ParseNodeKind::NewTarget:
        case ParseNodeKind::ImportMeta:
@@ -183,7 +183,7 @@ diff --git a/js/src/frontend/FoldConstants.cpp b/js/src/frontend/FoldConstants.c
 diff --git a/js/src/frontend/FullParseHandler.h b/js/src/frontend/FullParseHandler.h
 --- a/js/src/frontend/FullParseHandler.h
 +++ b/js/src/frontend/FullParseHandler.h
-@@ -552,16 +552,20 @@ class FullParseHandler
+@@ -555,16 +555,20 @@ class FullParseHandler
      ParseNode* newExportBatchSpec(const TokenPos& pos) {
          return new_<NullaryNode>(ParseNodeKind::ExportBatchSpec, JSOP_NOP, pos);
      }
@@ -207,7 +207,7 @@ diff --git a/js/src/frontend/FullParseHandler.h b/js/src/frontend/FullParseHandl
 diff --git a/js/src/frontend/NameFunctions.cpp b/js/src/frontend/NameFunctions.cpp
 --- a/js/src/frontend/NameFunctions.cpp
 +++ b/js/src/frontend/NameFunctions.cpp
-@@ -760,16 +760,22 @@ class NameResolver
+@@ -778,16 +778,22 @@ class NameResolver
                  MOZ_ASSERT(!item->pn_left->expr());
                  MOZ_ASSERT(item->pn_right->isKind(ParseNodeKind::Name));
                  MOZ_ASSERT(!item->pn_right->expr());
@@ -223,17 +223,17 @@ diff --git a/js/src/frontend/NameFunctions.cpp b/js/src/frontend/NameFunctions.c
 +            break;
 +
            case ParseNodeKind::Dot:
-             MOZ_ASSERT(cur->isArity(PN_NAME));
+             MOZ_ASSERT(cur->isArity(PN_BINARY));
  
              // Super prop nodes do not have a meaningful LHS
              if (cur->as<PropertyAccess>().isSuper())
                  break;
-             if (!resolve(cur->expr(), prefix))
+             if (!resolve(cur->pn_left, prefix))
                  return false;
 diff --git a/js/src/frontend/ParseNode.h b/js/src/frontend/ParseNode.h
 --- a/js/src/frontend/ParseNode.h
 +++ b/js/src/frontend/ParseNode.h
-@@ -128,16 +128,17 @@ class ObjectBox;
+@@ -130,16 +130,17 @@ class ObjectBox;
      F(ClassMethodList) \
      F(ClassNames) \
      F(NewTarget) \
@@ -254,7 +254,7 @@ diff --git a/js/src/frontend/ParseNode.h b/js/src/frontend/ParseNode.h
 diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
 --- a/js/src/frontend/Parser.cpp
 +++ b/js/src/frontend/Parser.cpp
-@@ -5335,25 +5335,25 @@ template <class ParseHandler, typename C
+@@ -5336,25 +5336,25 @@ template <class ParseHandler, typename C
  inline typename ParseHandler::Node
  GeneralParser<ParseHandler, CharT>::importDeclaration()
  {
@@ -282,7 +282,7 @@ diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
  template<typename CharT>
  bool
  Parser<FullParseHandler, CharT>::checkExportedName(JSAtom* exportName)
-@@ -7705,17 +7705,17 @@ GeneralParser<ParseHandler, CharT>::stat
+@@ -7706,17 +7706,17 @@ GeneralParser<ParseHandler, CharT>::stat
  
        // |class| is also forbidden by lookahead restriction.
        case TokenKind::Class:
@@ -301,7 +301,7 @@ diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
        // Miscellaneous error cases arguably better caught here than elsewhere.
  
        case TokenKind::Catch:
-@@ -7898,17 +7898,17 @@ GeneralParser<ParseHandler, CharT>::stat
+@@ -7899,17 +7899,17 @@ GeneralParser<ParseHandler, CharT>::stat
        //     LetOrConst BindingList[?In, ?Yield]
        case TokenKind::Const:
          // [In] is the default behavior, because for-loops specially parse
@@ -320,7 +320,7 @@ diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
        // Miscellaneous error cases arguably better caught here than elsewhere.
  
        case TokenKind::Catch:
-@@ -8719,17 +8719,17 @@ GeneralParser<ParseHandler, CharT>::memb
+@@ -8730,17 +8730,17 @@ GeneralParser<ParseHandler, CharT>::memb
      } else if (tt == TokenKind::Super) {
          Node thisName = newThisName();
          if (!thisName)
@@ -339,7 +339,7 @@ diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
              return null();
      }
  
-@@ -9900,51 +9900,58 @@ GeneralParser<ParseHandler, CharT>::tryN
+@@ -9920,51 +9920,58 @@ GeneralParser<ParseHandler, CharT>::tryN
          return false;
  
      newTarget = handler.newNewTarget(newHolder, targetHolder);
@@ -426,7 +426,7 @@ diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
 diff --git a/js/src/frontend/Parser.h b/js/src/frontend/Parser.h
 --- a/js/src/frontend/Parser.h
 +++ b/js/src/frontend/Parser.h
-@@ -1023,17 +1023,17 @@ class MOZ_STACK_CLASS GeneralParser
+@@ -1027,17 +1027,17 @@ class MOZ_STACK_CLASS GeneralParser
      Node labeledItem(YieldHandling yieldHandling);
  
      Node ifStatement(YieldHandling yieldHandling);
@@ -445,7 +445,7 @@ diff --git a/js/src/frontend/Parser.h b/js/src/frontend/Parser.h
      Node exportFunctionDeclaration(uint32_t begin, uint32_t toStringStart,
                                     FunctionAsyncKind asyncKind = FunctionAsyncKind::SyncFunction);
      Node exportVariableStatement(uint32_t begin);
-@@ -1123,17 +1123,17 @@ class MOZ_STACK_CLASS GeneralParser
+@@ -1127,17 +1127,17 @@ class MOZ_STACK_CLASS GeneralParser
      Node primaryExpr(YieldHandling yieldHandling, TripledotHandling tripledotHandling,
                       TokenKind tt, PossibleError* possibleError,
                       InvokedPrediction invoked = PredictUninvoked);
@@ -467,7 +467,7 @@ diff --git a/js/src/frontend/Parser.h b/js/src/frontend/Parser.h
 diff --git a/js/src/frontend/SyntaxParseHandler.h b/js/src/frontend/SyntaxParseHandler.h
 --- a/js/src/frontend/SyntaxParseHandler.h
 +++ b/js/src/frontend/SyntaxParseHandler.h
-@@ -295,16 +295,19 @@ class SyntaxParseHandler
+@@ -297,16 +297,19 @@ class SyntaxParseHandler
          return NodeGeneric;
      }
      Node newExportBatchSpec(const TokenPos& pos) {

frg/work-js/mozilla-release/patches/1485347-1-63a1.patch

@@ -0,0 +1,152 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1534962482 14400
+#      Wed Aug 22 14:28:02 2018 -0400
+# Node ID a6aa090e485ef4e81fc6e090e12ab6d2019f21aa
+# Parent  9368a43810d3532c3dc2370d88e1aa39e1641abb
+Bug 1485347 - Part 1: Remove nTypeSets argument from JSScript::partiallyInit. r=jandem
+
+MozReview-Commit-ID: I6xBHG8FLlq
+
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -543,25 +543,28 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+     } else {
+         // When encoding, we do not mutate any of the JSScript or LazyScript, so
+         // we can safely unwrap it here.
+         sourceObject = &script->scriptSourceUnwrap();
+     }
+ 
+     if (mode == XDR_DECODE) {
+         if (!JSScript::partiallyInit(cx, script, nscopes, nconsts, nobjects, ntrynotes,
+-                                     nscopenotes, nyieldoffsets, nTypeSets))
++                                     nscopenotes, nyieldoffsets))
+         {
+             return xdr->fail(JS::TranscodeResult_Throw);
+         }
+ 
+         MOZ_ASSERT(!script->mainOffset());
+         script->mainOffset_ = prologueLength;
+         script->funLength_ = funLength;
+ 
++        MOZ_ASSERT(nTypeSets <= UINT16_MAX);
++        script->nTypeSets_ = uint16_t(nTypeSets);
++
+         scriptp.set(script);
+ 
+         if (scriptBits & (1 << Strict))
+             script->bitFields_.strict_ = true;
+         if (scriptBits & (1 << ExplicitUseStrict))
+             script->bitFields_.explicitUseStrict_ = true;
+         if (scriptBits & (1 << ContainsDynamicNameAccess))
+             script->bitFields_.bindingsAccessedDynamically_ = true;
+@@ -2745,30 +2748,27 @@ AllocScriptData(JS::Zone* zone, size_t s
+         return nullptr;
+     MOZ_ASSERT(size_t(data) % sizeof(Value) == 0);
+     return data;
+ }
+ 
+ /* static */ bool
+ JSScript::partiallyInit(JSContext* cx, HandleScript script, uint32_t nscopes,
+                         uint32_t nconsts, uint32_t nobjects, uint32_t ntrynotes,
+-                        uint32_t nscopenotes, uint32_t nyieldoffsets, uint32_t nTypeSets)
++                        uint32_t nscopenotes, uint32_t nyieldoffsets)
+ {
+     size_t size = ScriptDataSize(nscopes, nconsts, nobjects, ntrynotes,
+                                  nscopenotes, nyieldoffsets);
+     script->data = AllocScriptData(script->zone(), size);
+     if (size && !script->data) {
+         ReportOutOfMemory(cx);
+         return false;
+     }
+     script->dataSize_ = size;
+ 
+-    MOZ_ASSERT(nTypeSets <= UINT16_MAX);
+-    script->nTypeSets_ = uint16_t(nTypeSets);
+-
+     uint8_t* cursor = script->data;
+ 
+     // There must always be at least 1 scope, the body scope.
+     MOZ_ASSERT(nscopes != 0);
+     cursor += sizeof(ScopeArray);
+ 
+     if (nconsts != 0) {
+         script->setHasArray(CONSTS);
+@@ -2849,23 +2849,24 @@ JSScript::initFunctionPrototype(JSContex
+                                 HandleFunction functionProto)
+ {
+     uint32_t numScopes = 1;
+     uint32_t numConsts = 0;
+     uint32_t numObjects = 0;
+     uint32_t numTryNotes = 0;
+     uint32_t numScopeNotes = 0;
+     uint32_t numYieldAndAwaitOffsets = 0;
+-    uint32_t numTypeSets = 0;
+     if (!partiallyInit(cx, script, numScopes, numConsts, numObjects, numTryNotes,
+-                       numScopeNotes, numYieldAndAwaitOffsets, numTypeSets))
++                       numScopeNotes, numYieldAndAwaitOffsets))
+     {
+         return false;
+     }
+ 
++    script->nTypeSets_ = 0;
++
+     RootedScope enclosing(cx, &cx->global()->emptyGlobalScope());
+     Scope* functionProtoScope = FunctionScope::create(cx, nullptr, false, false, functionProto,
+                                                       enclosing);
+     if (!functionProtoScope)
+         return false;
+     script->scopes()->vector[0].init(functionProtoScope);
+ 
+     uint32_t codeLength = 1;
+@@ -2958,24 +2959,24 @@ JSScript::fullyInitFromEmitter(JSContext
+     uint32_t prologueLength = bce->prologueOffset();
+     uint32_t nsrcnotes;
+     if (!bce->finishTakingSrcNotes(&nsrcnotes))
+         return false;
+     uint32_t natoms = bce->atomIndices->count();
+     if (!partiallyInit(cx, script,
+                        bce->scopeList.length(), bce->constList.length(), bce->objectList.length,
+                        bce->tryNoteList.length(), bce->scopeNoteList.length(),
+-                       bce->yieldAndAwaitOffsetList.length(), bce->typesetCount))
++                       bce->yieldAndAwaitOffsetList.length()))
+     {
+         return false;
+     }
+ 
+     MOZ_ASSERT(script->mainOffset() == 0);
+     script->mainOffset_ = prologueLength;
+-
++    script->nTypeSets_ = bce->typesetCount;
+     script->lineno_ = bce->firstLine;
+ 
+     if (!script->createScriptData(cx, prologueLength + mainLength, nsrcnotes, natoms))
+         return false;
+ 
+     jsbytecode* code = script->code();
+     PodCopy<jsbytecode>(code, bce->prologue.code.begin(), prologueLength);
+     PodCopy<jsbytecode>(code + prologueLength, bce->main.code.begin(), mainLength);
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1212,18 +1212,17 @@ class JSScript : public js::gc::TenuredC
+                             uint32_t toStringStart, uint32_t toStringEnd);
+ 
+     // Three ways ways to initialize a JSScript. Callers of partiallyInit()
+     // are responsible for notifying the debugger after successfully creating
+     // any kind (function or other) of new JSScript.  However, callers of
+     // fullyInitFromEmitter() do not need to do this.
+     static bool partiallyInit(JSContext* cx, JS::Handle<JSScript*> script,
+                               uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
+-                              uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets,
+-                              uint32_t nTypeSets);
++                              uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets);
+ 
+   private:
+     static void initFromFunctionBox(js::HandleScript script, js::frontend::FunctionBox* funbox);
+     static void initFromModuleContext(js::HandleScript script);
+ 
+   public:
+     static bool fullyInitFromEmitter(JSContext* cx, js::HandleScript script,
+                                      js::frontend::BytecodeEmitter* bce);

frg/work-js/mozilla-release/patches/1485347-2-63a1.patch

@@ -0,0 +1,105 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1535057961 14400
+#      Thu Aug 23 16:59:21 2018 -0400
+# Node ID b09a2762f0e5533dab80401953121580134a2c6e
+# Parent  062e83bc3edd8128f96993a6f0c8d5796588d604
+Bug 1485347 - Part 2: Remove CheckScriptDataIntegrity. r=jandem
+
+This diagnostic did not provide value and should be removed to allow
+further cleanup.
+
+MozReview-Commit-ID: 49XJM0G7NAP
+
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -68,31 +68,16 @@
+ using namespace js;
+ using namespace js::gc;
+ using namespace js::frontend;
+ 
+ using mozilla::Maybe;
+ using mozilla::PodCopy;
+ 
+ 
+-// Check that JSScript::data hasn't experienced obvious memory corruption.
+-// This is a diagnositic for Bug 1367896.
+-static void
+-CheckScriptDataIntegrity(JSScript* script)
+-{
+-    ScopeArray* sa = script->scopes();
+-    uint8_t* ptr = reinterpret_cast<uint8_t*>(sa->vector);
+-
+-    // Check that scope data - who's pointer is stored in data region - also
+-    // points within the data region.
+-    MOZ_RELEASE_ASSERT(ptr >= script->data &&
+-                       ptr + sa->length <= script->data + script->dataSize(),
+-                       "Corrupt JSScript::data");
+-}
+-
+ template<XDRMode mode>
+ XDRResult
+ js::XDRScriptConst(XDRState<mode>* xdr, MutableHandleValue vp)
+ {
+     JSContext* cx = xdr->cx();
+ 
+     enum ConstTag {
+         SCRIPT_INT,
+@@ -363,18 +348,16 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+     RootedScript script(cx);
+     natoms = nsrcnotes = 0;
+     nconsts = nobjects = nscopes = nregexps = ntrynotes = nscopenotes = nyieldoffsets = 0;
+ 
+     if (mode == XDR_ENCODE) {
+         script = scriptp.get();
+         MOZ_ASSERT(script->functionNonDelazifying() == fun);
+ 
+-        CheckScriptDataIntegrity(script);
+-
+         if (!fun && script->treatAsRunOnce() && script->hasRunOnce()) {
+             // This is a toplevel or eval script that's runOnce.  We want to
+             // make sure that we're not XDR-saving an object we emitted for
+             // JSOP_OBJECT that then got modified.  So throw if we're not
+             // cloning in JSOP_OBJECT or if we ever didn't clone in it in the
+             // past.
+             Realm* realm = cx->realm();
+             if (!realm->creationOptions().cloneSingletons() ||
+@@ -883,18 +866,16 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+ 
+         MOZ_TRY(XDRRelazificationInfo(xdr, fun, script, scriptEnclosingScope, &lazy));
+ 
+         if (mode == XDR_DECODE)
+             script->setLazyScript(lazy);
+     }
+ 
+     if (mode == XDR_DECODE) {
+-        CheckScriptDataIntegrity(script);
+-
+         scriptp.set(script);
+ 
+         /* see BytecodeEmitter::tellDebuggerAboutCompiledScript */
+         if (!fun && !cx->helperThread())
+             Debugger::onNewScript(cx, script);
+     }
+ 
+     return Ok();
+@@ -3444,18 +3425,16 @@ js::detail::CopyScript(JSContext* cx, Ha
+ {
+     if (src->treatAsRunOnce() && !src->functionNonDelazifying()) {
+         JS_ReportErrorASCII(cx, "No cloning toplevel run-once scripts");
+         return false;
+     }
+ 
+     /* NB: Keep this in sync with XDRScript. */
+ 
+-    CheckScriptDataIntegrity(src);
+-
+     /* Some embeddings are not careful to use ExposeObjectToActiveJS as needed. */
+     MOZ_ASSERT(!src->sourceObject()->isMarkedGray());
+ 
+     uint32_t nconsts   = src->hasConsts()   ? src->consts()->length   : 0;
+     uint32_t nobjects  = src->hasObjects()  ? src->objects()->length  : 0;
+     uint32_t nscopes   = src->scopes()->length;
+     uint32_t ntrynotes = src->hasTrynotes() ? src->trynotes()->length : 0;
+     uint32_t nscopenotes = src->hasScopeNotes() ? src->scopeNotes()->length : 0;

frg/work-js/mozilla-release/patches/1487346-1-63a1.patch

@@ -0,0 +1,217 @@
+# HG changeset patch
+# User Jon Coppeard <jcoppeard@mozilla.com>
+# Date 1535716505 -3600
+# Node ID afbecefb2defdc42bbd6a20563fb4cef800500a3
+# Parent  91753cca93e98dc9ca0cf7fcc8cb1d27d83777e8
+Bug 1487346 - Replace shell module loader property with a hook function r=anba
+
+diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js
+--- a/js/src/shell/ModuleLoader.js
++++ b/js/src/shell/ModuleLoader.js
+@@ -170,15 +170,16 @@ const ReflectLoader = new class {
+     }
+ 
+     ["import"](name, referrer) {
+         let path = this.resolve(name, null);
+         return this.loadAndExecute(path);
+     }
+ };
+ 
++setModuleLoadHook((path) => ReflectLoader.importRoot(path));
++
+ setModuleResolveHook((module, requestName) => {
+     let path = ReflectLoader.resolve(requestName, module);
+     return ReflectLoader.loadAndParse(path);
+ });
+ 
+-Reflect.Loader = ReflectLoader;
+ }
+diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
+--- a/js/src/shell/js.cpp
++++ b/js/src/shell/js.cpp
+@@ -169,17 +169,18 @@ enum JSShellExitCode {
+     EXITCODE_FILE_NOT_FOUND     = 4,
+     EXITCODE_OUT_OF_MEMORY      = 5,
+     EXITCODE_TIMEOUT            = 6
+ };
+ 
+ // Define use of application-specific slots on the shell's global object.
+ enum GlobalAppSlot
+ {
+-    GlobalAppSlotModuleResolveHook,
++    GlobalAppSlotModuleLoadHook,           // Shell-specific; load a module graph
++    GlobalAppSlotModuleResolveHook,        // HostResolveImportedModule
+     GlobalAppSlotCount
+ };
+ static_assert(GlobalAppSlotCount <= JSCLASS_GLOBAL_APPLICATION_SLOTS,
+               "Too many applications slots defined for shell global");
+ 
+ /*
+  * Note: This limit should match the stack limit set by the browser in
+  *       js/xpconnect/src/XPCJSContext.cpp
+@@ -873,82 +874,57 @@ InitModuleLoader(JSContext* cx)
+     options.werrorOption = true;
+     options.strictOption = true;
+ 
+     RootedValue rv(cx);
+     return Evaluate(cx, options, src.get(), srcLen, &rv);
+ }
+ 
+ static bool
+-GetLoaderObject(JSContext* cx, MutableHandleObject resultOut)
+-{
+-    // Look up the |Reflect.Loader| object that has been defined by the module
+-    // loader.
+-
+-    RootedObject object(cx, cx->global());
+-    RootedValue value(cx);
+-    if (!JS_GetProperty(cx, object, "Reflect", &value) || !value.isObject())
+-        return false;
+-
+-    object = &value.toObject();
+-    if (!JS_GetProperty(cx, object, "Loader", &value) || !value.isObject())
+-        return false;
+-
+-    resultOut.set(&value.toObject());
+-    return true;
+-}
+-
+-static bool
+-GetImportRootMethod(JSContext* cx, HandleObject loader, MutableHandleFunction resultOut)
+-{
+-    // Look up the module loader's |importRoot| method.
+-
+-    RootedValue value(cx);
+-    if (!JS_GetProperty(cx, loader, "importRoot", &value) || !value.isObject())
+-        return false;
+-
+-    RootedObject object(cx, &value.toObject());
+-    if (!object->is<JSFunction>())
+-        return false;
+-
+-    resultOut.set(&object->as<JSFunction>());
++GetModuleImportHook(JSContext* cx, MutableHandleFunction resultOut)
++{
++    Handle<GlobalObject*> global = cx->global();
++    RootedValue hookValue(cx, global->getReservedSlot(GlobalAppSlotModuleLoadHook));
++    if (hookValue.isUndefined()) {
++        JS_ReportErrorASCII(cx, "Module load hook not set");
++        return false;
++    }
++
++    if (!hookValue.isObject() || !hookValue.toObject().is<JSFunction>()) {
++        JS_ReportErrorASCII(cx, "Module load hook is not a function");
++        return false;
++    }
++
++    resultOut.set(&hookValue.toObject().as<JSFunction>());
+     return true;
+ }
+ 
+ static MOZ_MUST_USE bool
+ RunModule(JSContext* cx, const char* filename, FILE* file, bool compileOnly)
+ {
+-    // Execute a module by calling Reflect.Loader.importRoot on the resolved
+-    // filename.
+-
+-    RootedObject loaderObj(cx);
+-    if (!GetLoaderObject(cx, &loaderObj)) {
+-        JS_ReportErrorASCII(cx, "Failed to get Reflect.Loader");
+-        return false;
+-    }
++    // Execute a module by calling the module loader's import hook on the
++    // resolved filename.
+ 
+     RootedFunction importFun(cx);
+-    if (!GetImportRootMethod(cx, loaderObj, &importFun)) {
+-        JS_ReportErrorASCII(cx, "Failed to get Reflect.Loader.importRoot method");
+-        return false;
+-    }
++    if (!GetModuleImportHook(cx, &importFun))
++        return false;
+ 
+     RootedString path(cx, JS_NewStringCopyZ(cx, filename));
+     if (!path)
+         return false;
+ 
+     path = ResolvePath(cx, path, RootRelative);
+     if (!path)
+         return false;
+ 
+     JS::AutoValueArray<1> args(cx);
+     args[0].setString(path);
+ 
+     RootedValue value(cx);
+-    return JS_CallFunction(cx, loaderObj, importFun, args, &value);
++    return JS_CallFunction(cx, nullptr, importFun, args, &value);
+ }
+ 
+ static bool
+ EnqueueJob(JSContext* cx, unsigned argc, Value* vp)
+ {
+     CallArgs args = CallArgsFromVp(argc, vp);
+ 
+     if (!IsCallable(args.get(0))) {
+@@ -4261,16 +4237,39 @@ ParseModule(JSContext* cx, unsigned argc
+     if (!module)
+         return false;
+ 
+     args.rval().setObject(*module);
+     return true;
+ }
+ 
+ static bool
++SetModuleLoadHook(JSContext* cx, unsigned argc, Value* vp)
++{
++    CallArgs args = CallArgsFromVp(argc, vp);
++    if (args.length() != 1) {
++        JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_MORE_ARGS_NEEDED,
++                                  "setModuleLoadHook", "0", "s");
++        return false;
++    }
++
++    if (!args[0].isObject() || !args[0].toObject().is<JSFunction>()) {
++        const char* typeName = InformalValueTypeName(args[0]);
++        JS_ReportErrorASCII(cx, "expected hook function, got %s", typeName);
++        return false;
++    }
++
++    Handle<GlobalObject*> global = cx->global();
++    global->setReservedSlot(GlobalAppSlotModuleLoadHook, args[0]);
++
++    args.rval().setUndefined();
++    return true;
++}
++
++static bool
+ SetModuleResolveHook(JSContext* cx, unsigned argc, Value* vp)
+ {
+     CallArgs args = CallArgsFromVp(argc, vp);
+     if (args.length() != 1) {
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_MORE_ARGS_NEEDED,
+                                   "setModuleResolveHook", "0", "s");
+         return false;
+     }
+@@ -6803,16 +6802,22 @@ static const JSFunctionSpecWithHelp shel
+     JS_FN_HELP("compile", Compile, 1, 0,
+ "compile(code)",
+ "  Compiles a string to bytecode, potentially throwing."),
+ 
+     JS_FN_HELP("parseModule", ParseModule, 1, 0,
+ "parseModule(code)",
+ "  Parses source text as a module and returns a Module object."),
+ 
++    JS_FN_HELP("setModuleLoadHook", SetModuleLoadHook, 1, 0,
++"setModuleLoadHook(function(path))",
++"  Set the shell specific module load hook to |function|.\n"
++"  This hook is used to load a module graph.  It should be implemented by the\n"
++"  module loader."),
++
+     JS_FN_HELP("setModuleResolveHook", SetModuleResolveHook, 1, 0,
+ "setModuleResolveHook(function(module, specifier) {})",
+ "  Set the HostResolveImportedModule hook to |function|.\n"
+ "  This hook is used to look up a previously loaded module object.  It should\n"
+ "  be implemented by the module loader."),
+ 
+     JS_FN_HELP("getModuleLoadPath", GetModuleLoadPath, 0, 0,
+ "getModuleLoadPath()",

frg/work-js/mozilla-release/patches/1487346-2-63a1.patch

@@ -0,0 +1,26 @@
+# HG changeset patch
+# User Jon Coppeard <jcoppeard@mozilla.com>
+# Date 1535718091 -3600
+# Node ID 19ae3c2784141d821c15da480bcd9e77a6e2f9c2
+# Parent  534f1b826d882b871189a852c721c2fcd5ca8401
+Bug 1487346 - Fix JS lint error on a CLOSED TREE r=me
+
+diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js
+--- a/js/src/shell/ModuleLoader.js
++++ b/js/src/shell/ModuleLoader.js
+@@ -1,14 +1,14 @@
+ /* -*- Mode: javascript; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+ /* This Source Code Form is subject to the terms of the Mozilla Public
+  * License, v. 2.0. If a copy of the MPL was not distributed with this
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+-/* global getModuleLoadPath setModuleResolveHook parseModule os */
++/* global getModuleLoadPath setModuleLoadHook setModuleResolveHook parseModule os */
+ 
+ // A basic synchronous module loader for testing the shell.
+ {
+ // Save standard built-ins before scripts can modify them.
+ const ArrayPrototypeJoin = Array.prototype.join;
+ const MapPrototypeGet = Map.prototype.get;
+ const MapPrototypeHas = Map.prototype.has;
+ const MapPrototypeSet = Map.prototype.set;

frg/work-js/mozilla-release/patches/mozilla-esr68-push_483182.patch → frg/work-js/mozilla-release/patches/1489477-2-64a1.patch

@@ -3,13 +3,13 @@
 # Date 1539279237 -3600
 #      Thu Oct 11 18:33:57 2018 +0100
 # Node ID f8b19c4105d2e0e78a5a2ffd8843c93c12af5c79
-# Parent  f73e13de8e712a5188866e4331f0cc6000a568cd
+# Parent  612f5de4f6dc6cf5404fd42d0dfc3b204eec04be
 Bug 1489477 - Stop modules from entraining the top-level JSScript r=sfink
 
 diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
 --- a/js/src/builtin/ModuleObject.cpp
 +++ b/js/src/builtin/ModuleObject.cpp
-@@ -984,28 +984,32 @@ AssertModuleScopesMatch(ModuleObject* mo
+@@ -954,28 +954,32 @@ AssertModuleScopesMatch(ModuleObject* mo
  void
  ModuleObject::fixEnvironmentsAfterCompartmentMerge()
  {
@@ -48,12 +48,12 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
      MOZ_ASSERT(status >= MODULE_STATUS_UNINSTANTIATED &&
                 status <= MODULE_STATUS_EVALUATED_ERROR);
  }
-@@ -1152,16 +1156,21 @@ ModuleObject::execute(JSContext* cx, Han
+@@ -1114,16 +1118,21 @@ ModuleObject::execute(JSContext* cx, Han
+ {
  #ifdef DEBUG
      MOZ_ASSERT(self->status() == MODULE_STATUS_EVALUATING);
-     if (!AssertFrozen(cx, self)) {
+     if (!AssertFrozen(cx, self))
          return false;
-     }
  #endif
  
      RootedScript script(cx, self->script());
@@ -73,7 +73,7 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
 diff --git a/js/src/builtin/ModuleObject.h b/js/src/builtin/ModuleObject.h
 --- a/js/src/builtin/ModuleObject.h
 +++ b/js/src/builtin/ModuleObject.h
-@@ -297,16 +297,17 @@ class ModuleObject : public NativeObject
+@@ -292,16 +292,17 @@ class ModuleObject : public NativeObject
                                HandleArrayObject indiretExportEntries,
                                HandleArrayObject starExportEntries);
      static bool Freeze(JSContext* cx, HandleModuleObject self);
@@ -91,7 +91,7 @@ diff --git a/js/src/builtin/ModuleObject.h b/js/src/builtin/ModuleObject.h
      ModuleStatus status() const;
      bool hadEvaluationError() const;
      Value evaluationError() const;
-@@ -343,17 +344,16 @@ class ModuleObject : public NativeObject
+@@ -338,17 +339,16 @@ class ModuleObject : public NativeObject
                                                    HandleObject exports);
  
    private:
@@ -112,7 +112,7 @@ diff --git a/js/src/builtin/ModuleObject.h b/js/src/builtin/ModuleObject.h
 diff --git a/js/src/jsapi.h b/js/src/jsapi.h
 --- a/js/src/jsapi.h
 +++ b/js/src/jsapi.h
-@@ -3115,16 +3115,19 @@ GetRequestedModules(JSContext* cx, JS::H
+@@ -3960,16 +3960,19 @@ GetRequestedModules(JSContext* cx, JS::H
  
  extern JS_PUBLIC_API(JSString*)
  GetRequestedModuleSpecifier(JSContext* cx, JS::HandleValue requestedModuleObject);
@@ -129,9 +129,9 @@ diff --git a/js/src/jsapi.h b/js/src/jsapi.h
  
  } /* namespace JS */
  
- #if defined(JS_BUILD_BINAST)
+ extern JS_PUBLIC_API(bool)
+ JS_CheckForInterrupt(JSContext* cx);
  
- namespace JS {
 diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js
 --- a/js/src/shell/ModuleLoader.js
 +++ b/js/src/shell/ModuleLoader.js
@@ -191,7 +191,7 @@ diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js
 diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 --- a/js/src/shell/js.cpp
 +++ b/js/src/shell/js.cpp
-@@ -187,16 +187,17 @@ enum JSShellExitCode {
+@@ -171,16 +171,17 @@ enum JSShellExitCode {
      EXITCODE_TIMEOUT            = 6
  };
  
@@ -209,26 +209,26 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
  /*
   * Note: This limit should match the stack limit set by the browser in
   *       js/xpconnect/src/XPCJSContext.cpp
-@@ -3270,17 +3271,17 @@ DisassembleToSprinter(JSContext* cx, uns
-             }
+@@ -3005,17 +3006,17 @@ DisassembleToSprinter(JSContext* cx, uns
+                 return false;
          }
      } else {
          for (unsigned i = 0; i < p.argc; i++) {
              RootedFunction fun(cx);
              RootedScript script(cx);
              RootedValue value(cx, p.argv[i]);
-             if (value.isObject() && value.toObject().is<ModuleObject>()) {
+             if (value.isObject() && value.toObject().is<ModuleObject>())
 -                script = value.toObject().as<ModuleObject>().script();
 +                script = value.toObject().as<ModuleObject>().maybeScript();
-             } else {
+             else
                  script = TestingFunctionArgumentToScript(cx, value, fun.address());
-             }
-             if (!script) {
+             if (!script)
                  return false;
-             }
-             if (!DisassembleScript(cx, script, fun, p.lines, p.recursive, p.sourceNotes, sprinter)) {
+             if (!DisassembleScript(cx, script, fun, p.lines, p.recursive, p.sourceNotes, sprinter))
                  return false;
-@@ -4745,33 +4746,55 @@ CallModuleResolveHook(JSContext* cx, Han
+         }
+     }
+@@ -4310,31 +4311,55 @@ CallModuleResolveHook(JSContext* cx, Han
           JS_ReportErrorASCII(cx, "Module resolve hook did not return Module object");
           return nullptr;
      }
@@ -245,13 +245,11 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 -    MOZ_ASSERT(filename);
 -
 -    RootedString url(cx, NewStringCopyZ<CanGC>(cx, filename));
--    if (!url) {
+-    if (!url)
 -        return false;
--    }
 -
--    if (!JS_DefineProperty(cx, metaObject, "url", url, JSPROP_ENUMERATE)) {
+-    if (!JS_DefineProperty(cx, metaObject, "url", url, JSPROP_ENUMERATE))
 -        return false;
--    }
 -
 -    return true;
 +SetModuleMetadataHook(JSContext* cx, unsigned argc, Value* vp)
@@ -301,7 +299,7 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      CallArgs args = CallArgsFromVp(argc, vp);
  
      ShellContext* sc = GetShellContext(cx);
-@@ -7253,17 +7276,21 @@ DumpScopeChain(JSContext* cx, unsigned a
+@@ -6134,17 +6159,21 @@ DumpScopeChain(JSContext* cx, unsigned a
      if (obj->is<JSFunction>()) {
          RootedFunction fun(cx, &obj->as<JSFunction>());
          if (!fun->isInterpreted()) {
@@ -324,7 +322,7 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      return true;
  }
  
-@@ -7973,16 +8000,22 @@ static const JSFunctionSpecWithHelp shel
+@@ -6814,16 +6843,22 @@ static const JSFunctionSpecWithHelp shel
  "  module loader."),
  
      JS_FN_HELP("setModuleResolveHook", SetModuleResolveHook, 1, 0,
@@ -344,29 +342,32 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
  "  Return any --module-load-path argument passed to the shell.  Used by the\n"
  "  module loader.\n"),
  
- #if defined(JS_BUILD_BINAST)
- 
- JS_FN_HELP("parseBin", BinParse, 1, 0,
-@@ -9682,17 +9715,17 @@ ProcessArgs(JSContext* cx, OptionParser*
+     JS_FN_HELP("parse", Parse, 1, 0,
+ "parse(code)",
+ "  Parses a string, potentially throwing."),
+@@ -8291,18 +8326,19 @@ ProcessArgs(JSContext* cx, OptionParser*
+         sc->moduleLoadPath = UniqueChars(JS_EncodeString(cx, absolutePath));
      } else {
          sc->moduleLoadPath = js::shell::GetCWD();
      }
  
-     if (!sc->moduleLoadPath) {
+     if (!sc->moduleLoadPath)
          return false;
-     }
  
--    if (!modulePaths.empty() && !InitModuleLoader(cx)) {
+-    if (!modulePaths.empty() && !InitModuleLoader(cx))
+-        return false;
 +    if (!InitModuleLoader(cx)) {
-         return false;
-     }
++        return false;
++    }
  
-     while (!filePaths.empty() || !codeChunks.empty() || !modulePaths.empty() || !binASTPaths.empty()) {
+     while (!filePaths.empty() || !codeChunks.empty() || !modulePaths.empty()) {
          size_t fpArgno = filePaths.empty() ? SIZE_MAX : filePaths.argno();
          size_t ccArgno = codeChunks.empty() ? SIZE_MAX : codeChunks.argno();
          size_t mpArgno = modulePaths.empty() ? SIZE_MAX : modulePaths.argno();
-         size_t baArgno = binASTPaths.empty() ? SIZE_MAX : binASTPaths.argno();
-@@ -10684,17 +10717,17 @@ main(int argc, char** argv, char** envp)
+ 
+         if (fpArgno < ccArgno && fpArgno < mpArgno) {
+             char* path = filePaths.front();
+@@ -9190,17 +9226,17 @@ main(int argc, char** argv, char** envp)
          JS_SetGCParameter(cx, JSGC_DYNAMIC_MARK_SLICE, 1);
          JS_SetGCParameter(cx, JSGC_SLICE_TIME_BUDGET, 10);
      }
@@ -381,14 +382,14 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      result = Shell(cx, &op, envp);
  
  #ifdef DEBUG
-     if (OOM_printAllocationCount) {
+     if (OOM_printAllocationCount)
          printf("OOM max count: %" PRIu64 "\n", js::oom::counter);
-     }
  #endif
+ 
 diff --git a/js/src/vm/Stack.cpp b/js/src/vm/Stack.cpp
 --- a/js/src/vm/Stack.cpp
 +++ b/js/src/vm/Stack.cpp
-@@ -149,21 +149,23 @@ AssertScopeMatchesEnvironment(Scope* sco
+@@ -146,21 +146,23 @@ AssertScopeMatchesEnvironment(Scope* sco
                  env = &env->as<LexicalEnvironmentObject>().enclosingEnvironment();
                  MOZ_ASSERT(env->is<GlobalObject>());
                  break;

frg/work-js/mozilla-release/patches/mozilla-esr68-push_483185.patch → frg/work-js/mozilla-release/patches/1489477-3-64a1.patch

@@ -3,7 +3,7 @@
 # Date 1539281509 -10800
 #      Thu Oct 11 21:11:49 2018 +0300
 # Node ID bf766a8de9d730af010c6fc80b8619ed92ccb483
-# Parent  76efab1fc917e6efa5cb5c1335b530735be0d44f
+# Parent  3d4c592160bc22f04a92dc278c8b8519c9dfab22
 Bug 1489477 - Don't pre-create module metadata object when compiling: remove trailing space a=eslint-fix
 
 diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js

frg/work-js/mozilla-release/patches/1492074-64a1.patch

@@ -0,0 +1,42 @@
+# HG changeset patch
+# User Jon Coppeard <jcoppeard@mozilla.com>
+# Date 1537276630 -3600
+# Node ID 805f1a2737a0ef58a64cf8e7b6239543d4b45940
+# Parent  ebe97edd6a9bf3c4963183a64d19ce286d8eef1f
+Bug 1492074 - Syntax parse of dynamic module import syntax should fail since this is not yet implemented r=jandem on a CLOSED TREE
+
+diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
+--- a/js/src/frontend/Parser.cpp
++++ b/js/src/frontend/Parser.cpp
+@@ -9957,16 +9957,20 @@ GeneralParser<ParseHandler, CharT>::impo
+         return handler.newImportMeta(importHolder, metaHolder);
+     } else if (next == TokenKind::LeftParen) {
+         Node arg = assignExpr(InAllowed, yieldHandling, TripledotProhibited);
+         if (!arg)
+             return null();
+ 
+         MUST_MATCH_TOKEN_MOD(TokenKind::RightParen, TokenStream::Operand, JSMSG_PAREN_AFTER_ARGS);
+ 
++        if (!abortIfSyntaxParser()) {
++            return null();
++        }
++
+         return handler.newCallImport(importHolder, arg);
+     } else {
+         error(JSMSG_UNEXPECTED_TOKEN_NO_EXPECT, TokenKindToDesc(next));
+         return null();
+     }
+ }
+ 
+ template <class ParseHandler, typename CharT>
+diff --git a/js/src/jit-test/tests/modules/dynamic-import-lazy.js b/js/src/jit-test/tests/modules/dynamic-import-lazy.js
+new file mode 100644
+--- /dev/null
++++ b/js/src/jit-test/tests/modules/dynamic-import-lazy.js
+@@ -0,0 +1,6 @@
++// |jit-test| error: SyntaxError
++
++function lazyilyParsedFunction()
++{
++    return import("/module1.js");
++}

frg/work-js/mozilla-release/patches/1498980-64a1.patch

@@ -2,7 +2,7 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1539855213 -3600
 # Node ID 6b952be63f69e244ab688cdb7a84d121b009a162
-# Parent  8f74f5dbf5c0d12bebf84841b8553b179b7d04a0
+# Parent  58a6d667b65a6eff9bdaddbca678097312445d2a
 Bug 1498980 - Remove module environment from live debugger envionments after execution r=jorendorff
 
 diff --git a/js/src/jit-test/tests/modules/bug-1498980.js b/js/src/jit-test/tests/modules/bug-1498980.js
@@ -37,7 +37,7 @@ new file mode 100644
 diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
 --- a/js/src/vm/EnvironmentObject.cpp
 +++ b/js/src/vm/EnvironmentObject.cpp
-@@ -2802,20 +2802,21 @@ DebugEnvironments::takeFrameSnapshot(JSC
+@@ -2630,20 +2630,21 @@ DebugEnvironments::takeFrameSnapshot(JSC
       * copy of the unaliased variables' values in an array for later debugger
       * access via DebugEnvironmentProxy::handleUnaliasedAccess.
       *
@@ -60,7 +60,7 @@ diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
          // For simplicity, copy all frame slots from 0 to the frameSlotCount,
          // even if we don't need all of them (like in the case of a defaults
          // parameter scope having frame slots).
-@@ -2843,32 +2844,38 @@ DebugEnvironments::takeFrameSnapshot(JSC
+@@ -2669,32 +2670,38 @@ DebugEnvironments::takeFrameSnapshot(JSC
      } else {
          uint32_t frameSlotStart;
          uint32_t frameSlotEnd;
@@ -99,15 +99,15 @@ diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
              cx->recoverFromOutOfMemory();
              return;
          }
-         for (uint32_t slot = frameSlotStart; slot < frameSlotCount; slot++) {
+         for (uint32_t slot = frameSlotStart; slot < frameSlotCount; slot++)
              vec[slot - frameSlotStart].set(frame.unaliasedLocal(slot));
-         }
-@@ -3018,16 +3025,22 @@ DebugEnvironments::onPopWith(AbstractFra
+     }
+@@ -2832,16 +2839,22 @@ void
+ DebugEnvironments::onPopWith(AbstractFramePtr frame)
  {
      Realm* realm = frame.realm();
-     if (DebugEnvironments* envs = realm->debugEnvs()) {
+     if (DebugEnvironments* envs = realm->debugEnvs())
          envs->liveEnvs.remove(&frame.environmentChain()->as<WithEnvironmentObject>());
-     }
  }
  
  void
@@ -128,7 +128,7 @@ diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
 diff --git a/js/src/vm/EnvironmentObject.h b/js/src/vm/EnvironmentObject.h
 --- a/js/src/vm/EnvironmentObject.h
 +++ b/js/src/vm/EnvironmentObject.h
-@@ -1049,16 +1049,17 @@ class DebugEnvironments
+@@ -1039,16 +1039,17 @@ class DebugEnvironments
      // In debug-mode, these must be called whenever exiting a scope that might
      // have stack-allocated locals.
      static void onPopCall(JSContext* cx, AbstractFramePtr frame);
@@ -149,14 +149,14 @@ diff --git a/js/src/vm/EnvironmentObject.h b/js/src/vm/EnvironmentObject.h
 diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp
 --- a/js/src/vm/Interpreter.cpp
 +++ b/js/src/vm/Interpreter.cpp
-@@ -1238,20 +1238,24 @@ PopEnvironment(JSContext* cx, Environmen
+@@ -1095,20 +1095,24 @@ PopEnvironment(JSContext* cx, Environmen
+       case ScopeKind::FunctionBodyVar:
+       case ScopeKind::ParameterExpressionVar:
        case ScopeKind::StrictEval:
-         if (MOZ_UNLIKELY(cx->realm()->isDebuggee())) {
+         if (MOZ_UNLIKELY(cx->realm()->isDebuggee()))
              DebugEnvironments::onPopVar(cx, ei);
-         }
-         if (ei.scope().hasEnvironment()) {
+         if (ei.scope().hasEnvironment())
              ei.initialFrame().popOffEnvironmentChain<VarEnvironmentObject>();
-         }
          break;
 +      case ScopeKind::Module:
 +        if (MOZ_UNLIKELY(cx->realm()->isDebuggee())) {
@@ -175,4 +175,3 @@ diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp
      }
  }
  
-

frg/work-js/mozilla-release/patches/1499140-1-64a1.patch

@@ -2,7 +2,7 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1540204096 -3600
 # Node ID 430db29f46858faff930e2ec3ed45fbf13a73a20
-# Parent  fa6b7a70f2db81835c314543031fb6ce251fafce
+# Parent  36b67822ed118c69cfd6db466edacf8e221f0ad2
 Bug 1499140 - Implement support for dynamic module import in the interpreter r=jandem
 
 diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
@@ -26,7 +26,7 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
  #include "gc/Tracer.h"
  #include "vm/AsyncFunction.h"
  #include "vm/AsyncIteration.h"
-@@ -1800,8 +1801,93 @@ js::GetOrCreateModuleMetaObject(JSContex
+@@ -1693,8 +1694,93 @@ js::GetOrCreateModuleMetaObject(JSContex
      if (!func(cx, modulePrivate, metaObject)) {
          return nullptr;
      }
@@ -123,7 +123,7 @@ diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
 diff --git a/js/src/builtin/ModuleObject.h b/js/src/builtin/ModuleObject.h
 --- a/js/src/builtin/ModuleObject.h
 +++ b/js/src/builtin/ModuleObject.h
-@@ -414,16 +414,26 @@ class MOZ_STACK_CLASS ModuleBuilder
+@@ -410,16 +410,26 @@ class MOZ_STACK_CLASS ModuleBuilder
      ArrayObject* createArray(const JS::Rooted<GCVector<T>>& vector);
      template <typename K, typename V>
      ArrayObject* createArray(const JS::Rooted<GCHashMap<K, V>>& map);
@@ -153,12 +153,12 @@ diff --git a/js/src/builtin/ModuleObject.h b/js/src/builtin/ModuleObject.h
 diff --git a/js/src/builtin/Promise.cpp b/js/src/builtin/Promise.cpp
 --- a/js/src/builtin/Promise.cpp
 +++ b/js/src/builtin/Promise.cpp
-@@ -3399,16 +3399,26 @@ OriginalPromiseThenBuiltin(JSContext* cx
-     if (rvalUsed) {
-         rval.setObject(*resultCapability.promise());
-     } else {
-         rval.setUndefined();
-     }
+@@ -2491,16 +2491,26 @@ js::OriginalPromiseThen(JSContext* cx, H
+     // Step 5.
+     if (!PerformPromiseThen(cx, promise, onFulfilled, onRejected, resultPromise, resolve, reject))
+         return false;
+ 
+     dependent.set(resultPromise);
      return true;
  }
  
@@ -183,7 +183,7 @@ diff --git a/js/src/builtin/Promise.cpp b/js/src/builtin/Promise.cpp
 diff --git a/js/src/builtin/Promise.h b/js/src/builtin/Promise.h
 --- a/js/src/builtin/Promise.h
 +++ b/js/src/builtin/Promise.h
-@@ -220,16 +220,18 @@ OriginalPromiseThen(JSContext* cx, Handl
+@@ -128,16 +128,18 @@ OriginalPromiseThen(JSContext* cx, Handl
   * PromiseResolve ( C, x )
   *
   * The abstract operation PromiseResolve, given a constructor and a value,
@@ -195,31 +195,30 @@ diff --git a/js/src/builtin/Promise.h b/js/src/builtin/Promise.h
 +MOZ_MUST_USE bool
 +RejectPromiseWithPendingError(JSContext* cx, Handle<PromiseObject*> promise);
  
- /**
-  * Create the promise object which will be used as the return value of an async
-  * function.
-  */
  MOZ_MUST_USE PromiseObject*
  CreatePromiseObjectForAsync(JSContext* cx, HandleValue generatorVal);
  
+ MOZ_MUST_USE bool
+ IsPromiseForAsync(JSObject* promise);
+ 
+ MOZ_MUST_USE bool
 diff --git a/js/src/builtin/Stream.cpp b/js/src/builtin/Stream.cpp
 --- a/js/src/builtin/Stream.cpp
 +++ b/js/src/builtin/Stream.cpp
-@@ -519,26 +519,16 @@ ReportArgTypeError(JSContext* cx, const 
-         return;
-     }
+@@ -279,25 +279,16 @@ ReportArgTypeError(JSContext* cx, const 
+         return false;
  
-     JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_NOT_EXPECTED_TYPE, funName,
-                              expectedType, bytes.get());
+     return JS_ReportErrorFlagsAndNumberLatin1(cx, JSREPORT_ERROR, GetErrorMessage,
+                                               nullptr, JSMSG_NOT_EXPECTED_TYPE,
+                                               funName, expectedType, bytes.get());
  }
  
  static MOZ_MUST_USE bool
 -RejectWithPendingError(JSContext* cx, Handle<PromiseObject*> promise) {
 -    // Not much we can do about uncatchable exceptions, just bail.
 -    RootedValue exn(cx);
--    if (!GetAndClearException(cx, &exn)) {
+-    if (!GetAndClearException(cx, &exn))
 -        return false;
--    }
 -    return PromiseObject::reject(cx, promise, exn);
 -}
 -
@@ -227,39 +226,41 @@ diff --git a/js/src/builtin/Stream.cpp b/js/src/builtin/Stream.cpp
  ReturnPromiseRejectedWithPendingError(JSContext* cx, const CallArgs& args)
  {
      JSObject* promise = PromiseRejectedWithPendingError(cx);
-     if (!promise) {
+     if (!promise)
          return false;
-     }
  
      args.rval().setObject(*promise);
-@@ -1456,17 +1446,17 @@ ReadableStreamTee_Cancel(JSContext* cx, 
+     return true;
+@@ -1139,18 +1130,19 @@ ReadableStreamTee_Cancel(JSContext* cx, 
+         compositeReason->initDenseElement(1, teeState->reason2());
+         RootedValue compositeReasonVal(cx, ObjectValue(*compositeReason));
  
          Rooted<PromiseObject*> promise(cx, teeState->promise());
  
          // Step b: Let cancelResult be ! ReadableStreamCancel(stream, compositeReason).
          RootedObject cancelResult(cx, ReadableStream::cancel(cx, stream, compositeReasonVal));
-         {
-             AutoRealm ar(cx, promise);
-             if (!cancelResult) {
--                if (!RejectWithPendingError(cx, promise)) {
-+                if (!RejectPromiseWithPendingError(cx, promise)) {
-                     return nullptr;
-                 }
-             } else {
-                 // Step c: Resolve teeState.[[promise]] with cancelResult.
-                 RootedValue resultVal(cx, ObjectValue(*cancelResult));
-                 if (!cx->compartment()->wrap(cx, &resultVal)) {
-                     return nullptr;
-                 }
+         if (!cancelResult) {
+-            if (!RejectWithPendingError(cx, promise))
++            if (!RejectPromiseWithPendingError(cx, promise)) {
+                 return nullptr;
++            }
+         } else {
+             // Step c: Resolve teeState.[[promise]] with cancelResult.
+             RootedValue resultVal(cx, ObjectValue(*cancelResult));
+             if (!PromiseObject::resolve(cx, promise, resultVal))
+                 return nullptr;
+         }
+     }
+ 
 diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitter.cpp
 --- a/js/src/frontend/BytecodeEmitter.cpp
 +++ b/js/src/frontend/BytecodeEmitter.cpp
-@@ -8873,18 +8873,24 @@ BytecodeEmitter::emitTree(ParseNode* pn,
+@@ -8297,18 +8297,24 @@ BytecodeEmitter::emitTree(ParseNode* pn,
+         break;
  
        case ParseNodeKind::ImportMeta:
-         if (!emit1(JSOP_IMPORTMETA)) {
+         if (!emit1(JSOP_IMPORTMETA))
              return false;
-         }
          break;
  
        case ParseNodeKind::CallImport:
@@ -275,29 +276,29 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
 +        break;
  
        case ParseNodeKind::SetThis:
-         if (!emitSetThis(&pn->as<BinaryNode>())) {
+         if (!emitSetThis(pn))
              return false;
-         }
          break;
  
        case ParseNodeKind::PropertyName:
+       case ParseNodeKind::PosHolder:
 diff --git a/js/src/frontend/FullParseHandler.h b/js/src/frontend/FullParseHandler.h
 --- a/js/src/frontend/FullParseHandler.h
 +++ b/js/src/frontend/FullParseHandler.h
-@@ -568,17 +568,17 @@ FOR_EACH_PARSENODE_SUBCLASS(DECLARE_AS)
+@@ -556,17 +556,17 @@ class FullParseHandler
          return new_<NullaryNode>(ParseNodeKind::ExportBatchSpec, JSOP_NOP, pos);
      }
  
-     BinaryNodeType newImportMeta(NullaryNodeType importHolder, NullaryNodeType metaHolder) {
+     ParseNode* newImportMeta(ParseNode* importHolder, ParseNode* metaHolder) {
          return new_<BinaryNode>(ParseNodeKind::ImportMeta, JSOP_NOP, importHolder, metaHolder);
      }
  
-     BinaryNodeType newCallImport(NullaryNodeType importHolder, Node singleArg) {
+     ParseNode* newCallImport(ParseNode* importHolder, ParseNode* singleArg) {
 -        return new_<BinaryNode>(ParseNodeKind::CallImport, JSOP_NOP, importHolder, singleArg);
 +        return new_<BinaryNode>(ParseNodeKind::CallImport, JSOP_DYNAMIC_IMPORT, importHolder, singleArg);
      }
  
-     UnaryNodeType newExprStatement(Node expr, uint32_t end) {
+     ParseNode* newExprStatement(ParseNode* expr, uint32_t end) {
          MOZ_ASSERT(expr->pn_pos.end <= end);
          return new_<UnaryNode>(ParseNodeKind::ExpressionStatement,
                                 TokenPos(expr->pn_pos.begin, end), expr);
@@ -306,12 +307,12 @@ diff --git a/js/src/frontend/FullParseHandler.h b/js/src/frontend/FullParseHandl
 diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
 --- a/js/src/frontend/Parser.cpp
 +++ b/js/src/frontend/Parser.cpp
-@@ -10908,17 +10908,17 @@ GeneralParser<ParseHandler, Unit>::impor
+@@ -9957,17 +9957,17 @@ GeneralParser<ParseHandler, CharT>::impo
+         return handler.newImportMeta(importHolder, metaHolder);
      } else if (next == TokenKind::LeftParen) {
          Node arg = assignExpr(InAllowed, yieldHandling, TripledotProhibited);
-         if (!arg) {
+         if (!arg)
              return null();
-         }
  
          MUST_MATCH_TOKEN_MOD(TokenKind::RightParen, TokenStream::Operand, JSMSG_PAREN_AFTER_ARGS);
  
@@ -328,8 +329,8 @@ diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
 diff --git a/js/src/jit/BaselineCompiler.cpp b/js/src/jit/BaselineCompiler.cpp
 --- a/js/src/jit/BaselineCompiler.cpp
 +++ b/js/src/jit/BaselineCompiler.cpp
-@@ -1196,16 +1196,18 @@ BaselineCompiler::emitBody()
-         }
+@@ -1011,16 +1011,18 @@ BaselineCompiler::emitBody()
+             return Method_Error;
  
          switch (op) {
            // ===== NOT Yet Implemented =====
@@ -341,16 +342,16 @@ diff --git a/js/src/jit/BaselineCompiler.cpp b/js/src/jit/BaselineCompiler.cpp
 +            // Dynamic module import.
            case JSOP_UNUSED126:
            case JSOP_UNUSED206:
+           case JSOP_UNUSED223:
            case JSOP_LIMIT:
              // === !! WARNING WARNING WARNING !! ===
              // Do you really want to sacrifice performance by not implementing
              // this operation in the BaselineCompiler?
              JitSpew(JitSpew_BaselineAbort, "Unhandled op: %s", CodeName[op]);
-             return Method_CantCompile;
 diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp
 --- a/js/src/jit/IonBuilder.cpp
 +++ b/js/src/jit/IonBuilder.cpp
-@@ -2552,16 +2552,17 @@ IonBuilder::inspectOpcode(JSOp op)
+@@ -2441,16 +2441,17 @@ IonBuilder::inspectOpcode(JSOp op)
        // Misc
        case JSOP_DELNAME:
        case JSOP_FINALLY:
@@ -371,7 +372,7 @@ diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp
 diff --git a/js/src/js.msg b/js/src/js.msg
 --- a/js/src/js.msg
 +++ b/js/src/js.msg
-@@ -610,16 +610,17 @@ MSG_DEF(JSMSG_BAD_DEFAULT_EXPORT,       
+@@ -593,16 +593,17 @@ MSG_DEF(JSMSG_BAD_DEFAULT_EXPORT,       
  MSG_DEF(JSMSG_MISSING_INDIRECT_EXPORT,   0, JSEXN_SYNTAXERR, "indirect export not found")
  MSG_DEF(JSMSG_AMBIGUOUS_INDIRECT_EXPORT, 0, JSEXN_SYNTAXERR, "ambiguous indirect export")
  MSG_DEF(JSMSG_MISSING_IMPORT,            0, JSEXN_SYNTAXERR, "import not found")
@@ -392,7 +393,7 @@ diff --git a/js/src/js.msg b/js/src/js.msg
 diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
 --- a/js/src/jsapi.cpp
 +++ b/js/src/jsapi.cpp
-@@ -4136,16 +4136,41 @@ JS::GetModuleMetadataHook(JSRuntime* rt)
+@@ -4879,16 +4879,41 @@ JS::GetModuleMetadataHook(JSRuntime* rt)
  
  JS_PUBLIC_API(void)
  JS::SetModuleMetadataHook(JSRuntime* rt, JS::ModuleMetadataHook func)
@@ -432,12 +433,12 @@ diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
  {
      MOZ_ASSERT(!cx->zone()->isAtomsZone());
      AssertHeapIsIdle();
-     CHECK_THREAD(cx);
+     CHECK_REQUEST(cx);
  
 diff --git a/js/src/jsapi.h b/js/src/jsapi.h
 --- a/js/src/jsapi.h
 +++ b/js/src/jsapi.h
-@@ -3045,16 +3045,35 @@ GetModuleMetadataHook(JSRuntime* rt);
+@@ -3890,16 +3890,35 @@ GetModuleMetadataHook(JSRuntime* rt);
  
  /**
   * Set the hook for populating the import.meta metadata object to the given
@@ -476,7 +477,7 @@ diff --git a/js/src/jsapi.h b/js/src/jsapi.h
 diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 --- a/js/src/shell/js.cpp
 +++ b/js/src/shell/js.cpp
-@@ -4718,17 +4718,17 @@ SetModuleResolveHook(JSContext* cx, unsi
+@@ -4284,17 +4284,17 @@ SetModuleResolveHook(JSContext* cx, unsi
      Handle<GlobalObject*> global = cx->global();
      global->setReservedSlot(GlobalAppSlotModuleResolveHook, args[0]);
  
@@ -495,7 +496,7 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
          return nullptr;
      }
      MOZ_ASSERT(hookValue.toObject().is<JSFunction>());
-@@ -10783,17 +10783,17 @@ main(int argc, char** argv, char** envp)
+@@ -9280,17 +9280,17 @@ main(int argc, char** argv, char** envp)
          JS_SetGCParameter(cx, JSGC_DYNAMIC_HEAP_GROWTH, 1);
          JS_SetGCParameter(cx, JSGC_DYNAMIC_MARK_SLICE, 1);
          JS_SetGCParameter(cx, JSGC_SLICE_TIME_BUDGET, 10);
@@ -511,17 +512,17 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      result = Shell(cx, &op, envp);
  
  #ifdef DEBUG
-     if (OOM_printAllocationCount) {
+     if (OOM_printAllocationCount)
          printf("OOM max count: %" PRIu64 "\n", js::oom::counter);
-     }
+ #endif
 diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
 --- a/js/src/vm/EnvironmentObject.cpp
 +++ b/js/src/vm/EnvironmentObject.cpp
-@@ -3472,16 +3472,33 @@ js::GetModuleObjectForScript(JSScript* s
+@@ -3245,16 +3245,33 @@ js::GetModuleObjectForScript(JSScript* s
+ {
      for (ScopeIter si(script); si; si++) {
-         if (si.kind() == ScopeKind::Module) {
+         if (si.kind() == ScopeKind::Module)
              return si.scope()->as<ModuleScope>().module();
-         }
      }
      return nullptr;
  }
@@ -549,12 +550,12 @@ diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
  {
      RootedObject scopeChain(cx);
      RootedScope scope(cx);
-     if (!GetFrameEnvironmentAndScope(cx, frame, pc, &scopeChain, &scope)) {
+     if (!GetFrameEnvironmentAndScope(cx, frame, pc, &scopeChain, &scope))
          return false;
 diff --git a/js/src/vm/EnvironmentObject.h b/js/src/vm/EnvironmentObject.h
 --- a/js/src/vm/EnvironmentObject.h
 +++ b/js/src/vm/EnvironmentObject.h
-@@ -1177,17 +1177,21 @@ IsFrameInitialEnvironment(AbstractFrameP
+@@ -1161,17 +1161,21 @@ IsFrameInitialEnvironment(AbstractFrameP
      return false;
  }
  
@@ -580,12 +581,12 @@ diff --git a/js/src/vm/EnvironmentObject.h b/js/src/vm/EnvironmentObject.h
 diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp
 --- a/js/src/vm/Interpreter.cpp
 +++ b/js/src/vm/Interpreter.cpp
-@@ -4719,17 +4719,33 @@ CASE(JSOP_IMPORTMETA)
+@@ -4321,17 +4321,33 @@ CASE(JSOP_IMPORTMETA)
+     MOZ_ASSERT(module);
  
      JSObject* metaObject = GetOrCreateModuleMetaObject(cx, module);
-     if (!metaObject) {
+     if (!metaObject)
          goto error;
-     }
  
      PUSH_OBJECT(*metaObject);
  }
@@ -613,12 +614,12 @@ diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp
      ReservedRooted<JSObject*> superEnvFunc(&rootObject0, &GetSuperEnvFunction(cx, REGS));
      ReservedRooted<JSObject*> superFun(&rootObject1);
      superFun = SuperFunOperation(cx, superEnvFunc);
-     if (!superFun) {
+     if (!superFun)
          goto error;
 diff --git a/js/src/vm/Opcodes.h b/js/src/vm/Opcodes.h
 --- a/js/src/vm/Opcodes.h
 +++ b/js/src/vm/Opcodes.h
-@@ -2359,24 +2359,33 @@ 1234567890123456789012345678901234567890
+@@ -2358,24 +2358,33 @@ 1234567890123456789012345678901234567890
      /*
       * Push "import.meta"
       *
@@ -658,9 +659,9 @@ diff --git a/js/src/vm/Runtime.cpp b/js/src/vm/Runtime.cpp
 --- a/js/src/vm/Runtime.cpp
 +++ b/js/src/vm/Runtime.cpp
 @@ -171,17 +171,18 @@ JSRuntime::JSRuntime(JSRuntime* parentRu
-     autoWritableJitCodeActive_(false),
      oomCallback(nullptr),
      debuggerMallocSizeOf(ReturnZeroSize),
+     lastAnimationTime(0),
      performanceMonitoring_(),
      stackFormat_(parentRuntime ? js::StackFormat::Default
                                 : js::StackFormat::SpiderMonkey),
@@ -680,7 +681,7 @@ diff --git a/js/src/vm/Runtime.cpp b/js/src/vm/Runtime.cpp
 diff --git a/js/src/vm/Runtime.h b/js/src/vm/Runtime.h
 --- a/js/src/vm/Runtime.h
 +++ b/js/src/vm/Runtime.h
-@@ -976,16 +976,20 @@ struct JSRuntime : public js::MallocProv
+@@ -935,16 +935,20 @@ struct JSRuntime : public js::MallocProv
  
      // The implementation-defined abstract operation HostResolveImportedModule.
      js::MainThreadData<JS::ModuleResolveHook> moduleResolveHook;
@@ -693,18 +694,18 @@ diff --git a/js/src/vm/Runtime.h b/js/src/vm/Runtime.h
 +    // HostImportModuleDynamically.
 +    js::MainThreadData<JS::ModuleDynamicImportHook> moduleDynamicImportHook;
 +
-   public:
- #if defined(JS_BUILD_BINAST)
-     js::BinaryASTSupport& binast() {
-         return binast_;
-     }
-   private:
-     js::BinaryASTSupport binast_;
- #endif // defined(JS_BUILD_BINAST)
+ };
+ 
+ namespace js {
+ 
+ /*
+  * RAII class that takes the GC lock while it is live.
+  *
+  * Usually functions will pass const references of this class.  However
 diff --git a/js/src/vm/Scope.cpp b/js/src/vm/Scope.cpp
 --- a/js/src/vm/Scope.cpp
 +++ b/js/src/vm/Scope.cpp
-@@ -1218,22 +1218,16 @@ ModuleScope::createWithData(JSContext* c
+@@ -1201,22 +1201,16 @@ ModuleScope::createWithData(JSContext* c
  
  /* static */ Shape*
  ModuleScope::getEmptyEnvironmentShape(JSContext* cx)
@@ -730,7 +731,7 @@ diff --git a/js/src/vm/Scope.cpp b/js/src/vm/Scope.cpp
 diff --git a/js/src/vm/Scope.h b/js/src/vm/Scope.h
 --- a/js/src/vm/Scope.h
 +++ b/js/src/vm/Scope.h
-@@ -1022,18 +1022,16 @@ class ModuleScope : public Scope
+@@ -1001,18 +1001,16 @@ class ModuleScope : public Scope
      uint32_t nextFrameSlot() const {
          return data().nextFrameSlot;
      }
@@ -748,11 +749,11 @@ diff --git a/js/src/vm/Scope.h b/js/src/vm/Scope.h
  {
      friend class BindingIter;
      friend class Scope;
-     friend class GCMarker;
+     static const ScopeKind classScopeKind_ = ScopeKind::WasmInstance;
 diff --git a/js/src/vm/SelfHosting.cpp b/js/src/vm/SelfHosting.cpp
 --- a/js/src/vm/SelfHosting.cpp
 +++ b/js/src/vm/SelfHosting.cpp
-@@ -2178,25 +2178,18 @@ intrinsic_NameForTypedArray(JSContext* c
+@@ -2151,25 +2151,18 @@ intrinsic_NameForTypedArray(JSContext* c
  static bool
  intrinsic_HostResolveImportedModule(JSContext* cx, unsigned argc, Value* vp)
  {
@@ -782,7 +783,7 @@ diff --git a/js/src/vm/SelfHosting.cpp b/js/src/vm/SelfHosting.cpp
 diff --git a/js/src/vm/Stack.cpp b/js/src/vm/Stack.cpp
 --- a/js/src/vm/Stack.cpp
 +++ b/js/src/vm/Stack.cpp
-@@ -149,23 +149,21 @@ AssertScopeMatchesEnvironment(Scope* sco
+@@ -146,23 +146,21 @@ AssertScopeMatchesEnvironment(Scope* sco
                  env = &env->as<LexicalEnvironmentObject>().enclosingEnvironment();
                  MOZ_ASSERT(env->is<GlobalObject>());
                  break;
@@ -809,4 +810,3 @@ diff --git a/js/src/vm/Stack.cpp b/js/src/vm/Stack.cpp
                case ScopeKind::WasmFunction:
                  env = &env->as<WasmFunctionCallObject>().enclosingEnvironment();
                  break;
-

frg/work-js/mozilla-release/patches/1499140-2-64a1.patch

@@ -2,14 +2,14 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1540204097 -3600
 # Node ID 6592655e860e73040175e3a0de9d7a1ade2dea89
-# Parent  430db29f46858faff930e2ec3ed45fbf13a73a20
+# Parent  4ebd13de60768537b561fe627fa298426139749b
 Bug 1499140 - Compile dynamic module import bytecode r=jandem
 
 diff --git a/js/src/jit/BaselineCompiler.cpp b/js/src/jit/BaselineCompiler.cpp
 --- a/js/src/jit/BaselineCompiler.cpp
 +++ b/js/src/jit/BaselineCompiler.cpp
-@@ -1196,18 +1196,16 @@ BaselineCompiler::emitBody()
-         }
+@@ -1011,18 +1011,16 @@ BaselineCompiler::emitBody()
+             return Method_Error;
  
          switch (op) {
            // ===== NOT Yet Implemented =====
@@ -21,13 +21,13 @@ diff --git a/js/src/jit/BaselineCompiler.cpp b/js/src/jit/BaselineCompiler.cpp
 -            // Dynamic module import.
            case JSOP_UNUSED126:
            case JSOP_UNUSED206:
+           case JSOP_UNUSED223:
            case JSOP_LIMIT:
              // === !! WARNING WARNING WARNING !! ===
              // Do you really want to sacrifice performance by not implementing
              // this operation in the BaselineCompiler?
              JitSpew(JitSpew_BaselineAbort, "Unhandled op: %s", CodeName[op]);
-             return Method_CantCompile;
-@@ -5441,8 +5439,33 @@ BaselineCompiler::emit_JSOP_IMPORTMETA()
+@@ -5101,8 +5099,33 @@ BaselineCompiler::emit_JSOP_IMPORTMETA()
      if (!callVM(GetOrCreateModuleMetaObjectInfo)) {
          return false;
      }
@@ -64,7 +64,7 @@ diff --git a/js/src/jit/BaselineCompiler.cpp b/js/src/jit/BaselineCompiler.cpp
 diff --git a/js/src/jit/BaselineCompiler.h b/js/src/jit/BaselineCompiler.h
 --- a/js/src/jit/BaselineCompiler.h
 +++ b/js/src/jit/BaselineCompiler.h
-@@ -240,17 +240,18 @@ namespace jit {
+@@ -252,17 +252,18 @@ namespace jit {
      _(JSOP_TRY_DESTRUCTURING_ITERCLOSE) \
      _(JSOP_CHECKCLASSHERITAGE) \
      _(JSOP_INITHOMEOBJECT)     \
@@ -77,17 +77,17 @@ diff --git a/js/src/jit/BaselineCompiler.h b/js/src/jit/BaselineCompiler.h
 +    _(JSOP_IMPORTMETA)         \
 +    _(JSOP_DYNAMIC_IMPORT)
  
- class BaselineCompiler final
+ class BaselineCompiler : public BaselineCompilerSpecific
  {
-     JSContext* cx;
-     JSScript* script;
-     jsbytecode* pc;
-     StackMacroAssembler masm;
-     bool ionCompileable_;
+     FixedList<Label>            labels_;
+     NonAssertingLabel           return_;
+     NonAssertingLabel           postBarrierSlot_;
+ 
+     // Native code offset right before the scope chain is initialized.
 diff --git a/js/src/jit/CodeGenerator.cpp b/js/src/jit/CodeGenerator.cpp
 --- a/js/src/jit/CodeGenerator.cpp
 +++ b/js/src/jit/CodeGenerator.cpp
-@@ -3020,16 +3020,29 @@ static const VMFunction GetOrCreateModul
+@@ -2946,16 +2946,29 @@ static const VMFunction GetOrCreateModul
  
  void
  CodeGenerator::visitModuleMetadata(LModuleMetadata* lir)
@@ -138,7 +138,7 @@ diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp
  #include "jit/CompileInfo-inl.h"
  #include "jit/shared/Lowering-shared-inl.h"
  #include "vm/BytecodeUtil-inl.h"
-@@ -2484,16 +2485,19 @@ IonBuilder::inspectOpcode(JSOp op)
+@@ -2374,16 +2375,19 @@ IonBuilder::inspectOpcode(JSOp op)
          arr->setImplicitlyUsedUnchecked();
          pushConstant(BooleanValue(false));
          return Ok();
@@ -158,7 +158,7 @@ diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp
  
        // With
        case JSOP_ENTERWITH:
-@@ -2552,17 +2556,16 @@ IonBuilder::inspectOpcode(JSOp op)
+@@ -2441,17 +2445,16 @@ IonBuilder::inspectOpcode(JSOp op)
        // Misc
        case JSOP_DELNAME:
        case JSOP_FINALLY:
@@ -176,7 +176,7 @@ diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp
        case JSOP_FORCEINTERPRETER:
          // Intentionally not implemented.
          break;
-@@ -13824,16 +13827,30 @@ IonBuilder::jsop_importmeta()
+@@ -13177,16 +13180,30 @@ IonBuilder::jsop_importmeta()
      MOZ_ASSERT(module);
  
      MModuleMetadata* meta = MModuleMetadata::New(alloc(), module);
@@ -210,7 +210,7 @@ diff --git a/js/src/jit/IonBuilder.cpp b/js/src/jit/IonBuilder.cpp
 diff --git a/js/src/jit/IonBuilder.h b/js/src/jit/IonBuilder.h
 --- a/js/src/jit/IonBuilder.h
 +++ b/js/src/jit/IonBuilder.h
-@@ -588,16 +588,17 @@ class IonBuilder
+@@ -587,16 +587,17 @@ class IonBuilder
      AbortReasonOr<Ok> jsop_debugger();
      AbortReasonOr<Ok> jsop_newtarget();
      AbortReasonOr<Ok> jsop_checkisobj(uint8_t kind);
@@ -231,7 +231,7 @@ diff --git a/js/src/jit/IonBuilder.h b/js/src/jit/IonBuilder.h
 diff --git a/js/src/jit/Lowering.cpp b/js/src/jit/Lowering.cpp
 --- a/js/src/jit/Lowering.cpp
 +++ b/js/src/jit/Lowering.cpp
-@@ -2598,16 +2598,25 @@ void
+@@ -2561,16 +2561,25 @@ void
  LIRGenerator::visitModuleMetadata(MModuleMetadata* ins)
  {
      LModuleMetadata* lir = new(alloc()) LModuleMetadata();
@@ -260,7 +260,7 @@ diff --git a/js/src/jit/Lowering.cpp b/js/src/jit/Lowering.cpp
 diff --git a/js/src/jit/MIR.h b/js/src/jit/MIR.h
 --- a/js/src/jit/MIR.h
 +++ b/js/src/jit/MIR.h
-@@ -7814,16 +7814,32 @@ class MModuleMetadata : public MNullaryI
+@@ -8934,16 +8934,32 @@ class MModuleMetadata : public MNullaryI
          return AliasSet::None();
      }
  
@@ -296,7 +296,7 @@ diff --git a/js/src/jit/MIR.h b/js/src/jit/MIR.h
 diff --git a/js/src/jit/shared/LIR-shared.h b/js/src/jit/shared/LIR-shared.h
 --- a/js/src/jit/shared/LIR-shared.h
 +++ b/js/src/jit/shared/LIR-shared.h
-@@ -4898,16 +4898,37 @@ class LModuleMetadata : public LCallInst
+@@ -5615,16 +5615,37 @@ class LModuleMetadata : public LCallInst
          return mir_->toModuleMetadata();
      }
  
@@ -334,4 +334,3 @@ diff --git a/js/src/jit/shared/LIR-shared.h b/js/src/jit/shared/LIR-shared.h
      explicit LLambdaForSingleton(const LAllocation& envChain)
        : LCallInstructionHelper(classOpcode)
      {
-

frg/work-js/mozilla-release/patches/1499140-3-64a1.patch

@@ -2,7 +2,7 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1540204097 -3600
 # Node ID 41812db6cabaf796d6672786efa109ab771e3b2f
-# Parent  6592655e860e73040175e3a0de9d7a1ade2dea89
+# Parent  30a3ced5c3ba1cce84a5212142999221dd8857c9
 Bug 1499140 - Support dynamic module import in the shell r=jandem
 
 diff --git a/js/src/jit-test/tests/modules/dynamic-import-error.js b/js/src/jit-test/tests/modules/dynamic-import-error.js
@@ -259,7 +259,7 @@ diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js
 diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 --- a/js/src/shell/js.cpp
 +++ b/js/src/shell/js.cpp
-@@ -188,16 +188,17 @@ enum JSShellExitCode {
+@@ -172,16 +172,17 @@ enum JSShellExitCode {
  };
  
  // Define use of application-specific slots on the shell's global object.
@@ -277,13 +277,13 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
  /*
   * Note: This limit should match the stack limit set by the browser in
   *       js/xpconnect/src/XPCJSContext.cpp
-@@ -845,16 +846,42 @@ EnvironmentPreparer::invoke(HandleObject
+@@ -801,16 +802,42 @@ EnvironmentPreparer::invoke(HandleObject
+     MOZ_ASSERT(!JS_IsExceptionPending(cx));
  
-     AutoRealm ar(cx, global);
+     AutoRealm ar(cx, scope);
      AutoReportException are(cx);
-     if (!closure(cx)) {
+     if (!closure(cx))
          return;
-     }
  }
  
 +static bool
@@ -320,12 +320,12 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      // To support the UNIX #! shell hack, gobble the first line if it starts
      // with '#'.
      int ch = fgetc(file);
-@@ -878,16 +905,20 @@ RunFile(JSContext* cx, const char* filen
+@@ -833,16 +860,20 @@ RunFile(JSContext* cx, const char* filen
+                .setIsRunOnce(true)
                 .setNoScriptRval(true);
  
-         if (!JS::CompileUtf8File(cx, options, file, &script)) {
+         if (!JS::Compile(cx, options, file, &script))
              return false;
-         }
          MOZ_ASSERT(script);
      }
  
@@ -334,31 +334,19 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 +    }
 +
      #ifdef DEBUG
-         if (dumpEntrainedVariables) {
+         if (dumpEntrainedVariables)
              AnalyzeEntrainedVariables(cx, script);
-         }
      #endif
      if (!compileOnly) {
-         if (!JS_ExecuteScript(cx, script)) {
+         if (!JS_ExecuteScript(cx, script))
              return false;
-@@ -914,25 +945,28 @@ RunBinAST(JSContext* cx, const char* fil
-                .setNoScriptRval(true);
- 
-         script = JS::DecodeBinAST(cx, options, file);
-         if (!script) {
-             return false;
-         }
+         int64_t t2 = PRMJ_Now() - t1;
+@@ -850,17 +881,16 @@ RunFile(JSContext* cx, const char* filen
+             printf("runtime = %.3f ms\n", double(t2) / PRMJ_USEC_PER_MSEC);
      }
- 
-+    if (!RegisterScriptPathWithModuleLoader(cx, script, filename)) {
-+        return false;
-+    }
-+
-     return JS_ExecuteScript(cx, script);
+     return true;
  }
  
- #endif // JS_BUILD_BINAST
- 
  static bool
  InitModuleLoader(JSContext* cx)
  {
@@ -371,7 +359,7 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      if (!src || !DecompressString(moduleloader::compressedSources, moduleloader::GetCompressedSize(),
                                    reinterpret_cast<unsigned char*>(src.get()), srcLen))
      {
-@@ -4835,16 +4869,119 @@ ShellGetModulePrivate(JSContext* cx, uns
+@@ -4400,16 +4430,119 @@ ShellGetModulePrivate(JSContext* cx, uns
          return ReportArgumentTypeError(cx, args[0], "module object");
      }
  
@@ -490,8 +478,8 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      ShellContext* sc = GetShellContext(cx);
      if (sc->moduleLoadPath) {
          JSString* str = JS_NewStringCopyZ(cx, sc->moduleLoadPath.get());
-         if (!str) {
-@@ -8054,27 +8191,43 @@ static const JSFunctionSpecWithHelp shel
+         if (!str)
+@@ -6885,27 +7018,43 @@ static const JSFunctionSpecWithHelp shel
  
      JS_FN_HELP("setModuleLoadHook", SetModuleLoadHook, 1, 0,
  "setModuleLoadHook(function(path))",
@@ -536,7 +524,7 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
  "getModulePrivate(scriptObject)",
  "  Get the private value associated with a module object.\n"),
  
-@@ -10784,16 +10937,17 @@ main(int argc, char** argv, char** envp)
+@@ -9281,16 +9430,17 @@ main(int argc, char** argv, char** envp)
          JS_SetGCParameter(cx, JSGC_DYNAMIC_MARK_SLICE, 1);
          JS_SetGCParameter(cx, JSGC_SLICE_TIME_BUDGET, 10);
      }
@@ -551,30 +539,29 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
      result = Shell(cx, &op, envp);
  
  #ifdef DEBUG
-     if (OOM_printAllocationCount) {
+     if (OOM_printAllocationCount)
          printf("OOM max count: %" PRIu64 "\n", js::oom::counter);
-     }
+ #endif
 diff --git a/js/src/tests/lib/jittests.py b/js/src/tests/lib/jittests.py
 --- a/js/src/tests/lib/jittests.py
 +++ b/js/src/tests/lib/jittests.py
-@@ -367,18 +367,18 @@ class JitTest:
+@@ -332,18 +332,18 @@ class JitTest:
+         # We may have specified '-a' or '-d' twice: once via --jitflags, once
+         # via the "|jit-test|" line.  Remove dups because they are toggles.
          cmd = prefix + ['--js-cache', JitTest.CacheDir]
          cmd += list(set(self.jitflags))
          for expr in exprs:
              cmd += ['-e', expr]
          for inc in self.other_includes:
              cmd += ['-f', libdir + inc]
-         if self.skip_if_cond:
-             cmd += ['-e', "if ({}) quit({})".format(self.skip_if_cond, self.SKIPPED_EXIT_STATUS)]
 +        cmd += ['--module-load-path', moduledir]
          if self.is_module:
 -            cmd += ['--module-load-path', moduledir]
              cmd += ['--module', path]
-         elif self.is_binast:
-             # In builds with BinAST, this will run the test file. In builds without,
-             # It's a no-op and the tests will silently pass.
-             cmd += ['-B', path]
          elif self.test_reflect_stringify is None:
              cmd += ['-f', path]
          else:
-
+             cmd += ['--', self.test_reflect_stringify, "--check", path]
+ 
+         if self.valgrind:
+             cmd = self.VALGRIND_CMD + cmd

frg/work-js/mozilla-release/patches/1499140-4-64a1.patch

@@ -2,13 +2,13 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1540204097 -3600
 # Node ID a836d54d21da033ae12512de20e68b21454df06b
-# Parent  84f29739c1da074c184d5e21e73b59d083a0e29d
+# Parent  eb9eb37d327465852aa97e1fc1a6628827b1bce4
 Bug 1499140 - Add OOM tests for shell dynamic module import and fix bugs r=jandem
 
 diff --git a/js/src/builtin/Module.js b/js/src/builtin/Module.js
 --- a/js/src/builtin/Module.js
 +++ b/js/src/builtin/Module.js
-@@ -294,26 +294,27 @@ function ModuleInstantiate()
+@@ -299,26 +299,27 @@ function ModuleInstantiate()
      let stack = [];
  
      // Steps 4-5
@@ -50,4 +50,3 @@ new file mode 100644
 +
 +oomTest(() => import("module1.js"));
 +oomTest(() => import("cyclicImport1.js"));
-

frg/work-js/mozilla-release/patches/1499335-64a1.patch

@@ -2,7 +2,7 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1540211582 -3600
 # Node ID 80235331ce5f2bc78444739b388e5d64b7970eb9
-# Parent  dedd03c893c8cfa5a721b0a04cf5b26cee98db4b
+# Parent  d6299c0e04058cdf4263f164fb5ff83039483bc5
 Bug 1499335 - Support module specifiers containing inline data in the shell r=evilpie
 
 diff --git a/js/src/jit-test/tests/modules/inline-data.js b/js/src/jit-test/tests/modules/inline-data.js
@@ -123,4 +123,3 @@ diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js
          if (ReflectApply(MapPrototypeHas, this.registry, [normalized]))
              return ReflectApply(MapPrototypeGet, this.registry, [normalized]);
  
-

frg/work-js/mozilla-release/patches/1501154-65a1.patch

@@ -2,7 +2,7 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1540387761 -3600
 # Node ID 6f6a67ed98c7b70834768003df50993873e1a1de
-# Parent  034e53d3e7f06e67b30811198f020ad2cfa69998
+# Parent  c2a73e138956e3cda3ee4ad7d028f4a25a9fa934
 Bug 1501154 - Disallow the empty string as a module specifier in the shell and improve error handling in js::shell::FileAsString() r=bbouvier
 
 diff --git a/js/src/jit-test/tests/modules/bug-1501154.js b/js/src/jit-test/tests/modules/bug-1501154.js
@@ -62,10 +62,10 @@ diff --git a/js/src/shell/ModuleLoader.js b/js/src/shell/ModuleLoader.js
 diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 --- a/js/src/shell/js.cpp
 +++ b/js/src/shell/js.cpp
-@@ -2271,37 +2271,55 @@ js::shell::FileAsString(JSContext* cx, J
-     file = fopen(pathname.get(), "rb");
+@@ -2073,36 +2073,55 @@ js::shell::FileAsString(JSContext* cx, J
+     file = fopen(pathname.ptr(), "rb");
      if (!file) {
-         ReportCantOpenErrorUnknownEncoding(cx, pathname.get());
+         ReportCantOpenErrorUnknownEncoding(cx, pathname.ptr());
          return nullptr;
      }
  
@@ -83,11 +83,10 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 +    }
 +
      if (fseek(file, 0, SEEK_END) != 0) {
-         pathname = JS_EncodeStringToUTF8(cx, pathnameStr);
-         if (!pathname) {
+         pathname.clear();
+         if (!pathname.encodeUtf8(cx, pathnameStr))
              return nullptr;
-         }
-         JS_ReportErrorUTF8(cx, "can't seek end of %s", pathname.get());
+         JS_ReportErrorUTF8(cx, "can't seek end of %s", pathname.ptr());
          return nullptr;
      }
  
@@ -100,23 +99,24 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 +
 +    size_t len = endPos;
      if (fseek(file, 0, SEEK_SET) != 0) {
-         pathname = JS_EncodeStringToUTF8(cx, pathnameStr);
-         if (!pathname) {
+         pathname.clear();
+         if (!pathname.encodeUtf8(cx, pathnameStr))
              return nullptr;
-         }
-         JS_ReportErrorUTF8(cx, "can't seek start of %s", pathname.get());
+         JS_ReportErrorUTF8(cx, "can't seek start of %s", pathname.ptr());
          return nullptr;
      }
  
      UniqueChars buf(js_pod_malloc<char>(len + 1));
-     if (!buf) {
+-    if (!buf)
++    if (!buf) {
 +        JS_ReportErrorUTF8(cx, "out of memory reading %s", pathname.get());
          return nullptr;
-     }
++    }
  
      size_t cc = fread(buf.get(), 1, len, file);
      if (cc != len) {
          if (ptrdiff_t(cc) < 0) {
-             ReportCantOpenErrorUnknownEncoding(cx, pathname.get());
+             ReportCantOpenErrorUnknownEncoding(cx, pathname.ptr());
          } else {
-
+             pathname.clear();
+             if (!pathname.encodeUtf8(cx, pathnameStr))

frg/work-js/mozilla-release/patches/1501157-65a1.patch

@@ -2,13 +2,13 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1540375438 -3600
 # Node ID 8468729762b5111214f3d75f7b10f841227ad842
-# Parent  3f33fb9163fcfe2fc6890808730d4a13a1769671
+# Parent  2b4ae6fc7a4f4d8aa6473bdfc5ef4c6f9e60e84e
 Bug 1501157 - Allow checking whether dynamic module import is supported from helper threads r=jandem
 
 diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
 --- a/js/src/builtin/ModuleObject.cpp
 +++ b/js/src/builtin/ModuleObject.cpp
-@@ -1839,28 +1839,37 @@ js::StartDynamicModuleImport(JSContext* 
+@@ -1732,28 +1732,37 @@ js::StartDynamicModuleImport(JSContext* 
  
      RootedObject promiseObject(cx, JS::NewPromiseObject(cx, nullptr));
      if (!promiseObject) {
@@ -62,7 +62,7 @@ new file mode 100644
 diff --git a/js/src/vm/Runtime.h b/js/src/vm/Runtime.h
 --- a/js/src/vm/Runtime.h
 +++ b/js/src/vm/Runtime.h
-@@ -977,18 +977,19 @@ struct JSRuntime : public js::MallocProv
+@@ -936,19 +936,19 @@ struct JSRuntime : public js::MallocProv
      // The implementation-defined abstract operation HostResolveImportedModule.
      js::MainThreadData<JS::ModuleResolveHook> moduleResolveHook;
  
@@ -73,15 +73,15 @@ diff --git a/js/src/vm/Runtime.h b/js/src/vm/Runtime.h
      // A hook that implements the abstract operation
 -    // HostImportModuleDynamically.
 -    js::MainThreadData<JS::ModuleDynamicImportHook> moduleDynamicImportHook;
+-
 +    // HostImportModuleDynamically. This is also used to enable/disable dynamic
 +    // module import and can accessed by off-thread parsing.
 +    mozilla::Atomic<JS::ModuleDynamicImportHook> moduleDynamicImportHook;
+ };
  
-   public:
- #if defined(JS_BUILD_BINAST)
-     js::BinaryASTSupport& binast() {
-         return binast_;
-     }
-   private:
-     js::BinaryASTSupport binast_;
-
+ namespace js {
+ 
+ /*
+  * RAII class that takes the GC lock while it is live.
+  *
+  * Usually functions will pass const references of this class.  However

frg/work-js/mozilla-release/patches/1502481-1-65a1.patch

@@ -0,0 +1,130 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1540922501 0
+# Node ID 6ae3b85ff64cf43fea831634f36677592ba1453c
+# Parent  a4c6762dd244bdc5aa3a2f8c7daa12e2b60d8539
+Bug 1502481 - Use sourceStart/sourceEnd name within JSScript r=jandem
+
+Differential Revision: https://phabricator.services.mozilla.com/D9944
+
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -2619,77 +2619,74 @@ ScriptDataSize(uint32_t nscopes, uint32_
+         size += sizeof(ScopeNoteArray) + nscopenotes * sizeof(ScopeNote);
+     if (nyieldoffsets != 0)
+         size += sizeof(YieldAndAwaitOffsetArray) + nyieldoffsets * sizeof(uint32_t);
+ 
+      return size;
+ }
+ 
+ JSScript::JSScript(JS::Realm* realm, uint8_t* stubEntry, const ReadOnlyCompileOptions& options,
+-                   HandleObject sourceObject, uint32_t bufStart, uint32_t bufEnd,
++                   HandleObject sourceObject,
++                   uint32_t sourceStart, uint32_t sourceEnd,
+                    uint32_t toStringStart, uint32_t toStringEnd)
+   :
+ #ifndef JS_CODEGEN_NONE
+     jitCodeRaw_(stubEntry),
+     jitCodeSkipArgCheck_(stubEntry),
+ #endif
+     realm_(realm),
+-    sourceStart_(bufStart),
+-    sourceEnd_(bufEnd),
++    sourceStart_(sourceStart),
++    sourceEnd_(sourceEnd),
+     toStringStart_(toStringStart),
+     toStringEnd_(toStringEnd),
+ #ifdef MOZ_VTUNE
+     vtuneMethodId_(vtune::GenerateUniqueMethodID()),
+ #endif
+     bitFields_{} // zeroes everything -- some fields custom-assigned below
+ {
+-    // bufStart and bufEnd specify the range of characters parsed by the
+-    // Parser to produce this script. toStringStart and toStringEnd specify
+-    // the range of characters to be returned for Function.prototype.toString.
+-    MOZ_ASSERT(bufStart <= bufEnd);
+-    MOZ_ASSERT(toStringStart <= toStringEnd);
+-    MOZ_ASSERT(toStringStart <= bufStart);
+-    MOZ_ASSERT(toStringEnd >= bufEnd);
++    // See JSScript.h for further details.
++    MOZ_ASSERT(toStringStart <= sourceStart);
++    MOZ_ASSERT(sourceStart <= sourceEnd);
++    MOZ_ASSERT(sourceEnd <= toStringEnd);
+ 
+     bitFields_.noScriptRval_ = options.noScriptRval;
+     bitFields_.selfHosted_ = options.selfHostingMode;
+     bitFields_.treatAsRunOnce_ = options.isRunOnce;
+     bitFields_.hideScriptFromDebugger_ = options.hideScriptFromDebugger;
+ 
+     setSourceObject(sourceObject);
+ }
+ 
+ /* static */ JSScript*
+ JSScript::createInitialized(JSContext* cx, const ReadOnlyCompileOptions& options,
+-                            HandleObject sourceObject,
+-                            uint32_t bufStart, uint32_t bufEnd,
++                            HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
+                             uint32_t toStringStart, uint32_t toStringEnd)
+ {
+     void* script = Allocate<JSScript>(cx);
+     if (!script)
+         return nullptr;
+ 
+     uint8_t* stubEntry =
+ #ifndef JS_CODEGEN_NONE
+         cx->runtime()->jitRuntime()->interpreterStub().value
+ #else
+         nullptr
+ #endif
+         ;
+ 
+     return new (script) JSScript(cx->realm(), stubEntry, options, sourceObject,
+-                                 bufStart, bufEnd, toStringStart, toStringEnd);
++                                 sourceStart, sourceEnd, toStringStart, toStringEnd);
+ }
+ 
+ /* static */ JSScript*
+ JSScript::Create(JSContext* cx, const ReadOnlyCompileOptions& options,
+-                 HandleObject sourceObject, uint32_t bufStart, uint32_t bufEnd,
++                 HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
+                  uint32_t toStringStart, uint32_t toStringEnd)
+ {
+-    RootedScript script(cx, createInitialized(cx, options, sourceObject, bufStart, bufEnd,
++    RootedScript script(cx, createInitialized(cx, options, sourceObject, sourceStart, sourceEnd,
+                                               toStringStart, toStringEnd));
+     if (!script)
+         return nullptr;
+ 
+     if (cx->runtime()->lcovOutput().isEnabled()) {
+         if (!script->initScriptName(cx))
+             return nullptr;
+     }
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1201,22 +1201,22 @@ class JSScript : public js::gc::TenuredC
+                   js::MutableHandleScript scriptp);
+ 
+     friend bool
+     js::detail::CopyScript(JSContext* cx, js::HandleScript src, js::HandleScript dst,
+                            js::MutableHandle<JS::GCVector<js::Scope*>> scopes);
+ 
+   private:
+     JSScript(JS::Realm* realm, uint8_t* stubEntry, const JS::ReadOnlyCompileOptions& options,
+-             js::HandleObject sourceObject, uint32_t bufStart, uint32_t bufEnd,
++             js::HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
+              uint32_t toStringStart, uint32_t toStringend);
+ 
+     static JSScript* createInitialized(JSContext* cx, const JS::ReadOnlyCompileOptions& options,
+                                        js::HandleObject sourceObject,
+-                                       uint32_t bufStart, uint32_t bufEnd,
++                                       uint32_t sourceStart, uint32_t sourceEnd,
+                                        uint32_t toStringStart, uint32_t toStringEnd);
+ 
+   public:
+     static JSScript* Create(JSContext* cx,
+                             const JS::ReadOnlyCompileOptions& options,
+                             js::HandleObject sourceObject,
+                             uint32_t sourceStart, uint32_t sourceEnd,
+                             uint32_t toStringStart, uint32_t toStringEnd);

frg/work-js/mozilla-release/patches/1502481-2-65a1.patch

@@ -0,0 +1,124 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1540922585 0
+# Node ID 8ef875ecc9174342a4c68cbb0eb936f6a9724b60
+# Parent  495433aad6fa0011ca8aef29116cad81b9301562
+Bug 1502481 - Cleanup JSScript nits r=jandem
+
+Differential Revision: https://phabricator.services.mozilla.com/D9945
+
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -2631,27 +2631,27 @@ JSScript::JSScript(JS::Realm* realm, uin
+ #ifndef JS_CODEGEN_NONE
+     jitCodeRaw_(stubEntry),
+     jitCodeSkipArgCheck_(stubEntry),
+ #endif
+     realm_(realm),
+     sourceStart_(sourceStart),
+     sourceEnd_(sourceEnd),
+     toStringStart_(toStringStart),
+-    toStringEnd_(toStringEnd),
+-#ifdef MOZ_VTUNE
+-    vtuneMethodId_(vtune::GenerateUniqueMethodID()),
+-#endif
+-    bitFields_{} // zeroes everything -- some fields custom-assigned below
++    toStringEnd_(toStringEnd)
+ {
+     // See JSScript.h for further details.
+     MOZ_ASSERT(toStringStart <= sourceStart);
+     MOZ_ASSERT(sourceStart <= sourceEnd);
+     MOZ_ASSERT(sourceEnd <= toStringEnd);
+ 
++#ifdef MOZ_VTUNE
++    vtuneMethodId_ = vtune::GenerateUniqueMethodID();
++#endif
++
+     bitFields_.noScriptRval_ = options.noScriptRval;
+     bitFields_.selfHosted_ = options.selfHostingMode;
+     bitFields_.treatAsRunOnce_ = options.isRunOnce;
+     bitFields_.hideScriptFromDebugger_ = options.hideScriptFromDebugger;
+ 
+     setSourceObject(sourceObject);
+ }
+ 
+@@ -2659,23 +2659,21 @@ JSScript::JSScript(JS::Realm* realm, uin
+ JSScript::createInitialized(JSContext* cx, const ReadOnlyCompileOptions& options,
+                             HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
+                             uint32_t toStringStart, uint32_t toStringEnd)
+ {
+     void* script = Allocate<JSScript>(cx);
+     if (!script)
+         return nullptr;
+ 
+-    uint8_t* stubEntry =
+ #ifndef JS_CODEGEN_NONE
+-        cx->runtime()->jitRuntime()->interpreterStub().value
++    uint8_t* stubEntry = cx->runtime()->jitRuntime()->interpreterStub().value;
+ #else
+-        nullptr
++    uint8_t* stubEntry = nullptr;
+ #endif
+-        ;
+ 
+     return new (script) JSScript(cx->realm(), stubEntry, options, sourceObject,
+                                  sourceStart, sourceEnd, toStringStart, toStringEnd);
+ }
+ 
+ /* static */ JSScript*
+ JSScript::Create(JSContext* cx, const ReadOnlyCompileOptions& options,
+                  HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1027,28 +1027,16 @@ class JSScript : public js::gc::TenuredC
+     uint16_t warmUpResetCount = 0;
+ 
+     /* ES6 function length. */
+     uint16_t funLength_ = 0;
+ 
+     /* Number of type sets used in this script for dynamic type monitoring. */
+     uint16_t nTypeSets_ = 0;
+ 
+-    // Bit fields.
+-
+-  public:
+-    // The kinds of the optional arrays.
+-    enum ArrayKind {
+-        CONSTS,
+-        OBJECTS,
+-        TRYNOTES,
+-        SCOPENOTES,
+-        ARRAY_KIND_BITS
+-    };
+-
+   private:
+     struct BitFields
+     {
+         /*
+          * Bit-fields can't have member initializers til C++2a, i.e. probably
+          * C++20, so we can't initialize these to zero in place.  Instead we
+          * braced-init this to all zeroes in the JSScript constructor, then
+          * custom-assign particular bit-fields in the constructor body.
+@@ -1181,17 +1169,19 @@ class JSScript : public js::gc::TenuredC
+ 
+         // True if this function is an async function or async generator.
+         bool isAsync_ : 1;
+ 
+         bool hasRest_ : 1;
+ 
+         // True if the debugger's onNewScript hook has not yet been called.
+         bool hideScriptFromDebugger_ : 1;
+-    } bitFields_;
++    };
++
++    BitFields bitFields_ = {}; // Zero-initialize bitfield flags.
+ 
+     //
+     // End of fields.  Start methods.
+     //
+ 
+   private:
+     template <js::XDRMode mode>
+     friend

frg/work-js/mozilla-release/patches/1502481-3-65a1.patch

@@ -0,0 +1,145 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1540922520 0
+# Node ID 170515f4f87406cc2493b0d9ef4f24eb7b199f5e
+# Parent  5d7bad89e6133c3adf26f833c5652eb3e3a656d7
+Bug 1502481 - Cleanup JSScript constructor calls r=jandem
+
+This reorganizes the JSScript constructor sequence into the following layers and responsibilities:
+
+  JSScript(...)         The actual C++ constructor putting script in
+                        GC-safe state.
+  JSScript::New(...)    Performs allocation within GC.
+  JSScript::Create(...) Common initialization for all script
+                        initialization pathways.
+
+This is more in-line with how other GC-things are created. The bitfields
+saved from compile options are now done at the JSScript::Create level.
+
+Differential Revision: https://phabricator.services.mozilla.com/D9946
+
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -2618,18 +2618,17 @@ ScriptDataSize(uint32_t nscopes, uint32_
+     if (nscopenotes != 0)
+         size += sizeof(ScopeNoteArray) + nscopenotes * sizeof(ScopeNote);
+     if (nyieldoffsets != 0)
+         size += sizeof(YieldAndAwaitOffsetArray) + nyieldoffsets * sizeof(uint32_t);
+ 
+      return size;
+ }
+ 
+-JSScript::JSScript(JS::Realm* realm, uint8_t* stubEntry, const ReadOnlyCompileOptions& options,
+-                   HandleObject sourceObject,
++JSScript::JSScript(JS::Realm* realm, uint8_t* stubEntry, HandleObject sourceObject,
+                    uint32_t sourceStart, uint32_t sourceEnd,
+                    uint32_t toStringStart, uint32_t toStringEnd)
+   :
+ #ifndef JS_CODEGEN_NONE
+     jitCodeRaw_(stubEntry),
+     jitCodeSkipArgCheck_(stubEntry),
+ #endif
+     realm_(realm),
+@@ -2642,52 +2641,55 @@ JSScript::JSScript(JS::Realm* realm, uin
+     MOZ_ASSERT(toStringStart <= sourceStart);
+     MOZ_ASSERT(sourceStart <= sourceEnd);
+     MOZ_ASSERT(sourceEnd <= toStringEnd);
+ 
+ #ifdef MOZ_VTUNE
+     vtuneMethodId_ = vtune::GenerateUniqueMethodID();
+ #endif
+ 
+-    bitFields_.noScriptRval_ = options.noScriptRval;
+-    bitFields_.selfHosted_ = options.selfHostingMode;
+-    bitFields_.treatAsRunOnce_ = options.isRunOnce;
+-    bitFields_.hideScriptFromDebugger_ = options.hideScriptFromDebugger;
+-
+     setSourceObject(sourceObject);
+ }
+ 
+ /* static */ JSScript*
+-JSScript::createInitialized(JSContext* cx, const ReadOnlyCompileOptions& options,
+-                            HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
+-                            uint32_t toStringStart, uint32_t toStringEnd)
++JSScript::New(JSContext* cx, HandleObject sourceObject,
++              uint32_t sourceStart, uint32_t sourceEnd,
++              uint32_t toStringStart, uint32_t toStringEnd)
+ {
+     void* script = Allocate<JSScript>(cx);
+-    if (!script)
++    if (!script) {
+         return nullptr;
++    }
+ 
+ #ifndef JS_CODEGEN_NONE
+     uint8_t* stubEntry = cx->runtime()->jitRuntime()->interpreterStub().value;
+ #else
+     uint8_t* stubEntry = nullptr;
+ #endif
+ 
+-    return new (script) JSScript(cx->realm(), stubEntry, options, sourceObject,
++    return new (script) JSScript(cx->realm(), stubEntry, sourceObject,
+                                  sourceStart, sourceEnd, toStringStart, toStringEnd);
+ }
+ 
+ /* static */ JSScript*
+ JSScript::Create(JSContext* cx, const ReadOnlyCompileOptions& options,
+                  HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
+                  uint32_t toStringStart, uint32_t toStringEnd)
+ {
+-    RootedScript script(cx, createInitialized(cx, options, sourceObject, sourceStart, sourceEnd,
+-                                              toStringStart, toStringEnd));
+-    if (!script)
++    RootedScript script(cx, JSScript::New(cx, sourceObject, sourceStart, sourceEnd,
++                                          toStringStart, toStringEnd));
++    if (!script) {
+         return nullptr;
++    }
++
++    // Record compile options that get checked at runtime.
++    script->bitFields_.noScriptRval_ = options.noScriptRval;
++    script->bitFields_.selfHosted_ = options.selfHostingMode;
++    script->bitFields_.treatAsRunOnce_ = options.isRunOnce;
++    script->bitFields_.hideScriptFromDebugger_ = options.hideScriptFromDebugger;
+ 
+     if (cx->runtime()->lcovOutput().isEnabled()) {
+         if (!script->initScriptName(cx))
+             return nullptr;
+     }
+ 
+     return script;
+ }
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1190,24 +1190,23 @@ class JSScript : public js::gc::TenuredC
+                   js::HandleScriptSourceObject sourceObject, js::HandleFunction fun,
+                   js::MutableHandleScript scriptp);
+ 
+     friend bool
+     js::detail::CopyScript(JSContext* cx, js::HandleScript src, js::HandleScript dst,
+                            js::MutableHandle<JS::GCVector<js::Scope*>> scopes);
+ 
+   private:
+-    JSScript(JS::Realm* realm, uint8_t* stubEntry, const JS::ReadOnlyCompileOptions& options,
+-             js::HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
++    JSScript(JS::Realm* realm, uint8_t* stubEntry, js::HandleObject sourceObject,
++             uint32_t sourceStart, uint32_t sourceEnd,
+              uint32_t toStringStart, uint32_t toStringend);
+ 
+-    static JSScript* createInitialized(JSContext* cx, const JS::ReadOnlyCompileOptions& options,
+-                                       js::HandleObject sourceObject,
+-                                       uint32_t sourceStart, uint32_t sourceEnd,
+-                                       uint32_t toStringStart, uint32_t toStringEnd);
++    static JSScript* New(JSContext* cx, js::HandleObject sourceObject,
++                         uint32_t sourceStart, uint32_t sourceEnd,
++                         uint32_t toStringStart, uint32_t toStringEnd);
+ 
+   public:
+     static JSScript* Create(JSContext* cx,
+                             const JS::ReadOnlyCompileOptions& options,
+                             js::HandleObject sourceObject,
+                             uint32_t sourceStart, uint32_t sourceEnd,
+                             uint32_t toStringStart, uint32_t toStringEnd);
+ 

frg/work-js/mozilla-release/patches/1502481-4-65a1.patch

@@ -0,0 +1,248 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1540922528 0
+# Node ID 63cb6b558afe034dc30f68e850a9f7bf3f8f1193
+# Parent  6b13dfd841ea0add28ccb09cfb2a04064fac0498
+Bug 1502481 - Rename JSScript partiallyInit and friends r=jandem
+
+JSScript::partiallyInit -> JSScript::createPrivateScriptData
+JSScript::createScriptData -> JSScript::createSharedScriptData
+
+Differential Revision: https://phabricator.services.mozilla.com/D9947
+
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -525,18 +525,18 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+             fun->initScript(script);
+     } else {
+         // When encoding, we do not mutate any of the JSScript or LazyScript, so
+         // we can safely unwrap it here.
+         sourceObject = &script->scriptSourceUnwrap();
+     }
+ 
+     if (mode == XDR_DECODE) {
+-        if (!JSScript::partiallyInit(cx, script, nscopes, nconsts, nobjects, ntrynotes,
+-                                     nscopenotes, nyieldoffsets))
++        if (!JSScript::createPrivateScriptData(cx, script, nscopes, nconsts, nobjects,
++                                               ntrynotes, nscopenotes, nyieldoffsets))
+         {
+             return xdr->fail(JS::TranscodeResult_Throw);
+         }
+ 
+         MOZ_ASSERT(!script->mainOffset());
+         script->mainOffset_ = prologueLength;
+         script->funLength_ = funLength;
+ 
+@@ -606,18 +606,19 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         script->lineno_ = lineno;
+         script->column_ = column;
+         script->nfixed_ = nfixed;
+         script->nslots_ = nslots;
+         script->bodyScopeIndex_ = bodyScopeIndex;
+     }
+ 
+     if (mode == XDR_DECODE) {
+-        if (!script->createScriptData(cx, length, nsrcnotes, natoms))
++        if (!script->createSharedScriptData(cx, length, nsrcnotes, natoms)) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+     }
+ 
+     auto scriptDataGuard = mozilla::MakeScopeExit([&] {
+         if (mode == XDR_DECODE)
+             script->freeScriptData();
+     });
+ 
+     jsbytecode* code = script->code();
+@@ -2382,23 +2383,24 @@ js::ScriptBytecodeHasher::Lookup::Lookup
+ 
+ inline
+ js::ScriptBytecodeHasher::Lookup::~Lookup()
+ {
+     scriptData->decRefCount();
+ }
+ 
+ bool
+-JSScript::createScriptData(JSContext* cx, uint32_t codeLength, uint32_t srcnotesLength,
+-                           uint32_t natoms)
++JSScript::createSharedScriptData(JSContext* cx, uint32_t codeLength,
++                                 uint32_t noteLength, uint32_t natoms)
+ {
+     MOZ_ASSERT(!scriptData());
+-    SharedScriptData* ssd = SharedScriptData::new_(cx, codeLength, srcnotesLength, natoms);
+-    if (!ssd)
++    SharedScriptData* ssd = SharedScriptData::new_(cx, codeLength, noteLength, natoms);
++    if (!ssd) {
+         return false;
++    }
+ 
+     setScriptData(ssd);
+     return true;
+ }
+ 
+ void
+ JSScript::freeScriptData()
+ {
+@@ -2724,19 +2726,19 @@ AllocScriptData(JS::Zone* zone, size_t s
+     uint8_t* data = zone->pod_calloc<uint8_t>(JS_ROUNDUP(size, sizeof(Value)));
+     if (!data)
+         return nullptr;
+     MOZ_ASSERT(size_t(data) % sizeof(Value) == 0);
+     return data;
+ }
+ 
+ /* static */ bool
+-JSScript::partiallyInit(JSContext* cx, HandleScript script, uint32_t nscopes,
+-                        uint32_t nconsts, uint32_t nobjects, uint32_t ntrynotes,
+-                        uint32_t nscopenotes, uint32_t nyieldoffsets)
++JSScript::createPrivateScriptData(JSContext* cx, HandleScript script,
++                                  uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
++                                  uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets)
+ {
+     size_t size = ScriptDataSize(nscopes, nconsts, nobjects, ntrynotes,
+                                  nscopenotes, nyieldoffsets);
+     script->data = AllocScriptData(script->zone(), size);
+     if (size && !script->data) {
+         ReportOutOfMemory(cx);
+         return false;
+     }
+@@ -2827,36 +2829,37 @@ JSScript::initFunctionPrototype(JSContex
+                                 HandleFunction functionProto)
+ {
+     uint32_t numScopes = 1;
+     uint32_t numConsts = 0;
+     uint32_t numObjects = 0;
+     uint32_t numTryNotes = 0;
+     uint32_t numScopeNotes = 0;
+     uint32_t numYieldAndAwaitOffsets = 0;
+-    if (!partiallyInit(cx, script, numScopes, numConsts, numObjects, numTryNotes,
+-                       numScopeNotes, numYieldAndAwaitOffsets))
++    if (!createPrivateScriptData(cx, script, numScopes, numConsts, numObjects,
++                                 numTryNotes, numScopeNotes, numYieldAndAwaitOffsets))
+     {
+         return false;
+     }
+ 
+     script->nTypeSets_ = 0;
+ 
+     RootedScope enclosing(cx, &cx->global()->emptyGlobalScope());
+     Scope* functionProtoScope = FunctionScope::create(cx, nullptr, false, false, functionProto,
+                                                       enclosing);
+     if (!functionProtoScope)
+         return false;
+     script->scopes()->vector[0].init(functionProtoScope);
+ 
+     uint32_t codeLength = 1;
+     uint32_t srcNotesLength = 1;
+     uint32_t numAtoms = 0;
+-    if (!script->createScriptData(cx, codeLength, srcNotesLength, numAtoms))
++    if (!script->createSharedScriptData(cx, codeLength, srcNotesLength, numAtoms)) {
+         return false;
++    }
+ 
+     jsbytecode* code = script->code();
+     code[0] = JSOP_RETRVAL;
+     code[1] = SRC_NULL;
+     return script->shareScriptData(cx);
+ }
+ 
+ static void
+@@ -2934,31 +2937,37 @@ JSScript::fullyInitFromEmitter(JSContext
+     MOZ_ASSERT(bce->objectList.length <= INDEX_LIMIT);
+ 
+     uint32_t mainLength = bce->offset();
+     uint32_t prologueLength = bce->prologueOffset();
+     uint32_t nsrcnotes;
+     if (!bce->finishTakingSrcNotes(&nsrcnotes))
+         return false;
+     uint32_t natoms = bce->atomIndices->count();
+-    if (!partiallyInit(cx, script,
+-                       bce->scopeList.length(), bce->constList.length(), bce->objectList.length,
+-                       bce->tryNoteList.length(), bce->scopeNoteList.length(),
+-                       bce->yieldAndAwaitOffsetList.length()))
++    if (!createPrivateScriptData(cx, script, bce->scopeList.length(), bce->numberList.length(),
++                                 bce->objectList.length, bce->tryNoteList.length(),
++                                 bce->scopeNoteList.length(),
++                                 bce->yieldAndAwaitOffsetList.length()))
+     {
+         return false;
+     }
+ 
+     MOZ_ASSERT(script->mainOffset() == 0);
+     script->mainOffset_ = prologueLength;
+     script->nTypeSets_ = bce->typesetCount;
+     script->lineno_ = bce->firstLine;
+ 
+-    if (!script->createScriptData(cx, prologueLength + mainLength, nsrcnotes, natoms))
++    if (!script->createSharedScriptData(cx, prologueLength + mainLength, nsrcnotes, natoms)) {
+         return false;
++    }
++
++    // Any fallible operation after JSScript::createSharedScriptData should
++    // reset JSScript.scriptData_, in order to treat this script as
++    // uncompleted, in JSScript::isUncompleted.  JSScript::shareScriptData
++    // resets it before returning false.
+ 
+     jsbytecode* code = script->code();
+     PodCopy<jsbytecode>(code, bce->prologue.code.begin(), prologueLength);
+     PodCopy<jsbytecode>(code + prologueLength, bce->main.code.begin(), mainLength);
+     bce->copySrcNotes((jssrcnote*)(code + script->length()), nsrcnotes);
+     InitAtomMap(*bce->atomIndices, script->atoms());
+ 
+     if (!script->shareScriptData(cx))
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1205,23 +1205,23 @@ class JSScript : public js::gc::TenuredC
+ 
+   public:
+     static JSScript* Create(JSContext* cx,
+                             const JS::ReadOnlyCompileOptions& options,
+                             js::HandleObject sourceObject,
+                             uint32_t sourceStart, uint32_t sourceEnd,
+                             uint32_t toStringStart, uint32_t toStringEnd);
+ 
+-    // Three ways ways to initialize a JSScript. Callers of partiallyInit()
+-    // are responsible for notifying the debugger after successfully creating
+-    // any kind (function or other) of new JSScript.  However, callers of
+-    // fullyInitFromEmitter() do not need to do this.
+-    static bool partiallyInit(JSContext* cx, JS::Handle<JSScript*> script,
+-                              uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
+-                              uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets);
++    // NOTE: If you use createPrivateScriptData directly instead of via
++    // fullyInitFromEmitter, you are responsible for notifying the debugger
++    // after successfully creating the script.
++    static bool createPrivateScriptData(JSContext* cx, JS::Handle<JSScript*> script,
++                                        uint32_t nscopes, uint32_t nconsts,
++                                        uint32_t nobjects, uint32_t ntrynotes,
++                                        uint32_t nscopenotes, uint32_t nyieldoffsets);
+ 
+   private:
+     static void initFromFunctionBox(js::HandleScript script, js::frontend::FunctionBox* funbox);
+     static void initFromModuleContext(js::HandleScript script);
+ 
+   public:
+     static bool fullyInitFromEmitter(JSContext* cx, js::HandleScript script,
+                                      js::frontend::BytecodeEmitter* bce);
+@@ -1804,18 +1804,18 @@ class JSScript : public js::gc::TenuredC
+ 
+     js::Scope* enclosingScope() const {
+         return outermostScope()->enclosing();
+     }
+ 
+   private:
+     bool makeTypes(JSContext* cx);
+ 
+-    bool createScriptData(JSContext* cx, uint32_t codeLength, uint32_t srcnotesLength,
+-                          uint32_t natoms);
++    bool createSharedScriptData(JSContext* cx, uint32_t codeLength,
++                                uint32_t noteLength, uint32_t natoms);
+     bool shareScriptData(JSContext* cx);
+     void freeScriptData();
+     void setScriptData(js::SharedScriptData* data);
+ 
+   public:
+     uint32_t getWarmUpCount() const { return warmUpCount; }
+     uint32_t incWarmUpCounter(uint32_t amount = 1) { return warmUpCount += amount; }
+     uint32_t* addressOfWarmUpCounter() { return reinterpret_cast<uint32_t*>(&warmUpCount); }

frg/work-js/mozilla-release/patches/1502481-5-65a1.patch

@@ -0,0 +1,71 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1540922639 0
+# Node ID c25dd8708e931200cc24cbabda54ca323ca5a222
+# Parent  63cb6b558afe034dc30f68e850a9f7bf3f8f1193
+Bug 1502481 - Cleanup JSScript::initFunctionPrototype r=jandem
+
+Differential Revision: https://phabricator.services.mozilla.com/D9948
+
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -3378,17 +3378,17 @@ JSScript::createPrivateScriptData(JSCont
+     }
+ 
+     script->data_ = data;
+     script->dataSize_ = dataSize;
+     return true;
+ }
+ 
+ /* static */ bool
+-JSScript::initFunctionPrototype(JSContext* cx, Handle<JSScript*> script,
++JSScript::initFunctionPrototype(JSContext* cx, HandleScript script,
+                                 HandleFunction functionProto)
+ {
+     uint32_t numScopes = 1;
+     uint32_t numConsts = 0;
+     uint32_t numObjects = 0;
+     uint32_t numTryNotes = 0;
+     uint32_t numScopeNotes = 0;
+     uint32_t numYieldAndAwaitOffsets = 0;
+@@ -3402,29 +3402,32 @@ JSScript::initFunctionPrototype(JSContex
+ 
+     RootedScope enclosing(cx, &cx->global()->emptyGlobalScope());
+     Scope* functionProtoScope = FunctionScope::create(cx, nullptr, false, false, functionProto,
+                                                       enclosing);
+     if (!functionProtoScope) {
+         return false;
+     }
+ 
+-    js::PrivateScriptData* data = script->data_;
+-    data->scopes()[0].init(functionProtoScope);
++    mozilla::Span<GCPtrScope> scopes = script->data_->scopes();
++    scopes[0].init(functionProtoScope);
+ 
+     uint32_t codeLength = 1;
+-    uint32_t srcNotesLength = 1;
++    uint32_t noteLength = 1;
+     uint32_t numAtoms = 0;
+-    if (!script->createSharedScriptData(cx, codeLength, srcNotesLength, numAtoms)) {
++    if (!script->createSharedScriptData(cx, codeLength, noteLength, numAtoms)) {
+         return false;
+     }
+ 
+-    jsbytecode* code = script->code();
++    jsbytecode* code = script->scriptData_->code();
+     code[0] = JSOP_RETRVAL;
+-    code[1] = SRC_NULL;
++
++    jssrcnote* notes = script->scriptData_->notes();
++    notes[0] = SRC_NULL;
++
+     return script->shareScriptData(cx);
+ }
+ 
+ static void
+ InitAtomMap(frontend::AtomIndexMap& indices, GCPtrAtom* atoms)
+ {
+     for (frontend::AtomIndexMap::Range r = indices.all(); !r.empty(); r.popFront()) {
+         JSAtom* atom = r.front().key();
+

frg/work-js/mozilla-release/patches/1503009-1-65a1.patch

@@ -2,18 +2,18 @@
 # User Jon Coppeard <jcoppeard@mozilla.com>
 # Date 1540989924 0
 # Node ID 97f81e96c9ab7a1ae7950c3810266051ce256ee3
-# Parent  6773759c86ec09406552237c5e8feed16c899c19
+# Parent  de3e5c63456e29149868fef218748d129e783b67
 Bug 1503009 - If dynamic module import is not supported its use should be rejected at parse time r=jorendorff
 
 diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitter.cpp
 --- a/js/src/frontend/BytecodeEmitter.cpp
 +++ b/js/src/frontend/BytecodeEmitter.cpp
-@@ -8896,20 +8896,16 @@ BytecodeEmitter::emitTree(ParseNode* pn,
+@@ -8297,20 +8297,16 @@ BytecodeEmitter::emitTree(ParseNode* pn,
+         break;
  
        case ParseNodeKind::ImportMeta:
-         if (!emit1(JSOP_IMPORTMETA)) {
+         if (!emit1(JSOP_IMPORTMETA))
              return false;
-         }
          break;
  
        case ParseNodeKind::CallImport:
@@ -27,17 +27,17 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
          break;
  
        case ParseNodeKind::SetThis:
-         if (!emitSetThis(&pn->as<BinaryNode>())) {
+         if (!emitSetThis(pn))
              return false;
 diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
 --- a/js/src/frontend/Parser.cpp
 +++ b/js/src/frontend/Parser.cpp
-@@ -10960,17 +10960,18 @@ GeneralParser<ParseHandler, Unit>::impor
+@@ -9957,17 +9957,18 @@ GeneralParser<ParseHandler, CharT>::impo
+         return handler.newImportMeta(importHolder, metaHolder);
      } else if (next == TokenKind::LeftParen) {
          Node arg = assignExpr(InAllowed, yieldHandling, TripledotProhibited);
-         if (!arg) {
+         if (!arg)
              return null();
-         }
  
          MUST_MATCH_TOKEN_MOD(TokenKind::RightParen, TokenStream::Operand, JSMSG_PAREN_AFTER_ARGS);
  
@@ -52,4 +52,3 @@ diff --git a/js/src/frontend/Parser.cpp b/js/src/frontend/Parser.cpp
          error(JSMSG_UNEXPECTED_TOKEN_NO_EXPECT, TokenKindToDesc(next));
          return null();
      }
-

frg/work-js/mozilla-release/patches/1512509-66a1.patch

@@ -0,0 +1,769 @@
+# HG changeset patch
+# User Jan de Mooij <jdemooij@mozilla.com>
+# Date 1544960624 0
+# Node ID ea75717477fa90c798949c9dae5dfcf9ab61a2dc
+# Parent  c6569a81a66c8fd9ab92c18b9b5593aa0d800667
+Bug 1512509 - Clone ScriptSourceObject when cloning scripts. r=tcampbell
+
+This fixes bug 1406437. It also simplifies JSScript because it now always stores
+a ScriptSourceObject directly instead of a CCW for one.
+
+Differential Revision: https://phabricator.services.mozilla.com/D13974
+
+diff --git a/js/src/builtin/ModuleObject.cpp b/js/src/builtin/ModuleObject.cpp
+--- a/js/src/builtin/ModuleObject.cpp
++++ b/js/src/builtin/ModuleObject.cpp
+@@ -801,17 +801,17 @@ FunctionDeclarationVector* ModuleObject:
+   return static_cast<FunctionDeclarationVector*>(value.toPrivate());
+ }
+ 
+ void ModuleObject::init(HandleScript script) {
+   MOZ_ASSERT(script);
+   initReservedSlot(ScriptSlot, PrivateGCThingValue(script));
+   initReservedSlot(StatusSlot, Int32Value(MODULE_STATUS_UNINSTANTIATED));
+   initReservedSlot(ScriptSourceObjectSlot,
+-                   ObjectValue(script->scriptSourceUnwrap()));
++                   ObjectValue(*script->sourceObject()));
+ }
+ 
+ void ModuleObject::setInitialEnvironment(
+     HandleModuleEnvironmentObject initialEnvironment) {
+   initReservedSlot(EnvironmentSlot, ObjectValue(*initialEnvironment));
+ }
+ 
+ void ModuleObject::initImportExportData(HandleArrayObject requestedModules,
+diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitter.cpp
+--- a/js/src/frontend/BytecodeEmitter.cpp
++++ b/js/src/frontend/BytecodeEmitter.cpp
+@@ -5522,17 +5522,17 @@ MOZ_NEVER_INLINE bool BytecodeEmitter::e
+ 
+       // Inherit most things (principals, version, etc) from the
+       // parent.  Use default values for the rest.
+       Rooted<JSScript*> parent(cx, script);
+       MOZ_ASSERT(parent->mutedErrors() == parser->options().mutedErrors());
+       const JS::TransitiveCompileOptions& transitiveOptions = parser->options();
+       JS::CompileOptions options(cx, transitiveOptions);
+ 
+-      Rooted<JSObject*> sourceObject(cx, script->sourceObject());
++      Rooted<ScriptSourceObject*> sourceObject(cx, script->sourceObject());
+       Rooted<JSScript*> script(
+           cx, JSScript::Create(cx, options, sourceObject, funbox->bufStart,
+                                funbox->bufEnd, funbox->toStringStart,
+                                funbox->toStringEnd));
+       if (!script) {
+         return false;
+       }
+ 
+diff --git a/js/src/jit-test/tests/debug/bug1406437.js b/js/src/jit-test/tests/debug/bug1406437.js
+new file mode 100644
+--- /dev/null
++++ b/js/src/jit-test/tests/debug/bug1406437.js
+@@ -0,0 +1,6 @@
++var g = newGlobal();
++g.f = function() {};
++g.eval('f = clone(f);');
++var dbg = new Debugger;
++var dg = dbg.addDebuggee(g);
++dg.getOwnPropertyDescriptor('f').value.script.source;
+diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
+--- a/js/src/jsapi.cpp
++++ b/js/src/jsapi.cpp
+@@ -3735,26 +3735,26 @@ JS_PUBLIC_API bool JS::CompileModule(JSC
+ }
+ 
+ JS_PUBLIC_API void JS::SetModulePrivate(JSObject* module,
+                                         const JS::Value& value) {
+   module->as<ModuleObject>().scriptSourceObject()->setPrivate(value);
+ }
+ 
+ JS_PUBLIC_API JS::Value JS::GetModulePrivate(JSObject* module) {
+-  return module->as<ModuleObject>().scriptSourceObject()->getPrivate();
++  return module->as<ModuleObject>().scriptSourceObject()->unwrappedPrivate();
+ }
+ 
+ JS_PUBLIC_API void JS::SetScriptPrivate(JSScript* script,
+                                         const JS::Value& value) {
+-  script->scriptSourceUnwrap().setPrivate(value);
++  script->sourceObject()->setPrivate(value);
+ }
+ 
+ JS_PUBLIC_API JS::Value JS::GetScriptPrivate(JSScript* script) {
+-  return script->scriptSourceUnwrap().getPrivate();
++  return script->sourceObject()->unwrappedPrivate();
+ }
+ 
+ JS_PUBLIC_API bool JS::ModuleInstantiate(JSContext* cx,
+                                          JS::HandleObject moduleArg) {
+   AssertHeapIsIdle();
+   CHECK_THREAD(cx);
+   cx->check(moduleArg);
+   return ModuleObject::Instantiate(cx, moduleArg.as<ModuleObject>());
+diff --git a/js/src/proxy/CrossCompartmentWrapper.cpp b/js/src/proxy/CrossCompartmentWrapper.cpp
+--- a/js/src/proxy/CrossCompartmentWrapper.cpp
++++ b/js/src/proxy/CrossCompartmentWrapper.cpp
+@@ -531,19 +531,19 @@ JS_FRIEND_API bool js::NukeCrossCompartm
+ 
+       // Don't nuke wrappers for objects in other realms in the target
+       // compartment unless nukeAll is set because in that case we want to nuke
+       // all outgoing wrappers for the current compartment.
+       if (!nukeAll && wrapped->nonCCWRealm() != target) {
+         continue;
+       }
+ 
+-      // We never nuke script source objects, since only ever used internally by
+-      // the JS engine, and are expected to remain valid throughout a scripts
+-      // lifetime.
++      // We never nuke ScriptSourceObjects, since they are only ever used
++      // internally by the JS engine, and are expected to remain valid
++      // throughout a script's lifetime.
+       if (MOZ_UNLIKELY(wrapped->is<ScriptSourceObject>())) {
+         continue;
+       }
+ 
+       // We only skip nuking window references that point to a target
+       // compartment, not the ones that belong to it.
+       if (nukeReferencesToWindow == DontNukeWindowReferences &&
+           MOZ_LIKELY(!nukeAll) && IsWindowProxy(wrapped)) {
+diff --git a/js/src/vm/Debugger.cpp b/js/src/vm/Debugger.cpp
+--- a/js/src/vm/Debugger.cpp
++++ b/js/src/vm/Debugger.cpp
+@@ -7790,17 +7790,17 @@ static bool DebuggerSource_getDisplayURL
+     args.rval().setNull();
+   }
+   return true;
+ }
+ 
+ struct DebuggerSourceGetElementMatcher {
+   using ReturnType = JSObject*;
+   ReturnType match(HandleScriptSourceObject sourceObject) {
+-    return sourceObject->element();
++    return sourceObject->unwrappedElement();
+   }
+   ReturnType match(Handle<WasmInstanceObject*> wasmInstance) { return nullptr; }
+ };
+ 
+ static bool DebuggerSource_getElement(JSContext* cx, unsigned argc, Value* vp) {
+   THIS_DEBUGSOURCE_REFERENT(cx, argc, vp, "(get element)", args, obj, referent);
+ 
+   DebuggerSourceGetElementMatcher matcher;
+@@ -7813,17 +7813,17 @@ static bool DebuggerSource_getElement(JS
+     args.rval().setUndefined();
+   }
+   return true;
+ }
+ 
+ struct DebuggerSourceGetElementPropertyMatcher {
+   using ReturnType = Value;
+   ReturnType match(HandleScriptSourceObject sourceObject) {
+-    return sourceObject->elementAttributeName();
++    return sourceObject->unwrappedElementAttributeName();
+   }
+   ReturnType match(Handle<WasmInstanceObject*> wasmInstance) {
+     return UndefinedValue();
+   }
+ };
+ 
+ static bool DebuggerSource_getElementProperty(JSContext* cx, unsigned argc,
+                                               Value* vp) {
+@@ -7842,17 +7842,17 @@ class DebuggerSourceGetIntroductionScrip
+  public:
+   DebuggerSourceGetIntroductionScriptMatcher(JSContext* cx, Debugger* dbg,
+                                              MutableHandleValue rval)
+       : cx_(cx), dbg_(dbg), rval_(rval) {}
+ 
+   using ReturnType = bool;
+ 
+   ReturnType match(HandleScriptSourceObject sourceObject) {
+-    RootedScript script(cx_, sourceObject->introductionScript());
++    RootedScript script(cx_, sourceObject->unwrappedIntroductionScript());
+     if (script) {
+       RootedObject scriptDO(cx_, dbg_->wrapScript(cx_, script));
+       if (!scriptDO) {
+         return false;
+       }
+       rval_.setObject(*scriptDO);
+     } else {
+       rval_.setUndefined();
+@@ -7881,17 +7881,18 @@ static bool DebuggerSource_getIntroducti
+ 
+ struct DebuggerGetIntroductionOffsetMatcher {
+   using ReturnType = Value;
+   ReturnType match(HandleScriptSourceObject sourceObject) {
+     // Regardless of what's recorded in the ScriptSourceObject and
+     // ScriptSource, only hand out the introduction offset if we also have
+     // the script within which it applies.
+     ScriptSource* ss = sourceObject->source();
+-    if (ss->hasIntroductionOffset() && sourceObject->introductionScript()) {
++    if (ss->hasIntroductionOffset() &&
++        sourceObject->unwrappedIntroductionScript()) {
+       return Int32Value(ss->introductionOffset());
+     }
+     return UndefinedValue();
+   }
+   ReturnType match(Handle<WasmInstanceObject*> wasmInstance) {
+     return UndefinedValue();
+   }
+ };
+diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
+--- a/js/src/vm/EnvironmentObject.cpp
++++ b/js/src/vm/EnvironmentObject.cpp
+@@ -3360,24 +3360,24 @@ ModuleObject* js::GetModuleObjectForScri
+       return si.scope()->as<ModuleScope>().module();
+     }
+   }
+   return nullptr;
+ }
+ 
+ Value js::FindScriptOrModulePrivateForScript(JSScript* script) {
+   while (script) {
+-    ScriptSourceObject* sso = &script->scriptSourceUnwrap();
+-    Value value = sso->getPrivate();
++    ScriptSourceObject* sso = script->sourceObject();
++    Value value = sso->unwrappedPrivate();
+     if (!value.isUndefined()) {
+       return value;
+     }
+ 
+-    MOZ_ASSERT(sso->introductionScript() != script);
+-    script = sso->introductionScript();
++    MOZ_ASSERT(sso->unwrappedIntroductionScript() != script);
++    script = sso->unwrappedIntroductionScript();
+   }
+ 
+   return UndefinedValue();
+ }
+ 
+ bool js::GetThisValueForDebuggerMaybeOptimizedOut(JSContext* cx,
+                                                   AbstractFramePtr frame,
+                                                   jsbytecode* pc,
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -300,17 +300,17 @@ static XDRResult XDRRelazificationInfo(X
+       // relazify scripts with inner functions.  See
+       // JSFunction::createScriptForLazilyInterpretedFunction.
+       MOZ_ASSERT(lazy->numInnerFunctions() == 0);
+     }
+ 
+     MOZ_TRY(xdr->codeUint64(&packedFields));
+ 
+     if (mode == XDR_DECODE) {
+-      RootedScriptSourceObject sourceObject(cx, &script->scriptSourceUnwrap());
++      RootedScriptSourceObject sourceObject(cx, script->sourceObject());
+       lazy.set(LazyScript::CreateForXDR(
+           cx, fun, script, enclosingScope, sourceObject, packedFields,
+           sourceStart, sourceEnd, toStringStart, lineno, column));
+       if (!lazy) {
+         return xdr->fail(JS::TranscodeResult_Throw);
+       }
+ 
+       lazy->setToStringEnd(toStringEnd);
+@@ -523,19 +523,17 @@ XDRResult js::XDRScript(XDRState<mode>* 
+     }
+ 
+     // Set the script in its function now so that inner scripts to be
+     // decoded may iterate the static scope chain.
+     if (fun) {
+       fun->initScript(script);
+     }
+   } else {
+-    // When encoding, we do not mutate any of the JSScript or LazyScript, so
+-    // we can safely unwrap it here.
+-    sourceObject = &script->scriptSourceUnwrap();
++    sourceObject = script->sourceObject();
+   }
+ 
+   if (mode == XDR_DECODE) {
+     if (!JSScript::createPrivateScriptData(cx, script, nscopes, nconsts,
+                                            nobjects, ntrynotes, nscopenotes,
+                                            nresumeoffsets)) {
+       return xdr->fail(JS::TranscodeResult_Throw);
+     }
+@@ -974,45 +972,39 @@ XDRResult js::XDRLazyScript(XDRState<mod
+ template XDRResult js::XDRLazyScript(XDRState<XDR_ENCODE>*, HandleScope,
+                                      HandleScriptSourceObject, HandleFunction,
+                                      MutableHandle<LazyScript*>);
+ 
+ template XDRResult js::XDRLazyScript(XDRState<XDR_DECODE>*, HandleScope,
+                                      HandleScriptSourceObject, HandleFunction,
+                                      MutableHandle<LazyScript*>);
+ 
+-void JSScript::setSourceObject(JSObject* object) {
++void JSScript::setSourceObject(js::ScriptSourceObject* object) {
+   MOZ_ASSERT(compartment() == object->compartment());
+   sourceObject_ = object;
+ }
+ 
+-void JSScript::setDefaultClassConstructorSpan(JSObject* sourceObject,
+-                                              uint32_t start, uint32_t end,
+-                                              unsigned line, unsigned column) {
++void JSScript::setDefaultClassConstructorSpan(
++    js::ScriptSourceObject* sourceObject, uint32_t start, uint32_t end,
++    unsigned line, unsigned column) {
+   MOZ_ASSERT(isDefaultClassConstructor());
+   setSourceObject(sourceObject);
+   toStringStart_ = start;
+   toStringEnd_ = end;
+   sourceStart_ = start;
+   sourceEnd_ = end;
+   lineno_ = line;
+   column_ = column;
+   // Since this script has been changed to point into the user's source, we
+   // can clear its self-hosted flag, allowing Debugger to see it.
+   clearFlag(ImmutableFlags::SelfHosted);
+ }
+ 
+-js::ScriptSourceObject& JSScript::scriptSourceUnwrap() const {
+-  // This may be called off the main thread. It's OK not to expose the source
+-  // object here as it doesn't escape.
+-  return UncheckedUnwrapWithoutExpose(sourceObject())->as<ScriptSourceObject>();
+-}
+-
+ js::ScriptSource* JSScript::scriptSource() const {
+-  return scriptSourceUnwrap().source();
++  return sourceObject()->source();
+ }
+ 
+ js::ScriptSource* JSScript::maybeForwardedScriptSource() const {
+   JSObject* source = MaybeForwarded(sourceObject());
+   // This may be called during GC. It's OK not to expose the source object
+   // here as it doesn't escape.
+   return UncheckedUnwrapWithoutExpose(source)
+       ->as<ScriptSourceObject>()
+@@ -1350,42 +1342,74 @@ static const ClassOps ScriptSourceObject
+     ScriptSourceObject::trace};
+ 
+ const Class ScriptSourceObject::class_ = {
+     "ScriptSource",
+     JSCLASS_HAS_RESERVED_SLOTS(RESERVED_SLOTS) | JSCLASS_IS_ANONYMOUS |
+         JSCLASS_FOREGROUND_FINALIZE,
+     &ScriptSourceObjectClassOps};
+ 
+-ScriptSourceObject* ScriptSourceObject::create(JSContext* cx,
+-                                               ScriptSource* source) {
+-  RootedScriptSourceObject sourceObject(
+-      cx, NewObjectWithGivenProto<ScriptSourceObject>(cx, nullptr));
+-  if (!sourceObject) {
++ScriptSourceObject* ScriptSourceObject::createInternal(JSContext* cx,
++                                                       ScriptSource* source,
++                                                       HandleObject canonical) {
++  ScriptSourceObject* obj =
++      NewObjectWithGivenProto<ScriptSourceObject>(cx, nullptr);
++  if (!obj) {
+     return nullptr;
+   }
+ 
+   source->incref();  // The matching decref is in ScriptSourceObject::finalize.
+-  sourceObject->initReservedSlot(SOURCE_SLOT, PrivateValue(source));
+-
+-  // The remaining slots should eventually be populated by a call to
+-  // initFromOptions. Poison them until that point.
+-  sourceObject->initReservedSlot(ELEMENT_SLOT, MagicValue(JS_GENERIC_MAGIC));
+-  sourceObject->initReservedSlot(ELEMENT_PROPERTY_SLOT,
+-                                 MagicValue(JS_GENERIC_MAGIC));
+-  sourceObject->initReservedSlot(INTRODUCTION_SCRIPT_SLOT,
+-                                 MagicValue(JS_GENERIC_MAGIC));
+-
+-  return sourceObject;
++
++  obj->initReservedSlot(SOURCE_SLOT, PrivateValue(source));
++
++  if (canonical) {
++    obj->initReservedSlot(CANONICAL_SLOT, ObjectValue(*canonical));
++  } else {
++    obj->initReservedSlot(CANONICAL_SLOT, ObjectValue(*obj));
++  }
++
++  // The slots below should either be populated by a call to initFromOptions or,
++  // if this is a non-canonical ScriptSourceObject, they are unused. Poison
++  // them.
++  obj->initReservedSlot(ELEMENT_SLOT, MagicValue(JS_GENERIC_MAGIC));
++  obj->initReservedSlot(ELEMENT_PROPERTY_SLOT, MagicValue(JS_GENERIC_MAGIC));
++  obj->initReservedSlot(INTRODUCTION_SCRIPT_SLOT, MagicValue(JS_GENERIC_MAGIC));
++
++  return obj;
++}
++
++ScriptSourceObject* ScriptSourceObject::create(JSContext* cx,
++                                               ScriptSource* source) {
++  return createInternal(cx, source, nullptr);
++}
++
++ScriptSourceObject* ScriptSourceObject::clone(JSContext* cx,
++                                              HandleScriptSourceObject sso) {
++  MOZ_ASSERT(cx->compartment() != sso->compartment());
++
++  RootedObject wrapped(cx, sso);
++  if (!cx->compartment()->wrap(cx, &wrapped)) {
++    return nullptr;
++  }
++
++  return createInternal(cx, sso->source(), wrapped);
++}
++
++ScriptSourceObject* ScriptSourceObject::unwrappedCanonical() const {
++  MOZ_ASSERT(CurrentThreadCanAccessRuntime(runtimeFromAnyThread()));
++
++  JSObject* obj = &getReservedSlot(CANONICAL_SLOT).toObject();
++  return &UncheckedUnwrap(obj)->as<ScriptSourceObject>();
+ }
+ 
+ /* static */ bool ScriptSourceObject::initFromOptions(
+     JSContext* cx, HandleScriptSourceObject source,
+     const ReadOnlyCompileOptions& options) {
+   cx->releaseCheck(source);
++  MOZ_ASSERT(source->isCanonical());
+   MOZ_ASSERT(source->getReservedSlot(ELEMENT_SLOT).isMagic(JS_GENERIC_MAGIC));
+   MOZ_ASSERT(
+       source->getReservedSlot(ELEMENT_PROPERTY_SLOT).isMagic(JS_GENERIC_MAGIC));
+   MOZ_ASSERT(source->getReservedSlot(INTRODUCTION_SCRIPT_SLOT)
+                  .isMagic(JS_GENERIC_MAGIC));
+ 
+   RootedObject element(cx, options.element());
+   RootedString elementAttributeName(cx, options.elementAttributeName());
+@@ -1406,16 +1430,18 @@ ScriptSourceObject* ScriptSourceObject::
+   source->setReservedSlot(INTRODUCTION_SCRIPT_SLOT, introductionScript);
+ 
+   return true;
+ }
+ 
+ /* static */ bool ScriptSourceObject::initElementProperties(
+     JSContext* cx, HandleScriptSourceObject source, HandleObject element,
+     HandleString elementAttrName) {
++  MOZ_ASSERT(source->isCanonical());
++
+   RootedValue elementValue(cx, ObjectOrNullValue(element));
+   if (!cx->compartment()->wrap(cx, &elementValue)) {
+     return false;
+   }
+ 
+   RootedValue nameValue(cx);
+   if (elementAttrName) {
+     nameValue = StringValue(elementAttrName);
+@@ -3039,17 +3065,17 @@ void PrivateScriptData::traceChildren(JS
+ 
+   if (hasObjects()) {
+     auto objarray = objects();
+     TraceRange(trc, objarray.size(), objarray.data(), "objects");
+   }
+ }
+ 
+ JSScript::JSScript(JS::Realm* realm, uint8_t* stubEntry,
+-                   HandleObject sourceObject, uint32_t sourceStart,
++                   HandleScriptSourceObject sourceObject, uint32_t sourceStart,
+                    uint32_t sourceEnd, uint32_t toStringStart,
+                    uint32_t toStringEnd)
+     :
+ #ifndef JS_CODEGEN_NONE
+       jitCodeRaw_(stubEntry),
+       jitCodeSkipArgCheck_(stubEntry),
+ #endif
+       realm_(realm),
+@@ -3060,17 +3086,18 @@ JSScript::JSScript(JS::Realm* realm, uin
+   // See JSScript.h for further details.
+   MOZ_ASSERT(toStringStart <= sourceStart);
+   MOZ_ASSERT(sourceStart <= sourceEnd);
+   MOZ_ASSERT(sourceEnd <= toStringEnd);
+ 
+   setSourceObject(sourceObject);
+ }
+ 
+-/* static */ JSScript* JSScript::New(JSContext* cx, HandleObject sourceObject,
++/* static */ JSScript* JSScript::New(JSContext* cx,
++                                     HandleScriptSourceObject sourceObject,
+                                      uint32_t sourceStart, uint32_t sourceEnd,
+                                      uint32_t toStringStart,
+                                      uint32_t toStringEnd) {
+   void* script = Allocate<JSScript>(cx);
+   if (!script) {
+     return nullptr;
+   }
+ 
+@@ -3082,18 +3109,18 @@ JSScript::JSScript(JS::Realm* realm, uin
+ 
+   return new (script)
+       JSScript(cx->realm(), stubEntry, sourceObject, sourceStart, sourceEnd,
+                toStringStart, toStringEnd);
+ }
+ 
+ /* static */ JSScript* JSScript::Create(
+     JSContext* cx, const ReadOnlyCompileOptions& options,
+-    HandleObject sourceObject, uint32_t sourceStart, uint32_t sourceEnd,
+-    uint32_t toStringStart, uint32_t toStringEnd) {
++    HandleScriptSourceObject sourceObject, uint32_t sourceStart,
++    uint32_t sourceEnd, uint32_t toStringStart, uint32_t toStringEnd) {
+   RootedScript script(cx, JSScript::New(cx, sourceObject, sourceStart,
+                                         sourceEnd, toStringStart, toStringEnd));
+   if (!script) {
+     return nullptr;
+   }
+ 
+   // Record compile options that get checked at runtime.
+   script->setFlag(ImmutableFlags::NoScriptRval, options.noScriptRval);
+@@ -3999,33 +4026,36 @@ bool js::detail::CopyScript(JSContext* c
+ }
+ 
+ static JSScript* CreateEmptyScriptForClone(JSContext* cx, HandleScript src) {
+   /*
+    * Wrap the script source object as needed. Self-hosted scripts may be
+    * in another runtime, so lazily create a new script source object to
+    * use for them.
+    */
+-  RootedObject sourceObject(cx);
++  RootedScriptSourceObject sourceObject(cx);
+   if (src->realm()->isSelfHostingRealm()) {
+     if (!cx->realm()->selfHostingScriptSource) {
+       CompileOptions options(cx);
+       FillSelfHostingCompileOptions(options);
+ 
+       ScriptSourceObject* obj = frontend::CreateScriptSourceObject(cx, options);
+       if (!obj) {
+         return nullptr;
+       }
+       cx->realm()->selfHostingScriptSource.set(obj);
+     }
+     sourceObject = cx->realm()->selfHostingScriptSource;
+   } else {
+     sourceObject = src->sourceObject();
+-    if (!cx->compartment()->wrap(cx, &sourceObject)) {
+-      return nullptr;
++    if (cx->compartment() != sourceObject->compartment()) {
++      sourceObject = ScriptSourceObject::clone(cx, sourceObject);
++      if (!sourceObject) {
++        return nullptr;
++      }
+     }
+   }
+ 
+   CompileOptions options(cx);
+   options.setMutedErrors(src->mutedErrors())
+       .setSelfHostingMode(src->selfHosted())
+       .setNoScriptRval(src->noScriptRval());
+ 
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1098,61 +1098,97 @@ class ScriptSourceHolder {
+     if (ss) {
+       ss->decref();
+     }
+     ss = newss;
+   }
+   ScriptSource* get() const { return ss; }
+ };
+ 
++// [SMDOC] ScriptSourceObject
++//
++// ScriptSourceObject stores the ScriptSource and GC pointers related to it.
++//
++// ScriptSourceObjects can be cloned when we clone the JSScript (in order to
++// execute the script in a different realm/compartment). In this case we create
++// a new SSO that stores (a wrapper for) the original SSO in its "canonical
++// slot". The canonical SSO is always used for the private, introductionScript,
++// element, elementAttributeName slots. This means their accessors may return an
++// object in a different compartment, hence the "unwrapped" prefix.
++//
++// We need ScriptSourceObject (instead of storing these GC pointers in the
++// ScriptSource itself) to properly account for cross-zone pointers: the
++// canonical SSO will be stored in the wrapper map if necessary so GC will do
++// the right thing.
+ class ScriptSourceObject : public NativeObject {
+   static const ClassOps classOps_;
+ 
++  static ScriptSourceObject* createInternal(JSContext* cx, ScriptSource* source,
++                                            HandleObject canonical);
++
++  bool isCanonical() const {
++    return &getReservedSlot(CANONICAL_SLOT).toObject() == this;
++  }
++  ScriptSourceObject* unwrappedCanonical() const;
++
+  public:
+   static const Class class_;
+ 
+   static void trace(JSTracer* trc, JSObject* obj);
+   static void finalize(FreeOp* fop, JSObject* obj);
++
+   static ScriptSourceObject* create(JSContext* cx, ScriptSource* source);
++  static ScriptSourceObject* clone(JSContext* cx, HandleScriptSourceObject sso);
+ 
+   // Initialize those properties of this ScriptSourceObject whose values
+   // are provided by |options|, re-wrapping as necessary.
+   static bool initFromOptions(JSContext* cx, HandleScriptSourceObject source,
+                               const JS::ReadOnlyCompileOptions& options);
+ 
+   static bool initElementProperties(JSContext* cx,
+                                     HandleScriptSourceObject source,
+                                     HandleObject element,
+                                     HandleString elementAttrName);
+ 
+   bool hasSource() const { return !getReservedSlot(SOURCE_SLOT).isUndefined(); }
+   ScriptSource* source() const {
+     return static_cast<ScriptSource*>(getReservedSlot(SOURCE_SLOT).toPrivate());
+   }
+-  JSObject* element() const {
+-    return getReservedSlot(ELEMENT_SLOT).toObjectOrNull();
++
++  JSObject* unwrappedElement() const {
++    return unwrappedCanonical()->getReservedSlot(ELEMENT_SLOT).toObjectOrNull();
+   }
+-  const Value& elementAttributeName() const {
+-    MOZ_ASSERT(!getReservedSlot(ELEMENT_PROPERTY_SLOT).isMagic());
+-    return getReservedSlot(ELEMENT_PROPERTY_SLOT);
++  const Value& unwrappedElementAttributeName() const {
++    const Value& v =
++        unwrappedCanonical()->getReservedSlot(ELEMENT_PROPERTY_SLOT);
++    MOZ_ASSERT(!v.isMagic());
++    return v;
+   }
+-  JSScript* introductionScript() const {
+-    Value value = getReservedSlot(INTRODUCTION_SCRIPT_SLOT);
++  JSScript* unwrappedIntroductionScript() const {
++    Value value =
++        unwrappedCanonical()->getReservedSlot(INTRODUCTION_SCRIPT_SLOT);
+     if (value.isUndefined()) {
+       return nullptr;
+     }
+     return value.toGCThing()->as<JSScript>();
+   }
+ 
+-  void setPrivate(const Value& value) { setReservedSlot(PRIVATE_SLOT, value); }
+-  Value getPrivate() const { return getReservedSlot(PRIVATE_SLOT); }
++  void setPrivate(const Value& value) {
++    MOZ_ASSERT(isCanonical());
++    setReservedSlot(PRIVATE_SLOT, value);
++  }
++
++  Value unwrappedPrivate() const {
++    return unwrappedCanonical()->getReservedSlot(PRIVATE_SLOT);
++  }
+ 
+  private:
+   enum {
+     SOURCE_SLOT = 0,
++    CANONICAL_SLOT,
+     ELEMENT_SLOT,
+     ELEMENT_PROPERTY_SLOT,
+     INTRODUCTION_SCRIPT_SLOT,
+     PRIVATE_SLOT,
+     RESERVED_SLOTS
+   };
+ };
+ 
+@@ -1475,21 +1511,18 @@ class JSScript : public js::gc::TenuredC
+ 
+  public:
+   JS::Realm* realm_ = nullptr;
+ 
+  private:
+   /* Persistent type information retained across GCs. */
+   js::TypeScript* types_ = nullptr;
+ 
+-  // This script's ScriptSourceObject, or a CCW thereof.
+-  //
+-  // (When we clone a JSScript into a new compartment, we don't clone its
+-  // source object. Instead, the clone refers to a wrapper.)
+-  js::GCPtrObject sourceObject_ = {};
++  // This script's ScriptSourceObject.
++  js::GCPtr<js::ScriptSourceObject*> sourceObject_ = {};
+ 
+   /*
+    * Information attached by Ion. Nexto a valid IonScript this could be
+    * ION_DISABLED_SCRIPT, ION_COMPILING_SCRIPT or ION_PENDING_SCRIPT.
+    * The later is a ion compilation that is ready, but hasn't been linked
+    * yet.
+    */
+   js::jit::IonScript* ion = nullptr;
+@@ -1735,30 +1768,30 @@ class JSScript : public js::gc::TenuredC
+                                      js::HandleFunction fun,
+                                      js::MutableHandleScript scriptp);
+ 
+   friend bool js::detail::CopyScript(
+       JSContext* cx, js::HandleScript src, js::HandleScript dst,
+       js::MutableHandle<JS::GCVector<js::Scope*>> scopes);
+ 
+  private:
+-  JSScript(JS::Realm* realm, uint8_t* stubEntry, js::HandleObject sourceObject,
+-           uint32_t sourceStart, uint32_t sourceEnd, uint32_t toStringStart,
+-           uint32_t toStringend);
+-
+-  static JSScript* New(JSContext* cx, js::HandleObject sourceObject,
++  JSScript(JS::Realm* realm, uint8_t* stubEntry,
++           js::HandleScriptSourceObject sourceObject, uint32_t sourceStart,
++           uint32_t sourceEnd, uint32_t toStringStart, uint32_t toStringend);
++
++  static JSScript* New(JSContext* cx, js::HandleScriptSourceObject sourceObject,
+                        uint32_t sourceStart, uint32_t sourceEnd,
+                        uint32_t toStringStart, uint32_t toStringEnd);
+ 
+  public:
+   static JSScript* Create(JSContext* cx,
+                           const JS::ReadOnlyCompileOptions& options,
+-                          js::HandleObject sourceObject, uint32_t sourceStart,
+-                          uint32_t sourceEnd, uint32_t toStringStart,
+-                          uint32_t toStringEnd);
++                          js::HandleScriptSourceObject sourceObject,
++                          uint32_t sourceStart, uint32_t sourceEnd,
++                          uint32_t toStringStart, uint32_t toStringEnd);
+ 
+   // NOTE: If you use createPrivateScriptData directly instead of via
+   // fullyInitFromEmitter, you are responsible for notifying the debugger
+   // after successfully creating the script.
+   static bool createPrivateScriptData(JSContext* cx,
+                                       JS::Handle<JSScript*> script,
+                                       uint32_t nscopes, uint32_t nconsts,
+                                       uint32_t nobjects, uint32_t ntrynotes,
+@@ -2276,25 +2309,24 @@ class JSScript : public js::gc::TenuredC
+ 
+   static JSFlatString* sourceData(JSContext* cx, JS::HandleScript script);
+ 
+   MOZ_MUST_USE bool appendSourceDataForToString(JSContext* cx,
+                                                 js::StringBuffer& buf);
+ 
+   static bool loadSource(JSContext* cx, js::ScriptSource* ss, bool* worked);
+ 
+-  void setSourceObject(JSObject* object);
+-  JSObject* sourceObject() const { return sourceObject_; }
+-  js::ScriptSourceObject& scriptSourceUnwrap() const;
++  void setSourceObject(js::ScriptSourceObject* object);
++  js::ScriptSourceObject* sourceObject() const { return sourceObject_; }
+   js::ScriptSource* scriptSource() const;
+   js::ScriptSource* maybeForwardedScriptSource() const;
+ 
+-  void setDefaultClassConstructorSpan(JSObject* sourceObject, uint32_t start,
+-                                      uint32_t end, unsigned line,
+-                                      unsigned column);
++  void setDefaultClassConstructorSpan(js::ScriptSourceObject* sourceObject,
++                                      uint32_t start, uint32_t end,
++                                      unsigned line, unsigned column);
+ 
+   bool mutedErrors() const { return scriptSource()->mutedErrors(); }
+   const char* filename() const { return scriptSource()->filename(); }
+   const char* maybeForwardedFilename() const {
+     return maybeForwardedScriptSource()->filename();
+   }
+ 
+ #ifdef MOZ_VTUNE
+@@ -2782,19 +2814,18 @@ class LazyScript : public gc::TenuredCel
+   //  | (setEnclosingScope)           | and enclosing script is not lazy
+   //  v                               | (CreateForXDR with enclosingScope)
+   // +-----------------+              |
+   // | enclosing Scope |<-------------+
+   // +-----------------+
+   GCPtr<TenuredCell*> enclosingLazyScriptOrScope_;
+ 
+   // ScriptSourceObject. We leave this set to nullptr until we generate
+-  // bytecode for our immediate parent. This is never a CCW; we don't clone
+-  // LazyScripts into other compartments.
+-  GCPtrObject sourceObject_;
++  // bytecode for our immediate parent.
++  GCPtr<ScriptSourceObject*> sourceObject_;
+ 
+   // Heap allocated table with any free variables or inner functions.
+   void* table_;
+ 
+  private:
+   static const uint32_t NumClosedOverBindingsBits = 20;
+   static const uint32_t NumInnerFunctionsBits = 20;
+ 
+

frg/work-js/mozilla-release/patches/1524565-67a1.patch

@@ -0,0 +1,528 @@
+# HG changeset patch
+# User Jan de Mooij <jdemooij@mozilla.com>
+# Date 1549104147 0
+# Node ID f7b6f8b332f117054071e8e796b30a96370eabeb
+# Parent  7b2533c0e59c01201b9661007f5d8910a6caa070
+Bug 1524565 - Clone ScriptSourceObject just once when cloning a script with inner functions. r=tcampbell
+
+Creating too many SSOs can apparently slow down the debugger and it's just
+wasteful.
+
+This patch passes the SSO down to the cloning functions. One nice side-effect is
+that the self-hosting SSO code now lives in SelfHosting.cpp instead of JSScript.cpp
+
+Differential Revision: https://phabricator.services.mozilla.com/D18347
+
+diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
+--- a/js/src/jsapi.cpp
++++ b/js/src/jsapi.cpp
+@@ -3246,57 +3246,54 @@ static JSObject* CloneFunctionObject(JSC
+   if (!funobj->is<JSFunction>()) {
+     MOZ_RELEASE_ASSERT(!IsCrossCompartmentWrapper(funobj));
+     AutoRealm ar(cx, funobj);
+     RootedValue v(cx, ObjectValue(*funobj));
+     ReportIsNotFunction(cx, v);
+     return nullptr;
+   }
+ 
++  // Only allow cloning normal, interpreted functions.
+   RootedFunction fun(cx, &funobj->as<JSFunction>());
++  if (fun->isNative() || fun->isBoundFunction() ||
++      fun->kind() != JSFunction::NormalFunction || fun->isExtended() ||
++      fun->isSelfHostedBuiltin()) {
++    JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
++                              JSMSG_CANT_CLONE_OBJECT);
++    return nullptr;
++  }
++
+   if (fun->isInterpretedLazy()) {
+     AutoRealm ar(cx, fun);
+     if (!JSFunction::getOrCreateScript(cx, fun)) {
+       return nullptr;
+     }
+   }
+-
+-  // Only allow cloning normal, interpreted functions.
+-  if (fun->isNative() || fun->isBoundFunction() ||
+-      fun->kind() != JSFunction::NormalFunction || fun->isExtended()) {
+-    JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
+-                              JSMSG_CANT_CLONE_OBJECT);
+-    return nullptr;
+-  }
++  RootedScript script(cx, fun->nonLazyScript());
+ 
+   if (!IsFunctionCloneable(fun)) {
+     JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
+                               JSMSG_BAD_CLONE_FUNOBJ_SCOPE);
+     return nullptr;
+   }
+ 
+   if (CanReuseScriptForClone(cx->realm(), fun, env)) {
+-    // If the script is to be reused, either the script can already handle
+-    // non-syntactic scopes, or there is only the standard global lexical
+-    // scope.
+-#ifdef DEBUG
+-    // Fail here if we OOM during debug asserting.
+-    // CloneFunctionReuseScript will delazify the script anyways, so we
+-    // are not creating an extra failure condition for DEBUG builds.
+-    if (!JSFunction::getOrCreateScript(cx, fun)) {
++    return CloneFunctionReuseScript(cx, fun, env, fun->getAllocKind());
++  }
++
++  Rooted<ScriptSourceObject*> sourceObject(cx, script->sourceObject());
++  if (cx->compartment() != sourceObject->compartment()) {
++    sourceObject = ScriptSourceObject::clone(cx, sourceObject);
++    if (!sourceObject) {
+       return nullptr;
+     }
+-    MOZ_ASSERT(scope->as<GlobalScope>().isSyntactic() ||
+-               fun->nonLazyScript()->hasNonSyntacticScope());
+-#endif
+-    return CloneFunctionReuseScript(cx, fun, env, fun->getAllocKind());
+-  }
+-
+-  JSFunction* clone =
+-      CloneFunctionAndScript(cx, fun, env, scope, fun->getAllocKind());
++  }
++
++  JSFunction* clone = CloneFunctionAndScript(cx, fun, env, scope, sourceObject,
++                                             fun->getAllocKind());
+ 
+ #ifdef DEBUG
+   // The cloned function should itself be cloneable.
+   RootedFunction cloneRoot(cx, clone);
+   MOZ_ASSERT_IF(cloneRoot, IsFunctionCloneable(cloneRoot));
+ #endif
+ 
+   return clone;
+diff --git a/js/src/vm/JSFunction-inl.h b/js/src/vm/JSFunction-inl.h
+--- a/js/src/vm/JSFunction-inl.h
++++ b/js/src/vm/JSFunction-inl.h
+@@ -83,17 +83,19 @@ inline JSFunction* CloneFunctionObjectIf
+     return CloneFunctionReuseScript(cx, fun, parent, kind, newKind, proto);
+   }
+ 
+   RootedScript script(cx, JSFunction::getOrCreateScript(cx, fun));
+   if (!script) {
+     return nullptr;
+   }
+   RootedScope enclosingScope(cx, script->enclosingScope());
+-  return CloneFunctionAndScript(cx, fun, parent, enclosingScope, kind, proto);
++  Rooted<ScriptSourceObject*> sourceObject(cx, script->sourceObject());
++  return CloneFunctionAndScript(cx, fun, parent, enclosingScope, sourceObject,
++                                kind, proto);
+ }
+ 
+ } /* namespace js */
+ 
+ /* static */ inline JS::Result<JSFunction*, JS::OOM&> JSFunction::create(
+     JSContext* cx, js::gc::AllocKind kind, js::gc::InitialHeap heap,
+     js::HandleShape shape, js::HandleObjectGroup group) {
+   MOZ_ASSERT(kind == js::gc::AllocKind::FUNCTION ||
+diff --git a/js/src/vm/JSFunction.cpp b/js/src/vm/JSFunction.cpp
+--- a/js/src/vm/JSFunction.cpp
++++ b/js/src/vm/JSFunction.cpp
+@@ -2282,16 +2282,17 @@ JSFunction* js::CloneFunctionReuseScript
+     clone->setGroup(fun->group());
+   }
+   return clone;
+ }
+ 
+ JSFunction* js::CloneFunctionAndScript(JSContext* cx, HandleFunction fun,
+                                        HandleObject enclosingEnv,
+                                        HandleScope newScope,
++                                       Handle<ScriptSourceObject*> sourceObject,
+                                        gc::AllocKind allocKind /* = FUNCTION */,
+                                        HandleObject proto /* = nullptr */) {
+   MOZ_ASSERT(NewFunctionEnvironmentIsWellFormed(cx, enclosingEnv));
+   MOZ_ASSERT(fun->isInterpreted());
+   MOZ_ASSERT(!fun->isBoundFunction());
+ 
+   JSScript::AutoDelazify funScript(cx, fun);
+   if (!funScript) {
+@@ -2324,17 +2325,17 @@ JSFunction* js::CloneFunctionAndScript(J
+ #endif
+ 
+   RootedScript script(cx, fun->nonLazyScript());
+   MOZ_ASSERT(script->realm() == fun->realm());
+   MOZ_ASSERT(cx->compartment() == clone->compartment(),
+              "Otherwise we could relazify clone below!");
+ 
+   RootedScript clonedScript(
+-      cx, CloneScriptIntoFunction(cx, newScope, clone, script));
++      cx, CloneScriptIntoFunction(cx, newScope, clone, script, sourceObject));
+   if (!clonedScript) {
+     return nullptr;
+   }
+   Debugger::onNewScript(cx, clonedScript);
+ 
+   return clone;
+ }
+ 
+diff --git a/js/src/vm/JSFunction.h b/js/src/vm/JSFunction.h
+--- a/js/src/vm/JSFunction.h
++++ b/js/src/vm/JSFunction.h
+@@ -969,18 +969,18 @@ extern bool CanReuseScriptForClone(JS::R
+ extern JSFunction* CloneFunctionReuseScript(
+     JSContext* cx, HandleFunction fun, HandleObject parent,
+     gc::AllocKind kind = gc::AllocKind::FUNCTION,
+     NewObjectKind newKindArg = GenericObject, HandleObject proto = nullptr);
+ 
+ // Functions whose scripts are cloned are always given singleton types.
+ extern JSFunction* CloneFunctionAndScript(
+     JSContext* cx, HandleFunction fun, HandleObject parent,
+-    HandleScope newScope, gc::AllocKind kind = gc::AllocKind::FUNCTION,
+-    HandleObject proto = nullptr);
++    HandleScope newScope, Handle<ScriptSourceObject*> sourceObject,
++    gc::AllocKind kind = gc::AllocKind::FUNCTION, HandleObject proto = nullptr);
+ 
+ extern JSFunction* CloneAsmJSModuleFunction(JSContext* cx, HandleFunction fun);
+ 
+ extern JSFunction* CloneSelfHostingIntrinsic(JSContext* cx, HandleFunction fun);
+ 
+ }  // namespace js
+ 
+ inline js::FunctionExtended* JSFunction::toExtended() {
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -3835,19 +3835,19 @@ void js::DescribeScriptedCallerForCompil
+     maybeScript.set(iter.script());
+     *pcOffset = iter.pc() - maybeScript->code();
+   } else {
+     maybeScript.set(nullptr);
+     *pcOffset = 0;
+   }
+ }
+ 
+-static JSObject* CloneInnerInterpretedFunction(JSContext* cx,
+-                                               HandleScope enclosingScope,
+-                                               HandleFunction srcFun) {
++static JSObject* CloneInnerInterpretedFunction(
++    JSContext* cx, HandleScope enclosingScope, HandleFunction srcFun,
++    Handle<ScriptSourceObject*> sourceObject) {
+   /* NB: Keep this in sync with XDRInterpretedFunction. */
+   RootedObject cloneProto(cx);
+   if (srcFun->isGenerator() || srcFun->isAsync()) {
+     cloneProto =
+         GlobalObject::getOrCreateGeneratorFunctionPrototype(cx, cx->global());
+     if (!cloneProto) {
+       return nullptr;
+     }
+@@ -3873,18 +3873,18 @@ static JSObject* CloneInnerInterpretedFu
+   if (!clone) {
+     return nullptr;
+   }
+ 
+   JSScript::AutoDelazify srcScript(cx, srcFun);
+   if (!srcScript) {
+     return nullptr;
+   }
+-  JSScript* cloneScript =
+-      CloneScriptIntoFunction(cx, enclosingScope, clone, srcScript);
++  JSScript* cloneScript = CloneScriptIntoFunction(cx, enclosingScope, clone,
++                                                  srcScript, sourceObject);
+   if (!cloneScript) {
+     return nullptr;
+   }
+ 
+   if (!JSFunction::setTypeForScriptedFunction(cx, clone)) {
+     return nullptr;
+   }
+ 
+@@ -3976,16 +3976,17 @@ bool js::detail::CopyScript(JSContext* c
+   }
+ 
+   /* Objects */
+ 
+   AutoObjectVector objects(cx);
+   if (nobjects != 0) {
+     RootedObject obj(cx);
+     RootedObject clone(cx);
++    Rooted<ScriptSourceObject*> sourceObject(cx, dst->sourceObject());
+     for (const GCPtrObject& elem : src->objects()) {
+       obj = elem.get();
+       clone = nullptr;
+       if (obj->is<RegExpObject>()) {
+         clone = CloneScriptRegExpObject(cx, obj->as<RegExpObject>());
+       } else if (obj->is<JSFunction>()) {
+         RootedFunction innerFun(cx, &obj->as<JSFunction>());
+         if (innerFun->isNative()) {
+@@ -4002,17 +4003,18 @@ bool js::detail::CopyScript(JSContext* c
+             if (!JSFunction::getOrCreateScript(cx, innerFun)) {
+               return false;
+             }
+           }
+ 
+           Scope* enclosing = innerFun->nonLazyScript()->enclosingScope();
+           RootedScope enclosingClone(cx,
+                                      scopes[FindScopeIndex(src, *enclosing)]);
+-          clone = CloneInnerInterpretedFunction(cx, enclosingClone, innerFun);
++          clone = CloneInnerInterpretedFunction(cx, enclosingClone, innerFun,
++                                                sourceObject);
+         }
+       } else {
+         clone = DeepCloneObjectLiteral(cx, obj, TenuredObject);
+       }
+ 
+       if (!clone || !objects.append(clone)) {
+         return false;
+       }
+@@ -4068,61 +4070,46 @@ bool js::detail::CopyScript(JSContext* c
+     for (unsigned i = 0; i < nobjects; ++i) {
+       array[i].init(objects[i]);
+     }
+   }
+ 
+   return true;
+ }
+ 
+-static JSScript* CreateEmptyScriptForClone(JSContext* cx, HandleScript src) {
+-  /*
+-   * Wrap the script source object as needed. Self-hosted scripts may be
+-   * in another runtime, so lazily create a new script source object to
+-   * use for them.
+-   */
+-  RootedScriptSourceObject sourceObject(cx);
+-  if (src->realm()->isSelfHostingRealm()) {
+-    if (!cx->realm()->selfHostingScriptSource) {
+-      CompileOptions options(cx);
+-      FillSelfHostingCompileOptions(options);
+-
+-      ScriptSourceObject* obj = frontend::CreateScriptSourceObject(cx, options);
+-      if (!obj) {
+-        return nullptr;
+-      }
+-      cx->realm()->selfHostingScriptSource.set(obj);
+-    }
+-    sourceObject = cx->realm()->selfHostingScriptSource;
+-  } else {
+-    sourceObject = src->sourceObject();
+-    if (cx->compartment() != sourceObject->compartment()) {
+-      sourceObject = ScriptSourceObject::clone(cx, sourceObject);
+-      if (!sourceObject) {
+-        return nullptr;
+-      }
+-    }
+-  }
++static JSScript* CreateEmptyScriptForClone(
++    JSContext* cx, HandleScript src, Handle<ScriptSourceObject*> sourceObject) {
++  MOZ_ASSERT(cx->compartment() == sourceObject->compartment());
++  MOZ_ASSERT_IF(src->realm()->isSelfHostingRealm(),
++                sourceObject == cx->realm()->selfHostingScriptSource);
+ 
+   CompileOptions options(cx);
+   options.setMutedErrors(src->mutedErrors())
+       .setSelfHostingMode(src->selfHosted())
+       .setNoScriptRval(src->noScriptRval());
+ 
+   return JSScript::Create(cx, options, sourceObject, src->sourceStart(),
+                           src->sourceEnd(), src->toStringStart(),
+                           src->toStringEnd());
+ }
+ 
+ JSScript* js::CloneGlobalScript(JSContext* cx, ScopeKind scopeKind,
+                                 HandleScript src) {
+   MOZ_ASSERT(scopeKind == ScopeKind::Global ||
+              scopeKind == ScopeKind::NonSyntactic);
+ 
+-  RootedScript dst(cx, CreateEmptyScriptForClone(cx, src));
++  Rooted<ScriptSourceObject*> sourceObject(cx, src->sourceObject());
++  if (cx->compartment() != sourceObject->compartment()) {
++    sourceObject = ScriptSourceObject::clone(cx, sourceObject);
++    if (!sourceObject) {
++      return nullptr;
++    }
++  }
++
++  RootedScript dst(cx, CreateEmptyScriptForClone(cx, src, sourceObject));
+   if (!dst) {
+     return nullptr;
+   }
+ 
+   MOZ_ASSERT(src->bodyScopeIndex() == 0);
+   Rooted<GCVector<Scope*>> scopes(cx, GCVector<Scope*>(cx));
+   Rooted<GlobalScope*> original(cx, &src->bodyScope()->as<GlobalScope>());
+   GlobalScope* clone = GlobalScope::clone(cx, original, scopeKind);
+@@ -4132,22 +4119,23 @@ JSScript* js::CloneGlobalScript(JSContex
+ 
+   if (!detail::CopyScript(cx, src, dst, &scopes)) {
+     return nullptr;
+   }
+ 
+   return dst;
+ }
+ 
+-JSScript* js::CloneScriptIntoFunction(JSContext* cx, HandleScope enclosingScope,
+-                                      HandleFunction fun, HandleScript src) {
++JSScript* js::CloneScriptIntoFunction(
++    JSContext* cx, HandleScope enclosingScope, HandleFunction fun,
++    HandleScript src, Handle<ScriptSourceObject*> sourceObject) {
+   MOZ_ASSERT(fun->isInterpreted());
+   MOZ_ASSERT(!fun->hasScript() || fun->hasUncompletedScript());
+ 
+-  RootedScript dst(cx, CreateEmptyScriptForClone(cx, src));
++  RootedScript dst(cx, CreateEmptyScriptForClone(cx, src, sourceObject));
+   if (!dst) {
+     return nullptr;
+   }
+ 
+   // Clone the non-intra-body scopes.
+   Rooted<GCVector<Scope*>> scopes(cx, GCVector<Scope*>(cx));
+   RootedScope original(cx);
+   RootedScope enclosingClone(cx);
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1122,22 +1122,26 @@ class ScriptSourceHolder {
+   ScriptSource* get() const { return ss; }
+ };
+ 
+ // [SMDOC] ScriptSourceObject
+ //
+ // ScriptSourceObject stores the ScriptSource and GC pointers related to it.
+ //
+ // ScriptSourceObjects can be cloned when we clone the JSScript (in order to
+-// execute the script in a different realm/compartment). In this case we create
+-// a new SSO that stores (a wrapper for) the original SSO in its "canonical
+-// slot". The canonical SSO is always used for the private, introductionScript,
++// execute the script in a different compartment). In this case we create a new
++// SSO that stores (a wrapper for) the original SSO in its "canonical slot".
++// The canonical SSO is always used for the private, introductionScript,
+ // element, elementAttributeName slots. This means their accessors may return an
+ // object in a different compartment, hence the "unwrapped" prefix.
+ //
++// Note that we don't clone the SSO when cloning the script for a different
++// realm in the same compartment, so sso->realm() does not necessarily match the
++// script's realm.
++//
+ // We need ScriptSourceObject (instead of storing these GC pointers in the
+ // ScriptSource itself) to properly account for cross-zone pointers: the
+ // canonical SSO will be stored in the wrapper map if necessary so GC will do
+ // the right thing.
+ class ScriptSourceObject : public NativeObject {
+   static const ClassOps classOps_;
+ 
+   static ScriptSourceObject* createInternal(JSContext* cx, ScriptSource* source,
+@@ -3212,17 +3216,18 @@ extern void DescribeScriptedCallerForCom
+  * Like DescribeScriptedCallerForCompilation, but this function avoids looking
+  * up the script/pc and the full linear scan to compute line number.
+  */
+ extern void DescribeScriptedCallerForDirectEval(
+     JSContext* cx, HandleScript script, jsbytecode* pc, const char** file,
+     unsigned* linenop, uint32_t* pcOffset, bool* mutedErrors);
+ 
+ JSScript* CloneScriptIntoFunction(JSContext* cx, HandleScope enclosingScope,
+-                                  HandleFunction fun, HandleScript src);
++                                  HandleFunction fun, HandleScript src,
++                                  Handle<ScriptSourceObject*> sourceObject);
+ 
+ JSScript* CloneGlobalScript(JSContext* cx, ScopeKind scopeKind,
+                             HandleScript src);
+ 
+ } /* namespace js */
+ 
+ // JS::ubi::Nodes can point to js::LazyScripts; they're js::gc::Cell instances
+ // with no associated compartment.
+diff --git a/js/src/vm/SelfHosting.cpp b/js/src/vm/SelfHosting.cpp
+--- a/js/src/vm/SelfHosting.cpp
++++ b/js/src/vm/SelfHosting.cpp
+@@ -3184,16 +3184,36 @@ static JSString* CloneString(JSContext* 
+   }
+ 
+   return chars.isLatin1()
+              ? NewStringCopyN<CanGC>(cx, chars.latin1Range().begin().get(), len)
+              : NewStringCopyNDontDeflate<CanGC>(
+                    cx, chars.twoByteRange().begin().get(), len);
+ }
+ 
++// Returns the ScriptSourceObject to use for cloned self-hosted scripts in the
++// current realm.
++static ScriptSourceObject* SelfHostingScriptSourceObject(JSContext* cx) {
++  if (ScriptSourceObject* sso = cx->realm()->selfHostingScriptSource) {
++    return sso;
++  }
++
++  CompileOptions options(cx);
++  FillSelfHostingCompileOptions(options);
++
++  ScriptSourceObject* sourceObject =
++      frontend::CreateScriptSourceObject(cx, options);
++  if (!sourceObject) {
++    return nullptr;
++  }
++
++  cx->realm()->selfHostingScriptSource.set(sourceObject);
++  return sourceObject;
++}
++
+ static JSObject* CloneObject(JSContext* cx,
+                              HandleNativeObject selfHostedObject) {
+ #ifdef DEBUG
+   // Object hash identities are owned by the hashed object, which may be on a
+   // different thread than the clone target. In theory, these objects are all
+   // tenured and will not be compacted; however, we simply avoid the issue
+   // altogether by skipping the cycle-detection when off thread.
+   mozilla::Maybe<AutoCycleDetector> detect;
+@@ -3219,20 +3239,25 @@ static JSObject* CloneObject(JSContext* 
+       MOZ_ASSERT(!selfHostedFunction->isArrow());
+       js::gc::AllocKind kind = hasName ? gc::AllocKind::FUNCTION_EXTENDED
+                                        : selfHostedFunction->getAllocKind();
+ 
+       Handle<GlobalObject*> global = cx->global();
+       Rooted<LexicalEnvironmentObject*> globalLexical(
+           cx, &global->lexicalEnvironment());
+       RootedScope emptyGlobalScope(cx, &global->emptyGlobalScope());
++      Rooted<ScriptSourceObject*> sourceObject(
++          cx, SelfHostingScriptSourceObject(cx));
++      if (!sourceObject) {
++        return nullptr;
++      }
+       MOZ_ASSERT(
+           !CanReuseScriptForClone(cx->realm(), selfHostedFunction, global));
+       clone = CloneFunctionAndScript(cx, selfHostedFunction, globalLexical,
+-                                     emptyGlobalScope, kind);
++                                     emptyGlobalScope, sourceObject, kind);
+       // To be able to re-lazify the cloned function, its name in the
+       // self-hosting compartment has to be stored on the clone.
+       if (clone && hasName) {
+         Value nameVal = StringValue(selfHostedFunction->explicitName());
+         clone->as<JSFunction>().setExtendedSlot(LAZY_FUNCTION_NAME_SLOT,
+                                                 nameVal);
+       }
+     } else {
+@@ -3362,25 +3387,32 @@ bool JSRuntime::cloneSelfHostedFunctionS
+   MOZ_ASSERT(targetFun->isInterpretedLazy());
+   MOZ_ASSERT(targetFun->isSelfHostedBuiltin());
+ 
+   RootedScript sourceScript(cx, JSFunction::getOrCreateScript(cx, sourceFun));
+   if (!sourceScript) {
+     return false;
+   }
+ 
++  Rooted<ScriptSourceObject*> sourceObject(cx,
++                                           SelfHostingScriptSourceObject(cx));
++  if (!sourceObject) {
++    return false;
++  }
++
+   // Assert that there are no intervening scopes between the global scope
+   // and the self-hosted script. Toplevel lexicals are explicitly forbidden
+   // by the parser when parsing self-hosted code. The fact they have the
+   // global lexical scope on the scope chain is for uniformity and engine
+   // invariants.
+   MOZ_ASSERT(sourceScript->outermostScope()->enclosing()->kind() ==
+              ScopeKind::Global);
+   RootedScope emptyGlobalScope(cx, &cx->global()->emptyGlobalScope());
+-  if (!CloneScriptIntoFunction(cx, emptyGlobalScope, targetFun, sourceScript)) {
++  if (!CloneScriptIntoFunction(cx, emptyGlobalScope, targetFun, sourceScript,
++                               sourceObject)) {
+     return false;
+   }
+   MOZ_ASSERT(!targetFun->isInterpretedLazy());
+ 
+   MOZ_ASSERT(sourceFun->nargs() == targetFun->nargs());
+   MOZ_ASSERT(sourceScript->hasRest() == targetFun->nonLazyScript()->hasRest());
+   MOZ_ASSERT(targetFun->strict(), "Self-hosted builtins must be strict");
+ 
+

frg/work-js/mozilla-release/patches/1566141-5-72a1.patch

@@ -3,7 +3,7 @@
 # Date 1573580035 0
 #      Tue Nov 12 17:33:55 2019 +0000
 # Node ID 9b150dd56999e1c2b7aa47cf9c0e8d96c6c8eff3
-# Parent  e2f330aafd58b7423241f65e6d3401c9fc899093
+# Parent  0dcad24b1dd23da8b32f291bdf158a0b887ce2cc
 Bug 1566141 - make interpreter work with JSOP code for coalesce r=jorendorff,jandem
 
 Differential Revision: https://phabricator.services.mozilla.com/D51638
@@ -36,7 +36,7 @@ new file mode 100644
 diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitter.cpp
 --- a/js/src/frontend/BytecodeEmitter.cpp
 +++ b/js/src/frontend/BytecodeEmitter.cpp
-@@ -3424,18 +3424,18 @@ BytecodeEmitter::checkSideEffects(ParseN
+@@ -1138,18 +1138,18 @@ BytecodeEmitter::checkSideEffects(ParseN
        case ParseNodeKind::ModAssign:
        case ParseNodeKind::PowAssign:
        case ParseNodeKind::SetThis:
@@ -57,7 +57,7 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
        // Any subexpression of a comma expression could be effectful.
        case ParseNodeKind::Comma:
          MOZ_ASSERT(pn->pn_count > 0);
-@@ -9516,17 +9516,17 @@ BytecodeEmitter::emitCallOrNew(ParseNode
+@@ -6707,17 +6707,17 @@ BytecodeEmitter::emitCallOrNew(ParseNode
  // This list must be kept in the same order in several places:
  //   - The binary operators in ParseNode.h ,
  //   - the binary operators in TokenKind.h
@@ -76,7 +76,7 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
      JSOP_STRICTEQ,
      JSOP_EQ,
      JSOP_STRICTNE,
-@@ -9594,85 +9594,22 @@ BytecodeEmitter::emitLeftAssociative(Par
+@@ -6785,85 +6785,22 @@ BytecodeEmitter::emitLeftAssociative(Par
          if (!emitTree(nextExpr))
              return false;
          if (!emit1(op))
@@ -165,7 +165,7 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
       * bytecode, which pops the left operand and then evaluates the right operand.
       * The jump goes around the right operand evaluation.
       *
-@@ -9683,17 +9620,31 @@ BytecodeEmitter::emitLogical(ParseNode* 
+@@ -6874,17 +6811,31 @@ BytecodeEmitter::emitLogical(ParseNode* 
      TDZCheckCache tdzCache(this);
  
      /* Left-associative operator chain: avoid too much recursion. */
@@ -198,7 +198,7 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
  
      /* Emit nodes between the head and the tail. */
      while ((pn2 = pn2->pn_next)->pn_next) {
-@@ -10945,25 +10896,20 @@ BytecodeEmitter::emitTree(ParseNode* pn,
+@@ -8144,25 +8095,20 @@ BytecodeEmitter::emitTree(ParseNode* pn,
              return false;
          break;
  
@@ -229,7 +229,7 @@ diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitt
 diff --git a/js/src/frontend/BytecodeEmitter.h b/js/src/frontend/BytecodeEmitter.h
 --- a/js/src/frontend/BytecodeEmitter.h
 +++ b/js/src/frontend/BytecodeEmitter.h
-@@ -834,18 +834,17 @@ struct MOZ_STACK_CLASS BytecodeEmitter
+@@ -790,18 +790,17 @@ struct MOZ_STACK_CLASS BytecodeEmitter
      MOZ_MUST_USE bool emitDeleteExpression(ParseNode* pn);
  
      // |op| must be JSOP_TYPEOF or JSOP_TYPEOFEXPR.
@@ -288,7 +288,7 @@ diff --git a/js/src/tests/non262/reflect-parse/basicBuilder.js b/js/src/tests/no
 diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp
 --- a/js/src/vm/Interpreter.cpp
 +++ b/js/src/vm/Interpreter.cpp
-@@ -2228,16 +2228,25 @@ END_CASE(JSOP_IFNE)
+@@ -2298,16 +2298,25 @@ END_CASE(JSOP_IFNE)
  CASE(JSOP_OR)
  {
      bool cond = ToBoolean(REGS.stackHandleAt(-1));
@@ -317,7 +317,7 @@ diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp
 diff --git a/js/src/vm/Opcodes.h b/js/src/vm/Opcodes.h
 --- a/js/src/vm/Opcodes.h
 +++ b/js/src/vm/Opcodes.h
-@@ -2358,24 +2358,34 @@ 1234567890123456789012345678901234567890
+@@ -2360,24 +2360,33 @@ 1234567890123456789012345678901234567890
      /*
       * Push "import.meta"
       *
@@ -338,7 +338,6 @@ diff --git a/js/src/vm/Opcodes.h b/js/src/vm/Opcodes.h
 +     *   Stack: cond => cond
 +     */ \
 +    macro(JSOP_COALESCE, 233, "coalesce", NULL, 5, 1, 1, JOF_JUMP|JOF_DETECTING)
-+
  
  /*
   * In certain circumstances it may be useful to "pad out" the opcode space to

frg/work-js/mozilla-release/patches/1566141-6-72a1.patch

@@ -3,7 +3,7 @@
 # Date 1573577841 0
 #      Tue Nov 12 16:57:21 2019 +0000
 # Node ID 2a8c35575189a16dcdf6af014a12b046817b28b2
-# Parent  bcefa1cd49f519752b580d09852f60b8ea443c1a
+# Parent  48088b41c000a5a2434ef1a16c595ea127210972
 Bug 1566141 - make baseline work with JSOP code for coalesce r=jorendorff,jandem
 
 Differential Revision: https://phabricator.services.mozilla.com/D51639

frg/work-js/mozilla-release/patches/1577869-70a1.patch

@@ -2,7 +2,7 @@
 # User Eric Rahm <erahm@mozilla.com>
 # Date 1567211752 0
 # Node ID 52721fabd4d12278444dccd78a90cbb2bbba3720
-# Parent  00e5cf78ca9b86dab6315246f22f38a7fba1c755
+# Parent  d0716b0d4948368c5dd1341b95a41edd559bb983
 Bug 1577869 - Remove using namespace std from js/ r=jwalden
 
 Differential Revision: https://phabricator.services.mozilla.com/D44253
@@ -10,8 +10,8 @@ Differential Revision: https://phabricator.services.mozilla.com/D44253
 diff --git a/js/src/ctypes/CTypes.cpp b/js/src/ctypes/CTypes.cpp
 --- a/js/src/ctypes/CTypes.cpp
 +++ b/js/src/ctypes/CTypes.cpp
-@@ -39,17 +39,17 @@
- #include "jit/AtomicOperations.h"
+@@ -43,17 +43,17 @@
+ #include "js/UniquePtr.h"
  #include "js/Vector.h"
  #include "util/Windows.h"
  #include "vm/JSContext.h"

frg/work-js/mozilla-release/patches/435732.patch

@@ -0,0 +1,14693 @@
+# HG changeset patch
+# User Jan de Mooij <jdemooij@mozilla.com>
+# Date 1536225329 -7200
+#      Thu Sep 06 11:15:29 2018 +0200
+# Node ID 3810b18e5e79dc6a5204a2df01bfaafc40f0573e
+# Parent  b5b33a78679f204f9284dc126ca96c2c619acf71
+Bug 1488698 - Always use braces for if/for/while statements in js/src/vm, part 7. r=jorendorff
+
+diff --git a/js/src/vm/JSAtom-inl.h b/js/src/vm/JSAtom-inl.h
+--- a/js/src/vm/JSAtom-inl.h
++++ b/js/src/vm/JSAtom-inl.h
+@@ -20,55 +20,59 @@
+ namespace js {
+ 
+ inline jsid
+ AtomToId(JSAtom* atom)
+ {
+     JS_STATIC_ASSERT(JSID_INT_MIN == 0);
+ 
+     uint32_t index;
+-    if (atom->isIndex(&index) && index <= JSID_INT_MAX)
++    if (atom->isIndex(&index) && index <= JSID_INT_MAX) {
+         return INT_TO_JSID(int32_t(index));
++    }
+ 
+     return JSID_FROM_BITS(size_t(atom) | JSID_TYPE_STRING);
+ }
+ 
+ // Use the NameToId method instead!
+ inline jsid
+ AtomToId(PropertyName* name) = delete;
+ 
+ MOZ_ALWAYS_INLINE bool
+ ValueToIntId(const Value& v, jsid* id)
+ {
+     int32_t i;
+-    if (v.isInt32())
++    if (v.isInt32()) {
+         i = v.toInt32();
+-    else if (!v.isDouble() || !mozilla::NumberEqualsInt32(v.toDouble(), &i))
++    } else if (!v.isDouble() || !mozilla::NumberEqualsInt32(v.toDouble(), &i)) {
+         return false;
++    }
+ 
+-    if (!INT_FITS_IN_JSID(i))
++    if (!INT_FITS_IN_JSID(i)) {
+         return false;
++    }
+ 
+     *id = INT_TO_JSID(i);
+     return true;
+ }
+ 
+ inline bool
+ ValueToIdPure(const Value& v, jsid* id)
+ {
+     if (v.isString()) {
+         if (v.toString()->isAtom()) {
+             *id = AtomToId(&v.toString()->asAtom());
+             return true;
+         }
+         return false;
+     }
+ 
+-    if (ValueToIntId(v, id))
++    if (ValueToIntId(v, id)) {
+         return true;
++    }
+ 
+     if (v.isSymbol()) {
+         *id = SYMBOL_TO_JSID(v.toSymbol());
+         return true;
+     }
+ 
+     return false;
+ }
+@@ -79,28 +83,30 @@ ValueToId(JSContext* cx, typename MaybeR
+           typename MaybeRooted<jsid, allowGC>::MutableHandleType idp)
+ {
+     if (v.isString()) {
+         if (v.toString()->isAtom()) {
+             idp.set(AtomToId(&v.toString()->asAtom()));
+             return true;
+         }
+     } else {
+-        if (ValueToIntId(v, idp.address()))
++        if (ValueToIntId(v, idp.address())) {
+             return true;
++        }
+ 
+         if (v.isSymbol()) {
+             idp.set(SYMBOL_TO_JSID(v.toSymbol()));
+             return true;
+         }
+     }
+ 
+     JSAtom* atom = ToAtom<allowGC>(cx, v);
+-    if (!atom)
++    if (!atom) {
+         return false;
++    }
+ 
+     idp.set(AtomToId(atom));
+     return true;
+ }
+ 
+ /*
+  * Write out character representing |index| to the memory just before |end|.
+  * Thus |*end| is not touched, but |end[-1]| and earlier are modified as
+@@ -142,26 +148,29 @@ IndexToId(JSContext* cx, uint32_t index,
+     }
+ 
+     return IndexToIdSlow(cx, index, idp);
+ }
+ 
+ static MOZ_ALWAYS_INLINE JSFlatString*
+ IdToString(JSContext* cx, jsid id)
+ {
+-    if (JSID_IS_STRING(id))
++    if (JSID_IS_STRING(id)) {
+         return JSID_TO_ATOM(id);
++    }
+ 
+-    if (MOZ_LIKELY(JSID_IS_INT(id)))
++    if (MOZ_LIKELY(JSID_IS_INT(id))) {
+         return Int32ToString<CanGC>(cx, JSID_TO_INT(id));
++    }
+ 
+     RootedValue idv(cx, IdToValue(id));
+     JSString* str = ToStringSlow<CanGC>(cx, idv);
+-    if (!str)
++    if (!str) {
+         return nullptr;
++    }
+ 
+     return str->ensureFlat(cx);
+ }
+ 
+ inline Handle<PropertyName*>
+ TypeName(JSType type, const JSAtomState& names)
+ {
+     MOZ_ASSERT(type < JSTYPE_LIMIT);
+diff --git a/js/src/vm/JSAtom.cpp b/js/src/vm/JSAtom.cpp
+--- a/js/src/vm/JSAtom.cpp
++++ b/js/src/vm/JSAtom.cpp
+@@ -83,40 +83,45 @@ js::AtomHasher::hash(const Lookup& l)
+ {
+     return l.hash;
+ }
+ 
+ MOZ_ALWAYS_INLINE bool
+ js::AtomHasher::match(const AtomStateEntry& entry, const Lookup& lookup)
+ {
+     JSAtom* key = entry.asPtrUnbarriered();
+-    if (lookup.atom)
++    if (lookup.atom) {
+         return lookup.atom == key;
+-    if (key->length() != lookup.length || key->hash() != lookup.hash)
++    }
++    if (key->length() != lookup.length || key->hash() != lookup.hash) {
+         return false;
++    }
+ 
+     if (key->hasLatin1Chars()) {
+         const Latin1Char* keyChars = key->latin1Chars(lookup.nogc);
+-        if (lookup.isLatin1)
++        if (lookup.isLatin1) {
+             return mozilla::ArrayEqual(keyChars, lookup.latin1Chars, lookup.length);
++        }
+         return EqualChars(keyChars, lookup.twoByteChars, lookup.length);
+     }
+ 
+     const char16_t* keyChars = key->twoByteChars(lookup.nogc);
+-    if (lookup.isLatin1)
++    if (lookup.isLatin1) {
+         return EqualChars(lookup.latin1Chars, keyChars, lookup.length);
++    }
+     return mozilla::ArrayEqual(keyChars, lookup.twoByteChars, lookup.length);
+ }
+ 
+ inline JSAtom*
+ js::AtomStateEntry::asPtr(JSContext* cx) const
+ {
+     JSAtom* atom = asPtrUnbarriered();
+-    if (!cx->helperThread())
++    if (!cx->helperThread()) {
+         JSString::readBarrier(atom);
++    }
+     return atom;
+ }
+ 
+ UniqueChars
+ js::AtomToPrintableString(JSContext* cx, JSAtom* atom)
+ {
+     return QuoteString(cx, atom);
+ }
+@@ -156,29 +161,32 @@ JSRuntime::initializeAtoms(JSContext* cx
+         permanentAtoms_ = parentRuntime->permanentAtoms_;
+ 
+         staticStrings = parentRuntime->staticStrings;
+         commonNames = parentRuntime->commonNames;
+         emptyString = parentRuntime->emptyString;
+         wellKnownSymbols = parentRuntime->wellKnownSymbols;
+ 
+         atoms_ = js_new<AtomsTable>();
+-        if (!atoms_)
++        if (!atoms_) {
+             return false;
++        }
+ 
+         return atoms_->init();
+     }
+ 
+     permanentAtomsDuringInit_ = js_new<AtomSet>(JS_PERMANENT_ATOM_SIZE);
+-    if (!permanentAtomsDuringInit_)
++    if (!permanentAtomsDuringInit_) {
+         return false;
++    }
+ 
+     staticStrings = js_new<StaticStrings>();
+-    if (!staticStrings || !staticStrings->init(cx))
++    if (!staticStrings || !staticStrings->init(cx)) {
+         return false;
++    }
+ 
+     static const CommonNameInfo cachedNames[] = {
+ #define COMMON_NAME_INFO(idpart, id, text) { js_##idpart##_str, sizeof(text) - 1 },
+         FOR_EACH_COMMON_PROPERTYNAME(COMMON_NAME_INFO)
+ #undef COMMON_NAME_INFO
+ #define COMMON_NAME_INFO(name, init, clasp) { js_##name##_str, sizeof(#name) - 1 },
+         JS_FOR_EACH_PROTOTYPE(COMMON_NAME_INFO)
+ #undef COMMON_NAME_INFO
+@@ -186,34 +194,37 @@ JSRuntime::initializeAtoms(JSContext* cx
+         JS_FOR_EACH_WELL_KNOWN_SYMBOL(COMMON_NAME_INFO)
+ #undef COMMON_NAME_INFO
+ #define COMMON_NAME_INFO(name) { "Symbol." #name, sizeof("Symbol." #name) - 1 },
+         JS_FOR_EACH_WELL_KNOWN_SYMBOL(COMMON_NAME_INFO)
+ #undef COMMON_NAME_INFO
+     };
+ 
+     commonNames = js_new<JSAtomState>();
+-    if (!commonNames)
++    if (!commonNames) {
+         return false;
++    }
+ 
+     ImmutablePropertyNamePtr* names = reinterpret_cast<ImmutablePropertyNamePtr*>(commonNames.ref());
+     for (size_t i = 0; i < ArrayLength(cachedNames); i++, names++) {
+         JSAtom* atom = Atomize(cx, cachedNames[i].str, cachedNames[i].length, PinAtom);
+-        if (!atom)
++        if (!atom) {
+             return false;
++        }
+         names->init(atom->asPropertyName());
+     }
+     MOZ_ASSERT(uintptr_t(names) == uintptr_t(commonNames + 1));
+ 
+     emptyString = commonNames->empty;
+ 
+     // Create the well-known symbols.
+     wellKnownSymbols = js_new<WellKnownSymbols>();
+-    if (!wellKnownSymbols)
++    if (!wellKnownSymbols) {
+         return false;
++    }
+ 
+     ImmutablePropertyNamePtr* descriptions = commonNames->wellKnownSymbolDescriptions();
+     ImmutableSymbolPtr* symbols = reinterpret_cast<ImmutableSymbolPtr*>(wellKnownSymbols.ref());
+     for (size_t i = 0; i < JS::WellKnownSymbolLimit; i++) {
+         JS::Symbol* symbol = JS::Symbol::new_(cx, JS::SymbolCode(i), descriptions[i]);
+         if (!symbol) {
+             ReportOutOfMemory(cx);
+             return false;
+@@ -254,69 +265,74 @@ class AtomsTable::AutoLock
+     MOZ_ALWAYS_INLINE explicit AutoLock(JSRuntime* rt, Mutex& aLock) {
+         if (rt->hasHelperThreadZones()) {
+             lock = &aLock;
+             lock->lock();
+         }
+     }
+ 
+     MOZ_ALWAYS_INLINE ~AutoLock() {
+-        if (lock)
++        if (lock) {
+             lock->unlock();
++        }
+     }
+ };
+ 
+ AtomsTable::Partition::Partition(uint32_t index)
+   : lock(MutexId { mutexid::AtomsTable.name, mutexid::AtomsTable.order + index }),
+     atoms(InitialTableSize),
+     atomsAddedWhileSweeping(nullptr)
+ {}
+ 
+ AtomsTable::Partition::~Partition()
+ {
+     MOZ_ASSERT(!atomsAddedWhileSweeping);
+ }
+ 
+ AtomsTable::~AtomsTable()
+ {
+-    for (size_t i = 0; i < PartitionCount; i++)
++    for (size_t i = 0; i < PartitionCount; i++) {
+         js_delete(partitions[i]);
++    }
+ }
+ 
+ bool
+ AtomsTable::init()
+ {
+     for (size_t i = 0; i < PartitionCount; i++) {
+         partitions[i] = js_new<Partition>(i);
+-        if (!partitions[i])
++        if (!partitions[i]) {
+             return false;
++        }
+     }
+     return true;
+ }
+ 
+ void
+ AtomsTable::lockAll()
+ {
+     MOZ_ASSERT(!allPartitionsLocked);
+ 
+-    for (size_t i = 0; i < PartitionCount; i++)
++    for (size_t i = 0; i < PartitionCount; i++) {
+         partitions[i]->lock.lock();
++    }
+ 
+ #ifdef DEBUG
+     allPartitionsLocked = true;
+ #endif
+ }
+ 
+ void
+ AtomsTable::unlockAll()
+ {
+     MOZ_ASSERT(allPartitionsLocked);
+ 
+-    for (size_t i = 0; i < PartitionCount; i++)
++    for (size_t i = 0; i < PartitionCount; i++) {
+         partitions[PartitionCount - i - 1]->lock.unlock();
++    }
+ 
+ #ifdef DEBUG
+     allPartitionsLocked = false;
+ #endif
+ }
+ 
+ MOZ_ALWAYS_INLINE size_t
+ AtomsTable::getPartitionIndex(const AtomHasher::Lookup& lookup)
+@@ -341,27 +357,29 @@ AtomsTable::tracePinnedAtomsInSet(JSTrac
+ }
+ 
+ void
+ AtomsTable::tracePinnedAtoms(JSTracer* trc, const AutoAccessAtomsZone& access)
+ {
+     for (size_t i = 0; i < PartitionCount; i++) {
+         Partition& part = *partitions[i];
+         tracePinnedAtomsInSet(trc, part.atoms);
+-        if (part.atomsAddedWhileSweeping)
++        if (part.atomsAddedWhileSweeping) {
+             tracePinnedAtomsInSet(trc, *part.atomsAddedWhileSweeping);
++        }
+     }
+ }
+ 
+ void
+ js::TraceAtoms(JSTracer* trc, const AutoAccessAtomsZone& access)
+ {
+     JSRuntime* rt = trc->runtime();
+-    if (rt->permanentAtomsPopulated())
++    if (rt->permanentAtomsPopulated()) {
+         rt->atoms().tracePinnedAtoms(trc, access);
++    }
+ }
+ 
+ static void
+ TracePermanentAtoms(JSTracer* trc, AtomSet::Range atoms)
+ {
+     for (; !atoms.empty(); atoms.popFront()) {
+         const AtomStateEntry& entry = atoms.front();
+         JSAtom* atom = entry.asPtrUnbarriered();
+@@ -369,54 +387,61 @@ TracePermanentAtoms(JSTracer* trc, AtomS
+         TraceProcessGlobalRoot(trc, atom, "permanent atom");
+     }
+ }
+ 
+ void
+ JSRuntime::tracePermanentAtoms(JSTracer* trc)
+ {
+     // Permanent atoms only need to be traced in the runtime which owns them.
+-    if (parentRuntime)
++    if (parentRuntime) {
+         return;
++    }
+ 
+     // Static strings are not included in the permanent atoms table.
+-    if (staticStrings)
++    if (staticStrings) {
+         staticStrings->trace(trc);
++    }
+ 
+-    if (permanentAtomsDuringInit_)
++    if (permanentAtomsDuringInit_) {
+         TracePermanentAtoms(trc, permanentAtomsDuringInit_->all());
++    }
+ 
+-    if (permanentAtoms_)
++    if (permanentAtoms_) {
+         TracePermanentAtoms(trc, permanentAtoms_->all());
++    }
+ }
+ 
+ void
+ js::TraceWellKnownSymbols(JSTracer* trc)
+ {
+     JSRuntime* rt = trc->runtime();
+ 
+-    if (rt->parentRuntime)
++    if (rt->parentRuntime) {
+         return;
++    }
+ 
+     if (WellKnownSymbols* wks = rt->wellKnownSymbols) {
+-        for (size_t i = 0; i < JS::WellKnownSymbolLimit; i++)
++        for (size_t i = 0; i < JS::WellKnownSymbolLimit; i++) {
+             TraceProcessGlobalRoot(trc, wks->get(i).get(), "well_known_symbol");
++        }
+     }
+ }
+ 
+ void
+ AtomsTable::sweepAll(JSRuntime* rt)
+ {
+     for (size_t i = 0; i < PartitionCount; i++) {
+         AutoLock lock(rt, partitions[i]->lock);
+         AtomSet& atoms = partitions[i]->atoms;
+         for (AtomSet::Enum e(atoms); !e.empty(); e.popFront()) {
+             JSAtom* atom = e.front().asPtrUnbarriered();
+-            if (IsAboutToBeFinalizedUnbarriered(&atom))
++            if (IsAboutToBeFinalizedUnbarriered(&atom)) {
+                 e.removeFront();
++            }
+         }
+     }
+ }
+ 
+ AtomsTable::SweepIterator::SweepIterator(AtomsTable& atoms)
+   : atoms(atoms),
+     partitionIndex(0)
+ {
+@@ -441,18 +466,19 @@ AtomsTable::SweepIterator::finishSweepin
+ inline void
+ AtomsTable::SweepIterator::settle()
+ {
+     MOZ_ASSERT(!empty());
+ 
+     while (atomsIter->empty()) {
+         finishSweepingPartition();
+         partitionIndex++;
+-        if (empty())
++        if (empty()) {
+             return;
++        }
+         startSweepingPartition();
+     }
+ }
+ 
+ inline bool
+ AtomsTable::SweepIterator::empty() const
+ {
+     return partitionIndex == PartitionCount;
+@@ -517,40 +543,44 @@ AtomsTable::mergeAtomsAddedWhileSweeping
+     // the main table.
+ 
+     AutoEnterOOMUnsafeRegion oomUnsafe;
+ 
+     auto newAtoms = part.atomsAddedWhileSweeping;
+     part.atomsAddedWhileSweeping = nullptr;
+ 
+     for (auto r = newAtoms->all(); !r.empty(); r.popFront()) {
+-        if (!part.atoms.putNew(AtomHasher::Lookup(r.front().asPtrUnbarriered()), r.front()))
++        if (!part.atoms.putNew(AtomHasher::Lookup(r.front().asPtrUnbarriered()), r.front())) {
+             oomUnsafe.crash("Adding atom from secondary table after sweep");
++        }
+     }
+ 
+     js_delete(newAtoms);
+ }
+ 
+ bool
+ AtomsTable::sweepIncrementally(SweepIterator& atomsToSweep, SliceBudget& budget)
+ {
+     // Sweep the table incrementally until we run out of work or budget.
+     while (!atomsToSweep.empty()) {
+         budget.step();
+-        if (budget.isOverBudget())
++        if (budget.isOverBudget()) {
+             return false;
++        }
+ 
+         JSAtom* atom = atomsToSweep.front();
+-        if (IsAboutToBeFinalizedUnbarriered(&atom))
++        if (IsAboutToBeFinalizedUnbarriered(&atom)) {
+             atomsToSweep.removeFront();
++        }
+         atomsToSweep.popFront();
+     }
+ 
+-    for (size_t i = 0; i < PartitionCount; i++)
++    for (size_t i = 0; i < PartitionCount; i++) {
+         MOZ_ASSERT(!partitions[i]->atomsAddedWhileSweeping);
++    }
+ 
+     return true;
+ }
+ 
+ size_t
+ AtomsTable::sizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const
+ {
+     size_t size = sizeof(AtomsTable);
+@@ -592,18 +622,19 @@ AllocateNewAtom(JSContext* cx, const Cha
+ 
+ /* |tbchars| must not point into an inline or short string. */
+ template <typename CharT>
+ MOZ_ALWAYS_INLINE
+ static JSAtom*
+ AtomizeAndCopyChars(JSContext* cx, const CharT* tbchars, size_t length, PinningBehavior pin,
+                     const Maybe<uint32_t>& indexValue)
+ {
+-    if (JSAtom* s = cx->staticStrings().lookup(tbchars, length))
++    if (JSAtom* s = cx->staticStrings().lookup(tbchars, length)) {
+         return s;
++    }
+ 
+     AtomHasher::Lookup lookup(tbchars, length);
+ 
+     // Try the per-Zone cache first. If we find the atom there we can avoid the
+     // atoms lock, the markAtom call, and the multiple HashSet lookups below.
+     // We don't use the per-Zone cache if we want a pinned atom: handling that
+     // is more complicated and pinning atoms is relatively uncommon.
+     Zone* zone = cx->zone();
+@@ -618,44 +649,47 @@ AtomizeAndCopyChars(JSContext* cx, const
+             MOZ_ASSERT(AtomIsMarked(zone, atom));
+             return atom;
+         }
+     }
+ 
+     // This function can be called during initialization, while the permanent
+     // atoms table is being created. In this case all atoms created are added to
+     // the permanent atoms table.
+-    if (!cx->permanentAtomsPopulated())
++    if (!cx->permanentAtomsPopulated()) {
+         return PermanentlyAtomizeAndCopyChars(cx, zonePtr, tbchars, length, indexValue, lookup);
++    }
+ 
+     AtomSet::Ptr pp = cx->permanentAtoms().readonlyThreadsafeLookup(lookup);
+     if (pp) {
+         JSAtom* atom = pp->asPtr(cx);
+         if (zonePtr &&
+             MOZ_UNLIKELY(!zone->atomCache().add(*zonePtr, AtomStateEntry(atom, false))))
+         {
+             ReportOutOfMemory(cx);
+             return nullptr;
+         }
+ 
+         return atom;
+     }
+ 
+     // Validate the length before taking an atoms partition lock, as throwing an
+     // exception here may reenter this code.
+-    if (MOZ_UNLIKELY(!JSString::validateLength(cx, length)))
++    if (MOZ_UNLIKELY(!JSString::validateLength(cx, length))) {
+         return nullptr;
++    }
+ 
+     JSAtom* atom = cx->atoms().atomizeAndCopyChars(cx,
+                                                    tbchars, length,
+                                                    pin,
+                                                    indexValue,
+                                                    lookup);
+-    if (!atom)
++    if (!atom) {
+         return nullptr;
++    }
+ 
+     cx->atomMarking().inlinedMarkAtom(cx, atom);
+ 
+     if (zonePtr &&
+         MOZ_UNLIKELY(!zone->atomCache().add(*zonePtr, AtomStateEntry(atom, false))))
+     {
+         ReportOutOfMemory(cx);
+         return nullptr;
+@@ -687,34 +721,36 @@ AtomsTable::atomizeAndCopyChars(JSContex
+         // be added to a secondary table. Check this first.
+         p = atomsAddedWhileSweeping->lookupForAdd(lookup);
+ 
+         // If that fails check the main table but check if any atom found there
+         // is dead.
+         if (!p) {
+             if (AtomSet::AddPtr p2 = atoms.lookupForAdd(lookup)) {
+                 JSAtom* atom = p2->asPtrUnbarriered();
+-                if (!IsAboutToBeFinalizedUnbarriered(&atom))
++                if (!IsAboutToBeFinalizedUnbarriered(&atom)) {
+                     p = p2;
++                }
+             }
+         }
+     }
+ 
+     if (p) {
+         JSAtom* atom = p->asPtr(cx);
+         if (pin && !atom->isPinned()) {
+             atom->setPinned();
+             p->setPinned(true);
+         }
+         return atom;
+     }
+ 
+     JSAtom* atom = AllocateNewAtom(cx, tbchars, length, pin, indexValue, lookup);
+-    if (!atom)
++    if (!atom) {
+         return nullptr;
++    }
+ 
+     // We have held the lock since looking up p, and the operations we've done
+     // since then can't GC; therefore the atoms table has not been modified and
+     // p is still valid.
+     AtomSet* addSet = part.atomsAddedWhileSweeping ? part.atomsAddedWhileSweeping : &atoms;
+     if (MOZ_UNLIKELY(!addSet->add(p, AtomStateEntry(atom, bool(pin))))) {
+         ReportOutOfMemory(cx); /* SystemAllocPolicy does not report OOM. */
+         return nullptr;
+@@ -740,22 +776,24 @@ PermanentlyAtomizeAndCopyChars(JSContext
+                                const AtomHasher::Lookup& lookup)
+ {
+     MOZ_ASSERT(!cx->permanentAtomsPopulated());
+     MOZ_ASSERT(CurrentThreadCanAccessRuntime(cx->runtime()));
+ 
+     JSRuntime* rt = cx->runtime();
+     AtomSet& atoms = *rt->permanentAtomsDuringInit();
+     AtomSet::AddPtr p = atoms.lookupForAdd(lookup);
+-    if (p)
++    if (p) {
+         return p->asPtr(cx);
++    }
+ 
+     JSAtom* atom = AllocateNewAtom(cx, tbchars, length, DoNotPinAtom, indexValue, lookup);
+-    if (!atom)
++    if (!atom) {
+         return nullptr;
++    }
+ 
+     atom->morphIntoPermanentAtom();
+ 
+     // We are single threaded at this point, and the operations we've done since
+     // then can't GC; therefore the atoms table has not been modified and p is
+     // still valid.
+     if (!atoms.add(p, AtomStateEntry(atom, true))) {
+         ReportOutOfMemory(cx); /* SystemAllocPolicy does not report OOM. */
+@@ -786,45 +824,50 @@ AllocateNewAtom(JSContext* cx, const Cha
+         // please also fix or comment the similar case in Symbol::new_.
+         ReportOutOfMemory(cx);
+         return nullptr;
+     }
+ 
+     JSAtom* atom = flat->morphAtomizedStringIntoAtom(lookup.hash);
+     MOZ_ASSERT(atom->hash() == lookup.hash);
+ 
+-    if (pin)
++    if (pin) {
+         atom->setPinned();
++    }
+ 
+-    if (indexValue)
++    if (indexValue) {
+         atom->maybeInitializeIndex(*indexValue, true);
++    }
+ 
+     return atom;
+ }
+ 
+ JSAtom*
+ js::AtomizeString(JSContext* cx, JSString* str,
+                   js::PinningBehavior pin /* = js::DoNotPinAtom */)
+ {
+     if (str->isAtom()) {
+         JSAtom& atom = str->asAtom();
+         /* N.B. static atoms are effectively always interned. */
+-        if (pin == PinAtom && !atom.isPinned())
++        if (pin == PinAtom && !atom.isPinned()) {
+             cx->runtime()->atoms().pinExistingAtom(cx, &atom);
++        }
+ 
+         return &atom;
+     }
+ 
+     JSLinearString* linear = str->ensureLinear(cx);
+-    if (!linear)
++    if (!linear) {
+         return nullptr;
++    }
+ 
+     Maybe<uint32_t> indexValue;
+-    if (str->hasIndexValue())
++    if (str->hasIndexValue()) {
+         indexValue.emplace(str->getIndexValue());
++    }
+ 
+     JS::AutoCheckCannotGC nogc;
+     return linear->hasLatin1Chars()
+            ? AtomizeAndCopyChars(cx, linear->latin1Chars(nogc), linear->length(), pin, indexValue)
+            : AtomizeAndCopyChars(cx, linear->twoByteChars(nogc), linear->length(), pin, indexValue);
+ }
+ 
+ void
+@@ -833,18 +876,19 @@ AtomsTable::pinExistingAtom(JSContext* c
+     MOZ_ASSERT(atom);
+     MOZ_ASSERT(!atom->isPinned());
+ 
+     AtomHasher::Lookup lookup(atom);
+ 
+     AtomsTable::Partition& part = *partitions[getPartitionIndex(lookup)];
+     AtomsTable::AutoLock lock(cx->runtime(), part.lock);
+     AtomSet::Ptr p = part.atoms.lookup(lookup);
+-    if (!p && part.atomsAddedWhileSweeping)
++    if (!p && part.atomsAddedWhileSweeping) {
+         p = part.atomsAddedWhileSweeping->lookup(lookup);
++    }
+ 
+     MOZ_ASSERT(p); // Unpinned atoms must exist in atoms table.
+     MOZ_ASSERT(p->asPtrUnbarriered() == atom);
+ 
+     atom->setPinned();
+     p->setPinned(true);
+ }
+ 
+@@ -878,108 +922,120 @@ js::AtomizeUTF8Chars(JSContext* cx, cons
+     // This could be optimized to hand the char16_t's directly to the JSAtom
+     // instead of making a copy. UTF8CharsToNewTwoByteCharsZ should be
+     // refactored to take an JSContext so that this function could also.
+ 
+     UTF8Chars utf8(utf8Chars, utf8ByteLength);
+ 
+     size_t length;
+     UniqueTwoByteChars chars(JS::UTF8CharsToNewTwoByteCharsZ(cx, utf8, &length).get());
+-    if (!chars)
++    if (!chars) {
+         return nullptr;
++    }
+ 
+     return AtomizeChars(cx, chars.get(), length);
+ }
+ 
+ bool
+ js::IndexToIdSlow(JSContext* cx, uint32_t index, MutableHandleId idp)
+ {
+     MOZ_ASSERT(index > JSID_INT_MAX);
+ 
+     char16_t buf[UINT32_CHAR_BUFFER_LENGTH];
+     RangedPtr<char16_t> end(ArrayEnd(buf), buf, ArrayEnd(buf));
+     RangedPtr<char16_t> start = BackfillIndexInCharBuffer(index, end);
+ 
+     JSAtom* atom = AtomizeChars(cx, start.get(), end - start);
+-    if (!atom)
++    if (!atom) {
+         return false;
++    }
+ 
+     idp.set(JSID_FROM_BITS((size_t)atom | JSID_TYPE_STRING));
+     return true;
+ }
+ 
+ template <AllowGC allowGC>
+ static JSAtom*
+ ToAtomSlow(JSContext* cx, typename MaybeRooted<Value, allowGC>::HandleType arg)
+ {
+     MOZ_ASSERT(!arg.isString());
+ 
+     Value v = arg;
+     if (!v.isPrimitive()) {
+         MOZ_ASSERT(!cx->helperThread());
+-        if (!allowGC)
++        if (!allowGC) {
+             return nullptr;
++        }
+         RootedValue v2(cx, v);
+-        if (!ToPrimitive(cx, JSTYPE_STRING, &v2))
++        if (!ToPrimitive(cx, JSTYPE_STRING, &v2)) {
+             return nullptr;
++        }
+         v = v2;
+     }
+ 
+     if (v.isString()) {
+         JSAtom* atom = AtomizeString(cx, v.toString());
+-        if (!allowGC && !atom)
++        if (!allowGC && !atom) {
+             cx->recoverFromOutOfMemory();
++        }
+         return atom;
+     }
+     if (v.isInt32()) {
+         JSAtom* atom = Int32ToAtom(cx, v.toInt32());
+-        if (!allowGC && !atom)
++        if (!allowGC && !atom) {
+             cx->recoverFromOutOfMemory();
++        }
+         return atom;
+     }
+     if (v.isDouble()) {
+         JSAtom* atom = NumberToAtom(cx, v.toDouble());
+-        if (!allowGC && !atom)
++        if (!allowGC && !atom) {
+             cx->recoverFromOutOfMemory();
++        }
+         return atom;
+     }
+-    if (v.isBoolean())
++    if (v.isBoolean()) {
+         return v.toBoolean() ? cx->names().true_ : cx->names().false_;
+-    if (v.isNull())
++    }
++    if (v.isNull()) {
+         return cx->names().null;
++    }
+     if (v.isSymbol()) {
+         MOZ_ASSERT(!cx->helperThread());
+         if (allowGC) {
+             JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
+                                       JSMSG_SYMBOL_TO_STRING);
+         }
+         return nullptr;
+     }
+ #ifdef ENABLE_BIGINT
+     if (v.isBigInt()) {
+         JSAtom* atom = BigIntToAtom(cx, v.toBigInt());
+-        if (!allowGC && !atom)
++        if (!allowGC && !atom) {
+             cx->recoverFromOutOfMemory();
++        }
+         return atom;
+     }
+ #endif
+     MOZ_ASSERT(v.isUndefined());
+     return cx->names().undefined;
+ }
+ 
+ template <AllowGC allowGC>
+ JSAtom*
+ js::ToAtom(JSContext* cx, typename MaybeRooted<Value, allowGC>::HandleType v)
+ {
+-    if (!v.isString())
++    if (!v.isString()) {
+         return ToAtomSlow<allowGC>(cx, v);
++    }
+ 
+     JSString* str = v.toString();
+-    if (str->isAtom())
++    if (str->isAtom()) {
+         return &str->asAtom();
++    }
+ 
+     JSAtom* atom = AtomizeString(cx, str);
+     if (!atom && !allowGC) {
+         MOZ_ASSERT_IF(!cx->helperThread(), cx->isThrowingOutOfMemory());
+         cx->recoverFromOutOfMemory();
+     }
+     return atom;
+ }
+@@ -1008,23 +1064,25 @@ js::XDRAtom(XDRState<mode>* xdr, Mutable
+ 
+     if (mode == XDR_DECODE) {
+         length = lengthAndEncoding >> 1;
+         latin1 = lengthAndEncoding & 0x1;
+     }
+ 
+     // We need to align the string in the XDR buffer such that we can avoid
+     // non-align loads of 16bits characters.
+-    if (!latin1)
++    if (!latin1) {
+         MOZ_TRY(xdr->codeAlign(sizeof(char16_t)));
++    }
+ 
+     if (mode == XDR_ENCODE) {
+         JS::AutoCheckCannotGC nogc;
+-        if (latin1)
++        if (latin1) {
+             return xdr->codeChars(atomp->latin1Chars(nogc), length);
++        }
+         return xdr->codeChars(const_cast<char16_t*>(atomp->twoByteChars(nogc)), length);
+     }
+ 
+     MOZ_ASSERT(mode == XDR_DECODE);
+     /* Avoid JSString allocation for already existing atoms. See bug 321985. */
+     JSContext* cx = xdr->cx();
+     JSAtom* atom;
+     if (latin1) {
+@@ -1061,29 +1119,31 @@ js::XDRAtom(XDRState<mode>* xdr, Mutable
+             chars = stackChars;
+         } else {
+             /*
+              * This is very uncommon. Don't use the tempLifoAlloc arena for this as
+              * most allocations here will be bigger than tempLifoAlloc's default
+              * chunk size.
+              */
+             heapChars.reset(cx->pod_malloc<char16_t>(length));
+-            if (!heapChars)
++            if (!heapChars) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+ 
+             chars = heapChars.get();
+         }
+ 
+         MOZ_TRY(xdr->codeChars(chars, length));
+         atom = AtomizeChars(cx, chars, length);
+ #endif /* !MOZ_LITTLE_ENDIAN */
+     }
+ 
+-    if (!atom)
++    if (!atom) {
+         return xdr->fail(JS::TranscodeResult_Throw);
++    }
+     atomp.set(atom);
+     return Ok();
+ }
+ 
+ template XDRResult
+ js::XDRAtom(XDRState<XDR_ENCODE>* xdr, MutableHandleAtom atomp);
+ 
+ template XDRResult
+@@ -1094,18 +1154,20 @@ js::ClassName(JSProtoKey key, JSContext*
+ {
+     return ClassName(key, cx->names());
+ }
+ 
+ js::AutoLockAllAtoms::AutoLockAllAtoms(JSRuntime* rt)
+   : runtime(rt)
+ {
+     MOZ_ASSERT(CurrentThreadCanAccessRuntime(runtime));
+-    if (runtime->hasHelperThreadZones())
++    if (runtime->hasHelperThreadZones()) {
+         runtime->atoms().lockAll();
++    }
+ }
+ 
+ js::AutoLockAllAtoms::~AutoLockAllAtoms()
+ {
+     MOZ_ASSERT(CurrentThreadCanAccessRuntime(runtime));
+-    if (runtime->hasHelperThreadZones())
++    if (runtime->hasHelperThreadZones()) {
+         runtime->atoms().unlockAll();
++    }
+ }
+diff --git a/js/src/vm/JSContext-inl.h b/js/src/vm/JSContext-inl.h
+--- a/js/src/vm/JSContext-inl.h
++++ b/js/src/vm/JSContext-inl.h
+@@ -53,28 +53,31 @@ class ContextChecks
+                                 c1, c2, argIndex);
+     }
+     static void fail(JS::Zone* z1, JS::Zone* z2, int argIndex) {
+         MOZ_CRASH_UNSAFE_PRINTF("*** Zone mismatch %p vs. %p at argument %d\n",
+                                 z1, z2, argIndex);
+     }
+ 
+     void check(JS::Realm* r, int argIndex) {
+-        if (r && r != realm())
++        if (r && r != realm()) {
+             fail(realm(), r, argIndex);
++        }
+     }
+ 
+     void check(JS::Compartment* c, int argIndex) {
+-        if (c && c != compartment())
++        if (c && c != compartment()) {
+             fail(compartment(), c, argIndex);
++        }
+     }
+ 
+     void check(JS::Zone* z, int argIndex) {
+-        if (zone() && z != zone())
++        if (zone() && z != zone()) {
+             fail(zone(), z, argIndex);
++        }
+     }
+ 
+     void check(JSObject* obj, int argIndex) {
+         if (obj) {
+             MOZ_ASSERT(JS::ObjectIsNotGray(obj));
+             MOZ_ASSERT(!js::gc::IsAboutToBeFinalizedUnbarriered(&obj));
+             check(obj->compartment(), argIndex);
+         }
+@@ -95,82 +98,91 @@ class ContextChecks
+                                         zone(), argIndex);
+             }
+         }
+ #endif
+     }
+ 
+     void check(JSString* str, int argIndex) {
+         MOZ_ASSERT(JS::CellIsNotGray(str));
+-        if (str->isAtom())
++        if (str->isAtom()) {
+             checkAtom(&str->asAtom(), argIndex);
+-        else
++        } else {
+             check(str->zone(), argIndex);
++        }
+     }
+ 
+     void check(JS::Symbol* symbol, int argIndex) {
+         checkAtom(symbol, argIndex);
+     }
+ 
+     void check(const js::Value& v, int argIndex) {
+-        if (v.isObject())
++        if (v.isObject()) {
+             check(&v.toObject(), argIndex);
+-        else if (v.isString())
++        } else if (v.isString()) {
+             check(v.toString(), argIndex);
+-        else if (v.isSymbol())
++        } else if (v.isSymbol()) {
+             check(v.toSymbol(), argIndex);
++        }
+     }
+ 
+     // Check the contents of any container class that supports the C++
+     // iteration protocol, eg GCVector<jsid>.
+     template <typename Container>
+     typename mozilla::EnableIf<
+         mozilla::IsSame<
+             decltype(((Container*)nullptr)->begin()),
+             decltype(((Container*)nullptr)->end())
+         >::value
+     >::Type
+     check(const Container& container, int argIndex) {
+-        for (auto i : container)
++        for (auto i : container) {
+             check(i, argIndex);
++        }
+     }
+ 
+     void check(const JS::HandleValueArray& arr, int argIndex) {
+-        for (size_t i = 0; i < arr.length(); i++)
++        for (size_t i = 0; i < arr.length(); i++) {
+             check(arr[i], argIndex);
++        }
+     }
+ 
+     void check(const CallArgs& args, int argIndex) {
+-        for (Value* p = args.base(); p != args.end(); ++p)
++        for (Value* p = args.base(); p != args.end(); ++p) {
+             check(*p, argIndex);
++        }
+     }
+ 
+     void check(jsid id, int argIndex) {
+-        if (JSID_IS_ATOM(id))
++        if (JSID_IS_ATOM(id)) {
+             checkAtom(JSID_TO_ATOM(id), argIndex);
+-        else if (JSID_IS_SYMBOL(id))
++        } else if (JSID_IS_SYMBOL(id)) {
+             checkAtom(JSID_TO_SYMBOL(id), argIndex);
+-        else
++        } else {
+             MOZ_ASSERT(!JSID_IS_GCTHING(id));
++        }
+     }
+ 
+     void check(JSScript* script, int argIndex) {
+         MOZ_ASSERT(JS::CellIsNotGray(script));
+-        if (script)
++        if (script) {
+             check(script->realm(), argIndex);
++        }
+     }
+ 
+     void check(AbstractFramePtr frame, int argIndex);
+ 
+     void check(Handle<PropertyDescriptor> desc, int argIndex) {
+         check(desc.object(), argIndex);
+-        if (desc.hasGetterObject())
++        if (desc.hasGetterObject()) {
+             check(desc.getterObject(), argIndex);
+-        if (desc.hasSetterObject())
++        }
++        if (desc.hasSetterObject()) {
+             check(desc.setterObject(), argIndex);
++        }
+         check(desc.value(), argIndex);
+     }
+ 
+     void check(TypeSet::Type type, int argIndex) {
+         check(type.maybeCompartment(), argIndex);
+     }
+ };
+ 
+@@ -182,34 +194,37 @@ JSContext::checkImpl(int argIndex, const
+     js::ContextChecks(this).check(head, argIndex);
+     checkImpl(argIndex + 1, tail...);
+ }
+ 
+ template <class... Args> inline void
+ JSContext::check(const Args&... args)
+ {
+ #ifdef JS_CRASH_DIAGNOSTICS
+-    if (contextChecksEnabled())
++    if (contextChecksEnabled()) {
+         checkImpl(0, args...);
++    }
+ #endif
+ }
+ 
+ template <class... Args> inline void
+ JSContext::releaseCheck(const Args&... args)
+ {
+-    if (contextChecksEnabled())
++    if (contextChecksEnabled()) {
+         checkImpl(0, args...);
++    }
+ }
+ 
+ template <class... Args> MOZ_ALWAYS_INLINE void
+ JSContext::debugOnlyCheck(const Args&... args)
+ {
+ #if defined(DEBUG) && defined(JS_CRASH_DIAGNOSTICS)
+-    if (contextChecksEnabled())
++    if (contextChecksEnabled()) {
+         checkImpl(0, args...);
++    }
+ #endif
+ }
+ 
+ namespace js {
+ 
+ STATIC_PRECONDITION_ASSUME(ubound(args.argv_) >= argc)
+ MOZ_ALWAYS_INLINE bool
+ CallNativeImpl(JSContext* cx, NativeImpl impl, const CallArgs& args)
+@@ -225,69 +240,76 @@ CallNativeImpl(JSContext* cx, NativeImpl
+     }
+     return ok;
+ }
+ 
+ MOZ_ALWAYS_INLINE bool
+ CallJSGetterOp(JSContext* cx, GetterOp op, HandleObject obj, HandleId id,
+                MutableHandleValue vp)
+ {
+-    if (!CheckRecursionLimit(cx))
++    if (!CheckRecursionLimit(cx)) {
+         return false;
++    }
+ 
+     cx->check(obj, id, vp);
+     bool ok = op(cx, obj, id, vp);
+-    if (ok)
++    if (ok) {
+         cx->check(vp);
++    }
+     return ok;
+ }
+ 
+ MOZ_ALWAYS_INLINE bool
+ CallJSSetterOp(JSContext* cx, SetterOp op, HandleObject obj, HandleId id, HandleValue v,
+                ObjectOpResult& result)
+ {
+-    if (!CheckRecursionLimit(cx))
++    if (!CheckRecursionLimit(cx)) {
+         return false;
++    }
+ 
+     cx->check(obj, id, v);
+     return op(cx, obj, id, v, result);
+ }
+ 
+ inline bool
+ CallJSAddPropertyOp(JSContext* cx, JSAddPropertyOp op, HandleObject obj, HandleId id,
+                     HandleValue v)
+ {
+-    if (!CheckRecursionLimit(cx))
++    if (!CheckRecursionLimit(cx)) {
+         return false;
++    }
+ 
+     cx->check(obj, id, v);
+     return op(cx, obj, id, v);
+ }
+ 
+ inline bool
+ CallJSDeletePropertyOp(JSContext* cx, JSDeletePropertyOp op, HandleObject receiver, HandleId id,
+                        ObjectOpResult& result)
+ {
+-    if (!CheckRecursionLimit(cx))
++    if (!CheckRecursionLimit(cx)) {
+         return false;
++    }
+ 
+     cx->check(receiver, id);
+-    if (op)
++    if (op) {
+         return op(cx, receiver, id, result);
++    }
+     return result.succeed();
+ }
+ 
+ MOZ_ALWAYS_INLINE bool
+ CheckForInterrupt(JSContext* cx)
+ {
+     MOZ_ASSERT(!cx->isExceptionPending());
+     // Add an inline fast-path since we have to check for interrupts in some hot
+     // C++ loops of library builtins.
+-    if (MOZ_UNLIKELY(cx->hasAnyPendingInterrupt()))
++    if (MOZ_UNLIKELY(cx->hasAnyPendingInterrupt())) {
+         return cx->handleInterrupt();
++    }
+ 
+     JS_INTERRUPT_POSSIBLY_FAIL();
+ 
+     return true;
+ }
+ 
+ }  /* namespace js */
+ 
+@@ -312,22 +334,24 @@ JSContext::minorGC(JS::gcreason::Reason 
+ inline void
+ JSContext::setPendingException(JS::HandleValue v)
+ {
+ #if defined(NIGHTLY_BUILD)
+     do {
+         // Do not intercept exceptions if we are already
+         // in the exception interceptor. That would lead
+         // to infinite recursion.
+-        if (this->runtime()->errorInterception.isExecuting)
++        if (this->runtime()->errorInterception.isExecuting) {
+             break;
++        }
+ 
+         // Check whether we have an interceptor at all.
+-        if (!this->runtime()->errorInterception.interceptor)
++        if (!this->runtime()->errorInterception.interceptor) {
+             break;
++        }
+ 
+         // Make sure that we do not call the interceptor from within
+         // the interceptor.
+         this->runtime()->errorInterception.isExecuting = true;
+ 
+         // The interceptor must be infallible.
+         const mozilla::DebugOnly<bool> wasExceptionPending = this->isExceptionPending();
+         this->runtime()->errorInterception.interceptor->interceptError(this, v);
+@@ -365,18 +389,19 @@ JSContext::enterAtomsZone()
+ {
+     realm_ = nullptr;
+     setZone(runtime_->unsafeAtomsZone(), AtomsZone);
+ }
+ 
+ inline void
+ JSContext::setZone(js::Zone *zone, JSContext::IsAtomsZone isAtomsZone)
+ {
+-    if (zone_)
++    if (zone_) {
+         zone_->addTenuredAllocsSinceMinorGC(allocsThisZoneSinceMinorGC_);
++    }
+ 
+     allocsThisZoneSinceMinorGC_ = 0;
+ 
+     zone_ = zone;
+     if (zone == nullptr) {
+         freeLists_ = nullptr;
+         return;
+     }
+@@ -425,18 +450,19 @@ JSContext::leaveRealm(JS::Realm* oldReal
+     // Only call leave() after we've setRealm()-ed away from the current realm.
+     JS::Realm* startingRealm = realm_;
+ 
+     // The current realm should be marked as entered-from-C++ at this point.
+     MOZ_ASSERT_IF(startingRealm, startingRealm->hasBeenEnteredIgnoringJit());
+ 
+     setRealm(oldRealm);
+ 
+-    if (startingRealm)
++    if (startingRealm) {
+         startingRealm->leave();
++    }
+ }
+ 
+ inline void
+ JSContext::leaveAtomsZone(JS::Realm* oldRealm)
+ {
+     setRealm(oldRealm);
+ }
+ 
+@@ -461,49 +487,55 @@ JSContext::setRealmForJitExceptionHandle
+     // so we don't call realm->leave() here.
+     MOZ_ASSERT(realm->compartment() == compartment());
+     realm_ = realm;
+ }
+ 
+ inline JSScript*
+ JSContext::currentScript(jsbytecode** ppc, AllowCrossRealm allowCrossRealm) const
+ {
+-    if (ppc)
++    if (ppc) {
+         *ppc = nullptr;
++    }
+ 
+     js::Activation* act = activation();
+-    if (!act)
++    if (!act) {
+         return nullptr;
++    }
+ 
+     MOZ_ASSERT(act->cx() == this);
+ 
+     // Cross-compartment implies cross-realm.
+-    if (allowCrossRealm == AllowCrossRealm::DontAllow && act->compartment() != compartment())
++    if (allowCrossRealm == AllowCrossRealm::DontAllow && act->compartment() != compartment()) {
+         return nullptr;
++    }
+ 
+     JSScript* script = nullptr;
+     jsbytecode* pc = nullptr;
+     if (act->isJit()) {
+-        if (act->hasWasmExitFP())
++        if (act->hasWasmExitFP()) {
+             return nullptr;
++        }
+         js::jit::GetPcScript(const_cast<JSContext*>(this), &script, &pc);
+     } else {
+         js::InterpreterFrame* fp = act->asInterpreter()->current();
+         MOZ_ASSERT(!fp->runningInJit());
+         script = fp->script();
+         pc = act->asInterpreter()->regs().pc;
+     }
+ 
+     MOZ_ASSERT(script->containsPC(pc));
+ 
+-    if (allowCrossRealm == AllowCrossRealm::DontAllow && script->realm() != realm())
++    if (allowCrossRealm == AllowCrossRealm::DontAllow && script->realm() != realm()) {
+         return nullptr;
++    }
+ 
+-    if (ppc)
++    if (ppc) {
+         *ppc = pc;
++    }
+     return script;
+ }
+ 
+ inline js::RuntimeCaches&
+ JSContext::caches()
+ {
+     return runtime()->caches();
+ }
+diff --git a/js/src/vm/JSContext.cpp b/js/src/vm/JSContext.cpp
+--- a/js/src/vm/JSContext.cpp
++++ b/js/src/vm/JSContext.cpp
+@@ -72,22 +72,24 @@ using mozilla::PodArrayZero;
+ bool
+ js::AutoCycleDetector::init()
+ {
+     MOZ_ASSERT(cyclic);
+ 
+     AutoCycleDetector::Vector& vector = cx->cycleDetectorVector();
+ 
+     for (JSObject* obj2 : vector) {
+-        if (MOZ_UNLIKELY(obj == obj2))
++        if (MOZ_UNLIKELY(obj == obj2)) {
+             return true;
++        }
+     }
+ 
+-    if (!vector.append(obj))
++    if (!vector.append(obj)) {
+         return false;
++    }
+ 
+     cyclic = false;
+     return true;
+ }
+ 
+ js::AutoCycleDetector::~AutoCycleDetector()
+ {
+     if (MOZ_LIKELY(!cyclic)) {
+@@ -102,34 +104,39 @@ js::AutoCycleDetector::~AutoCycleDetecto
+     }
+ }
+ 
+ bool
+ JSContext::init(ContextKind kind)
+ {
+     // Skip most of the initialization if this thread will not be running JS.
+     if (kind == ContextKind::MainThread) {
+-        if (!regexpStack.ref().init())
++        if (!regexpStack.ref().init()) {
+             return false;
++        }
+ 
+-        if (!fx.initInstance())
++        if (!fx.initInstance()) {
+             return false;
++        }
+ 
+ #ifdef JS_SIMULATOR
+         simulator_ = jit::Simulator::Create(this);
+-        if (!simulator_)
++        if (!simulator_) {
+             return false;
++        }
+ #endif
+ 
+-        if (!wasm::EnsureSignalHandlers(this))
++        if (!wasm::EnsureSignalHandlers(this)) {
+             return false;
++        }
+     } else {
+         atomsZoneFreeLists_ = js_new<gc::FreeLists>();
+-        if (!atomsZoneFreeLists_)
++        if (!atomsZoneFreeLists_) {
+             return false;
++        }
+     }
+ 
+     // Set the ContextKind last, so that ProtectedData checks will allow us to
+     // initialize this context before it becomes the runtime's active context.
+     kind_ = kind;
+ 
+     return true;
+ }
+@@ -142,18 +149,19 @@ js::NewContext(uint32_t maxBytes, uint32
+     MOZ_RELEASE_ASSERT(!TlsContext.get());
+ 
+ #if defined(DEBUG) || defined(JS_OOM_BREAKPOINT)
+     js::oom::SetThreadType(!parentRuntime ? js::THREAD_TYPE_MAIN
+                                           : js::THREAD_TYPE_WORKER);
+ #endif
+ 
+     JSRuntime* runtime = js_new<JSRuntime>(parentRuntime);
+-    if (!runtime)
++    if (!runtime) {
+         return nullptr;
++    }
+ 
+     JSContext* cx = js_new<JSContext>(runtime, JS::ContextOptions());
+     if (!cx) {
+         js_delete(runtime);
+         return nullptr;
+     }
+ 
+     if (!runtime->init(cx, maxBytes, maxNurseryBytes)) {
+@@ -171,18 +179,19 @@ js::NewContext(uint32_t maxBytes, uint32
+     }
+ 
+     return cx;
+ }
+ 
+ static void
+ FreeJobQueueHandling(JSContext* cx)
+ {
+-    if (!cx->jobQueue)
++    if (!cx->jobQueue) {
+         return;
++    }
+ 
+     cx->jobQueue->reset();
+     FreeOp* fop = cx->defaultFreeOp();
+     fop->delete_(cx->jobQueue.ref());
+     cx->getIncumbentGlobalCallback = nullptr;
+     cx->enqueuePromiseJobCallback = nullptr;
+     cx->enqueuePromiseJobCallbackData = nullptr;
+ }
+@@ -208,30 +217,32 @@ js::DestroyContext(JSContext* cx)
+     cx->runtime()->destroyRuntime();
+     js_delete(cx->runtime());
+     js_delete_poison(cx);
+ }
+ 
+ void
+ JS::RootingContext::checkNoGCRooters() {
+ #ifdef DEBUG
+-    for (auto const& stackRootPtr : stackRoots_)
++    for (auto const& stackRootPtr : stackRoots_) {
+         MOZ_ASSERT(stackRootPtr == nullptr);
++    }
+ #endif
+ }
+ 
+ bool
+ AutoResolving::alreadyStartedSlow() const
+ {
+     MOZ_ASSERT(link);
+     AutoResolving* cursor = link;
+     do {
+         MOZ_ASSERT(this != cursor);
+-        if (object.get() == cursor->object && id.get() == cursor->id && kind == cursor->kind)
++        if (object.get() == cursor->object && id.get() == cursor->id && kind == cursor->kind) {
+             return true;
++        }
+     } while (!!(cursor = cursor->link));
+     return false;
+ }
+ 
+ static void
+ ReportError(JSContext* cx, JSErrorReport* reportp, JSErrorCallback callback,
+             void* userRef)
+ {
+@@ -259,26 +270,28 @@ ReportError(JSContext* cx, JSErrorReport
+ /*
+  * The given JSErrorReport object have been zeroed and must not outlive
+  * cx->fp() (otherwise owned fields may become invalid).
+  */
+ static void
+ PopulateReportBlame(JSContext* cx, JSErrorReport* report)
+ {
+     JS::Realm* realm = cx->realm();
+-    if (!realm)
++    if (!realm) {
+         return;
++    }
+ 
+     /*
+      * Walk stack until we find a frame that is associated with a non-builtin
+      * rather than a builtin frame and which we're allowed to know about.
+      */
+     NonBuiltinFrameIter iter(cx, realm->principals());
+-    if (iter.done())
++    if (iter.done()) {
+         return;
++    }
+ 
+     report->filename = iter.filename();
+     uint32_t column;
+     report->lineno = iter.computeLine(&column);
+     report->column = FixupColumnForDisplay(column);
+     report->isMuted = iter.mutedErrors();
+ }
+ 
+@@ -299,25 +312,27 @@ js::ReportOutOfMemory(JSContext* cx)
+      * OOMs are non-deterministic, especially across different execution modes
+      * (e.g. interpreter vs JIT). In more-deterministic builds, print to stderr
+      * so that the fuzzers can detect this.
+      */
+     fprintf(stderr, "ReportOutOfMemory called\n");
+ #endif
+     mozilla::recordreplay::InvalidateRecording("OutOfMemory exception thrown");
+ 
+-    if (cx->helperThread())
++    if (cx->helperThread()) {
+         return cx->addPendingOutOfMemory();
++    }
+ 
+     cx->runtime()->hadOutOfMemory = true;
+     gc::AutoSuppressGC suppressGC(cx);
+ 
+     /* Report the oom. */
+-    if (JS::OutOfMemoryCallback oomCallback = cx->runtime()->oomCallback)
++    if (JS::OutOfMemoryCallback oomCallback = cx->runtime()->oomCallback) {
+         oomCallback(cx, cx->runtime()->oomCallbackData);
++    }
+ 
+     RootedValue oomMessage(cx, StringValue(cx->names().outOfMemory));
+     cx->setPendingException(oomMessage);
+ }
+ 
+ mozilla::GenericErrorResult<OOM&>
+ js::ReportOutOfMemoryResult(JSContext* cx)
+ {
+@@ -354,56 +369,61 @@ JS_FRIEND_API(void)
+ js::ReportOverRecursed(JSContext* maybecx)
+ {
+     ReportOverRecursed(maybecx, JSMSG_OVER_RECURSED);
+ }
+ 
+ void
+ js::ReportAllocationOverflow(JSContext* cx)
+ {
+-    if (!cx)
++    if (!cx) {
+         return;
++    }
+ 
+-    if (cx->helperThread())
++    if (cx->helperThread()) {
+         return;
++    }
+ 
+     gc::AutoSuppressGC suppressGC(cx);
+     JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_ALLOC_OVERFLOW);
+ }
+ 
+ /*
+  * Given flags and the state of cx, decide whether we should report an
+  * error, a warning, or just continue execution normally.  Return
+  * true if we should continue normally, without reporting anything;
+  * otherwise, adjust *flags as appropriate and return false.
+  */
+ static bool
+ checkReportFlags(JSContext* cx, unsigned* flags)
+ {
+     if (JSREPORT_IS_STRICT(*flags)) {
+         /* Warning/error only when JSOPTION_STRICT is set. */
+-        if (!cx->realm()->behaviors().extraWarnings(cx))
++        if (!cx->realm()->behaviors().extraWarnings(cx)) {
+             return true;
++        }
+     }
+ 
+     /* Warnings become errors when JSOPTION_WERROR is set. */
+-    if (JSREPORT_IS_WARNING(*flags) && cx->options().werror())
++    if (JSREPORT_IS_WARNING(*flags) && cx->options().werror()) {
+         *flags &= ~JSREPORT_WARNING;
++    }
+ 
+     return false;
+ }
+ 
+ bool
+ js::ReportErrorVA(JSContext* cx, unsigned flags, const char* format,
+                   ErrorArgumentsType argumentsType, va_list ap)
+ {
+     JSErrorReport report;
+ 
+-    if (checkReportFlags(cx, &flags))
++    if (checkReportFlags(cx, &flags)) {
+         return true;
++    }
+ 
+     UniqueChars message(JS_vsmprintf(format, ap));
+     if (!message) {
+         ReportOutOfMemory(cx);
+         return false;
+     }
+ 
+     MOZ_ASSERT_IF(argumentsType == ArgumentsAreASCII, JS::StringIsASCII(message.get()));
+@@ -411,43 +431,46 @@ js::ReportErrorVA(JSContext* cx, unsigne
+     report.flags = flags;
+     report.errorNumber = JSMSG_USER_DEFINED_ERROR;
+     if (argumentsType == ArgumentsAreASCII || argumentsType == ArgumentsAreUTF8) {
+         report.initOwnedMessage(message.release());
+     } else {
+         MOZ_ASSERT(argumentsType == ArgumentsAreLatin1);
+         Latin1Chars latin1(message.get(), strlen(message.get()));
+         UTF8CharsZ utf8(JS::CharsToNewUTF8CharsZ(cx, latin1));
+-        if (!utf8)
++        if (!utf8) {
+             return false;
++        }
+         report.initOwnedMessage(reinterpret_cast<const char*>(utf8.get()));
+     }
+     PopulateReportBlame(cx, &report);
+ 
+     bool warning = JSREPORT_IS_WARNING(report.flags);
+ 
+     ReportError(cx, &report, nullptr, nullptr);
+     return warning;
+ }
+ 
+ /* |callee| requires a usage string provided by JS_DefineFunctionsWithHelp. */
+ void
+ js::ReportUsageErrorASCII(JSContext* cx, HandleObject callee, const char* msg)
+ {
+     RootedValue usage(cx);
+-    if (!JS_GetProperty(cx, callee, "usage", &usage))
++    if (!JS_GetProperty(cx, callee, "usage", &usage)) {
+         return;
++    }
+ 
+     if (!usage.isString()) {
+         JS_ReportErrorASCII(cx, "%s", msg);
+     } else {
+         RootedString usageStr(cx, usage.toString());
+         UniqueChars str = JS_EncodeStringToUTF8(cx, usageStr);
+-        if (!str)
++        if (!str) {
+             return;
++        }
+         JS_ReportErrorUTF8(cx, "%s. Usage: %s", msg, str.get());
+     }
+ }
+ 
+ enum class PrintErrorKind {
+     Error,
+     Warning,
+     StrictWarning,
+@@ -456,34 +479,39 @@ enum class PrintErrorKind {
+ 
+ static void
+ PrintErrorLine(FILE* file, const char* prefix, JSErrorReport* report)
+ {
+     if (const char16_t* linebuf = report->linebuf()) {
+         size_t n = report->linebufLength();
+ 
+         fputs(":\n", file);
+-        if (prefix)
++        if (prefix) {
+             fputs(prefix, file);
++        }
+ 
+-        for (size_t i = 0; i < n; i++)
++        for (size_t i = 0; i < n; i++) {
+             fputc(static_cast<char>(linebuf[i]), file);
++        }
+ 
+         // linebuf usually ends with a newline. If not, add one here.
+-        if (n == 0 || linebuf[n-1] != '\n')
++        if (n == 0 || linebuf[n-1] != '\n') {
+             fputc('\n', file);
++        }
+ 
+-        if (prefix)
++        if (prefix) {
+             fputs(prefix, file);
++        }
+ 
+         n = report->tokenOffset();
+         for (size_t i = 0, j = 0; i < n; i++) {
+             if (linebuf[i] == '\t') {
+-                for (size_t k = (j + 8) & ~7; j < k; j++)
++                for (size_t k = (j + 8) & ~7; j < k; j++) {
+                     fputc('.', file);
++                }
+                 continue;
+             }
+             fputc('.', file);
+             j++;
+         }
+         fputc('^', file);
+     }
+ }
+@@ -494,18 +522,19 @@ PrintErrorLine(FILE* file, const char* p
+ }
+ 
+ template <typename T>
+ static bool
+ PrintSingleError(JSContext* cx, FILE* file, JS::ConstUTF8CharsZ toStringResult,
+                  T* report, PrintErrorKind kind)
+ {
+     UniqueChars prefix;
+-    if (report->filename)
++    if (report->filename) {
+         prefix = JS_smprintf("%s:", report->filename);
++    }
+ 
+     if (report->lineno) {
+         prefix = JS_smprintf("%s%u:%u ", prefix ? prefix.get() : "", report->lineno,
+                                         report->column);
+     }
+ 
+     if (kind != PrintErrorKind::Error) {
+         const char* kindPrefix = nullptr;
+@@ -527,56 +556,61 @@ PrintSingleError(JSContext* cx, FILE* fi
+     }
+ 
+     const char* message = toStringResult ? toStringResult.c_str() : report->message().c_str();
+ 
+     /* embedded newlines -- argh! */
+     const char* ctmp;
+     while ((ctmp = strchr(message, '\n')) != 0) {
+         ctmp++;
+-        if (prefix)
++        if (prefix) {
+             fputs(prefix.get(), file);
++        }
+         mozilla::Unused << fwrite(message, 1, ctmp - message, file);
+         message = ctmp;
+     }
+ 
+     /* If there were no filename or lineno, the prefix might be empty */
+-    if (prefix)
++    if (prefix) {
+         fputs(prefix.get(), file);
++    }
+     fputs(message, file);
+ 
+     PrintErrorLine(file, prefix.get(), report);
+     fputc('\n', file);
+ 
+     fflush(file);
+     return true;
+ }
+ 
+ bool
+ js::PrintError(JSContext* cx, FILE* file, JS::ConstUTF8CharsZ toStringResult,
+                JSErrorReport* report, bool reportWarnings)
+ {
+     MOZ_ASSERT(report);
+ 
+     /* Conditionally ignore reported warnings. */
+-    if (JSREPORT_IS_WARNING(report->flags) && !reportWarnings)
++    if (JSREPORT_IS_WARNING(report->flags) && !reportWarnings) {
+         return false;
++    }
+ 
+     PrintErrorKind kind = PrintErrorKind::Error;
+     if (JSREPORT_IS_WARNING(report->flags)) {
+-        if (JSREPORT_IS_STRICT(report->flags))
++        if (JSREPORT_IS_STRICT(report->flags)) {
+             kind = PrintErrorKind::StrictWarning;
+-        else
++        } else {
+             kind = PrintErrorKind::Warning;
++        }
+     }
+     PrintSingleError(cx, file, toStringResult, report, kind);
+ 
+     if (report->notes) {
+-        for (auto&& note : *report->notes)
++        for (auto&& note : *report->notes) {
+             PrintSingleError(cx, file, JS::ConstUTF8CharsZ(), note.get(), PrintErrorKind::Note);
++        }
+     }
+ 
+     return true;
+ }
+ 
+ class MOZ_RAII AutoMessageArgs
+ {
+     size_t totalLength_;
+@@ -594,18 +628,19 @@ class MOZ_RAII AutoMessageArgs
+     }
+ 
+     ~AutoMessageArgs()
+     {
+         /* free the arguments only if we allocated them */
+         if (allocatedElements_) {
+             uint16_t i = 0;
+             while (i < count_) {
+-                if (args_[i])
++                if (args_[i]) {
+                     js_free((void*)args_[i]);
++                }
+                 i++;
+             }
+         }
+     }
+ 
+     const char* args(size_t i) const {
+         MOZ_ASSERT(i < count_);
+         return args_[i];
+@@ -642,31 +677,33 @@ class MOZ_RAII AutoMessageArgs
+                 break;
+               }
+               case ArgumentsAreLatin1: {
+                 MOZ_ASSERT(!argsArg);
+                 const Latin1Char* latin1 = va_arg(ap, Latin1Char*);
+                 size_t len = strlen(reinterpret_cast<const char*>(latin1));
+                 mozilla::Range<const Latin1Char> range(latin1, len);
+                 char* utf8 = JS::CharsToNewUTF8CharsZ(cx, range).c_str();
+-                if (!utf8)
++                if (!utf8) {
+                     return false;
++                }
+ 
+                 args_[i] = utf8;
+                 lengths_[i] = strlen(utf8);
+                 allocatedElements_ = true;
+                 break;
+               }
+               case ArgumentsAreUnicode: {
+                 const char16_t* uc = argsArg ? argsArg[i] : va_arg(ap, char16_t*);
+                 size_t len = js_strlen(uc);
+                 mozilla::Range<const char16_t> range(uc, len);
+                 char* utf8 = JS::CharsToNewUTF8CharsZ(cx, range).c_str();
+-                if (!utf8)
++                if (!utf8) {
+                     return false;
++                }
+ 
+                 args_[i] = utf8;
+                 lengths_[i] = strlen(utf8);
+                 allocatedElements_ = true;
+                 break;
+               }
+             }
+             totalLength_ += lengths_[i];
+@@ -703,18 +740,19 @@ bool
+ ExpandErrorArgumentsHelper(JSContext* cx, JSErrorCallback callback,
+                            void* userRef, const unsigned errorNumber,
+                            const char16_t** messageArgs,
+                            ErrorArgumentsType argumentsType,
+                            T* reportp, va_list ap)
+ {
+     const JSErrorFormatString* efs;
+ 
+-    if (!callback)
++    if (!callback) {
+         callback = GetErrorMessage;
++    }
+ 
+     {
+         gc::AutoSuppressGC suppressGC(cx);
+         efs = callback(userRef, errorNumber);
+     }
+ 
+     if (efs) {
+         SetExnType(reportp, efs->exnType);
+@@ -733,30 +771,32 @@ ExpandErrorArgumentsHelper(JSContext* cx
+                 char* out;
+ #ifdef DEBUG
+                 int expandedArgs = 0;
+ #endif
+                 size_t expandedLength;
+                 size_t len = strlen(efs->format);
+ 
+                 AutoMessageArgs args;
+-                if (!args.init(cx, messageArgs, argCount, argumentsType, ap))
++                if (!args.init(cx, messageArgs, argCount, argumentsType, ap)) {
+                     return false;
++                }
+ 
+                 expandedLength = len
+                                  - (3 * args.count()) /* exclude the {n} */
+                                  + args.totalLength();
+ 
+                 /*
+                 * Note - the above calculation assumes that each argument
+                 * is used once and only once in the expansion !!!
+                 */
+                 char* utf8 = out = cx->pod_malloc<char>(expandedLength + 1);
+-                if (!out)
++                if (!out) {
+                     return false;
++                }
+ 
+                 fmt = efs->format;
+                 while (*fmt) {
+                     if (*fmt == '{') {
+                         if (isdigit(fmt[1])) {
+                             int d = JS7_UNDEC(fmt[1]);
+                             MOZ_RELEASE_ASSERT(d < args.count());
+                             strncpy(out, args.args(d), args.lengths(d));
+@@ -777,28 +817,30 @@ ExpandErrorArgumentsHelper(JSContext* cx
+             }
+         } else {
+             /* Non-null messageArgs should have at least one non-null arg. */
+             MOZ_ASSERT(!messageArgs);
+             /*
+              * Zero arguments: the format string (if it exists) is the
+              * entire message.
+              */
+-            if (efs->format)
++            if (efs->format) {
+                 reportp->initBorrowedMessage(efs->format);
++            }
+         }
+     }
+     if (!reportp->message()) {
+         /* where's the right place for this ??? */
+         const char* defaultErrorMessage
+             = "No error message available for error number %d";
+         size_t nbytes = strlen(defaultErrorMessage) + 16;
+         char* message = cx->pod_malloc<char>(nbytes);
+-        if (!message)
++        if (!message) {
+             return false;
++        }
+         snprintf(message, nbytes, defaultErrorMessage, errorNumber);
+         reportp->initOwnedMessage(message);
+     }
+     return true;
+ }
+ 
+ bool
+ js::ExpandErrorArgumentsVA(JSContext* cx, JSErrorCallback callback,
+@@ -825,18 +867,19 @@ js::ExpandErrorArgumentsVA(JSContext* cx
+ bool
+ js::ReportErrorNumberVA(JSContext* cx, unsigned flags, JSErrorCallback callback,
+                         void* userRef, const unsigned errorNumber,
+                         ErrorArgumentsType argumentsType, va_list ap)
+ {
+     JSErrorReport report;
+     bool warning;
+ 
+-    if (checkReportFlags(cx, &flags))
++    if (checkReportFlags(cx, &flags)) {
+         return true;
++    }
+     warning = JSREPORT_IS_WARNING(flags);
+ 
+     report.flags = flags;
+     report.errorNumber = errorNumber;
+     PopulateReportBlame(cx, &report);
+ 
+     if (!ExpandErrorArgumentsVA(cx, callback, userRef, errorNumber,
+                                 nullptr, argumentsType, &report, ap)) {
+@@ -863,18 +906,19 @@ ExpandErrorArguments(JSContext* cx, JSEr
+     return expanded;
+ }
+ 
+ bool
+ js::ReportErrorNumberUCArray(JSContext* cx, unsigned flags, JSErrorCallback callback,
+                              void* userRef, const unsigned errorNumber,
+                              const char16_t** args)
+ {
+-    if (checkReportFlags(cx, &flags))
++    if (checkReportFlags(cx, &flags)) {
+         return true;
++    }
+     bool warning = JSREPORT_IS_WARNING(flags);
+ 
+     JSErrorReport report;
+     report.flags = flags;
+     report.errorNumber = errorNumber;
+     PopulateReportBlame(cx, &report);
+ 
+     if (!ExpandErrorArguments(cx, callback, userRef, errorNumber,
+@@ -886,18 +930,19 @@ js::ReportErrorNumberUCArray(JSContext* 
+     ReportError(cx, &report, callback, userRef);
+ 
+     return warning;
+ }
+ 
+ void
+ js::ReportIsNotDefined(JSContext* cx, HandleId id)
+ {
+-    if (UniqueChars printable = IdToPrintableUTF8(cx, id, IdToPrintableBehavior::IdIsIdentifier))
++    if (UniqueChars printable = IdToPrintableUTF8(cx, id, IdToPrintableBehavior::IdIsIdentifier)) {
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_NOT_DEFINED, printable.get());
++    }
+ }
+ 
+ void
+ js::ReportIsNotDefined(JSContext* cx, HandlePropertyName name)
+ {
+     RootedId id(cx, NameToId(name));
+     ReportIsNotDefined(cx, id);
+ }
+@@ -909,18 +954,19 @@ js::ReportIsNullOrUndefinedForPropertyAc
+ 
+     if (!reportScanStack) {
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_CANT_CONVERT_TO,
+                                   v.isNull() ? "null" : "undefined", "object");
+         return;
+     }
+ 
+     UniqueChars bytes = DecompileValueGenerator(cx, JSDVG_SEARCH_STACK, v, nullptr);
+-    if (!bytes)
++    if (!bytes) {
+         return;
++    }
+ 
+     if (strcmp(bytes.get(), js_undefined_str) == 0 || strcmp(bytes.get(), js_null_str) == 0) {
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_NO_PROPERTIES, bytes.get());
+     } else if (v.isUndefined()) {
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_UNEXPECTED_TYPE, bytes.get(),
+                                  js_undefined_str);
+     } else {
+         MOZ_ASSERT(v.isNull());
+@@ -931,29 +977,31 @@ js::ReportIsNullOrUndefinedForPropertyAc
+ 
+ void
+ js::ReportIsNullOrUndefinedForPropertyAccess(JSContext* cx, HandleValue v, HandleId key,
+                                              bool reportScanStack)
+ {
+     MOZ_ASSERT(v.isNullOrUndefined());
+ 
+     UniqueChars keyBytes = IdToPrintableUTF8(cx, key, IdToPrintableBehavior::IdIsPropertyKey);
+-    if (!keyBytes)
++    if (!keyBytes) {
+         return;
++    }
+ 
+     if (!reportScanStack) {
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_PROPERTY_FAIL,
+                                  keyBytes.get(),
+                                  v.isUndefined() ? js_undefined_str : js_null_str);
+         return;
+     }
+ 
+     UniqueChars bytes = DecompileValueGenerator(cx, JSDVG_SEARCH_STACK, v, nullptr);
+-    if (!bytes)
++    if (!bytes) {
+         return;
++    }
+ 
+     if (strcmp(bytes.get(), js_undefined_str) == 0 || strcmp(bytes.get(), js_null_str) == 0) {
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_PROPERTY_FAIL,
+                                  keyBytes.get(), bytes.get());
+     } else if (v.isUndefined()) {
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_PROPERTY_FAIL_EXPR,
+                                  bytes.get(), js_undefined_str, keyBytes.get());
+     } else {
+@@ -968,106 +1016,120 @@ js::ReportMissingArg(JSContext* cx, Hand
+ {
+     char argbuf[11];
+     UniqueChars bytes;
+ 
+     SprintfLiteral(argbuf, "%u", arg);
+     if (IsFunctionObject(v)) {
+         RootedAtom name(cx, v.toObject().as<JSFunction>().explicitName());
+         bytes = DecompileValueGenerator(cx, JSDVG_SEARCH_STACK, v, name);
+-        if (!bytes)
++        if (!bytes) {
+             return;
++        }
+     }
+     JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_MISSING_FUN_ARG,
+                              argbuf, bytes ? bytes.get() : "");
+ }
+ 
+ bool
+ js::ReportValueErrorFlags(JSContext* cx, unsigned flags, const unsigned errorNumber,
+                           int spindex, HandleValue v, HandleString fallback,
+                           const char* arg1, const char* arg2)
+ {
+     MOZ_ASSERT(js_ErrorFormatString[errorNumber].argCount >= 1);
+     MOZ_ASSERT(js_ErrorFormatString[errorNumber].argCount <= 3);
+     UniqueChars bytes = DecompileValueGenerator(cx, spindex, v, fallback);
+-    if (!bytes)
++    if (!bytes) {
+         return false;
++    }
+ 
+     return JS_ReportErrorFlagsAndNumberUTF8(cx, flags, GetErrorMessage, nullptr, errorNumber,
+                                             bytes.get(), arg1, arg2);
+ }
+ 
+ JSObject*
+ js::CreateErrorNotesArray(JSContext* cx, JSErrorReport* report)
+ {
+     RootedArrayObject notesArray(cx, NewDenseEmptyArray(cx));
+-    if (!notesArray)
++    if (!notesArray) {
+         return nullptr;
++    }
+ 
+-    if (!report->notes)
++    if (!report->notes) {
+         return notesArray;
++    }
+ 
+     for (auto&& note : *report->notes) {
+         RootedPlainObject noteObj(cx, NewBuiltinClassInstance<PlainObject>(cx));
+-        if (!noteObj)
++        if (!noteObj) {
+             return nullptr;
++        }
+ 
+         RootedString messageStr(cx, note->newMessageString(cx));
+-        if (!messageStr)
++        if (!messageStr) {
+             return nullptr;
++        }
+         RootedValue messageVal(cx, StringValue(messageStr));
+-        if (!DefineDataProperty(cx, noteObj, cx->names().message, messageVal))
++        if (!DefineDataProperty(cx, noteObj, cx->names().message, messageVal)) {
+             return nullptr;
++        }
+ 
+         RootedValue filenameVal(cx);
+         if (note->filename) {
+             RootedString filenameStr(cx, NewStringCopyZ<CanGC>(cx, note->filename));
+-            if (!filenameStr)
++            if (!filenameStr) {
+                 return nullptr;
++            }
+             filenameVal = StringValue(filenameStr);
+         }
+-        if (!DefineDataProperty(cx, noteObj, cx->names().fileName, filenameVal))
++        if (!DefineDataProperty(cx, noteObj, cx->names().fileName, filenameVal)) {
+             return nullptr;
++        }
+ 
+         RootedValue linenoVal(cx, Int32Value(note->lineno));
+-        if (!DefineDataProperty(cx, noteObj, cx->names().lineNumber, linenoVal))
++        if (!DefineDataProperty(cx, noteObj, cx->names().lineNumber, linenoVal)) {
+             return nullptr;
++        }
+         RootedValue columnVal(cx, Int32Value(note->column));
+-        if (!DefineDataProperty(cx, noteObj, cx->names().columnNumber, columnVal))
++        if (!DefineDataProperty(cx, noteObj, cx->names().columnNumber, columnVal)) {
+             return nullptr;
++        }
+ 
+-        if (!NewbornArrayPush(cx, notesArray, ObjectValue(*noteObj)))
++        if (!NewbornArrayPush(cx, notesArray, ObjectValue(*noteObj))) {
+             return nullptr;
++        }
+     }
+ 
+     return notesArray;
+ }
+ 
+ const JSErrorFormatString js_ErrorFormatString[JSErr_Limit] = {
+ #define MSG_DEF(name, count, exception, format) \
+     { #name, format, count, exception } ,
+ #include "js.msg"
+ #undef MSG_DEF
+ };
+ 
+ JS_FRIEND_API(const JSErrorFormatString*)
+ js::GetErrorMessage(void* userRef, const unsigned errorNumber)
+ {
+-    if (errorNumber > 0 && errorNumber < JSErr_Limit)
++    if (errorNumber > 0 && errorNumber < JSErr_Limit) {
+         return &js_ErrorFormatString[errorNumber];
++    }
+     return nullptr;
+ }
+ 
+ void
+ JSContext::recoverFromOutOfMemory()
+ {
+     if (helperThread()) {
+         // Keep in sync with addPendingOutOfMemory.
+-        if (ParseTask* task = helperThread()->parseTask())
++        if (ParseTask* task = helperThread()->parseTask()) {
+             task->outOfMemory = false;
++        }
+     } else {
+         if (isExceptionPending()) {
+             MOZ_ASSERT(isThrowingOutOfMemory());
+             clearPendingException();
+         }
+     }
+ }
+ 
+@@ -1089,18 +1151,19 @@ JS_FRIEND_API(bool)
+ js::UseInternalJobQueues(JSContext* cx)
+ {
+     // Internal job queue handling must be set up very early. Self-hosting
+     // initialization is as good a marker for that as any.
+     MOZ_RELEASE_ASSERT(!cx->runtime()->hasInitializedSelfHosting(),
+                        "js::UseInternalJobQueues must be called early during runtime startup.");
+     MOZ_ASSERT(!cx->jobQueue);
+     auto* queue = js_new<PersistentRooted<JobQueue>>(cx, JobQueue(SystemAllocPolicy()));
+-    if (!queue)
++    if (!queue) {
+         return false;
++    }
+ 
+     cx->jobQueue = queue;
+ 
+     cx->runtime()->offThreadPromiseState.ref().initInternalDispatchQueue();
+     MOZ_ASSERT(cx->runtime()->offThreadPromiseState.ref().initialized());
+ 
+     JS::SetEnqueuePromiseJobCallback(cx, InternalEnqueuePromiseJobCallback);
+ 
+@@ -1127,18 +1190,19 @@ js::StopDrainingJobQueue(JSContext* cx)
+     cx->stopDrainingJobQueue = true;
+ }
+ 
+ JS_FRIEND_API(void)
+ js::RunJobs(JSContext* cx)
+ {
+     MOZ_ASSERT(cx->jobQueue);
+ 
+-    if (cx->drainingJobQueue || cx->stopDrainingJobQueue)
++    if (cx->drainingJobQueue || cx->stopDrainingJobQueue) {
+         return;
++    }
+ 
+     while (true) {
+         cx->runtime()->offThreadPromiseState.ref().internalDrain(cx);
+ 
+         // It doesn't make sense for job queue draining to be reentrant. At the
+         // same time we don't want to assert against it, because that'd make
+         // drainJobQueue unsafe for fuzzers. We do want fuzzers to test this,
+         // so we simply ignore nested calls of drainJobQueue.
+@@ -1149,41 +1213,45 @@ js::RunJobs(JSContext* cx)
+         RootedValue rval(cx);
+ 
+         // Execute jobs in a loop until we've reached the end of the queue.
+         // Since executing a job can trigger enqueuing of additional jobs,
+         // it's crucial to re-check the queue length during each iteration.
+         for (size_t i = 0; i < cx->jobQueue->length(); i++) {
+             // A previous job might have set this flag. E.g., the js shell
+             // sets it if the `quit` builtin function is called.
+-            if (cx->stopDrainingJobQueue)
++            if (cx->stopDrainingJobQueue) {
+                 break;
++            }
+ 
+             job = cx->jobQueue->get()[i];
+ 
+             // It's possible that queue draining was interrupted prematurely,
+             // leaving the queue partly processed. In that case, slots for
+             // already-executed entries will contain nullptrs, which we should
+             // just skip.
+-            if (!job)
++            if (!job) {
+                 continue;
++            }
+ 
+             cx->jobQueue->get()[i] = nullptr;
+ 
+             // If the next job is the last job in the job queue, allow
+             // skipping the standard job queuing behavior.
+-            if (i == cx->jobQueue->length() - 1)
++            if (i == cx->jobQueue->length() - 1) {
+                 JS::JobQueueIsEmpty(cx);
++            }
+ 
+             AutoRealm ar(cx, &job->as<JSFunction>());
+             {
+                 if (!JS::Call(cx, UndefinedHandleValue, job, args, &rval)) {
+                     // Nothing we can do about uncatchable exceptions.
+-                    if (!cx->isExceptionPending())
++                    if (!cx->isExceptionPending()) {
+                         continue;
++                    }
+                     RootedValue exn(cx);
+                     if (cx->getPendingException(&exn)) {
+                         /*
+                          * Clear the exception, because
+                          * PrepareScriptEnvironmentAndInvoke will assert that we don't
+                          * have one.
+                          */
+                         cx->clearPendingException();
+@@ -1199,45 +1267,48 @@ js::RunJobs(JSContext* cx)
+         if (cx->stopDrainingJobQueue) {
+             cx->stopDrainingJobQueue = false;
+             break;
+         }
+ 
+         cx->jobQueue->clear();
+ 
+         // It's possible a job added a new off-thread promise task.
+-        if (!cx->runtime()->offThreadPromiseState.ref().internalHasPending())
++        if (!cx->runtime()->offThreadPromiseState.ref().internalHasPending()) {
+             break;
++        }
+     }
+ }
+ 
+ JS::Error JSContext::reportedError;
+ JS::OOM JSContext::reportedOOM;
+ 
+ mozilla::GenericErrorResult<OOM&>
+ JSContext::alreadyReportedOOM()
+ {
+ #ifdef DEBUG
+     if (helperThread()) {
+         // Keep in sync with addPendingOutOfMemory.
+-        if (ParseTask* task = helperThread()->parseTask())
++        if (ParseTask* task = helperThread()->parseTask()) {
+             MOZ_ASSERT(task->outOfMemory);
++        }
+     } else {
+         MOZ_ASSERT(isThrowingOutOfMemory());
+     }
+ #endif
+     return mozilla::Err(reportedOOM);
+ }
+ 
+ mozilla::GenericErrorResult<JS::Error&>
+ JSContext::alreadyReportedError()
+ {
+ #ifdef DEBUG
+-    if (!helperThread())
++    if (!helperThread()) {
+         MOZ_ASSERT(isExceptionPending());
++    }
+ #endif
+     return mozilla::Err(reportedError);
+ }
+ 
+ JSContext::JSContext(JSRuntime* runtime, const JS::ContextOptions& options)
+   : runtime_(runtime),
+     kind_(ContextKind::HelperThread),
+     helperThread_(nullptr),
+@@ -1315,42 +1386,45 @@ JSContext::JSContext(JSRuntime* runtime,
+     promiseRejectionTrackerCallbackData(nullptr)
+ {
+     MOZ_ASSERT(static_cast<JS::RootingContext*>(this) ==
+                JS::RootingContext::get(this));
+ 
+     MOZ_ASSERT(!TlsContext.get());
+     TlsContext.set(this);
+ 
+-    for (size_t i = 0; i < mozilla::ArrayLength(nativeStackQuota); i++)
++    for (size_t i = 0; i < mozilla::ArrayLength(nativeStackQuota); i++) {
+         nativeStackQuota[i] = 0;
++    }
+ }
+ 
+ JSContext::~JSContext()
+ {
+     // Clear the ContextKind first, so that ProtectedData checks will allow us to
+     // destroy this context even if the runtime is already gone.
+     kind_ = ContextKind::HelperThread;
+ 
+     /* Free the stuff hanging off of cx. */
+     MOZ_ASSERT(!resolvingList);
+ 
+-    if (dtoaState)
++    if (dtoaState) {
+         DestroyDtoaState(dtoaState);
++    }
+ 
+     fx.destroyInstance();
+     freeOsrTempData();
+ 
+ #ifdef JS_SIMULATOR
+     js::jit::Simulator::Destroy(simulator_);
+ #endif
+ 
+ #ifdef JS_TRACE_LOGGING
+-    if (traceLogger)
++    if (traceLogger) {
+         DestroyTraceLogger(traceLogger);
++    }
+ #endif
+ 
+     js_delete(atomsZoneFreeLists_.ref());
+ 
+     MOZ_ASSERT(TlsContext.get() == this);
+     TlsContext.set(nullptr);
+ }
+ 
+@@ -1366,22 +1440,24 @@ JSContext::setRuntime(JSRuntime* rt)
+     runtime_ = rt;
+ }
+ 
+ bool
+ JSContext::getPendingException(MutableHandleValue rval)
+ {
+     MOZ_ASSERT(throwing);
+     rval.set(unwrappedException());
+-    if (zone()->isAtomsZone())
++    if (zone()->isAtomsZone()) {
+         return true;
++    }
+     bool wasOverRecursed = overRecursed_;
+     clearPendingException();
+-    if (!compartment()->wrap(this, rval))
++    if (!compartment()->wrap(this, rval)) {
+         return false;
++    }
+     this->check(rval);
+     setPendingException(rval);
+     overRecursed_ = wasOverRecursed;
+     return true;
+ }
+ 
+ bool
+ JSContext::isThrowingOutOfMemory()
+@@ -1501,18 +1577,19 @@ JSContext::inAtomsZone() const
+ #endif
+ 
+ void
+ JSContext::trace(JSTracer* trc)
+ {
+     cycleDetectorVector().trace(trc);
+     geckoProfiler().trace(trc);
+ 
+-    if (trc->isMarkingTracer() && realm_)
++    if (trc->isMarkingTracer() && realm_) {
+         realm_->mark();
++    }
+ }
+ 
+ void*
+ JSContext::stackLimitAddressForJitCode(JS::StackKind kind)
+ {
+ #ifdef JS_SIMULATOR
+     return addressOfSimulatorStackLimit();
+ #else
+@@ -1560,18 +1637,19 @@ JSContext::updateMallocCounter(size_t nb
+ 
+     zone()->updateMallocCounter(nbytes);
+ }
+ 
+ #ifdef JS_CRASH_DIAGNOSTICS
+ void
+ ContextChecks::check(AbstractFramePtr frame, int argIndex)
+ {
+-    if (frame)
++    if (frame) {
+         check(frame.realm(), argIndex);
++    }
+ }
+ #endif
+ 
+ void
+ AutoEnterOOMUnsafeRegion::crash(const char* reason)
+ {
+     char msgbuf[1024];
+     js::NoteIntentionalCrash();
+@@ -1583,18 +1661,19 @@ AutoEnterOOMUnsafeRegion::crash(const ch
+ AutoEnterOOMUnsafeRegion::AnnotateOOMAllocationSizeCallback
+ AutoEnterOOMUnsafeRegion::annotateOOMSizeCallback = nullptr;
+ 
+ void
+ AutoEnterOOMUnsafeRegion::crash(size_t size, const char* reason)
+ {
+     {
+         JS::AutoSuppressGCAnalysis suppress;
+-        if (annotateOOMSizeCallback)
++        if (annotateOOMSizeCallback) {
+             annotateOOMSizeCallback(size);
++        }
+     }
+     crash(reason);
+ }
+ 
+ #ifdef DEBUG
+ AutoUnsafeCallWithABI::AutoUnsafeCallWithABI()
+   : cx_(TlsContext.get()),
+     nested_(cx_->hasAutoUnsafeCallWithABI),
+diff --git a/js/src/vm/JSContext.h b/js/src/vm/JSContext.h
+--- a/js/src/vm/JSContext.h
++++ b/js/src/vm/JSContext.h
+@@ -178,26 +178,28 @@ struct JSContext : public JS::RootingCon
+ 
+     /*
+      * This variation of calloc will call the large-allocation-failure callback
+      * on OOM and retry the allocation.
+      */
+     template <typename T>
+     T* pod_callocCanGC(size_t numElems, arena_id_t arena = js::MallocArena) {
+         T* p = maybe_pod_calloc<T>(numElems, arena);
+-        if (MOZ_LIKELY(!!p))
++        if (MOZ_LIKELY(!!p)) {
+             return p;
++        }
+         size_t bytes;
+         if (MOZ_UNLIKELY(!js::CalculateAllocSize<T>(numElems, &bytes))) {
+             reportAllocationOverflow();
+             return nullptr;
+         }
+         p = static_cast<T*>(runtime()->onOutOfMemoryCanGC(js::AllocFunction::Calloc, bytes));
+-        if (!p)
++        if (!p) {
+             return nullptr;
++        }
+         updateMallocCounter(bytes);
+         return p;
+     }
+ 
+     void updateMallocCounter(size_t nbytes);
+ 
+     void reportAllocationOverflow() {
+         js::ReportAllocationOverflow(this);
+@@ -642,18 +644,19 @@ struct JSContext : public JS::RootingCon
+     js::ThreadData<js::UniquePtr<js::jit::PcScriptCache>> ionPcScriptCache;
+ 
+   private:
+     /* Exception state -- the exception member is a GC root by definition. */
+     js::ThreadData<bool> throwing;            /* is there a pending exception? */
+     js::ThreadData<JS::PersistentRooted<JS::Value>> unwrappedException_; /* most-recently-thrown exception */
+ 
+     JS::Value& unwrappedException() {
+-        if (!unwrappedException_.ref().initialized())
++        if (!unwrappedException_.ref().initialized()) {
+             unwrappedException_.ref().init(this);
++        }
+         return unwrappedException_.ref().get();
+     }
+ 
+     // True if the exception currently being thrown is by result of
+     // ReportOverRecursed. See Debugger::slowPathOnExceptionUnwind.
+     js::ThreadData<bool> overRecursed_;
+ 
+     // True if propagating a forced return from an interrupt handler during
+@@ -717,18 +720,19 @@ struct JSContext : public JS::RootingCon
+      *
+      * New activations will reset this to nullptr on construction after getting
+      * the current value, and will restore the previous value on destruction.
+      */
+     js::ThreadData<JS::PersistentRooted<js::SavedFrame*>> asyncStackForNewActivations_;
+   public:
+ 
+     js::SavedFrame*& asyncStackForNewActivations() {
+-        if (!asyncStackForNewActivations_.ref().initialized())
++        if (!asyncStackForNewActivations_.ref().initialized()) {
+             asyncStackForNewActivations_.ref().init(this);
++        }
+         return asyncStackForNewActivations_.ref().get();
+     }
+ 
+     /*
+      * Value of asyncCause to be attached to asyncStackForNewActivations.
+      */
+     js::ThreadData<const char*> asyncCauseForNewActivations;
+ 
+diff --git a/js/src/vm/JSFunction-inl.h b/js/src/vm/JSFunction-inl.h
+--- a/js/src/vm/JSFunction-inl.h
++++ b/js/src/vm/JSFunction-inl.h
+@@ -26,27 +26,30 @@ GetFunctionNameBytes(JSContext* cx, JSFu
+         return bytes->get();
+     }
+     return js_anonymous_str;
+ }
+ 
+ inline bool
+ CanReuseFunctionForClone(JSContext* cx, HandleFunction fun)
+ {
+-    if (!fun->isSingleton())
++    if (!fun->isSingleton()) {
+         return false;
++    }
+     if (fun->isInterpretedLazy()) {
+         LazyScript* lazy = fun->lazyScript();
+-        if (lazy->hasBeenCloned())
++        if (lazy->hasBeenCloned()) {
+             return false;
++        }
+         lazy->setHasBeenCloned();
+     } else {
+         JSScript* script = fun->nonLazyScript();
+-        if (script->hasBeenCloned())
++        if (script->hasBeenCloned()) {
+             return false;
++        }
+         script->setHasBeenCloned();
+     }
+     return true;
+ }
+ 
+ inline JSFunction*
+ CloneFunctionObjectIfNotSingleton(JSContext* cx, HandleFunction fun, HandleObject parent,
+                                   HandleObject proto = nullptr,
+@@ -61,37 +64,40 @@ CloneFunctionObjectIfNotSingleton(JSCont
+      *
+      * For functions inner to run once lambda, it may be possible that
+      * the lambda runs multiple times and we repeatedly clone it. In these
+      * cases, fall through to CloneFunctionObject, which will deep clone
+      * the function's script.
+      */
+     if (CanReuseFunctionForClone(cx, fun)) {
+         ObjectOpResult succeeded;
+-        if (proto && !SetPrototype(cx, fun, proto, succeeded))
++        if (proto && !SetPrototype(cx, fun, proto, succeeded)) {
+             return nullptr;
++        }
+         MOZ_ASSERT(!proto || succeeded);
+         fun->setEnvironment(parent);
+         return fun;
+     }
+ 
+     // These intermediate variables are needed to avoid link errors on some
+     // platforms.  Sigh.
+     gc::AllocKind finalizeKind = gc::AllocKind::FUNCTION;
+     gc::AllocKind extendedFinalizeKind = gc::AllocKind::FUNCTION_EXTENDED;
+     gc::AllocKind kind = fun->isExtended()
+                          ? extendedFinalizeKind
+                          : finalizeKind;
+ 
+-    if (CanReuseScriptForClone(cx->realm(), fun, parent))
++    if (CanReuseScriptForClone(cx->realm(), fun, parent)) {
+         return CloneFunctionReuseScript(cx, fun, parent, kind, newKind, proto);
++    }
+ 
+     RootedScript script(cx, JSFunction::getOrCreateScript(cx, fun));
+-    if (!script)
++    if (!script) {
+         return nullptr;
++    }
+     RootedScope enclosingScope(cx, script->enclosingScope());
+     return CloneFunctionAndScript(cx, fun, parent, enclosingScope, kind, proto);
+ }
+ 
+ } /* namespace js */
+ 
+ /* static */ inline JS::Result<JSFunction*, JS::OOM&>
+ JSFunction::create(JSContext* cx, js::gc::AllocKind kind, js::gc::InitialHeap heap,
+@@ -105,18 +111,19 @@ JSFunction::create(JSContext* cx, js::gc
+     const js::Class* clasp = group->clasp();
+     MOZ_ASSERT(clasp->isJSFunction());
+ 
+     static constexpr size_t NumDynamicSlots = 0;
+     MOZ_ASSERT(dynamicSlotsCount(shape->numFixedSlots(), shape->slotSpan(), clasp) ==
+                NumDynamicSlots);
+ 
+     JSObject* obj = js::Allocate<JSObject>(cx, kind, NumDynamicSlots, heap, clasp);
+-    if (!obj)
++    if (!obj) {
+         return cx->alreadyReportedOOM();
++    }
+ 
+     NativeObject* nobj = static_cast<NativeObject*>(obj);
+     nobj->initGroup(group);
+     nobj->initShape(shape);
+ 
+     nobj->initSlots(nullptr);
+     nobj->setEmptyElements();
+ 
+@@ -130,18 +137,19 @@ JSFunction::create(JSContext* cx, js::gc
+     // value to which we could sensibly initialize this.
+     MOZ_MAKE_MEM_UNDEFINED(&fun->u, sizeof(u));
+ 
+     // Safe: we're initializing for the very first time.
+     fun->atom_.unsafeSet(nullptr);
+ 
+     if (kind == js::gc::AllocKind::FUNCTION_EXTENDED) {
+         fun->setFlags(JSFunction::EXTENDED);
+-        for (js::GCPtrValue& extendedSlot : fun->toExtended()->extendedSlots)
++        for (js::GCPtrValue& extendedSlot : fun->toExtended()->extendedSlots) {
+             extendedSlot.unsafeSet(JS::DoubleValue(+0.0));
++        }
+     } else {
+         fun->setFlags(0);
+     }
+ 
+     MOZ_ASSERT(!clasp->shouldDelayMetadataBuilder(),
+                "Function has no extra data hanging off it, that wouldn't be "
+                "allocated at this point, that would require delaying the "
+                "building of metadata for it");
+diff --git a/js/src/vm/JSFunction.cpp b/js/src/vm/JSFunction.cpp
+--- a/js/src/vm/JSFunction.cpp
++++ b/js/src/vm/JSFunction.cpp
+@@ -75,30 +75,33 @@ fun_enumerate(JSContext* cx, HandleObjec
+ {
+     MOZ_ASSERT(obj->is<JSFunction>());
+ 
+     RootedId id(cx);
+     bool found;
+ 
+     if (!obj->isBoundFunction() && !obj->as<JSFunction>().isArrow()) {
+         id = NameToId(cx->names().prototype);
+-        if (!HasOwnProperty(cx, obj, id, &found))
++        if (!HasOwnProperty(cx, obj, id, &found)) {
+             return false;
++        }
+     }
+ 
+     if (!obj->as<JSFunction>().hasResolvedLength()) {
+         id = NameToId(cx->names().length);
+-        if (!HasOwnProperty(cx, obj, id, &found))
++        if (!HasOwnProperty(cx, obj, id, &found)) {
+             return false;
++        }
+     }
+ 
+     if (!obj->as<JSFunction>().hasResolvedName()) {
+         id = NameToId(cx->names().name);
+-        if (!HasOwnProperty(cx, obj, id, &found))
++        if (!HasOwnProperty(cx, obj, id, &found)) {
+             return false;
++        }
+     }
+ 
+     return true;
+ }
+ 
+ bool
+ IsFunction(HandleValue v)
+ {
+@@ -106,48 +109,53 @@ IsFunction(HandleValue v)
+ }
+ 
+ static bool
+ AdvanceToActiveCallLinear(JSContext* cx, NonBuiltinScriptFrameIter& iter, HandleFunction fun)
+ {
+     MOZ_ASSERT(!fun->isBuiltin());
+ 
+     for (; !iter.done(); ++iter) {
+-        if (!iter.isFunctionFrame())
++        if (!iter.isFunctionFrame()) {
+             continue;
+-        if (iter.matchCallee(cx, fun))
++        }
++        if (iter.matchCallee(cx, fun)) {
+             return true;
++        }
+     }
+     return false;
+ }
+ 
+ void
+ js::ThrowTypeErrorBehavior(JSContext* cx)
+ {
+     JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_THROW_TYPE_ERROR);
+ }
+ 
+ static bool
+ IsSloppyNormalFunction(JSFunction* fun)
+ {
+     // FunctionDeclaration or FunctionExpression in sloppy mode.
+     if (fun->kind() == JSFunction::NormalFunction) {
+-        if (fun->isBuiltin() || fun->isBoundFunction())
++        if (fun->isBuiltin() || fun->isBoundFunction()) {
+             return false;
+-
+-        if (fun->isGenerator() || fun->isAsync())
++        }
++
++        if (fun->isGenerator() || fun->isAsync()) {
+             return false;
++        }
+ 
+         MOZ_ASSERT(fun->isInterpreted());
+         return !fun->strict();
+     }
+ 
+     // Or asm.js function in sloppy mode.
+-    if (fun->kind() == JSFunction::AsmJS)
++    if (fun->kind() == JSFunction::AsmJS) {
+         return !IsAsmJSStrictModeModuleOrFunction(fun);
++    }
+ 
+     return false;
+ }
+ 
+ // Beware: this function can be invoked on *any* function! That includes
+ // natives, strict mode functions, bound functions, arrow functions,
+ // self-hosted functions and constructors, asm.js functions, functions with
+ // destructuring arguments and/or a rest argument, and probably a few more I
+@@ -176,29 +184,31 @@ ArgumentsRestrictions(JSContext* cx, Han
+ }
+ 
+ bool
+ ArgumentsGetterImpl(JSContext* cx, const CallArgs& args)
+ {
+     MOZ_ASSERT(IsFunction(args.thisv()));
+ 
+     RootedFunction fun(cx, &args.thisv().toObject().as<JSFunction>());
+-    if (!ArgumentsRestrictions(cx, fun))
++    if (!ArgumentsRestrictions(cx, fun)) {
+         return false;
++    }
+ 
+     // Return null if this function wasn't found on the stack.
+     NonBuiltinScriptFrameIter iter(cx);
+     if (!AdvanceToActiveCallLinear(cx, iter, fun)) {
+         args.rval().setNull();
+         return true;
+     }
+ 
+     Rooted<ArgumentsObject*> argsobj(cx, ArgumentsObject::createUnexpected(cx, iter));
+-    if (!argsobj)
++    if (!argsobj) {
+         return false;
++    }
+ 
+ #ifndef JS_CODEGEN_NONE
+     // Disabling compiling of this script in IonMonkey.  IonMonkey doesn't
+     // guarantee |f.arguments| can be fully recovered, so we try to mitigate
+     // observing this behavior by detecting its use early.
+     JSScript* script = iter.script();
+     jit::ForbidCompilation(cx, script);
+ #endif
+@@ -215,18 +225,19 @@ ArgumentsGetter(JSContext* cx, unsigned 
+ }
+ 
+ bool
+ ArgumentsSetterImpl(JSContext* cx, const CallArgs& args)
+ {
+     MOZ_ASSERT(IsFunction(args.thisv()));
+ 
+     RootedFunction fun(cx, &args.thisv().toObject().as<JSFunction>());
+-    if (!ArgumentsRestrictions(cx, fun))
++    if (!ArgumentsRestrictions(cx, fun)) {
+         return false;
++    }
+ 
+     // If the function passes the gauntlet, return |undefined|.
+     args.rval().setUndefined();
+     return true;
+ }
+ 
+ static bool
+ ArgumentsSetter(JSContext* cx, unsigned argc, Value* vp)
+@@ -268,56 +279,61 @@ CallerGetterImpl(JSContext* cx, const Ca
+ {
+     MOZ_ASSERT(IsFunction(args.thisv()));
+ 
+     // Beware!  This function can be invoked on *any* function!  It can't
+     // assume it'll never be invoked on natives, strict mode functions, bound
+     // functions, or anything else that ordinarily has immutable .caller
+     // defined with [[ThrowTypeError]].
+     RootedFunction fun(cx, &args.thisv().toObject().as<JSFunction>());
+-    if (!CallerRestrictions(cx, fun))
++    if (!CallerRestrictions(cx, fun)) {
+         return false;
++    }
+ 
+     // Also return null if this function wasn't found on the stack.
+     NonBuiltinScriptFrameIter iter(cx);
+     if (!AdvanceToActiveCallLinear(cx, iter, fun)) {
+         args.rval().setNull();
+         return true;
+     }
+ 
+     ++iter;
+-    while (!iter.done() && iter.isEvalFrame())
++    while (!iter.done() && iter.isEvalFrame()) {
+         ++iter;
++    }
+ 
+     if (iter.done() || !iter.isFunctionFrame()) {
+         args.rval().setNull();
+         return true;
+     }
+ 
+     RootedObject caller(cx, iter.callee(cx));
+-    if (caller->is<JSFunction>() && caller->as<JSFunction>().isAsync())
++    if (caller->is<JSFunction>() && caller->as<JSFunction>().isAsync()) {
+         caller = GetWrappedAsyncFunction(&caller->as<JSFunction>());
+-    if (!cx->compartment()->wrap(cx, &caller))
++    }
++    if (!cx->compartment()->wrap(cx, &caller)) {
+         return false;
++    }
+ 
+     // Censor the caller if we don't have full access to it.  If we do, but the
+     // caller is a function with strict mode code, throw a TypeError per ES5.
+     // If we pass these checks, we can return the computed caller.
+     {
+         JSObject* callerObj = CheckedUnwrap(caller);
+         if (!callerObj) {
+             args.rval().setNull();
+             return true;
+         }
+ 
+         JSFunction* callerFun = &callerObj->as<JSFunction>();
+-        if (IsWrappedAsyncFunction(callerFun))
++        if (IsWrappedAsyncFunction(callerFun)) {
+             callerFun = GetUnwrappedAsyncFunction(callerFun);
+-        else if (IsWrappedAsyncGenerator(callerFun))
++        } else if (IsWrappedAsyncGenerator(callerFun)) {
+             callerFun = GetUnwrappedAsyncGenerator(callerFun);
++        }
+         MOZ_ASSERT(!callerFun->isBuiltin(), "non-builtin iterator returned a builtin?");
+ 
+         if (callerFun->strict()) {
+             JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_CALLER_IS_STRICT);
+             return false;
+         }
+     }
+ 
+@@ -337,53 +353,58 @@ CallerSetterImpl(JSContext* cx, const Ca
+ {
+     MOZ_ASSERT(IsFunction(args.thisv()));
+ 
+     // Beware!  This function can be invoked on *any* function!  It can't
+     // assume it'll never be invoked on natives, strict mode functions, bound
+     // functions, or anything else that ordinarily has immutable .caller
+     // defined with [[ThrowTypeError]].
+     RootedFunction fun(cx, &args.thisv().toObject().as<JSFunction>());
+-    if (!CallerRestrictions(cx, fun))
++    if (!CallerRestrictions(cx, fun)) {
+         return false;
++    }
+ 
+     // Return |undefined| unless an error must be thrown.
+     args.rval().setUndefined();
+ 
+     // We can almost just return |undefined| here -- but if the caller function
+     // was strict mode code, we still have to throw a TypeError.  This requires
+     // computing the caller, checking that no security boundaries are crossed,
+     // and throwing a TypeError if the resulting caller is strict.
+ 
+     NonBuiltinScriptFrameIter iter(cx);
+-    if (!AdvanceToActiveCallLinear(cx, iter, fun))
++    if (!AdvanceToActiveCallLinear(cx, iter, fun)) {
+         return true;
++    }
+ 
+     ++iter;
+-    while (!iter.done() && iter.isEvalFrame())
++    while (!iter.done() && iter.isEvalFrame()) {
+         ++iter;
+-
+-    if (iter.done() || !iter.isFunctionFrame())
++    }
++
++    if (iter.done() || !iter.isFunctionFrame()) {
+         return true;
++    }
+ 
+     RootedObject caller(cx, iter.callee(cx));
+     // |caller| is only used for security access-checking and for its
+     // strictness.  An unwrapped async function has its wrapped async
+     // function's security access and strictness, so don't bother calling
+     // |GetUnwrappedAsyncFunction|.
+     if (!cx->compartment()->wrap(cx, &caller)) {
+         cx->clearPendingException();
+         return true;
+     }
+ 
+     // If we don't have full access to the caller, or the caller is not strict,
+     // return undefined.  Otherwise throw a TypeError.
+     JSObject* callerObj = CheckedUnwrap(caller);
+-    if (!callerObj)
++    if (!callerObj) {
+         return true;
++    }
+ 
+     JSFunction* callerFun = &callerObj->as<JSFunction>();
+     MOZ_ASSERT(!callerFun->isBuiltin(), "non-builtin iterator returned a builtin?");
+ 
+     if (callerFun->strict()) {
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_CALLER_IS_STRICT);
+         return false;
+     }
+@@ -420,38 +441,42 @@ ResolveInterpretedFunctionPrototype(JSCo
+ 
+     // Make the prototype object an instance of Object with the same parent as
+     // the function object itself, unless the function is an ES6 generator.  In
+     // that case, per the 15 July 2013 ES6 draft, section 15.19.3, its parent is
+     // the GeneratorObjectPrototype singleton.
+     bool isGenerator = fun->isGenerator();
+     Rooted<GlobalObject*> global(cx, &fun->global());
+     RootedObject objProto(cx);
+-    if (isAsyncGenerator)
++    if (isAsyncGenerator) {
+         objProto = GlobalObject::getOrCreateAsyncGeneratorPrototype(cx, global);
+-    else if (isGenerator)
++    } else if (isGenerator) {
+         objProto = GlobalObject::getOrCreateGeneratorObjectPrototype(cx, global);
+-    else
++    } else {
+         objProto = GlobalObject::getOrCreateObjectPrototype(cx, global);
+-    if (!objProto)
++    }
++    if (!objProto) {
+         return false;
++    }
+ 
+     RootedPlainObject proto(cx, NewObjectWithGivenProto<PlainObject>(cx, objProto,
+                                                                      SingletonObject));
+-    if (!proto)
++    if (!proto) {
+         return false;
++    }
+ 
+     // Per ES5 13.2 the prototype's .constructor property is configurable,
+     // non-enumerable, and writable.  However, per the 15 July 2013 ES6 draft,
+     // section 15.19.3, the .prototype of a generator function does not link
+     // back with a .constructor.
+     if (!isGenerator && !isAsyncGenerator) {
+         RootedValue objVal(cx, ObjectValue(*fun));
+-        if (!DefineDataProperty(cx, proto, cx->names().constructor, objVal, 0))
++        if (!DefineDataProperty(cx, proto, cx->names().constructor, objVal, 0)) {
+             return false;
++        }
+     }
+ 
+     // Per ES5 15.3.5.2 a user-defined function's .prototype property is
+     // initially non-configurable, non-enumerable, and writable.
+     RootedValue protoVal(cx, ObjectValue(*proto));
+     return DefineDataProperty(cx, fun, id, protoVal, JSPROP_PERMANENT | JSPROP_RESOLVING);
+ }
+ 
+@@ -471,46 +496,51 @@ JSFunction::needsPrototypeProperty()
+      * Generators are not constructors, but they have a .prototype property anyway,
+      * according to errata to ES6. See bug 1191486.
+      *
+      * Thus all of the following don't get a .prototype property:
+      * - Methods (that are not class-constructors or generators)
+      * - Arrow functions
+      * - Function.prototype
+      */
+-    if (isBuiltin())
++    if (isBuiltin()) {
+         return IsWrappedAsyncGenerator(this);
++    }
+ 
+     return isConstructor() || isGenerator() || isAsync();
+ }
+ 
+ static bool
+ fun_mayResolve(const JSAtomState& names, jsid id, JSObject*)
+ {
+-    if (!JSID_IS_ATOM(id))
++    if (!JSID_IS_ATOM(id)) {
+         return false;
++    }
+ 
+     JSAtom* atom = JSID_TO_ATOM(id);
+     return atom == names.prototype || atom == names.length || atom == names.name;
+ }
+ 
+ static bool
+ fun_resolve(JSContext* cx, HandleObject obj, HandleId id, bool* resolvedp)
+ {
+-    if (!JSID_IS_ATOM(id))
++    if (!JSID_IS_ATOM(id)) {
+         return true;
++    }
+ 
+     RootedFunction fun(cx, &obj->as<JSFunction>());
+ 
+     if (JSID_IS_ATOM(id, cx->names().prototype)) {
+-        if (!fun->needsPrototypeProperty())
++        if (!fun->needsPrototypeProperty()) {
+             return true;
+-
+-        if (!ResolveInterpretedFunctionPrototype(cx, fun, id))
++        }
++
++        if (!ResolveInterpretedFunctionPrototype(cx, fun, id)) {
+             return false;
++        }
+ 
+         *resolvedp = true;
+         return true;
+     }
+ 
+     bool isLength = JSID_IS_ATOM(id, cx->names().length);
+     if (isLength || JSID_IS_ATOM(id, cx->names().name)) {
+         MOZ_ASSERT(!IsInternalFunctionObject(*obj));
+@@ -527,43 +557,50 @@ fun_resolve(JSContext* cx, HandleObject 
+         // Afterwards, asking for f.length or f.name again will cause this
+         // resolve hook to run again. Defining the property again the second
+         // time through would be a bug.
+         //     assertEq(f.length, 0);  // gets Function.prototype.length!
+         //     assertEq(f.name, "");  // gets Function.prototype.name!
+         // We use the RESOLVED_LENGTH and RESOLVED_NAME flags as a hack to prevent this
+         // bug.
+         if (isLength) {
+-            if (fun->hasResolvedLength())
++            if (fun->hasResolvedLength()) {
+                 return true;
+-
+-            if (!JSFunction::getUnresolvedLength(cx, fun, &v))
++            }
++
++            if (!JSFunction::getUnresolvedLength(cx, fun, &v)) {
+                 return false;
++            }
+         } else {
+-            if (fun->hasResolvedName())
++            if (fun->hasResolvedName()) {
+                 return true;
++            }
+ 
+             RootedString name(cx);
+-            if (!JSFunction::getUnresolvedName(cx, fun, &name))
++            if (!JSFunction::getUnresolvedName(cx, fun, &name)) {
+                 return false;
++            }
+ 
+             // Don't define an own .name property for unnamed functions.
+-            if (!name)
++            if (!name) {
+                 return true;
++            }
+ 
+             v.setString(name);
+         }
+ 
+-        if (!NativeDefineDataProperty(cx, fun, id, v, JSPROP_READONLY | JSPROP_RESOLVING))
++        if (!NativeDefineDataProperty(cx, fun, id, v, JSPROP_READONLY | JSPROP_RESOLVING)) {
+             return false;
+-
+-        if (isLength)
++        }
++
++        if (isLength) {
+             fun->setResolvedLength();
+-        else
++        } else {
+             fun->setResolvedName();
++        }
+ 
+         *resolvedp = true;
+         return true;
+     }
+ 
+     return true;
+ }
+ 
+@@ -586,36 +623,40 @@ js::XDRInterpretedFunction(XDRState<mode
+ 
+     JSContext* cx = xdr->cx();
+     RootedFunction fun(cx);
+     RootedScript script(cx);
+     Rooted<LazyScript*> lazy(cx);
+ 
+     if (mode == XDR_ENCODE) {
+         fun = objp;
+-        if (!fun->isInterpreted())
++        if (!fun->isInterpreted()) {
+             return xdr->fail(JS::TranscodeResult_Failure_NotInterpretedFun);
+-
+-        if (fun->explicitName() || fun->hasInferredName() || fun->hasGuessedAtom())
++        }
++
++        if (fun->explicitName() || fun->hasInferredName() || fun->hasGuessedAtom()) {
+             firstword |= HasAtom;
+-
+-        if (fun->isGenerator() || fun->isAsync())
++        }
++
++        if (fun->isGenerator() || fun->isAsync()) {
+             firstword |= HasGeneratorProto;
++        }
+ 
+         if (fun->isInterpretedLazy()) {
+             // Encode a lazy script.
+             firstword |= IsLazy;
+             lazy = fun->lazyScript();
+         } else {
+             // Encode the script.
+             script = fun->nonLazyScript();
+         }
+ 
+-        if (fun->isSingleton())
++        if (fun->isSingleton()) {
+             firstword |= HasSingletonType;
++        }
+ 
+         atom = fun->displayAtom();
+         flagsword = (fun->nargs() << 16) |
+                     (fun->flags() & ~JSFunction::NO_XDR_FLAGS);
+ 
+         // The environment of any function which is not reused will always be
+         // null, it is later defined when a function is cloned or reused to
+         // mirror the scope chain.
+@@ -626,58 +667,64 @@ js::XDRInterpretedFunction(XDRState<mode
+ 
+     // Everything added below can substituted by the non-lazy-script version of
+     // this function later.
+     MOZ_TRY(xdr->codeAlign(sizeof(js::XDRAlignment)));
+     js::AutoXDRTree funTree(xdr, xdr->getTreeKey(fun));
+ 
+     MOZ_TRY(xdr->codeUint32(&firstword));
+ 
+-    if (firstword & HasAtom)
++    if (firstword & HasAtom) {
+         MOZ_TRY(XDRAtom(xdr, &atom));
++    }
+     MOZ_TRY(xdr->codeUint32(&flagsword));
+ 
+     if (mode == XDR_DECODE) {
+         RootedObject proto(cx);
+         if (firstword & HasGeneratorProto) {
+             proto = GlobalObject::getOrCreateGeneratorFunctionPrototype(cx, cx->global());
+-            if (!proto)
++            if (!proto) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+         }
+ 
+         gc::AllocKind allocKind = gc::AllocKind::FUNCTION;
+-        if (uint16_t(flagsword) & JSFunction::EXTENDED)
++        if (uint16_t(flagsword) & JSFunction::EXTENDED) {
+             allocKind = gc::AllocKind::FUNCTION_EXTENDED;
++        }
+         fun = NewFunctionWithProto(cx, nullptr, 0, JSFunction::INTERPRETED,
+                                    /* enclosingDynamicScope = */ nullptr, nullptr, proto,
+                                    allocKind, TenuredObject);
+-        if (!fun)
++        if (!fun) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+         script = nullptr;
+     }
+ 
+-    if (firstword & IsLazy)
++    if (firstword & IsLazy) {
+         MOZ_TRY(XDRLazyScript(xdr, enclosingScope, sourceObject, fun, &lazy));
+-    else
++    } else {
+         MOZ_TRY(XDRScript(xdr, enclosingScope, sourceObject, fun, &script));
++    }
+ 
+     if (mode == XDR_DECODE) {
+         fun->setArgCount(flagsword >> 16);
+         fun->setFlags(uint16_t(flagsword));
+         fun->initAtom(atom);
+         if (firstword & IsLazy) {
+             MOZ_ASSERT(fun->lazyScript() == lazy);
+         } else {
+             MOZ_ASSERT(fun->nonLazyScript() == script);
+             MOZ_ASSERT(fun->nargs() == script->numArgs());
+         }
+ 
+         bool singleton = firstword & HasSingletonType;
+-        if (!JSFunction::setTypeForScriptedFunction(cx, fun, singleton))
++        if (!JSFunction::setTypeForScriptedFunction(cx, fun, singleton)) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+         objp.set(fun);
+     }
+ 
+     // Verify marker at end of function to detect buffer trunction.
+     MOZ_TRY(xdr->codeMarker(0x9E35CA1F));
+ 
+     // Required by AutoXDRTree to copy & paste snipet of sub-trees while keeping
+     // the alignment.
+@@ -714,18 +761,19 @@ js::fun_symbolHasInstance(JSContext* cx,
+         args.rval().setBoolean(false);
+         return true;
+     }
+ 
+     RootedObject obj(cx, &func.toObject());
+ 
+     /* Step 2. */
+     bool result;
+-    if (!OrdinaryHasInstance(cx, obj, args[0], &result))
++    if (!OrdinaryHasInstance(cx, obj, args[0], &result)) {
+         return false;
++    }
+ 
+     args.rval().setBoolean(result);
+     return true;
+ }
+ 
+ /*
+  * ES6 (4-25-16) 7.3.19 OrdinaryHasInstance
+  */
+@@ -753,35 +801,37 @@ JS::OrdinaryHasInstance(JSContext* cx, H
+     /* Step 3. */
+     if (!v.isObject()) {
+         *bp = false;
+         return true;
+     }
+ 
+     /* Step 4. */
+     RootedValue pval(cx);
+-    if (!GetProperty(cx, obj, obj, cx->names().prototype, &pval))
++    if (!GetProperty(cx, obj, obj, cx->names().prototype, &pval)) {
+         return false;
++    }
+ 
+     /* Step 5. */
+     if (pval.isPrimitive()) {
+         /*
+          * Throw a runtime error if instanceof is called on a function that
+          * has a non-object as its .prototype value.
+          */
+         RootedValue val(cx, ObjectValue(*obj));
+         ReportValueError(cx, JSMSG_BAD_PROTOTYPE, -1, val, nullptr);
+         return false;
+     }
+ 
+     /* Step 6. */
+     RootedObject pobj(cx, &pval.toObject());
+     bool isPrototype;
+-    if (!IsPrototypeOf(cx, pobj, &v.toObject(), &isPrototype))
++    if (!IsPrototypeOf(cx, pobj, &v.toObject(), &isPrototype)) {
+         return false;
++    }
+     *bp = isPrototype;
+     return true;
+ }
+ 
+ inline void
+ JSFunction::trace(JSTracer* trc)
+ {
+     if (isExtended()) {
+@@ -790,23 +840,25 @@ JSFunction::trace(JSTracer* trc)
+     }
+ 
+     TraceNullableEdge(trc, &atom_, "atom");
+ 
+     if (isInterpreted()) {
+         // Functions can be be marked as interpreted despite having no script
+         // yet at some points when parsing, and can be lazy with no lazy script
+         // for self-hosted code.
+-        if (hasScript() && !hasUncompletedScript())
++        if (hasScript() && !hasUncompletedScript()) {
+             TraceManuallyBarrieredEdge(trc, &u.scripted.s.script_, "script");
+-        else if (isInterpretedLazy() && u.scripted.s.lazy_)
++        } else if (isInterpretedLazy() && u.scripted.s.lazy_) {
+             TraceManuallyBarrieredEdge(trc, &u.scripted.s.lazy_, "lazyScript");
+-
+-        if (u.scripted.env_)
++        }
++
++        if (u.scripted.env_) {
+             TraceManuallyBarrieredEdge(trc, &u.scripted.env_, "fun_environment");
++        }
+     }
+ }
+ 
+ static void
+ fun_trace(JSTracer* trc, JSObject* obj)
+ {
+     obj->as<JSFunction>().trace(trc);
+ }
+@@ -816,18 +868,19 @@ CreateFunctionConstructor(JSContext* cx,
+ {
+     Rooted<GlobalObject*> global(cx, cx->global());
+     RootedObject functionProto(cx, &global->getPrototype(JSProto_Function).toObject());
+ 
+     RootedObject functionCtor(cx,
+       NewFunctionWithProto(cx, Function, 1, JSFunction::NATIVE_CTOR,
+                            nullptr, HandlePropertyName(cx->names().Function),
+                            functionProto, gc::AllocKind::FUNCTION, SingletonObject));
+-    if (!functionCtor)
++    if (!functionCtor) {
+         return nullptr;
++    }
+ 
+     return functionCtor;
+ }
+ 
+ static JSObject*
+ CreateFunctionPrototype(JSContext* cx, JSProtoKey key)
+ {
+     Rooted<GlobalObject*> self(cx, cx->global());
+@@ -836,68 +889,77 @@ CreateFunctionPrototype(JSContext* cx, J
+     /*
+      * Bizarrely, |Function.prototype| must be an interpreted function, so
+      * give it the guts to be one.
+      */
+     RootedObject enclosingEnv(cx, &self->lexicalEnvironment());
+     RootedFunction functionProto(cx, NewFunctionWithProto(cx, nullptr, 0, JSFunction::INTERPRETED,
+                                                           enclosingEnv, nullptr, objectProto,
+                                                           gc::AllocKind::FUNCTION, SingletonObject));
+-    if (!functionProto)
++    if (!functionProto) {
+     	return nullptr;
++    }
+ 
+     const char* rawSource = "function () {\n}";
+     size_t sourceLen = strlen(rawSource);
+     size_t begin = 9;
+     MOZ_ASSERT(rawSource[begin] == '(');
+     UniqueTwoByteChars source(InflateString(cx, rawSource, sourceLen));
+-    if (!source)
++    if (!source) {
+         return nullptr;
++    }
+ 
+     ScriptSource* ss = cx->new_<ScriptSource>();
+-    if (!ss)
++    if (!ss) {
+         return nullptr;
++    }
+     ScriptSourceHolder ssHolder(ss);
+-    if (!ss->setSource(cx, std::move(source), sourceLen))
++    if (!ss->setSource(cx, std::move(source), sourceLen)) {
+         return nullptr;
++    }
+ 
+     CompileOptions options(cx);
+     options.setIntroductionType("Function.prototype")
+            .setNoScriptRval(true);
+-    if (!ss->initFromOptions(cx, options))
++    if (!ss->initFromOptions(cx, options)) {
+         return nullptr;
++    }
+     RootedScriptSourceObject sourceObject(cx, ScriptSourceObject::create(cx, ss));
+-    if (!sourceObject || !ScriptSourceObject::initFromOptions(cx, sourceObject, options))
++    if (!sourceObject || !ScriptSourceObject::initFromOptions(cx, sourceObject, options)) {
+         return nullptr;
++    }
+ 
+     RootedScript script(cx, JSScript::Create(cx,
+                                              options,
+                                              sourceObject,
+                                              begin,
+                                              ss->length(),
+                                              0,
+                                              ss->length()));
+-    if (!script || !JSScript::initFunctionPrototype(cx, script, functionProto))
++    if (!script || !JSScript::initFunctionPrototype(cx, script, functionProto)) {
+         return nullptr;
++    }
+ 
+     functionProto->initScript(script);
+     ObjectGroup* protoGroup = JSObject::getGroup(cx, functionProto);
+-    if (!protoGroup)
++    if (!protoGroup) {
+         return nullptr;
++    }
+ 
+     protoGroup->setInterpretedFunction(functionProto);
+ 
+     /*
+      * The default 'new' group of Function.prototype is required by type
+      * inference to have unknown properties, to simplify handling of e.g.
+      * NewFunctionClone.
+      */
+     ObjectGroupRealm& realm = ObjectGroupRealm::getForNewObject(cx);
+-    if (!JSObject::setNewGroupUnknown(cx, realm, &JSFunction::class_, functionProto))
++    if (!JSObject::setNewGroupUnknown(cx, realm, &JSFunction::class_, functionProto)) {
+         return nullptr;
++    }
+ 
+     return functionProto;
+ }
+ 
+ static const ClassOps JSFunctionClassOps = {
+     nullptr,                 /* addProperty */
+     nullptr,                 /* delProperty */
+     fun_enumerate,
+@@ -928,54 +990,60 @@ const Class JSFunction::class_ = {
+ };
+ 
+ const Class* const js::FunctionClassPtr = &JSFunction::class_;
+ 
+ JSString*
+ js::FunctionToStringCache::lookup(JSScript* script) const
+ {
+     for (size_t i = 0; i < NumEntries; i++) {
+-        if (entries_[i].script == script)
++        if (entries_[i].script == script) {
+             return entries_[i].string;
++        }
+     }
+     return nullptr;
+ }
+ 
+ void
+ js::FunctionToStringCache::put(JSScript* script, JSString* string)
+ {
+-    for (size_t i = NumEntries - 1; i > 0; i--)
++    for (size_t i = NumEntries - 1; i > 0; i--) {
+         entries_[i] = entries_[i - 1];
++    }
+ 
+     entries_[0].set(script, string);
+ }
+ 
+ JSString*
+ js::FunctionToString(JSContext* cx, HandleFunction fun, bool isToSource)
+ {
+-    if (fun->isInterpretedLazy() && !JSFunction::getOrCreateScript(cx, fun))
++    if (fun->isInterpretedLazy() && !JSFunction::getOrCreateScript(cx, fun)) {
+         return nullptr;
+-
+-    if (IsAsmJSModule(fun))
++    }
++
++    if (IsAsmJSModule(fun)) {
+         return AsmJSModuleToString(cx, fun, isToSource);
+-    if (IsAsmJSFunction(fun))
++    }
++    if (IsAsmJSFunction(fun)) {
+         return AsmJSFunctionToString(cx, fun);
++    }
+ 
+     if (IsWrappedAsyncFunction(fun)) {
+         RootedFunction unwrapped(cx, GetUnwrappedAsyncFunction(fun));
+         return FunctionToString(cx, unwrapped, isToSource);
+     }
+     if (IsWrappedAsyncGenerator(fun)) {
+         RootedFunction unwrapped(cx, GetUnwrappedAsyncGenerator(fun));
+         return FunctionToString(cx, unwrapped, isToSource);
+     }
+ 
+     RootedScript script(cx);
+-    if (fun->hasScript())
++    if (fun->hasScript()) {
+         script = fun->nonLazyScript();
++    }
+ 
+     // Default class constructors are self-hosted, but have their source
+     // objects overridden to refer to the span of the class statement or
+     // expression. Non-default class constructors are never self-hosted. So,
+     // all class constructors always have source.
+     bool haveSource = fun->isInterpreted() && (fun->isClassConstructor() ||
+                                                !fun->isSelfHostedBuiltin());
+ 
+@@ -987,66 +1055,76 @@ js::FunctionToString(JSContext* cx, Hand
+         !JSScript::loadSource(cx, script->scriptSource(), &haveSource))
+     {
+         return nullptr;
+     }
+ 
+     // Fast path for the common case, to avoid StringBuffer overhead.
+     if (!addParentheses && haveSource) {
+         FunctionToStringCache& cache = cx->zone()->functionToStringCache();
+-        if (JSString* str = cache.lookup(script))
++        if (JSString* str = cache.lookup(script)) {
+             return str;
++        }
+ 
+         size_t start = script->toStringStart(), end = script->toStringEnd();
+         JSString* str = (end - start <= ScriptSource::SourceDeflateLimit)
+             ? script->scriptSource()->substring(cx, start, end)
+             : script->scriptSource()->substringDontDeflate(cx, start, end);
+-        if (!str)
++        if (!str) {
+             return nullptr;
++        }
+ 
+         cache.put(script, str);
+         return str;
+     }
+ 
+     StringBuffer out(cx);
+     if (addParentheses) {
+-        if (!out.append('('))
++        if (!out.append('(')) {
+             return nullptr;
++        }
+     }
+ 
+     if (haveSource) {
+-        if (!script->appendSourceDataForToString(cx, out))
++        if (!script->appendSourceDataForToString(cx, out)) {
+             return nullptr;
++        }
+     } else {
+         if (fun->isAsync()) {
+-            if (!out.append("async "))
++            if (!out.append("async ")) {
+                 return nullptr;
++            }
+         }
+ 
+         if (!fun->isArrow()) {
+-            if (!out.append("function"))
++            if (!out.append("function")) {
+                 return nullptr;
++            }
+ 
+             if (fun->isGenerator()) {
+-                if (!out.append('*'))
++                if (!out.append('*')) {
+                     return nullptr;
++                }
+             }
+         }
+ 
+         if (fun->explicitName()) {
+-            if (!out.append(' '))
++            if (!out.append(' ')) {
+                 return nullptr;
++            }
+ 
+             if (fun->isBoundFunction()) {
+                 JSLinearString* boundName = JSFunction::getBoundFunctionName(cx, fun);
+-                if (!boundName || !out.append(boundName))
++                if (!boundName || !out.append(boundName)) {
+                     return nullptr;
++                }
+             } else {
+-                if (!out.append(fun->explicitName()))
++                if (!out.append(fun->explicitName())) {
+                     return nullptr;
++                }
+             }
+         }
+ 
+         if (fun->isInterpreted() &&
+             (!fun->isSelfHostedBuiltin() ||
+              fun->infallibleIsDefaultClassConstructor(cx)))
+         {
+             // Default class constructors should always haveSource except;
+@@ -1055,38 +1133,42 @@ js::FunctionToString(JSContext* cx, Hand
+             //
+             // 2. The source is marked as "lazy", i.e., retrieved on demand, and
+             // the embedding has not provided a hook to retrieve sources.
+             MOZ_ASSERT_IF(fun->infallibleIsDefaultClassConstructor(cx),
+                           !cx->runtime()->sourceHook.ref() ||
+                           !script->scriptSource()->sourceRetrievable() ||
+                           fun->realm()->behaviors().discardSource());
+ 
+-            if (!out.append("() {\n    [sourceless code]\n}"))
++            if (!out.append("() {\n    [sourceless code]\n}")) {
+                 return nullptr;
++            }
+         } else {
+-            if (!out.append("() {\n    [native code]\n}"))
++            if (!out.append("() {\n    [native code]\n}")) {
+                 return nullptr;
++            }
+         }
+     }
+ 
+     if (addParentheses) {
+-        if (!out.append(')'))
++        if (!out.append(')')) {
+             return nullptr;
++        }
+     }
+ 
+     return out.finishString();
+ }
+ 
+ JSString*
+ fun_toStringHelper(JSContext* cx, HandleObject obj, bool isToSource)
+ {
+     if (!obj->is<JSFunction>()) {
+-        if (JSFunToStringOp op = obj->getOpsFunToString())
++        if (JSFunToStringOp op = obj->getOpsFunToString()) {
+             return op(cx, obj, isToSource);
++        }
+ 
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
+                                   JSMSG_INCOMPATIBLE_PROTO,
+                                   js_Function_str, js_toString_str, "object");
+         return nullptr;
+     }
+ 
+     RootedFunction fun(cx, &obj->as<JSFunction>());
+@@ -1094,59 +1176,65 @@ fun_toStringHelper(JSContext* cx, Handle
+ }
+ 
+ bool
+ js::FunctionHasDefaultHasInstance(JSFunction* fun, const WellKnownSymbols& symbols)
+ {
+     jsid id = SYMBOL_TO_JSID(symbols.hasInstance);
+     Shape* shape = fun->lookupPure(id);
+     if (shape) {
+-        if (!shape->isDataProperty())
++        if (!shape->isDataProperty()) {
+             return false;
++        }
+         const Value hasInstance = fun->as<NativeObject>().getSlot(shape->slot());
+         return IsNativeFunction(hasInstance, js::fun_symbolHasInstance);
+     }
+     return true;
+ }
+ 
+ bool
+ js::fun_toString(JSContext* cx, unsigned argc, Value* vp)
+ {
+     CallArgs args = CallArgsFromVp(argc, vp);
+     MOZ_ASSERT(IsFunctionObject(args.calleev()));
+ 
+     RootedObject obj(cx, ToObject(cx, args.thisv()));
+-    if (!obj)
++    if (!obj) {
+         return false;
++    }
+ 
+     JSString* str = fun_toStringHelper(cx, obj, /* isToSource = */ false);
+-    if (!str)
++    if (!str) {
+         return false;
++    }
+ 
+     args.rval().setString(str);
+     return true;
+ }
+ 
+ static bool
+ fun_toSource(JSContext* cx, unsigned argc, Value* vp)
+ {
+     CallArgs args = CallArgsFromVp(argc, vp);
+     MOZ_ASSERT(IsFunctionObject(args.calleev()));
+ 
+     RootedObject obj(cx, ToObject(cx, args.thisv()));
+-    if (!obj)
++    if (!obj) {
+         return false;
++    }
+ 
+     RootedString str(cx);
+-    if (obj->isCallable())
++    if (obj->isCallable()) {
+         str = fun_toStringHelper(cx, obj, /* isToSource = */ true);
+-    else
++    } else {
+         str = ObjectToSource(cx, obj);
+-    if (!str)
++    }
++    if (!str) {
+         return false;
++    }
+ 
+     args.rval().setString(str);
+     return true;
+ }
+ 
+ bool
+ js::fun_call(JSContext* cx, unsigned argc, Value* vp)
+ {
+@@ -1165,25 +1253,28 @@ js::fun_call(JSContext* cx, unsigned arg
+     // |Function.prototype.call| and would conclude, "Function.prototype.call
+     // is not a function".  Grotesque.)
+     if (!IsCallable(func)) {
+         ReportIncompatibleMethod(cx, args, &JSFunction::class_);
+         return false;
+     }
+ 
+     size_t argCount = args.length();
+-    if (argCount > 0)
++    if (argCount > 0) {
+         argCount--; // strip off provided |this|
++    }
+ 
+     InvokeArgs iargs(cx);
+-    if (!iargs.init(cx, argCount))
++    if (!iargs.init(cx, argCount)) {
+         return false;
+-
+-    for (size_t i = 0; i < argCount; i++)
++    }
++
++    for (size_t i = 0; i < argCount; i++) {
+         iargs[i].set(args[i + 1]);
++    }
+ 
+     return Call(cx, func, args.get(0), iargs, args.rval());
+ }
+ 
+ // ES5 15.3.4.3
+ bool
+ js::fun_apply(JSContext* cx, unsigned argc, Value* vp)
+ {
+@@ -1196,69 +1287,75 @@ js::fun_apply(JSContext* cx, unsigned ar
+     // have side effects or throw an exception.
+     HandleValue fval = args.thisv();
+     if (!IsCallable(fval)) {
+         ReportIncompatibleMethod(cx, args, &JSFunction::class_);
+         return false;
+     }
+ 
+     // Step 2.
+-    if (args.length() < 2 || args[1].isNullOrUndefined())
++    if (args.length() < 2 || args[1].isNullOrUndefined()) {
+         return fun_call(cx, (args.length() > 0) ? 1 : 0, vp);
++    }
+ 
+     InvokeArgs args2(cx);
+ 
+     // A JS_OPTIMIZED_ARGUMENTS magic value means that 'arguments' flows into
+     // this apply call from a scripted caller and, as an optimization, we've
+     // avoided creating it since apply can simply pull the argument values from
+     // the calling frame (which we must do now).
+     if (args[1].isMagic(JS_OPTIMIZED_ARGUMENTS)) {
+         // Step 3-6.
+         ScriptFrameIter iter(cx);
+         MOZ_ASSERT(iter.numActualArgs() <= ARGS_LENGTH_MAX);
+-        if (!args2.init(cx, iter.numActualArgs()))
++        if (!args2.init(cx, iter.numActualArgs())) {
+             return false;
++        }
+ 
+         // Steps 7-8.
+         iter.unaliasedForEachActual(cx, CopyTo(args2.array()));
+     } else {
+         // Step 3.
+         if (!args[1].isObject()) {
+             JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
+                                       JSMSG_BAD_APPLY_ARGS, js_apply_str);
+             return false;
+         }
+ 
+         // Steps 4-5 (note erratum removing steps originally numbered 5 and 7 in
+         // original version of ES5).
+         RootedObject aobj(cx, &args[1].toObject());
+         uint32_t length;
+-        if (!GetLengthProperty(cx, aobj, &length))
++        if (!GetLengthProperty(cx, aobj, &length)) {
+             return false;
++        }
+ 
+         // Step 6.
+-        if (!args2.init(cx, length))
++        if (!args2.init(cx, length)) {
+             return false;
++        }
+ 
+         MOZ_ASSERT(length <= ARGS_LENGTH_MAX);
+ 
+         // Steps 7-8.
+-        if (!GetElements(cx, aobj, length, args2.array()))
++        if (!GetElements(cx, aobj, length, args2.array())) {
+             return false;
++        }
+     }
+ 
+     // Step 9.
+     return Call(cx, fval, args[0], args2, args.rval());
+ }
+ 
+ bool
+ JSFunction::infallibleIsDefaultClassConstructor(JSContext* cx) const
+ {
+-    if (!isSelfHostedBuiltin())
++    if (!isSelfHostedBuiltin()) {
+         return false;
++    }
+ 
+     bool isDefault = false;
+     if (isInterpretedLazy()) {
+         JSAtom* name = &getExtendedSlot(LAZY_FUNCTION_NAME_SLOT).toString()->asAtom();
+         isDefault = name == cx->names().DefaultDerivedClassConstructor ||
+                     name == cx->names().DefaultBaseClassConstructor;
+     } else {
+         isDefault = nonLazyScript()->isDefaultClassConstructor();
+@@ -1292,18 +1389,19 @@ JSFunction::isDerivedClassConstructor()
+     MOZ_ASSERT_IF(derived, isClassConstructor());
+     return derived;
+ }
+ 
+ /* static */ bool
+ JSFunction::getLength(JSContext* cx, HandleFunction fun, uint16_t* length)
+ {
+     MOZ_ASSERT(!fun->isBoundFunction());
+-    if (fun->isInterpretedLazy() && !getOrCreateScript(cx, fun))
++    if (fun->isInterpretedLazy() && !getOrCreateScript(cx, fun)) {
+         return false;
++    }
+ 
+     *length = fun->isNative() ? fun->nargs() : fun->nonLazyScript()->funLength();
+     return true;
+ }
+ 
+ /* static */ bool
+ JSFunction::getUnresolvedLength(JSContext* cx, HandleFunction fun, MutableHandleValue v)
+ {
+@@ -1314,46 +1412,50 @@ JSFunction::getUnresolvedLength(JSContex
+     // they're handled differently from other functions.
+     if (fun->isBoundFunction()) {
+         MOZ_ASSERT(fun->getExtendedSlot(BOUND_FUN_LENGTH_SLOT).isNumber());
+         v.set(fun->getExtendedSlot(BOUND_FUN_LENGTH_SLOT));
+         return true;
+     }
+ 
+     uint16_t length;
+-    if (!JSFunction::getLength(cx, fun, &length))
++    if (!JSFunction::getLength(cx, fun, &length)) {
+         return false;
++    }
+ 
+     v.setInt32(length);
+     return true;
+ }
+ 
+ JSAtom*
+ JSFunction::infallibleGetUnresolvedName(JSContext* cx)
+ {
+     MOZ_ASSERT(!IsInternalFunctionObject(*this));
+     MOZ_ASSERT(!hasResolvedName());
+ 
+-    if (JSAtom* name = explicitOrInferredName())
++    if (JSAtom* name = explicitOrInferredName()) {
+         return name;
++    }
+ 
+     // Unnamed class expressions should not get a .name property at all.
+-    if (isClassConstructor())
++    if (isClassConstructor()) {
+         return nullptr;
++    }
+ 
+     return cx->names().empty;
+ }
+ 
+ /* static */ bool
+ JSFunction::getUnresolvedName(JSContext* cx, HandleFunction fun, MutableHandleString v)
+ {
+     if (fun->isBoundFunction()) {
+         JSLinearString* name = JSFunction::getBoundFunctionName(cx, fun);
+-        if (!name)
++        if (!name) {
+             return false;
++        }
+ 
+         v.set(name);
+         return true;
+     }
+ 
+     v.set(fun->infallibleGetUnresolvedName(cx));
+     return true;
+ }
+@@ -1363,55 +1465,61 @@ JSFunction::getBoundFunctionName(JSConte
+ {
+     MOZ_ASSERT(fun->isBoundFunction());
+     JSAtom* name = fun->explicitName();
+ 
+     // Bound functions are never unnamed.
+     MOZ_ASSERT(name);
+ 
+     // If the bound function prefix is present, return the name as is.
+-    if (fun->hasBoundFunctionNamePrefix())
++    if (fun->hasBoundFunctionNamePrefix()) {
+         return name;
++    }
+ 
+     // Otherwise return "bound " * (number of bound function targets) + name.
+     size_t boundTargets = 0;
+     for (JSFunction* boundFn = fun; boundFn->isBoundFunction(); ) {
+         boundTargets++;
+ 
+         JSObject* target = boundFn->getBoundFunctionTarget();
+-        if (!target->is<JSFunction>())
++        if (!target->is<JSFunction>()) {
+             break;
++        }
+         boundFn = &target->as<JSFunction>();
+     }
+ 
+     // |function /*unnamed*/ (){...}.bind()| is a common case, handle it here.
+-    if (name->empty() && boundTargets == 1)
++    if (name->empty() && boundTargets == 1) {
+         return cx->names().boundWithSpace;
++    }
+ 
+     static constexpr char boundWithSpaceChars[] = "bound ";
+     static constexpr size_t boundWithSpaceCharsLength =
+         ArrayLength(boundWithSpaceChars) - 1; // No trailing '\0'.
+     MOZ_ASSERT(StringEqualsAscii(cx->names().boundWithSpace, boundWithSpaceChars));
+ 
+     StringBuffer sb(cx);
+-    if (name->hasTwoByteChars() && !sb.ensureTwoByteChars())
++    if (name->hasTwoByteChars() && !sb.ensureTwoByteChars()) {
+         return nullptr;
++    }
+ 
+     CheckedInt<size_t> len(boundTargets);
+     len *= boundWithSpaceCharsLength;
+     len += name->length();
+     if (!len.isValid()) {
+         ReportAllocationOverflow(cx);
+         return nullptr;
+     }
+-    if (!sb.reserve(len.value()))
++    if (!sb.reserve(len.value())) {
+         return nullptr;
+-
+-    while (boundTargets--)
++    }
++
++    while (boundTargets--) {
+         sb.infallibleAppend(boundWithSpaceChars, boundWithSpaceCharsLength);
++    }
+     sb.infallibleAppendSubstring(name, 0, name->length());
+ 
+     return sb.finishString();
+ }
+ 
+ static const js::Value&
+ BoundFunctionEnvironmentSlotValue(const JSFunction* fun, uint32_t slotIndex)
+ {
+@@ -1457,69 +1565,77 @@ JSFunction::getBoundFunctionArgumentCoun
+ 
+ static JSAtom*
+ AppendBoundFunctionPrefix(JSContext* cx, JSString* str)
+ {
+     static constexpr char boundWithSpaceChars[] = "bound ";
+     MOZ_ASSERT(StringEqualsAscii(cx->names().boundWithSpace, boundWithSpaceChars));
+ 
+     StringBuffer sb(cx);
+-    if (!sb.append(boundWithSpaceChars) || !sb.append(str))
++    if (!sb.append(boundWithSpaceChars) || !sb.append(str)) {
+         return nullptr;
++    }
+     return sb.finishAtom();
+ }
+ 
+ /* static */ bool
+ JSFunction::finishBoundFunctionInit(JSContext* cx, HandleFunction bound, HandleObject targetObj,
+                                     int32_t argCount)
+ {
+     bound->setIsBoundFunction();
+     MOZ_ASSERT(bound->getBoundFunctionTarget() == targetObj);
+ 
+     // 9.4.1.3 BoundFunctionCreate, steps 1, 3-5, 8-12 (Already performed).
+ 
+     // 9.4.1.3 BoundFunctionCreate, step 6.
+-    if (targetObj->isConstructor())
++    if (targetObj->isConstructor()) {
+         bound->setIsConstructor();
++    }
+ 
+     // 9.4.1.3 BoundFunctionCreate, step 2.
+     RootedObject proto(cx);
+-    if (!GetPrototype(cx, targetObj, &proto))
++    if (!GetPrototype(cx, targetObj, &proto)) {
+         return false;
++    }
+ 
+     // 9.4.1.3 BoundFunctionCreate, step 7.
+     if (bound->staticPrototype() != proto) {
+-        if (!SetPrototype(cx, bound, proto))
++        if (!SetPrototype(cx, bound, proto)) {
+             return false;
++        }
+     }
+ 
+     double length = 0.0;
+ 
+     // Try to avoid invoking the resolve hook.
+     if (targetObj->is<JSFunction>() && !targetObj->as<JSFunction>().hasResolvedLength()) {
+         RootedValue targetLength(cx);
+-        if (!JSFunction::getUnresolvedLength(cx, targetObj.as<JSFunction>(), &targetLength))
++        if (!JSFunction::getUnresolvedLength(cx, targetObj.as<JSFunction>(), &targetLength)) {
+             return false;
++        }
+ 
+         length = Max(0.0, targetLength.toNumber() - argCount);
+     } else {
+         // 19.2.3.2 Function.prototype.bind, step 5.
+         bool hasLength;
+         RootedId idRoot(cx, NameToId(cx->names().length));
+-        if (!HasOwnProperty(cx, targetObj, idRoot, &hasLength))
++        if (!HasOwnProperty(cx, targetObj, idRoot, &hasLength)) {
+             return false;
++        }
+ 
+         // 19.2.3.2 Function.prototype.bind, step 6.
+         if (hasLength) {
+             RootedValue targetLength(cx);
+-            if (!GetProperty(cx, targetObj, targetObj, idRoot, &targetLength))
++            if (!GetProperty(cx, targetObj, targetObj, idRoot, &targetLength)) {
+                 return false;
+-
+-            if (targetLength.isNumber())
++            }
++
++            if (targetLength.isNumber()) {
+                 length = Max(0.0, JS::ToInteger(targetLength.toNumber()) - argCount);
++            }
+         }
+ 
+         // 19.2.3.2 Function.prototype.bind, step 7 (implicit).
+     }
+ 
+     // 19.2.3.2 Function.prototype.bind, step 8.
+     bound->setExtendedSlot(BOUND_FUN_LENGTH_SLOT, NumberValue(length));
+ 
+@@ -1530,50 +1646,56 @@ JSFunction::finishBoundFunctionInit(JSCo
+     if (targetObj->is<JSFunction>() && !targetObj->as<JSFunction>().hasResolvedName()) {
+         JSFunction* targetFn = &targetObj->as<JSFunction>();
+ 
+         // If the target is a bound function with a prefixed name, we can't
+         // lazily compute the full name in getBoundFunctionName(), therefore
+         // we need to append the bound function name prefix here.
+         if (targetFn->isBoundFunction() && targetFn->hasBoundFunctionNamePrefix()) {
+             name = AppendBoundFunctionPrefix(cx, targetFn->explicitName());
+-            if (!name)
++            if (!name) {
+                 return false;
++            }
+             bound->setPrefixedBoundFunctionName(name);
+         } else {
+             name = targetFn->infallibleGetUnresolvedName(cx);
+-            if (name)
++            if (name) {
+                 bound->setAtom(name);
++            }
+         }
+     }
+ 
+     // 19.2.3.2 Function.prototype.bind, steps 9-11.
+     if (!name) {
+         // 19.2.3.2 Function.prototype.bind, step 9.
+         RootedValue targetName(cx);
+-        if (!GetProperty(cx, targetObj, targetObj, cx->names().name, &targetName))
++        if (!GetProperty(cx, targetObj, targetObj, cx->names().name, &targetName)) {
+             return false;
++        }
+ 
+         // 19.2.3.2 Function.prototype.bind, step 10.
+-        if (!targetName.isString())
++        if (!targetName.isString()) {
+             targetName.setString(cx->names().empty);
++        }
+ 
+         // If the target itself is a bound function (with a resolved name), we
+         // can't compute the full name in getBoundFunctionName() based only on
+         // the number of bound target functions, therefore we need to store
+         // the complete prefixed name here.
+         if (targetObj->is<JSFunction>() && targetObj->as<JSFunction>().isBoundFunction()) {
+             name = AppendBoundFunctionPrefix(cx, targetName.toString());
+-            if (!name)
++            if (!name) {
+                 return false;
++            }
+             bound->setPrefixedBoundFunctionName(name);
+         } else {
+             name = AtomizeString(cx, targetName.toString());
+-            if (!name)
++            if (!name) {
+                 return false;
++            }
+             bound->setAtom(name);
+         }
+     }
+ 
+     return true;
+ }
+ 
+ /* static */ bool
+@@ -1597,63 +1719,68 @@ JSFunction::createScriptForLazilyInterpr
+         bool canRelazify = !lazy->numInnerFunctions() && !lazy->hasDirectEval();
+ 
+         if (script) {
+             // This function is non-canonical function, and the canonical
+             // function is already delazified.
+             fun->setUnlazifiedScript(script);
+             // Remember the lazy script on the compiled script, so it can be
+             // stored on the function again in case of re-lazification.
+-            if (canRelazify)
++            if (canRelazify) {
+                 script->setLazyScript(lazy);
++            }
+             return true;
+         }
+ 
+         if (fun != lazy->functionNonDelazifying()) {
+             // This function is non-canonical function, and the canonical
+             // function is lazy.
+             // Delazify the canonical function, which will result in calling
+             // this function again with the canonical function.
+-            if (!LazyScript::functionDelazifying(cx, lazy))
++            if (!LazyScript::functionDelazifying(cx, lazy)) {
+                 return false;
++            }
+             script = lazy->functionNonDelazifying()->nonLazyScript();
+-            if (!script)
++            if (!script) {
+                 return false;
++            }
+ 
+             fun->setUnlazifiedScript(script);
+             return true;
+         }
+ 
+         // This is lazy canonical-function.
+ 
+         MOZ_ASSERT(lazy->scriptSource()->hasSourceData());
+ 
+         // Parse and compile the script from source.
+         size_t lazyLength = lazy->sourceEnd() - lazy->sourceStart();
+         UncompressedSourceCache::AutoHoldEntry holder;
+         ScriptSource::PinnedChars chars(cx, lazy->scriptSource(), holder,
+                                         lazy->sourceStart(), lazyLength);
+-        if (!chars.get())
++        if (!chars.get()) {
+             return false;
++        }
+ 
+         if (!frontend::CompileLazyFunction(cx, lazy, chars.get(), lazyLength)) {
+             // The frontend shouldn't fail after linking the function and the
+             // non-lazy script together.
+             MOZ_ASSERT(fun->isInterpretedLazy());
+             MOZ_ASSERT(fun->lazyScript() == lazy);
+             MOZ_ASSERT(!lazy->hasScript());
+             return false;
+         }
+ 
+         script = fun->nonLazyScript();
+ 
+         // Remember the compiled script on the lazy script itself, in case
+         // there are clones of the function still pointing to the lazy script.
+-        if (!lazy->maybeScript())
++        if (!lazy->maybeScript()) {
+             lazy->initScript(script);
++        }
+ 
+         // Try to insert the newly compiled script into the lazy script cache.
+         if (canRelazify) {
+             // A script's starting column isn't set by the bytecode emitter, so
+             // specify this from the lazy script so that if an identical lazy
+             // script is encountered later a match can be determined.
+             script->setColumn(lazy->column());
+ 
+@@ -1661,66 +1788,73 @@ JSFunction::createScriptForLazilyInterpr
+             // stored on the function again in case of re-lazification.
+             // Only functions without inner functions are re-lazified.
+             script->setLazyScript(lazy);
+         }
+ 
+         // XDR the newly delazified function.
+         if (script->scriptSource()->hasEncoder()) {
+             RootedScriptSourceObject sourceObject(cx, &lazy->sourceObject());
+-            if (!script->scriptSource()->xdrEncodeFunction(cx, fun, sourceObject))
++            if (!script->scriptSource()->xdrEncodeFunction(cx, fun, sourceObject)) {
+                 return false;
++            }
+         }
+ 
+         return true;
+     }
+ 
+     /* Lazily cloned self-hosted script. */
+     MOZ_ASSERT(fun->isSelfHostedBuiltin());
+     RootedAtom funAtom(cx, &fun->getExtendedSlot(LAZY_FUNCTION_NAME_SLOT).toString()->asAtom());
+-    if (!funAtom)
++    if (!funAtom) {
+         return false;
++    }
+     Rooted<PropertyName*> funName(cx, funAtom->asPropertyName());
+     return cx->runtime()->cloneSelfHostedFunctionScript(cx, funName, fun);
+ }
+ 
+ void
+ JSFunction::maybeRelazify(JSRuntime* rt)
+ {
+     // Try to relazify functions with a non-lazy script. Note: functions can be
+     // marked as interpreted despite having no script yet at some points when
+     // parsing.
+-    if (!hasScript() || !u.scripted.s.script_)
++    if (!hasScript() || !u.scripted.s.script_) {
+         return;
++    }
+ 
+     // Don't relazify functions in compartments that are active.
+     Realm* realm = this->realm();
+     if (!rt->allowRelazificationForTesting) {
+-        if (realm->compartment()->gcState.hasEnteredRealm)
++        if (realm->compartment()->gcState.hasEnteredRealm) {
+             return;
++        }
+ 
+         MOZ_ASSERT(!realm->hasBeenEnteredIgnoringJit());
+     }
+ 
+     // The caller should have checked we're not in the self-hosting zone (it's
+     // shared with worker runtimes so relazifying functions in it will race).
+     MOZ_ASSERT(!realm->isSelfHostingRealm());
+ 
+     // Don't relazify if the realm is being debugged.
+-    if (realm->isDebuggee())
++    if (realm->isDebuggee()) {
+         return;
++    }
+ 
+     // Don't relazify if the realm and/or runtime is instrumented to
+     // collect code coverage for analysis.
+-    if (realm->collectCoverageForDebug())
++    if (realm->collectCoverageForDebug()) {
+         return;
++    }
+ 
+     // Don't relazify functions with JIT code.
+-    if (!u.scripted.s.script_->isRelazifiable())
++    if (!u.scripted.s.script_->isRelazifiable()) {
+         return;
++    }
+ 
+     // To delazify self-hosted builtins we need the name of the function
+     // to clone. This name is stored in the first extended slot. Since
+     // that slot is sometimes also used for other purposes, make sure it
+     // contains a string.
+     if (isSelfHostedBuiltin() &&
+         (!isExtended() || !getExtendedSlot(LAZY_FUNCTION_NAME_SLOT).isString()))
+     {
+@@ -1771,101 +1905,116 @@ CreateDynamicFunction(JSContext* cx, con
+     unsigned lineno;
+     bool mutedErrors;
+     uint32_t pcOffset;
+     DescribeScriptedCallerForCompilation(cx, &maybeScript, &filename, &lineno, &pcOffset,
+                                          &mutedErrors);
+ 
+     const char* introductionType = "Function";
+     if (isAsync) {
+-        if (isGenerator)
++        if (isGenerator) {
+             introductionType = "AsyncGenerator";
+-        else
++        } else {
+             introductionType = "AsyncFunction";
++        }
+     } else if (isGenerator) {
+         introductionType = "GeneratorFunction";
+     }
+ 
+     const char* introducerFilename = filename;
+-    if (maybeScript && maybeScript->scriptSource()->introducerFilename())
++    if (maybeScript && maybeScript->scriptSource()->introducerFilename()) {
+         introducerFilename = maybeScript->scriptSource()->introducerFilename();
++    }
+ 
+     CompileOptions options(cx);
+     options.setMutedErrors(mutedErrors)
+            .setFileAndLine(filename, 1)
+            .setNoScriptRval(false)
+            .setIntroductionInfo(introducerFilename, introductionType, lineno, maybeScript, pcOffset);
+ 
+     StringBuffer sb(cx);
+ 
+     if (isAsync) {
+-        if (!sb.append("async "))
++        if (!sb.append("async ")) {
+             return false;
++        }
+     }
+-    if (!sb.append("function"))
++    if (!sb.append("function")) {
+          return false;
++    }
+     if (isGenerator) {
+-        if (!sb.append('*'))
++        if (!sb.append('*')) {
+             return false;
++        }
+     }
+ 
+-    if (!sb.append(" anonymous("))
++    if (!sb.append(" anonymous(")) {
+         return false;
++    }
+ 
+     if (args.length() > 1) {
+         RootedString str(cx);
+ 
+         // Steps 10, 14.d.
+         unsigned n = args.length() - 1;
+ 
+         for (unsigned i = 0; i < n; i++) {
+             // Steps 14.a-b, 14.d.i-ii.
+             str = ToString<CanGC>(cx, args[i]);
+-            if (!str)
++            if (!str) {
+                 return false;
++            }
+ 
+             // Steps 14.b, 14.d.iii.
+-            if (!sb.append(str))
++            if (!sb.append(str)) {
+                  return false;
++            }
+ 
+             if (i < args.length() - 2) {
+                 // Step 14.d.iii.
+-                if (!sb.append(','))
++                if (!sb.append(',')) {
+                     return false;
++                }
+             }
+         }
+     }
+ 
+-    if (!sb.append('\n'))
++    if (!sb.append('\n')) {
+         return false;
++    }
+ 
+     // Remember the position of ")".
+     Maybe<uint32_t> parameterListEnd = Some(uint32_t(sb.length()));
+     MOZ_ASSERT(FunctionConstructorMedialSigils[0] == ')');
+ 
+-    if (!sb.append(FunctionConstructorMedialSigils))
++    if (!sb.append(FunctionConstructorMedialSigils)) {
+         return false;
++    }
+ 
+     if (args.length() > 0) {
+         // Steps 13, 14.e, 15.
+         RootedString body(cx, ToString<CanGC>(cx, args[args.length() - 1]));
+-        if (!body || !sb.append(body))
++        if (!body || !sb.append(body)) {
+              return false;
++        }
+      }
+ 
+-    if (!sb.append(FunctionConstructorFinalBrace))
++    if (!sb.append(FunctionConstructorFinalBrace)) {
+         return false;
++    }
+ 
+     // The parser only accepts two byte strings.
+-    if (!sb.ensureTwoByteChars())
++    if (!sb.ensureTwoByteChars()) {
+         return false;
++    }
+ 
+     RootedString functionText(cx, sb.finishString());
+-    if (!functionText)
++    if (!functionText) {
+         return false;
++    }
+ 
+     // Block this call if security callbacks forbid it.
+     Handle<GlobalObject*> global = cx->global();
+     RootedValue v(cx, StringValue(functionText));
+     if (!GlobalObject::isRuntimeCodeGenEnabled(cx, v, global)) {
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_CSP_BLOCKED_FUNCTION);
+         return false;
+     }
+@@ -1880,92 +2029,103 @@ CreateDynamicFunction(JSContext* cx, con
+ 
+     // Initialize the function with the default prototype:
+     // Leave as nullptr to get the default from clasp for normal functions.
+     // Use %Generator% for generators and the unwrapped function of async
+     // functions and async generators.
+     RootedObject defaultProto(cx);
+     if (isGenerator || isAsync) {
+         defaultProto = GlobalObject::getOrCreateGeneratorFunctionPrototype(cx, global);
+-        if (!defaultProto)
++        if (!defaultProto) {
+             return false;
++        }
+     }
+ 
+     // Step 30-37 (reordered).
+     RootedObject globalLexical(cx, &global->lexicalEnvironment());
+     JSFunction::Flags flags = (isGenerator || isAsync)
+                               ? JSFunction::INTERPRETED_LAMBDA_GENERATOR_OR_ASYNC
+                               : JSFunction::INTERPRETED_LAMBDA;
+     gc::AllocKind allocKind = isAsync ? gc::AllocKind::FUNCTION_EXTENDED
+                                       : gc::AllocKind::FUNCTION;
+     RootedFunction fun(cx, NewFunctionWithProto(cx, nullptr, 0,
+                                                 flags, globalLexical,
+                                                 anonymousAtom, defaultProto,
+                                                 allocKind, TenuredObject));
+-    if (!fun)
++    if (!fun) {
+         return false;
+-
+-    if (!JSFunction::setTypeForScriptedFunction(cx, fun))
++    }
++
++    if (!JSFunction::setTypeForScriptedFunction(cx, fun)) {
+         return false;
++    }
+ 
+     // Steps 7.a-b, 8.a-b, 9.a-b, 16-28.
+     AutoStableStringChars stableChars(cx);
+-    if (!stableChars.initTwoByte(cx, functionText))
++    if (!stableChars.initTwoByte(cx, functionText)) {
+         return false;
++    }
+ 
+     mozilla::Range<const char16_t> chars = stableChars.twoByteRange();
+     SourceBufferHolder::Ownership ownership = stableChars.maybeGiveOwnershipToCaller()
+                                               ? SourceBufferHolder::GiveOwnership
+                                               : SourceBufferHolder::NoOwnership;
+     SourceBufferHolder srcBuf(chars.begin().get(), chars.length(), ownership);
+     if (isAsync) {
+         if (isGenerator) {
+-            if (!CompileStandaloneAsyncGenerator(cx, &fun, options, srcBuf, parameterListEnd))
++            if (!CompileStandaloneAsyncGenerator(cx, &fun, options, srcBuf, parameterListEnd)) {
+                 return false;
++            }
+         } else {
+-            if (!CompileStandaloneAsyncFunction(cx, &fun, options, srcBuf, parameterListEnd))
++            if (!CompileStandaloneAsyncFunction(cx, &fun, options, srcBuf, parameterListEnd)) {
+                 return false;
++            }
+         }
+     } else {
+         if (isGenerator) {
+-            if (!CompileStandaloneGenerator(cx, &fun, options, srcBuf, parameterListEnd))
++            if (!CompileStandaloneGenerator(cx, &fun, options, srcBuf, parameterListEnd)) {
+                 return false;
++            }
+         } else {
+-            if (!CompileStandaloneFunction(cx, &fun, options, srcBuf, parameterListEnd))
++            if (!CompileStandaloneFunction(cx, &fun, options, srcBuf, parameterListEnd)) {
+                 return false;
++            }
+         }
+     }
+ 
+     // Steps 6, 29.
+     RootedObject proto(cx);
+-    if (!GetPrototypeFromBuiltinConstructor(cx, args, &proto))
++    if (!GetPrototypeFromBuiltinConstructor(cx, args, &proto)) {
+         return false;
++    }
+ 
+     if (isAsync) {
+         // Create the async function wrapper.
+         JSObject* wrapped;
+         if (isGenerator) {
+             wrapped = proto
+                       ? WrapAsyncGeneratorWithProto(cx, fun, proto)
+                       : WrapAsyncGenerator(cx, fun);
+         } else {
+             // Step 9.d, use %AsyncFunctionPrototype% as the fallback prototype.
+             wrapped = proto
+                       ? WrapAsyncFunctionWithProto(cx, fun, proto)
+                       : WrapAsyncFunction(cx, fun);
+         }
+-        if (!wrapped)
++        if (!wrapped) {
+             return false;
++        }
+ 
+         fun = &wrapped->as<JSFunction>();
+     } else {
+         // Steps 7.d, 8.d (implicit).
+         // Call SetPrototype if an explicit prototype was given.
+-        if (proto && !SetPrototype(cx, fun, proto))
++        if (proto && !SetPrototype(cx, fun, proto)) {
+             return false;
++        }
+     }
+ 
+     // Step 38.
+     args.rval().setObject(*fun);
+     return true;
+ }
+ 
+ bool
+@@ -2006,63 +2166,70 @@ JSFunction::isBuiltinFunctionConstructor
+     return maybeNative() == Function || maybeNative() == Generator;
+ }
+ 
+ bool
+ JSFunction::needsExtraBodyVarEnvironment() const
+ {
+     MOZ_ASSERT(!isInterpretedLazy());
+ 
+-    if (isNative())
++    if (isNative()) {
+         return false;
+-
+-    if (!nonLazyScript()->functionHasExtraBodyVarScope())
++    }
++
++    if (!nonLazyScript()->functionHasExtraBodyVarScope()) {
+         return false;
++    }
+ 
+     return nonLazyScript()->functionExtraBodyVarScope()->hasEnvironment();
+ }
+ 
+ bool
+ JSFunction::needsNamedLambdaEnvironment() const
+ {
+     MOZ_ASSERT(!isInterpretedLazy());
+ 
+-    if (!isNamedLambda())
++    if (!isNamedLambda()) {
+         return false;
++    }
+ 
+     LexicalScope* scope = nonLazyScript()->maybeNamedLambdaScope();
+-    if (!scope)
++    if (!scope) {
+         return false;
++    }
+ 
+     return scope->hasEnvironment();
+ }
+ 
+ JSFunction*
+ js::NewScriptedFunction(JSContext* cx, unsigned nargs,
+                         JSFunction::Flags flags, HandleAtom atom,
+                         HandleObject proto /* = nullptr */,
+                         gc::AllocKind allocKind /* = AllocKind::FUNCTION */,
+                         NewObjectKind newKind /* = GenericObject */,
+                         HandleObject enclosingEnvArg /* = nullptr */)
+ {
+     RootedObject enclosingEnv(cx, enclosingEnvArg);
+-    if (!enclosingEnv)
++    if (!enclosingEnv) {
+         enclosingEnv = &cx->global()->lexicalEnvironment();
++    }
+     return NewFunctionWithProto(cx, nullptr, nargs, flags, enclosingEnv,
+                                 atom, proto, allocKind, newKind);
+ }
+ 
+ #ifdef DEBUG
+ static JSObject*
+ SkipEnvironmentObjects(JSObject* env)
+ {
+-    if (!env)
++    if (!env) {
+         return nullptr;
+-    while (env->is<EnvironmentObject>())
++    }
++    while (env->is<EnvironmentObject>()) {
+         env = &env->as<EnvironmentObject>().enclosingEnvironment();
++    }
+     return env;
+ }
+ 
+ static bool
+ NewFunctionEnvironmentIsWellFormed(JSContext* cx, HandleObject env)
+ {
+     // Assert that the terminating environment is null, global, or a debug
+     // scope proxy. All other cases of polluting global scope behavior are
+@@ -2082,42 +2249,47 @@ js::NewFunctionWithProto(JSContext* cx, 
+                          NewObjectKind newKind /* = GenericObject */)
+ {
+     MOZ_ASSERT(allocKind == gc::AllocKind::FUNCTION ||
+                allocKind == gc::AllocKind::FUNCTION_EXTENDED);
+     MOZ_ASSERT_IF(native, !enclosingEnv);
+     MOZ_ASSERT(NewFunctionEnvironmentIsWellFormed(cx, enclosingEnv));
+ 
+     JSFunction* fun = NewObjectWithClassProto<JSFunction>(cx, proto, allocKind, newKind);
+-    if (!fun)
++    if (!fun) {
+         return nullptr;
+-
+-    if (allocKind == gc::AllocKind::FUNCTION_EXTENDED)
++    }
++
++    if (allocKind == gc::AllocKind::FUNCTION_EXTENDED) {
+         flags = JSFunction::Flags(flags | JSFunction::EXTENDED);
++    }
+ 
+     /* Initialize all function members. */
+     fun->setArgCount(uint16_t(nargs));
+     fun->setFlags(flags);
+     if (fun->isInterpreted()) {
+         MOZ_ASSERT(!native);
+-        if (fun->isInterpretedLazy())
++        if (fun->isInterpretedLazy()) {
+             fun->initLazyScript(nullptr);
+-        else
++        } else {
+             fun->initScript(nullptr);
++        }
+         fun->initEnvironment(enclosingEnv);
+     } else {
+         MOZ_ASSERT(fun->isNative());
+         MOZ_ASSERT(native);
+-        if (fun->isWasmOptimized())
++        if (fun->isWasmOptimized()) {
+             fun->initWasmNative(native);
+-        else
++        } else {
+             fun->initNative(native, nullptr);
++        }
+     }
+-    if (allocKind == gc::AllocKind::FUNCTION_EXTENDED)
++    if (allocKind == gc::AllocKind::FUNCTION_EXTENDED) {
+         fun->initializeExtended();
++    }
+     fun->initAtom(atom);
+ 
+     return fun;
+ }
+ 
+ bool
+ js::CanReuseScriptForClone(JS::Realm* realm, HandleFunction fun,
+                            HandleObject newParent)
+@@ -2126,76 +2298,83 @@ js::CanReuseScriptForClone(JS::Realm* re
+ 
+     if (realm != fun->realm() ||
+         fun->isSingleton() ||
+         ObjectGroup::useSingletonForClone(fun))
+     {
+         return false;
+     }
+ 
+-    if (newParent->is<GlobalObject>())
++    if (newParent->is<GlobalObject>()) {
+         return true;
++    }
+ 
+     // Don't need to clone the script if newParent is a syntactic scope, since
+     // in that case we have some actual scope objects on our scope chain and
+     // whatnot; whoever put them there should be responsible for setting our
+     // script's flags appropriately.  We hit this case for JSOP_LAMBDA, for
+     // example.
+-    if (IsSyntacticEnvironment(newParent))
++    if (IsSyntacticEnvironment(newParent)) {
+         return true;
++    }
+ 
+     // We need to clone the script if we're not already marked as having a
+     // non-syntactic scope.
+     return fun->hasScript()
+         ? fun->nonLazyScript()->hasNonSyntacticScope()
+         : fun->lazyScript()->hasNonSyntacticScope();
+ }
+ 
+ static inline JSFunction*
+ NewFunctionClone(JSContext* cx, HandleFunction fun, NewObjectKind newKind,
+                  gc::AllocKind allocKind, HandleObject proto)
+ {
+     RootedObject cloneProto(cx, proto);
+     if (!proto && (fun->isGenerator() || fun->isAsync())) {
+         cloneProto = GlobalObject::getOrCreateGeneratorFunctionPrototype(cx, cx->global());
+-        if (!cloneProto)
++        if (!cloneProto) {
+             return nullptr;
++        }
+     }
+ 
+     RootedFunction clone(cx);
+     clone = NewObjectWithClassProto<JSFunction>(cx, cloneProto, allocKind, newKind);
+-    if (!clone)
++    if (!clone) {
+         return nullptr;
++    }
+ 
+     // JSFunction::HAS_INFERRED_NAME can be set at compile-time and at
+     // runtime. In the latter case we should actually clear the flag before
+     // cloning the function, but since we can't differentiate between both
+     // cases here, we'll end up with a momentarily incorrect function name.
+     // This will be fixed up in SetFunctionNameIfNoOwnName(), which should
+     // happen through JSOP_SETFUNNAME directly after JSOP_LAMBDA.
+     constexpr uint16_t NonCloneableFlags = JSFunction::EXTENDED |
+                                            JSFunction::RESOLVED_LENGTH |
+                                            JSFunction::RESOLVED_NAME;
+ 
+     uint16_t flags = fun->flags() & ~NonCloneableFlags;
+-    if (allocKind == gc::AllocKind::FUNCTION_EXTENDED)
++    if (allocKind == gc::AllocKind::FUNCTION_EXTENDED) {
+         flags |= JSFunction::EXTENDED;
++    }
+ 
+     clone->setArgCount(fun->nargs());
+     clone->setFlags(flags);
+ 
+     JSAtom* atom = fun->displayAtom();
+-    if (atom)
++    if (atom) {
+         cx->markAtom(atom);
++    }
+     clone->initAtom(atom);
+ 
+     if (allocKind == gc::AllocKind::FUNCTION_EXTENDED) {
+         if (fun->isExtended() && fun->compartment() == cx->compartment()) {
+-            for (unsigned i = 0; i < FunctionExtended::NUM_EXTENDED_SLOTS; i++)
++            for (unsigned i = 0; i < FunctionExtended::NUM_EXTENDED_SLOTS; i++) {
+                 clone->initExtendedSlot(i, fun->getExtendedSlot(i));
++            }
+         } else {
+             clone->initializeExtended();
+         }
+     }
+ 
+     return clone;
+ }
+ 
+@@ -2206,99 +2385,106 @@ js::CloneFunctionReuseScript(JSContext* 
+                              HandleObject proto /* = nullptr */)
+ {
+     MOZ_ASSERT(NewFunctionEnvironmentIsWellFormed(cx, enclosingEnv));
+     MOZ_ASSERT(fun->isInterpreted());
+     MOZ_ASSERT(!fun->isBoundFunction());
+     MOZ_ASSERT(CanReuseScriptForClone(cx->realm(), fun, enclosingEnv));
+ 
+     RootedFunction clone(cx, NewFunctionClone(cx, fun, newKind, allocKind, proto));
+-    if (!clone)
++    if (!clone) {
+         return nullptr;
++    }
+ 
+     if (fun->hasScript()) {
+         clone->initScript(fun->nonLazyScript());
+         clone->initEnvironment(enclosingEnv);
+     } else {
+         MOZ_ASSERT(fun->isInterpretedLazy());
+         MOZ_ASSERT(fun->compartment() == clone->compartment());
+         LazyScript* lazy = fun->lazyScriptOrNull();
+         clone->initLazyScript(lazy);
+         clone->initEnvironment(enclosingEnv);
+     }
+ 
+     /*
+      * Clone the function, reusing its script. We can use the same group as
+      * the original function provided that its prototype is correct.
+      */
+-    if (fun->staticPrototype() == clone->staticPrototype())
++    if (fun->staticPrototype() == clone->staticPrototype()) {
+         clone->setGroup(fun->group());
++    }
+     return clone;
+ }
+ 
+ JSFunction*
+ js::CloneFunctionAndScript(JSContext* cx, HandleFunction fun, HandleObject enclosingEnv,
+                            HandleScope newScope, gc::AllocKind allocKind /* = FUNCTION */,
+                            HandleObject proto /* = nullptr */)
+ {
+     MOZ_ASSERT(NewFunctionEnvironmentIsWellFormed(cx, enclosingEnv));
+     MOZ_ASSERT(fun->isInterpreted());
+     MOZ_ASSERT(!fun->isBoundFunction());
+ 
+     JSScript::AutoDelazify funScript(cx, fun);
+-    if (!funScript)
++    if (!funScript) {
+         return nullptr;
++    }
+ 
+     RootedFunction clone(cx, NewFunctionClone(cx, fun, SingletonObject, allocKind, proto));
+-    if (!clone)
++    if (!clone) {
+         return nullptr;
++    }
+ 
+     clone->initScript(nullptr);
+     clone->initEnvironment(enclosingEnv);
+ 
+     /*
+      * Across compartments or if we have to introduce a non-syntactic scope we
+      * have to clone the script for interpreted functions. Cross-compartment
+      * cloning only happens via JSAPI (JS::CloneFunctionObject) which
+      * dynamically ensures that 'script' has no enclosing lexical scope (only
+      * the global scope or other non-lexical scope).
+      */
+ #ifdef DEBUG
+     RootedObject terminatingEnv(cx, enclosingEnv);
+-    while (IsSyntacticEnvironment(terminatingEnv))
++    while (IsSyntacticEnvironment(terminatingEnv)) {
+         terminatingEnv = terminatingEnv->enclosingEnvironment();
++    }
+     MOZ_ASSERT_IF(!terminatingEnv->is<GlobalObject>(),
+                   newScope->hasOnChain(ScopeKind::NonSyntactic));
+ #endif
+ 
+     RootedScript script(cx, fun->nonLazyScript());
+     MOZ_ASSERT(script->realm() == fun->realm());
+     MOZ_ASSERT(cx->compartment() == clone->compartment(),
+                "Otherwise we could relazify clone below!");
+ 
+     RootedScript clonedScript(cx, CloneScriptIntoFunction(cx, newScope, clone, script));
+-    if (!clonedScript)
++    if (!clonedScript) {
+         return nullptr;
++    }
+     Debugger::onNewScript(cx, clonedScript);
+ 
+     return clone;
+ }
+ 
+ JSFunction*
+ js::CloneAsmJSModuleFunction(JSContext* cx, HandleFunction fun)
+ {
+     MOZ_ASSERT(fun->isNative());
+     MOZ_ASSERT(IsAsmJSModule(fun));
+     MOZ_ASSERT(fun->isExtended());
+     MOZ_ASSERT(cx->compartment() == fun->compartment());
+ 
+     JSFunction* clone = NewFunctionClone(cx, fun, GenericObject, gc::AllocKind::FUNCTION_EXTENDED,
+                                          /* proto = */ nullptr);
+-    if (!clone)
++    if (!clone) {
+         return nullptr;
++    }
+ 
+     MOZ_ASSERT(fun->native() == InstantiateAsmJS);
+     MOZ_ASSERT(!fun->hasJitInfo());
+     clone->initNative(InstantiateAsmJS, nullptr);
+ 
+     clone->setGroup(fun->group());
+     return clone;
+ }
+@@ -2308,74 +2494,84 @@ js::CloneSelfHostingIntrinsic(JSContext*
+ {
+     MOZ_ASSERT(fun->isNative());
+     MOZ_ASSERT(fun->realm()->isSelfHostingRealm());
+     MOZ_ASSERT(!fun->isExtended());
+     MOZ_ASSERT(cx->compartment() != fun->compartment());
+ 
+     JSFunction* clone = NewFunctionClone(cx, fun, SingletonObject, gc::AllocKind::FUNCTION,
+                                          /* proto = */ nullptr);
+-    if (!clone)
++    if (!clone) {
+         return nullptr;
++    }
+ 
+     clone->initNative(fun->native(), fun->hasJitInfo() ? fun->jitInfo() : nullptr);
+     return clone;
+ }
+ 
+ static JSAtom*
+ SymbolToFunctionName(JSContext* cx, JS::Symbol* symbol, FunctionPrefixKind prefixKind)
+ {
+     // Step 4.a.
+     JSAtom* desc = symbol->description();
+ 
+     // Step 4.b, no prefix fastpath.
+-    if (!desc && prefixKind == FunctionPrefixKind::None)
++    if (!desc && prefixKind == FunctionPrefixKind::None) {
+         return cx->names().empty;
++    }
+ 
+     // Step 5 (reordered).
+     StringBuffer sb(cx);
+     if (prefixKind == FunctionPrefixKind::Get) {
+-        if (!sb.append("get "))
++        if (!sb.append("get ")) {
+             return nullptr;
++        }
+     } else if (prefixKind == FunctionPrefixKind::Set) {
+-        if (!sb.append("set "))
++        if (!sb.append("set ")) {
+             return nullptr;
++        }
+     }
+ 
+     // Step 4.b.
+     if (desc) {
+         // Step 4.c.
+-        if (!sb.append('[') || !sb.append(desc) || !sb.append(']'))
++        if (!sb.append('[') || !sb.append(desc) || !sb.append(']')) {
+             return nullptr;
++        }
+     }
+     return sb.finishAtom();
+ }
+ 
+ static JSAtom*
+ NameToFunctionName(JSContext* cx, HandleValue name, FunctionPrefixKind prefixKind)
+ {
+     MOZ_ASSERT(name.isString() || name.isNumber());
+ 
+-    if (prefixKind == FunctionPrefixKind::None)
++    if (prefixKind == FunctionPrefixKind::None) {
+         return ToAtom<CanGC>(cx, name);
++    }
+ 
+     JSString* nameStr = ToString(cx, name);
+-    if (!nameStr)
++    if (!nameStr) {
+         return nullptr;
++    }
+ 
+     StringBuffer sb(cx);
+     if (prefixKind == FunctionPrefixKind::Get) {
+-        if (!sb.append("get "))
++        if (!sb.append("get ")) {
+             return nullptr;
++        }
+     } else {
+-        if (!sb.append("set "))
++        if (!sb.append("set ")) {
+             return nullptr;
++        }
+     }
+-    if (!sb.append(nameStr))
++    if (!sb.append(nameStr)) {
+         return nullptr;
++    }
+     return sb.finishAtom();
+ }
+ 
+ /*
+  * Return an atom for use as the name of a builtin method with the given
+  * property id.
+  *
+  * Function names are always strings. If id is the well-known @@iterator
+@@ -2386,24 +2582,26 @@ NameToFunctionName(JSContext* cx, Handle
+  */
+ JSAtom*
+ js::IdToFunctionName(JSContext* cx, HandleId id,
+                      FunctionPrefixKind prefixKind /* = FunctionPrefixKind::None */)
+ {
+     MOZ_ASSERT(JSID_IS_STRING(id) || JSID_IS_SYMBOL(id) || JSID_IS_INT(id));
+ 
+     // No prefix fastpath.
+-    if (JSID_IS_ATOM(id) && prefixKind == FunctionPrefixKind::None)
++    if (JSID_IS_ATOM(id) && prefixKind == FunctionPrefixKind::None) {
+         return JSID_TO_ATOM(id);
++    }
+ 
+     // Step 3 (implicit).
+ 
+     // Step 4.
+-    if (JSID_IS_SYMBOL(id))
++    if (JSID_IS_SYMBOL(id)) {
+         return SymbolToFunctionName(cx, JSID_TO_SYMBOL(id), prefixKind);
++    }
+ 
+     // Step 5.
+     RootedValue idv(cx, IdToValue(id));
+     return NameToFunctionName(cx, idv, prefixKind);
+ }
+ 
+ bool
+ js::SetFunctionNameIfNoOwnName(JSContext* cx, HandleFunction fun, HandleValue name,
+@@ -2416,28 +2614,30 @@ js::SetFunctionNameIfNoOwnName(JSContext
+     // end up not adding a new inferred name if |fun| is a class constructor.
+     if (fun->hasInferredName()) {
+         MOZ_ASSERT(fun->isSingleton());
+         fun->clearInferredName();
+     }
+ 
+     if (fun->isClassConstructor()) {
+         // A class may have static 'name' method or accessor.
+-        if (fun->contains(cx, cx->names().name))
++        if (fun->contains(cx, cx->names().name)) {
+             return true;
++        }
+     } else {
+         // Anonymous function shouldn't have own 'name' property at this point.
+         MOZ_ASSERT(!fun->containsPure(cx->names().name));
+     }
+ 
+     JSAtom* funName = name.isSymbol()
+                       ? SymbolToFunctionName(cx, name.toSymbol(), prefixKind)
+                       : NameToFunctionName(cx, name, prefixKind);
+-    if (!funName)
++    if (!funName) {
+         return false;
++    }
+ 
+     // RESOLVED_NAME shouldn't yet be set, at least as long as we don't
+     // support the "static public fields" or "decorators" proposal.
+     // These two proposals allow to access class constructors before
+     // JSOP_SETFUNNAME is executed, which means user code may have set the
+     // RESOLVED_NAME flag when we reach this point.
+     MOZ_ASSERT(!fun->hasResolvedName());
+ 
+@@ -2446,36 +2646,40 @@ js::SetFunctionNameIfNoOwnName(JSContext
+     return true;
+ }
+ 
+ JSFunction*
+ js::DefineFunction(JSContext* cx, HandleObject obj, HandleId id, Native native,
+                    unsigned nargs, unsigned flags, gc::AllocKind allocKind /* = AllocKind::FUNCTION */)
+ {
+     RootedAtom atom(cx, IdToFunctionName(cx, id));
+-    if (!atom)
++    if (!atom) {
+         return nullptr;
++    }
+ 
+     RootedFunction fun(cx);
+-    if (!native)
++    if (!native) {
+         fun = NewScriptedFunction(cx, nargs,
+                                   JSFunction::INTERPRETED_LAZY, atom,
+                                   /* proto = */ nullptr,
+                                   allocKind, GenericObject, obj);
+-    else if (flags & JSFUN_CONSTRUCTOR)
++    } else if (flags & JSFUN_CONSTRUCTOR) {
+         fun = NewNativeConstructor(cx, native, nargs, atom, allocKind);
+-    else
++    } else {
+         fun = NewNativeFunction(cx, native, nargs, atom, allocKind);
+-
+-    if (!fun)
++    }
++
++    if (!fun) {
+         return nullptr;
++    }
+ 
+     RootedValue funVal(cx, ObjectValue(*fun));
+-    if (!DefineDataProperty(cx, obj, id, funVal, flags & ~JSFUN_FLAGS_MASK))
++    if (!DefineDataProperty(cx, obj, id, funVal, flags & ~JSFUN_FLAGS_MASK)) {
+         return nullptr;
++    }
+ 
+     return fun;
+ }
+ 
+ void
+ js::ReportIncompatibleMethod(JSContext* cx, const CallArgs& args, const Class* clasp)
+ {
+     RootedValue thisv(cx, args.thisv());
+diff --git a/js/src/vm/JSFunction.h b/js/src/vm/JSFunction.h
+--- a/js/src/vm/JSFunction.h
++++ b/js/src/vm/JSFunction.h
+@@ -187,18 +187,19 @@ class JSFunction : public js::NativeObje
+     static inline JS::Result<JSFunction*, JS::OOM&>
+     create(JSContext* cx, js::gc::AllocKind kind, js::gc::InitialHeap heap,
+            js::HandleShape shape, js::HandleObjectGroup group);
+ 
+     /* Call objects must be created for each invocation of this function. */
+     bool needsCallObject() const {
+         MOZ_ASSERT(!isInterpretedLazy());
+ 
+-        if (isNative())
++        if (isNative()) {
+             return false;
++        }
+ 
+         // Note: this should be kept in sync with
+         // FunctionBox::needsCallObjectRegardlessOfBindings().
+         MOZ_ASSERT_IF(nonLazyScript()->funHasExtensibleScope() ||
+                       nonLazyScript()->needsHomeObject()       ||
+                       nonLazyScript()->isDerivedClassConstructor() ||
+                       isGenerator() ||
+                       isAsync(),
+@@ -290,18 +291,19 @@ class JSFunction : public js::NativeObje
+     bool hasResolvedLength()        const { return flags() & RESOLVED_LENGTH; }
+     bool hasResolvedName()          const { return flags() & RESOLVED_NAME; }
+ 
+     bool isSelfHostedOrIntrinsic()  const { return flags() & SELF_HOSTED; }
+     bool isSelfHostedBuiltin()      const { return isSelfHostedOrIntrinsic() && !isNative(); }
+     bool isIntrinsic()              const { return isSelfHostedOrIntrinsic() && isNative(); }
+ 
+     bool hasJITCode() const {
+-        if (!hasScript())
++        if (!hasScript()) {
+             return false;
++        }
+ 
+         return nonLazyScript()->hasBaselineScript() || nonLazyScript()->hasIonScript();
+     }
+     bool hasJitEntry() const {
+         return hasScript() || isNativeWithJitEntry();
+     }
+ 
+     /* Compound attributes: */
+@@ -387,20 +389,21 @@ class JSFunction : public js::NativeObje
+     bool wasNewScriptCleared() const {
+         return flags_ & NEW_SCRIPT_CLEARED;
+     }
+     void setNewScriptCleared() {
+         flags_ |= NEW_SCRIPT_CLEARED;
+     }
+ 
+     void setAsyncKind(js::FunctionAsyncKind asyncKind) {
+-        if (isInterpretedLazy())
++        if (isInterpretedLazy()) {
+             lazyScript()->setAsyncKind(asyncKind);
+-        else
++        } else {
+             nonLazyScript()->setAsyncKind(asyncKind);
++        }
+     }
+ 
+     static bool getUnresolvedLength(JSContext* cx, js::HandleFunction fun,
+                                     js::MutableHandleValue v);
+ 
+     JSAtom* infallibleGetUnresolvedName(JSContext* cx);
+ 
+     static bool getUnresolvedName(JSContext* cx, js::HandleFunction fun,
+@@ -528,18 +531,19 @@ class JSFunction : public js::NativeObje
+     //   use existingScriptNonDelazifying().
+     //
+     // - For functions known to have a JSScript, nonLazyScript() will get it.
+ 
+     static JSScript* getOrCreateScript(JSContext* cx, js::HandleFunction fun) {
+         MOZ_ASSERT(fun->isInterpreted());
+         MOZ_ASSERT(cx);
+         if (fun->isInterpretedLazy()) {
+-            if (!createScriptForLazilyInterpretedFunction(cx, fun))
++            if (!createScriptForLazilyInterpretedFunction(cx, fun)) {
+                 return nullptr;
++            }
+             return fun->nonLazyScript();
+         }
+         return fun->nonLazyScript();
+     }
+ 
+     JSScript* existingScriptNonDelazifying() const {
+         MOZ_ASSERT(isInterpreted());
+         if (isInterpretedLazy()) {
+@@ -554,18 +558,19 @@ class JSFunction : public js::NativeObje
+             return fun->nonLazyScript();
+         }
+         return nonLazyScript();
+     }
+ 
+     JSScript* existingScript() {
+         MOZ_ASSERT(isInterpreted());
+         if (isInterpretedLazy()) {
+-            if (shadowZone()->needsIncrementalBarrier())
++            if (shadowZone()->needsIncrementalBarrier()) {
+                 js::LazyScript::writeBarrierPre(lazyScript());
++            }
+             JSScript* script = existingScriptNonDelazifying();
+             flags_ &= ~INTERPRETED_LAZY;
+             flags_ |= INTERPRETED;
+             initScript(script);
+         }
+         return nonLazyScript();
+     }
+ 
+@@ -593,55 +598,61 @@ class JSFunction : public js::NativeObje
+     }
+ 
+     js::LazyScript* lazyScriptOrNull() const {
+         MOZ_ASSERT(isInterpretedLazy());
+         return u.scripted.s.lazy_;
+     }
+ 
+     js::GeneratorKind generatorKind() const {
+-        if (!isInterpreted())
++        if (!isInterpreted()) {
+             return js::GeneratorKind::NotGenerator;
+-        if (hasScript())
++        }
++        if (hasScript()) {
+             return nonLazyScript()->generatorKind();
+-        if (js::LazyScript* lazy = lazyScriptOrNull())
++        }
++        if (js::LazyScript* lazy = lazyScriptOrNull()) {
+             return lazy->generatorKind();
++        }
+         MOZ_ASSERT(isSelfHostedBuiltin());
+         return js::GeneratorKind::NotGenerator;
+     }
+ 
+     bool isGenerator() const { return generatorKind() == js::GeneratorKind::Generator; }
+ 
+     js::FunctionAsyncKind asyncKind() const {
+         return isInterpretedLazy() ? lazyScript()->asyncKind() : nonLazyScript()->asyncKind();
+     }
+ 
+     bool isAsync() const {
+-        if (isInterpretedLazy())
++        if (isInterpretedLazy()) {
+             return lazyScript()->isAsync();
+-        if (hasScript())
++        }
++        if (hasScript()) {
+             return nonLazyScript()->isAsync();
++        }
+         return false;
+     }
+ 
+     void setScript(JSScript* script_) {
+         mutableScript() = script_;
+     }
+ 
+     void initScript(JSScript* script_) {
+         mutableScript().init(script_);
+     }
+ 
+     void setUnlazifiedScript(JSScript* script) {
+         MOZ_ASSERT(isInterpretedLazy());
+         if (lazyScriptOrNull()) {
+             // Trigger a pre barrier on the lazy script being overwritten.
+             js::LazyScript::writeBarrierPre(lazyScriptOrNull());
+-            if (!lazyScript()->maybeScript())
++            if (!lazyScript()->maybeScript()) {
+                 lazyScript()->initScript(script);
++            }
+         }
+         flags_ &= ~INTERPRETED_LAZY;
+         flags_ |= INTERPRETED;
+         initScript(script);
+     }
+ 
+     void initLazyScript(js::LazyScript* lazy) {
+         MOZ_ASSERT(isInterpreted());
+@@ -785,18 +796,19 @@ class JSFunction : public js::NativeObje
+ 
+     /* GC support. */
+     js::gc::AllocKind getAllocKind() const {
+         static_assert(js::gc::AllocKind::FUNCTION != js::gc::AllocKind::FUNCTION_EXTENDED,
+                       "extended/non-extended AllocKinds have to be different "
+                       "for getAllocKind() to have a reason to exist");
+ 
+         js::gc::AllocKind kind = js::gc::AllocKind::FUNCTION;
+-        if (isExtended())
++        if (isExtended()) {
+             kind = js::gc::AllocKind::FUNCTION_EXTENDED;
++        }
+         MOZ_ASSERT_IF(isTenured(), kind == asTenured().getAllocKind());
+         return kind;
+     }
+ };
+ 
+ static_assert(sizeof(JSFunction) == sizeof(js::shadow::Function),
+               "shadow interface must match actual interface");
+ 
+diff --git a/js/src/vm/JSONParser.cpp b/js/src/vm/JSONParser.cpp
+--- a/js/src/vm/JSONParser.cpp
++++ b/js/src/vm/JSONParser.cpp
+@@ -24,54 +24,59 @@
+ using namespace js;
+ 
+ using mozilla::IsAsciiDigit;
+ using mozilla::RangedPtr;
+ 
+ JSONParserBase::~JSONParserBase()
+ {
+     for (size_t i = 0; i < stack.length(); i++) {
+-        if (stack[i].state == FinishArrayElement)
++        if (stack[i].state == FinishArrayElement) {
+             js_delete(&stack[i].elements());
+-        else
++        } else {
+             js_delete(&stack[i].properties());
++        }
+     }
+ 
+-    for (size_t i = 0; i < freeElements.length(); i++)
++    for (size_t i = 0; i < freeElements.length(); i++) {
+         js_delete(freeElements[i]);
++    }
+ 
+-    for (size_t i = 0; i < freeProperties.length(); i++)
++    for (size_t i = 0; i < freeProperties.length(); i++) {
+         js_delete(freeProperties[i]);
++    }
+ }
+ 
+ void
+ JSONParserBase::trace(JSTracer* trc)
+ {
+     for (auto& elem : stack) {
+-        if (elem.state == FinishArrayElement)
++        if (elem.state == FinishArrayElement) {
+             elem.elements().trace(trc);
+-        else
++        } else {
+             elem.properties().trace(trc);
++        }
+     }
+ }
+ 
+ template <typename CharT>
+ void
+ JSONParser<CharT>::getTextPosition(uint32_t* column, uint32_t* line)
+ {
+     CharPtr ptr = begin;
+     uint32_t col = 1;
+     uint32_t row = 1;
+     for (; ptr < current; ptr++) {
+         if (*ptr == '\n' || *ptr == '\r') {
+             ++row;
+             col = 1;
+             // \r\n is treated as a single newline.
+-            if (ptr + 1 < current && *ptr == '\r' && *(ptr + 1) == '\n')
++            if (ptr + 1 < current && *ptr == '\r' && *(ptr + 1) == '\n') {
+                 ++ptr;
++            }
+         } else {
+             ++col;
+         }
+     }
+     *column = col;
+     *line = row;
+ }
+ 
+@@ -125,61 +130,67 @@ JSONParser<CharT>::readString()
+     CharPtr start = current;
+     for (; current < end; current++) {
+         if (*current == '"') {
+             size_t length = current - start;
+             current++;
+             JSFlatString* str = (ST == JSONParser::PropertyName)
+                                 ? AtomizeChars(cx, start.get(), length)
+                                 : NewStringCopyN<CanGC>(cx, start.get(), length);
+-            if (!str)
++            if (!str) {
+                 return token(OOM);
++            }
+             return stringToken(str);
+         }
+ 
+-        if (*current == '\\')
++        if (*current == '\\') {
+             break;
++        }
+ 
+         if (*current <= 0x001F) {
+             error("bad control character in string literal");
+             return token(Error);
+         }
+     }
+ 
+     /*
+      * Slow case: string contains escaped characters.  Copy a maximal sequence
+      * of unescaped characters into a temporary buffer, then an escaped
+      * character, and repeat until the entire string is consumed.
+      */
+     StringBuffer buffer(cx);
+     do {
+-        if (start < current && !buffer.append(start.get(), current.get()))
++        if (start < current && !buffer.append(start.get(), current.get())) {
+             return token(OOM);
++        }
+ 
+-        if (current >= end)
++        if (current >= end) {
+             break;
++        }
+ 
+         char16_t c = *current++;
+         if (c == '"') {
+             JSFlatString* str = (ST == JSONParser::PropertyName)
+                                 ? buffer.finishAtom()
+                                 : buffer.finishString();
+-            if (!str)
++            if (!str) {
+                 return token(OOM);
++            }
+             return stringToken(str);
+         }
+ 
+         if (c != '\\') {
+             --current;
+             error("bad character in string literal");
+             return token(Error);
+         }
+ 
+-        if (current >= end)
++        if (current >= end) {
+             break;
++        }
+ 
+         switch (*current++) {
+           case '"':  c = '"';  break;
+           case '/':  c = '/';  break;
+           case '\\': c = '\\'; break;
+           case 'b':  c = '\b'; break;
+           case 'f':  c = '\f'; break;
+           case 'n':  c = '\n'; break;
+@@ -190,49 +201,52 @@ JSONParser<CharT>::readString()
+             if (end - current < 4 ||
+                 !(JS7_ISHEX(current[0]) &&
+                   JS7_ISHEX(current[1]) &&
+                   JS7_ISHEX(current[2]) &&
+                   JS7_ISHEX(current[3])))
+             {
+                 // Point to the first non-hexadecimal character (which may be
+                 // missing).
+-                if (current == end || !JS7_ISHEX(current[0]))
++                if (current == end || !JS7_ISHEX(current[0])) {
+                     ; // already at correct location
+-                else if (current + 1 == end || !JS7_ISHEX(current[1]))
++                } else if (current + 1 == end || !JS7_ISHEX(current[1])) {
+                     current += 1;
+-                else if (current + 2 == end || !JS7_ISHEX(current[2]))
++                } else if (current + 2 == end || !JS7_ISHEX(current[2])) {
+                     current += 2;
+-                else if (current + 3 == end || !JS7_ISHEX(current[3]))
++                } else if (current + 3 == end || !JS7_ISHEX(current[3])) {
+                     current += 3;
+-                else
++                } else {
+                     MOZ_CRASH("logic error determining first erroneous character");
++                }
+ 
+                 error("bad Unicode escape");
+                 return token(Error);
+             }
+             c = (JS7_UNHEX(current[0]) << 12)
+               | (JS7_UNHEX(current[1]) << 8)
+               | (JS7_UNHEX(current[2]) << 4)
+               | (JS7_UNHEX(current[3]));
+             current += 4;
+             break;
+ 
+           default:
+             current--;
+             error("bad escaped character");
+             return token(Error);
+         }
+-        if (!buffer.append(c))
++        if (!buffer.append(c)) {
+             return token(OOM);
++        }
+ 
+         start = current;
+         for (; current < end; current++) {
+-            if (*current == '"' || *current == '\\' || *current <= 0x001F)
++            if (*current == '"' || *current == '\\' || *current <= 0x001F) {
+                 break;
++            }
+         }
+     } while (current < end);
+ 
+     error("unterminated string");
+     return token(Error);
+ }
+ 
+ template <typename CharT>
+@@ -259,52 +273,55 @@ JSONParser<CharT>::readNumber()
+ 
+     /* 0|[1-9][0-9]+ */
+     if (!IsAsciiDigit(*current)) {
+         error("unexpected non-digit");
+         return token(Error);
+     }
+     if (*current++ != '0') {
+         for (; current < end; current++) {
+-            if (!IsAsciiDigit(*current))
++            if (!IsAsciiDigit(*current)) {
+                 break;
++            }
+         }
+     }
+ 
+     /* Fast path: no fractional or exponent part. */
+     if (current == end || (*current != '.' && *current != 'e' && *current != 'E')) {
+         mozilla::Range<const CharT> chars(digitStart.get(), current - digitStart);
+         if (chars.length() < strlen("9007199254740992")) {
+             // If the decimal number is shorter than the length of 2**53, (the
+             // largest number a double can represent with integral precision),
+             // parse it using a decimal-only parser.  This comparison is
+             // conservative but faster than a fully-precise check.
+             double d = ParseDecimalNumber(chars);
+             return numberToken(negative ? -d : d);
+         }
+ 
+         double d;
+-        if (!GetFullInteger(cx, digitStart.get(), current.get(), 10, &d))
++        if (!GetFullInteger(cx, digitStart.get(), current.get(), 10, &d)) {
+             return token(OOM);
++        }
+         return numberToken(negative ? -d : d);
+     }
+ 
+     /* (\.[0-9]+)? */
+     if (current < end && *current == '.') {
+         if (++current == end) {
+             error("missing digits after decimal point");
+             return token(Error);
+         }
+         if (!IsAsciiDigit(*current)) {
+             error("unterminated fractional number");
+             return token(Error);
+         }
+         while (++current < end) {
+-            if (!IsAsciiDigit(*current))
++            if (!IsAsciiDigit(*current)) {
+                 break;
++            }
+         }
+     }
+ 
+     /* ([eE][\+\-]?[0-9]+)? */
+     if (current < end && (*current == 'e' || *current == 'E')) {
+         if (++current == end) {
+             error("missing digits after exponent indicator");
+             return token(Error);
+@@ -315,39 +332,42 @@ JSONParser<CharT>::readNumber()
+                 return token(Error);
+             }
+         }
+         if (!IsAsciiDigit(*current)) {
+             error("exponent part is missing a number");
+             return token(Error);
+         }
+         while (++current < end) {
+-            if (!IsAsciiDigit(*current))
++            if (!IsAsciiDigit(*current)) {
+                 break;
++            }
+         }
+     }
+ 
+     double d;
+-    if (!FullStringToDouble(cx, digitStart.get(), current.get(), &d))
++    if (!FullStringToDouble(cx, digitStart.get(), current.get(), &d)) {
+         return token(OOM);
++    }
+     return numberToken(negative ? -d : d);
+ }
+ 
+ static inline bool
+ IsJSONWhitespace(char16_t c)
+ {
+     return c == '\t' || c == '\r' || c == '\n' || c == ' ';
+ }
+ 
+ template <typename CharT>
+ JSONParserBase::Token
+ JSONParser<CharT>::advance()
+ {
+-    while (current < end && IsJSONWhitespace(*current))
++    while (current < end && IsJSONWhitespace(*current)) {
+         current++;
++    }
+     if (current >= end) {
+         error("unexpected end of data");
+         return token(Error);
+     }
+ 
+     switch (*current) {
+       case '"':
+         return readString<LiteralValue>();
+@@ -420,25 +440,27 @@ JSONParser<CharT>::advance()
+ }
+ 
+ template <typename CharT>
+ JSONParserBase::Token
+ JSONParser<CharT>::advanceAfterObjectOpen()
+ {
+     MOZ_ASSERT(current[-1] == '{');
+ 
+-    while (current < end && IsJSONWhitespace(*current))
++    while (current < end && IsJSONWhitespace(*current)) {
+         current++;
++    }
+     if (current >= end) {
+         error("end of data while reading object contents");
+         return token(Error);
+     }
+ 
+-    if (*current == '"')
++    if (*current == '"') {
+         return readString<PropertyName>();
++    }
+ 
+     if (*current == '}') {
+         current++;
+         return token(ObjectClose);
+     }
+ 
+     error("expected property name or '}'");
+     return token(Error);
+@@ -473,18 +495,19 @@ AssertPastValue(const RangedPtr<const Ch
+ }
+ 
+ template <typename CharT>
+ JSONParserBase::Token
+ JSONParser<CharT>::advanceAfterArrayElement()
+ {
+     AssertPastValue(current);
+ 
+-    while (current < end && IsJSONWhitespace(*current))
++    while (current < end && IsJSONWhitespace(*current)) {
+         current++;
++    }
+     if (current >= end) {
+         error("end of data when ',' or ']' was expected");
+         return token(Error);
+     }
+ 
+     if (*current == ',') {
+         current++;
+         return token(Comma);
+@@ -500,38 +523,41 @@ JSONParser<CharT>::advanceAfterArrayElem
+ }
+ 
+ template <typename CharT>
+ JSONParserBase::Token
+ JSONParser<CharT>::advancePropertyName()
+ {
+     MOZ_ASSERT(current[-1] == ',');
+ 
+-    while (current < end && IsJSONWhitespace(*current))
++    while (current < end && IsJSONWhitespace(*current)) {
+         current++;
++    }
+     if (current >= end) {
+         error("end of data when property name was expected");
+         return token(Error);
+     }
+ 
+-    if (*current == '"')
++    if (*current == '"') {
+         return readString<PropertyName>();
++    }
+ 
+     error("expected double-quoted property name");
+     return token(Error);
+ }
+ 
+ template <typename CharT>
+ JSONParserBase::Token
+ JSONParser<CharT>::advancePropertyColon()
+ {
+     MOZ_ASSERT(current[-1] == '"');
+ 
+-    while (current < end && IsJSONWhitespace(*current))
++    while (current < end && IsJSONWhitespace(*current)) {
+         current++;
++    }
+     if (current >= end) {
+         error("end of data after property name when ':' was expected");
+         return token(Error);
+     }
+ 
+     if (*current == ':') {
+         current++;
+         return token(Colon);
+@@ -542,18 +568,19 @@ JSONParser<CharT>::advancePropertyColon(
+ }
+ 
+ template <typename CharT>
+ JSONParserBase::Token
+ JSONParser<CharT>::advanceAfterProperty()
+ {
+     AssertPastValue(current);
+ 
+-    while (current < end && IsJSONWhitespace(*current))
++    while (current < end && IsJSONWhitespace(*current)) {
+         current++;
++    }
+     if (current >= end) {
+         error("end of data after property value in object");
+         return token(Error);
+     }
+ 
+     if (*current == ',') {
+         current++;
+         return token(Comma);
+@@ -569,52 +596,58 @@ JSONParser<CharT>::advanceAfterProperty(
+ }
+ 
+ inline bool
+ JSONParserBase::finishObject(MutableHandleValue vp, PropertyVector& properties)
+ {
+     MOZ_ASSERT(&properties == &stack.back().properties());
+ 
+     JSObject* obj = ObjectGroup::newPlainObject(cx, properties.begin(), properties.length(), GenericObject);
+-    if (!obj)
++    if (!obj) {
+         return false;
++    }
+ 
+     vp.setObject(*obj);
+-    if (!freeProperties.append(&properties))
++    if (!freeProperties.append(&properties)) {
+         return false;
++    }
+     stack.popBack();
+ 
+     if (!stack.empty() && stack.back().state == FinishArrayElement) {
+         const ElementVector& elements = stack.back().elements();
+-        if (!CombinePlainObjectPropertyTypes(cx, obj, elements.begin(), elements.length()))
++        if (!CombinePlainObjectPropertyTypes(cx, obj, elements.begin(), elements.length())) {
+             return false;
++        }
+     }
+ 
+     return true;
+ }
+ 
+ inline bool
+ JSONParserBase::finishArray(MutableHandleValue vp, ElementVector& elements)
+ {
+     MOZ_ASSERT(&elements == &stack.back().elements());
+ 
+     ArrayObject* obj = ObjectGroup::newArrayObject(cx, elements.begin(), elements.length(),
+                                                    GenericObject);
+-    if (!obj)
++    if (!obj) {
+         return false;
++    }
+ 
+     vp.setObject(*obj);
+-    if (!freeElements.append(&elements))
++    if (!freeElements.append(&elements)) {
+         return false;
++    }
+     stack.popBack();
+ 
+     if (!stack.empty() && stack.back().state == FinishArrayElement) {
+         const ElementVector& elements = stack.back().elements();
+-        if (!CombineArrayElementTypes(cx, obj, elements.begin(), elements.length()))
++        if (!CombineArrayElementTypes(cx, obj, elements.begin(), elements.length())) {
+             return false;
++        }
+     }
+ 
+     return true;
+ }
+ 
+ template <typename CharT>
+ bool
+ JSONParser<CharT>::parse(MutableHandleValue vp)
+@@ -629,60 +662,69 @@ JSONParser<CharT>::parse(MutableHandleVa
+     while (true) {
+         switch (state) {
+           case FinishObjectMember: {
+             PropertyVector& properties = stack.back().properties();
+             properties.back().value = value;
+ 
+             token = advanceAfterProperty();
+             if (token == ObjectClose) {
+-                if (!finishObject(&value, properties))
++                if (!finishObject(&value, properties)) {
+                     return false;
++                }
+                 break;
+             }
+             if (token != Comma) {
+-                if (token == OOM)
++                if (token == OOM) {
+                     return false;
+-                if (token != Error)
++                }
++                if (token != Error) {
+                     error("expected ',' or '}' after property-value pair in object literal");
++                }
+                 return errorReturn();
+             }
+             token = advancePropertyName();
+             /* FALL THROUGH */
+           }
+ 
+           JSONMember:
+             if (token == String) {
+                 jsid id = AtomToId(atomValue());
+                 PropertyVector& properties = stack.back().properties();
+-                if (!properties.append(IdValuePair(id)))
++                if (!properties.append(IdValuePair(id))) {
+                     return false;
++                }
+                 token = advancePropertyColon();
+                 if (token != Colon) {
+                     MOZ_ASSERT(token == Error);
+                     return errorReturn();
+                 }
+                 goto JSONValue;
+             }
+-            if (token == OOM)
++            if (token == OOM) {
+                 return false;
+-            if (token != Error)
++            }
++            if (token != Error) {
+                 error("property names must be double-quoted strings");
++            }
+             return errorReturn();
+ 
+           case FinishArrayElement: {
+             ElementVector& elements = stack.back().elements();
+-            if (!elements.append(value.get()))
++            if (!elements.append(value.get())) {
+                 return false;
++            }
+             token = advanceAfterArrayElement();
+-            if (token == Comma)
++            if (token == Comma) {
+                 goto JSONValue;
++            }
+             if (token == ArrayClose) {
+-                if (!finishArray(&value, elements))
++                if (!finishArray(&value, elements)) {
+                     return false;
++                }
+                 break;
+             }
+             MOZ_ASSERT(token == Error);
+             return errorReturn();
+           }
+ 
+           JSONValue:
+           case JSONValue:
+@@ -707,52 +749,56 @@ JSONParser<CharT>::parse(MutableHandleVa
+ 
+               case ArrayOpen: {
+                 ElementVector* elements;
+                 if (!freeElements.empty()) {
+                     elements = freeElements.popCopy();
+                     elements->clear();
+                 } else {
+                     elements = cx->new_<ElementVector>(cx);
+-                    if (!elements)
++                    if (!elements) {
+                         return false;
++                    }
+                 }
+                 if (!stack.append(elements)) {
+                     js_delete(elements);
+                     return false;
+                 }
+ 
+                 token = advance();
+                 if (token == ArrayClose) {
+-                    if (!finishArray(&value, *elements))
++                    if (!finishArray(&value, *elements)) {
+                         return false;
++                    }
+                     break;
+                 }
+                 goto JSONValueSwitch;
+               }
+ 
+               case ObjectOpen: {
+                 PropertyVector* properties;
+                 if (!freeProperties.empty()) {
+                     properties = freeProperties.popCopy();
+                     properties->clear();
+                 } else {
+                     properties = cx->new_<PropertyVector>(cx);
+-                    if (!properties)
++                    if (!properties) {
+                         return false;
++                    }
+                 }
+                 if (!stack.append(properties)) {
+                     js_delete(properties);
+                     return false;
+                 }
+ 
+                 token = advanceAfterObjectOpen();
+                 if (token == ObjectClose) {
+-                    if (!finishObject(&value, *properties))
++                    if (!finishObject(&value, *properties)) {
+                         return false;
++                    }
+                     break;
+                 }
+                 goto JSONMember;
+               }
+ 
+               case ArrayClose:
+               case ObjectClose:
+               case Colon:
+@@ -767,18 +813,19 @@ JSONParser<CharT>::parse(MutableHandleVa
+                 return false;
+ 
+               case Error:
+                 return errorReturn();
+             }
+             break;
+         }
+ 
+-        if (stack.empty())
++        if (stack.empty()) {
+             break;
++        }
+         state = stack.back().state;
+     }
+ 
+     for (; current < end; current++) {
+         if (!IsJSONWhitespace(*current)) {
+             error("unexpected non-whitespace character after JSON data");
+             return errorReturn();
+         }
+diff --git a/js/src/vm/JSONPrinter.cpp b/js/src/vm/JSONPrinter.cpp
+--- a/js/src/vm/JSONPrinter.cpp
++++ b/js/src/vm/JSONPrinter.cpp
+@@ -13,34 +13,37 @@
+ #include <stdarg.h>
+ 
+ #include "util/DoubleToString.h"
+ 
+ using namespace js;
+ 
+ JSONPrinter::~JSONPrinter()
+ {
+-    if (dtoaState_)
++    if (dtoaState_) {
+         DestroyDtoaState(dtoaState_);
++    }
+ }
+ 
+ void
+ JSONPrinter::indent()
+ {
+     MOZ_ASSERT(indentLevel_ >= 0);
+     out_.printf("\n");
+-    for (int i = 0; i < indentLevel_; i++)
++    for (int i = 0; i < indentLevel_; i++) {
+         out_.printf("  ");
++    }
+ }
+ 
+ void
+ JSONPrinter::propertyName(const char* name)
+ {
+-    if (!first_)
++    if (!first_) {
+         out_.printf(",");
++    }
+     indent();
+     out_.printf("\"%s\":", name);
+     first_ = false;
+ }
+ 
+ void
+ JSONPrinter::beginObject()
+ {
+@@ -105,18 +108,19 @@ JSONPrinter::formatProperty(const char* 
+ }
+ 
+ void
+ JSONPrinter::value(const char* format, ...)
+ {
+     va_list ap;
+     va_start(ap, format);
+ 
+-    if (!first_)
++    if (!first_) {
+         out_.printf(",");
++    }
+     out_.printf("\"");
+     out_.vprintf(format, ap);
+     out_.printf("\"");
+ 
+     va_end(ap);
+     first_ = false;
+ }
+ 
+@@ -125,18 +129,19 @@ JSONPrinter::property(const char* name, 
+ {
+     propertyName(name);
+     out_.printf("%" PRId32, value);
+ }
+ 
+ void
+ JSONPrinter::value(int val)
+ {
+-    if (!first_)
++    if (!first_) {
+         out_.printf(",");
++    }
+     out_.printf("%d", val);
+     first_ = false;
+ }
+ 
+ void
+ JSONPrinter::property(const char* name, uint32_t value)
+ {
+     propertyName(name);
+diff --git a/js/src/vm/JSObject-inl.h b/js/src/vm/JSObject-inl.h
+--- a/js/src/vm/JSObject-inl.h
++++ b/js/src/vm/JSObject-inl.h
+@@ -34,18 +34,19 @@
+ #include "vm/TypeInference-inl.h"
+ 
+ namespace js {
+ 
+ // This is needed here for ensureShape() below.
+ inline bool
+ MaybeConvertUnboxedObjectToNative(JSContext* cx, JSObject* obj)
+ {
+-    if (obj->is<UnboxedPlainObject>())
++    if (obj->is<UnboxedPlainObject>()) {
+         return UnboxedPlainObject::convertToNative(cx, obj);
++    }
+     return true;
+ }
+ 
+ static MOZ_ALWAYS_INLINE bool
+ ClassMayResolveId(const JSAtomState& names, const Class* clasp, jsid id, JSObject* maybeObj)
+ {
+     MOZ_ASSERT_IF(maybeObj, maybeObj->getClass() == clasp);
+ 
+@@ -54,39 +55,42 @@ ClassMayResolveId(const JSAtomState& nam
+         // resolve hook.
+         MOZ_ASSERT(!clasp->getMayResolve(), "Class with mayResolve hook but no resolve hook");
+         return false;
+     }
+ 
+     if (JSMayResolveOp mayResolve = clasp->getMayResolve()) {
+         // Tell the analysis our mayResolve hooks won't trigger GC.
+         JS::AutoSuppressGCAnalysis nogc;
+-        if (!mayResolve(names, id, maybeObj))
++        if (!mayResolve(names, id, maybeObj)) {
+             return false;
++        }
+     }
+ 
+     return true;
+ }
+ 
+ } // namespace js
+ 
+ inline js::Shape*
+ JSObject::maybeShape() const
+ {
+-    if (!is<js::ShapedObject>())
++    if (!is<js::ShapedObject>()) {
+         return nullptr;
++    }
+ 
+     return as<js::ShapedObject>().shape();
+ }
+ 
+ inline js::Shape*
+ JSObject::ensureShape(JSContext* cx)
+ {
+-    if (!js::MaybeConvertUnboxedObjectToNative(cx, this))
++    if (!js::MaybeConvertUnboxedObjectToNative(cx, this)) {
+         return nullptr;
++    }
+     js::Shape* shape = maybeShape();
+     MOZ_ASSERT(shape);
+     return shape;
+ }
+ 
+ inline void
+ JSObject::finalize(js::FreeOp* fop)
+ {
+@@ -97,26 +101,30 @@ JSObject::finalize(js::FreeOp* fop)
+     if (!IsBackgroundFinalized(asTenured().getAllocKind())) {
+         /* Assert we're on the main thread. */
+         MOZ_ASSERT(CurrentThreadCanAccessZone(zone()));
+     }
+ #endif
+ 
+     const js::Class* clasp = getClass();
+     js::NativeObject* nobj = nullptr;
+-    if (clasp->isNative())
++    if (clasp->isNative()) {
+         nobj = &as<js::NativeObject>();
+-    if (clasp->hasFinalize())
++    }
++    if (clasp->hasFinalize()) {
+         clasp->doFinalize(fop, this);
++    }
+ 
+-    if (!nobj)
++    if (!nobj) {
+         return;
++    }
+ 
+-    if (nobj->hasDynamicSlots())
++    if (nobj->hasDynamicSlots()) {
+         fop->free_(nobj->slots_);
++    }
+ 
+     if (nobj->hasDynamicElements()) {
+         js::ObjectElements* elements = nobj->getElementsHeader();
+         if (elements->isCopyOnWrite()) {
+             if (elements->ownerObject() == this) {
+                 // Don't free the elements until object finalization finishes,
+                 // so that other objects can access these elements while they
+                 // are themselves finalized.
+@@ -133,52 +141,56 @@ JSObject::finalize(js::FreeOp* fop)
+ 
+ MOZ_ALWAYS_INLINE void
+ js::NativeObject::sweepDictionaryListPointer()
+ {
+     // For dictionary objects (which must be native), it's possible that
+     // unreachable shapes may be marked whose listp points into this object.  In
+     // case this happens, null out the shape's pointer so that a moving GC will
+     // not try to access the dead object.
+-    if (shape()->listp == shapePtr())
++    if (shape()->listp == shapePtr()) {
+         shape()->listp = nullptr;
++    }
+ }
+ 
+ MOZ_ALWAYS_INLINE void
+ js::NativeObject::updateDictionaryListPointerAfterMinorGC(NativeObject* old)
+ {
+     MOZ_ASSERT(this == Forwarded(old));
+ 
+     // Dictionary objects can be allocated in the nursery and when they are
+     // tenured the shape's pointer into the object needs to be updated.
+-    if (shape()->listp == old->shapePtr())
++    if (shape()->listp == old->shapePtr()) {
+         shape()->listp = shapePtr();
++    }
+ }
+ 
+ /* static */ inline bool
+ JSObject::setSingleton(JSContext* cx, js::HandleObject obj)
+ {
+     MOZ_ASSERT(!IsInsideNursery(obj));
+ 
+     js::ObjectGroup* group = js::ObjectGroup::lazySingletonGroup(cx, obj->group_, obj->getClass(),
+                                                                  obj->taggedProto());
+-    if (!group)
++    if (!group) {
+         return false;
++    }
+ 
+     obj->group_ = group;
+     return true;
+ }
+ 
+ /* static */ inline js::ObjectGroup*
+ JSObject::getGroup(JSContext* cx, js::HandleObject obj)
+ {
+     MOZ_ASSERT(cx->compartment() == obj->compartment());
+     if (obj->hasLazyGroup()) {
+-        if (cx->compartment() != obj->compartment())
++        if (cx->compartment() != obj->compartment()) {
+             MOZ_CRASH();
++        }
+         return makeLazyGroup(cx, obj);
+     }
+     return obj->group_;
+ }
+ 
+ inline void
+ JSObject::setGroup(js::ObjectGroup* group)
+ {
+@@ -228,89 +240,96 @@ js::HasProperty(JSContext* cx, HandleObj
+     return HasProperty(cx, obj, id, found);
+ }
+ 
+ inline bool
+ js::GetElement(JSContext* cx, HandleObject obj, HandleValue receiver, uint32_t index,
+                MutableHandleValue vp)
+ {
+     RootedId id(cx);
+-    if (!IndexToId(cx, index, &id))
++    if (!IndexToId(cx, index, &id)) {
+         return false;
++    }
+     return GetProperty(cx, obj, receiver, id, vp);
+ }
+ 
+ inline bool
+ js::GetElement(JSContext* cx, HandleObject obj, HandleObject receiver, uint32_t index,
+                MutableHandleValue vp)
+ {
+     RootedValue receiverValue(cx, ObjectValue(*receiver));
+     return GetElement(cx, obj, receiverValue, index, vp);
+ }
+ 
+ inline bool
+ js::GetElementNoGC(JSContext* cx, JSObject* obj, const Value& receiver, uint32_t index, Value* vp)
+ {
+-    if (obj->getOpsGetProperty())
++    if (obj->getOpsGetProperty()) {
+         return false;
++    }
+ 
+-    if (index > JSID_INT_MAX)
++    if (index > JSID_INT_MAX) {
+         return false;
++    }
+     return GetPropertyNoGC(cx, obj, receiver, INT_TO_JSID(index), vp);
+ }
+ 
+ inline bool
+ js::DeleteProperty(JSContext* cx, HandleObject obj, HandleId id, ObjectOpResult& result)
+ {
+     MarkTypePropertyNonData(cx, obj, id);
+-    if (DeletePropertyOp op = obj->getOpsDeleteProperty())
++    if (DeletePropertyOp op = obj->getOpsDeleteProperty()) {
+         return op(cx, obj, id, result);
++    }
+     return NativeDeleteProperty(cx, obj.as<NativeObject>(), id, result);
+ }
+ 
+ inline bool
+ js::DeleteElement(JSContext* cx, HandleObject obj, uint32_t index, ObjectOpResult& result)
+ {
+     RootedId id(cx);
+-    if (!IndexToId(cx, index, &id))
++    if (!IndexToId(cx, index, &id)) {
+         return false;
++    }
+     return DeleteProperty(cx, obj, id, result);
+ }
+ 
+ MOZ_ALWAYS_INLINE bool
+ js::MaybeHasInterestingSymbolProperty(JSContext* cx, JSObject* obj, Symbol* symbol,
+                                       JSObject** holder)
+ {
+     MOZ_ASSERT(symbol->isInterestingSymbol());
+ 
+     jsid id = SYMBOL_TO_JSID(symbol);
+     do {
+         if (obj->maybeHasInterestingSymbolProperty() ||
+             MOZ_UNLIKELY(ClassMayResolveId(cx->names(), obj->getClass(), id, obj)))
+         {
+-            if (holder)
++            if (holder) {
+                 *holder = obj;
++            }
+             return true;
+         }
+         obj = obj->staticPrototype();
+     } while (obj);
+ 
+     return false;
+ }
+ 
+ MOZ_ALWAYS_INLINE bool
+ js::GetInterestingSymbolProperty(JSContext* cx, HandleObject obj, Symbol* sym, MutableHandleValue vp)
+ {
+     JSObject* holder;
+     if (!MaybeHasInterestingSymbolProperty(cx, obj, sym, &holder)) {
+ #ifdef DEBUG
+         RootedValue receiver(cx, ObjectValue(*obj));
+         RootedId id(cx, SYMBOL_TO_JSID(sym));
+-        if (!GetProperty(cx, obj, receiver, id, vp))
++        if (!GetProperty(cx, obj, receiver, id, vp)) {
+             return false;
++        }
+         MOZ_ASSERT(vp.isUndefined());
+ #endif
+         vp.setUndefined();
+         return true;
+     }
+ 
+     RootedObject holderRoot(cx, holder);
+     RootedValue receiver(cx, ObjectValue(*obj));
+@@ -318,35 +337,37 @@ js::GetInterestingSymbolProperty(JSConte
+     return GetProperty(cx, holderRoot, receiver, id, vp);
+ }
+ 
+ /* * */
+ 
+ inline bool
+ JSObject::isQualifiedVarObj() const
+ {
+-    if (is<js::DebugEnvironmentProxy>())
++    if (is<js::DebugEnvironmentProxy>()) {
+         return as<js::DebugEnvironmentProxy>().environment().isQualifiedVarObj();
++    }
+     bool rv = hasAllFlags(js::BaseShape::QUALIFIED_VAROBJ);
+     MOZ_ASSERT_IF(rv,
+                   is<js::GlobalObject>() ||
+                   is<js::CallObject>() ||
+                   is<js::VarEnvironmentObject>() ||
+                   is<js::ModuleEnvironmentObject>() ||
+                   is<js::NonSyntacticVariablesObject>() ||
+                   (is<js::WithEnvironmentObject>() &&
+                    !as<js::WithEnvironmentObject>().isSyntactic()));
+     return rv;
+ }
+ 
+ inline bool
+ JSObject::isUnqualifiedVarObj() const
+ {
+-    if (is<js::DebugEnvironmentProxy>())
++    if (is<js::DebugEnvironmentProxy>()) {
+         return as<js::DebugEnvironmentProxy>().environment().isUnqualifiedVarObj();
++    }
+     return is<js::GlobalObject>() || is<js::NonSyntacticVariablesObject>();
+ }
+ 
+ namespace js {
+ 
+ inline bool
+ ClassCanHaveFixedData(const Class* clasp)
+ {
+@@ -407,18 +428,19 @@ JSObject::nonCCWGlobal() const
+      */
+     return *nonCCWRealm()->unsafeUnbarrieredMaybeGlobal();
+ }
+ 
+ inline bool
+ JSObject::hasAllFlags(js::BaseShape::Flag flags) const
+ {
+     MOZ_ASSERT(flags);
+-    if (js::Shape* shape = maybeShape())
++    if (js::Shape* shape = maybeShape()) {
+         return shape->hasAllObjectFlags(flags);
++    }
+     return false;
+ }
+ 
+ inline bool
+ JSObject::nonProxyIsExtensible() const
+ {
+     MOZ_ASSERT(!uninlinedIsProxy());
+ 
+@@ -447,18 +469,19 @@ JSObject::hasUncacheableProto() const
+ MOZ_ALWAYS_INLINE bool
+ JSObject::maybeHasInterestingSymbolProperty() const
+ {
+     const js::NativeObject* nobj;
+     if (isNative()) {
+         nobj = &as<js::NativeObject>();
+     } else if (is<js::UnboxedPlainObject>()) {
+         nobj = as<js::UnboxedPlainObject>().maybeExpando();
+-        if (!nobj)
++        if (!nobj) {
+             return false;
++        }
+     } else {
+         return true;
+     }
+ 
+     return nobj->hasInterestingSymbol();
+ }
+ 
+ inline bool
+@@ -526,18 +549,19 @@ IsNativeFunction(const JSObject* obj, JS
+ 
+ // Return whether looking up a method on 'obj' definitely resolves to the
+ // original specified native function. The method may conservatively return
+ // 'false' in the case of proxies or other non-native objects.
+ static MOZ_ALWAYS_INLINE bool
+ HasNativeMethodPure(JSObject* obj, PropertyName* name, JSNative native, JSContext* cx)
+ {
+     Value v;
+-    if (!GetPropertyPure(cx, obj, NameToId(name), &v))
++    if (!GetPropertyPure(cx, obj, NameToId(name), &v)) {
+         return false;
++    }
+ 
+     return IsNativeFunction(v, native);
+ }
+ 
+ // Return whether 'obj' definitely has no @@toPrimitive method.
+ static MOZ_ALWAYS_INLINE bool
+ HasNoToPrimitiveMethodPure(JSObject* obj, JSContext* cx)
+ {
+@@ -550,31 +574,33 @@ HasNoToPrimitiveMethodPure(JSObject* obj
+         MOZ_ASSERT(LookupPropertyPure(cx, obj, SYMBOL_TO_JSID(toPrimitive), &pobj, &prop));
+         MOZ_ASSERT(!prop);
+ #endif
+         return true;
+     }
+ 
+     JSObject* pobj;
+     PropertyResult prop;
+-    if (!LookupPropertyPure(cx, holder, SYMBOL_TO_JSID(toPrimitive), &pobj, &prop))
++    if (!LookupPropertyPure(cx, holder, SYMBOL_TO_JSID(toPrimitive), &pobj, &prop)) {
+         return false;
++    }
+ 
+     return !prop;
+ }
+ 
+ extern bool
+ ToPropertyKeySlow(JSContext* cx, HandleValue argument, MutableHandleId result);
+ 
+ /* ES6 draft rev 28 (2014 Oct 14) 7.1.14 */
+ MOZ_ALWAYS_INLINE bool
+ ToPropertyKey(JSContext* cx, HandleValue argument, MutableHandleId result)
+ {
+-    if (MOZ_LIKELY(argument.isPrimitive()))
++    if (MOZ_LIKELY(argument.isPrimitive())) {
+         return ValueToId<CanGC>(cx, argument, result);
++    }
+ 
+     return ToPropertyKeySlow(cx, argument, result);
+ }
+ 
+ /*
+  * Return true if this is a compiler-created internal function accessed by
+  * its own object. Such a function object must not be accessible to script
+  * or embedding code.
+@@ -768,26 +794,28 @@ NewObjectWithGroup(JSContext* cx, Handle
+ /*
+  * As for gc::GetGCObjectKind, where numElements is a guess at the final size of
+  * the object, zero if the final size is unknown. This should only be used for
+  * objects that do not require any fixed slots.
+  */
+ static inline gc::AllocKind
+ GuessObjectGCKind(size_t numElements)
+ {
+-    if (numElements)
++    if (numElements) {
+         return gc::GetGCObjectKind(numElements);
++    }
+     return gc::AllocKind::OBJECT4;
+ }
+ 
+ static inline gc::AllocKind
+ GuessArrayGCKind(size_t numElements)
+ {
+-    if (numElements)
++    if (numElements) {
+         return gc::GetGCArrayKind(numElements);
++    }
+     return gc::AllocKind::OBJECT8;
+ }
+ 
+ // Returns ESClass::Other if the value isn't an object, or if the object
+ // isn't of one of the enumerated classes.  Otherwise returns the appropriate
+ // class.
+ inline bool
+ GetClassOfValue(JSContext* cx, HandleValue v, ESClass* cls)
+@@ -808,18 +836,19 @@ InitClass(JSContext* cx, HandleObject ob
+           const JSPropertySpec* static_ps, const JSFunctionSpec* static_fs,
+           NativeObject** ctorp = nullptr);
+ 
+ MOZ_ALWAYS_INLINE const char*
+ GetObjectClassName(JSContext* cx, HandleObject obj)
+ {
+     cx->check(obj);
+ 
+-    if (obj->is<ProxyObject>())
++    if (obj->is<ProxyObject>()) {
+         return Proxy::className(cx, obj);
++    }
+ 
+     return obj->getClass()->name;
+ }
+ 
+ inline bool
+ IsCallable(const Value& v)
+ {
+     return v.isObject() && v.toObject().isCallable();
+@@ -845,30 +874,32 @@ CreateThis(JSContext* cx, HandleObject c
+         MOZ_ASSERT(callee->as<JSFunction>().isClassConstructor());
+         thisv.setMagic(JS_UNINITIALIZED_LEXICAL);
+         return true;
+     }
+ 
+     MOZ_ASSERT(thisv.isMagic(JS_IS_CONSTRUCTING));
+ 
+     JSObject* obj = CreateThisForFunction(cx, callee, newTarget, newKind);
+-    if (!obj)
++    if (!obj) {
+         return false;
++    }
+ 
+     thisv.setObject(*obj);
+     return true;
+ }
+ 
+ } /* namespace js */
+ 
+ MOZ_ALWAYS_INLINE bool
+ JSObject::isCallable() const
+ {
+-    if (is<JSFunction>())
++    if (is<JSFunction>()) {
+         return true;
++    }
+     if (is<js::ProxyObject>()) {
+         const js::ProxyObject& p = as<js::ProxyObject>();
+         return p.handler()->isCallable(const_cast<JSObject*>(this));
+     }
+     return callHook() != nullptr;
+ }
+ 
+ MOZ_ALWAYS_INLINE bool
+diff --git a/js/src/vm/JSObject.cpp b/js/src/vm/JSObject.cpp
+--- a/js/src/vm/JSObject.cpp
++++ b/js/src/vm/JSObject.cpp
+@@ -110,30 +110,37 @@ js::ReportNotObjectWithName(JSContext* c
+         JS_ReportErrorNumberLatin1(cx, GetErrorMessage, nullptr, JSMSG_NOT_NONNULL_OBJECT_NAME,
+                                    name, chars);
+     }
+ }
+ 
+ JS_PUBLIC_API(const char*)
+ JS::InformalValueTypeName(const Value& v)
+ {
+-    if (v.isObject())
++    if (v.isObject()) {
+         return v.toObject().getClass()->name;
+-    if (v.isString())
++    }
++    if (v.isString()) {
+         return "string";
+-    if (v.isSymbol())
++    }
++    if (v.isSymbol()) {
+         return "symbol";
+-    if (v.isNumber())
++    }
++    if (v.isNumber()) {
+         return "number";
+-    if (v.isBoolean())
++    }
++    if (v.isBoolean()) {
+         return "boolean";
+-    if (v.isNull())
++    }
++    if (v.isNull()) {
+         return "null";
+-    if (v.isUndefined())
++    }
++    if (v.isUndefined()) {
+         return "undefined";
++    }
+     return "value";
+ }
+ 
+ // ES6 draft rev37 6.2.4.4 FromPropertyDescriptor
+ JS_PUBLIC_API(bool)
+ JS::FromPropertyDescriptor(JSContext* cx, Handle<PropertyDescriptor> desc, MutableHandleValue vp)
+ {
+     AssertHeapIsIdle();
+@@ -150,67 +157,76 @@ JS::FromPropertyDescriptor(JSContext* cx
+ }
+ 
+ bool
+ js::FromPropertyDescriptorToObject(JSContext* cx, Handle<PropertyDescriptor> desc,
+                                    MutableHandleValue vp)
+ {
+     // Step 2-3.
+     RootedObject obj(cx, NewBuiltinClassInstance<PlainObject>(cx));
+-    if (!obj)
++    if (!obj) {
+         return false;
++    }
+ 
+     const JSAtomState& names = cx->names();
+ 
+     // Step 4.
+     if (desc.hasValue()) {
+-        if (!DefineDataProperty(cx, obj, names.value, desc.value()))
++        if (!DefineDataProperty(cx, obj, names.value, desc.value())) {
+             return false;
++        }
+     }
+ 
+     // Step 5.
+     RootedValue v(cx);
+     if (desc.hasWritable()) {
+         v.setBoolean(desc.writable());
+-        if (!DefineDataProperty(cx, obj, names.writable, v))
++        if (!DefineDataProperty(cx, obj, names.writable, v)) {
+             return false;
++        }
+     }
+ 
+     // Step 6.
+     if (desc.hasGetterObject()) {
+-        if (JSObject* get = desc.getterObject())
++        if (JSObject* get = desc.getterObject()) {
+             v.setObject(*get);
+-        else
++        } else {
+             v.setUndefined();
+-        if (!DefineDataProperty(cx, obj, names.get, v))
++        }
++        if (!DefineDataProperty(cx, obj, names.get, v)) {
+             return false;
++        }
+     }
+ 
+     // Step 7.
+     if (desc.hasSetterObject()) {
+-        if (JSObject* set = desc.setterObject())
++        if (JSObject* set = desc.setterObject()) {
+             v.setObject(*set);
+-        else
++        } else {
+             v.setUndefined();
+-        if (!DefineDataProperty(cx, obj, names.set, v))
++        }
++        if (!DefineDataProperty(cx, obj, names.set, v)) {
+             return false;
++        }
+     }
+ 
+     // Step 8.
+     if (desc.hasEnumerable()) {
+         v.setBoolean(desc.enumerable());
+-        if (!DefineDataProperty(cx, obj, names.enumerable, v))
++        if (!DefineDataProperty(cx, obj, names.enumerable, v)) {
+             return false;
++        }
+     }
+ 
+     // Step 9.
+     if (desc.hasConfigurable()) {
+         v.setBoolean(desc.configurable());
+-        if (!DefineDataProperty(cx, obj, names.configurable, v))
++        if (!DefineDataProperty(cx, obj, names.configurable, v)) {
+             return false;
++        }
+     }
+ 
+     vp.setObject(*obj);
+     return true;
+ }
+ 
+ bool
+ js::GetFirstArgumentAsObject(JSContext* cx, const CallArgs& args, const char* method,
+@@ -220,55 +236,59 @@ js::GetFirstArgumentAsObject(JSContext* 
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_MORE_ARGS_NEEDED,
+                                   method, "0", "s");
+         return false;
+     }
+ 
+     HandleValue v = args[0];
+     if (!v.isObject()) {
+         UniqueChars bytes = DecompileValueGenerator(cx, JSDVG_SEARCH_STACK, v, nullptr);
+-        if (!bytes)
++        if (!bytes) {
+             return false;
++        }
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, JSMSG_UNEXPECTED_TYPE,
+                                  bytes.get(), "not an object");
+         return false;
+     }
+ 
+     objp.set(&v.toObject());
+     return true;
+ }
+ 
+ static bool
+ GetPropertyIfPresent(JSContext* cx, HandleObject obj, HandleId id, MutableHandleValue vp,
+                      bool* foundp)
+ {
+-    if (!HasProperty(cx, obj, id, foundp))
++    if (!HasProperty(cx, obj, id, foundp)) {
+         return false;
++    }
+     if (!*foundp) {
+         vp.setUndefined();
+         return true;
+     }
+ 
+     return GetProperty(cx, obj, obj, id, vp);
+ }
+ 
+ bool
+ js::Throw(JSContext* cx, HandleId id, unsigned errorNumber, const char* details)
+ {
+     MOZ_ASSERT(js_ErrorFormatString[errorNumber].argCount == (details ? 2 : 1));
+     MOZ_ASSERT_IF(details, JS::StringIsASCII(details));
+ 
+     UniqueChars bytes = IdToPrintableUTF8(cx, id, IdToPrintableBehavior::IdIsPropertyKey);
+-    if (!bytes)
++    if (!bytes) {
+         return false;
+-
+-    if (details)
++    }
++
++    if (details) {
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, errorNumber, bytes.get(), details);
+-    else
++    } else {
+         JS_ReportErrorNumberUTF8(cx, GetErrorMessage, nullptr, errorNumber, bytes.get());
++    }
+ 
+     return false;
+ }
+ 
+ 
+ /*** PropertyDescriptor operations and DefineProperties ******************************************/
+ 
+ static const char js_getter_str[] = "getter";
+@@ -286,97 +306,110 @@ CheckCallable(JSContext* cx, JSObject* o
+ }
+ 
+ bool
+ js::ToPropertyDescriptor(JSContext* cx, HandleValue descval, bool checkAccessors,
+                          MutableHandle<PropertyDescriptor> desc)
+ {
+     // step 2
+     RootedObject obj(cx, NonNullObjectWithName(cx, "property descriptor", descval));
+-    if (!obj)
++    if (!obj) {
+         return false;
++    }
+ 
+     // step 3
+     desc.clear();
+ 
+     bool found = false;
+     RootedId id(cx);
+     RootedValue v(cx);
+     unsigned attrs = 0;
+ 
+     // step 4
+     id = NameToId(cx->names().enumerable);
+-    if (!GetPropertyIfPresent(cx, obj, id, &v, &found))
++    if (!GetPropertyIfPresent(cx, obj, id, &v, &found)) {
+         return false;
++    }
+     if (found) {
+-        if (ToBoolean(v))
++        if (ToBoolean(v)) {
+             attrs |= JSPROP_ENUMERATE;
++        }
+     } else {
+         attrs |= JSPROP_IGNORE_ENUMERATE;
+     }
+ 
+     // step 5
+     id = NameToId(cx->names().configurable);
+-    if (!GetPropertyIfPresent(cx, obj, id, &v, &found))
++    if (!GetPropertyIfPresent(cx, obj, id, &v, &found)) {
+         return false;
++    }
+     if (found) {
+-        if (!ToBoolean(v))
++        if (!ToBoolean(v)) {
+             attrs |= JSPROP_PERMANENT;
++        }
+     } else {
+         attrs |= JSPROP_IGNORE_PERMANENT;
+     }
+ 
+     // step 6
+     id = NameToId(cx->names().value);
+-    if (!GetPropertyIfPresent(cx, obj, id, &v, &found))
++    if (!GetPropertyIfPresent(cx, obj, id, &v, &found)) {
+         return false;
+-    if (found)
++    }
++    if (found) {
+         desc.value().set(v);
+-    else
++    } else {
+         attrs |= JSPROP_IGNORE_VALUE;
++    }
+ 
+     // step 7
+     id = NameToId(cx->names().writable);
+-    if (!GetPropertyIfPresent(cx, obj, id, &v, &found))
++    if (!GetPropertyIfPresent(cx, obj, id, &v, &found)) {
+         return false;
++    }
+     if (found) {
+-        if (!ToBoolean(v))
++        if (!ToBoolean(v)) {
+             attrs |= JSPROP_READONLY;
++        }
+     } else {
+         attrs |= JSPROP_IGNORE_READONLY;
+     }
+ 
+     // step 8
+     bool hasGetOrSet;
+     id = NameToId(cx->names().get);
+-    if (!GetPropertyIfPresent(cx, obj, id, &v, &found))
++    if (!GetPropertyIfPresent(cx, obj, id, &v, &found)) {
+         return false;
++    }
+     hasGetOrSet = found;
+     if (found) {
+         if (v.isObject()) {
+-            if (checkAccessors)
++            if (checkAccessors) {
+                 JS_TRY_OR_RETURN_FALSE(cx, CheckCallable(cx, &v.toObject(), js_getter_str));
++            }
+             desc.setGetterObject(&v.toObject());
+         } else if (!v.isUndefined()) {
+             JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_BAD_GET_SET_FIELD,
+                                       js_getter_str);
+             return false;
+         }
+         attrs |= JSPROP_GETTER;
+     }
+ 
+     // step 9
+     id = NameToId(cx->names().set);
+-    if (!GetPropertyIfPresent(cx, obj, id, &v, &found))
++    if (!GetPropertyIfPresent(cx, obj, id, &v, &found)) {
+         return false;
++    }
+     hasGetOrSet |= found;
+     if (found) {
+         if (v.isObject()) {
+-            if (checkAccessors)
++            if (checkAccessors) {
+                 JS_TRY_OR_RETURN_FALSE(cx, CheckCallable(cx, &v.toObject(), js_setter_str));
++            }
+             desc.setSetterObject(&v.toObject());
+         } else if (!v.isUndefined()) {
+             JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_BAD_GET_SET_FIELD,
+                                       js_setter_str);
+             return false;
+         }
+         attrs |= JSPROP_SETTER;
+     }
+@@ -395,54 +428,61 @@ js::ToPropertyDescriptor(JSContext* cx, 
+     desc.setAttributes(attrs);
+     MOZ_ASSERT_IF(attrs & JSPROP_READONLY, !(attrs & (JSPROP_GETTER | JSPROP_SETTER)));
+     return true;
+ }
+ 
+ Result<>
+ js::CheckPropertyDescriptorAccessors(JSContext* cx, Handle<PropertyDescriptor> desc)
+ {
+-    if (desc.hasGetterObject())
++    if (desc.hasGetterObject()) {
+         MOZ_TRY(CheckCallable(cx, desc.getterObject(), js_getter_str));
+-
+-    if (desc.hasSetterObject())
++    }
++
++    if (desc.hasSetterObject()) {
+         MOZ_TRY(CheckCallable(cx, desc.setterObject(), js_setter_str));
++    }
+ 
+     return Ok();
+ }
+ 
+ void
+ js::CompletePropertyDescriptor(MutableHandle<PropertyDescriptor> desc)
+ {
+     desc.assertValid();
+ 
+     if (desc.isGenericDescriptor() || desc.isDataDescriptor()) {
+-        if (!desc.hasWritable())
++        if (!desc.hasWritable()) {
+             desc.attributesRef() |= JSPROP_READONLY;
++        }
+         desc.attributesRef() &= ~(JSPROP_IGNORE_READONLY | JSPROP_IGNORE_VALUE);
+     } else {
+-        if (!desc.hasGetterObject())
++        if (!desc.hasGetterObject()) {
+             desc.setGetterObject(nullptr);
+-        if (!desc.hasSetterObject())
++        }
++        if (!desc.hasSetterObject()) {
+             desc.setSetterObject(nullptr);
++        }
+         desc.attributesRef() |= JSPROP_GETTER | JSPROP_SETTER;
+     }
+-    if (!desc.hasConfigurable())
++    if (!desc.hasConfigurable()) {
+         desc.attributesRef() |= JSPROP_PERMANENT;
++    }
+     desc.attributesRef() &= ~(JSPROP_IGNORE_PERMANENT | JSPROP_IGNORE_ENUMERATE);
+ 
+     desc.assertComplete();
+ }
+ 
+ bool
+ js::ReadPropertyDescriptors(JSContext* cx, HandleObject props, bool checkAccessors,
+                             AutoIdVector* ids, MutableHandle<PropertyDescriptorVector> descs)
+ {
+-    if (!GetPropertyKeys(cx, props, JSITER_OWNONLY | JSITER_SYMBOLS, ids))
++    if (!GetPropertyKeys(cx, props, JSITER_OWNONLY | JSITER_SYMBOLS, ids)) {
+         return false;
++    }
+ 
+     RootedId id(cx);
+     for (size_t i = 0, len = ids->length(); i < len; i++) {
+         id = (*ids)[i];
+         Rooted<PropertyDescriptor> desc(cx);
+         RootedValue v(cx);
+         if (!GetProperty(cx, props, props, id, &v) ||
+             !ToPropertyDescriptor(cx, v, checkAccessors, &desc) ||
+@@ -455,84 +495,91 @@ js::ReadPropertyDescriptors(JSContext* c
+ }
+ 
+ /*** Seal and freeze *****************************************************************************/
+ 
+ static unsigned
+ GetSealedOrFrozenAttributes(unsigned attrs, IntegrityLevel level)
+ {
+     /* Make all attributes permanent; if freezing, make data attributes read-only. */
+-    if (level == IntegrityLevel::Frozen && !(attrs & (JSPROP_GETTER | JSPROP_SETTER)))
++    if (level == IntegrityLevel::Frozen && !(attrs & (JSPROP_GETTER | JSPROP_SETTER))) {
+         return JSPROP_PERMANENT | JSPROP_READONLY;
++    }
+     return JSPROP_PERMANENT;
+ }
+ 
+ /* ES6 draft rev 29 (6 Dec 2014) 7.3.13. */
+ bool
+ js::SetIntegrityLevel(JSContext* cx, HandleObject obj, IntegrityLevel level)
+ {
+     cx->check(obj);
+ 
+     // Steps 3-5. (Steps 1-2 are redundant assertions.)
+-    if (!PreventExtensions(cx, obj))
++    if (!PreventExtensions(cx, obj)) {
+         return false;
++    }
+ 
+     // Steps 6-9, loosely interpreted.
+     if (obj->isNative() && !obj->as<NativeObject>().inDictionaryMode() &&
+         !obj->is<TypedArrayObject>() && !obj->is<MappedArgumentsObject>())
+     {
+         HandleNativeObject nobj = obj.as<NativeObject>();
+ 
+         // Seal/freeze non-dictionary objects by constructing a new shape
+         // hierarchy mirroring the original one, which can be shared if many
+         // objects with the same structure are sealed/frozen. If we use the
+         // generic path below then any non-empty object will be converted to
+         // dictionary mode.
+         RootedShape last(cx, EmptyShape::getInitialShape(cx, nobj->getClass(),
+                                                          nobj->taggedProto(),
+                                                          nobj->numFixedSlots(),
+                                                          nobj->lastProperty()->getObjectFlags()));
+-        if (!last)
++        if (!last) {
+             return false;
++        }
+ 
+         // Get an in-order list of the shapes in this object.
+         using ShapeVec = GCVector<Shape*, 8>;
+         Rooted<ShapeVec> shapes(cx, ShapeVec(cx));
+         for (Shape::Range<NoGC> r(nobj->lastProperty()); !r.empty(); r.popFront()) {
+-            if (!shapes.append(&r.front()))
++            if (!shapes.append(&r.front())) {
+                 return false;
++            }
+         }
+         Reverse(shapes.begin(), shapes.end());
+ 
+         for (Shape* shape : shapes) {
+             Rooted<StackShape> child(cx, StackShape(shape));
+             child.setAttrs(child.attrs() | GetSealedOrFrozenAttributes(child.attrs(), level));
+ 
+-            if (!JSID_IS_EMPTY(child.get().propid) && level == IntegrityLevel::Frozen)
++            if (!JSID_IS_EMPTY(child.get().propid) && level == IntegrityLevel::Frozen) {
+                 MarkTypePropertyNonWritable(cx, nobj, child.get().propid);
++            }
+ 
+             last = cx->zone()->propertyTree().getChild(cx, last, child);
+-            if (!last)
++            if (!last) {
+                 return false;
++            }
+         }
+ 
+         MOZ_ASSERT(nobj->lastProperty()->slotSpan() == last->slotSpan());
+         MOZ_ALWAYS_TRUE(nobj->setLastProperty(cx, last));
+ 
+         // Ordinarily ArraySetLength handles this, but we're going behind its back
+         // right now, so we must do this manually.
+         if (level == IntegrityLevel::Frozen && obj->is<ArrayObject>()) {
+             MOZ_ASSERT(!nobj->denseElementsAreCopyOnWrite());
+             obj->as<ArrayObject>().setNonWritableLength(cx);
+         }
+     } else {
+         // Steps 6-7.
+         AutoIdVector keys(cx);
+-        if (!GetPropertyKeys(cx, obj, JSITER_HIDDEN | JSITER_OWNONLY | JSITER_SYMBOLS, &keys))
++        if (!GetPropertyKeys(cx, obj, JSITER_HIDDEN | JSITER_OWNONLY | JSITER_SYMBOLS, &keys)) {
+             return false;
++        }
+ 
+         RootedId id(cx);
+         Rooted<PropertyDescriptor> desc(cx);
+ 
+         const unsigned AllowConfigure = JSPROP_IGNORE_ENUMERATE | JSPROP_IGNORE_READONLY |
+                                         JSPROP_IGNORE_VALUE;
+         const unsigned AllowConfigureAndWritable = AllowConfigure & ~JSPROP_IGNORE_READONLY;
+ 
+@@ -541,87 +588,97 @@ js::SetIntegrityLevel(JSContext* cx, Han
+             id = keys[i];
+ 
+             if (level == IntegrityLevel::Sealed) {
+                 // 8.a.i.
+                 desc.setAttributes(AllowConfigure | JSPROP_PERMANENT);
+             } else {
+                 // 9.a.i-ii.
+                 Rooted<PropertyDescriptor> currentDesc(cx);
+-                if (!GetOwnPropertyDescriptor(cx, obj, id, &currentDesc))
++                if (!GetOwnPropertyDescriptor(cx, obj, id, &currentDesc)) {
+                     return false;
++                }
+ 
+                 // 9.a.iii.
+-                if (!currentDesc.object())
++                if (!currentDesc.object()) {
+                     continue;
++                }
+ 
+                 // 9.a.iii.1-2
+-                if (currentDesc.isAccessorDescriptor())
++                if (currentDesc.isAccessorDescriptor()) {
+                     desc.setAttributes(AllowConfigure | JSPROP_PERMANENT);
+-                else
++                } else {
+                     desc.setAttributes(AllowConfigureAndWritable | JSPROP_PERMANENT | JSPROP_READONLY);
++                }
+             }
+ 
+             // 8.a.i-ii. / 9.a.iii.3-4
+-            if (!DefineProperty(cx, obj, id, desc))
++            if (!DefineProperty(cx, obj, id, desc)) {
+                 return false;
++            }
+         }
+     }
+ 
+     // Finally, freeze or seal the dense elements.
+-    if (obj->isNative())
++    if (obj->isNative()) {
+         ObjectElements::FreezeOrSeal(cx, &obj->as<NativeObject>(), level);
++    }
+ 
+     return true;
+ }
+ 
+ static bool
+ ResolveLazyProperties(JSContext* cx, HandleNativeObject obj)
+ {
+     const Class* clasp = obj->getClass();
+     if (JSEnumerateOp enumerate = clasp->getEnumerate()) {
+-        if (!enumerate(cx, obj))
++        if (!enumerate(cx, obj)) {
+             return false;
++        }
+     }
+     if (clasp->getNewEnumerate() && clasp->getResolve()) {
+         AutoIdVector properties(cx);
+-        if (!clasp->getNewEnumerate()(cx, obj, properties, /* enumerableOnly = */ false))
++        if (!clasp->getNewEnumerate()(cx, obj, properties, /* enumerableOnly = */ false)) {
+             return false;
++        }
+ 
+         RootedId id(cx);
+         for (size_t i = 0; i < properties.length(); i++) {
+             id = properties[i];
+             bool found;
+-            if (!HasOwnProperty(cx, obj, id, &found))
++            if (!HasOwnProperty(cx, obj, id, &found)) {
+                 return false;
++            }
+         }
+     }
+     return true;
+ }
+ 
+ // ES6 draft rev33 (12 Feb 2015) 7.3.15
+ bool
+ js::TestIntegrityLevel(JSContext* cx, HandleObject obj, IntegrityLevel level, bool* result)
+ {
+     // Steps 3-6. (Steps 1-2 are redundant assertions.)
+     bool status;
+-    if (!IsExtensible(cx, obj, &status))
++    if (!IsExtensible(cx, obj, &status)) {
+         return false;
++    }
+     if (status) {
+         *result = false;
+         return true;
+     }
+ 
+     // Fast path for native objects.
+     if (obj->isNative()) {
+         HandleNativeObject nobj = obj.as<NativeObject>();
+ 
+         // Force lazy properties to be resolved.
+-        if (!ResolveLazyProperties(cx, nobj))
++        if (!ResolveLazyProperties(cx, nobj)) {
+             return false;
++        }
+ 
+         // Typed array elements are non-configurable, writable properties, so
+         // if any elements are present, the typed array cannot be frozen.
+         if (nobj->is<TypedArrayObject>() && nobj->as<TypedArrayObject>().length() > 0 &&
+             level == IntegrityLevel::Frozen)
+         {
+             *result = false;
+             return true;
+@@ -660,32 +717,35 @@ js::TestIntegrityLevel(JSContext* cx, Ha
+             {
+                 *result = false;
+                 return true;
+             }
+         }
+     } else {
+         // Steps 7-8.
+         AutoIdVector props(cx);
+-        if (!GetPropertyKeys(cx, obj, JSITER_HIDDEN | JSITER_OWNONLY | JSITER_SYMBOLS, &props))
++        if (!GetPropertyKeys(cx, obj, JSITER_HIDDEN | JSITER_OWNONLY | JSITER_SYMBOLS, &props)) {
+             return false;
++        }
+ 
+         // Step 9.
+         RootedId id(cx);
+         Rooted<PropertyDescriptor> desc(cx);
+         for (size_t i = 0, len = props.length(); i < len; i++) {
+             id = props[i];
+ 
+             // Steps 9.a-b.
+-            if (!GetOwnPropertyDescriptor(cx, obj, id, &desc))
++            if (!GetOwnPropertyDescriptor(cx, obj, id, &desc)) {
+                 return false;
++            }
+ 
+             // Step 9.c.
+-            if (!desc.object())
++            if (!desc.object()) {
+                 continue;
++            }
+ 
+             // Steps 9.c.i-ii.
+             if (desc.configurable() ||
+                 (level == IntegrityLevel::Frozen && desc.isDataDescriptor() && desc.writable()))
+             {
+                 *result = false;
+                 return true;
+             }
+@@ -702,20 +762,22 @@ js::TestIntegrityLevel(JSContext* cx, Ha
+ 
+ /*
+  * Get the GC kind to use for scripted 'new' on the given class.
+  * FIXME bug 547327: estimate the size from the allocation site.
+  */
+ static inline gc::AllocKind
+ NewObjectGCKind(const js::Class* clasp)
+ {
+-    if (clasp == &ArrayObject::class_)
++    if (clasp == &ArrayObject::class_) {
+         return gc::AllocKind::OBJECT8;
+-    if (clasp == &JSFunction::class_)
++    }
++    if (clasp == &JSFunction::class_) {
+         return gc::AllocKind::OBJECT2;
++    }
+     return gc::AllocKind::OBJECT4;
+ }
+ 
+ static inline JSObject*
+ NewObject(JSContext* cx, HandleObjectGroup group, gc::AllocKind kind,
+           NewObjectKind newKind, uint32_t initialShapeFlags = 0)
+ {
+     const Class* clasp = group->clasp();
+@@ -728,35 +790,37 @@ NewObject(JSContext* cx, HandleObjectGro
+     // enough fixed slots to cover the number of reserved slots in the object,
+     // regardless of the allocation kind specified.
+     size_t nfixed = ClassCanHaveFixedData(clasp)
+                     ? GetGCKindSlots(gc::GetGCObjectKind(clasp), clasp)
+                     : GetGCKindSlots(kind, clasp);
+ 
+     RootedShape shape(cx, EmptyShape::getInitialShape(cx, clasp, group->proto(), nfixed,
+                                                       initialShapeFlags));
+-    if (!shape)
++    if (!shape) {
+         return nullptr;
++    }
+ 
+     gc::InitialHeap heap = GetInitialHeap(newKind, clasp);
+ 
+     JSObject* obj;
+     if (clasp->isJSFunction()) {
+         JS_TRY_VAR_OR_RETURN_NULL(cx, obj, JSFunction::create(cx, kind, heap, shape, group));
+     } else if (MOZ_LIKELY(clasp->isNative())) {
+         JS_TRY_VAR_OR_RETURN_NULL(cx, obj, NativeObject::create(cx, kind, heap, shape, group));
+     } else {
+         MOZ_ASSERT(IsTypedObjectClass(clasp));
+         JS_TRY_VAR_OR_RETURN_NULL(cx, obj, TypedObject::create(cx, kind, heap, shape, group));
+     }
+ 
+     if (newKind == SingletonObject) {
+         RootedObject nobj(cx, obj);
+-        if (!JSObject::setSingleton(cx, nobj))
++        if (!JSObject::setSingleton(cx, nobj)) {
+             return nullptr;
++        }
+         obj = nobj;
+     }
+ 
+     probes::CreateObject(cx, obj);
+     return obj;
+ }
+ 
+ void
+@@ -780,37 +844,41 @@ js::NewObjectWithTaggedProtoIsCachable(J
+ }
+ 
+ JSObject*
+ js::NewObjectWithGivenTaggedProto(JSContext* cx, const Class* clasp,
+                                   Handle<TaggedProto> proto,
+                                   gc::AllocKind allocKind, NewObjectKind newKind,
+                                   uint32_t initialShapeFlags)
+ {
+-    if (CanBeFinalizedInBackground(allocKind, clasp))
++    if (CanBeFinalizedInBackground(allocKind, clasp)) {
+         allocKind = GetBackgroundAllocKind(allocKind);
++    }
+ 
+     bool isCachable = NewObjectWithTaggedProtoIsCachable(cx, proto, newKind, clasp);
+     if (isCachable) {
+         NewObjectCache& cache = cx->caches().newObjectCache;
+         NewObjectCache::EntryIndex entry = -1;
+         if (cache.lookupProto(clasp, proto.toObject(), allocKind, &entry)) {
+             JSObject* obj = cache.newObjectFromHit(cx, entry, GetInitialHeap(newKind, clasp));
+-            if (obj)
++            if (obj) {
+                 return obj;
++            }
+         }
+     }
+ 
+     RootedObjectGroup group(cx, ObjectGroup::defaultNewGroup(cx, clasp, proto, nullptr));
+-    if (!group)
++    if (!group) {
+         return nullptr;
++    }
+ 
+     RootedObject obj(cx, NewObject(cx, group, allocKind, newKind, initialShapeFlags));
+-    if (!obj)
++    if (!obj) {
+         return nullptr;
++    }
+ 
+     if (isCachable && !obj->as<NativeObject>().hasDynamicSlots()) {
+         NewObjectCache& cache = cx->caches().newObjectCache;
+         NewObjectCache::EntryIndex entry = -1;
+         cache.lookupProto(clasp, proto.toObject(), allocKind, &entry);
+         cache.fillProto(entry, clasp, proto, allocKind, &obj->as<NativeObject>());
+     }
+ 
+@@ -824,53 +892,60 @@ NewObjectIsCachable(JSContext* cx, NewOb
+            newKind == GenericObject &&
+            clasp->isNative();
+ }
+ 
+ JSObject*
+ js::NewObjectWithClassProtoCommon(JSContext* cx, const Class* clasp, HandleObject protoArg,
+                                   gc::AllocKind allocKind, NewObjectKind newKind)
+ {
+-    if (protoArg)
++    if (protoArg) {
+         return NewObjectWithGivenTaggedProto(cx, clasp, AsTaggedProto(protoArg), allocKind, newKind);
+-
+-    if (CanBeFinalizedInBackground(allocKind, clasp))
++    }
++
++    if (CanBeFinalizedInBackground(allocKind, clasp)) {
+         allocKind = GetBackgroundAllocKind(allocKind);
++    }
+ 
+     Handle<GlobalObject*> global = cx->global();
+ 
+     bool isCachable = NewObjectIsCachable(cx, newKind, clasp);
+     if (isCachable) {
+         NewObjectCache& cache = cx->caches().newObjectCache;
+         NewObjectCache::EntryIndex entry = -1;
+         if (cache.lookupGlobal(clasp, global, allocKind, &entry)) {
+             gc::InitialHeap heap = GetInitialHeap(newKind, clasp);
+             JSObject* obj = cache.newObjectFromHit(cx, entry, heap);
+-            if (obj)
++            if (obj) {
+                 return obj;
++            }
+         }
+     }
+ 
+     // Find the appropriate proto for clasp. Built-in classes have a cached
+     // proto on cx->global(); all others get %ObjectPrototype%.
+     JSProtoKey protoKey = JSCLASS_CACHED_PROTO_KEY(clasp);
+-    if (protoKey == JSProto_Null)
++    if (protoKey == JSProto_Null) {
+         protoKey = JSProto_Object;
++    }
+ 
+     JSObject* proto = GlobalObject::getOrCreatePrototype(cx, protoKey);
+-    if (!proto)
++    if (!proto) {
+         return nullptr;
++    }
+ 
+     RootedObjectGroup group(cx, ObjectGroup::defaultNewGroup(cx, clasp, TaggedProto(proto)));
+-    if (!group)
++    if (!group) {
+         return nullptr;
++    }
+ 
+     JSObject* obj = NewObject(cx, group, allocKind, newKind);
+-    if (!obj)
++    if (!obj) {
+         return nullptr;
++    }
+ 
+     if (isCachable && !obj->as<NativeObject>().hasDynamicSlots()) {
+         NewObjectCache& cache = cx->caches().newObjectCache;
+         NewObjectCache::EntryIndex entry = -1;
+         cache.lookupGlobal(clasp, global, allocKind, &entry);
+         cache.fillGlobal(entry, clasp, global, allocKind, &obj->as<NativeObject>());
+     }
+ 
+@@ -897,34 +972,37 @@ NewObjectWithGroupIsCachable(JSContext* 
+  * Create a plain object with the specified group. This bypasses getNewGroup to
+  * avoid losing creation site information for objects made by scripted 'new'.
+  */
+ JSObject*
+ js::NewObjectWithGroupCommon(JSContext* cx, HandleObjectGroup group,
+                              gc::AllocKind allocKind, NewObjectKind newKind)
+ {
+     MOZ_ASSERT(gc::IsObjectAllocKind(allocKind));
+-    if (CanBeFinalizedInBackground(allocKind, group->clasp()))
++    if (CanBeFinalizedInBackground(allocKind, group->clasp())) {
+         allocKind = GetBackgroundAllocKind(allocKind);
++    }
+ 
+     bool isCachable = NewObjectWithGroupIsCachable(cx, group, newKind);
+     if (isCachable) {
+         NewObjectCache& cache = cx->caches().newObjectCache;
+         NewObjectCache::EntryIndex entry = -1;
+         if (cache.lookupGroup(group, allocKind, &entry)) {
+             JSObject* obj = cache.newObjectFromHit(cx, entry,
+                                                    GetInitialHeap(newKind, group->clasp()));
+-            if (obj)
++            if (obj) {
+                 return obj;
++            }
+         }
+     }
+ 
+     JSObject* obj = NewObject(cx, group, allocKind, newKind);
+-    if (!obj)
++    if (!obj) {
+         return nullptr;
++    }
+ 
+     if (isCachable && !obj->as<NativeObject>().hasDynamicSlots()) {
+         NewObjectCache& cache = cx->caches().newObjectCache;
+         NewObjectCache::EntryIndex entry = -1;
+         cache.lookupGroup(group, allocKind, &entry);
+         cache.fillGroup(entry, group, allocKind, &obj->as<NativeObject>());
+     }
+ 
+@@ -933,96 +1011,106 @@ js::NewObjectWithGroupCommon(JSContext* 
+ 
+ bool
+ js::NewObjectScriptedCall(JSContext* cx, MutableHandleObject pobj)
+ {
+     jsbytecode* pc;
+     RootedScript script(cx, cx->currentScript(&pc));
+     gc::AllocKind allocKind = NewObjectGCKind(&PlainObject::class_);
+     NewObjectKind newKind = GenericObject;
+-    if (script && ObjectGroup::useSingletonForAllocationSite(script, pc, &PlainObject::class_))
++    if (script && ObjectGroup::useSingletonForAllocationSite(script, pc, &PlainObject::class_)) {
+         newKind = SingletonObject;
++    }
+     RootedObject obj(cx, NewBuiltinClassInstance<PlainObject>(cx, allocKind, newKind));
+-    if (!obj)
++    if (!obj) {
+         return false;
++    }
+ 
+     if (script) {
+         /* Try to specialize the group of the object to the scripted call site. */
+-        if (!ObjectGroup::setAllocationSiteObjectGroup(cx, script, pc, obj, newKind == SingletonObject))
++        if (!ObjectGroup::setAllocationSiteObjectGroup(cx, script, pc, obj, newKind == SingletonObject)) {
+             return false;
++        }
+     }
+ 
+     pobj.set(obj);
+     return true;
+ }
+ 
+ JSObject*
+ js::CreateThis(JSContext* cx, const Class* newclasp, HandleObject callee)
+ {
+     RootedObject proto(cx);
+-    if (!GetPrototypeFromConstructor(cx, callee, &proto))
++    if (!GetPrototypeFromConstructor(cx, callee, &proto)) {
+         return nullptr;
++    }
+     gc::AllocKind kind = NewObjectGCKind(newclasp);
+     return NewObjectWithClassProto(cx, newclasp, proto, kind);
+ }
+ 
+ static inline JSObject*
+ CreateThisForFunctionWithGroup(JSContext* cx, HandleObjectGroup group,
+                                NewObjectKind newKind)
+ {
+     bool isUnboxed;
+     TypeNewScript* maybeNewScript;
+     {
+         AutoSweepObjectGroup sweep(group);
+         isUnboxed = group->maybeUnboxedLayout(sweep);
+         maybeNewScript = group->newScript(sweep);
+     }
+ 
+-    if (isUnboxed && newKind != SingletonObject)
++    if (isUnboxed && newKind != SingletonObject) {
+         return UnboxedPlainObject::create(cx, group, newKind);
++    }
+ 
+     if (maybeNewScript) {
+         if (maybeNewScript->analyzed()) {
+             // The definite properties analysis has been performed for this
+             // group, so get the shape and alloc kind to use from the
+             // TypeNewScript's template.
+             RootedPlainObject templateObject(cx, maybeNewScript->templateObject());
+             MOZ_ASSERT(templateObject->group() == group);
+ 
+             RootedPlainObject res(cx, CopyInitializerObject(cx, templateObject, newKind));
+-            if (!res)
++            if (!res) {
+                 return nullptr;
++            }
+ 
+             if (newKind == SingletonObject) {
+                 Rooted<TaggedProto> proto(cx, TaggedProto(templateObject->staticPrototype()));
+-                if (!JSObject::splicePrototype(cx, res, &PlainObject::class_, proto))
++                if (!JSObject::splicePrototype(cx, res, &PlainObject::class_, proto)) {
+                     return nullptr;
++                }
+             } else {
+                 res->setGroup(group);
+             }
+             return res;
+         }
+ 
+         // The initial objects registered with a TypeNewScript can't be in the
+         // nursery.
+-        if (newKind == GenericObject)
++        if (newKind == GenericObject) {
+             newKind = TenuredObject;
++        }
+ 
+         // Not enough objects with this group have been created yet, so make a
+         // plain object and register it with the group. Use the maximum number
+         // of fixed slots, as is also required by the TypeNewScript.
+         gc::AllocKind allocKind = GuessObjectGCKind(NativeObject::MAX_FIXED_SLOTS);
+         PlainObject* res = NewObjectWithGroup<PlainObject>(cx, group, allocKind, newKind);
+-        if (!res)
++        if (!res) {
+             return nullptr;
++        }
+ 
+         // Make sure group->newScript is still there.
+         AutoSweepObjectGroup sweep(group);
+-        if (newKind != SingletonObject && group->newScript(sweep))
++        if (newKind != SingletonObject && group->newScript(sweep)) {
+             group->newScript(sweep)->registerNewObject(res);
++        }
+ 
+         return res;
+     }
+ 
+     gc::AllocKind allocKind = NewObjectGCKind(&PlainObject::class_);
+ 
+     if (newKind == SingletonObject) {
+         Rooted<TaggedProto> protoRoot(cx, group->proto());
+@@ -1035,25 +1123,27 @@ JSObject*
+ js::CreateThisForFunctionWithProto(JSContext* cx, HandleObject callee, HandleObject newTarget,
+                                    HandleObject proto, NewObjectKind newKind /* = GenericObject */)
+ {
+     RootedObject res(cx);
+ 
+     if (proto) {
+         RootedObjectGroup group(cx, ObjectGroup::defaultNewGroup(cx, nullptr, TaggedProto(proto),
+                                                                  newTarget));
+-        if (!group)
++        if (!group) {
+             return nullptr;
++        }
+ 
+         {
+             AutoSweepObjectGroup sweep(group);
+             if (group->newScript(sweep) && !group->newScript(sweep)->analyzed()) {
+                 bool regenerate;
+-                if (!group->newScript(sweep)->maybeAnalyze(cx, group, &regenerate))
++                if (!group->newScript(sweep)->maybeAnalyze(cx, group, &regenerate)) {
+                     return nullptr;
++                }
+                 if (regenerate) {
+                     // The script was analyzed successfully and may have changed
+                     // the new type table, so refetch the group.
+                     group = ObjectGroup::defaultNewGroup(cx, nullptr, TaggedProto(proto),
+                                                          newTarget);
+                     AutoSweepObjectGroup sweepNewGroup(group);
+                     MOZ_ASSERT(group && group->newScript(sweepNewGroup));
+                 }
+@@ -1062,41 +1152,44 @@ js::CreateThisForFunctionWithProto(JSCon
+ 
+         res = CreateThisForFunctionWithGroup(cx, group, newKind);
+     } else {
+         res = NewBuiltinClassInstance<PlainObject>(cx, newKind);
+     }
+ 
+     if (res) {
+         JSScript* script = JSFunction::getOrCreateScript(cx, callee.as<JSFunction>());
+-        if (!script)
++        if (!script) {
+             return nullptr;
++        }
+         TypeScript::SetThis(cx, script, TypeSet::ObjectType(res));
+     }
+ 
+     return res;
+ }
+ 
+ bool
+ js::GetPrototypeFromConstructor(JSContext* cx, HandleObject newTarget, MutableHandleObject proto)
+ {
+     RootedValue protov(cx);
+-    if (!GetProperty(cx, newTarget, newTarget, cx->names().prototype, &protov))
++    if (!GetProperty(cx, newTarget, newTarget, cx->names().prototype, &protov)) {
+         return false;
++    }
+     proto.set(protov.isObject() ? &protov.toObject() : nullptr);
+     return true;
+ }
+ 
+ JSObject*
+ js::CreateThisForFunction(JSContext* cx, HandleObject callee, HandleObject newTarget,
+                           NewObjectKind newKind)
+ {
+     RootedObject proto(cx);
+-    if (!GetPrototypeFromConstructor(cx, newTarget, &proto))
++    if (!GetPrototypeFromConstructor(cx, newTarget, &proto)) {
+         return nullptr;
++    }
+ 
+     JSObject* obj = CreateThisForFunctionWithProto(cx, callee, newTarget, proto, newKind);
+ 
+     if (obj && newKind == SingletonObject) {
+         RootedPlainObject nobj(cx, &obj->as<PlainObject>());
+ 
+         /* Reshape the singleton before passing it as the 'this' value. */
+         NativeObject::clear(cx, nobj);
+@@ -1117,74 +1210,81 @@ JSObject::nonNativeSetProperty(JSContext
+     return obj->getOpsSetProperty()(cx, obj, id, v, receiver, result);
+ }
+ 
+ /* static */ bool
+ JSObject::nonNativeSetElement(JSContext* cx, HandleObject obj, uint32_t index, HandleValue v,
+                               HandleValue receiver, ObjectOpResult& result)
+ {
+     RootedId id(cx);
+-    if (!IndexToId(cx, index, &id))
++    if (!IndexToId(cx, index, &id)) {
+         return false;
++    }
+     return nonNativeSetProperty(cx, obj, id, v, receiver, result);
+ }
+ 
+ JS_FRIEND_API(bool)
+ JS_CopyPropertyFrom(JSContext* cx, HandleId id, HandleObject target,
+                     HandleObject obj, PropertyCopyBehavior copyBehavior)
+ {
+     // |target| must not be a CCW because we need to enter its realm below and
+     // CCWs are not associated with a single realm.
+     MOZ_ASSERT(!IsCrossCompartmentWrapper(target));
+ 
+     // |obj| and |cx| are generally not same-compartment with |target| here.
+     cx->check(obj, id);
+     Rooted<PropertyDescriptor> desc(cx);
+ 
+-    if (!GetOwnPropertyDescriptor(cx, obj, id, &desc))
++    if (!GetOwnPropertyDescriptor(cx, obj, id, &desc)) {
+         return false;
++    }
+     MOZ_ASSERT(desc.object());
+ 
+     // Silently skip JSGetterOp/JSSetterOp-implemented accessors.
+-    if (desc.getter() && !desc.hasGetterObject())
++    if (desc.getter() && !desc.hasGetterObject()) {
+         return true;
+-    if (desc.setter() && !desc.hasSetterObject())
++    }
++    if (desc.setter() && !desc.hasSetterObject()) {
+         return true;
++    }
+ 
+     if (copyBehavior == MakeNonConfigurableIntoConfigurable) {
+         // Mask off the JSPROP_PERMANENT bit.
+         desc.attributesRef() &= ~JSPROP_PERMANENT;
+     }
+ 
+     JSAutoRealm ar(cx, target);
+     cx->markId(id);
+     RootedId wrappedId(cx, id);
+-    if (!cx->compartment()->wrap(cx, &desc))
++    if (!cx->compartment()->wrap(cx, &desc)) {
+         return false;
++    }
+ 
+     return DefineProperty(cx, target, wrappedId, desc);
+ }
+ 
+ JS_FRIEND_API(bool)
+ JS_CopyPropertiesFrom(JSContext* cx, HandleObject target, HandleObject obj)
+ {
+     // Both |obj| and |target| must not be CCWs because we need to enter their
+     // realms below and CCWs are not associated with a single realm.
+     MOZ_ASSERT(!IsCrossCompartmentWrapper(obj));
+     MOZ_ASSERT(!IsCrossCompartmentWrapper(target));
+ 
+     JSAutoRealm ar(cx, obj);
+ 
+     AutoIdVector props(cx);
+-    if (!GetPropertyKeys(cx, obj, JSITER_OWNONLY | JSITER_HIDDEN | JSITER_SYMBOLS, &props))
++    if (!GetPropertyKeys(cx, obj, JSITER_OWNONLY | JSITER_HIDDEN | JSITER_SYMBOLS, &props)) {
+         return false;
++    }
+ 
+     for (size_t i = 0; i < props.length(); ++i) {
+-        if (!JS_CopyPropertyFrom(cx, props[i], target, obj))
++        if (!JS_CopyPropertyFrom(cx, props[i], target, obj)) {
+             return false;
++        }
+     }
+ 
+     return true;
+ }
+ 
+ static bool
+ CopyProxyObject(JSContext* cx, Handle<ProxyObject*> from, Handle<ProxyObject*> to)
+ {
+@@ -1192,28 +1292,30 @@ CopyProxyObject(JSContext* cx, Handle<Pr
+ 
+     if (from->is<WrapperObject>() &&
+         (Wrapper::wrapperHandler(from)->flags() &
+          Wrapper::CROSS_COMPARTMENT))
+     {
+         to->setCrossCompartmentPrivate(GetProxyPrivate(from));
+     } else {
+         RootedValue v(cx, GetProxyPrivate(from));
+-        if (!cx->compartment()->wrap(cx, &v))
++        if (!cx->compartment()->wrap(cx, &v)) {
+             return false;
++        }
+         to->setSameCompartmentPrivate(v);
+     }
+ 
+     MOZ_ASSERT(from->numReservedSlots() == to->numReservedSlots());
+ 
+     RootedValue v(cx);
+     for (size_t n = 0; n < from->numReservedSlots(); n++) {
+         v = GetProxyReservedSlot(from, n);
+-        if (!cx->compartment()->wrap(cx, &v))
++        if (!cx->compartment()->wrap(cx, &v)) {
+             return false;
++        }
+         SetProxyReservedSlot(to, n, v);
+     }
+ 
+     return true;
+ }
+ 
+ JSObject*
+ js::CloneObject(JSContext* cx, HandleObject obj, Handle<js::TaggedProto> proto)
+@@ -1221,90 +1323,99 @@ js::CloneObject(JSContext* cx, HandleObj
+     if (!obj->isNative() && !obj->is<ProxyObject>()) {
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_CANT_CLONE_OBJECT);
+         return nullptr;
+     }
+ 
+     RootedObject clone(cx);
+     if (obj->isNative()) {
+         clone = NewObjectWithGivenTaggedProto(cx, obj->getClass(), proto);
+-        if (!clone)
++        if (!clone) {
+             return nullptr;
++        }
+ 
+         if (clone->is<JSFunction>() && (obj->compartment() != clone->compartment())) {
+             JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_CANT_CLONE_OBJECT);
+             return nullptr;
+         }
+ 
+-        if (obj->as<NativeObject>().hasPrivate())
++        if (obj->as<NativeObject>().hasPrivate()) {
+             clone->as<NativeObject>().setPrivate(obj->as<NativeObject>().getPrivate());
++        }
+     } else {
+         ProxyOptions options;
+         options.setClass(obj->getClass());
+ 
+         clone = ProxyObject::New(cx, GetProxyHandler(obj), JS::NullHandleValue, proto, options);
+-        if (!clone)
++        if (!clone) {
+             return nullptr;
+-
+-        if (!CopyProxyObject(cx, obj.as<ProxyObject>(), clone.as<ProxyObject>()))
++        }
++
++        if (!CopyProxyObject(cx, obj.as<ProxyObject>(), clone.as<ProxyObject>())) {
+             return nullptr;
++        }
+     }
+ 
+     return clone;
+ }
+ 
+ static bool
+ GetScriptArrayObjectElements(HandleArrayObject arr, MutableHandle<GCVector<Value>> values)
+ {
+     MOZ_ASSERT(!arr->isSingleton());
+     MOZ_ASSERT(!arr->isIndexed());
+ 
+     size_t length = arr->length();
+-    if (!values.appendN(MagicValue(JS_ELEMENTS_HOLE), length))
++    if (!values.appendN(MagicValue(JS_ELEMENTS_HOLE), length)) {
+         return false;
++    }
+ 
+     size_t initlen = arr->getDenseInitializedLength();
+-    for (size_t i = 0; i < initlen; i++)
++    for (size_t i = 0; i < initlen; i++) {
+         values[i].set(arr->getDenseElement(i));
++    }
+ 
+     return true;
+ }
+ 
+ static bool
+ GetScriptPlainObjectProperties(HandleObject obj, MutableHandle<IdValueVector> properties)
+ {
+     if (obj->is<PlainObject>()) {
+         PlainObject* nobj = &obj->as<PlainObject>();
+ 
+-        if (!properties.appendN(IdValuePair(), nobj->slotSpan()))
++        if (!properties.appendN(IdValuePair(), nobj->slotSpan())) {
+             return false;
++        }
+ 
+         for (Shape::Range<NoGC> r(nobj->lastProperty()); !r.empty(); r.popFront()) {
+             Shape& shape = r.front();
+             MOZ_ASSERT(shape.isDataDescriptor());
+             uint32_t slot = shape.slot();
+             properties[slot].get().id = shape.propid();
+             properties[slot].get().value = nobj->getSlot(slot);
+         }
+ 
+         for (size_t i = 0; i < nobj->getDenseInitializedLength(); i++) {
+             Value v = nobj->getDenseElement(i);
+-            if (!v.isMagic(JS_ELEMENTS_HOLE) && !properties.append(IdValuePair(INT_TO_JSID(i), v)))
++            if (!v.isMagic(JS_ELEMENTS_HOLE) && !properties.append(IdValuePair(INT_TO_JSID(i), v))) {
+                 return false;
++            }
+         }
+ 
+         return true;
+     }
+ 
+     if (obj->is<UnboxedPlainObject>()) {
+         UnboxedPlainObject* nobj = &obj->as<UnboxedPlainObject>();
+ 
+         const UnboxedLayout& layout = nobj->layout();
+-        if (!properties.appendN(IdValuePair(), layout.properties().length()))
++        if (!properties.appendN(IdValuePair(), layout.properties().length())) {
+             return false;
++        }
+ 
+         for (size_t i = 0; i < layout.properties().length(); i++) {
+             const UnboxedLayout::Property& property = layout.properties()[i];
+             properties[i].get().id = NameToId(property.name);
+             properties[i].get().value = nobj->getValue(property);
+         }
+ 
+         return true;
+@@ -1314,18 +1425,19 @@ GetScriptPlainObjectProperties(HandleObj
+ }
+ 
+ static bool
+ DeepCloneValue(JSContext* cx, Value* vp, NewObjectKind newKind)
+ {
+     if (vp->isObject()) {
+         RootedObject obj(cx, &vp->toObject());
+         obj = DeepCloneObjectLiteral(cx, obj, newKind);
+-        if (!obj)
++        if (!obj) {
+             return false;
++        }
+         vp->setObject(*obj);
+     } else {
+         cx->markAtomValue(*vp);
+     }
+     return true;
+ }
+ 
+ JSObject*
+@@ -1335,62 +1447,69 @@ js::DeepCloneObjectLiteral(JSContext* cx
+     MOZ_ASSERT_IF(obj->isSingleton(),
+                   cx->realm()->behaviors().getSingletonsAsTemplates());
+     MOZ_ASSERT(obj->is<PlainObject>() || obj->is<UnboxedPlainObject>() ||
+                obj->is<ArrayObject>());
+     MOZ_ASSERT(newKind != SingletonObject);
+ 
+     if (obj->is<ArrayObject>()) {
+         Rooted<GCVector<Value>> values(cx, GCVector<Value>(cx));
+-        if (!GetScriptArrayObjectElements(obj.as<ArrayObject>(), &values))
++        if (!GetScriptArrayObjectElements(obj.as<ArrayObject>(), &values)) {
+             return nullptr;
++        }
+ 
+         // Deep clone any elements.
+         for (uint32_t i = 0; i < values.length(); ++i) {
+-            if (!DeepCloneValue(cx, values[i].address(), newKind))
++            if (!DeepCloneValue(cx, values[i].address(), newKind)) {
+                 return nullptr;
++            }
+         }
+ 
+         ObjectGroup::NewArrayKind arrayKind = ObjectGroup::NewArrayKind::Normal;
+-        if (obj->is<ArrayObject>() && obj->as<ArrayObject>().denseElementsAreCopyOnWrite())
++        if (obj->is<ArrayObject>() && obj->as<ArrayObject>().denseElementsAreCopyOnWrite()) {
+             arrayKind = ObjectGroup::NewArrayKind::CopyOnWrite;
++        }
+ 
+         return ObjectGroup::newArrayObject(cx, values.begin(), values.length(), newKind,
+                                            arrayKind);
+     }
+ 
+     Rooted<IdValueVector> properties(cx, IdValueVector(cx));
+-    if (!GetScriptPlainObjectProperties(obj, &properties))
++    if (!GetScriptPlainObjectProperties(obj, &properties)) {
+         return nullptr;
++    }
+ 
+     for (size_t i = 0; i < properties.length(); i++) {
+         cx->markId(properties[i].get().id);
+-        if (!DeepCloneValue(cx, &properties[i].get().value, newKind))
++        if (!DeepCloneValue(cx, &properties[i].get().value, newKind)) {
+             return nullptr;
+-    }
+-
+-    if (obj->isSingleton())
++        }
++    }
++
++    if (obj->isSingleton()) {
+         newKind = SingletonObject;
++    }
+ 
+     return ObjectGroup::newPlainObject(cx, properties.begin(), properties.length(), newKind);
+ }
+ 
+ static bool
+ InitializePropertiesFromCompatibleNativeObject(JSContext* cx,
+                                                HandleNativeObject dst,
+                                                HandleNativeObject src)
+ {
+     cx->check(src, dst);
+     MOZ_ASSERT(src->getClass() == dst->getClass());
+     MOZ_ASSERT(dst->lastProperty()->getObjectFlags() == 0);
+     MOZ_ASSERT(!src->isSingleton());
+     MOZ_ASSERT(src->numFixedSlots() == dst->numFixedSlots());
+ 
+-    if (!dst->ensureElements(cx, src->getDenseInitializedLength()))
++    if (!dst->ensureElements(cx, src->getDenseInitializedLength())) {
+         return false;
++    }
+ 
+     uint32_t initialized = src->getDenseInitializedLength();
+     for (uint32_t i = 0; i < initialized; ++i) {
+         dst->setDenseInitializedLength(i + 1);
+         dst->initDenseElement(i, src->getDenseElement(i));
+     }
+ 
+     MOZ_ASSERT(!src->hasPrivate());
+@@ -1398,39 +1517,44 @@ InitializePropertiesFromCompatibleNative
+     if (src->staticPrototype() == dst->staticPrototype()) {
+         shape = src->lastProperty();
+     } else {
+         // We need to generate a new shape for dst that has dst's proto but all
+         // the property information from src.  Note that we asserted above that
+         // dst's object flags are 0.
+         shape = EmptyShape::getInitialShape(cx, dst->getClass(), dst->taggedProto(),
+                                             dst->numFixedSlots(), 0);
+-        if (!shape)
++        if (!shape) {
+             return false;
++        }
+ 
+         // Get an in-order list of the shapes in the src object.
+         Rooted<ShapeVector> shapes(cx, ShapeVector(cx));
+         for (Shape::Range<NoGC> r(src->lastProperty()); !r.empty(); r.popFront()) {
+-            if (!shapes.append(&r.front()))
++            if (!shapes.append(&r.front())) {
+                 return false;
++            }
+         }
+         Reverse(shapes.begin(), shapes.end());
+ 
+         for (Shape* shapeToClone : shapes) {
+             Rooted<StackShape> child(cx, StackShape(shapeToClone));
+             shape = cx->zone()->propertyTree().getChild(cx, shape, child);
+-            if (!shape)
++            if (!shape) {
+                 return false;
++            }
+         }
+     }
+     size_t span = shape->slotSpan();
+-    if (!dst->setLastProperty(cx, shape))
++    if (!dst->setLastProperty(cx, shape)) {
+         return false;
+-    for (size_t i = JSCLASS_RESERVED_SLOTS(src->getClass()); i < span; i++)
++    }
++    for (size_t i = JSCLASS_RESERVED_SLOTS(src->getClass()); i < span; i++) {
+         dst->setSlot(i, src->getSlot(i));
++    }
+ 
+     return true;
+ }
+ 
+ JS_FRIEND_API(bool)
+ JS_InitializePropertiesFromCompatibleNativeObject(JSContext* cx,
+                                                   HandleObject dst,
+                                                   HandleObject src)
+@@ -1464,90 +1588,100 @@ js::XDRObjectLiteral(XDRState<mode>* xdr
+ 
+     RootedValue tmpValue(cx), tmpIdValue(cx);
+     RootedId tmpId(cx);
+ 
+     if (isArray) {
+         Rooted<GCVector<Value>> values(cx, GCVector<Value>(cx));
+         if (mode == XDR_ENCODE) {
+             RootedArrayObject arr(cx, &obj->as<ArrayObject>());
+-            if (!GetScriptArrayObjectElements(arr, &values))
++            if (!GetScriptArrayObjectElements(arr, &values)) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+         }
+ 
+         uint32_t initialized;
+-        if (mode == XDR_ENCODE)
++        if (mode == XDR_ENCODE) {
+             initialized = values.length();
++        }
+         MOZ_TRY(xdr->codeUint32(&initialized));
+-        if (mode == XDR_DECODE && !values.appendN(MagicValue(JS_ELEMENTS_HOLE), initialized))
++        if (mode == XDR_DECODE && !values.appendN(MagicValue(JS_ELEMENTS_HOLE), initialized)) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+ 
+         // Recursively copy dense elements.
+-        for (unsigned i = 0; i < initialized; i++)
++        for (unsigned i = 0; i < initialized; i++) {
+             MOZ_TRY(XDRScriptConst(xdr, values[i]));
++        }
+ 
+         uint32_t copyOnWrite;
+         if (mode == XDR_ENCODE) {
+             copyOnWrite = obj->is<ArrayObject>() &&
+                           obj->as<ArrayObject>().denseElementsAreCopyOnWrite();
+         }
+         MOZ_TRY(xdr->codeUint32(&copyOnWrite));
+ 
+         if (mode == XDR_DECODE) {
+             ObjectGroup::NewArrayKind arrayKind = copyOnWrite
+                                                   ? ObjectGroup::NewArrayKind::CopyOnWrite
+                                                   : ObjectGroup::NewArrayKind::Normal;
+             obj.set(ObjectGroup::newArrayObject(cx, values.begin(), values.length(),
+                                                 TenuredObject, arrayKind));
+-            if (!obj)
++            if (!obj) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+         }
+ 
+         return Ok();
+     }
+ 
+     // Code the properties in the object.
+     Rooted<IdValueVector> properties(cx, IdValueVector(cx));
+-    if (mode == XDR_ENCODE && !GetScriptPlainObjectProperties(obj, &properties))
++    if (mode == XDR_ENCODE && !GetScriptPlainObjectProperties(obj, &properties)) {
+         return xdr->fail(JS::TranscodeResult_Throw);
++    }
+ 
+     uint32_t nproperties = properties.length();
+     MOZ_TRY(xdr->codeUint32(&nproperties));
+ 
+-    if (mode == XDR_DECODE && !properties.appendN(IdValuePair(), nproperties))
++    if (mode == XDR_DECODE && !properties.appendN(IdValuePair(), nproperties)) {
+         return xdr->fail(JS::TranscodeResult_Throw);
++    }
+ 
+     for (size_t i = 0; i < nproperties; i++) {
+         if (mode == XDR_ENCODE) {
+             tmpIdValue = IdToValue(properties[i].get().id);
+             tmpValue = properties[i].get().value;
+         }
+ 
+         MOZ_TRY(XDRScriptConst(xdr, &tmpIdValue));
+         MOZ_TRY(XDRScriptConst(xdr, &tmpValue));
+ 
+         if (mode == XDR_DECODE) {
+-            if (!ValueToId<CanGC>(cx, tmpIdValue, &tmpId))
++            if (!ValueToId<CanGC>(cx, tmpIdValue, &tmpId)) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+             properties[i].get().id = tmpId;
+             properties[i].get().value = tmpValue;
+         }
+     }
+ 
+     // Code whether the object is a singleton.
+     uint32_t isSingleton;
+-    if (mode == XDR_ENCODE)
++    if (mode == XDR_ENCODE) {
+         isSingleton = obj->isSingleton() ? 1 : 0;
++    }
+     MOZ_TRY(xdr->codeUint32(&isSingleton));
+ 
+     if (mode == XDR_DECODE) {
+         NewObjectKind newKind = isSingleton ? SingletonObject : TenuredObject;
+         obj.set(ObjectGroup::newPlainObject(cx, properties.begin(), properties.length(), newKind));
+-        if (!obj)
++        if (!obj) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+     }
+ 
+     return Ok();
+ }
+ 
+ template XDRResult
+ js::XDRObjectLiteral(XDRState<XDR_ENCODE>* xdr, MutableHandleObject obj);
+ 
+@@ -1561,63 +1695,68 @@ NativeObject::fillInAfterSwap(JSContext*
+     // This object has just been swapped with some other object, and its shape
+     // no longer reflects its allocated size. Correct this information and
+     // fill the slots in with the specified values.
+     MOZ_ASSERT(obj->slotSpan() == values.length());
+ 
+     // Make sure the shape's numFixedSlots() is correct.
+     size_t nfixed = gc::GetGCKindSlots(obj->asTenured().getAllocKind(), obj->getClass());
+     if (nfixed != obj->shape()->numFixedSlots()) {
+-        if (!NativeObject::generateOwnShape(cx, obj))
++        if (!NativeObject::generateOwnShape(cx, obj)) {
+             return false;
++        }
+         obj->shape()->setNumFixedSlots(nfixed);
+     }
+ 
+-    if (obj->hasPrivate())
++    if (obj->hasPrivate()) {
+         obj->setPrivate(priv);
+-    else
++    } else {
+         MOZ_ASSERT(!priv);
++    }
+ 
+     if (obj->slots_) {
+         js_free(obj->slots_);
+         obj->slots_ = nullptr;
+     }
+ 
+     if (size_t ndynamic = dynamicSlotsCount(nfixed, values.length(), obj->getClass())) {
+         obj->slots_ = cx->pod_malloc<HeapSlot>(ndynamic);
+-        if (!obj->slots_)
++        if (!obj->slots_) {
+             return false;
++        }
+         Debug_SetSlotRangeToCrashOnTouch(obj->slots_, ndynamic);
+     }
+ 
+     obj->initSlotRange(0, values.begin(), values.length());
+     return true;
+ }
+ 
+ void
+ JSObject::fixDictionaryShapeAfterSwap()
+ {
+     // Dictionary shapes can point back to their containing objects, so after
+     // swapping the guts of those objects fix the pointers up.
+-    if (isNative() && as<NativeObject>().inDictionaryMode())
++    if (isNative() && as<NativeObject>().inDictionaryMode()) {
+         as<NativeObject>().shape()->listp = as<NativeObject>().shapePtr();
++    }
+ }
+ 
+ static MOZ_MUST_USE bool
+ CopyProxyValuesBeforeSwap(JSContext* cx, ProxyObject* proxy, AutoValueVector& values)
+ {
+     MOZ_ASSERT(values.empty());
+ 
+     // Remove the GCPtrValues we're about to swap from the store buffer, to
+     // ensure we don't trace bogus values.
+     gc::StoreBuffer& sb = cx->runtime()->gc.storeBuffer();
+ 
+     // Reserve space for the private slot and the reserved slots.
+-    if (!values.reserve(1 + proxy->numReservedSlots()))
++    if (!values.reserve(1 + proxy->numReservedSlots())) {
+         return false;
++    }
+ 
+     js::detail::ProxyValueArray* valArray = js::detail::GetProxyDataLayout(proxy)->values();
+     sb.unputValue(&valArray->privateSlot);
+     values.infallibleAppend(valArray->privateSlot);
+ 
+     for (size_t i = 0; i < proxy->numReservedSlots(); i++) {
+         sb.unputValue(&valArray->reservedSlots.slots[i]);
+         values.infallibleAppend(valArray->reservedSlots.slots[i]);
+@@ -1635,23 +1774,25 @@ ProxyObject::initExternalValueArrayAfter
+ 
+     // |values| contains the private slot and the reserved slots.
+     MOZ_ASSERT(values.length() == 1 + nreserved);
+ 
+     size_t nbytes = js::detail::ProxyValueArray::sizeOf(nreserved);
+ 
+     auto* valArray =
+         reinterpret_cast<js::detail::ProxyValueArray*>(cx->zone()->pod_malloc<uint8_t>(nbytes));
+-    if (!valArray)
++    if (!valArray) {
+         return false;
++    }
+ 
+     valArray->privateSlot = values[0];
+ 
+-    for (size_t i = 0; i < nreserved; i++)
++    for (size_t i = 0; i < nreserved; i++) {
+         valArray->reservedSlots.slots[i] = values[i + 1];
++    }
+ 
+     // Note: we allocate external slots iff the proxy had an inline
+     // ProxyValueArray, so at this point reservedSlots points into the
+     // old object and we don't have to free anything.
+     data.reservedSlots = &valArray->reservedSlots;
+     return true;
+ }
+ 
+@@ -1664,20 +1805,22 @@ JSObject::swap(JSContext* cx, HandleObje
+                IsBackgroundFinalized(b->asTenured().getAllocKind()));
+     MOZ_ASSERT(a->compartment() == b->compartment());
+ 
+     // You must have entered the objects' compartment before calling this.
+     MOZ_ASSERT(cx->compartment() == a->compartment());
+ 
+     AutoEnterOOMUnsafeRegion oomUnsafe;
+ 
+-    if (!JSObject::getGroup(cx, a))
++    if (!JSObject::getGroup(cx, a)) {
+         oomUnsafe.crash("JSObject::swap");
+-    if (!JSObject::getGroup(cx, b))
++    }
++    if (!JSObject::getGroup(cx, b)) {
+         oomUnsafe.crash("JSObject::swap");
++    }
+ 
+     /*
+      * Neither object may be in the nursery, but ensure we update any embedded
+      * nursery pointers in either object.
+      */
+     MOZ_ASSERT(!IsInsideNursery(a) && !IsInsideNursery(b));
+     cx->runtime()->gc.storeBuffer().putWholeCell(a);
+     cx->runtime()->gc.storeBuffer().putWholeCell(b);
+@@ -1721,20 +1864,22 @@ JSObject::swap(JSContext* cx, HandleObje
+ 
+         js_memcpy(tmp, a, size);
+         js_memcpy(a, b, size);
+         js_memcpy(b, tmp, size);
+ 
+         a->fixDictionaryShapeAfterSwap();
+         b->fixDictionaryShapeAfterSwap();
+ 
+-        if (aIsProxyWithInlineValues)
++        if (aIsProxyWithInlineValues) {
+             b->as<ProxyObject>().setInlineValueArray();
+-        if (bIsProxyWithInlineValues)
++        }
++        if (bIsProxyWithInlineValues) {
+             a->as<ProxyObject>().setInlineValueArray();
++        }
+     } else {
+         // Avoid GC in here to avoid confusing the tracing code with our
+         // intermediate state.
+         gc::AutoSuppressGC suppress(cx);
+ 
+         // When the objects have different sizes, they will have different
+         // numbers of fixed slots before and after the swap, so the slots for
+         // native objects will need to be rearranged.
+@@ -1742,67 +1887,75 @@ JSObject::swap(JSContext* cx, HandleObje
+         NativeObject* nb = b->isNative() ? &b->as<NativeObject>() : nullptr;
+ 
+         // Remember the original values from the objects.
+         AutoValueVector avals(cx);
+         void* apriv = nullptr;
+         if (na) {
+             apriv = na->hasPrivate() ? na->getPrivate() : nullptr;
+             for (size_t i = 0; i < na->slotSpan(); i++) {
+-                if (!avals.append(na->getSlot(i)))
++                if (!avals.append(na->getSlot(i))) {
+                     oomUnsafe.crash("JSObject::swap");
++                }
+             }
+         }
+         AutoValueVector bvals(cx);
+         void* bpriv = nullptr;
+         if (nb) {
+             bpriv = nb->hasPrivate() ? nb->getPrivate() : nullptr;
+             for (size_t i = 0; i < nb->slotSpan(); i++) {
+-                if (!bvals.append(nb->getSlot(i)))
++                if (!bvals.append(nb->getSlot(i))) {
+                     oomUnsafe.crash("JSObject::swap");
++                }
+             }
+         }
+ 
+         // Do the same for proxies storing ProxyValueArray inline.
+         ProxyObject* proxyA = a->is<ProxyObject>() ? &a->as<ProxyObject>() : nullptr;
+         ProxyObject* proxyB = b->is<ProxyObject>() ? &b->as<ProxyObject>() : nullptr;
+ 
+         if (aIsProxyWithInlineValues) {
+-            if (!CopyProxyValuesBeforeSwap(cx, proxyA, avals))
++            if (!CopyProxyValuesBeforeSwap(cx, proxyA, avals)) {
+                 oomUnsafe.crash("CopyProxyValuesBeforeSwap");
++            }
+         }
+         if (bIsProxyWithInlineValues) {
+-            if (!CopyProxyValuesBeforeSwap(cx, proxyB, bvals))
++            if (!CopyProxyValuesBeforeSwap(cx, proxyB, bvals)) {
+                 oomUnsafe.crash("CopyProxyValuesBeforeSwap");
++            }
+         }
+ 
+         // Swap the main fields of the objects, whether they are native objects or proxies.
+         char tmp[sizeof(JSObject_Slots0)];
+         js_memcpy(&tmp, a, sizeof tmp);
+         js_memcpy(a, b, sizeof tmp);
+         js_memcpy(b, &tmp, sizeof tmp);
+ 
+         a->fixDictionaryShapeAfterSwap();
+         b->fixDictionaryShapeAfterSwap();
+ 
+         if (na) {
+-            if (!NativeObject::fillInAfterSwap(cx, b.as<NativeObject>(), avals, apriv))
++            if (!NativeObject::fillInAfterSwap(cx, b.as<NativeObject>(), avals, apriv)) {
+                 oomUnsafe.crash("fillInAfterSwap");
++            }
+         }
+         if (nb) {
+-            if (!NativeObject::fillInAfterSwap(cx, a.as<NativeObject>(), bvals, bpriv))
++            if (!NativeObject::fillInAfterSwap(cx, a.as<NativeObject>(), bvals, bpriv)) {
+                 oomUnsafe.crash("fillInAfterSwap");
++            }
+         }
+         if (aIsProxyWithInlineValues) {
+-            if (!b->as<ProxyObject>().initExternalValueArrayAfterSwap(cx, avals))
++            if (!b->as<ProxyObject>().initExternalValueArrayAfterSwap(cx, avals)) {
+                 oomUnsafe.crash("initExternalValueArray");
++            }
+         }
+         if (bIsProxyWithInlineValues) {
+-            if (!a->as<ProxyObject>().initExternalValueArrayAfterSwap(cx, bvals))
++            if (!a->as<ProxyObject>().initExternalValueArrayAfterSwap(cx, bvals)) {
+                 oomUnsafe.crash("initExternalValueArray");
++            }
+         }
+     }
+ 
+     // Swapping the contents of two objects invalidates type sets which contain
+     // either of the objects, so mark all such sets as unknown.
+     MarkObjectGroupUnknownProperties(cx, a->group());
+     MarkObjectGroupUnknownProperties(cx, b->group());
+ 
+@@ -1822,28 +1975,30 @@ JSObject::swap(JSContext* cx, HandleObje
+ 
+     NotifyGCPostSwap(a, b, r);
+     return true;
+ }
+ 
+ static void
+ SetClassObject(JSObject* obj, JSProtoKey key, JSObject* cobj, JSObject* proto)
+ {
+-    if (!obj->is<GlobalObject>())
++    if (!obj->is<GlobalObject>()) {
+         return;
++    }
+ 
+     obj->as<GlobalObject>().setConstructor(key, ObjectOrNullValue(cobj));
+     obj->as<GlobalObject>().setPrototype(key, ObjectOrNullValue(proto));
+ }
+ 
+ static void
+ ClearClassObject(JSObject* obj, JSProtoKey key)
+ {
+-    if (!obj->is<GlobalObject>())
++    if (!obj->is<GlobalObject>()) {
+         return;
++    }
+ 
+     obj->as<GlobalObject>().setConstructor(key, UndefinedValue());
+     obj->as<GlobalObject>().setPrototype(key, UndefinedValue());
+ }
+ 
+ static NativeObject*
+ DefineConstructorAndPrototype(JSContext* cx, HandleObject obj, JSProtoKey key, HandleAtom atom,
+                               HandleObject protoProto, const Class* clasp,
+@@ -1874,18 +2029,19 @@ DefineConstructorAndPrototype(JSContext*
+      * on (1) and (2).
+      */
+ 
+     /*
+      * Create the prototype object.  (GlobalObject::createBlankPrototype isn't
+      * used because it won't let us use protoProto as the proto.
+      */
+     RootedNativeObject proto(cx, NewNativeObjectWithClassProto(cx, clasp, protoProto, SingletonObject));
+-    if (!proto)
++    if (!proto) {
+         return nullptr;
++    }
+ 
+     /*
+      * Whether we need to define a constructor property on |obj| and which
+      * attributes to use.
+      */
+     bool defineConstructorProperty = false;
+     uint32_t propertyAttrs = 0;
+ 
+@@ -1906,18 +2062,19 @@ DefineConstructorAndPrototype(JSContext*
+             propertyAttrs = (clasp->flags & JSCLASS_IS_ANONYMOUS)
+                             ? JSPROP_READONLY | JSPROP_PERMANENT
+                             : 0;
+         }
+ 
+         ctor = proto;
+     } else {
+         RootedFunction fun(cx, NewNativeConstructor(cx, constructor, nargs, atom));
+-        if (!fun)
++        if (!fun) {
+             goto bad;
++        }
+ 
+         /*
+          * Set the class object early for standard class constructors. Type
+          * inference may need to access these, and js::GetBuiltinPrototype will
+          * fail if it tries to do a reentrant reconstruction of the class.
+          */
+         if (key != JSProto_Null) {
+             SetClassObject(obj, key, fun, proto);
+@@ -1928,79 +2085,87 @@ DefineConstructorAndPrototype(JSContext*
+         propertyAttrs = 0;
+ 
+         /*
+          * Optionally construct the prototype object, before the class has
+          * been fully initialized.  Allow the ctor to replace proto with a
+          * different object, as is done for operator new.
+          */
+         ctor = fun;
+-        if (!LinkConstructorAndPrototype(cx, ctor, proto))
++        if (!LinkConstructorAndPrototype(cx, ctor, proto)) {
+             goto bad;
++        }
+ 
+         /* Bootstrap Function.prototype (see also JS_InitStandardClasses). */
+         Rooted<TaggedProto> tagged(cx, TaggedProto(proto));
+-        if (ctor->getClass() == clasp && !JSObject::splicePrototype(cx, ctor, clasp, tagged))
++        if (ctor->getClass() == clasp && !JSObject::splicePrototype(cx, ctor, clasp, tagged)) {
+             goto bad;
++        }
+     }
+ 
+     if (!DefinePropertiesAndFunctions(cx, proto, ps, fs) ||
+         (ctor != proto && !DefinePropertiesAndFunctions(cx, ctor, static_ps, static_fs)))
+     {
+         goto bad;
+     }
+ 
+     if (defineConstructorProperty) {
+         RootedId id(cx, AtomToId(atom));
+         RootedValue value(cx, ObjectValue(*ctor));
+-        if (!DefineDataProperty(cx, obj, id, value, propertyAttrs))
++        if (!DefineDataProperty(cx, obj, id, value, propertyAttrs)) {
+             goto bad;
++        }
+     }
+ 
+     /* If this is a standard class, cache its prototype. */
+-    if (!cached && key != JSProto_Null)
++    if (!cached && key != JSProto_Null) {
+         SetClassObject(obj, key, ctor, proto);
+-
+-    if (ctorp)
++    }
++
++    if (ctorp) {
+         *ctorp = ctor;
++    }
+     return proto;
+ 
+ bad:
+-    if (cached)
++    if (cached) {
+         ClearClassObject(obj, key);
++    }
+     return nullptr;
+ }
+ 
+ NativeObject*
+ js::InitClass(JSContext* cx, HandleObject obj, HandleObject protoProto_,
+               const Class* clasp, Native constructor, unsigned nargs,
+               const JSPropertySpec* ps, const JSFunctionSpec* fs,
+               const JSPropertySpec* static_ps, const JSFunctionSpec* static_fs,
+               NativeObject** ctorp)
+ {
+     RootedObject protoProto(cx, protoProto_);
+ 
+     RootedAtom atom(cx, Atomize(cx, clasp->name, strlen(clasp->name)));
+-    if (!atom)
++    if (!atom) {
+         return nullptr;
++    }
+ 
+     /*
+      * All instances of the class will inherit properties from the prototype
+      * object we are about to create (in DefineConstructorAndPrototype), which
+      * in turn will inherit from protoProto.
+      *
+      * When initializing a standard class (other than Object), if protoProto is
+      * null, default to Object.prototype. The engine's internal uses of
+      * js::InitClass depend on this nicety.
+      */
+     JSProtoKey key = JSCLASS_CACHED_PROTO_KEY(clasp);
+     if (key != JSProto_Null && !protoProto) {
+         protoProto = GlobalObject::getOrCreatePrototype(cx, JSProto_Object);
+-        if (!protoProto)
++        if (!protoProto) {
+             return nullptr;
++        }
+     }
+ 
+     return DefineConstructorAndPrototype(cx, obj, key, atom, protoProto, clasp, constructor, nargs,
+                                          ps, fs, static_ps, static_fs, ctorp);
+ }
+ 
+ void
+ JSObject::fixupAfterMovingGC()
+@@ -2008,20 +2173,22 @@ JSObject::fixupAfterMovingGC()
+     // For copy-on-write objects that don't own their elements, fix up the
+     // elements pointer if it points to inline elements in the owning object.
+     if (is<NativeObject>()) {
+         NativeObject& obj = as<NativeObject>();
+         if (obj.denseElementsAreCopyOnWrite()) {
+             NativeObject* owner = obj.getElementsHeader()->ownerObject();
+             // Get the new owner pointer but don't call MaybeForwarded as we
+             // don't need to access the object's shape.
+-            if (IsForwarded(owner))
++            if (IsForwarded(owner)) {
+                 owner = Forwarded(owner);
+-            if (owner != &obj && owner->hasFixedElements())
++            }
++            if (owner != &obj && owner->hasFixedElements()) {
+                 obj.elements_ = owner->getElementsHeader()->elements();
++            }
+             MOZ_ASSERT(!IsForwarded(obj.getElementsHeader()->ownerObject().get()));
+         }
+     }
+ }
+ 
+ static bool
+ ReshapeForProtoMutation(JSContext* cx, HandleObject obj)
+ {
+@@ -2051,85 +2218,94 @@ ReshapeForProtoMutation(JSContext* cx, H
+     RootedObject pobj(cx, obj);
+ 
+     while (pobj && pobj->isNative()) {
+         if (pobj->isSingleton()) {
+             // If object was converted to a singleton it should have cleared
+             // any UNCACHEABLE_PROTO flags.
+             MOZ_ASSERT(!pobj->hasUncacheableProto());
+ 
+-            if (!NativeObject::reshapeForProtoMutation(cx, pobj.as<NativeObject>()))
++            if (!NativeObject::reshapeForProtoMutation(cx, pobj.as<NativeObject>())) {
+                 return false;
++            }
+         } else {
+-            if (!JSObject::setUncacheableProto(cx, pobj))
++            if (!JSObject::setUncacheableProto(cx, pobj)) {
+                 return false;
++            }
+         }
+ 
+-        if (!obj->isDelegate())
++        if (!obj->isDelegate()) {
+             break;
++        }
+ 
+         pobj = pobj->staticPrototype();
+     }
+ 
+     return true;
+ }
+ 
+ static bool
+ SetClassAndProto(JSContext* cx, HandleObject obj,
+                  const Class* clasp, Handle<js::TaggedProto> proto)
+ {
+     // Regenerate object shape (and possibly prototype shape) to invalidate JIT
+     // code that is affected by a prototype mutation.
+-    if (!ReshapeForProtoMutation(cx, obj))
++    if (!ReshapeForProtoMutation(cx, obj)) {
+         return false;
++    }
+ 
+     if (proto.isObject()) {
+         RootedObject protoObj(cx, proto.toObject());
+-        if (!JSObject::setDelegate(cx, protoObj))
++        if (!JSObject::setDelegate(cx, protoObj)) {
+             return false;
++        }
+     }
+ 
+     if (obj->isSingleton()) {
+         /*
+          * Just splice the prototype, but mark the properties as unknown for
+          * consistent behavior.
+          */
+-        if (!JSObject::splicePrototype(cx, obj, clasp, proto))
++        if (!JSObject::splicePrototype(cx, obj, clasp, proto)) {
+             return false;
++        }
+         MarkObjectGroupUnknownProperties(cx, obj->group());
+         return true;
+     }
+ 
+     RootedObjectGroup oldGroup(cx, obj->group());
+ 
+     ObjectGroup* newGroup;
+     if (oldGroup->maybeInterpretedFunction()) {
+         // We're changing the group/proto of a scripted function. Create a new
+         // group so we can keep track of the interpreted function for Ion
+         // inlining.
+         MOZ_ASSERT(obj->is<JSFunction>());
+         newGroup = ObjectGroupRealm::makeGroup(cx, oldGroup->realm(), &JSFunction::class_, proto);
+-        if (!newGroup)
++        if (!newGroup) {
+             return false;
++        }
+         newGroup->setInterpretedFunction(oldGroup->maybeInterpretedFunction());
+     } else {
+         newGroup = ObjectGroup::defaultNewGroup(cx, clasp, proto);
+-        if (!newGroup)
++        if (!newGroup) {
+             return false;
++        }
+     }
+ 
+     obj->setGroup(newGroup);
+ 
+     // Add the object's property types to the new group.
+     AutoSweepObjectGroup sweep(newGroup);
+     if (!newGroup->unknownProperties(sweep)) {
+-        if (obj->isNative())
++        if (obj->isNative()) {
+             AddPropertyTypesAfterProtoChange(cx, &obj->as<NativeObject>(), oldGroup);
+-        else
++        } else {
+             MarkObjectGroupUnknownProperties(cx, newGroup);
++        }
+     }
+ 
+     // Type sets containing this object will contain the old group but not the
+     // new group of the object, so we need to treat all such type sets as
+     // unknown.
+     MarkObjectGroupUnknownProperties(cx, oldGroup);
+ 
+     return true;
+@@ -2139,18 +2315,19 @@ SetClassAndProto(JSContext* cx, HandleOb
+ JSObject::changeToSingleton(JSContext* cx, HandleObject obj)
+ {
+     MOZ_ASSERT(!obj->isSingleton());
+ 
+     MarkObjectGroupUnknownProperties(cx, obj->group());
+ 
+     ObjectGroup* group = ObjectGroup::lazySingletonGroup(cx, obj->group(), obj->getClass(),
+                                                          obj->taggedProto());
+-    if (!group)
++    if (!group) {
+         return false;
++    }
+ 
+     obj->group_ = group;
+     return true;
+ }
+ 
+ /**
+  * Returns the original Object.prototype from the embedding-provided incumbent
+  * global.
+@@ -2175,23 +2352,25 @@ js::GetObjectFromIncumbentGlobal(JSConte
+     if (!globalObj) {
+         obj.set(nullptr);
+         return true;
+     }
+ 
+     {
+         AutoRealm ar(cx, globalObj);
+         obj.set(GlobalObject::getOrCreateObjectPrototype(cx, globalObj));
+-        if (!obj)
++        if (!obj) {
+             return false;
++        }
+     }
+ 
+     // The object might be from a different compartment, so wrap it.
+-    if (obj && !cx->compartment()->wrap(cx, obj))
++    if (obj && !cx->compartment()->wrap(cx, obj)) {
+         return false;
++    }
+ 
+     return true;
+ }
+ 
+ static bool
+ IsStandardPrototype(JSObject* obj, JSProtoKey key)
+ {
+     Value v = obj->nonCCWGlobal().getPrototype(key);
+@@ -2199,76 +2378,82 @@ IsStandardPrototype(JSObject* obj, JSPro
+ }
+ 
+ JSProtoKey
+ JS::IdentifyStandardInstance(JSObject* obj)
+ {
+     // Note: The prototype shares its JSClass with instances.
+     MOZ_ASSERT(!obj->is<CrossCompartmentWrapperObject>());
+     JSProtoKey key = StandardProtoKeyOrNull(obj);
+-    if (key != JSProto_Null && !IsStandardPrototype(obj, key))
++    if (key != JSProto_Null && !IsStandardPrototype(obj, key)) {
+         return key;
++    }
+     return JSProto_Null;
+ }
+ 
+ JSProtoKey
+ JS::IdentifyStandardPrototype(JSObject* obj)
+ {
+     // Note: The prototype shares its JSClass with instances.
+     MOZ_ASSERT(!obj->is<CrossCompartmentWrapperObject>());
+     JSProtoKey key = StandardProtoKeyOrNull(obj);
+-    if (key != JSProto_Null && IsStandardPrototype(obj, key))
++    if (key != JSProto_Null && IsStandardPrototype(obj, key)) {
+         return key;
++    }
+     return JSProto_Null;
+ }
+ 
+ JSProtoKey
+ JS::IdentifyStandardInstanceOrPrototype(JSObject* obj)
+ {
+     return StandardProtoKeyOrNull(obj);
+ }
+ 
+ JSProtoKey
+ JS::IdentifyStandardConstructor(JSObject* obj)
+ {
+     // Note that NATIVE_CTOR does not imply that we are a standard constructor,
+     // but the converse is true (at least until we start having self-hosted
+     // constructors for standard classes). This lets us avoid a costly loop for
+     // many functions (which, depending on the call site, may be the common case).
+-    if (!obj->is<JSFunction>() || !(obj->as<JSFunction>().flags() & JSFunction::NATIVE_CTOR))
++    if (!obj->is<JSFunction>() || !(obj->as<JSFunction>().flags() & JSFunction::NATIVE_CTOR)) {
+         return JSProto_Null;
++    }
+ 
+     GlobalObject& global = obj->as<JSFunction>().global();
+     for (size_t k = 0; k < JSProto_LIMIT; ++k) {
+         JSProtoKey key = static_cast<JSProtoKey>(k);
+-        if (global.getConstructor(key) == ObjectValue(*obj))
++        if (global.getConstructor(key) == ObjectValue(*obj)) {
+             return key;
++        }
+     }
+ 
+     return JSProto_Null;
+ }
+ 
+ bool
+ js::LookupProperty(JSContext* cx, HandleObject obj, js::HandleId id,
+                    MutableHandleObject objp, MutableHandle<PropertyResult> propp)
+ {
+-    if (LookupPropertyOp op = obj->getOpsLookupProperty())
++    if (LookupPropertyOp op = obj->getOpsLookupProperty()) {
+         return op(cx, obj, id, objp, propp);
++    }
+     return LookupPropertyInline<CanGC>(cx, obj.as<NativeObject>(), id, objp, propp);
+ }
+ 
+ bool
+ js::LookupName(JSContext* cx, HandlePropertyName name, HandleObject envChain,
+                MutableHandleObject objp, MutableHandleObject pobjp, MutableHandle<PropertyResult> propp)
+ {
+     RootedId id(cx, NameToId(name));
+ 
+     for (RootedObject env(cx, envChain); env; env = env->enclosingEnvironment()) {
+-        if (!LookupProperty(cx, env, id, pobjp, propp))
++        if (!LookupProperty(cx, env, id, pobjp, propp)) {
+             return false;
++        }
+         if (propp) {
+             objp.set(env);
+             return true;
+         }
+     }
+ 
+     objp.set(nullptr);
+     pobjp.set(nullptr);
+@@ -2280,20 +2465,22 @@ bool
+ js::LookupNameNoGC(JSContext* cx, PropertyName* name, JSObject* envChain,
+                    JSObject** objp, JSObject** pobjp, PropertyResult* propp)
+ {
+     AutoAssertNoException nogc(cx);
+ 
+     MOZ_ASSERT(!*objp && !*pobjp && !*propp);
+ 
+     for (JSObject* env = envChain; env; env = env->enclosingEnvironment()) {
+-        if (env->getOpsLookupProperty())
++        if (env->getOpsLookupProperty()) {
+             return false;
+-        if (!LookupPropertyInline<NoGC>(cx, &env->as<NativeObject>(), NameToId(name), pobjp, propp))
++        }
++        if (!LookupPropertyInline<NoGC>(cx, &env->as<NativeObject>(), NameToId(name), pobjp, propp)) {
+             return false;
++        }
+         if (*propp) {
+             *objp = env;
+             return true;
+         }
+     }
+ 
+     return true;
+ }
+@@ -2304,20 +2491,22 @@ js::LookupNameWithGlobalDefault(JSContex
+ {
+     RootedId id(cx, NameToId(name));
+ 
+     RootedObject pobj(cx);
+     Rooted<PropertyResult> prop(cx);
+ 
+     RootedObject env(cx, envChain);
+     for (; !env->is<GlobalObject>(); env = env->enclosingEnvironment()) {
+-        if (!LookupProperty(cx, env, id, &pobj, &prop))
++        if (!LookupProperty(cx, env, id, &pobj, &prop)) {
+             return false;
+-        if (prop)
++        }
++        if (prop) {
+             break;
++        }
+     }
+ 
+     objp.set(env);
+     return true;
+ }
+ 
+ bool
+ js::LookupNameUnqualified(JSContext* cx, HandlePropertyName name, HandleObject envChain,
+@@ -2325,91 +2514,100 @@ js::LookupNameUnqualified(JSContext* cx,
+ {
+     RootedId id(cx, NameToId(name));
+ 
+     RootedObject pobj(cx);
+     Rooted<PropertyResult> prop(cx);
+ 
+     RootedObject env(cx, envChain);
+     for (; !env->isUnqualifiedVarObj(); env = env->enclosingEnvironment()) {
+-        if (!LookupProperty(cx, env, id, &pobj, &prop))
++        if (!LookupProperty(cx, env, id, &pobj, &prop)) {
+             return false;
+-        if (prop)
++        }
++        if (prop) {
+             break;
++        }
+     }
+ 
+     // See note above RuntimeLexicalErrorObject.
+     if (pobj == env) {
+         bool isTDZ = false;
+         if (prop && name != cx->names().dotThis) {
+             // Treat Debugger environments specially for TDZ checks, as they
+             // look like non-native environments but in fact wrap native
+             // environments.
+             if (env->is<DebugEnvironmentProxy>()) {
+                 RootedValue v(cx);
+                 Rooted<DebugEnvironmentProxy*> envProxy(cx, &env->as<DebugEnvironmentProxy>());
+-                if (!DebugEnvironmentProxy::getMaybeSentinelValue(cx, envProxy, id, &v))
++                if (!DebugEnvironmentProxy::getMaybeSentinelValue(cx, envProxy, id, &v)) {
+                     return false;
++                }
+                 isTDZ = IsUninitializedLexical(v);
+             } else {
+                 isTDZ = IsUninitializedLexicalSlot(env, prop);
+             }
+         }
+ 
+         if (isTDZ) {
+             env = RuntimeLexicalErrorObject::create(cx, env, JSMSG_UNINITIALIZED_LEXICAL);
+-            if (!env)
++            if (!env) {
+                 return false;
++            }
+         } else if (env->is<LexicalEnvironmentObject>() && !prop.shape()->writable()) {
+             // Assigning to a named lambda callee name is a no-op in sloppy mode.
+             Rooted<LexicalEnvironmentObject*> lexicalEnv(cx, &env->as<LexicalEnvironmentObject>());
+             if (lexicalEnv->isExtensible() ||
+                 lexicalEnv->scope().kind() != ScopeKind::NamedLambda)
+             {
+                 MOZ_ASSERT(name != cx->names().dotThis);
+                 env = RuntimeLexicalErrorObject::create(cx, env, JSMSG_BAD_CONST_ASSIGN);
+-                if (!env)
++                if (!env) {
+                     return false;
++                }
+             }
+         }
+     }
+ 
+     objp.set(env);
+     return true;
+ }
+ 
+ bool
+ js::HasOwnProperty(JSContext* cx, HandleObject obj, HandleId id, bool* result)
+ {
+-    if (obj->is<ProxyObject>())
++    if (obj->is<ProxyObject>()) {
+         return Proxy::hasOwn(cx, obj, id, result);
++    }
+ 
+     if (GetOwnPropertyOp op = obj->getOpsGetOwnPropertyDescriptor()) {
+         Rooted<PropertyDescriptor> desc(cx);
+-        if (!op(cx, obj, id, &desc))
++        if (!op(cx, obj, id, &desc)) {
+             return false;
++        }
+         *result = !!desc.object();
+         return true;
+     }
+ 
+     Rooted<PropertyResult> prop(cx);
+-    if (!NativeLookupOwnProperty<CanGC>(cx, obj.as<NativeObject>(), id, &prop))
++    if (!NativeLookupOwnProperty<CanGC>(cx, obj.as<NativeObject>(), id, &prop)) {
+         return false;
++    }
+     *result = prop.isFound();
+     return true;
+ }
+ 
+ bool
+ js::LookupPropertyPure(JSContext* cx, JSObject* obj, jsid id, JSObject** objp,
+                        PropertyResult* propp)
+ {
+     bool isTypedArrayOutOfRange = false;
+     do {
+-        if (!LookupOwnPropertyPure(cx, obj, id, propp, &isTypedArrayOutOfRange))
++        if (!LookupOwnPropertyPure(cx, obj, id, propp, &isTypedArrayOutOfRange)) {
+             return false;
++        }
+ 
+         if (*propp) {
+             *objp = obj;
+             return true;
+         }
+ 
+         if (isTypedArrayOutOfRange) {
+             *objp = nullptr;
+@@ -2424,50 +2622,53 @@ js::LookupPropertyPure(JSContext* cx, JS
+     return true;
+ }
+ 
+ bool
+ js::LookupOwnPropertyPure(JSContext* cx, JSObject* obj, jsid id, PropertyResult* propp,
+                           bool* isTypedArrayOutOfRange /* = nullptr */)
+ {
+     JS::AutoCheckCannotGC nogc;
+-    if (isTypedArrayOutOfRange)
++    if (isTypedArrayOutOfRange) {
+         *isTypedArrayOutOfRange = false;
++    }
+ 
+     if (obj->isNative()) {
+         // Search for a native dense element, typed array element, or property.
+ 
+         if (JSID_IS_INT(id) && obj->as<NativeObject>().containsDenseElement(JSID_TO_INT(id))) {
+             propp->setDenseOrTypedArrayElement();
+             return true;
+         }
+ 
+         if (obj->is<TypedArrayObject>()) {
+             uint64_t index;
+             if (IsTypedArrayIndex(id, &index)) {
+                 if (index < obj->as<TypedArrayObject>().length()) {
+                     propp->setDenseOrTypedArrayElement();
+                 } else {
+                     propp->setNotFound();
+-                    if (isTypedArrayOutOfRange)
++                    if (isTypedArrayOutOfRange) {
+                         *isTypedArrayOutOfRange = true;
++                    }
+                 }
+                 return true;
+             }
+         }
+ 
+         if (Shape* shape = obj->as<NativeObject>().lookupPure(id)) {
+             propp->setNativeProperty(shape);
+             return true;
+         }
+ 
+         // Fail if there's a resolve hook, unless the mayResolve hook tells
+         // us the resolve hook won't define a property with this id.
+-        if (ClassMayResolveId(cx->names(), obj->getClass(), id, obj))
++        if (ClassMayResolveId(cx->names(), obj->getClass(), id, obj)) {
+             return false;
++        }
+     } else if (obj->is<UnboxedPlainObject>()) {
+         if (obj->as<UnboxedPlainObject>().containsUnboxedOrExpandoProperty(cx, id)) {
+             propp->setNonNativeProperty();
+             return true;
+         }
+     } else if (obj->is<TypedObject>()) {
+         if (obj->as<TypedObject>().typeDescr().hasProperty(cx->names(), id)) {
+             propp->setNonNativeProperty();
+@@ -2481,86 +2682,93 @@ js::LookupOwnPropertyPure(JSContext* cx,
+     return true;
+ }
+ 
+ static inline bool
+ NativeGetPureInline(NativeObject* pobj, jsid id, PropertyResult prop, Value* vp)
+ {
+     if (prop.isDenseOrTypedArrayElement()) {
+         // For simplicity we ignore the TypedArray with string index case.
+-        if (!JSID_IS_INT(id))
++        if (!JSID_IS_INT(id)) {
+             return false;
++        }
+ 
+         *vp = pobj->getDenseOrTypedArrayElement(JSID_TO_INT(id));
+         return true;
+     }
+ 
+     // Fail if we have a custom getter.
+     Shape* shape = prop.shape();
+-    if (!shape->isDataProperty())
++    if (!shape->isDataProperty()) {
+         return false;
++    }
+ 
+     *vp = pobj->getSlot(shape->slot());
+     MOZ_ASSERT(!vp->isMagic());
+     return true;
+ }
+ 
+ static inline bool
+ UnboxedGetPureInline(JSObject* pobj, jsid id, PropertyResult prop, Value* vp)
+ {
+     MOZ_ASSERT(prop.isNonNativeProperty());
+ 
+     // This might be a TypedObject.
+-    if (!pobj->is<UnboxedPlainObject>())
++    if (!pobj->is<UnboxedPlainObject>()) {
+         return false;
++    }
+ 
+     const UnboxedLayout& layout = pobj->as<UnboxedPlainObject>().layout();
+     if (const UnboxedLayout::Property* property = layout.lookup(id)) {
+         *vp = pobj->as<UnboxedPlainObject>().getValue(*property);
+         return true;
+     }
+ 
+     // Don't bother supporting expandos for now.
+     return false;
+ }
+ 
+ bool
+ js::GetPropertyPure(JSContext* cx, JSObject* obj, jsid id, Value* vp)
+ {
+     JSObject* pobj;
+     PropertyResult prop;
+-    if (!LookupPropertyPure(cx, obj, id, &pobj, &prop))
++    if (!LookupPropertyPure(cx, obj, id, &pobj, &prop)) {
+         return false;
++    }
+ 
+     if (!prop) {
+         vp->setUndefined();
+         return true;
+     }
+ 
+-    if (MOZ_LIKELY(pobj->isNative()))
++    if (MOZ_LIKELY(pobj->isNative())) {
+         return NativeGetPureInline(&pobj->as<NativeObject>(), id, prop, vp);
++    }
+     return UnboxedGetPureInline(pobj, id, prop, vp);
+ }
+ 
+ bool
+ js::GetOwnPropertyPure(JSContext* cx, JSObject* obj, jsid id, Value* vp, bool* found)
+ {
+     PropertyResult prop;
+-    if (!LookupOwnPropertyPure(cx, obj, id, &prop))
++    if (!LookupOwnPropertyPure(cx, obj, id, &prop)) {
+         return false;
++    }
+ 
+     if (!prop) {
+         *found = false;
+         vp->setUndefined();
+         return true;
+     }
+ 
+     *found = true;
+-    if (MOZ_LIKELY(obj->isNative()))
++    if (MOZ_LIKELY(obj->isNative())) {
+         return NativeGetPureInline(&obj->as<NativeObject>(), id, prop, vp);
++    }
+     return UnboxedGetPureInline(obj, id, prop, vp);
+ }
+ 
+ static inline bool
+ NativeGetGetterPureInline(PropertyResult prop, JSFunction** fp)
+ {
+     if (!prop.isDenseOrTypedArrayElement() && prop.shape()->hasGetterObject()) {
+         Shape* shape = prop.shape();
+@@ -2576,85 +2784,93 @@ NativeGetGetterPureInline(PropertyResult
+ 
+ bool
+ js::GetGetterPure(JSContext* cx, JSObject* obj, jsid id, JSFunction** fp)
+ {
+     /* Just like GetPropertyPure, but get getter function, without invoking
+      * it. */
+     JSObject* pobj;
+     PropertyResult prop;
+-    if (!LookupPropertyPure(cx, obj, id, &pobj, &prop))
++    if (!LookupPropertyPure(cx, obj, id, &pobj, &prop)) {
+         return false;
++    }
+ 
+     if (!prop) {
+         *fp = nullptr;
+         return true;
+     }
+ 
+     return prop.isNativeProperty() && NativeGetGetterPureInline(prop, fp);
+ }
+ 
+ bool
+ js::GetOwnGetterPure(JSContext* cx, JSObject* obj, jsid id, JSFunction** fp)
+ {
+     JS::AutoCheckCannotGC nogc;
+     PropertyResult prop;
+-    if (!LookupOwnPropertyPure(cx, obj, id, &prop))
++    if (!LookupOwnPropertyPure(cx, obj, id, &prop)) {
+         return false;
++    }
+ 
+     if (!prop) {
+         *fp = nullptr;
+         return true;
+     }
+ 
+     return prop.isNativeProperty() && NativeGetGetterPureInline(prop, fp);
+ }
+ 
+ bool
+ js::GetOwnNativeGetterPure(JSContext* cx, JSObject* obj, jsid id, JSNative* native)
+ {
+     JS::AutoCheckCannotGC nogc;
+     *native = nullptr;
+     PropertyResult prop;
+-    if (!LookupOwnPropertyPure(cx, obj, id, &prop))
++    if (!LookupOwnPropertyPure(cx, obj, id, &prop)) {
+         return false;
+-
+-    if (!prop || prop.isDenseOrTypedArrayElement() || !prop.shape()->hasGetterObject())
++    }
++
++    if (!prop || prop.isDenseOrTypedArrayElement() || !prop.shape()->hasGetterObject()) {
+         return true;
++    }
+ 
+     JSObject* getterObj = prop.shape()->getterObject();
+-    if (!getterObj->is<JSFunction>())
++    if (!getterObj->is<JSFunction>()) {
+         return true;
++    }
+ 
+     JSFunction* getter = &getterObj->as<JSFunction>();
+-    if (!getter->isNative())
++    if (!getter->isNative()) {
+         return true;
++    }
+ 
+     *native = getter->native();
+     return true;
+ }
+ 
+ bool
+ js::HasOwnDataPropertyPure(JSContext* cx, JSObject* obj, jsid id, bool* result)
+ {
+     PropertyResult prop;
+-    if (!LookupOwnPropertyPure(cx, obj, id, &prop))
++    if (!LookupOwnPropertyPure(cx, obj, id, &prop)) {
+         return false;
++    }
+ 
+     *result = prop && !prop.isDenseOrTypedArrayElement() &&
+               prop.shape()->isDataProperty();
+     return true;
+ }
+ 
+ bool
+ js::GetPrototypeIfOrdinary(JSContext* cx, HandleObject obj, bool* isOrdinary,
+                            MutableHandleObject protop)
+ {
+-    if (obj->is<js::ProxyObject>())
++    if (obj->is<js::ProxyObject>()) {
+         return js::Proxy::getPrototypeIfOrdinary(cx, obj, isOrdinary, protop);
++    }
+ 
+     *isOrdinary = true;
+     protop.set(obj->staticPrototype());
+     return true;
+ }
+ 
+ /*** ES6 standard internal methods ***************************************************************/
+ 
+@@ -2667,119 +2883,134 @@ js::SetPrototype(JSContext* cx, HandleOb
+         MOZ_ASSERT(obj->is<ProxyObject>());
+         return Proxy::setPrototype(cx, obj, proto, result);
+     }
+ 
+     /*
+      * ES6 9.1.2 step 3-4 if |obj.[[Prototype]]| has SameValue as |proto| return true.
+      * Since the values in question are objects, we can just compare pointers.
+      */
+-    if (proto == obj->staticPrototype())
++    if (proto == obj->staticPrototype()) {
+         return result.succeed();
++    }
+ 
+     /* Disallow mutation of immutable [[Prototype]]s. */
+-    if (obj->staticPrototypeIsImmutable())
++    if (obj->staticPrototypeIsImmutable()) {
+         return result.fail(JSMSG_CANT_SET_PROTO);
++    }
+ 
+     /*
+      * Disallow mutating the [[Prototype]] on Typed Objects, per the spec.
+      */
+     if (obj->is<TypedObject>()) {
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_CANT_SET_PROTO_OF,
+                                   "incompatible TypedObject");
+         return false;
+     }
+ 
+     /* ES6 9.1.2 step 5 forbids changing [[Prototype]] if not [[Extensible]]. */
+     bool extensible;
+-    if (!IsExtensible(cx, obj, &extensible))
++    if (!IsExtensible(cx, obj, &extensible)) {
+         return false;
+-    if (!extensible)
++    }
++    if (!extensible) {
+         return result.fail(JSMSG_CANT_SET_PROTO);
++    }
+ 
+     // If this is a global object, resolve the Object class so that its
+     // [[Prototype]] chain is always properly immutable, even in the presence
+     // of lazy standard classes.
+     if (obj->is<GlobalObject>()) {
+         Handle<GlobalObject*> global = obj.as<GlobalObject>();
+-        if (!GlobalObject::ensureConstructor(cx, global, JSProto_Object))
++        if (!GlobalObject::ensureConstructor(cx, global, JSProto_Object)) {
+             return false;
++        }
+     }
+ 
+     /*
+      * ES6 9.1.2 step 6 forbids generating cyclical prototype chains. But we
+      * have to do this comparison on the observable WindowProxy, not on the
+      * possibly-Window object we're setting the proto on.
+      */
+     RootedObject objMaybeWindowProxy(cx, ToWindowProxyIfWindow(obj));
+     RootedObject obj2(cx, proto);
+     while (obj2) {
+         MOZ_ASSERT(!IsWindow(obj2));
+-        if (obj2 == objMaybeWindowProxy)
++        if (obj2 == objMaybeWindowProxy) {
+             return result.fail(JSMSG_CANT_SET_PROTO_CYCLE);
++        }
+ 
+         bool isOrdinary;
+-        if (!GetPrototypeIfOrdinary(cx, obj2, &isOrdinary, &obj2))
++        if (!GetPrototypeIfOrdinary(cx, obj2, &isOrdinary, &obj2)) {
+             return false;
+-        if (!isOrdinary)
++        }
++        if (!isOrdinary) {
+             break;
++        }
+     }
+ 
+     // Convert unboxed objects to their native representations before changing
+     // their prototype/group, as they depend on the group for their layout.
+-    if (!MaybeConvertUnboxedObjectToNative(cx, obj))
++    if (!MaybeConvertUnboxedObjectToNative(cx, obj)) {
+         return false;
++    }
+ 
+     Rooted<TaggedProto> taggedProto(cx, TaggedProto(proto));
+-    if (!SetClassAndProto(cx, obj, obj->getClass(), taggedProto))
++    if (!SetClassAndProto(cx, obj, obj->getClass(), taggedProto)) {
+         return false;
++    }
+ 
+     return result.succeed();
+ }
+ 
+ bool
+ js::SetPrototype(JSContext* cx, HandleObject obj, HandleObject proto)
+ {
+     ObjectOpResult result;
+     return SetPrototype(cx, obj, proto, result) && result.checkStrict(cx, obj);
+ }
+ 
+ bool
+ js::PreventExtensions(JSContext* cx, HandleObject obj, ObjectOpResult& result)
+ {
+-    if (obj->is<ProxyObject>())
++    if (obj->is<ProxyObject>()) {
+         return js::Proxy::preventExtensions(cx, obj, result);
++    }
+ 
+     if (!obj->nonProxyIsExtensible()) {
+         // If the following assertion fails, there's somewhere else a missing
+         // call to shrinkCapacityToInitializedLength() which needs to be found
+         // and fixed.
+         MOZ_ASSERT_IF(obj->isNative(),
+                       obj->as<NativeObject>().getDenseInitializedLength() ==
+                       obj->as<NativeObject>().getDenseCapacity());
+ 
+         return result.succeed();
+     }
+ 
+-    if (!MaybeConvertUnboxedObjectToNative(cx, obj))
++    if (!MaybeConvertUnboxedObjectToNative(cx, obj)) {
+         return false;
++    }
+ 
+     if (obj->isNative()) {
+         // Force lazy properties to be resolved.
+-        if (!ResolveLazyProperties(cx, obj.as<NativeObject>()))
++        if (!ResolveLazyProperties(cx, obj.as<NativeObject>())) {
+             return false;
++        }
+ 
+         // Prepare the elements. We have to do this before we mark the object
+         // non-extensible; that's fine because these changes are not observable.
+-        if (!ObjectElements::PreventExtensions(cx, &obj->as<NativeObject>()))
++        if (!ObjectElements::PreventExtensions(cx, &obj->as<NativeObject>())) {
+             return false;
+-    }
+-
+-    if (!JSObject::setFlags(cx, obj, BaseShape::NOT_EXTENSIBLE, JSObject::GENERATE_SHAPE))
++        }
++    }
++
++    if (!JSObject::setFlags(cx, obj, BaseShape::NOT_EXTENSIBLE, JSObject::GENERATE_SHAPE)) {
+         return false;
++    }
+ 
+     return result.succeed();
+ }
+ 
+ bool
+ js::PreventExtensions(JSContext* cx, HandleObject obj)
+ {
+     ObjectOpResult result;
+@@ -2787,18 +3018,19 @@ js::PreventExtensions(JSContext* cx, Han
+ }
+ 
+ bool
+ js::GetOwnPropertyDescriptor(JSContext* cx, HandleObject obj, HandleId id,
+                              MutableHandle<PropertyDescriptor> desc)
+ {
+     if (GetOwnPropertyOp op = obj->getOpsGetOwnPropertyDescriptor()) {
+         bool ok = op(cx, obj, id, desc);
+-        if (ok)
++        if (ok) {
+             desc.assertCompleteIfFound();
++        }
+         return ok;
+     }
+ 
+     return NativeGetOwnPropertyDescriptor(cx, obj.as<NativeObject>(), id, desc);
+ }
+ 
+ bool
+ js::DefineProperty(JSContext* cx, HandleObject obj, HandleId id, Handle<PropertyDescriptor> desc)
+@@ -2808,18 +3040,19 @@ js::DefineProperty(JSContext* cx, Handle
+            result.checkStrict(cx, obj, id);
+ }
+ 
+ bool
+ js::DefineProperty(JSContext* cx, HandleObject obj, HandleId id, Handle<PropertyDescriptor> desc,
+                    ObjectOpResult& result)
+ {
+     desc.assertValid();
+-    if (DefinePropertyOp op = obj->getOpsDefineProperty())
++    if (DefinePropertyOp op = obj->getOpsDefineProperty()) {
+         return op(cx, obj, id, desc, result);
++    }
+     return NativeDefineProperty(cx, obj.as<NativeObject>(), id, desc, result);
+ }
+ 
+ bool
+ js::DefineAccessorProperty(JSContext* cx, HandleObject obj, HandleId id,
+                            HandleObject getter, HandleObject setter, unsigned attrs,
+                            ObjectOpResult& result)
+ {
+@@ -2859,43 +3092,46 @@ js::DefineDataProperty(JSContext* cx, Ha
+     return DefineDataProperty(cx, obj, id, value, attrs, result);
+ }
+ 
+ bool
+ js::DefineDataElement(JSContext* cx, HandleObject obj, uint32_t index, HandleValue value,
+                       unsigned attrs, ObjectOpResult& result)
+ {
+     RootedId id(cx);
+-    if (!IndexToId(cx, index, &id))
++    if (!IndexToId(cx, index, &id)) {
+         return false;
++    }
+     return DefineDataProperty(cx, obj, id, value, attrs, result);
+ }
+ 
+ bool
+ js::DefineAccessorProperty(JSContext* cx, HandleObject obj, HandleId id,
+                            HandleObject getter, HandleObject setter, unsigned attrs)
+ {
+     ObjectOpResult result;
+-    if (!DefineAccessorProperty(cx, obj, id, getter, setter, attrs, result))
++    if (!DefineAccessorProperty(cx, obj, id, getter, setter, attrs, result)) {
+         return false;
++    }
+     if (!result) {
+         MOZ_ASSERT(!cx->helperThread());
+         result.reportError(cx, obj, id);
+         return false;
+     }
+     return true;
+ }
+ 
+ bool
+ js::DefineDataProperty(JSContext* cx, HandleObject obj, HandleId id, HandleValue value,
+                        unsigned attrs)
+ {
+     ObjectOpResult result;
+-    if (!DefineDataProperty(cx, obj, id, value, attrs, result))
++    if (!DefineDataProperty(cx, obj, id, value, attrs, result)) {
+         return false;
++    }
+     if (!result) {
+         MOZ_ASSERT(!cx->helperThread());
+         result.reportError(cx, obj, id);
+         return false;
+     }
+     return true;
+ }
+ 
+@@ -2907,59 +3143,65 @@ js::DefineDataProperty(JSContext* cx, Ha
+     return DefineDataProperty(cx, obj, id, value, attrs);
+ }
+ 
+ bool
+ js::DefineDataElement(JSContext* cx, HandleObject obj, uint32_t index, HandleValue value,
+                       unsigned attrs)
+ {
+     RootedId id(cx);
+-    if (!IndexToId(cx, index, &id))
++    if (!IndexToId(cx, index, &id)) {
+         return false;
++    }
+     return DefineDataProperty(cx, obj, id, value, attrs);
+ }
+ 
+ /*** SpiderMonkey nonstandard internal methods ***************************************************/
+ 
+ bool
+ js::SetImmutablePrototype(JSContext* cx, HandleObject obj, bool* succeeded)
+ {
+     if (obj->hasDynamicPrototype()) {
+         MOZ_ASSERT(!cx->helperThread());
+         return Proxy::setImmutablePrototype(cx, obj, succeeded);
+     }
+ 
+-    if (!JSObject::setFlags(cx, obj, BaseShape::IMMUTABLE_PROTOTYPE))
++    if (!JSObject::setFlags(cx, obj, BaseShape::IMMUTABLE_PROTOTYPE)) {
+         return false;
++    }
+     *succeeded = true;
+     return true;
+ }
+ 
+ bool
+ js::GetPropertyDescriptor(JSContext* cx, HandleObject obj, HandleId id,
+                           MutableHandle<PropertyDescriptor> desc)
+ {
+     RootedObject pobj(cx);
+ 
+     for (pobj = obj; pobj;) {
+         if (pobj->is<ProxyObject>()) {
+             bool ok = Proxy::getPropertyDescriptor(cx, pobj, id, desc);
+-            if (ok)
++            if (ok) {
+                 desc.assertCompleteIfFound();
++            }
+             return ok;
+         }
+ 
+-        if (!GetOwnPropertyDescriptor(cx, pobj, id, desc))
++        if (!GetOwnPropertyDescriptor(cx, pobj, id, desc)) {
+             return false;
+-
+-        if (desc.object())
++        }
++
++        if (desc.object()) {
+             return true;
+-
+-        if (!GetPrototype(cx, pobj, &pobj))
++        }
++
++        if (!GetPrototype(cx, pobj, &pobj)) {
+             return false;
++        }
+     }
+ 
+     MOZ_ASSERT(!desc.object());
+     return true;
+ }
+ 
+ /* * */
+ 
+@@ -2967,37 +3209,41 @@ extern bool
+ PropertySpecNameToId(JSContext* cx, const char* name, MutableHandleId id,
+                      js::PinningBehavior pin = js::DoNotPinAtom);
+ 
+ static bool
+ DefineFunctionFromSpec(JSContext* cx, HandleObject obj, const JSFunctionSpec* fs, unsigned flags,
+                        DefineAsIntrinsic intrinsic)
+ {
+     RootedId id(cx);
+-    if (!PropertySpecNameToId(cx, fs->name, &id))
++    if (!PropertySpecNameToId(cx, fs->name, &id)) {
+         return false;
++    }
+ 
+     JSFunction* fun = NewFunctionFromSpec(cx, fs, id);
+-    if (!fun)
++    if (!fun) {
+         return false;
+-
+-    if (intrinsic == AsIntrinsic)
++    }
++
++    if (intrinsic == AsIntrinsic) {
+         fun->setIsIntrinsic();
++    }
+ 
+     RootedValue funVal(cx, ObjectValue(*fun));
+     return DefineDataProperty(cx, obj, id, funVal, flags & ~JSFUN_FLAGS_MASK);
+ }
+ 
+ bool
+ js::DefineFunctions(JSContext* cx, HandleObject obj, const JSFunctionSpec* fs,
+                     DefineAsIntrinsic intrinsic)
+ {
+     for (; fs->name; fs++) {
+-        if (!DefineFunctionFromSpec(cx, obj, fs, fs->flags, intrinsic))
++        if (!DefineFunctionFromSpec(cx, obj, fs, fs->flags, intrinsic)) {
+             return false;
++        }
+     }
+     return true;
+ }
+ 
+ 
+ /*** ToPrimitive *************************************************************/
+ 
+ /*
+@@ -3006,18 +3252,19 @@ js::DefineFunctions(JSContext* cx, Handl
+  * as |this|, returning the result in *vp.
+  *
+  * This is a mini-abstraction for ES6 draft rev 36 (2015 Mar 17),
+  * 7.1.1, second algorithm (OrdinaryToPrimitive), steps 5.a-c.
+  */
+ static bool
+ MaybeCallMethod(JSContext* cx, HandleObject obj, HandleId id, MutableHandleValue vp)
+ {
+-    if (!GetProperty(cx, obj, obj, id, vp))
++    if (!GetProperty(cx, obj, obj, id, vp)) {
+         return false;
++    }
+     if (!IsCallable(vp)) {
+         vp.setObject(*obj);
+         return true;
+     }
+ 
+     return js::Call(cx, vp, obj, vp);
+ }
+ 
+@@ -3025,18 +3272,19 @@ static bool
+ ReportCantConvert(JSContext* cx, unsigned errorNumber, HandleObject obj, JSType hint)
+ {
+     const Class* clasp = obj->getClass();
+ 
+     // Avoid recursive death when decompiling in ReportValueError.
+     RootedString str(cx);
+     if (hint == JSTYPE_STRING) {
+         str = JS_AtomizeAndPinString(cx, clasp->name);
+-        if (!str)
++        if (!str) {
+             return false;
++        }
+     } else {
+         str = nullptr;
+     }
+ 
+     RootedValue val(cx, ObjectValue(*obj));
+     ReportValueError(cx, errorNumber, JSDVG_SEARCH_STACK, val, str,
+                      hint == JSTYPE_UNDEFINED
+                      ? "primitive type"
+@@ -3059,26 +3307,30 @@ JS::OrdinaryToPrimitive(JSContext* cx, H
+         if (clasp == &StringObject::class_) {
+             StringObject* nobj = &obj->as<StringObject>();
+             if (HasNativeMethodPure(nobj, cx->names().toString, str_toString, cx)) {
+                 vp.setString(nobj->unbox());
+                 return true;
+             }
+         }
+ 
+-        if (!MaybeCallMethod(cx, obj, id, vp))
++        if (!MaybeCallMethod(cx, obj, id, vp)) {
+             return false;
+-        if (vp.isPrimitive())
++        }
++        if (vp.isPrimitive()) {
+             return true;
++        }
+ 
+         id = NameToId(cx->names().valueOf);
+-        if (!MaybeCallMethod(cx, obj, id, vp))
++        if (!MaybeCallMethod(cx, obj, id, vp)) {
+             return false;
+-        if (vp.isPrimitive())
++        }
++        if (vp.isPrimitive()) {
+             return true;
++        }
+     } else {
+         id = NameToId(cx->names().valueOf);
+ 
+         /* Optimize new String(...).valueOf(). */
+         if (clasp == &StringObject::class_) {
+             StringObject* nobj = &obj->as<StringObject>();
+             if (HasNativeMethodPure(nobj, cx->names().valueOf, str_toString, cx)) {
+                 vp.setString(nobj->unbox());
+@@ -3090,26 +3342,30 @@ JS::OrdinaryToPrimitive(JSContext* cx, H
+         if (clasp == &NumberObject::class_) {
+             NumberObject* nobj = &obj->as<NumberObject>();
+             if (HasNativeMethodPure(nobj, cx->names().valueOf, num_valueOf, cx)) {
+                 vp.setNumber(nobj->unbox());
+                 return true;
+             }
+         }
+ 
+-        if (!MaybeCallMethod(cx, obj, id, vp))
++        if (!MaybeCallMethod(cx, obj, id, vp)) {
+             return false;
+-        if (vp.isPrimitive())
++        }
++        if (vp.isPrimitive()) {
+             return true;
++        }
+ 
+         id = NameToId(cx->names().toString);
+-        if (!MaybeCallMethod(cx, obj, id, vp))
++        if (!MaybeCallMethod(cx, obj, id, vp)) {
+             return false;
+-        if (vp.isPrimitive())
++        }
++        if (vp.isPrimitive()) {
+             return true;
++        }
+     }
+ 
+     return ReportCantConvert(cx, JSMSG_CANT_CONVERT_TO, obj, hint);
+ }
+ 
+ bool
+ js::ToPrimitiveSlow(JSContext* cx, JSType preferredType, MutableHandleValue vp)
+ {
+@@ -3117,69 +3373,75 @@ js::ToPrimitiveSlow(JSContext* cx, JSTyp
+     // (2015 Mar 17) 7.1.1 ToPrimitive.
+     MOZ_ASSERT(preferredType == JSTYPE_UNDEFINED ||
+                preferredType == JSTYPE_STRING ||
+                preferredType == JSTYPE_NUMBER);
+     RootedObject obj(cx, &vp.toObject());
+ 
+     // Steps 4-5.
+     RootedValue method(cx);
+-    if (!GetInterestingSymbolProperty(cx, obj, cx->wellKnownSymbols().toPrimitive, &method))
++    if (!GetInterestingSymbolProperty(cx, obj, cx->wellKnownSymbols().toPrimitive, &method)) {
+         return false;
++    }
+ 
+     // Step 6.
+     if (!method.isNullOrUndefined()) {
+         // Step 6 of GetMethod. js::Call() below would do this check and throw a
+         // TypeError anyway, but this produces a better error message.
+-        if (!IsCallable(method))
++        if (!IsCallable(method)) {
+             return ReportCantConvert(cx, JSMSG_TOPRIMITIVE_NOT_CALLABLE, obj, preferredType);
++        }
+ 
+         // Steps 1-3, 6.a-b.
+         RootedValue arg0(cx, StringValue(preferredType == JSTYPE_STRING
+                                          ? cx->names().string
+                                          : preferredType == JSTYPE_NUMBER
+                                          ? cx->names().number
+                                          : cx->names().default_));
+ 
+-        if (!js::Call(cx, method, vp, arg0, vp))
++        if (!js::Call(cx, method, vp, arg0, vp)) {
+             return false;
++        }
+ 
+         // Steps 6.c-d.
+-        if (vp.isObject())
++        if (vp.isObject()) {
+             return ReportCantConvert(cx, JSMSG_TOPRIMITIVE_RETURNED_OBJECT, obj, preferredType);
++        }
+         return true;
+     }
+ 
+     return OrdinaryToPrimitive(cx, obj, preferredType, vp);
+ }
+ 
+ /* ES6 draft rev 28 (2014 Oct 14) 7.1.14 */
+ bool
+ js::ToPropertyKeySlow(JSContext* cx, HandleValue argument, MutableHandleId result)
+ {
+     MOZ_ASSERT(argument.isObject());
+ 
+     // Steps 1-2.
+     RootedValue key(cx, argument);
+-    if (!ToPrimitiveSlow(cx, JSTYPE_STRING, &key))
++    if (!ToPrimitiveSlow(cx, JSTYPE_STRING, &key)) {
+         return false;
++    }
+ 
+     // Steps 3-4.
+     return ValueToId<CanGC>(cx, key, result);
+ }
+ 
+ /* * */
+ 
+ bool
+ js::IsPrototypeOf(JSContext* cx, HandleObject protoObj, JSObject* obj, bool* result)
+ {
+     RootedObject obj2(cx, obj);
+     for (;;) {
+-        if (!GetPrototype(cx, obj2, &obj2))
++        if (!GetPrototype(cx, obj2, &obj2)) {
+             return false;
++        }
+         if (!obj2) {
+             *result = false;
+             return true;
+         }
+         if (obj2 == protoObj) {
+             *result = true;
+             return true;
+         }
+@@ -3188,20 +3450,22 @@ js::IsPrototypeOf(JSContext* cx, HandleO
+ 
+ JSObject*
+ js::PrimitiveToObject(JSContext* cx, const Value& v)
+ {
+     if (v.isString()) {
+         Rooted<JSString*> str(cx, v.toString());
+         return StringObject::create(cx, str);
+     }
+-    if (v.isNumber())
++    if (v.isNumber()) {
+         return NumberObject::create(cx, v.toNumber());
+-    if (v.isBoolean())
++    }
++    if (v.isBoolean()) {
+         return BooleanObject::create(cx, v.toBoolean());
++    }
+ #ifdef ENABLE_BIGINT
+     if (v.isSymbol()) {
+         RootedSymbol symbol(cx, v.toSymbol());
+         return SymbolObject::create(cx, symbol);
+     }
+     MOZ_ASSERT(v.isBigInt());
+     RootedBigInt bigInt(cx, v.toBigInt());
+     return BigIntObject::create(cx, bigInt);
+@@ -3269,35 +3533,37 @@ js::ToObjectSlowForPropertyAccess(JSCont
+                                   bool reportScanStack)
+ {
+     MOZ_ASSERT(!val.isMagic());
+     MOZ_ASSERT(!val.isObject());
+ 
+     if (val.isNullOrUndefined()) {
+         RootedId key(cx);
+         if (keyValue.isPrimitive()) {
+-            if (!ValueToId<CanGC>(cx, keyValue, &key))
++            if (!ValueToId<CanGC>(cx, keyValue, &key)) {
+                 return nullptr;
++            }
+             ReportIsNullOrUndefinedForPropertyAccess(cx, val, key, reportScanStack);
+         } else {
+             ReportIsNullOrUndefinedForPropertyAccess(cx, val, reportScanStack);
+         }
+         return nullptr;
+     }
+ 
+     return PrimitiveToObject(cx, val);
+ }
+ 
+ Value
+ js::GetThisValue(JSObject* obj)
+ {
+     // Use the WindowProxy if the global is a Window, as Window must never be
+     // exposed to script.
+-    if (obj->is<GlobalObject>())
++    if (obj->is<GlobalObject>()) {
+         return ObjectValue(*ToWindowProxyIfWindow(obj));
++    }
+ 
+     // We should not expose any environments except NSVOs to script. The NSVO is
+     // pretending to be the global object in this case.
+     MOZ_ASSERT(obj->is<NonSyntacticVariablesObject>() || !obj->is<EnvironmentObject>());
+ 
+     return ObjectValue(*obj);
+ }
+ 
+@@ -3345,43 +3611,47 @@ GetObjectSlotNameFunctor::operator()(JS:
+     }
+ 
+     if (!shape) {
+         do {
+             const char* slotname = nullptr;
+             const char* pattern = nullptr;
+             if (obj->is<GlobalObject>()) {
+                 pattern = "CLASS_OBJECT(%s)";
+-                if (false)
++                if (false) {
+                     ;
++                }
+ #define TEST_SLOT_MATCHES_PROTOTYPE(name,init,clasp) \
+                 else if ((JSProto_##name) == slot) { slotname = js_##name##_str; }
+                 JS_FOR_EACH_PROTOTYPE(TEST_SLOT_MATCHES_PROTOTYPE)
+ #undef TEST_SLOT_MATCHES_PROTOTYPE
+             } else {
+                 pattern = "%s";
+                 if (obj->is<EnvironmentObject>()) {
+                     if (slot == EnvironmentObject::enclosingEnvironmentSlot()) {
+                         slotname = "enclosing_environment";
+                     } else if (obj->is<CallObject>()) {
+-                        if (slot == CallObject::calleeSlot())
++                        if (slot == CallObject::calleeSlot()) {
+                             slotname = "callee_slot";
++                        }
+                     } else if (obj->is<WithEnvironmentObject>()) {
+-                        if (slot == WithEnvironmentObject::objectSlot())
++                        if (slot == WithEnvironmentObject::objectSlot()) {
+                             slotname = "with_object";
+-                        else if (slot == WithEnvironmentObject::thisSlot())
++                        } else if (slot == WithEnvironmentObject::thisSlot()) {
+                             slotname = "with_this";
++                        }
+                     }
+                 }
+             }
+ 
+-            if (slotname)
++            if (slotname) {
+                 snprintf(buf, bufsize, pattern, slotname);
+-            else
++            } else {
+                 snprintf(buf, bufsize, "**UNKNOWN SLOT %" PRIu32 "**", slot);
++            }
+         } while (false);
+     } else {
+         jsid propid = shape->propid();
+         if (JSID_IS_INT(propid)) {
+             snprintf(buf, bufsize, "%" PRId32, JSID_TO_INT(propid));
+         } else if (JSID_IS_ATOM(propid)) {
+             PutEscapedString(buf, bufsize, JSID_TO_ATOM(propid), 0);
+         } else if (JSID_IS_SYMBOL(propid)) {
+@@ -3400,28 +3670,29 @@ GetObjectSlotNameFunctor::operator()(JS:
+  * Routines to print out values during debugging.  These are FRIEND_API to help
+  * the debugger find them and to support temporarily hacking js::Dump* calls
+  * into other code.
+  */
+ 
+ static void
+ dumpValue(const Value& v, js::GenericPrinter& out)
+ {
+-    if (v.isNull())
++    if (v.isNull()) {
+         out.put("null");
+-    else if (v.isUndefined())
++    } else if (v.isUndefined()) {
+         out.put("undefined");
+-    else if (v.isInt32())
++    } else if (v.isInt32()) {
+         out.printf("%d", v.toInt32());
+-    else if (v.isDouble())
++    } else if (v.isDouble()) {
+         out.printf("%g", v.toDouble());
+-    else if (v.isString())
++    } else if (v.isString()) {
+         v.toString()->dumpNoNewline(out);
+-    else if (v.isSymbol())
++    } else if (v.isSymbol()) {
+         v.toSymbol()->dump(out);
++    }
+     else if (v.isObject() && v.toObject().is<JSFunction>()) {
+         JSFunction* fun = &v.toObject().as<JSFunction>();
+         if (fun->displayAtom()) {
+             out.put("<function ");
+             EscapedStringPrinter(out, fun->displayAtom(), 0);
+         } else {
+             out.put("<unnamed function");
+         }
+@@ -3434,20 +3705,21 @@ dumpValue(const Value& v, js::GenericPri
+     } else if (v.isObject()) {
+         JSObject* obj = &v.toObject();
+         const Class* clasp = obj->getClass();
+         out.printf("<%s%s at %p>",
+                 clasp->name,
+                 (clasp == &PlainObject::class_) ? "" : " object",
+                 (void*) obj);
+     } else if (v.isBoolean()) {
+-        if (v.toBoolean())
++        if (v.toBoolean()) {
+             out.put("true");
+-        else
++        } else {
+             out.put("false");
++        }
+     } else if (v.isMagic()) {
+         out.put("<invalid");
+         switch (v.whyMagic()) {
+           case JS_ELEMENTS_HOLE:     out.put(" elements hole");      break;
+           case JS_NO_ITER_VALUE:     out.put(" no iter value");      break;
+           case JS_GENERATOR_CLOSING: out.put(" generator closing");  break;
+           case JS_OPTIMIZED_OUT:     out.put(" optimized out");      break;
+           default:                   out.put(" ?!");                 break;
+@@ -3488,49 +3760,53 @@ js::DumpId(jsid id, js::GenericPrinter& 
+     dumpValue(IdToValue(id), out);
+     out.putChar('\n');
+ }
+ 
+ static void
+ DumpProperty(const NativeObject* obj, Shape& shape, js::GenericPrinter& out)
+ {
+     jsid id = shape.propid();
+-    if (JSID_IS_ATOM(id))
++    if (JSID_IS_ATOM(id)) {
+         JSID_TO_ATOM(id)->dumpCharsNoNewline(out);
+-    else if (JSID_IS_INT(id))
++    } else if (JSID_IS_INT(id)) {
+        out.printf("%d", JSID_TO_INT(id));
+-    else if (JSID_IS_SYMBOL(id))
++    } else if (JSID_IS_SYMBOL(id)) {
+         JSID_TO_SYMBOL(id)->dump(out);
+-    else
++    } else {
+         out.printf("id %p", reinterpret_cast<void*>(JSID_BITS(id)));
++    }
+ 
+     if (shape.isDataProperty()) {
+         out.printf(": ");
+         dumpValue(obj->getSlot(shape.maybeSlot()), out);
+     }
+ 
+     out.printf(" (shape %p", (void*) &shape);
+ 
+     uint8_t attrs = shape.attributes();
+     if (attrs & JSPROP_ENUMERATE) out.put(" enumerate");
+     if (attrs & JSPROP_READONLY) out.put(" readonly");
+     if (attrs & JSPROP_PERMANENT) out.put(" permanent");
+ 
+-    if (shape.hasGetterValue())
++    if (shape.hasGetterValue()) {
+         out.printf(" getterValue %p", shape.getterObject());
+-    else if (!shape.hasDefaultGetter())
++    } else if (!shape.hasDefaultGetter()) {
+         out.printf(" getterOp %p", JS_FUNC_TO_DATA_PTR(void*, shape.getterOp()));
+-
+-    if (shape.hasSetterValue())
++    }
++
++    if (shape.hasSetterValue()) {
+         out.printf(" setterValue %p", shape.setterObject());
+-    else if (!shape.hasDefaultSetter())
++    } else if (!shape.hasDefaultSetter()) {
+         out.printf(" setterOp %p", JS_FUNC_TO_DATA_PTR(void*, shape.setterOp()));
+-
+-    if (shape.isDataProperty())
++    }
++
++    if (shape.isDataProperty()) {
+         out.printf(" slot %d", shape.maybeSlot());
++    }
+ 
+     out.printf(")\n");
+ }
+ 
+ bool
+ JSObject::uninlinedIsProxy() const
+ {
+     return is<ProxyObject>();
+@@ -3570,45 +3846,52 @@ JSObject::dump(js::GenericPrinter& out) 
+     if (!obj->is<ProxyObject>() && !obj->nonProxyIsExtensible()) out.put(" not_extensible");
+     if (obj->maybeHasInterestingSymbolProperty()) out.put(" maybe_has_interesting_symbol");
+     if (obj->isBoundFunction()) out.put(" bound_function");
+     if (obj->isQualifiedVarObj()) out.put(" varobj");
+     if (obj->isUnqualifiedVarObj()) out.put(" unqualified_varobj");
+     if (obj->isIteratedSingleton()) out.put(" iterated_singleton");
+     if (obj->isNewGroupUnknown()) out.put(" new_type_unknown");
+     if (obj->hasUncacheableProto()) out.put(" has_uncacheable_proto");
+-    if (obj->hasStaticPrototype() && obj->staticPrototypeIsImmutable())
++    if (obj->hasStaticPrototype() && obj->staticPrototypeIsImmutable()) {
+         out.put(" immutable_prototype");
++    }
+ 
+     const NativeObject* nobj = obj->isNative() ? &obj->as<NativeObject>() : nullptr;
+     if (nobj) {
+-        if (nobj->inDictionaryMode())
++        if (nobj->inDictionaryMode()) {
+             out.put(" inDictionaryMode");
+-        if (nobj->hasShapeTable())
++        }
++        if (nobj->hasShapeTable()) {
+             out.put(" hasShapeTable");
+-        if (nobj->hadElementsAccess())
++        }
++        if (nobj->hadElementsAccess()) {
+             out.put(" had_elements_access");
+-        if (nobj->isIndexed())
++        }
++        if (nobj->isIndexed()) {
+             out.put(" indexed");
++        }
+     } else {
+         out.put(" not_native\n");
+     }
+     out.putChar('\n');
+ 
+     out.put("  proto ");
+     TaggedProto proto = obj->taggedProto();
+-    if (proto.isDynamic())
++    if (proto.isDynamic()) {
+         out.put("<dynamic>");
+-    else
++    } else {
+         dumpValue(ObjectOrNullValue(proto.toObjectOrNull()), out);
++    }
+     out.putChar('\n');
+ 
+     if (nobj) {
+-        if (clasp->flags & JSCLASS_HAS_PRIVATE)
++        if (clasp->flags & JSCLASS_HAS_PRIVATE) {
+             out.printf("  private %p\n", nobj->getPrivate());
++        }
+ 
+         uint32_t reserved = JSCLASS_RESERVED_SLOTS(clasp);
+         if (reserved) {
+             out.printf("  reserved slots:\n");
+             for (uint32_t i = 0; i < reserved; i++) {
+                 out.printf("    %3d ", i);
+                 out.put(": ");
+                 dumpValue(nobj->getSlot(i), out);
+@@ -3678,31 +3961,33 @@ js::DumpInterpreterFrame(JSContext* cx, 
+     /* This should only called during live debugging. */
+     ScriptFrameIter i(cx);
+     if (!start) {
+         if (i.done()) {
+             out.printf("no stack for cx = %p\n", (void*) cx);
+             return;
+         }
+     } else {
+-        while (!i.done() && !i.isJSJit() && i.interpFrame() != start)
++        while (!i.done() && !i.isJSJit() && i.interpFrame() != start) {
+             ++i;
++        }
+ 
+         if (i.done()) {
+             out.printf("fp = %p not found in cx = %p\n",
+                     (void*)start, (void*)cx);
+             return;
+         }
+     }
+ 
+     for (; !i.done(); ++i) {
+-        if (i.isJSJit())
++        if (i.isJSJit()) {
+             out.put("JIT frame\n");
+-        else
++        } else {
+             out.printf("InterpreterFrame at %p\n", (void*) i.interpFrame());
++        }
+ 
+         if (i.isFunctionFrame()) {
+             out.put("callee fun: ");
+             RootedValue v(cx);
+             JSObject* fun = i.callee(cx);
+             v.setObject(*fun);
+             dumpValue(v, out);
+         } else {
+@@ -3713,31 +3998,35 @@ js::DumpInterpreterFrame(JSContext* cx, 
+         out.printf("file %s line %u\n",
+                 i.script()->filename(), i.script()->lineno());
+ 
+         if (jsbytecode* pc = i.pc()) {
+             out.printf("  pc = %p\n", pc);
+             out.printf("  current op: %s\n", CodeName[*pc]);
+             MaybeDumpScope(i.script()->lookupScope(pc), out);
+         }
+-        if (i.isFunctionFrame())
++        if (i.isFunctionFrame()) {
+             MaybeDumpValue("this", i.thisArgument(cx), out);
++        }
+         if (!i.isJSJit()) {
+             out.put("  rval: ");
+             dumpValue(i.interpFrame()->returnValue(), out);
+             out.putChar('\n');
+         }
+ 
+         out.put("  flags:");
+-        if (i.isConstructing())
++        if (i.isConstructing()) {
+             out.put(" constructing");
+-        if (!i.isJSJit() && i.interpFrame()->isDebuggerEvalFrame())
++        }
++        if (!i.isJSJit() && i.interpFrame()->isDebuggerEvalFrame()) {
+             out.put(" debugger eval");
+-        if (i.isEvalFrame())
++        }
++        if (i.isEvalFrame()) {
+             out.put(" eval");
++        }
+         out.putChar('\n');
+ 
+         out.printf("  envChain: (JSObject*) %p\n", (void*) i.environmentChain(cx));
+ 
+         out.putChar('\n');
+     }
+ }
+ 
+@@ -3809,71 +4098,77 @@ JSObject::allocKindForTenure(const js::N
+ 
+     MOZ_ASSERT(IsInsideNursery(this));
+ 
+     if (is<ArrayObject>()) {
+         const ArrayObject& aobj = as<ArrayObject>();
+         MOZ_ASSERT(aobj.numFixedSlots() == 0);
+ 
+         /* Use minimal size object if we are just going to copy the pointer. */
+-        if (!nursery.isInside(aobj.getElementsHeader()))
++        if (!nursery.isInside(aobj.getElementsHeader())) {
+             return gc::AllocKind::OBJECT0_BACKGROUND;
++        }
+ 
+         size_t nelements = aobj.getDenseCapacity();
+         return GetBackgroundAllocKind(GetGCArrayKind(nelements));
+     }
+ 
+     // Unboxed plain objects are sized according to the data they store.
+     if (is<UnboxedPlainObject>()) {
+         size_t nbytes = as<UnboxedPlainObject>().layoutDontCheckGeneration().size();
+         return GetGCObjectKindForBytes(UnboxedPlainObject::offsetOfData() + nbytes);
+     }
+ 
+-    if (is<JSFunction>())
++    if (is<JSFunction>()) {
+         return as<JSFunction>().getAllocKind();
++    }
+ 
+     /*
+      * Typed arrays in the nursery may have a lazily allocated buffer, make
+      * sure there is room for the array's fixed data when moving the array.
+      */
+     if (is<TypedArrayObject>() && !as<TypedArrayObject>().hasBuffer()) {
+         size_t nbytes = as<TypedArrayObject>().byteLength();
+-        if (as<TypedArrayObject>().hasInlineElements())
++        if (as<TypedArrayObject>().hasInlineElements()) {
+             return GetBackgroundAllocKind(TypedArrayObject::AllocKindForLazyBuffer(nbytes));
++        }
+         return GetGCObjectKind(getClass());
+     }
+ 
+     // Proxies that are CrossCompartmentWrappers may be nursery allocated.
+-    if (IsProxy(this))
++    if (IsProxy(this)) {
+         return as<ProxyObject>().allocKindForTenure();
++    }
+ 
+     // Inlined typed objects are followed by their data, so make sure we copy
+     // it all over to the new object.
+     if (is<InlineTypedObject>()) {
+         // Figure out the size of this object, from the prototype's TypeDescr.
+         // The objects we are traversing here are all tenured, so we don't need
+         // to check forwarding pointers.
+         TypeDescr& descr = as<InlineTypedObject>().typeDescr();
+         MOZ_ASSERT(!IsInsideNursery(&descr));
+         return InlineTypedObject::allocKindForTypeDescriptor(&descr);
+     }
+ 
+     // Outline typed objects use the minimum allocation kind.
+-    if (is<OutlineTypedObject>())
++    if (is<OutlineTypedObject>()) {
+         return gc::AllocKind::OBJECT0;
++    }
+ 
+     // All nursery allocatable non-native objects are handled above.
+     return as<NativeObject>().allocKindForTenure();
+ }
+ 
+ void
+ JSObject::addSizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf, JS::ClassInfo* info)
+ {
+-    if (is<NativeObject>() && as<NativeObject>().hasDynamicSlots())
++    if (is<NativeObject>() && as<NativeObject>().hasDynamicSlots()) {
+         info->objectsMallocHeapSlots += mallocSizeOf(as<NativeObject>().slots_);
++    }
+ 
+     if (is<NativeObject>() && as<NativeObject>().hasDynamicElements()) {
+         js::ObjectElements* elements = as<NativeObject>().getElementsHeader();
+         if (!elements->isCopyOnWrite() || elements->ownerObject() == this) {
+             void* allocatedElements = as<NativeObject>().getUnshiftedElementsHeader();
+             info->objectsMallocHeapElementsNormal += mallocSizeOf(allocatedElements);
+         }
+     }
+@@ -3934,49 +4229,53 @@ JSObject::sizeOfIncludingThisInNursery()
+     if (is<NativeObject>()) {
+         const NativeObject& native = as<NativeObject>();
+ 
+         size += native.numFixedSlots() * sizeof(Value);
+         size += native.numDynamicSlots() * sizeof(Value);
+ 
+         if (native.hasDynamicElements()) {
+             js::ObjectElements& elements = *native.getElementsHeader();
+-            if (!elements.isCopyOnWrite() || elements.ownerObject() == this)
++            if (!elements.isCopyOnWrite() || elements.ownerObject() == this) {
+                 size += (elements.capacity + elements.numShiftedElements()) * sizeof(HeapSlot);
++            }
+         }
+ 
+-        if (is<ArgumentsObject>())
++        if (is<ArgumentsObject>()) {
+             size += as<ArgumentsObject>().sizeOfData();
++        }
+     }
+ 
+     return size;
+ }
+ 
+ JS::ubi::Node::Size
+ JS::ubi::Concrete<JSObject>::size(mozilla::MallocSizeOf mallocSizeOf) const
+ {
+     JSObject& obj = get();
+ 
+-    if (!obj.isTenured())
++    if (!obj.isTenured()) {
+         return obj.sizeOfIncludingThisInNursery();
++    }
+ 
+     JS::ClassInfo info;
+     obj.addSizeOfExcludingThis(mallocSizeOf, &info);
+     return obj.tenuredSizeOfThis() + info.sizeOfAllThings();
+ }
+ 
+ const char16_t JS::ubi::Concrete<JSObject>::concreteTypeName[] = u"JSObject";
+ 
+ void
+ JSObject::traceChildren(JSTracer* trc)
+ {
+     TraceEdge(trc, &group_, "group");
+ 
+-    if (is<ShapedObject>())
++    if (is<ShapedObject>()) {
+         as<ShapedObject>().traceShape(trc);
++    }
+ 
+     const Class* clasp = group_->clasp();
+     if (clasp->isNative()) {
+         NativeObject* nobj = &as<NativeObject>();
+ 
+         {
+             GetObjectSlotNameFunctor func(nobj);
+             JS::AutoTracingDetails ctx(trc, func);
+@@ -4005,47 +4304,51 @@ JSObject::traceChildren(JSTracer* trc)
+                        nobj->getDenseInitializedLength(),
+                        static_cast<HeapSlot*>(nobj->getDenseElementsAllowCopyOnWrite()),
+                        "objectElements");
+         } while (false);
+     }
+ 
+     // Call the trace hook at the end so that during a moving GC the trace hook
+     // will see updated fields and slots.
+-    if (clasp->hasTrace())
++    if (clasp->hasTrace()) {
+         clasp->doTrace(trc, this);
++    }
+ }
+ 
+ static JSAtom*
+ displayAtomFromObjectGroup(ObjectGroup& group)
+ {
+     AutoSweepObjectGroup sweep(&group);
+     TypeNewScript* script = group.newScript(sweep);
+-    if (!script)
++    if (!script) {
+         return nullptr;
++    }
+ 
+     return script->function()->displayAtom();
+ }
+ 
+ /* static */ bool
+ JSObject::constructorDisplayAtom(JSContext* cx, js::HandleObject obj, js::MutableHandleAtom name)
+ {
+     ObjectGroup *g = JSObject::getGroup(cx, obj);
+-    if (!g)
++    if (!g) {
+         return false;
++    }
+ 
+     name.set(displayAtomFromObjectGroup(*g));
+     return true;
+ }
+ 
+ JSAtom*
+ JSObject::maybeConstructorDisplayAtom() const
+ {
+-    if (hasLazyGroup())
++    if (hasLazyGroup()) {
+         return nullptr;
++    }
+     return displayAtomFromObjectGroup(*group());
+ }
+ 
+ // ES 2016 7.3.20.
+ MOZ_MUST_USE JSObject*
+ js::SpeciesConstructor(JSContext* cx, HandleObject obj, HandleObject defaultCtor,
+                        bool (*isDefaultSpecies)(JSContext*, JSFunction*))
+ {
+@@ -4066,99 +4369,108 @@ js::SpeciesConstructor(JSContext* cx, Ha
+         if (GetGetterPure(cx, defaultCtor, speciesId, &getter) && getter &&
+             isDefaultSpecies(cx, getter))
+         {
+             return defaultCtor;
+         }
+     }
+ 
+     // Step 2.
+-    if (!ctorGetSucceeded && !GetProperty(cx, obj, obj, cx->names().constructor, &ctor))
++    if (!ctorGetSucceeded && !GetProperty(cx, obj, obj, cx->names().constructor, &ctor)) {
+         return nullptr;
++    }
+ 
+     // Step 3.
+-    if (ctor.isUndefined())
++    if (ctor.isUndefined()) {
+         return defaultCtor;
++    }
+ 
+     // Step 4.
+     if (!ctor.isObject()) {
+         JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_NOT_NONNULL_OBJECT,
+                                   "object's 'constructor' property");
+         return nullptr;
+     }
+ 
+     // Step 5.
+     RootedObject ctorObj(cx, &ctor.toObject());
+     RootedValue s(cx);
+     RootedId speciesId(cx, SYMBOL_TO_JSID(cx->wellKnownSymbols().species));
+-    if (!GetProperty(cx, ctorObj, ctor, speciesId, &s))
++    if (!GetProperty(cx, ctorObj, ctor, speciesId, &s)) {
+         return nullptr;
++    }
+ 
+     // Step 6.
+-    if (s.isNullOrUndefined())
++    if (s.isNullOrUndefined()) {
+         return defaultCtor;
++    }
+ 
+     // Step 7.
+-    if (IsConstructor(s))
++    if (IsConstructor(s)) {
+         return &s.toObject();
++    }
+ 
+     // Step 8.
+     JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr, JSMSG_NOT_CONSTRUCTOR,
+                               "[Symbol.species] property of object's constructor");
+     return nullptr;
+ }
+ 
+ MOZ_MUST_USE JSObject*
+ js::SpeciesConstructor(JSContext* cx, HandleObject obj, JSProtoKey ctorKey,
+                        bool (*isDefaultSpecies)(JSContext*, JSFunction*))
+ {
+     RootedObject defaultCtor(cx, GlobalObject::getOrCreateConstructor(cx, ctorKey));
+-    if (!defaultCtor)
++    if (!defaultCtor) {
+         return nullptr;
++    }
+     return SpeciesConstructor(cx, obj, defaultCtor, isDefaultSpecies);
+ }
+ 
+ bool
+ js::Unbox(JSContext* cx, HandleObject obj, MutableHandleValue vp)
+ {
+-    if (MOZ_UNLIKELY(obj->is<ProxyObject>()))
++    if (MOZ_UNLIKELY(obj->is<ProxyObject>())) {
+         return Proxy::boxedValue_unbox(cx, obj, vp);
+-
+-    if (obj->is<BooleanObject>())
++    }
++
++    if (obj->is<BooleanObject>()) {
+         vp.setBoolean(obj->as<BooleanObject>().unbox());
+-    else if (obj->is<NumberObject>())
++    } else if (obj->is<NumberObject>()) {
+         vp.setNumber(obj->as<NumberObject>().unbox());
+-    else if (obj->is<StringObject>())
++    } else if (obj->is<StringObject>()) {
+         vp.setString(obj->as<StringObject>().unbox());
+-    else if (obj->is<DateObject>())
++    } else if (obj->is<DateObject>()) {
+         vp.set(obj->as<DateObject>().UTCTime());
+-    else if (obj->is<SymbolObject>())
++    } else if (obj->is<SymbolObject>()) {
+         vp.setSymbol(obj->as<SymbolObject>().unbox());
+ #ifdef ENABLE_BIGINT
+-    else if (obj->is<BigIntObject>())
++    } else if (obj->is<BigIntObject>()) {
+         vp.setBigInt(obj->as<BigIntObject>().unbox());
+ #endif
+-    else
++    } else {
+         vp.setUndefined();
++    }
+ 
+     return true;
+ }
+ 
+ #ifdef DEBUG
+ /* static */ void
+ JSObject::debugCheckNewObject(ObjectGroup* group, Shape* shape, js::gc::AllocKind allocKind,
+                               js::gc::InitialHeap heap)
+ {
+     const js::Class* clasp = group->clasp();
+     MOZ_ASSERT(clasp != &ArrayObject::class_);
+ 
+-    if (shape)
++    if (shape) {
+         MOZ_ASSERT(clasp == shape->getObjectClass());
+-    else
++    } else {
+         MOZ_ASSERT(clasp == &UnboxedPlainObject::class_);
++    }
+ 
+     if (!ClassCanHaveFixedData(clasp)) {
+         MOZ_ASSERT(shape);
+         MOZ_ASSERT(gc::GetGCKindSlots(allocKind, clasp) == shape->numFixedSlots());
+     }
+ 
+     // Classes with a finalizer must specify whether instances will be finalized
+     // on the main thread or in the background, except proxies whose behaviour
+diff --git a/js/src/vm/JSObject.h b/js/src/vm/JSObject.h
+--- a/js/src/vm/JSObject.h
++++ b/js/src/vm/JSObject.h
+@@ -606,49 +606,53 @@ struct JSObject_Slots2 : JSObject { void
+ struct JSObject_Slots4 : JSObject { void* data[2]; js::Value fslots[4]; };
+ struct JSObject_Slots8 : JSObject { void* data[2]; js::Value fslots[8]; };
+ struct JSObject_Slots12 : JSObject { void* data[2]; js::Value fslots[12]; };
+ struct JSObject_Slots16 : JSObject { void* data[2]; js::Value fslots[16]; };
+ 
+ /* static */ MOZ_ALWAYS_INLINE void
+ JSObject::readBarrier(JSObject* obj)
+ {
+-    if (obj && obj->isTenured())
++    if (obj && obj->isTenured()) {
+         obj->asTenured().readBarrier(&obj->asTenured());
++    }
+ }
+ 
+ /* static */ MOZ_ALWAYS_INLINE void
+ JSObject::writeBarrierPre(JSObject* obj)
+ {
+-    if (obj && obj->isTenured())
++    if (obj && obj->isTenured()) {
+         obj->asTenured().writeBarrierPre(&obj->asTenured());
++    }
+ }
+ 
+ /* static */ MOZ_ALWAYS_INLINE void
+ JSObject::writeBarrierPost(void* cellp, JSObject* prev, JSObject* next)
+ {
+     MOZ_ASSERT(cellp);
+ 
+     // If the target needs an entry, add it.
+     js::gc::StoreBuffer* buffer;
+     if (next && (buffer = next->storeBuffer())) {
+         // If we know that the prev has already inserted an entry, we can skip
+         // doing the lookup to add the new entry. Note that we cannot safely
+         // assert the presence of the entry because it may have been added
+         // via a different store buffer.
+-        if (prev && prev->storeBuffer())
++        if (prev && prev->storeBuffer()) {
+             return;
++        }
+         buffer->putCell(static_cast<js::gc::Cell**>(cellp));
+         return;
+     }
+ 
+     // Remove the prev entry if the new value does not need it. There will only
+     // be a prev entry if the prev value was in the nursery.
+-    if (prev && (buffer = prev->storeBuffer()))
++    if (prev && (buffer = prev->storeBuffer())) {
+         buffer->unputCell(static_cast<js::gc::Cell**>(cellp));
++    }
+ }
+ 
+ namespace js {
+ 
+ /*** Standard internal methods ********************************************************************
+  *
+  * The functions below are the fundamental operations on objects. See the
+  * comment about "Standard internal methods" in jsapi.h.
+@@ -966,26 +970,28 @@ DefineFunctions(JSContext* cx, HandleObj
+ 
+ /* ES6 draft rev 36 (2015 March 17) 7.1.1 ToPrimitive(vp[, preferredType]) */
+ extern bool
+ ToPrimitiveSlow(JSContext* cx, JSType hint, MutableHandleValue vp);
+ 
+ inline bool
+ ToPrimitive(JSContext* cx, MutableHandleValue vp)
+ {
+-    if (vp.isPrimitive())
++    if (vp.isPrimitive()) {
+         return true;
++    }
+     return ToPrimitiveSlow(cx, JSTYPE_UNDEFINED, vp);
+ }
+ 
+ inline bool
+ ToPrimitive(JSContext* cx, JSType preferredType, MutableHandleValue vp)
+ {
+-    if (vp.isPrimitive())
++    if (vp.isPrimitive()) {
+         return true;
++    }
+     return ToPrimitiveSlow(cx, preferredType, vp);
+ }
+ 
+ /*
+  * toString support. (This isn't called GetClassName because there's a macro in
+  * <windows.h> with that name.)
+  */
+ MOZ_ALWAYS_INLINE const char*
+@@ -1019,20 +1025,22 @@ inline gc::InitialHeap
+ GetInitialHeap(NewObjectKind newKind, const Class* clasp)
+ {
+     if (newKind == NurseryAllocatedProxy) {
+         MOZ_ASSERT(clasp->isProxy());
+         MOZ_ASSERT(clasp->hasFinalize());
+         MOZ_ASSERT(!CanNurseryAllocateFinalizedClass(clasp));
+         return gc::DefaultHeap;
+     }
+-    if (newKind != GenericObject)
++    if (newKind != GenericObject) {
+         return gc::TenuredHeap;
+-    if (clasp->hasFinalize() && !CanNurseryAllocateFinalizedClass(clasp))
++    }
++    if (clasp->hasFinalize() && !CanNurseryAllocateFinalizedClass(clasp)) {
+         return gc::TenuredHeap;
++    }
+     return gc::DefaultHeap;
+ }
+ 
+ bool
+ NewObjectWithTaggedProtoIsCachable(JSContext* cx, Handle<TaggedProto> proto,
+                                    NewObjectKind newKind, const Class* clasp);
+ 
+ // ES6 9.1.15 GetPrototypeFromConstructor.
+@@ -1190,50 +1198,54 @@ PrimitiveToObject(JSContext* cx, const V
+ } /* namespace js */
+ 
+ namespace js {
+ 
+ /* For converting stack values to objects. */
+ MOZ_ALWAYS_INLINE JSObject*
+ ToObjectFromStack(JSContext* cx, HandleValue vp)
+ {
+-    if (vp.isObject())
++    if (vp.isObject()) {
+         return &vp.toObject();
++    }
+     return js::ToObjectSlow(cx, vp, true);
+ }
+ 
+ JSObject*
+ ToObjectSlowForPropertyAccess(JSContext* cx, JS::HandleValue val, HandleId key,
+                               bool reportScanStack);
+ JSObject*
+ ToObjectSlowForPropertyAccess(JSContext* cx, JS::HandleValue val, HandlePropertyName key,
+                               bool reportScanStack);
+ JSObject*
+ ToObjectSlowForPropertyAccess(JSContext* cx, JS::HandleValue val, HandleValue keyValue,
+                               bool reportScanStack);
+ 
+ MOZ_ALWAYS_INLINE JSObject*
+ ToObjectFromStackForPropertyAccess(JSContext* cx, HandleValue vp, HandleId key)
+ {
+-    if (vp.isObject())
++    if (vp.isObject()) {
+         return &vp.toObject();
++    }
+     return js::ToObjectSlowForPropertyAccess(cx, vp, key, true);
+ }
+ MOZ_ALWAYS_INLINE JSObject*
+ ToObjectFromStackForPropertyAccess(JSContext* cx, HandleValue vp, HandlePropertyName key)
+ {
+-    if (vp.isObject())
++    if (vp.isObject()) {
+         return &vp.toObject();
++    }
+     return js::ToObjectSlowForPropertyAccess(cx, vp, key, true);
+ }
+ MOZ_ALWAYS_INLINE JSObject*
+ ToObjectFromStackForPropertyAccess(JSContext* cx, HandleValue vp, HandleValue key)
+ {
+-    if (vp.isObject())
++    if (vp.isObject()) {
+         return &vp.toObject();
++    }
+     return js::ToObjectSlowForPropertyAccess(cx, vp, key, true);
+ }
+ 
+ template<XDRMode mode>
+ XDRResult
+ XDRObjectLiteral(XDRState<mode>* xdr, MutableHandleObject obj);
+ 
+ /*
+@@ -1241,51 +1253,54 @@ XDRObjectLiteral(XDRState<mode>* xdr, Mu
+  * Using NotNullObject is usually less code.
+  */
+ extern void
+ ReportNotObject(JSContext* cx, HandleValue v);
+ 
+ inline JSObject*
+ NonNullObject(JSContext* cx, HandleValue v)
+ {
+-    if (v.isObject())
++    if (v.isObject()) {
+         return &v.toObject();
++    }
+     ReportNotObject(cx, v);
+     return nullptr;
+ }
+ 
+ 
+ /*
+  * Report a TypeError: "N-th argument of FUN must be an object, got VALUE".
+  * Using NotNullObjectArg is usually less code.
+  */
+ extern void
+ ReportNotObjectArg(JSContext* cx, const char* nth, const char* fun, HandleValue v);
+ 
+ inline JSObject*
+ NonNullObjectArg(JSContext* cx, const char* nth, const char* fun, HandleValue v)
+ {
+-    if (v.isObject())
++    if (v.isObject()) {
+         return &v.toObject();
++    }
+     ReportNotObjectArg(cx, nth, fun, v);
+     return nullptr;
+ }
+ 
+ /*
+  * Report a TypeError: "SOMETHING must be an object, got VALUE".
+  * Using NotNullObjectWithName is usually less code.
+  */
+ extern void
+ ReportNotObjectWithName(JSContext* cx, const char* name, HandleValue v);
+ 
+ inline JSObject*
+ NonNullObjectWithName(JSContext* cx, const char* name, HandleValue v)
+ {
+-    if (v.isObject())
++    if (v.isObject()) {
+         return &v.toObject();
++    }
+     ReportNotObjectWithName(cx, name, v);
+     return nullptr;
+ }
+ 
+ 
+ extern bool
+ GetFirstArgumentAsObject(JSContext* cx, const CallArgs& args, const char* method,
+                          MutableHandleObject objp);
+@@ -1327,17 +1342,18 @@ SpeciesConstructor(JSContext* cx, Handle
+ extern bool
+ GetObjectFromIncumbentGlobal(JSContext* cx, MutableHandleObject obj);
+ 
+ 
+ #ifdef DEBUG
+ inline bool
+ IsObjectValueInCompartment(const Value& v, JS::Compartment* comp)
+ {
+-    if (!v.isObject())
++    if (!v.isObject()) {
+         return true;
++    }
+     return v.toObject().compartment() == comp;
+ }
+ #endif
+ 
+ }  /* namespace js */
+ 
+ #endif /* vm_JSObject_h */
+diff --git a/js/src/vm/JSScript-inl.h b/js/src/vm/JSScript-inl.h
+--- a/js/src/vm/JSScript-inl.h
++++ b/js/src/vm/JSScript-inl.h
+@@ -75,44 +75,47 @@ ScriptAndCounts::ScriptAndCounts(ScriptA
+ void
+ SetFrameArgumentsObject(JSContext* cx, AbstractFramePtr frame,
+                         HandleScript script, JSObject* argsobj);
+ 
+ /* static */ inline JSFunction*
+ LazyScript::functionDelazifying(JSContext* cx, Handle<LazyScript*> script)
+ {
+     RootedFunction fun(cx, script->function_);
+-    if (script->function_ && !JSFunction::getOrCreateScript(cx, fun))
++    if (script->function_ && !JSFunction::getOrCreateScript(cx, fun)) {
+         return nullptr;
++    }
+     return script->function_;
+ }
+ 
+ } // namespace js
+ 
+ inline JSFunction*
+ JSScript::functionDelazifying() const
+ {
+     JSFunction* fun = function();
+     if (fun && fun->isInterpretedLazy()) {
+         fun->setUnlazifiedScript(const_cast<JSScript*>(this));
+         // If this script has a LazyScript, make sure the LazyScript has a
+         // reference to the script when delazifying its canonical function.
+-        if (lazyScript && !lazyScript->maybeScript())
++        if (lazyScript && !lazyScript->maybeScript()) {
+             lazyScript->initScript(const_cast<JSScript*>(this));
++        }
+     }
+     return fun;
+ }
+ 
+ inline void
+ JSScript::ensureNonLazyCanonicalFunction()
+ {
+     // Infallibly delazify the canonical script.
+     JSFunction* fun = function();
+-    if (fun && fun->isInterpretedLazy())
++    if (fun && fun->isInterpretedLazy()) {
+         functionDelazifying();
++    }
+ }
+ 
+ inline JSFunction*
+ JSScript::getFunction(size_t index)
+ {
+     JSObject* obj = getObject(index);
+     MOZ_RELEASE_ASSERT(obj->is<JSFunction>(), "Script object is not JSFunction");
+     JSFunction* fun = &obj->as<JSFunction>();
+@@ -163,48 +166,52 @@ JSScript::maybeNamedLambdaScope() const
+     return nullptr;
+ }
+ 
+ inline js::Shape*
+ JSScript::initialEnvironmentShape() const
+ {
+     js::Scope* scope = bodyScope();
+     if (scope->is<js::FunctionScope>()) {
+-        if (js::Shape* envShape = scope->environmentShape())
++        if (js::Shape* envShape = scope->environmentShape()) {
+             return envShape;
+-        if (js::Scope* namedLambdaScope = maybeNamedLambdaScope())
++        }
++        if (js::Scope* namedLambdaScope = maybeNamedLambdaScope()) {
+             return namedLambdaScope->environmentShape();
++        }
+     } else if (scope->is<js::EvalScope>()) {
+         return scope->environmentShape();
+     }
+     return nullptr;
+ }
+ 
+ inline JSPrincipals*
+ JSScript::principals()
+ {
+     return realm()->principals();
+ }
+ 
+ inline void
+ JSScript::setBaselineScript(JSRuntime* rt, js::jit::BaselineScript* baselineScript)
+ {
+-    if (hasBaselineScript())
++    if (hasBaselineScript()) {
+         js::jit::BaselineScript::writeBarrierPre(zone(), baseline);
++    }
+     MOZ_ASSERT(!ion || ion == ION_DISABLED_SCRIPT);
+     baseline = baselineScript;
+     resetWarmUpResetCounter();
+     updateJitCodeRaw(rt);
+ }
+ 
+ inline bool
+ JSScript::ensureHasAnalyzedArgsUsage(JSContext* cx)
+ {
+-    if (analyzedArgsUsage())
++    if (analyzedArgsUsage()) {
+         return true;
++    }
+     return js::jit::AnalyzeArgumentsUsage(cx, this);
+ }
+ 
+ inline bool
+ JSScript::isDebuggee() const
+ {
+     return realm_->debuggerObservesAllExecution() || bitFields_.hasDebugScript_;
+ }
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -120,71 +120,84 @@ js::XDRScriptConst(XDRState<mode>* xdr, 
+         }
+     }
+ 
+     MOZ_TRY(xdr->codeEnum32(&tag));
+ 
+     switch (tag) {
+       case SCRIPT_INT: {
+         uint32_t i;
+-        if (mode == XDR_ENCODE)
++        if (mode == XDR_ENCODE) {
+             i = uint32_t(vp.toInt32());
++        }
+         MOZ_TRY(xdr->codeUint32(&i));
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.set(Int32Value(int32_t(i)));
++        }
+         break;
+       }
+       case SCRIPT_DOUBLE: {
+         double d;
+-        if (mode == XDR_ENCODE)
++        if (mode == XDR_ENCODE) {
+             d = vp.toDouble();
++        }
+         MOZ_TRY(xdr->codeDouble(&d));
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.set(DoubleValue(d));
++        }
+         break;
+       }
+       case SCRIPT_ATOM: {
+         RootedAtom atom(cx);
+-        if (mode == XDR_ENCODE)
++        if (mode == XDR_ENCODE) {
+             atom = &vp.toString()->asAtom();
++        }
+         MOZ_TRY(XDRAtom(xdr, &atom));
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.set(StringValue(atom));
++        }
+         break;
+       }
+       case SCRIPT_TRUE:
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.set(BooleanValue(true));
++        }
+         break;
+       case SCRIPT_FALSE:
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.set(BooleanValue(false));
++        }
+         break;
+       case SCRIPT_NULL:
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.set(NullValue());
++        }
+         break;
+       case SCRIPT_OBJECT: {
+         RootedObject obj(cx);
+-        if (mode == XDR_ENCODE)
++        if (mode == XDR_ENCODE) {
+             obj = &vp.toObject();
++        }
+ 
+         MOZ_TRY(XDRObjectLiteral(xdr, &obj));
+ 
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.setObject(*obj);
++        }
+         break;
+       }
+       case SCRIPT_VOID:
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.set(UndefinedValue());
++        }
+         break;
+       case SCRIPT_HOLE:
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             vp.setMagic(JS_ELEMENTS_HOLE);
++        }
+         break;
+       default:
+         // Fail in debug, but only soft-fail in release
+         MOZ_ASSERT(false, "Bad XDR value kind");
+         return xdr->fail(JS::TranscodeResult_Failure_BadDecode);
+     }
+     return Ok();
+ }
+@@ -206,23 +219,25 @@ XDRLazyClosedOverBindings(XDRState<mode>
+         uint8_t endOfScopeSentinel;
+         if (mode == XDR_ENCODE) {
+             atom = lazy->closedOverBindings()[i];
+             endOfScopeSentinel = !atom;
+         }
+ 
+         MOZ_TRY(xdr->codeUint8(&endOfScopeSentinel));
+ 
+-        if (endOfScopeSentinel)
++        if (endOfScopeSentinel) {
+             atom = nullptr;
+-        else
++        } else {
+             MOZ_TRY(XDRAtom(xdr, &atom));
+-
+-        if (mode == XDR_DECODE)
++        }
++
++        if (mode == XDR_DECODE) {
+             lazy->closedOverBindings()[i] = atom;
++        }
+     }
+ 
+     return Ok();
+ }
+ 
+ // Code the missing part needed to re-create a LazyScript from a JSScript.
+ template<XDRMode mode>
+ static XDRResult
+@@ -259,18 +274,19 @@ XDRRelazificationInfo(XDRState<mode>* xd
+ 
+         MOZ_TRY(xdr->codeUint64(&packedFields));
+ 
+         if (mode == XDR_DECODE) {
+             RootedScriptSourceObject sourceObject(cx, &script->scriptSourceUnwrap());
+             lazy.set(LazyScript::CreateForXDR(cx, fun, script, enclosingScope, sourceObject,
+                                               packedFields, sourceStart, sourceEnd, toStringStart,
+                                               lineno, column));
+-            if (!lazy)
++            if (!lazy) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+ 
+             lazy->setToStringEnd(toStringEnd);
+ 
+             // As opposed to XDRLazyScript, we need to restore the runtime bits
+             // of the script, as we are trying to match the fact this function
+             // has already been parsed and that it would need to be re-lazified.
+             lazy->initRuntimeFields(packedFields);
+         }
+@@ -287,18 +303,19 @@ XDRRelazificationInfo(XDRState<mode>* xd
+ 
+ static inline uint32_t
+ FindScopeIndex(JSScript* script, Scope& scope)
+ {
+     ScopeArray* scopes = script->scopes();
+     GCPtrScope* vector = scopes->vector;
+     unsigned length = scopes->length;
+     for (uint32_t i = 0; i < length; ++i) {
+-        if (vector[i] == &scope)
++        if (vector[i] == &scope) {
+             return i;
++        }
+     }
+ 
+     MOZ_CRASH("Scope not found");
+ }
+ 
+ enum XDRClassKind {
+     CK_RegexpObject,
+     CK_JSFunction,
+@@ -368,96 +385,126 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+             if (!realm->creationOptions().cloneSingletons() ||
+                 !realm->behaviors().getSingletonsAsTemplates())
+             {
+                 return xdr->fail(JS::TranscodeResult_Failure_RunOnceNotSupported);
+             }
+         }
+     }
+ 
+-    if (mode == XDR_ENCODE)
++    if (mode == XDR_ENCODE) {
+         length = script->length();
++    }
+     MOZ_TRY(xdr->codeUint32(&length));
+ 
+     if (mode == XDR_ENCODE) {
+         prologueLength = script->mainOffset();
+         lineno = script->lineno();
+         column = script->column();
+         nfixed = script->nfixed();
+         nslots = script->nslots();
+ 
+         bodyScopeIndex = script->bodyScopeIndex();
+         natoms = script->natoms();
+ 
+         nsrcnotes = script->numNotes();
+ 
+-        if (script->hasConsts())
++        if (script->hasConsts()) {
+             nconsts = script->consts()->length;
+-        if (script->hasObjects())
++        }
++        if (script->hasObjects()) {
+             nobjects = script->objects()->length;
++        }
+         nscopes = script->scopes()->length;
+-        if (script->hasTrynotes())
++        if (script->hasTrynotes()) {
+             ntrynotes = script->trynotes()->length;
+-        if (script->hasScopeNotes())
++        }
++        if (script->hasScopeNotes()) {
+             nscopenotes = script->scopeNotes()->length;
+-        if (script->hasYieldAndAwaitOffsets())
++        }
++        if (script->hasYieldAndAwaitOffsets()) {
+             nyieldoffsets = script->yieldAndAwaitOffsets().length();
++        }
+ 
+         nTypeSets = script->nTypeSets();
+         funLength = script->funLength();
+ 
+-        if (script->noScriptRval())
++        if (script->noScriptRval()) {
+             scriptBits |= (1 << NoScriptRval);
+-        if (script->strict())
++        }
++        if (script->strict()) {
+             scriptBits |= (1 << Strict);
+-        if (script->explicitUseStrict())
++        }
++        if (script->explicitUseStrict()) {
+             scriptBits |= (1 << ExplicitUseStrict);
+-        if (script->selfHosted())
++        }
++        if (script->selfHosted()) {
+             scriptBits |= (1 << SelfHosted);
+-        if (script->bindingsAccessedDynamically())
++        }
++        if (script->bindingsAccessedDynamically()) {
+             scriptBits |= (1 << ContainsDynamicNameAccess);
+-        if (script->funHasExtensibleScope())
++        }
++        if (script->funHasExtensibleScope()) {
+             scriptBits |= (1 << FunHasExtensibleScope);
+-        if (script->funHasAnyAliasedFormal())
++        }
++        if (script->funHasAnyAliasedFormal()) {
+             scriptBits |= (1 << FunHasAnyAliasedFormal);
+-        if (script->argumentsHasVarBinding())
++        }
++        if (script->argumentsHasVarBinding()) {
+             scriptBits |= (1 << ArgumentsHasVarBinding);
+-        if (script->analyzedArgsUsage() && script->needsArgsObj())
++        }
++        if (script->analyzedArgsUsage() && script->needsArgsObj()) {
+             scriptBits |= (1 << NeedsArgsObj);
+-        if (script->hasMappedArgsObj())
++        }
++        if (script->hasMappedArgsObj()) {
+             scriptBits |= (1 << HasMappedArgsObj);
+-        if (script->functionHasThisBinding())
++        }
++        if (script->functionHasThisBinding()) {
+             scriptBits |= (1 << FunctionHasThisBinding);
+-        if (script->functionHasExtraBodyVarScope())
++        }
++        if (script->functionHasExtraBodyVarScope()) {
+             scriptBits |= (1 << FunctionHasExtraBodyVarScope);
++        }
+         MOZ_ASSERT_IF(sourceObjectArg, sourceObjectArg->source() == script->scriptSource());
+-        if (!sourceObjectArg)
++        if (!sourceObjectArg) {
+             scriptBits |= (1 << OwnSource);
+-        if (script->isGenerator())
++        }
++        if (script->isGenerator()) {
+             scriptBits |= (1 << IsGenerator);
+-        if (script->isAsync())
++        }
++        if (script->isAsync()) {
+             scriptBits |= (1 << IsAsync);
+-        if (script->hasRest())
++        }
++        if (script->hasRest()) {
+             scriptBits |= (1 << HasRest);
+-        if (script->hasSingletons())
++        }
++        if (script->hasSingletons()) {
+             scriptBits |= (1 << HasSingleton);
+-        if (script->treatAsRunOnce())
++        }
++        if (script->treatAsRunOnce()) {
+             scriptBits |= (1 << TreatAsRunOnce);
+-        if (script->isRelazifiable())
++        }
++        if (script->isRelazifiable()) {
+             scriptBits |= (1 << HasLazyScript);
+-        if (script->hasNonSyntacticScope())
++        }
++        if (script->hasNonSyntacticScope()) {
+             scriptBits |= (1 << HasNonSyntacticScope);
+-        if (script->hasInnerFunctions())
++        }
++        if (script->hasInnerFunctions()) {
+             scriptBits |= (1 << HasInnerFunctions);
+-        if (script->needsHomeObject())
++        }
++        if (script->needsHomeObject()) {
+             scriptBits |= (1 << NeedsHomeObject);
+-        if (script->isDerivedClassConstructor())
++        }
++        if (script->isDerivedClassConstructor()) {
+             scriptBits |= (1 << IsDerivedClassConstructor);
+-        if (script->isDefaultClassConstructor())
++        }
++        if (script->isDefaultClassConstructor()) {
+             scriptBits |= (1 << IsDefaultClassConstructor);
++        }
+     }
+ 
+     MOZ_TRY(xdr->codeUint32(&prologueLength));
+ 
+     // To fuse allocations, we need lengths of all embedded arrays early.
+     MOZ_TRY(xdr->codeUint32(&natoms));
+     MOZ_TRY(xdr->codeUint32(&nsrcnotes));
+     MOZ_TRY(xdr->codeUint32(&nconsts));
+@@ -489,50 +536,55 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         } else {
+             options.emplace(xdr->cx());
+             (*options).setNoScriptRval(!!(scriptBits & (1 << NoScriptRval)))
+                       .setSelfHostingMode(!!(scriptBits & (1 << SelfHosted)));
+         }
+ 
+         if (scriptBits & (1 << OwnSource)) {
+             ScriptSource* ss = cx->new_<ScriptSource>();
+-            if (!ss)
++            if (!ss) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+             ScriptSourceHolder ssHolder(ss);
+ 
+             /*
+              * We use this CompileOptions only to initialize the
+              * ScriptSourceObject. Most CompileOptions fields aren't used by
+              * ScriptSourceObject, and those that are (element; elementAttributeName)
+              * aren't preserved by XDR. So this can be simple.
+              */
+-            if (!ss->initFromOptions(cx, *options))
++            if (!ss->initFromOptions(cx, *options)) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+ 
+             sourceObject = ScriptSourceObject::create(cx, ss);
+-            if (!sourceObject)
++            if (!sourceObject) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+ 
+             if (xdr->hasScriptSourceObjectOut()) {
+                 // When the ScriptSourceObjectOut is provided by ParseTask, it
+                 // is stored in a location which is traced by the GC.
+                 *xdr->scriptSourceObjectOut() = sourceObject;
+             } else if (!ScriptSourceObject::initFromOptions(cx, sourceObject, *options)) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
+             }
+         }
+ 
+         script = JSScript::Create(cx, *options, sourceObject, 0, 0, 0, 0);
+-        if (!script)
++        if (!script) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+ 
+         // Set the script in its function now so that inner scripts to be
+         // decoded may iterate the static scope chain.
+-        if (fun)
++        if (fun) {
+             fun->initScript(script);
++        }
+     } else {
+         // When encoding, we do not mutate any of the JSScript or LazyScript, so
+         // we can safely unwrap it here.
+         sourceObject = &script->scriptSourceUnwrap();
+     }
+ 
+     if (mode == XDR_DECODE) {
+         if (!JSScript::partiallyInit(cx, script, nscopes, nconsts, nobjects, ntrynotes,
+@@ -545,63 +597,84 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         script->mainOffset_ = prologueLength;
+         script->funLength_ = funLength;
+ 
+         MOZ_ASSERT(nTypeSets <= UINT16_MAX);
+         script->nTypeSets_ = uint16_t(nTypeSets);
+ 
+         scriptp.set(script);
+ 
+-        if (scriptBits & (1 << Strict))
++        if (scriptBits & (1 << Strict)) {
+             script->bitFields_.strict_ = true;
+-        if (scriptBits & (1 << ExplicitUseStrict))
++        }
++        if (scriptBits & (1 << ExplicitUseStrict)) {
+             script->bitFields_.explicitUseStrict_ = true;
+-        if (scriptBits & (1 << ContainsDynamicNameAccess))
++        }
++        if (scriptBits & (1 << ContainsDynamicNameAccess)) {
+             script->bitFields_.bindingsAccessedDynamically_ = true;
+-        if (scriptBits & (1 << FunHasExtensibleScope))
++        }
++        if (scriptBits & (1 << FunHasExtensibleScope)) {
+             script->bitFields_.funHasExtensibleScope_ = true;
+-        if (scriptBits & (1 << FunHasAnyAliasedFormal))
++        }
++        if (scriptBits & (1 << FunHasAnyAliasedFormal)) {
+             script->bitFields_.funHasAnyAliasedFormal_ = true;
+-        if (scriptBits & (1 << ArgumentsHasVarBinding))
++        }
++        if (scriptBits & (1 << ArgumentsHasVarBinding)) {
+             script->setArgumentsHasVarBinding();
+-        if (scriptBits & (1 << NeedsArgsObj))
++        }
++        if (scriptBits & (1 << NeedsArgsObj)) {
+             script->setNeedsArgsObj(true);
+-        if (scriptBits & (1 << HasMappedArgsObj))
++        }
++        if (scriptBits & (1 << HasMappedArgsObj)) {
+             script->bitFields_.hasMappedArgsObj_ = true;
+-        if (scriptBits & (1 << FunctionHasThisBinding))
++        }
++        if (scriptBits & (1 << FunctionHasThisBinding)) {
+             script->bitFields_.functionHasThisBinding_ = true;
+-        if (scriptBits & (1 << FunctionHasExtraBodyVarScope))
++        }
++        if (scriptBits & (1 << FunctionHasExtraBodyVarScope)) {
+             script->bitFields_.functionHasExtraBodyVarScope_ = true;
+-        if (scriptBits & (1 << HasSingleton))
++        }
++        if (scriptBits & (1 << HasSingleton)) {
+             script->bitFields_.hasSingletons_ = true;
+-        if (scriptBits & (1 << TreatAsRunOnce))
++        }
++        if (scriptBits & (1 << TreatAsRunOnce)) {
+             script->bitFields_.treatAsRunOnce_ = true;
+-        if (scriptBits & (1 << HasNonSyntacticScope))
++        }
++        if (scriptBits & (1 << HasNonSyntacticScope)) {
+             script->bitFields_.hasNonSyntacticScope_ = true;
+-        if (scriptBits & (1 << HasInnerFunctions))
++        }
++        if (scriptBits & (1 << HasInnerFunctions)) {
+             script->bitFields_.hasInnerFunctions_ = true;
+-        if (scriptBits & (1 << NeedsHomeObject))
++        }
++        if (scriptBits & (1 << NeedsHomeObject)) {
+             script->bitFields_.needsHomeObject_ = true;
+-        if (scriptBits & (1 << IsDerivedClassConstructor))
++        }
++        if (scriptBits & (1 << IsDerivedClassConstructor)) {
+             script->bitFields_.isDerivedClassConstructor_ = true;
+-        if (scriptBits & (1 << IsDefaultClassConstructor))
++        }
++        if (scriptBits & (1 << IsDefaultClassConstructor)) {
+             script->bitFields_.isDefaultClassConstructor_ = true;
+-        if (scriptBits & (1 << IsGenerator))
++        }
++        if (scriptBits & (1 << IsGenerator)) {
+             script->setGeneratorKind(GeneratorKind::Generator);
+-        if (scriptBits & (1 << IsAsync))
++        }
++        if (scriptBits & (1 << IsAsync)) {
+             script->setAsyncKind(FunctionAsyncKind::AsyncFunction);
+-        if (scriptBits & (1 << HasRest))
++        }
++        if (scriptBits & (1 << HasRest)) {
+             script->setHasRest();
++        }
+     }
+ 
+     JS_STATIC_ASSERT(sizeof(jsbytecode) == 1);
+     JS_STATIC_ASSERT(sizeof(jssrcnote) == 1);
+ 
+-    if (scriptBits & (1 << OwnSource))
++    if (scriptBits & (1 << OwnSource)) {
+         MOZ_TRY(sourceObject->source()->performXDR<mode>(xdr));
++    }
+     MOZ_TRY(xdr->codeUint32(&script->sourceStart_));
+     MOZ_TRY(xdr->codeUint32(&script->sourceEnd_));
+     MOZ_TRY(xdr->codeUint32(&script->toStringStart_));
+     MOZ_TRY(xdr->codeUint32(&script->toStringEnd_));
+     MOZ_TRY(xdr->codeUint32(&lineno));
+     MOZ_TRY(xdr->codeUint32(&column));
+     MOZ_TRY(xdr->codeUint32(&nfixed));
+     MOZ_TRY(xdr->codeUint32(&nslots));
+@@ -611,23 +684,25 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         script->lineno_ = lineno;
+         script->column_ = column;
+         script->nfixed_ = nfixed;
+         script->nslots_ = nslots;
+         script->bodyScopeIndex_ = bodyScopeIndex;
+     }
+ 
+     if (mode == XDR_DECODE) {
+-        if (!script->createScriptData(cx, length, nsrcnotes, natoms))
++        if (!script->createScriptData(cx, length, nsrcnotes, natoms)) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+     }
+ 
+     auto scriptDataGuard = mozilla::MakeScopeExit([&] {
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             script->freeScriptData();
++        }
+     });
+ 
+     jsbytecode* code = script->code();
+     MOZ_TRY(xdr->codeBytes(code, length));
+     MOZ_TRY(xdr->codeBytes(code + length, nsrcnotes));
+ 
+     for (i = 0; i != natoms; ++i) {
+         if (mode == XDR_DECODE) {
+@@ -637,29 +712,32 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         } else {
+             RootedAtom tmp(cx, script->atoms()[i]);
+             MOZ_TRY(XDRAtom(xdr, &tmp));
+         }
+     }
+ 
+     scriptDataGuard.release();
+     if (mode == XDR_DECODE) {
+-        if (!script->shareScriptData(cx))
++        if (!script->shareScriptData(cx)) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+     }
+ 
+     if (nconsts) {
+         GCPtrValue* vector = script->consts()->vector;
+         RootedValue val(cx);
+         for (i = 0; i != nconsts; ++i) {
+-            if (mode == XDR_ENCODE)
++            if (mode == XDR_ENCODE) {
+                 val = vector[i];
++            }
+             MOZ_TRY(XDRScriptConst(xdr, &val));
+-            if (mode == XDR_DECODE)
++            if (mode == XDR_DECODE) {
+                 vector[i].init(val);
++            }
+         }
+     }
+ 
+     {
+         MOZ_ASSERT(nscopes != 0);
+         GCPtrScope* vector = script->scopes()->vector;
+         RootedScope scope(cx);
+         RootedScope enclosing(cx);
+@@ -710,18 +788,19 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+               case ScopeKind::Catch:
+               case ScopeKind::NamedLambda:
+               case ScopeKind::StrictNamedLambda:
+                 MOZ_TRY(LexicalScope::XDR(xdr, scopeKind, enclosing, &scope));
+                 break;
+               case ScopeKind::With:
+                 if (mode == XDR_DECODE) {
+                     scope = WithScope::create(cx, enclosing);
+-                    if (!scope)
++                    if (!scope) {
+                         return xdr->fail(JS::TranscodeResult_Throw);
++                    }
+                 }
+                 break;
+               case ScopeKind::Eval:
+               case ScopeKind::StrictEval:
+                 MOZ_TRY(EvalScope::XDR(xdr, scopeKind, enclosing, &scope));
+                 break;
+               case ScopeKind::Global:
+               case ScopeKind::NonSyntactic:
+@@ -735,18 +814,19 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+                 MOZ_CRASH("wasm functions cannot be nested in JSScripts");
+                 break;
+               default:
+                 // Fail in debug, but only soft-fail in release
+                 MOZ_ASSERT(false, "Bad XDR scope kind");
+                 return xdr->fail(JS::TranscodeResult_Failure_BadDecode);
+             }
+ 
+-            if (mode == XDR_DECODE)
++            if (mode == XDR_DECODE) {
+                 vector[i].init(scope);
++            }
+         }
+ 
+         // Verify marker to detect data corruption after decoding scope data. A
+         // mismatch here indicates we will almost certainly crash in release.
+         MOZ_TRY(xdr->codeMarker(0x48922BAB));
+     }
+ 
+     /*
+@@ -755,36 +835,39 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+      * after the enclosing block has been XDR'd.
+      */
+     for (i = 0; i != nobjects; ++i) {
+         GCPtrObject* objp = &script->objects()->vector[i];
+         XDRClassKind classk;
+ 
+         if (mode == XDR_ENCODE) {
+             JSObject* obj = *objp;
+-            if (obj->is<RegExpObject>())
++            if (obj->is<RegExpObject>()) {
+                 classk = CK_RegexpObject;
+-            else if (obj->is<JSFunction>())
++            } else if (obj->is<JSFunction>()) {
+                 classk = CK_JSFunction;
+-            else if (obj->is<PlainObject>() || obj->is<ArrayObject>())
++            } else if (obj->is<PlainObject>() || obj->is<ArrayObject>()) {
+                 classk = CK_JSObject;
+-            else
++            } else {
+                 MOZ_CRASH("Cannot encode this class of object.");
++            }
+         }
+ 
+         MOZ_TRY(xdr->codeEnum32(&classk));
+ 
+         switch (classk) {
+           case CK_RegexpObject: {
+             Rooted<RegExpObject*> regexp(cx);
+-            if (mode == XDR_ENCODE)
++            if (mode == XDR_ENCODE) {
+                 regexp = &(*objp)->as<RegExpObject>();
++            }
+             MOZ_TRY(XDRScriptRegExpObject(xdr, &regexp));
+-            if (mode == XDR_DECODE)
++            if (mode == XDR_DECODE) {
+                 *objp = regexp;
++            }
+             break;
+           }
+ 
+           case CK_JSFunction: {
+             /* Code the nested function's enclosing scope. */
+             uint32_t funEnclosingScopeIndex = 0;
+             RootedScope funEnclosingScope(cx);
+             if (mode == XDR_ENCODE) {
+@@ -806,18 +889,19 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+ 
+             if (mode == XDR_DECODE) {
+                 MOZ_ASSERT(funEnclosingScopeIndex < script->scopes()->length);
+                 funEnclosingScope = script->scopes()->vector[funEnclosingScopeIndex];
+             }
+ 
+             // Code nested function and script.
+             RootedFunction tmp(cx);
+-            if (mode == XDR_ENCODE)
++            if (mode == XDR_ENCODE) {
+                 tmp = &(*objp)->as<JSFunction>();
++            }
+             MOZ_TRY(XDRInterpretedFunction(xdr, funEnclosingScope, sourceObject, &tmp));
+             *objp = tmp;
+             break;
+           }
+ 
+           case CK_JSObject: {
+             /* Code object literal. */
+             RootedObject tmp(cx, *objp);
+@@ -861,31 +945,34 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+ 
+     for (i = 0; i < nyieldoffsets; ++i) {
+         uint32_t* offset = &script->yieldAndAwaitOffsets()[i];
+         MOZ_TRY(xdr->codeUint32(offset));
+     }
+ 
+     if (scriptBits & (1 << HasLazyScript)) {
+         Rooted<LazyScript*> lazy(cx);
+-        if (mode == XDR_ENCODE)
++        if (mode == XDR_ENCODE) {
+             lazy = script->maybeLazyScript();
++        }
+ 
+         MOZ_TRY(XDRRelazificationInfo(xdr, fun, script, scriptEnclosingScope, &lazy));
+ 
+-        if (mode == XDR_DECODE)
++        if (mode == XDR_DECODE) {
+             script->setLazyScript(lazy);
++        }
+     }
+ 
+     if (mode == XDR_DECODE) {
+         scriptp.set(script);
+ 
+         /* see BytecodeEmitter::tellDebuggerAboutCompiledScript */
+-        if (!fun && !cx->helperThread())
++        if (!fun && !cx->helperThread()) {
+             Debugger::onNewScript(cx, script);
++        }
+     }
+ 
+     return Ok();
+ }
+ 
+ template XDRResult
+ js::XDRScript(XDRState<XDR_ENCODE>*, HandleScope, HandleScriptSourceObject, HandleFunction,
+               MutableHandleScript);
+@@ -936,41 +1023,44 @@ js::XDRLazyScript(XDRState<mode>* xdr, H
+         MOZ_TRY(xdr->codeUint32(&lineno));
+         MOZ_TRY(xdr->codeUint32(&column));
+         MOZ_TRY(xdr->codeUint64(&packedFields));
+ 
+         if (mode == XDR_DECODE) {
+             lazy.set(LazyScript::CreateForXDR(cx, fun, nullptr, enclosingScope, sourceObject,
+                                               packedFields, sourceStart, sourceEnd, toStringStart,
+                                               lineno, column));
+-            if (!lazy)
++            if (!lazy) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+             lazy->setToStringEnd(toStringEnd);
+             fun->initLazyScript(lazy);
+         }
+     }
+ 
+     // Code closed-over bindings.
+     MOZ_TRY(XDRLazyClosedOverBindings(xdr, lazy));
+ 
+     // Code inner functions.
+     {
+         RootedFunction func(cx);
+         GCPtrFunction* innerFunctions = lazy->innerFunctions();
+         size_t numInnerFunctions = lazy->numInnerFunctions();
+         for (size_t i = 0; i < numInnerFunctions; i++) {
+-            if (mode == XDR_ENCODE)
++            if (mode == XDR_ENCODE) {
+                 func = innerFunctions[i];
++            }
+ 
+             MOZ_TRY(XDRInterpretedFunction(xdr, nullptr, sourceObject, &func));
+ 
+             if (mode == XDR_DECODE) {
+                 innerFunctions[i] = func;
+-                if (innerFunctions[i]->isInterpretedLazy())
++                if (innerFunctions[i]->isInterpretedLazy()) {
+                     innerFunctions[i]->lazyScript()->setEnclosingLazyScript(lazy);
++                }
+             }
+         }
+     }
+ 
+     return Ok();
+ }
+ 
+ template XDRResult
+@@ -1045,24 +1135,26 @@ JSScript::initScriptCounts(JSContext* cx
+ 
+     // Initialize all PCCounts counters to 0.
+     ScriptCounts::PCCountsVector base;
+     if (!base.reserve(jumpTargets.length())) {
+         ReportOutOfMemory(cx);
+         return false;
+     }
+ 
+-    for (size_t i = 0; i < jumpTargets.length(); i++)
++    for (size_t i = 0; i < jumpTargets.length(); i++) {
+         base.infallibleEmplaceBack(pcToOffset(jumpTargets[i]));
++    }
+ 
+     // Create realm's scriptCountsMap if necessary.
+     if (!realm()->scriptCountsMap) {
+         auto map = cx->make_unique<ScriptCountsMap>();
+-        if (!map)
++        if (!map) {
+             return false;
++        }
+ 
+         realm()->scriptCountsMap = std::move(map);
+     }
+ 
+     // Allocate the ScriptCounts.
+     UniqueScriptCounts sc = cx->make_unique<ScriptCounts>(std::move(base));
+     if (!sc) {
+         ReportOutOfMemory(cx);
+@@ -1076,18 +1168,19 @@ JSScript::initScriptCounts(JSContext* cx
+     }
+ 
+     // safe to set this;  we can't fail after this point.
+     bitFields_.hasScriptCounts_ = true;
+ 
+     // Enable interrupts in any interpreter frames running on this script. This
+     // is used to let the interpreter increment the PCCounts, if present.
+     for (ActivationIterator iter(cx); !iter.done(); ++iter) {
+-        if (iter->isInterpreter())
++        if (iter->isInterpreter()) {
+             iter->asInterpreter()->enableInterruptsIfRunning(this);
++        }
+     }
+ 
+     return true;
+ }
+ 
+ static inline ScriptCountsMap::Ptr
+ GetScriptCountsMapEntry(JSScript* script)
+ {
+@@ -1118,93 +1211,104 @@ JSScript::getScriptName()
+     auto p = GetScriptNameMapEntry(this);
+     return p->value().get();
+ }
+ 
+ js::PCCounts*
+ ScriptCounts::maybeGetPCCounts(size_t offset) {
+     PCCounts searched = PCCounts(offset);
+     PCCounts* elem = std::lower_bound(pcCounts_.begin(), pcCounts_.end(), searched);
+-    if (elem == pcCounts_.end() || elem->pcOffset() != offset)
++    if (elem == pcCounts_.end() || elem->pcOffset() != offset) {
+         return nullptr;
++    }
+     return elem;
+ }
+ 
+ const js::PCCounts*
+ ScriptCounts::maybeGetPCCounts(size_t offset) const {
+     PCCounts searched = PCCounts(offset);
+     const PCCounts* elem = std::lower_bound(pcCounts_.begin(), pcCounts_.end(), searched);
+-    if (elem == pcCounts_.end() || elem->pcOffset() != offset)
++    if (elem == pcCounts_.end() || elem->pcOffset() != offset) {
+         return nullptr;
++    }
+     return elem;
+ }
+ 
+ js::PCCounts*
+ ScriptCounts::getImmediatePrecedingPCCounts(size_t offset)
+ {
+     PCCounts searched = PCCounts(offset);
+     PCCounts* elem = std::lower_bound(pcCounts_.begin(), pcCounts_.end(), searched);
+-    if (elem == pcCounts_.end())
++    if (elem == pcCounts_.end()) {
+         return &pcCounts_.back();
+-    if (elem->pcOffset() == offset)
++    }
++    if (elem->pcOffset() == offset) {
+         return elem;
+-    if (elem != pcCounts_.begin())
++    }
++    if (elem != pcCounts_.begin()) {
+         return elem - 1;
++    }
+     return nullptr;
+ }
+ 
+ const js::PCCounts*
+ ScriptCounts::maybeGetThrowCounts(size_t offset) const {
+     PCCounts searched = PCCounts(offset);
+     const PCCounts* elem = std::lower_bound(throwCounts_.begin(), throwCounts_.end(), searched);
+-    if (elem == throwCounts_.end() || elem->pcOffset() != offset)
++    if (elem == throwCounts_.end() || elem->pcOffset() != offset) {
+         return nullptr;
++    }
+     return elem;
+ }
+ 
+ const js::PCCounts*
+ ScriptCounts::getImmediatePrecedingThrowCounts(size_t offset) const
+ {
+     PCCounts searched = PCCounts(offset);
+     const PCCounts* elem = std::lower_bound(throwCounts_.begin(), throwCounts_.end(), searched);
+     if (elem == throwCounts_.end()) {
+-        if (throwCounts_.begin() == throwCounts_.end())
++        if (throwCounts_.begin() == throwCounts_.end()) {
+             return nullptr;
++        }
+         return &throwCounts_.back();
+     }
+-    if (elem->pcOffset() == offset)
++    if (elem->pcOffset() == offset) {
+         return elem;
+-    if (elem != throwCounts_.begin())
++    }
++    if (elem != throwCounts_.begin()) {
+         return elem - 1;
++    }
+     return nullptr;
+ }
+ 
+ js::PCCounts*
+ ScriptCounts::getThrowCounts(size_t offset) {
+     PCCounts searched = PCCounts(offset);
+     PCCounts* elem = std::lower_bound(throwCounts_.begin(), throwCounts_.end(), searched);
+-    if (elem == throwCounts_.end() || elem->pcOffset() != offset)
++    if (elem == throwCounts_.end() || elem->pcOffset() != offset) {
+         elem = throwCounts_.insert(elem, searched);
++    }
+     return elem;
+ }
+ 
+ size_t
+ ScriptCounts::sizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) {
+     return mallocSizeOf(this) +
+         pcCounts_.sizeOfExcludingThis(mallocSizeOf) +
+         throwCounts_.sizeOfExcludingThis(mallocSizeOf) +
+         ionCounts_->sizeOfIncludingThis(mallocSizeOf);
+ }
+ 
+ void
+ JSScript::setIonScript(JSRuntime* rt, js::jit::IonScript* ionScript)
+ {
+     MOZ_ASSERT_IF(ionScript != ION_DISABLED_SCRIPT, !baselineScript()->hasPendingIonBuilder());
+-    if (hasIonScript())
++    if (hasIonScript()) {
+         js::jit::IonScript::writeBarrierPre(zone(), ion);
++    }
+     ion = ionScript;
+     MOZ_ASSERT_IF(hasIonScript(), hasBaselineScript());
+     updateJitCodeRaw(rt);
+ }
+ 
+ js::PCCounts*
+ JSScript::maybeGetPCCounts(jsbytecode* pc) {
+     MOZ_ASSERT(containsPC(pc));
+@@ -1222,59 +1326,67 @@ JSScript::getThrowCounts(jsbytecode* pc)
+     MOZ_ASSERT(containsPC(pc));
+     return getScriptCounts().getThrowCounts(pcToOffset(pc));
+ }
+ 
+ uint64_t
+ JSScript::getHitCount(jsbytecode* pc)
+ {
+     MOZ_ASSERT(containsPC(pc));
+-    if (pc < main())
++    if (pc < main()) {
+         pc = main();
++    }
+ 
+     ScriptCounts& sc = getScriptCounts();
+     size_t targetOffset = pcToOffset(pc);
+     const js::PCCounts* baseCount = sc.getImmediatePrecedingPCCounts(targetOffset);
+-    if (!baseCount)
++    if (!baseCount) {
+         return 0;
+-    if (baseCount->pcOffset() == targetOffset)
++    }
++    if (baseCount->pcOffset() == targetOffset) {
+         return baseCount->numExec();
++    }
+     MOZ_ASSERT(baseCount->pcOffset() < targetOffset);
+     uint64_t count = baseCount->numExec();
+     do {
+         const js::PCCounts* throwCount = sc.getImmediatePrecedingThrowCounts(targetOffset);
+-        if (!throwCount)
++        if (!throwCount) {
+             return count;
+-        if (throwCount->pcOffset() <= baseCount->pcOffset())
++        }
++        if (throwCount->pcOffset() <= baseCount->pcOffset()) {
+             return count;
++        }
+         count -= throwCount->numExec();
+         targetOffset = throwCount->pcOffset() - 1;
+     } while (true);
+ }
+ 
+ void
+ JSScript::incHitCount(jsbytecode* pc)
+ {
+     MOZ_ASSERT(containsPC(pc));
+-    if (pc < main())
++    if (pc < main()) {
+         pc = main();
++    }
+ 
+     ScriptCounts& sc = getScriptCounts();
+     js::PCCounts* baseCount = sc.getImmediatePrecedingPCCounts(pcToOffset(pc));
+-    if (!baseCount)
++    if (!baseCount) {
+         return;
++    }
+     baseCount->numExec()++;
+ }
+ 
+ void
+ JSScript::addIonCounts(jit::IonScriptCounts* ionCounts)
+ {
+     ScriptCounts& sc = getScriptCounts();
+-    if (sc.ionCounts_)
++    if (sc.ionCounts_) {
+         ionCounts->setPrevious(sc.ionCounts_);
++    }
+     sc.ionCounts_ = ionCounts;
+ }
+ 
+ jit::IonScriptCounts*
+ JSScript::getIonCounts()
+ {
+     return getScriptCounts().ionCounts_;
+ }
+@@ -1308,18 +1420,19 @@ JSScript::destroyScriptName()
+ {
+     auto p = GetScriptNameMapEntry(this);
+     realm()->scriptNameMap->remove(p);
+ }
+ 
+ bool
+ JSScript::hasScriptName()
+ {
+-    if (!realm()->scriptNameMap)
++    if (!realm()->scriptNameMap) {
+         return false;
++    }
+ 
+     auto p = realm()->scriptNameMap->lookup(this);
+     return p.found();
+ }
+ 
+ void
+ ScriptSourceObject::finalize(FreeOp* fop, JSObject* obj)
+ {
+@@ -1349,18 +1462,19 @@ const Class ScriptSourceObject::class_ =
+     JSCLASS_FOREGROUND_FINALIZE,
+     &ScriptSourceObjectClassOps
+ };
+ 
+ ScriptSourceObject*
+ ScriptSourceObject::create(JSContext* cx, ScriptSource* source)
+ {
+     RootedScriptSourceObject sourceObject(cx, NewObjectWithGivenProto<ScriptSourceObject>(cx, nullptr));
+-    if (!sourceObject)
++    if (!sourceObject) {
+         return nullptr;
++    }
+ 
+     source->incref();    // The matching decref is in ScriptSourceObject::finalize.
+     sourceObject->initReservedSlot(SOURCE_SLOT, PrivateValue(source));
+ 
+     // The remaining slots should eventually be populated by a call to
+     // initFromOptions. Poison them until that point.
+     sourceObject->initReservedSlot(ELEMENT_SLOT, MagicValue(JS_GENERIC_MAGIC));
+     sourceObject->initReservedSlot(ELEMENT_PROPERTY_SLOT, MagicValue(JS_GENERIC_MAGIC));
+@@ -1375,18 +1489,19 @@ ScriptSourceObject::initFromOptions(JSCo
+ {
+     cx->releaseCheck(source);
+     MOZ_ASSERT(source->getReservedSlot(ELEMENT_SLOT).isMagic(JS_GENERIC_MAGIC));
+     MOZ_ASSERT(source->getReservedSlot(ELEMENT_PROPERTY_SLOT).isMagic(JS_GENERIC_MAGIC));
+     MOZ_ASSERT(source->getReservedSlot(INTRODUCTION_SCRIPT_SLOT).isMagic(JS_GENERIC_MAGIC));
+ 
+     RootedObject element(cx, options.element());
+     RootedString elementAttributeName(cx, options.elementAttributeName());
+-    if (!initElementProperties(cx, source, element, elementAttributeName))
++    if (!initElementProperties(cx, source, element, elementAttributeName)) {
+         return false;
++    }
+ 
+     // There is no equivalent of cross-compartment wrappers for scripts. If the
+     // introduction script and ScriptSourceObject are in different compartments,
+     // we would be creating a cross-compartment script reference, which is
+     // forbidden. In that case, simply don't bother to retain the introduction
+     // script.
+     Value introductionScript = UndefinedValue();
+     if (options.introductionScript() &&
+@@ -1399,46 +1514,53 @@ ScriptSourceObject::initFromOptions(JSCo
+     return true;
+ }
+ 
+ /* static */ bool
+ ScriptSourceObject::initElementProperties(JSContext* cx, HandleScriptSourceObject source,
+                                           HandleObject element, HandleString elementAttrName)
+ {
+     RootedValue elementValue(cx, ObjectOrNullValue(element));
+-    if (!cx->compartment()->wrap(cx, &elementValue))
++    if (!cx->compartment()->wrap(cx, &elementValue)) {
+         return false;
++    }
+ 
+     RootedValue nameValue(cx);
+-    if (elementAttrName)
++    if (elementAttrName) {
+         nameValue = StringValue(elementAttrName);
+-    if (!cx->compartment()->wrap(cx, &nameValue))
++    }
++    if (!cx->compartment()->wrap(cx, &nameValue)) {
+         return false;
++    }
+ 
+     source->setReservedSlot(ELEMENT_SLOT, elementValue);
+     source->setReservedSlot(ELEMENT_PROPERTY_SLOT, nameValue);
+ 
+     return true;
+ }
+ 
+ /* static */ bool
+ JSScript::loadSource(JSContext* cx, ScriptSource* ss, bool* worked)
+ {
+     MOZ_ASSERT(!ss->hasSourceData());
+     *worked = false;
+-    if (!cx->runtime()->sourceHook.ref() || !ss->sourceRetrievable())
++    if (!cx->runtime()->sourceHook.ref() || !ss->sourceRetrievable()) {
+         return true;
++    }
+     char16_t* src = nullptr;
+     size_t length;
+-    if (!cx->runtime()->sourceHook->load(cx, ss->filename(), &src, &length))
++    if (!cx->runtime()->sourceHook->load(cx, ss->filename(), &src, &length)) {
+         return false;
+-    if (!src)
++    }
++    if (!src) {
+         return true;
+-    if (!ss->setSource(cx, UniqueTwoByteChars(src), length))
++    }
++    if (!ss->setSource(cx, UniqueTwoByteChars(src), length)) {
+         return false;
++    }
+ 
+     *worked = true;
+     return true;
+ }
+ 
+ /* static */ JSFlatString*
+ JSScript::sourceData(JSContext* cx, HandleScript script)
+ {
+@@ -1509,51 +1631,55 @@ UncompressedSourceCache::releaseEntry(Au
+     MOZ_ASSERT(holder_ == &holder);
+     holder_ = nullptr;
+ }
+ 
+ const char16_t*
+ UncompressedSourceCache::lookup(const ScriptSourceChunk& ssc, AutoHoldEntry& holder)
+ {
+     MOZ_ASSERT(!holder_);
+-    if (!map_)
++    if (!map_) {
+         return nullptr;
++    }
+     if (Map::Ptr p = map_->lookup(ssc)) {
+         holdEntry(holder, ssc);
+         return p->value().get();
+     }
+     return nullptr;
+ }
+ 
+ bool
+ UncompressedSourceCache::put(const ScriptSourceChunk& ssc, UniqueTwoByteChars str,
+                              AutoHoldEntry& holder)
+ {
+     MOZ_ASSERT(!holder_);
+ 
+     if (!map_) {
+         UniquePtr<Map> map = MakeUnique<Map>();
+-        if (!map)
++        if (!map) {
+             return false;
++        }
+ 
+         map_ = std::move(map);
+     }
+ 
+-    if (!map_->put(ssc, std::move(str)))
++    if (!map_->put(ssc, std::move(str))) {
+         return false;
++    }
+ 
+     holdEntry(holder, ssc);
+     return true;
+ }
+ 
+ void
+ UncompressedSourceCache::purge()
+ {
+-    if (!map_)
++    if (!map_) {
+         return;
++    }
+ 
+     for (Map::Range r = map_->all(); !r.empty(); r.popFront()) {
+         if (holder_ && r.front().key() == holder_->sourceChunk()) {
+             holder_->deferDelete(std::move(r.front().value()));
+             holder_ = nullptr;
+         }
+     }
+ 
+@@ -1561,31 +1687,33 @@ UncompressedSourceCache::purge()
+ }
+ 
+ size_t
+ UncompressedSourceCache::sizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf)
+ {
+     size_t n = 0;
+     if (map_ && !map_->empty()) {
+         n += map_->shallowSizeOfIncludingThis(mallocSizeOf);
+-        for (Map::Range r = map_->all(); !r.empty(); r.popFront())
++        for (Map::Range r = map_->all(); !r.empty(); r.popFront()) {
+             n += mallocSizeOf(r.front().value().get());
++        }
+     }
+     return n;
+ }
+ 
+ const char16_t*
+ ScriptSource::chunkChars(JSContext* cx, UncompressedSourceCache::AutoHoldEntry& holder,
+                          size_t chunk)
+ {
+     const Compressed& c = data.as<Compressed>();
+ 
+     ScriptSourceChunk ssc(this, chunk);
+-    if (const char16_t* decompressed = cx->caches().uncompressedSourceCache.lookup(ssc, holder))
++    if (const char16_t* decompressed = cx->caches().uncompressedSourceCache.lookup(ssc, holder)) {
+         return decompressed;
++    }
+ 
+     size_t totalLengthInBytes = length() * sizeof(char16_t);
+     size_t chunkBytes = Compressor::chunkSize(totalLengthInBytes, chunk);
+ 
+     MOZ_ASSERT((chunkBytes % sizeof(char16_t)) == 0);
+     const size_t lengthWithNull = (chunkBytes / sizeof(char16_t)) + 1;
+     UniqueTwoByteChars decompressed(js_pod_malloc<char16_t>(lengthWithNull));
+     if (!decompressed) {
+@@ -1627,26 +1755,28 @@ ScriptSource::PinnedChars::PinnedChars(J
+     }
+ }
+ 
+ ScriptSource::PinnedChars::~PinnedChars()
+ {
+     if (chars_) {
+         MOZ_ASSERT(*stack_ == this);
+         *stack_ = prev_;
+-        if (!prev_)
++        if (!prev_) {
+             source_->movePendingCompressedSource();
++        }
+     }
+ }
+ 
+ void
+ ScriptSource::movePendingCompressedSource()
+ {
+-    if (!pendingCompressed_)
++    if (!pendingCompressed_) {
+         return;
++    }
+ 
+     MOZ_ASSERT(data.is<Missing>() || data.is<Uncompressed>());
+     MOZ_ASSERT_IF(data.is<Uncompressed>(),
+                   data.as<Uncompressed>().string.length() ==
+                   pendingCompressed_->uncompressedLength);
+ 
+     data = SourceType(Compressed(std::move(pendingCompressed_->raw),
+                                  pendingCompressed_->uncompressedLength));
+@@ -1656,41 +1786,44 @@ ScriptSource::movePendingCompressedSourc
+ const char16_t*
+ ScriptSource::chars(JSContext* cx, UncompressedSourceCache::AutoHoldEntry& holder,
+                     size_t begin, size_t len)
+ {
+     MOZ_ASSERT(begin + len <= length());
+ 
+     if (data.is<Uncompressed>()) {
+         const char16_t* chars = data.as<Uncompressed>().string.chars();
+-        if (!chars)
++        if (!chars) {
+             return nullptr;
++        }
+         return chars + begin;
+     }
+ 
+-    if (data.is<Missing>())
++    if (data.is<Missing>()) {
+         MOZ_CRASH("ScriptSource::chars() on ScriptSource with SourceType = Missing");
++    }
+ 
+     MOZ_ASSERT(data.is<Compressed>());
+ 
+     // Determine which chunk(s) we are interested in, and the offsets within
+     // these chunks.
+     size_t firstChunk, lastChunk;
+     size_t firstChunkOffset, lastChunkOffset;
+     MOZ_ASSERT(len > 0);
+     Compressor::toChunkOffset(begin * sizeof(char16_t), &firstChunk, &firstChunkOffset);
+     Compressor::toChunkOffset((begin + len - 1) * sizeof(char16_t), &lastChunk, &lastChunkOffset);
+ 
+     MOZ_ASSERT(firstChunkOffset % sizeof(char16_t) == 0);
+     size_t firstChar = firstChunkOffset / sizeof(char16_t);
+ 
+     if (firstChunk == lastChunk) {
+         const char16_t* chars = chunkChars(cx, holder, firstChunk);
+-        if (!chars)
++        if (!chars) {
+             return nullptr;
++        }
+         return chars + firstChar;
+     }
+ 
+     // We need multiple chunks. Allocate a (null-terminated) buffer to hold
+     // |len| chars and copy uncompressed chars from the chunks into it. We use
+     // chunkChars() so we benefit from chunk caching by UncompressedSourceCache.
+ 
+     MOZ_ASSERT(firstChunk < lastChunk);
+@@ -1703,18 +1836,19 @@ ScriptSource::chars(JSContext* cx, Uncom
+     }
+ 
+     size_t totalLengthInBytes = length() * sizeof(char16_t);
+     char16_t* cursor = decompressed.get();
+ 
+     for (size_t i = firstChunk; i <= lastChunk; i++) {
+         UncompressedSourceCache::AutoHoldEntry chunkHolder;
+         const char16_t* chars = chunkChars(cx, chunkHolder, i);
+-        if (!chars)
++        if (!chars) {
+             return nullptr;
++        }
+ 
+         size_t numChars = Compressor::chunkSize(totalLengthInBytes, i) / sizeof(char16_t);
+         if (i == firstChunk) {
+             MOZ_ASSERT(firstChar < numChars);
+             chars += firstChar;
+             numChars -= firstChar;
+         } else if (i == lastChunk) {
+             size_t numCharsNew = lastChunkOffset / sizeof(char16_t) + 1;
+@@ -1736,44 +1870,48 @@ ScriptSource::chars(JSContext* cx, Uncom
+ 
+ JSFlatString*
+ ScriptSource::substring(JSContext* cx, size_t start, size_t stop)
+ {
+     MOZ_ASSERT(start <= stop);
+     size_t len = stop - start;
+     UncompressedSourceCache::AutoHoldEntry holder;
+     PinnedChars chars(cx, this, holder, start, len);
+-    if (!chars.get())
++    if (!chars.get()) {
+         return nullptr;
++    }
+     return NewStringCopyN<CanGC>(cx, chars.get(), len);
+ }
+ 
+ JSFlatString*
+ ScriptSource::substringDontDeflate(JSContext* cx, size_t start, size_t stop)
+ {
+     MOZ_ASSERT(start <= stop);
+     size_t len = stop - start;
+     UncompressedSourceCache::AutoHoldEntry holder;
+     PinnedChars chars(cx, this, holder, start, len);
+-    if (!chars.get())
++    if (!chars.get()) {
+         return nullptr;
++    }
+     return NewStringCopyNDontDeflate<CanGC>(cx, chars.get(), len);
+ }
+ 
+ bool
+ ScriptSource::appendSubstring(JSContext* cx, StringBuffer& buf, size_t start, size_t stop)
+ {
+     MOZ_ASSERT(start <= stop);
+     size_t len = stop - start;
+     UncompressedSourceCache::AutoHoldEntry holder;
+     PinnedChars chars(cx, this, holder, start, len);
+-    if (!chars.get())
++    if (!chars.get()) {
+         return false;
+-    if (len > SourceDeflateLimit && !buf.ensureTwoByteChars())
++    }
++    if (len > SourceDeflateLimit && !buf.ensureTwoByteChars()) {
+         return false;
++    }
+     return buf.append(chars.get(), len);
+ }
+ 
+ JSFlatString*
+ ScriptSource::functionBodyString(JSContext* cx)
+ {
+     MOZ_ASSERT(isFunctionBody());
+ 
+@@ -1800,46 +1938,49 @@ ScriptSource::setSource(SharedImmutableT
+ {
+     MOZ_ASSERT(data.is<Missing>());
+     data = SourceType(Uncompressed(std::move(string)));
+ }
+ 
+ bool
+ ScriptSource::tryCompressOffThread(JSContext* cx)
+ {
+-    if (!data.is<Uncompressed>())
++    if (!data.is<Uncompressed>()) {
+         return true;
++    }
+ 
+     // There are several cases where source compression is not a good idea:
+     //  - If the script is tiny, then compression will save little or no space.
+     //  - If there is only one core, then compression will contend with JS
+     //    execution (which hurts benchmarketing).
+     //
+     // Otherwise, enqueue a compression task to be processed when a major
+     // GC is requested.
+ 
+     bool canCompressOffThread =
+         HelperThreadState().cpuCount > 1 &&
+         HelperThreadState().threadCount >= 2 &&
+         CanUseExtraThreads();
+     const size_t TINY_SCRIPT = 256;
+-    if (TINY_SCRIPT > length() || !canCompressOffThread)
++    if (TINY_SCRIPT > length() || !canCompressOffThread) {
+         return true;
++    }
+ 
+     // The SourceCompressionTask needs to record the major GC number for
+     // scheduling. If we're parsing off thread, this number is not safe to
+     // access.
+     //
+     // When parsing on the main thread, the attempts made to compress off
+     // thread in BytecodeCompiler will succeed.
+     //
+     // When parsing off-thread, the above attempts will fail and the attempt
+     // made in ParseTask::finish will succeed.
+-    if (!CurrentThreadCanAccessRuntime(cx->runtime()))
++    if (!CurrentThreadCanAccessRuntime(cx->runtime())) {
+         return true;
++    }
+ 
+     // Heap allocate the task. It will be freed upon compression
+     // completing in AttachFinishedCompressedSources.
+     auto task = MakeUnique<SourceCompressionTask>(cx->runtime(), this);
+     if (!task) {
+         ReportOutOfMemory(cx);
+         return false;
+     }
+@@ -1862,20 +2003,21 @@ ScriptSource::setCompressedSource(JSCont
+ }
+ 
+ void
+ ScriptSource::setCompressedSource(SharedImmutableString&& raw, size_t uncompressedLength)
+ {
+     MOZ_ASSERT(data.is<Missing>() || data.is<Uncompressed>());
+     MOZ_ASSERT_IF(data.is<Uncompressed>(),
+                   data.as<Uncompressed>().string.length() == uncompressedLength);
+-    if (pinnedCharsStack_)
++    if (pinnedCharsStack_) {
+         pendingCompressed_ = mozilla::Some(Compressed(std::move(raw), uncompressedLength));
+-    else
++    } else {
+         data = SourceType(Compressed(std::move(raw), uncompressedLength));
++    }
+ }
+ 
+ bool
+ ScriptSource::setSourceCopy(JSContext* cx, SourceBufferHolder& srcBuf)
+ {
+     MOZ_ASSERT(!hasSourceData());
+ 
+     JSRuntime* runtime = cx->zone()->runtimeFromAnyThread();
+@@ -1893,91 +2035,99 @@ ScriptSource::setSourceCopy(JSContext* c
+ 
+     return true;
+ }
+ 
+ static MOZ_MUST_USE bool
+ reallocUniquePtr(UniqueChars& unique, size_t size)
+ {
+     auto newPtr = static_cast<char*>(js_realloc(unique.get(), size));
+-    if (!newPtr)
++    if (!newPtr) {
+         return false;
++    }
+ 
+     // Since the realloc succeeded, unique is now holding a freed pointer.
+     mozilla::Unused << unique.release();
+     unique.reset(newPtr);
+     return true;
+ }
+ 
+ void
+ SourceCompressionTask::work()
+ {
+-    if (shouldCancel())
++    if (shouldCancel()) {
+         return;
++    }
+ 
+     ScriptSource* source = sourceHolder_.get();
+     MOZ_ASSERT(source->data.is<ScriptSource::Uncompressed>());
+ 
+     // Try to keep the maximum memory usage down by only allocating half the
+     // size of the string, first.
+     size_t inputBytes = source->length() * sizeof(char16_t);
+     size_t firstSize = inputBytes / 2;
+     UniqueChars compressed(js_pod_malloc<char>(firstSize));
+-    if (!compressed)
++    if (!compressed) {
+         return;
++    }
+ 
+     const char16_t* chars = source->data.as<ScriptSource::Uncompressed>().string.chars();
+     Compressor comp(reinterpret_cast<const unsigned char*>(chars),
+                     inputBytes);
+-    if (!comp.init())
++    if (!comp.init()) {
+         return;
++    }
+ 
+     comp.setOutput(reinterpret_cast<unsigned char*>(compressed.get()), firstSize);
+     bool cont = true;
+     bool reallocated = false;
+     while (cont) {
+-        if (shouldCancel())
++        if (shouldCancel()) {
+             return;
++        }
+ 
+         switch (comp.compressMore()) {
+           case Compressor::CONTINUE:
+             break;
+           case Compressor::MOREOUTPUT: {
+             if (reallocated) {
+                 // The compressed string is longer than the original string.
+                 return;
+             }
+ 
+             // The compressed output is greater than half the size of the
+             // original string. Reallocate to the full size.
+-            if (!reallocUniquePtr(compressed, inputBytes))
++            if (!reallocUniquePtr(compressed, inputBytes)) {
+                 return;
++            }
+ 
+             comp.setOutput(reinterpret_cast<unsigned char*>(compressed.get()), inputBytes);
+             reallocated = true;
+             break;
+           }
+           case Compressor::DONE:
+             cont = false;
+             break;
+           case Compressor::OOM:
+             return;
+         }
+     }
+ 
+     size_t totalBytes = comp.totalBytesNeeded();
+ 
+     // Shrink the buffer to the size of the compressed data.
+-    if (!reallocUniquePtr(compressed, totalBytes))
++    if (!reallocUniquePtr(compressed, totalBytes)) {
+         return;
++    }
+ 
+     comp.finish(compressed.get(), totalBytes);
+ 
+-    if (shouldCancel())
++    if (shouldCancel()) {
+         return;
++    }
+ 
+     auto& strings = runtime_->sharedImmutableStrings();
+     resultString_ = strings.getOrCreate(std::move(compressed), totalBytes);
+ }
+ 
+ void
+ SourceCompressionTask::complete()
+ {
+@@ -1996,18 +2146,19 @@ ScriptSource::addSizeOfIncludingThis(moz
+                   mallocSizeOf(introducerFilename_.get());
+     info->numScripts++;
+ }
+ 
+ bool
+ ScriptSource::xdrEncodeTopLevel(JSContext* cx, HandleScript script)
+ {
+     // Encoding failures are reported by the xdrFinalizeEncoder function.
+-    if (containsAsmJS())
++    if (containsAsmJS()) {
+         return true;
++    }
+ 
+     xdrEncoder_ = js::MakeUnique<XDRIncrementalEncoder>(cx);
+     if (!xdrEncoder_) {
+         ReportOutOfMemory(cx);
+         return false;
+     }
+ 
+     MOZ_ASSERT(hasEncoder());
+@@ -2015,18 +2166,19 @@ ScriptSource::xdrEncodeTopLevel(JSContex
+         xdrEncoder_.reset(nullptr);
+     });
+ 
+     RootedScript s(cx, script);
+     XDRResult res = xdrEncoder_->codeScript(&s);
+     if (res.isErr()) {
+         // On encoding failure, let failureCase destroy encoder and return true
+         // to avoid failing any currently executing script.
+-        if (res.unwrapErr() & JS::TranscodeResult_Failure)
++        if (res.unwrapErr() & JS::TranscodeResult_Failure) {
+             return true;
++        }
+ 
+         return false;
+     }
+ 
+     failureCase.release();
+     return true;
+ }
+ 
+@@ -2040,30 +2192,32 @@ ScriptSource::xdrEncodeFunction(JSContex
+         xdrEncoder_.reset(nullptr);
+     });
+ 
+     RootedFunction f(cx, fun);
+     XDRResult res = xdrEncoder_->codeFunction(&f, sourceObject);
+     if (res.isErr()) {
+         // On encoding failure, let failureCase destroy encoder and return true
+         // to avoid failing any currently executing script.
+-        if (res.unwrapErr() & JS::TranscodeResult_Failure)
++        if (res.unwrapErr() & JS::TranscodeResult_Failure) {
+             return true;
++        }
+         return false;
+     }
+ 
+     failureCase.release();
+     return true;
+ }
+ 
+ bool
+ ScriptSource::xdrFinalizeEncoder(JS::TranscodeBuffer& buffer)
+ {
+-    if (!hasEncoder())
++    if (!hasEncoder()) {
+         return false;
++    }
+ 
+     auto cleanup = mozilla::MakeScopeExit([&] {
+         xdrEncoder_.reset(nullptr);
+     });
+ 
+     XDRResult res = xdrEncoder_->linearize(buffer);
+     return res.isOk();
+ }
+@@ -2108,41 +2262,45 @@ ScriptSource::performXDR(XDRState<mode>*
+     MOZ_TRY(xdr->codeUint8(&hasSource));
+ 
+     uint8_t retrievable = sourceRetrievable_;
+     MOZ_TRY(xdr->codeUint8(&retrievable));
+     sourceRetrievable_ = retrievable;
+ 
+     if (hasSource && !sourceRetrievable_) {
+         uint32_t len = 0;
+-        if (mode == XDR_ENCODE)
++        if (mode == XDR_ENCODE) {
+             len = length();
++        }
+         MOZ_TRY(xdr->codeUint32(&len));
+ 
+         uint32_t compressedLength;
+         if (mode == XDR_ENCODE) {
+             CompressedLengthMatcher m;
+             compressedLength = data.match(m);
+         }
+         MOZ_TRY(xdr->codeUint32(&compressedLength));
+ 
+         size_t byteLen = compressedLength ? compressedLength : (len * sizeof(char16_t));
+         if (mode == XDR_DECODE) {
+             auto bytes = xdr->cx()->template make_pod_array<char>(Max<size_t>(byteLen, 1));
+-            if (!bytes)
++            if (!bytes) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+             MOZ_TRY(xdr->codeBytes(bytes.get(), byteLen));
+ 
+             if (compressedLength) {
+-                if (!setCompressedSource(xdr->cx(), std::move(bytes), byteLen, len))
++                if (!setCompressedSource(xdr->cx(), std::move(bytes), byteLen, len)) {
+                     return xdr->fail(JS::TranscodeResult_Throw);
++                }
+             } else {
+                 UniqueTwoByteChars source(reinterpret_cast<char16_t*>(bytes.release()));
+-                if (!setSource(xdr->cx(), std::move(source), len))
++                if (!setSource(xdr->cx(), std::move(source), len)) {
+                     return xdr->fail(JS::TranscodeResult_Throw);
++                }
+             }
+         } else {
+             RawDataMatcher rdm;
+             void* p = data.match(rdm);
+             MOZ_TRY(xdr->codeBytes(p, byteLen));
+         }
+     }
+ 
+@@ -2150,67 +2308,73 @@ ScriptSource::performXDR(XDRState<mode>*
+     MOZ_TRY(xdr->codeUint8(&haveSourceMap));
+ 
+     if (haveSourceMap) {
+         uint32_t sourceMapURLLen = (mode == XDR_DECODE) ? 0 : js_strlen(sourceMapURL_.get());
+         MOZ_TRY(xdr->codeUint32(&sourceMapURLLen));
+ 
+         if (mode == XDR_DECODE) {
+             sourceMapURL_ = xdr->cx()->template make_pod_array<char16_t>(sourceMapURLLen + 1);
+-            if (!sourceMapURL_)
++            if (!sourceMapURL_) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+         }
+         auto guard = mozilla::MakeScopeExit([&] {
+-            if (mode == XDR_DECODE)
++            if (mode == XDR_DECODE) {
+                 sourceMapURL_ = nullptr;
++            }
+         });
+         MOZ_TRY(xdr->codeChars(sourceMapURL_.get(), sourceMapURLLen));
+         guard.release();
+         sourceMapURL_[sourceMapURLLen] = '\0';
+     }
+ 
+     uint8_t haveDisplayURL = hasDisplayURL();
+     MOZ_TRY(xdr->codeUint8(&haveDisplayURL));
+ 
+     if (haveDisplayURL) {
+         uint32_t displayURLLen = (mode == XDR_DECODE) ? 0 : js_strlen(displayURL_.get());
+         MOZ_TRY(xdr->codeUint32(&displayURLLen));
+ 
+         if (mode == XDR_DECODE) {
+             displayURL_ = xdr->cx()->template make_pod_array<char16_t>(displayURLLen + 1);
+-            if (!displayURL_)
++            if (!displayURL_) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+         }
+         auto guard = mozilla::MakeScopeExit([&] {
+-            if (mode == XDR_DECODE)
++            if (mode == XDR_DECODE) {
+                 displayURL_ = nullptr;
++            }
+         });
+         MOZ_TRY(xdr->codeChars(displayURL_.get(), displayURLLen));
+         guard.release();
+         displayURL_[displayURLLen] = '\0';
+     }
+ 
+     uint8_t haveFilename = !!filename_;
+     MOZ_TRY(xdr->codeUint8(&haveFilename));
+ 
+     if (haveFilename) {
+         const char* fn = filename();
+         MOZ_TRY(xdr->codeCString(&fn));
+         // Note: If the decoder has an option, then the filename is defined by
+         // the CompileOption from the document.
+         MOZ_ASSERT_IF(mode == XDR_DECODE && xdr->hasOptions(), filename());
+-        if (mode == XDR_DECODE && !xdr->hasOptions() && !setFilename(xdr->cx(), fn))
++        if (mode == XDR_DECODE && !xdr->hasOptions() && !setFilename(xdr->cx(), fn)) {
+             return xdr->fail(JS::TranscodeResult_Throw);
++        }
+ 
+         // Note the content of sources decoded when recording or replaying.
+         if (mode == XDR_DECODE && hasSourceData() && mozilla::recordreplay::IsRecordingOrReplaying()) {
+             UncompressedSourceCache::AutoHoldEntry holder;
+             ScriptSource::PinnedChars chars(xdr->cx(), this, holder, 0, length());
+-            if (!chars.get())
++            if (!chars.get()) {
+                 return xdr->fail(JS::TranscodeResult_Throw);
++            }
+             mozilla::recordreplay::NoteContentParse(this, filename(), "application/javascript",
+                                                     chars.get(), length());
+         }
+     }
+ 
+     return Ok();
+ }
+ 
+@@ -2235,18 +2399,19 @@ js::FormatIntroducedFilename(JSContext* 
+     size_t introducerLen = strlen(introducer);
+     size_t len = filenameLen                    +
+                  6 /* == strlen(" line ") */    +
+                  linenoLen                      +
+                  3 /* == strlen(" > ") */       +
+                  introducerLen                  +
+                  1 /* \0 */;
+     char* formatted = cx->pod_malloc<char>(len);
+-    if (!formatted)
++    if (!formatted) {
+         return nullptr;
++    }
+ 
+     mozilla::DebugOnly<size_t> checkLen = snprintf(formatted, len, "%s line %s > %s",
+                                                    filename, linenoBuf, introducer);
+     MOZ_ASSERT(checkLen == len - 1);
+ 
+     return formatted;
+ }
+ 
+@@ -2263,28 +2428,31 @@ ScriptSource::initFromOptions(JSContext*
+     setIntroductionOffset(options.introductionOffset);
+     parameterListEnd_ = parameterListEnd.isSome() ? parameterListEnd.value() : 0;
+ 
+     if (options.hasIntroductionInfo) {
+         MOZ_ASSERT(options.introductionType != nullptr);
+         const char* filename = options.filename() ? options.filename() : "<unknown>";
+         char* formatted = FormatIntroducedFilename(cx, filename, options.introductionLineno,
+                                                    options.introductionType);
+-        if (!formatted)
++        if (!formatted) {
+             return false;
++        }
+         filename_.reset(formatted);
+     } else if (options.filename()) {
+-        if (!setFilename(cx, options.filename()))
++        if (!setFilename(cx, options.filename())) {
+             return false;
++        }
+     }
+ 
+     if (options.introducerFilename()) {
+         introducerFilename_ = DuplicateString(cx, options.introducerFilename());
+-        if (!introducerFilename_)
++        if (!introducerFilename_) {
+             return false;
++        }
+     }
+ 
+     return true;
+ }
+ 
+ bool
+ ScriptSource::setFilename(JSContext* cx, const char* filename)
+ {
+@@ -2304,31 +2472,33 @@ ScriptSource::setDisplayURL(JSContext* c
+                                                 GetErrorMessage, nullptr,
+                                                 JSMSG_ALREADY_HAS_PRAGMA, filename_.get(),
+                                                 "//# sourceURL"))
+         {
+             return false;
+         }
+     }
+     size_t len = js_strlen(displayURL) + 1;
+-    if (len == 1)
++    if (len == 1) {
+         return true;
++    }
+ 
+     displayURL_ = DuplicateString(cx, displayURL);
+     return displayURL_ != nullptr;
+ }
+ 
+ bool
+ ScriptSource::setSourceMapURL(JSContext* cx, const char16_t* sourceMapURL)
+ {
+     MOZ_ASSERT(sourceMapURL);
+ 
+     size_t len = js_strlen(sourceMapURL) + 1;
+-    if (len == 1)
++    if (len == 1) {
+         return true;
++    }
+ 
+     sourceMapURL_ = DuplicateString(cx, sourceMapURL);
+     return sourceMapURL_ != nullptr;
+ }
+ 
+ /*
+  * [SMDOC] JSScript data layout (shared)
+  *
+@@ -2367,18 +2537,19 @@ js::SharedScriptData::new_(JSContext* cx
+ 
+     /*
+      * Call constructors to initialize the storage that will be accessed as a
+      * GCPtrAtom array via atoms().
+      */
+     static_assert(offsetof(SharedScriptData, data_) % sizeof(GCPtrAtom) == 0,
+                   "atoms must have GCPtrAtom alignment");
+     GCPtrAtom* atoms = entry->atoms();
+-    for (unsigned i = 0; i < natoms; ++i)
++    for (unsigned i = 0; i < natoms; ++i) {
+         new (&atoms[i]) GCPtrAtom();
++    }
+ 
+     // Sanity check the dataLength() computation
+     MOZ_ASSERT(entry->dataLength() == dataLength);
+ 
+     return entry;
+ }
+ 
+ inline
+@@ -2396,18 +2567,19 @@ js::ScriptBytecodeHasher::Lookup::~Looku
+ }
+ 
+ bool
+ JSScript::createScriptData(JSContext* cx, uint32_t codeLength, uint32_t srcnotesLength,
+                            uint32_t natoms)
+ {
+     MOZ_ASSERT(!scriptData());
+     SharedScriptData* ssd = SharedScriptData::new_(cx, codeLength, srcnotesLength, natoms);
+-    if (!ssd)
++    if (!ssd) {
+         return false;
++    }
+ 
+     setScriptData(ssd);
+     return true;
+ }
+ 
+ void
+ JSScript::freeScriptData()
+ {
+@@ -2597,26 +2769,31 @@ JS_STATIC_ASSERT((NoPaddingBetweenEntrie
+ static inline size_t
+ ScriptDataSize(uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
+                uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets)
+ {
+     size_t size = 0;
+ 
+     MOZ_ASSERT(nscopes != 0);
+     size += sizeof(ScopeArray) + nscopes * sizeof(Scope*);
+-    if (nconsts != 0)
++    if (nconsts != 0) {
+         size += sizeof(ConstArray) + nconsts * sizeof(Value);
+-    if (nobjects != 0)
++    }
++    if (nobjects != 0) {
+         size += sizeof(ObjectArray) + nobjects * sizeof(NativeObject*);
+-    if (ntrynotes != 0)
++    }
++    if (ntrynotes != 0) {
+         size += sizeof(TryNoteArray) + ntrynotes * sizeof(JSTryNote);
+-    if (nscopenotes != 0)
++    }
++    if (nscopenotes != 0) {
+         size += sizeof(ScopeNoteArray) + nscopenotes * sizeof(ScopeNote);
+-    if (nyieldoffsets != 0)
++    }
++    if (nyieldoffsets != 0) {
+         size += sizeof(YieldAndAwaitOffsetArray) + nyieldoffsets * sizeof(uint32_t);
++    }
+ 
+      return size;
+ }
+ 
+ JSScript::JSScript(JS::Realm* realm, uint8_t* stubEntry, const ReadOnlyCompileOptions& options,
+                    HandleObject sourceObject, uint32_t bufStart, uint32_t bufEnd,
+                    uint32_t toStringStart, uint32_t toStringEnd)
+   :
+@@ -2652,18 +2829,19 @@ JSScript::JSScript(JS::Realm* realm, uin
+ 
+ /* static */ JSScript*
+ JSScript::createInitialized(JSContext* cx, const ReadOnlyCompileOptions& options,
+                             HandleObject sourceObject,
+                             uint32_t bufStart, uint32_t bufEnd,
+                             uint32_t toStringStart, uint32_t toStringEnd)
+ {
+     void* script = Allocate<JSScript>(cx);
+-    if (!script)
++    if (!script) {
+         return nullptr;
++    }
+ 
+     uint8_t* stubEntry =
+ #ifndef JS_CODEGEN_NONE
+         cx->runtime()->jitRuntime()->interpreterStub().value
+ #else
+         nullptr
+ #endif
+         ;
+@@ -2674,40 +2852,44 @@ JSScript::createInitialized(JSContext* c
+ 
+ /* static */ JSScript*
+ JSScript::Create(JSContext* cx, const ReadOnlyCompileOptions& options,
+                  HandleObject sourceObject, uint32_t bufStart, uint32_t bufEnd,
+                  uint32_t toStringStart, uint32_t toStringEnd)
+ {
+     RootedScript script(cx, createInitialized(cx, options, sourceObject, bufStart, bufEnd,
+                                               toStringStart, toStringEnd));
+-    if (!script)
++    if (!script) {
+         return nullptr;
++    }
+ 
+     if (cx->runtime()->lcovOutput().isEnabled()) {
+-        if (!script->initScriptName(cx))
++        if (!script->initScriptName(cx)) {
+             return nullptr;
++        }
+     }
+ 
+     return script;
+ }
+ 
+ bool
+ JSScript::initScriptName(JSContext* cx)
+ {
+     MOZ_ASSERT(!hasScriptName());
+ 
+-    if (!filename())
++    if (!filename()) {
+         return true;
++    }
+ 
+     // Create realm's scriptNameMap if necessary.
+     if (!realm()->scriptNameMap) {
+         auto map = cx->make_unique<ScriptNameMap>();
+-        if (!map)
++        if (!map) {
+             return false;
++        }
+ 
+         realm()->scriptNameMap = std::move(map);
+     }
+ 
+     UniqueChars name = DuplicateString(filename());
+     if (!name) {
+         ReportOutOfMemory(cx);
+         return false;
+@@ -2720,38 +2902,41 @@ JSScript::initScriptName(JSContext* cx)
+     }
+ 
+     return true;
+ }
+ 
+ static inline uint8_t*
+ AllocScriptData(JSContext* cx, size_t size)
+ {
+-    if (!size)
++    if (!size) {
+         return nullptr;
++    }
+ 
+     uint8_t* data = cx->pod_calloc<uint8_t>(JS_ROUNDUP(size, sizeof(Value)));
+-    if (!data)
++    if (!data) {
+         return nullptr;
++    }
+     MOZ_ASSERT(size_t(data) % sizeof(Value) == 0);
+     return data;
+ }
+ 
+ /* static */ bool
+ JSScript::partiallyInit(JSContext* cx, HandleScript script, uint32_t nscopes,
+                         uint32_t nconsts, uint32_t nobjects, uint32_t ntrynotes,
+                         uint32_t nscopenotes, uint32_t nyieldoffsets)
+ {
+     cx->check(script);
+ 
+     size_t size = ScriptDataSize(nscopes, nconsts, nobjects, ntrynotes,
+                                  nscopenotes, nyieldoffsets);
+     script->data = AllocScriptData(cx, size);
+-    if (size && !script->data)
++    if (size && !script->data) {
+         return false;
++    }
+ 
+     script->dataSize_ = size;
+ 
+     uint8_t* cursor = script->data;
+ 
+     // There must always be at least 1 scope, the body scope.
+     MOZ_ASSERT(nscopes != 0);
+     cursor += sizeof(ScopeArray);
+@@ -2846,25 +3031,27 @@ JSScript::initFunctionPrototype(JSContex
+         return false;
+     }
+ 
+     script->nTypeSets_ = 0;
+ 
+     RootedScope enclosing(cx, &cx->global()->emptyGlobalScope());
+     Scope* functionProtoScope = FunctionScope::create(cx, nullptr, false, false, functionProto,
+                                                       enclosing);
+-    if (!functionProtoScope)
++    if (!functionProtoScope) {
+         return false;
++    }
+     script->scopes()->vector[0].init(functionProtoScope);
+ 
+     uint32_t codeLength = 1;
+     uint32_t srcNotesLength = 1;
+     uint32_t numAtoms = 0;
+-    if (!script->createScriptData(cx, codeLength, srcNotesLength, numAtoms))
++    if (!script->createScriptData(cx, codeLength, srcNotesLength, numAtoms)) {
+         return false;
++    }
+ 
+     jsbytecode* code = script->code();
+     code[0] = JSOP_RETRVAL;
+     code[1] = SRC_NULL;
+     return script->shareScriptData(cx);
+ }
+ 
+ static void
+@@ -2877,47 +3064,51 @@ InitAtomMap(frontend::AtomIndexMap& indi
+         atoms[index].init(atom);
+     }
+ }
+ 
+ /* static */ void
+ JSScript::initFromFunctionBox(HandleScript script, frontend::FunctionBox* funbox)
+ {
+     JSFunction* fun = funbox->function();
+-    if (fun->isInterpretedLazy())
++    if (fun->isInterpretedLazy()) {
+         fun->setUnlazifiedScript(script);
+-    else
++    } else {
+         fun->setScript(script);
++    }
+ 
+     script->bitFields_.funHasExtensibleScope_ = funbox->hasExtensibleScope();
+     script->bitFields_.needsHomeObject_ = funbox->needsHomeObject();
+     script->bitFields_.isDerivedClassConstructor_ = funbox->isDerivedClassConstructor();
+ 
+     if (funbox->argumentsHasLocalBinding()) {
+         script->setArgumentsHasVarBinding();
+-        if (funbox->definitelyNeedsArgsObj())
++        if (funbox->definitelyNeedsArgsObj()) {
+             script->setNeedsArgsObj(true);
++        }
+     } else {
+         MOZ_ASSERT(!funbox->definitelyNeedsArgsObj());
+     }
+     script->bitFields_.hasMappedArgsObj_ = funbox->hasMappedArgsObj();
+ 
+     script->bitFields_.functionHasThisBinding_ = funbox->hasThisBinding();
+     script->bitFields_.functionHasExtraBodyVarScope_ = funbox->hasExtraBodyVarScope();
+ 
+     script->funLength_ = funbox->length;
+ 
+     script->setGeneratorKind(funbox->generatorKind());
+     script->setAsyncKind(funbox->asyncKind());
+-    if (funbox->hasRest())
++    if (funbox->hasRest()) {
+         script->setHasRest();
++    }
+ 
+     PositionalFormalParameterIter fi(script);
+-    while (fi && !fi.closedOver())
++    while (fi && !fi.closedOver()) {
+         fi++;
++    }
+     script->bitFields_.funHasAnyAliasedFormal_ = !!fi;
+ 
+     script->setHasInnerFunctions(funbox->hasInnerFunctions());
+ }
+ 
+ /* static */ void
+ JSScript::initFromModuleContext(HandleScript script)
+ {
+@@ -2945,82 +3136,92 @@ JSScript::fullyInitFromEmitter(JSContext
+     if (nslots > UINT32_MAX) {
+         bce->reportError(nullptr, JSMSG_NEED_DIET, js_script_str);
+         return false;
+     }
+ 
+     uint32_t mainLength = bce->offset();
+     uint32_t prologueLength = bce->prologueOffset();
+     uint32_t nsrcnotes;
+-    if (!bce->finishTakingSrcNotes(&nsrcnotes))
++    if (!bce->finishTakingSrcNotes(&nsrcnotes)) {
+         return false;
++    }
+     uint32_t natoms = bce->atomIndices->count();
+     if (!partiallyInit(cx, script,
+                        bce->scopeList.length(), bce->numberList.length(), bce->objectList.length,
+                        bce->tryNoteList.length(), bce->scopeNoteList.length(),
+                        bce->yieldAndAwaitOffsetList.length()))
+     {
+         return false;
+     }
+ 
+     MOZ_ASSERT(script->mainOffset() == 0);
+     script->mainOffset_ = prologueLength;
+     script->nTypeSets_ = bce->typesetCount;
+     script->lineno_ = bce->firstLine;
+ 
+-    if (!script->createScriptData(cx, prologueLength + mainLength, nsrcnotes, natoms))
++    if (!script->createScriptData(cx, prologueLength + mainLength, nsrcnotes, natoms)) {
+         return false;
++    }
+ 
+     // Any fallible operation after JSScript::createScriptData should reset
+     // JSScript.scriptData_, in order to treat this script as uncompleted,
+     // in JSScript::isUncompleted.
+     // JSScript::shareScriptData resets it before returning false.
+ 
+     jsbytecode* code = script->code();
+     PodCopy<jsbytecode>(code, bce->prologue.code.begin(), prologueLength);
+     PodCopy<jsbytecode>(code + prologueLength, bce->main.code.begin(), mainLength);
+     bce->copySrcNotes((jssrcnote*)(code + script->length()), nsrcnotes);
+     InitAtomMap(*bce->atomIndices, script->atoms());
+ 
+-    if (!script->shareScriptData(cx))
++    if (!script->shareScriptData(cx)) {
+         return false;
+-
+-    if (bce->numberList.length() != 0)
++    }
++
++    if (bce->numberList.length() != 0) {
+         bce->numberList.finish(script->consts());
+-    if (bce->objectList.length != 0)
++    }
++    if (bce->objectList.length != 0) {
+         bce->objectList.finish(script->objects());
+-    if (bce->scopeList.length() != 0)
++    }
++    if (bce->scopeList.length() != 0) {
+         bce->scopeList.finish(script->scopes());
+-    if (bce->tryNoteList.length() != 0)
++    }
++    if (bce->tryNoteList.length() != 0) {
+         bce->tryNoteList.finish(script->trynotes());
+-    if (bce->scopeNoteList.length() != 0)
++    }
++    if (bce->scopeNoteList.length() != 0) {
+         bce->scopeNoteList.finish(script->scopeNotes(), prologueLength);
++    }
+     script->bitFields_.strict_ = bce->sc->strict();
+     script->bitFields_.explicitUseStrict_ = bce->sc->hasExplicitUseStrict();
+     script->bitFields_.bindingsAccessedDynamically_ = bce->sc->bindingsAccessedDynamically();
+     script->bitFields_.hasSingletons_ = bce->hasSingletons;
+ 
+     script->nfixed_ = bce->maxFixedSlots;
+     script->nslots_ = nslots;
+     script->bodyScopeIndex_ = bce->bodyScopeIndex;
+     script->bitFields_.hasNonSyntacticScope_ =
+         bce->outermostScope()->hasOnChain(ScopeKind::NonSyntactic);
+ 
+     // There shouldn't be any fallible operation after initFromFunctionBox,
+     // JSFunction::hasUncompletedScript relies on the fact that the existence
+     // of the pointer to JSScript means the pointed JSScript is complete.
+-    if (bce->sc->isFunctionBox())
++    if (bce->sc->isFunctionBox()) {
+         initFromFunctionBox(script, bce->sc->asFunctionBox());
+-    else if (bce->sc->isModuleContext())
++    } else if (bce->sc->isModuleContext()) {
+         initFromModuleContext(script);
++    }
+ 
+     // Copy yield offsets last, as the generator kind is set in
+     // initFromFunctionBox.
+-    if (bce->yieldAndAwaitOffsetList.length() != 0)
++    if (bce->yieldAndAwaitOffsetList.length() != 0) {
+         bce->yieldAndAwaitOffsetList.finish(script->yieldAndAwaitOffsets(), prologueLength);
++    }
+ 
+ #ifdef DEBUG
+     script->assertValidJumpTargets();
+ #endif
+ 
+     return true;
+ }
+ 
+@@ -3071,18 +3272,19 @@ JSScript::assertValidJumpTargets() const
+ 
+     // Check catch/finally blocks as jump targets.
+     if (hasTrynotes()) {
+         JSTryNote* tn = trynotes()->vector;
+         JSTryNote* tnlimit = tn + trynotes()->length;
+         for (; tn < tnlimit; tn++) {
+             jsbytecode* tryStart = mainEntry + tn->start;
+             jsbytecode* tryPc = tryStart - 1;
+-            if (tn->kind != JSTRY_CATCH && tn->kind != JSTRY_FINALLY)
++            if (tn->kind != JSTRY_CATCH && tn->kind != JSTRY_FINALLY) {
+                 continue;
++            }
+ 
+             MOZ_ASSERT(JSOp(*tryPc) == JSOP_TRY);
+             jsbytecode* tryTarget = tryStart + tn->length;
+             MOZ_ASSERT(mainEntry <= tryTarget && tryTarget < end);
+             MOZ_ASSERT(BytecodeIsJumpTarget(JSOp(*tryTarget)));
+         }
+     }
+ }
+@@ -3125,31 +3327,33 @@ JSScript::finalize(FreeOp* fop)
+     MOZ_ASSERT_IF(hasScriptName(), fop->runtime()->lcovOutput().isEnabled());
+     if (fop->runtime()->lcovOutput().isEnabled() && hasScriptName()) {
+         realm()->lcovOutput.collectCodeCoverageInfo(realm(), this, getScriptName());
+         destroyScriptName();
+     }
+ 
+     fop->runtime()->geckoProfiler().onScriptFinalized(this);
+ 
+-    if (types_)
++    if (types_) {
+         types_->destroy();
++    }
+ 
+     jit::DestroyJitScripts(fop, this);
+ 
+     destroyScriptCounts();
+     destroyDebugScript(fop);
+ 
+     if (data) {
+         JS_POISON(data, 0xdb, computedSizeOfData(), MemCheckKind::MakeNoAccess);
+         fop->free_(data);
+     }
+ 
+-    if (scriptData_)
++    if (scriptData_) {
+         scriptData_->decRefCount();
++    }
+ 
+     // In most cases, our LazyScript's script pointer will reference this
+     // script, and thus be nulled out by normal weakref processing. However, if
+     // we unlazified the LazyScript during incremental sweeping, it will have a
+     // completely different JSScript.
+     MOZ_ASSERT_IF(lazyScript && !IsAboutToBeFinalizedUnbarriered(&lazyScript),
+                   !lazyScript->hasScript() || lazyScript->maybeScriptUnbarriered() != this);
+ }
+@@ -3162,18 +3366,19 @@ GSNCache::purge()
+     code = nullptr;
+     map.clearAndCompact();
+ }
+ 
+ jssrcnote*
+ js::GetSrcNote(GSNCache& cache, JSScript* script, jsbytecode* pc)
+ {
+     size_t target = pc - script->code();
+-    if (target >= script->length())
++    if (target >= script->length()) {
+         return nullptr;
++    }
+ 
+     if (cache.code == script->code()) {
+         GSNCache::Map::Ptr p = cache.map.lookup(pc);
+         return p ? p->value() : nullptr;
+     }
+ 
+     size_t offset = 0;
+     jssrcnote* result;
+@@ -3187,31 +3392,33 @@ js::GetSrcNote(GSNCache& cache, JSScript
+             result = sn;
+             break;
+         }
+     }
+ 
+     if (cache.code != script->code() && script->length() >= GSN_CACHE_THRESHOLD) {
+         unsigned nsrcnotes = 0;
+         for (jssrcnote* sn = script->notes(); !SN_IS_TERMINATOR(sn); sn = SN_NEXT(sn)) {
+-            if (SN_IS_GETTABLE(sn))
++            if (SN_IS_GETTABLE(sn)) {
+                 ++nsrcnotes;
++            }
+         }
+         if (cache.code) {
+             cache.map.clear();
+             cache.code = nullptr;
+         }
+         if (cache.map.reserve(nsrcnotes)) {
+             pc = script->code();
+             for (jssrcnote* sn = script->notes(); !SN_IS_TERMINATOR(sn);
+                  sn = SN_NEXT(sn))
+             {
+                 pc += SN_DELTA(sn);
+-                if (SN_IS_GETTABLE(sn))
++                if (SN_IS_GETTABLE(sn)) {
+                     cache.map.putNewInfallible(pc, sn);
++                }
+             }
+             cache.code = script->code();
+         }
+     }
+ 
+     return result;
+ }
+ 
+@@ -3232,98 +3439,105 @@ js::PCToLineNumber(unsigned startLine, j
+      * Walk through source notes accumulating their deltas, keeping track of
+      * line-number notes, until we pass the note for pc's offset within
+      * script->code.
+      */
+     ptrdiff_t offset = 0;
+     ptrdiff_t target = pc - code;
+     for (jssrcnote* sn = notes; !SN_IS_TERMINATOR(sn); sn = SN_NEXT(sn)) {
+         offset += SN_DELTA(sn);
+-        if (offset > target)
++        if (offset > target) {
+             break;
++        }
+ 
+         SrcNoteType type = SN_TYPE(sn);
+         if (type == SRC_SETLINE) {
+             lineno = unsigned(GetSrcNoteOffset(sn, SrcNote::SetLine::Line));
+             column = 0;
+         } else if (type == SRC_NEWLINE) {
+             lineno++;
+             column = 0;
+         } else if (type == SRC_COLSPAN) {
+             ptrdiff_t colspan = SN_OFFSET_TO_COLSPAN(GetSrcNoteOffset(sn, SrcNote::ColSpan::Span));
+             MOZ_ASSERT(ptrdiff_t(column) + colspan >= 0);
+             column += colspan;
+         }
+     }
+ 
+-    if (columnp)
++    if (columnp) {
+         *columnp = column;
++    }
+ 
+     return lineno;
+ }
+ 
+ unsigned
+ js::PCToLineNumber(JSScript* script, jsbytecode* pc, unsigned* columnp)
+ {
+     /* Cope with InterpreterFrame.pc value prior to entering Interpret. */
+-    if (!pc)
++    if (!pc) {
+         return 0;
++    }
+ 
+     return PCToLineNumber(script->lineno(), script->notes(), script->code(), pc, columnp);
+ }
+ 
+ jsbytecode*
+ js::LineNumberToPC(JSScript* script, unsigned target)
+ {
+     ptrdiff_t offset = 0;
+     ptrdiff_t best = -1;
+     unsigned lineno = script->lineno();
+     unsigned bestdiff = SN_MAX_OFFSET;
+     for (jssrcnote* sn = script->notes(); !SN_IS_TERMINATOR(sn); sn = SN_NEXT(sn)) {
+         /*
+          * Exact-match only if offset is not in the prologue; otherwise use
+          * nearest greater-or-equal line number match.
+          */
+-        if (lineno == target && offset >= ptrdiff_t(script->mainOffset()))
++        if (lineno == target && offset >= ptrdiff_t(script->mainOffset())) {
+             goto out;
++        }
+         if (lineno >= target) {
+             unsigned diff = lineno - target;
+             if (diff < bestdiff) {
+                 bestdiff = diff;
+                 best = offset;
+             }
+         }
+         offset += SN_DELTA(sn);
+         SrcNoteType type = SN_TYPE(sn);
+         if (type == SRC_SETLINE) {
+             lineno = unsigned(GetSrcNoteOffset(sn, SrcNote::SetLine::Line));
+         } else if (type == SRC_NEWLINE) {
+             lineno++;
+         }
+     }
+-    if (best >= 0)
++    if (best >= 0) {
+         offset = best;
++    }
+ out:
+     return script->offsetToPC(offset);
+ }
+ 
+ JS_FRIEND_API(unsigned)
+ js::GetScriptLineExtent(JSScript* script)
+ {
+     unsigned lineno = script->lineno();
+     unsigned maxLineNo = lineno;
+     for (jssrcnote* sn = script->notes(); !SN_IS_TERMINATOR(sn); sn = SN_NEXT(sn)) {
+         SrcNoteType type = SN_TYPE(sn);
+-        if (type == SRC_SETLINE)
++        if (type == SRC_SETLINE) {
+             lineno = unsigned(GetSrcNoteOffset(sn, SrcNote::SetLine::Line));
+-        else if (type == SRC_NEWLINE)
++        } else if (type == SRC_NEWLINE) {
+             lineno++;
+-
+-        if (maxLineNo < lineno)
++        }
++
++        if (maxLineNo < lineno) {
+             maxLineNo = lineno;
++        }
+     }
+ 
+     return 1 + maxLineNo - script->lineno();
+ }
+ 
+ void
+ js::DescribeScriptedCallerForDirectEval(JSContext* cx, HandleScript script, jsbytecode* pc,
+                                         const char** file, unsigned* linenop, uint32_t* pcOffset,
+@@ -3391,47 +3605,53 @@ Rebase(JSScript* dst, JSScript* src, T* 
+ 
+ static JSObject*
+ CloneInnerInterpretedFunction(JSContext* cx, HandleScope enclosingScope, HandleFunction srcFun)
+ {
+     /* NB: Keep this in sync with XDRInterpretedFunction. */
+     RootedObject cloneProto(cx);
+     if (srcFun->isGenerator() || srcFun->isAsync()) {
+         cloneProto = GlobalObject::getOrCreateGeneratorFunctionPrototype(cx, cx->global());
+-        if (!cloneProto)
++        if (!cloneProto) {
+             return nullptr;
++        }
+     }
+ 
+     gc::AllocKind allocKind = srcFun->getAllocKind();
+     uint16_t flags = srcFun->flags();
+     if (srcFun->isSelfHostedBuiltin()) {
+         // Functions in the self-hosting compartment are only extended in
+         // debug mode. For top-level functions, FUNCTION_EXTENDED gets used by
+         // the cloning algorithm. Do the same for inner functions here.
+         allocKind = gc::AllocKind::FUNCTION_EXTENDED;
+         flags |= JSFunction::Flags::EXTENDED;
+     }
+     RootedAtom atom(cx, srcFun->displayAtom());
+-    if (atom)
++    if (atom) {
+         cx->markAtom(atom);
++    }
+     RootedFunction clone(cx, NewFunctionWithProto(cx, nullptr, srcFun->nargs(),
+                                                   JSFunction::Flags(flags), nullptr, atom,
+                                                   cloneProto, allocKind, TenuredObject));
+-    if (!clone)
++    if (!clone) {
+         return nullptr;
++    }
+ 
+     JSScript::AutoDelazify srcScript(cx, srcFun);
+-    if (!srcScript)
++    if (!srcScript) {
+         return nullptr;
++    }
+     JSScript* cloneScript = CloneScriptIntoFunction(cx, enclosingScope, clone, srcScript);
+-    if (!cloneScript)
++    if (!cloneScript) {
+         return nullptr;
+-
+-    if (!JSFunction::setTypeForScriptedFunction(cx, clone))
++    }
++
++    if (!JSFunction::setTypeForScriptedFunction(cx, clone)) {
+         return nullptr;
++    }
+ 
+     return clone;
+ }
+ 
+ bool
+ js::detail::CopyScript(JSContext* cx, HandleScript src, HandleScript dst,
+                        MutableHandle<GCVector<Scope*>> scopes)
+ {
+@@ -3451,36 +3671,38 @@ js::detail::CopyScript(JSContext* cx, Ha
+     uint32_t ntrynotes = src->hasTrynotes() ? src->trynotes()->length : 0;
+     uint32_t nscopenotes = src->hasScopeNotes() ? src->scopeNotes()->length : 0;
+     uint32_t nyieldoffsets = src->hasYieldAndAwaitOffsets() ? src->yieldAndAwaitOffsets().length() : 0;
+ 
+     /* Script data */
+ 
+     size_t size = src->dataSize();
+     UniquePtr<uint8_t, JS::FreePolicy> data(AllocScriptData(cx, size));
+-    if (size && !data)
++    if (size && !data) {
+         return false;
++    }
+ 
+     /* Scopes */
+ 
+     // The passed in scopes vector contains body scopes that needed to be
+     // cloned especially, depending on whether the script is a function or
+     // global scope. Starting at scopes.length() means we only deal with
+     // intra-body scopes.
+     {
+         MOZ_ASSERT(nscopes != 0);
+         MOZ_ASSERT(src->bodyScopeIndex() + 1 == scopes.length());
+         GCPtrScope* vector = src->scopes()->vector;
+         RootedScope original(cx);
+         RootedScope clone(cx);
+         for (uint32_t i = scopes.length(); i < nscopes; i++) {
+             original = vector[i];
+             clone = Scope::clone(cx, original, scopes[FindScopeIndex(src, *original->enclosing())]);
+-            if (!clone || !scopes.append(clone))
++            if (!clone || !scopes.append(clone)) {
+                 return false;
++            }
+         }
+     }
+ 
+     /* Objects */
+ 
+     AutoObjectVector objects(cx);
+     if (nobjects != 0) {
+         GCPtrObject* vector = src->objects()->vector;
+@@ -3498,59 +3720,64 @@ js::detail::CopyScript(JSContext* cx, Ha
+                         MOZ_ASSERT(innerFun->isAsmJSNative());
+                         JS_ReportErrorASCII(cx, "AsmJS modules do not yet support cloning.");
+                         return false;
+                     }
+                     clone = innerFun;
+                 } else {
+                     if (innerFun->isInterpretedLazy()) {
+                         AutoRealm ar(cx, innerFun);
+-                        if (!JSFunction::getOrCreateScript(cx, innerFun))
++                        if (!JSFunction::getOrCreateScript(cx, innerFun)) {
+                             return false;
++                        }
+                     }
+ 
+                     Scope* enclosing = innerFun->nonLazyScript()->enclosingScope();
+                     RootedScope enclosingClone(cx, scopes[FindScopeIndex(src, *enclosing)]);
+                     clone = CloneInnerInterpretedFunction(cx, enclosingClone, innerFun);
+                 }
+             } else {
+                 clone = DeepCloneObjectLiteral(cx, obj, TenuredObject);
+             }
+ 
+-            if (!clone || !objects.append(clone))
++            if (!clone || !objects.append(clone)) {
+                 return false;
++            }
+         }
+     }
+ 
+     /* This assignment must occur before all the Rebase calls. */
+     dst->data = data.release();
+     dst->dataSize_ = size;
+     MOZ_ASSERT(bool(dst->data) == bool(src->data));
+-    if (dst->data)
++    if (dst->data) {
+         memcpy(dst->data, src->data, size);
++    }
+ 
+     if (cx->zone() != src->zoneFromAnyThread()) {
+-        for (size_t i = 0; i < src->scriptData()->natoms(); i++)
++        for (size_t i = 0; i < src->scriptData()->natoms(); i++) {
+             cx->markAtom(src->scriptData()->atoms()[i]);
++        }
+     }
+ 
+     /* Script filenames, bytecodes and atoms are runtime-wide. */
+     dst->setScriptData(src->scriptData());
+ 
+     dst->lineno_ = src->lineno();
+     dst->mainOffset_ = src->mainOffset();
+     dst->nfixed_ = src->nfixed();
+     dst->nslots_ = src->nslots();
+     dst->bodyScopeIndex_ = src->bodyScopeIndex_;
+     dst->funLength_ = src->funLength();
+     dst->nTypeSets_ = src->nTypeSets();
+     if (src->argumentsHasVarBinding()) {
+         dst->setArgumentsHasVarBinding();
+-        if (src->analyzedArgsUsage())
++        if (src->analyzedArgsUsage()) {
+             dst->setNeedsArgsObj(src->needsArgsObj());
++        }
+     }
+     dst->bitFields_.hasMappedArgsObj_ = src->hasMappedArgsObj();
+     dst->bitFields_.functionHasThisBinding_ = src->functionHasThisBinding();
+     dst->bitFields_.functionHasExtraBodyVarScope_ = src->functionHasExtraBodyVarScope();
+     dst->cloneHasArray(src);
+     dst->bitFields_.strict_ = src->strict();
+     dst->bitFields_.explicitUseStrict_ = src->explicitUseStrict();
+     dst->bitFields_.hasNonSyntacticScope_ = scopes[0]->hasOnChain(ScopeKind::NonSyntactic);
+@@ -3566,35 +3793,40 @@ js::detail::CopyScript(JSContext* cx, Ha
+     dst->bitFields_.isDefaultClassConstructor_ = src->isDefaultClassConstructor();
+     dst->bitFields_.isAsync_ = src->bitFields_.isAsync_;
+     dst->bitFields_.hasRest_ = src->bitFields_.hasRest_;
+     dst->bitFields_.hideScriptFromDebugger_ = src->bitFields_.hideScriptFromDebugger_;
+ 
+     if (nconsts != 0) {
+         GCPtrValue* vector = Rebase<GCPtrValue>(dst, src, src->consts()->vector);
+         dst->consts()->vector = vector;
+-        for (unsigned i = 0; i < nconsts; ++i)
++        for (unsigned i = 0; i < nconsts; ++i) {
+             MOZ_ASSERT_IF(vector[i].isGCThing(), vector[i].toString()->isAtom());
++        }
+     }
+     if (nobjects != 0) {
+         GCPtrObject* vector = Rebase<GCPtrObject>(dst, src, src->objects()->vector);
+         dst->objects()->vector = vector;
+-        for (unsigned i = 0; i < nobjects; ++i)
++        for (unsigned i = 0; i < nobjects; ++i) {
+             vector[i].init(&objects[i]->as<NativeObject>());
++        }
+     }
+     {
+         GCPtrScope* vector = Rebase<GCPtrScope>(dst, src, src->scopes()->vector);
+         dst->scopes()->vector = vector;
+-        for (uint32_t i = 0; i < nscopes; ++i)
++        for (uint32_t i = 0; i < nscopes; ++i) {
+             vector[i].init(scopes[i]);
+-    }
+-    if (ntrynotes != 0)
++        }
++    }
++    if (ntrynotes != 0) {
+         dst->trynotes()->vector = Rebase<JSTryNote>(dst, src, src->trynotes()->vector);
+-    if (nscopenotes != 0)
++    }
++    if (nscopenotes != 0) {
+         dst->scopeNotes()->vector = Rebase<ScopeNote>(dst, src, src->scopeNotes()->vector);
++    }
+     if (nyieldoffsets != 0) {
+         dst->yieldAndAwaitOffsets().vector_ =
+             Rebase<uint32_t>(dst, src, src->yieldAndAwaitOffsets().vector_);
+     }
+ 
+     return true;
+ }
+ 
+@@ -3608,25 +3840,27 @@ CreateEmptyScriptForClone(JSContext* cx,
+      */
+     RootedObject sourceObject(cx);
+     if (src->realm()->isSelfHostingRealm()) {
+         if (!cx->realm()->selfHostingScriptSource) {
+             CompileOptions options(cx);
+             FillSelfHostingCompileOptions(options);
+ 
+             ScriptSourceObject* obj = frontend::CreateScriptSourceObject(cx, options);
+-            if (!obj)
++            if (!obj) {
+                 return nullptr;
++            }
+             cx->realm()->selfHostingScriptSource.set(obj);
+         }
+         sourceObject = cx->realm()->selfHostingScriptSource;
+     } else {
+         sourceObject = src->sourceObject();
+-        if (!cx->compartment()->wrap(cx, &sourceObject))
++        if (!cx->compartment()->wrap(cx, &sourceObject)) {
+             return nullptr;
++        }
+     }
+ 
+     CompileOptions options(cx);
+     options.setMutedErrors(src->mutedErrors())
+            .setSelfHostingMode(src->selfHosted())
+            .setNoScriptRval(src->noScriptRval());
+ 
+     return JSScript::Create(cx, options, sourceObject, src->sourceStart(), src->sourceEnd(),
+@@ -3634,79 +3868,86 @@ CreateEmptyScriptForClone(JSContext* cx,
+ }
+ 
+ JSScript*
+ js::CloneGlobalScript(JSContext* cx, ScopeKind scopeKind, HandleScript src)
+ {
+     MOZ_ASSERT(scopeKind == ScopeKind::Global || scopeKind == ScopeKind::NonSyntactic);
+ 
+     RootedScript dst(cx, CreateEmptyScriptForClone(cx, src));
+-    if (!dst)
++    if (!dst) {
+         return nullptr;
++    }
+ 
+     MOZ_ASSERT(src->bodyScopeIndex() == 0);
+     Rooted<GCVector<Scope*>> scopes(cx, GCVector<Scope*>(cx));
+     Rooted<GlobalScope*> original(cx, &src->bodyScope()->as<GlobalScope>());
+     GlobalScope* clone = GlobalScope::clone(cx, original, scopeKind);
+-    if (!clone || !scopes.append(clone))
++    if (!clone || !scopes.append(clone)) {
+         return nullptr;
+-
+-    if (!detail::CopyScript(cx, src, dst, &scopes))
++    }
++
++    if (!detail::CopyScript(cx, src, dst, &scopes)) {
+         return nullptr;
++    }
+ 
+     return dst;
+ }
+ 
+ JSScript*
+ js::CloneScriptIntoFunction(JSContext* cx, HandleScope enclosingScope, HandleFunction fun,
+                             HandleScript src)
+ {
+     MOZ_ASSERT(fun->isInterpreted());
+     MOZ_ASSERT(!fun->hasScript() || fun->hasUncompletedScript());
+ 
+     RootedScript dst(cx, CreateEmptyScriptForClone(cx, src));
+-    if (!dst)
++    if (!dst) {
+         return nullptr;
++    }
+ 
+     // Clone the non-intra-body scopes.
+     Rooted<GCVector<Scope*>> scopes(cx, GCVector<Scope*>(cx));
+     RootedScope original(cx);
+     RootedScope enclosingClone(cx);
+     for (uint32_t i = 0; i <= src->bodyScopeIndex(); i++) {
+         original = src->getScope(i);
+ 
+         if (i == 0) {
+             enclosingClone = enclosingScope;
+         } else {
+             MOZ_ASSERT(src->getScope(i - 1) == original->enclosing());
+             enclosingClone = scopes[i - 1];
+         }
+ 
+         Scope* clone;
+-        if (original->is<FunctionScope>())
++        if (original->is<FunctionScope>()) {
+             clone = FunctionScope::clone(cx, original.as<FunctionScope>(), fun, enclosingClone);
+-        else
++        } else {
+             clone = Scope::clone(cx, original, enclosingClone);
+-
+-        if (!clone || !scopes.append(clone))
++        }
++
++        if (!clone || !scopes.append(clone)) {
+             return nullptr;
++        }
+     }
+ 
+     // Save flags in case we need to undo the early mutations.
+     const int preservedFlags = fun->flags();
+     if (!detail::CopyScript(cx, src, dst, &scopes)) {
+         fun->setFlags(preservedFlags);
+         return nullptr;
+     }
+ 
+     // Finally set the script after all the fallible operations.
+-    if (fun->isInterpretedLazy())
++    if (fun->isInterpretedLazy()) {
+         fun->setUnlazifiedScript(dst);
+-    else
++    } else {
+         fun->initScript(dst);
++    }
+ 
+     return dst;
+ }
+ 
+ DebugScript*
+ JSScript::debugScript()
+ {
+     MOZ_ASSERT(bitFields_.hasDebugScript_);
+@@ -3746,29 +3987,32 @@ JSScript::destroyDebugScript(FreeOp* fop
+ #endif
+         fop->free_(releaseDebugScript());
+     }
+ }
+ 
+ bool
+ JSScript::ensureHasDebugScript(JSContext* cx)
+ {
+-    if (bitFields_.hasDebugScript_)
++    if (bitFields_.hasDebugScript_) {
+         return true;
++    }
+ 
+     size_t nbytes = offsetof(DebugScript, breakpoints) + length() * sizeof(BreakpointSite*);
+     UniqueDebugScript debug(reinterpret_cast<DebugScript*>(cx->pod_calloc<uint8_t>(nbytes)));
+-    if (!debug)
++    if (!debug) {
+         return false;
++    }
+ 
+     /* Create realm's debugScriptMap if necessary. */
+     if (!realm()->debugScriptMap) {
+         auto map = cx->make_unique<DebugScriptMap>();
+-        if (!map)
++        if (!map) {
+             return false;
++        }
+ 
+         realm()->debugScriptMap = std::move(map);
+     }
+ 
+     if (!realm()->debugScriptMap->putNew(this, std::move(debug))) {
+         ReportOutOfMemory(cx);
+         return false;
+     }
+@@ -3776,49 +4020,53 @@ JSScript::ensureHasDebugScript(JSContext
+     bitFields_.hasDebugScript_ = true; // safe to set this;  we can't fail after this point
+ 
+     /*
+      * Ensure that any Interpret() instances running on this script have
+      * interrupts enabled. The interrupts must stay enabled until the
+      * debug state is destroyed.
+      */
+     for (ActivationIterator iter(cx); !iter.done(); ++iter) {
+-        if (iter->isInterpreter())
++        if (iter->isInterpreter()) {
+             iter->asInterpreter()->enableInterruptsIfRunning(this);
++        }
+     }
+ 
+     return true;
+ }
+ 
+ void
+ JSScript::setNewStepMode(FreeOp* fop, uint32_t newValue)
+ {
+     DebugScript* debug = debugScript();
+     uint32_t prior = debug->stepMode;
+     debug->stepMode = newValue;
+ 
+     if (!prior != !newValue) {
+-        if (hasBaselineScript())
++        if (hasBaselineScript()) {
+             baseline->toggleDebugTraps(this, nullptr);
+-
+-        if (!stepModeEnabled() && !debug->numSites)
++        }
++
++        if (!stepModeEnabled() && !debug->numSites) {
+             fop->free_(releaseDebugScript());
++        }
+     }
+ }
+ 
+ bool
+ JSScript::incrementStepModeCount(JSContext* cx)
+ {
+     cx->check(this);
+     MOZ_ASSERT(cx->realm()->isDebuggee());
+ 
+     AutoRealm ar(cx, this);
+ 
+-    if (!ensureHasDebugScript(cx))
++    if (!ensureHasDebugScript(cx)) {
+         return false;
++    }
+ 
+     DebugScript* debug = debugScript();
+     uint32_t count = debug->stepMode;
+     setNewStepMode(cx->runtime()->defaultFreeOp(), count + 1);
+     return true;
+ }
+ 
+ void
+@@ -3830,119 +4078,130 @@ JSScript::decrementStepModeCount(FreeOp*
+     setNewStepMode(fop, count - 1);
+ }
+ 
+ BreakpointSite*
+ JSScript::getOrCreateBreakpointSite(JSContext* cx, jsbytecode* pc)
+ {
+     AutoRealm ar(cx, this);
+ 
+-    if (!ensureHasDebugScript(cx))
++    if (!ensureHasDebugScript(cx)) {
+         return nullptr;
++    }
+ 
+     DebugScript* debug = debugScript();
+     BreakpointSite*& site = debug->breakpoints[pcToOffset(pc)];
+ 
+     if (!site) {
+         site = cx->new_<JSBreakpointSite>(this, pc);
+-        if (!site)
++        if (!site) {
+             return nullptr;
++        }
+         debug->numSites++;
+     }
+ 
+     return site;
+ }
+ 
+ void
+ JSScript::destroyBreakpointSite(FreeOp* fop, jsbytecode* pc)
+ {
+     DebugScript* debug = debugScript();
+     BreakpointSite*& site = debug->breakpoints[pcToOffset(pc)];
+     MOZ_ASSERT(site);
+ 
+     fop->delete_(site);
+     site = nullptr;
+ 
+-    if (--debug->numSites == 0 && !stepModeEnabled())
++    if (--debug->numSites == 0 && !stepModeEnabled()) {
+         fop->free_(releaseDebugScript());
++    }
+ }
+ 
+ void
+ JSScript::clearBreakpointsIn(FreeOp* fop, js::Debugger* dbg, JSObject* handler)
+ {
+-    if (!hasAnyBreakpointsOrStepMode())
++    if (!hasAnyBreakpointsOrStepMode()) {
+         return;
++    }
+ 
+     for (jsbytecode* pc = code(); pc < codeEnd(); pc++) {
+         BreakpointSite* site = getBreakpointSite(pc);
+         if (site) {
+             Breakpoint* nextbp;
+             for (Breakpoint* bp = site->firstBreakpoint(); bp; bp = nextbp) {
+                 nextbp = bp->nextInSite();
+-                if ((!dbg || bp->debugger == dbg) && (!handler || bp->getHandler() == handler))
++                if ((!dbg || bp->debugger == dbg) && (!handler || bp->getHandler() == handler)) {
+                     bp->destroy(fop);
++                }
+             }
+         }
+     }
+ }
+ 
+ bool
+ JSScript::hasBreakpointsAt(jsbytecode* pc)
+ {
+     BreakpointSite* site = getBreakpointSite(pc);
+-    if (!site)
++    if (!site) {
+         return false;
++    }
+ 
+     return site->enabledCount > 0;
+ }
+ 
+ void
+ SharedScriptData::traceChildren(JSTracer* trc)
+ {
+     MOZ_ASSERT(refCount() != 0);
+-    for (uint32_t i = 0; i < natoms(); ++i)
++    for (uint32_t i = 0; i < natoms(); ++i) {
+         TraceNullableEdge(trc, &atoms()[i], "atom");
++    }
+ }
+ 
+ void
+ JSScript::traceChildren(JSTracer* trc)
+ {
+     // NOTE: this JSScript may be partially initialized at this point.  E.g. we
+     // may have created it and partially initialized it with
+     // JSScript::Create(), but not yet finished initializing it with
+     // fullyInitFromEmitter() or fullyInitTrivial().
+ 
+     MOZ_ASSERT_IF(trc->isMarkingTracer() &&
+                   GCMarker::fromTracer(trc)->shouldCheckCompartments(),
+                   zone()->isCollecting());
+ 
+-    if (scriptData())
++    if (scriptData()) {
+         scriptData()->traceChildren(trc);
+-
+-    if (ScopeArray* scopearray = scopes())
++    }
++
++    if (ScopeArray* scopearray = scopes()) {
+         TraceRange(trc, scopearray->length, scopearray->vector, "scopes");
++    }
+ 
+     if (hasConsts()) {
+         ConstArray* constarray = consts();
+         TraceRange(trc, constarray->length, constarray->vector, "consts");
+     }
+ 
+     if (hasObjects()) {
+         ObjectArray* objarray = objects();
+         TraceRange(trc, objarray->length, objarray->vector, "objects");
+     }
+ 
+     MOZ_ASSERT_IF(sourceObject(), MaybeForwarded(sourceObject())->compartment() == compartment());
+     TraceNullableEdge(trc, &sourceObject_, "sourceObject");
+ 
+-    if (maybeLazyScript())
++    if (maybeLazyScript()) {
+         TraceManuallyBarrieredEdge(trc, &lazyScript, "lazyScript");
+-
+-    if (trc->isMarkingTracer())
++    }
++
++    if (trc->isMarkingTracer()) {
+         realm()->mark();
++    }
+ 
+     jit::TraceJitScripts(trc, this);
+ }
+ 
+ void
+ LazyScript::finalize(FreeOp* fop)
+ {
+     fop->free_(table_);
+@@ -3950,47 +4209,51 @@ LazyScript::finalize(FreeOp* fop)
+ 
+ size_t
+ JSScript::calculateLiveFixed(jsbytecode* pc)
+ {
+     size_t nlivefixed = numAlwaysLiveFixedSlots();
+ 
+     if (nfixed() != nlivefixed) {
+         Scope* scope = lookupScope(pc);
+-        if (scope)
++        if (scope) {
+             scope = MaybeForwarded(scope);
++        }
+ 
+         // Find the nearest LexicalScope in the same script.
+         while (scope && scope->is<WithScope>()) {
+             scope = scope->enclosing();
+-            if (scope)
++            if (scope) {
+                 scope = MaybeForwarded(scope);
++            }
+         }
+ 
+         if (scope) {
+-            if (scope->is<LexicalScope>())
++            if (scope->is<LexicalScope>()) {
+                 nlivefixed = scope->as<LexicalScope>().nextFrameSlot();
+-            else if (scope->is<VarScope>())
++            } else if (scope->is<VarScope>()) {
+                 nlivefixed = scope->as<VarScope>().nextFrameSlot();
++            }
+         }
+     }
+ 
+     MOZ_ASSERT(nlivefixed <= nfixed());
+     MOZ_ASSERT(nlivefixed >= numAlwaysLiveFixedSlots());
+ 
+     return nlivefixed;
+ }
+ 
+ Scope*
+ JSScript::lookupScope(jsbytecode* pc)
+ {
+     MOZ_ASSERT(containsPC(pc));
+ 
+-    if (!hasScopeNotes())
++    if (!hasScopeNotes()) {
+         return nullptr;
++    }
+ 
+     size_t offset = pc - code();
+ 
+     ScopeNoteArray* notes = scopeNotes();
+     Scope* scope = nullptr;
+ 
+     // Find the innermost block chain using a binary search.
+     size_t bottom = 0;
+@@ -4007,40 +4270,43 @@ JSScript::lookupScope(jsbytecode* pc)
+             // the searched range for coverage.
+             size_t check = mid;
+             while (check >= bottom) {
+                 const ScopeNote* checkNote = &notes->vector[check];
+                 MOZ_ASSERT(checkNote->start <= offset);
+                 if (offset < checkNote->start + checkNote->length) {
+                     // We found a matching block chain but there may be inner ones
+                     // at a higher block chain index than mid. Continue the binary search.
+-                    if (checkNote->index == ScopeNote::NoScopeIndex)
++                    if (checkNote->index == ScopeNote::NoScopeIndex) {
+                         scope = nullptr;
+-                    else
++                    } else {
+                         scope = getScope(checkNote->index);
++                    }
+                     break;
+                 }
+-                if (checkNote->parent == UINT32_MAX)
++                if (checkNote->parent == UINT32_MAX) {
+                     break;
++                }
+                 check = checkNote->parent;
+             }
+             bottom = mid + 1;
+         } else {
+             top = mid;
+         }
+     }
+ 
+     return scope;
+ }
+ 
+ Scope*
+ JSScript::innermostScope(jsbytecode* pc)
+ {
+-    if (Scope* scope = lookupScope(pc))
++    if (Scope* scope = lookupScope(pc)) {
+         return scope;
++    }
+     return bodyScope();
+ }
+ 
+ void
+ JSScript::setArgumentsHasVarBinding()
+ {
+     bitFields_.argsHasVarBinding_ = true;
+     bitFields_.needsArgsAnalysis_ = true;
+@@ -4059,43 +4325,48 @@ js::SetFrameArgumentsObject(JSContext* c
+                             HandleScript script, JSObject* argsobj)
+ {
+     /*
+      * Replace any optimized arguments in the frame with an explicit arguments
+      * object. Note that 'arguments' may have already been overwritten.
+      */
+ 
+     Rooted<BindingIter> bi(cx, BindingIter(script));
+-    while (bi && bi.name() != cx->names().arguments)
++    while (bi && bi.name() != cx->names().arguments) {
+         bi++;
+-    if (!bi)
++    }
++    if (!bi) {
+         return;
++    }
+ 
+     if (bi.location().kind() == BindingLocation::Kind::Environment) {
+         /*
+          * Scan the script to find the slot in the call object that 'arguments'
+          * is assigned to.
+          */
+         jsbytecode* pc = script->code();
+-        while (*pc != JSOP_ARGUMENTS)
++        while (*pc != JSOP_ARGUMENTS) {
+             pc += GetBytecodeLength(pc);
++        }
+         pc += JSOP_ARGUMENTS_LENGTH;
+         MOZ_ASSERT(*pc == JSOP_SETALIASEDVAR);
+ 
+         // Note that here and below, it is insufficient to only check for
+         // JS_OPTIMIZED_ARGUMENTS, as Ion could have optimized out the
+         // arguments slot.
+         EnvironmentObject& env = frame.callObj().as<EnvironmentObject>();
+-        if (IsOptimizedPlaceholderMagicValue(env.aliasedBinding(bi)))
++        if (IsOptimizedPlaceholderMagicValue(env.aliasedBinding(bi))) {
+             env.setAliasedBinding(cx, bi, ObjectValue(*argsobj));
++        }
+     } else {
+         MOZ_ASSERT(bi.location().kind() == BindingLocation::Kind::Frame);
+         uint32_t frameSlot = bi.location().slot();
+-        if (IsOptimizedPlaceholderMagicValue(frame.unaliasedLocal(frameSlot)))
++        if (IsOptimizedPlaceholderMagicValue(frame.unaliasedLocal(frameSlot))) {
+             frame.unaliasedLocal(frameSlot) = ObjectValue(*argsobj);
++        }
+     }
+ }
+ 
+ /* static */ bool
+ JSScript::argumentsOptimizationFailed(JSContext* cx, HandleScript script)
+ {
+     MOZ_ASSERT(script->functionNonDelazifying());
+     MOZ_ASSERT(script->analyzedArgsUsage());
+@@ -4103,31 +4374,33 @@ JSScript::argumentsOptimizationFailed(JS
+ 
+     /*
+      * It is possible that the arguments optimization has already failed,
+      * everything has been fixed up, but there was an outstanding magic value
+      * on the stack that has just now flowed into an apply. In this case, there
+      * is nothing to do; GuardFunApplySpeculation will patch in the real
+      * argsobj.
+      */
+-    if (script->needsArgsObj())
++    if (script->needsArgsObj()) {
+         return true;
++    }
+ 
+     MOZ_ASSERT(!script->isGenerator());
+     MOZ_ASSERT(!script->isAsync());
+ 
+     script->bitFields_.needsArgsObj_ = true;
+ 
+     /*
+      * Since we can't invalidate baseline scripts, set a flag that's checked from
+      * JIT code to indicate the arguments optimization failed and JSOP_ARGUMENTS
+      * should create an arguments object next time.
+      */
+-    if (script->hasBaselineScript())
++    if (script->hasBaselineScript()) {
+         script->baselineScript()->setNeedsArgsObj();
++    }
+ 
+     /*
+      * By design, the arguments optimization is only made when there are no
+      * outstanding cases of MagicValue(JS_OPTIMIZED_ARGUMENTS) at any points
+      * where the optimization could fail, other than an active invocation of
+      * 'f.apply(x, arguments)'. Thus, there are no outstanding values of
+      * MagicValue(JS_OPTIMIZED_ARGUMENTS) on the stack. However, there are
+      * three things that need fixup:
+@@ -4140,41 +4413,45 @@ JSScript::argumentsOptimizationFailed(JS
+     for (AllScriptFramesIter i(cx); !i.done(); ++i) {
+         /*
+          * We cannot reliably create an arguments object for Ion activations of
+          * this script.  To maintain the invariant that "script->needsArgsObj
+          * implies fp->hasArgsObj", the Ion bail mechanism will create an
+          * arguments object right after restoring the BaselineFrame and before
+          * entering Baseline code (in jit::FinishBailoutToBaseline).
+          */
+-        if (i.isIon())
++        if (i.isIon()) {
+             continue;
++        }
+         AbstractFramePtr frame = i.abstractFramePtr();
+         if (frame.isFunctionFrame() && frame.script() == script) {
+             /* We crash on OOM since cleaning up here would be complicated. */
+             AutoEnterOOMUnsafeRegion oomUnsafe;
+             ArgumentsObject* argsobj = ArgumentsObject::createExpected(cx, frame);
+-            if (!argsobj)
++            if (!argsobj) {
+                 oomUnsafe.crash("JSScript::argumentsOptimizationFailed");
++            }
+             SetFrameArgumentsObject(cx, frame, script, argsobj);
+         }
+     }
+ 
+     return true;
+ }
+ 
+ bool
+ JSScript::formalIsAliased(unsigned argSlot)
+ {
+-    if (functionHasParameterExprs())
++    if (functionHasParameterExprs()) {
+         return false;
++    }
+ 
+     for (PositionalFormalParameterIter fi(this); fi; fi++) {
+-        if (fi.argumentSlot() == argSlot)
++        if (fi.argumentSlot() == argSlot) {
+             return fi.closedOver();
++        }
+     }
+     MOZ_CRASH("Argument slot not found");
+ }
+ 
+ bool
+ JSScript::formalLivesInArgumentsObject(unsigned argSlot)
+ {
+     return argsObjAliasesFormals() && !formalIsAliased(argSlot);
+@@ -4280,23 +4557,25 @@ LazyScript::CreateRaw(JSContext* cx, Han
+     p.treatAsRunOnce = false;
+ 
+     size_t bytes = (p.numClosedOverBindings * sizeof(JSAtom*))
+                  + (p.numInnerFunctions * sizeof(GCPtrFunction));
+ 
+     UniquePtr<uint8_t, JS::FreePolicy> table;
+     if (bytes) {
+         table.reset(cx->pod_malloc<uint8_t>(bytes));
+-        if (!table)
++        if (!table) {
+             return nullptr;
++        }
+     }
+ 
+     LazyScript* res = Allocate<LazyScript>(cx);
+-    if (!res)
++    if (!res) {
+         return nullptr;
++    }
+ 
+     cx->realm()->scheduleDelazificationForDebugger();
+ 
+     return new (res) LazyScript(fun, *sourceObject, table.release(), packed, sourceStart,
+                                 sourceEnd, toStringStart, lineno, column);
+ }
+ 
+ /* static */ LazyScript*
+@@ -4327,28 +4606,31 @@ LazyScript::Create(JSContext* cx, Handle
+     p.isLikelyConstructorWrapper = false;
+     p.isDerivedClassConstructor = false;
+     p.needsHomeObject = false;
+     p.parseGoal = uint32_t(parseGoal);
+ 
+     LazyScript* res = LazyScript::CreateRaw(cx, fun, sourceObject, packedFields,
+                                             sourceStart, sourceEnd,
+                                             toStringStart, lineno, column);
+-    if (!res)
++    if (!res) {
+         return nullptr;
++    }
+ 
+     JSAtom** resClosedOverBindings = res->closedOverBindings();
+-    for (size_t i = 0; i < res->numClosedOverBindings(); i++)
++    for (size_t i = 0; i < res->numClosedOverBindings(); i++) {
+         resClosedOverBindings[i] = closedOverBindings[i];
++    }
+ 
+     GCPtrFunction* resInnerFunctions = res->innerFunctions();
+     for (size_t i = 0; i < res->numInnerFunctions(); i++) {
+         resInnerFunctions[i].init(innerFunctions[i]);
+-        if (resInnerFunctions[i]->isInterpretedLazy())
++        if (resInnerFunctions[i]->isInterpretedLazy()) {
+             resInnerFunctions[i]->lazyScript()->setEnclosingLazyScript(res);
++        }
+     }
+ 
+     return res;
+ }
+ 
+ /* static */ LazyScript*
+ LazyScript::CreateForXDR(JSContext* cx, HandleFunction fun,
+                          HandleScript script, HandleScope enclosingScope,
+@@ -4361,42 +4643,47 @@ LazyScript::CreateForXDR(JSContext* cx, 
+ 
+     // Dummy function which is not a valid function as this is the one which is
+     // holding this lazy script.
+     HandleFunction dummyFun = fun;
+ 
+     LazyScript* res = LazyScript::CreateRaw(cx, fun, sourceObject, packedFields,
+                                             sourceStart, sourceEnd,
+                                             toStringStart, lineno, column);
+-    if (!res)
++    if (!res) {
+         return nullptr;
++    }
+ 
+     // Fill with dummies, to be GC-safe after the initialization of the free
+     // variables and inner functions.
+     size_t i, num;
+     JSAtom** closedOverBindings = res->closedOverBindings();
+-    for (i = 0, num = res->numClosedOverBindings(); i < num; i++)
++    for (i = 0, num = res->numClosedOverBindings(); i < num; i++) {
+         closedOverBindings[i] = dummyAtom;
++    }
+ 
+     GCPtrFunction* functions = res->innerFunctions();
+-    for (i = 0, num = res->numInnerFunctions(); i < num; i++)
++    for (i = 0, num = res->numInnerFunctions(); i < num; i++) {
+         functions[i].init(dummyFun);
++    }
+ 
+     // Set the enclosing scope of the lazy function. This value should only be
+     // set if we have a non-lazy enclosing script at this point.
+     // LazyScript::enclosingScriptHasEverBeenCompiled relies on the enclosing
+     // scope being non-null if we have ever been nested inside non-lazy
+     // function.
+     MOZ_ASSERT(!res->hasEnclosingScope());
+-    if (enclosingScope)
++    if (enclosingScope) {
+         res->setEnclosingScope(enclosingScope);
++    }
+ 
+     MOZ_ASSERT(!res->hasScript());
+-    if (script)
++    if (script) {
+         res->initScript(script);
++    }
+ 
+     return res;
+ }
+ 
+ void
+ LazyScript::initRuntimeFields(uint64_t packedFields)
+ {
+     union {
+@@ -4429,18 +4716,19 @@ JSScript::updateJitCodeRaw(JSRuntime* rt
+     }
+     MOZ_ASSERT(jitCodeRaw_);
+     MOZ_ASSERT(jitCodeSkipArgCheck_);
+ }
+ 
+ bool
+ JSScript::hasLoops()
+ {
+-    if (!hasTrynotes())
++    if (!hasTrynotes()) {
+         return false;
++    }
+     JSTryNote* tn = trynotes()->vector;
+     JSTryNote* tnlimit = tn + trynotes()->length;
+     for (; tn < tnlimit; tn++) {
+         switch (tn->kind) {
+           case JSTRY_FOR_IN:
+           case JSTRY_FOR_OF:
+           case JSTRY_LOOP:
+             return true;
+@@ -4484,46 +4772,50 @@ JSScript::AutoDelazify::holdScript(JS::H
+     }
+ }
+ 
+ void
+ JSScript::AutoDelazify::dropScript()
+ {
+     // Don't touch script_ if it's in the self-hosting realm, see the comment
+     // in holdScript.
+-    if (script_ && !script_->realm()->isSelfHostingRealm())
++    if (script_ && !script_->realm()->isSelfHostingRealm()) {
+         script_->setDoNotRelazify(oldDoNotRelazify_);
++    }
+     script_ = nullptr;
+ }
+ 
+ void
+ JSScript::setTopLevelPrivate(void* value)
+ {
+     MOZ_ASSERT(module() || isGlobalCode());
+ 
+     Scope* scope = bodyScope();
+-    if (scope->is<GlobalScope>())
++    if (scope->is<GlobalScope>()) {
+         scope->as<GlobalScope>().setTopLevelPrivate(value);
+-    else if (scope->is<ModuleScope>())
++    } else if (scope->is<ModuleScope>()) {
+         scope->as<ModuleScope>().setTopLevelPrivate(value);
+-    else
++    } else {
+         MOZ_CRASH("Unexpected scope kind");
++    }
+ }
+ 
+ void*
+ JSScript::maybeTopLevelPrivate() const
+ {
+-    if (!module() && !isGlobalCode())
++    if (!module() && !isGlobalCode()) {
+         return nullptr;
++    }
+ 
+     Scope* scope = bodyScope();
+-    if (scope->is<GlobalScope>())
++    if (scope->is<GlobalScope>()) {
+         return scope->as<GlobalScope>().topLevelPrivate();
+-    else if (scope->is<ModuleScope>())
++    } else if (scope->is<ModuleScope>()) {
+         return scope->as<ModuleScope>().topLevelPrivate();
++    }
+ 
+     MOZ_CRASH("Unexpected scope kind");
+ }
+ 
+ JS::ubi::Base::Size
+ JS::ubi::Concrete<JSScript>::size(mozilla::MallocSizeOf mallocSizeOf) const
+ {
+     Size size = gc::Arena::thingSize(get().asTenured().getAllocKind());
+@@ -4556,13 +4848,14 @@ JS::ubi::Concrete<js::LazyScript>::size(
+     size += get().sizeOfExcludingThis(mallocSizeOf);
+     return size;
+ }
+ 
+ const char*
+ JS::ubi::Concrete<js::LazyScript>::scriptFilename() const
+ {
+     auto source = get().sourceObject().source();
+-    if (!source)
++    if (!source) {
+         return nullptr;
++    }
+ 
+     return source->filename();
+ }
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -536,18 +536,19 @@ class ScriptSource
+ 
+     ~ScriptSource() {
+         MOZ_ASSERT(refs == 0);
+     }
+ 
+     void incref() { refs++; }
+     void decref() {
+         MOZ_ASSERT(refs != 0);
+-        if (--refs == 0)
++        if (--refs == 0) {
+             js_delete(this);
++        }
+     }
+     MOZ_MUST_USE bool initFromOptions(JSContext* cx,
+                                       const JS::ReadOnlyCompileOptions& options,
+                                       const mozilla::Maybe<uint32_t>& parameterListEnd = mozilla::Nothing());
+     MOZ_MUST_USE bool setSourceCopy(JSContext* cx, JS::SourceBufferHolder& srcBuf);
+     void setSourceRetrievable() { sourceRetrievable_ = true; }
+     bool sourceRetrievable() const { return sourceRetrievable_; }
+     bool hasSourceData() const { return !data.is<Missing>(); }
+@@ -697,25 +698,28 @@ class ScriptSourceHolder
+     {}
+     explicit ScriptSourceHolder(ScriptSource* ss)
+       : ss(ss)
+     {
+         ss->incref();
+     }
+     ~ScriptSourceHolder()
+     {
+-        if (ss)
++        if (ss) {
+             ss->decref();
++        }
+     }
+     void reset(ScriptSource* newss) {
+         // incref before decref just in case ss == newss.
+-        if (newss)
++        if (newss) {
+             newss->incref();
+-        if (ss)
++        }
++        if (ss) {
+             ss->decref();
++        }
+         ss = newss;
+     }
+     ScriptSource* get() const {
+         return ss;
+     }
+ };
+ 
+ class ScriptSourceObject : public NativeObject
+@@ -744,18 +748,19 @@ class ScriptSourceObject : public Native
+         return getReservedSlot(ELEMENT_SLOT).toObjectOrNull();
+     }
+     const Value& elementAttributeName() const {
+         MOZ_ASSERT(!getReservedSlot(ELEMENT_PROPERTY_SLOT).isMagic());
+         return getReservedSlot(ELEMENT_PROPERTY_SLOT);
+     }
+     JSScript* introductionScript() const {
+         Value value = getReservedSlot(INTRODUCTION_SCRIPT_SLOT);
+-        if (value.isUndefined())
++        if (value.isUndefined()) {
+             return nullptr;
++        }
+         return value.toGCThing()->as<JSScript>();
+     }
+ 
+   private:
+     static const uint32_t SOURCE_SLOT = 0;
+     static const uint32_t ELEMENT_SLOT = 1;
+     static const uint32_t ELEMENT_PROPERTY_SLOT = 2;
+     static const uint32_t INTRODUCTION_SCRIPT_SLOT = 3;
+@@ -813,36 +818,38 @@ class SharedScriptData
+         return refCount_;
+     }
+     void incRefCount() {
+         refCount_++;
+     }
+     void decRefCount() {
+         MOZ_ASSERT(refCount_ != 0);
+         uint32_t remain = --refCount_;
+-        if (remain == 0)
++        if (remain == 0) {
+             js_free(this);
++        }
+     }
+ 
+     size_t dataLength() const {
+         return (natoms_ * sizeof(GCPtrAtom)) + codeLength_ + noteLength_;
+     }
+     const uint8_t* data() const {
+         return reinterpret_cast<const uint8_t*>(data_);
+     }
+     uint8_t* data() {
+         return reinterpret_cast<uint8_t*>(data_);
+     }
+ 
+     uint32_t natoms() const {
+         return natoms_;
+     }
+     GCPtrAtom* atoms() {
+-        if (!natoms_)
++        if (!natoms_) {
+             return nullptr;
++        }
+         return reinterpret_cast<GCPtrAtom*>(data());
+     }
+ 
+     uint32_t codeLength() const {
+         return codeLength_;
+     }
+     jsbytecode* code() {
+         return reinterpret_cast<jsbytecode*>(data() + natoms_ * sizeof(GCPtrAtom));
+@@ -876,22 +883,25 @@ struct ScriptBytecodeHasher
+         ~Lookup();
+     };
+ 
+     static HashNumber hash(const Lookup& l) {
+         return l.hash;
+     }
+     static bool match(SharedScriptData* entry, const Lookup& lookup) {
+         const SharedScriptData* data = lookup.scriptData;
+-        if (entry->natoms() != data->natoms())
++        if (entry->natoms() != data->natoms()) {
++            return false;
++        }
++        if (entry->codeLength() != data->codeLength()) {
+             return false;
+-        if (entry->codeLength() != data->codeLength())
++        }
++        if (entry->numNotes() != data->numNotes()) {
+             return false;
+-        if (entry->numNotes() != data->numNotes())
+-            return false;
++        }
+         return mozilla::ArrayEqual<uint8_t>(entry->data(), data->data(), data->dataLength());
+     }
+ };
+ 
+ class AutoLockScriptData;
+ 
+ using ScriptDataTable = HashSet<SharedScriptData*,
+                                 ScriptBytecodeHasher,
+@@ -1250,18 +1260,19 @@ class JSScript : public js::gc::TenuredC
+     JS::Realm* realm() const { return realm_; }
+ 
+     js::SharedScriptData* scriptData() {
+         return scriptData_;
+     }
+ 
+     // Script bytecode is immutable after creation.
+     jsbytecode* code() const {
+-        if (!scriptData_)
++        if (!scriptData_) {
+             return nullptr;
++        }
+         return scriptData_->code();
+     }
+     bool isUncompleted() const {
+         // code() becomes non-null only if this script is complete.
+         // See the comment in JSScript::fullyInitFromEmitter.
+         return !code();
+     }
+ 
+@@ -1310,43 +1321,47 @@ class JSScript : public js::gc::TenuredC
+     // module code) and block-scoped locals (in all kinds of code).
+     size_t nfixed() const {
+         return nfixed_;
+     }
+ 
+     // Number of fixed slots reserved for slots that are always live. Only
+     // nonzero for function or module code.
+     size_t numAlwaysLiveFixedSlots() const {
+-        if (bodyScope()->is<js::FunctionScope>())
++        if (bodyScope()->is<js::FunctionScope>()) {
+             return bodyScope()->as<js::FunctionScope>().nextFrameSlot();
+-        if (bodyScope()->is<js::ModuleScope>())
++        }
++        if (bodyScope()->is<js::ModuleScope>()) {
+             return bodyScope()->as<js::ModuleScope>().nextFrameSlot();
++        }
+         return 0;
+     }
+ 
+     // Calculate the number of fixed slots that are live at a particular bytecode.
+     size_t calculateLiveFixed(jsbytecode* pc);
+ 
+     size_t nslots() const {
+         return nslots_;
+     }
+ 
+     unsigned numArgs() const {
+-        if (bodyScope()->is<js::FunctionScope>())
++        if (bodyScope()->is<js::FunctionScope>()) {
+             return bodyScope()->as<js::FunctionScope>().numPositionalFormalParameters();
++        }
+         return 0;
+     }
+ 
+     inline js::Shape* initialEnvironmentShape() const;
+ 
+     bool functionHasParameterExprs() const {
+         // Only functions have parameters.
+         js::Scope* scope = bodyScope();
+-        if (!scope->is<js::FunctionScope>())
++        if (!scope->is<js::FunctionScope>()) {
+             return false;
++        }
+         return scope->as<js::FunctionScope>().hasParameterExprs();
+     }
+ 
+     size_t nTypeSets() const {
+         return nTypeSets_;
+     }
+ 
+     size_t funLength() const {
+@@ -1680,29 +1695,31 @@ class JSScript : public js::gc::TenuredC
+      * nullptr for global and eval scripts.
+      * The delazifying variant ensures that the function isn't lazy. The
+      * non-delazifying variant must only be used after earlier code has
+      * called ensureNonLazyCanonicalFunction and while the function can't
+      * have been relazified.
+      */
+     inline JSFunction* functionDelazifying() const;
+     JSFunction* functionNonDelazifying() const {
+-        if (bodyScope()->is<js::FunctionScope>())
++        if (bodyScope()->is<js::FunctionScope>()) {
+             return bodyScope()->as<js::FunctionScope>().canonicalFunction();
++        }
+         return nullptr;
+     }
+     /*
+      * De-lazifies the canonical function. Must be called before entering code
+      * that expects the function to be non-lazy.
+      */
+     inline void ensureNonLazyCanonicalFunction();
+ 
+     js::ModuleObject* module() const {
+-        if (bodyScope()->is<js::ModuleScope>())
++        if (bodyScope()->is<js::ModuleScope>()) {
+             return bodyScope()->as<js::ModuleScope>().module();
++        }
+         return nullptr;
+     }
+ 
+     bool isGlobalOrEvalCode() const {
+         return bodyScope()->is<js::GlobalScope>() || bodyScope()->is<js::EvalScope>();
+     }
+     bool isGlobalCode() const {
+         return bodyScope()->is<js::GlobalScope>();
+@@ -1742,18 +1759,19 @@ class JSScript : public js::gc::TenuredC
+     /* Return whether this script was compiled for 'eval' */
+     bool isForEval() const {
+         MOZ_ASSERT_IF(isCachedEval() || isActiveEval(), bodyScope()->is<js::EvalScope>());
+         return isCachedEval() || isActiveEval();
+     }
+ 
+     /* Return whether this is a 'direct eval' script in a function scope. */
+     bool isDirectEvalInFunction() const {
+-        if (!isForEval())
++        if (!isForEval()) {
+             return false;
++        }
+         return bodyScope()->hasOnChain(js::ScopeKind::Function);
+     }
+ 
+     /*
+      * Return whether this script is a top-level script.
+      *
+      * If we evaluate some code which contains a syntax error, then we might
+      * produce a JSScript which has no associated bytecode. Testing with
+@@ -1801,27 +1819,29 @@ class JSScript : public js::gc::TenuredC
+         MOZ_ASSERT_IF(bitFields_.functionHasExtraBodyVarScope_, functionHasParameterExprs());
+         return bitFields_.functionHasExtraBodyVarScope_;
+     }
+ 
+     js::VarScope* functionExtraBodyVarScope() const {
+         MOZ_ASSERT(functionHasExtraBodyVarScope());
+         for (uint32_t i = 0; i < scopes()->length; i++) {
+             js::Scope* scope = getScope(i);
+-            if (scope->kind() == js::ScopeKind::FunctionBodyVar)
++            if (scope->kind() == js::ScopeKind::FunctionBodyVar) {
+                 return &scope->as<js::VarScope>();
++            }
+         }
+         MOZ_CRASH("Function extra body var scope not found");
+     }
+ 
+     bool needsBodyEnvironment() const {
+         for (uint32_t i = 0; i < scopes()->length; i++) {
+             js::Scope* scope = getScope(i);
+-            if (ScopeKindIsInBody(scope->kind()) && scope->hasEnvironment())
++            if (ScopeKindIsInBody(scope->kind()) && scope->hasEnvironment()) {
+                 return true;
++            }
+         }
+         return false;
+     }
+ 
+     inline js::LexicalScope* maybeNamedLambdaScope() const;
+ 
+     js::Scope* enclosingScope() const {
+         return outermostScope()->enclosing();
+@@ -2002,18 +2022,19 @@ class JSScript : public js::gc::TenuredC
+         MOZ_ASSERT(containsPC(pc) && containsPC(pc + sizeof(uint32_t)));
+         MOZ_ASSERT(js::JOF_OPTYPE(JSOp(*pc)) == JOF_SCOPE,
+                    "Did you mean to use lookupScope(pc)?");
+         return getScope(GET_UINT32_INDEX(pc));
+     }
+ 
+     inline JSFunction* getFunction(size_t index);
+     JSFunction* function() const {
+-        if (functionNonDelazifying())
++        if (functionNonDelazifying()) {
+             return functionNonDelazifying();
++        }
+         return nullptr;
+     }
+ 
+     inline js::RegExpObject* getRegExp(size_t index);
+     inline js::RegExpObject* getRegExp(jsbytecode* pc);
+ 
+     const js::Value& getConst(size_t index) {
+         js::ConstArray* arr = consts();
+@@ -2030,22 +2051,24 @@ class JSScript : public js::gc::TenuredC
+     js::Scope* innermostScope() { return innermostScope(main()); }
+ 
+     /*
+      * The isEmpty method tells whether this script has code that computes any
+      * result (not return value, result AKA normal completion value) other than
+      * JSVAL_VOID, or any other effects.
+      */
+     bool isEmpty() const {
+-        if (length() > 3)
++        if (length() > 3) {
+             return false;
++        }
+ 
+         jsbytecode* pc = code();
+-        if (noScriptRval() && JSOp(*pc) == JSOP_FALSE)
++        if (noScriptRval() && JSOp(*pc) == JSOP_FALSE) {
+             ++pc;
++        }
+         return JSOp(*pc) == JSOP_RETRVAL;
+     }
+ 
+     bool formalIsAliased(unsigned argSlot);
+     bool formalLivesInArgumentsObject(unsigned argSlot);
+ 
+   private:
+     /* Change this->stepMode to |newValue|. */

frg/work-js/mozilla-release/patches/L-1518075-2-66a1.patch

@@ -5,9 +5,9 @@
 # Parent  48810cb8ba3fb643308bbf2c5400e1b42042ca45
 Bug 1518075 - Add another check for null script because compilation can 'succeed' if scripting is disabled r=smaug
 
-diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp
---- a/dom/base/nsGlobalWindowInner.cpp
-+++ b/dom/base/nsGlobalWindowInner.cpp
+diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp
+--- a/dom/base/nsGlobalWindow.cpp
++++ b/dom/base/nsGlobalWindow.cpp
 @@ -6001,20 +6001,21 @@ bool nsGlobalWindowInner::RunTimeoutHand
        options.setFileAndLine(filename, lineNo);
        options.setNoScriptRval(true);

frg/work-js/mozilla-release/patches/L-1518075-3-66a1.patch

@@ -5,9 +5,9 @@
 # Parent  d9ae827234990ad8ce27a2337df9dbc9dc578b05
 Bug 1518075 - Fix rooting hazard r=me on a CLOSED TREE
 
-diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp
---- a/dom/base/nsGlobalWindowInner.cpp
-+++ b/dom/base/nsGlobalWindowInner.cpp
+diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp
+--- a/dom/base/nsGlobalWindow.cpp
++++ b/dom/base/nsGlobalWindow.cpp
 @@ -6001,17 +6001,17 @@ bool nsGlobalWindowInner::RunTimeoutHand
        options.setFileAndLine(filename, lineNo);
        options.setNoScriptRval(true);

frg/work-js/mozilla-release/patches/TOP-NOBUG-REGEXP-37-1642493-79a1-25318.patch

@@ -1,7 +1,7 @@
 # HG changeset patch
 # User Dmitry Butskoy <buc@buc.me>
 # Date 1690631112 -7200
-# Parent  10cd713bc4e38ad70f46133e7ea6e22c59663f9a
+# Parent  f09627b86334e1335997a362767f0b9e6912b768
 No Bug - Import new regexp V8 engine. r=frg a=frg
 
 diff --git a/.clang-format-ignore b/.clang-format-ignore
@@ -4173,7 +4173,7 @@ diff --git a/js/src/irregexp/RegExpEngine.cpp b/js/src/irregexp/RegExpEngine.cpp
 deleted file mode 100644
 --- a/js/src/irregexp/RegExpEngine.cpp
 +++ /dev/null
-@@ -1,5122 +0,0 @@
+@@ -1,5123 +0,0 @@
 -/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 4 -*-
 - * vim: set ts=8 sts=4 et sw=4 tw=99: */
 -
@@ -5502,6 +5502,7 @@ deleted file mode 100644
 -    EnsureAnalyzed(that->on_success());
 -}
 -
+-// [SMDOC] Irregexp internals
 -// -------------------------------------------------------------------
 -// Implementation of the Irregexp regular expression engine.
 -//
@@ -41921,7 +41922,7 @@ deleted file mode 100644
 diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
 --- a/js/src/shell/js.cpp
 +++ b/js/src/shell/js.cpp
-@@ -8540,22 +8540,20 @@ SetContextOptions(JSContext* cx, const O
+@@ -8636,22 +8636,20 @@ SetContextOptions(JSContext* cx, const O
      int32_t warmUpThreshold = op.getIntOption("ion-warmup-threshold");
      if (warmUpThreshold >= 0)
          jit::JitOptions.setCompilerWarmUpThreshold(warmUpThreshold);
@@ -41944,7 +41945,7 @@ diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
          jit::JitOptions.forcedRegisterAllocator = jit::LookupRegisterAllocator(str);
          if (!jit::JitOptions.forcedRegisterAllocator.isSome())
              return OptionFailure("ion-regalloc", str);
-@@ -8915,23 +8913,21 @@ main(int argc, char** argv, char** envp)
+@@ -9011,23 +9009,21 @@ main(int argc, char** argv, char** envp)
          || !op.addBoolOption('\0', "test-wasm-await-tier2", "Forcibly activate tiering and block "
                                     "instantiation on completion of tier2")
  #ifdef ENABLE_WASM_GC

frg/work-js/mozilla-release/patches/ccccccc.fixit.patch

@@ -0,0 +1,60 @@
+# HG changeset patch
+# User Frank-Rainer Grahl <frgrahl@gmx.net>
+# Date 1708110659 -3600
+# Parent  5b66284d3e35dc0dda915e59fdb1659c98396934
+aaaa
+
+diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitter.cpp
+--- a/js/src/frontend/BytecodeEmitter.cpp
++++ b/js/src/frontend/BytecodeEmitter.cpp
+@@ -9235,17 +9235,17 @@ BytecodeEmitter::emitTree(ParseNode* pn,
+         break;
+ 
+       case ParseNodeKind::ImportMeta:
+         if (!emit1(JSOP_IMPORTMETA))
+             return false;
+         break;
+ 
+       case ParseNodeKind::CallImport:
+-        if (!emitTree(pn->as<BinaryNode>().right()) || !emit1(JSOP_DYNAMIC_IMPORT)) {
++        if (!emitTree(pn->pn_right) || !emit1(JSOP_DYNAMIC_IMPORT)) {
+             return false;
+         }
+         break;
+ 
+       case ParseNodeKind::SetThis:
+         if (!emitSetThis(pn))
+             return false;
+         break;
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1027,16 +1027,28 @@ class JSScript : public js::gc::TenuredC
+     uint16_t warmUpResetCount = 0;
+ 
+     /* ES6 function length. */
+     uint16_t funLength_ = 0;
+ 
+     /* Number of type sets used in this script for dynamic type monitoring. */
+     uint16_t nTypeSets_ = 0;
+ 
++    // Bit fields.
++
++  public:
++    // The kinds of the optional arrays.
++    enum ArrayKind {
++        CONSTS,
++        OBJECTS,
++        TRYNOTES,
++        SCOPENOTES,
++        ARRAY_KIND_BITS
++    };
++
+   private:
+     struct BitFields
+     {
+         /*
+          * Bit-fields can't have member initializers til C++2a, i.e. probably
+          * C++20, so we can't initialize these to zero in place.  Instead we
+          * braced-init this to all zeroes in the JSScript constructor, then
+          * custom-assign particular bit-fields in the constructor body.

frg/work-js/mozilla-release/patches/mozilla-central-push_422913.patch

@@ -1,35 +0,0 @@
-# HG changeset patch
-# User Jeff Walden <jwalden@mit.edu>
-# Date 1529012384 25200
-#      Thu Jun 14 14:39:44 2018 -0700
-# Node ID 6625e63ecaf5af69387fac13b2c0ac0ce22cc69b
-# Parent  171c0f2ef4b982e0bd1f3f55fc7eb9f2c5599bb9
-Bug 1467276 - Properly free |result| in DecompileAtPCForStackDump after its use, including when that use fails.  r=anba
-
-diff --git a/js/src/vm/BytecodeUtil.cpp b/js/src/vm/BytecodeUtil.cpp
---- a/js/src/vm/BytecodeUtil.cpp
-+++ b/js/src/vm/BytecodeUtil.cpp
-@@ -2182,20 +2182,19 @@ DecompileAtPCForStackDump(JSContext* cx,
- 
-     if (!ed.decompilePC(offsetAndDefIndex))
-         return false;
- 
-     char* result;
-     if (!ed.getOutput(&result))
-         return false;
- 
--    if (!sp->put(result))
--        return false;
--
--    return true;
-+    bool ok = sp->put(result);
-+    js_free(result);
-+    return ok;
- }
- #endif /* DEBUG */
- 
- static bool
- FindStartPC(JSContext* cx, const FrameIter& iter, int spindex, int skipStackHits, const Value& v,
-             jsbytecode** valuepc, uint8_t* defIndex)
- {
-     jsbytecode* current = *valuepc;

frg/work-js/mozilla-release/patches/mozilla-central-push_422916.patch

@@ -1,67 +0,0 @@
-# HG changeset patch
-# User Jeff Walden <jwalden@mit.edu>
-# Date 1529012747 25200
-#      Thu Jun 14 14:45:47 2018 -0700
-# Node ID 845878e00f84fe3f3213cb167c200ea7c73e47c8
-# Parent  a66a884fb46f23ac57ca39a006a10561a5e3a3de
-Bug 1467275 - Don't leak |chars| when an error occurs after its allocation in JS_BufferIsCompilableUnit.  r=anba
-
-diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
---- a/js/src/jsapi.cpp
-+++ b/js/src/jsapi.cpp
-@@ -4383,17 +4383,18 @@ JS_PUBLIC_API(bool)
- JS_BufferIsCompilableUnit(JSContext* cx, HandleObject obj, const char* utf8, size_t length)
- {
-     AssertHeapIsIdle();
-     CHECK_REQUEST(cx);
-     assertSameCompartment(cx, obj);
- 
-     cx->clearPendingException();
- 
--    char16_t* chars = JS::UTF8CharsToNewTwoByteCharsZ(cx, JS::UTF8Chars(utf8, length), &length).get();
-+    UniquePtr<char16_t> chars
-+        { JS::UTF8CharsToNewTwoByteCharsZ(cx, JS::UTF8Chars(utf8, length), &length).get() };
-     if (!chars)
-         return true;
- 
-     // Return true on any out-of-memory error or non-EOF-related syntax error, so our
-     // caller doesn't try to collect more buffered source.
-     bool result = true;
- 
-     CompileOptions options(cx);
-@@ -4402,34 +4403,33 @@ JS_BufferIsCompilableUnit(JSContext* cx,
-         return false;
- 
-     RootedScriptSourceObject sourceObject(cx, frontend::CreateScriptSourceObject(cx, options,
-                                                                                  mozilla::Nothing()));
-     if (!sourceObject)
-         return false;
- 
-     frontend::Parser<frontend::FullParseHandler, char16_t> parser(cx, cx->tempLifoAlloc(),
--                                                                  options, chars, length,
-+                                                                  options, chars.get(), length,
-                                                                   /* foldConstants = */ true,
-                                                                   usedNames, nullptr, nullptr,
-                                                                   sourceObject,
-                                                                   frontend::ParseGoal::Script);
-     JS::WarningReporter older = JS::SetWarningReporter(cx, nullptr);
-     if (!parser.checkOptions() || !parser.parse()) {
-         // We ran into an error. If it was because we ran out of source, we
-         // return false so our caller knows to try to collect more buffered
-         // source.
-         if (parser.isUnexpectedEOF())
-             result = false;
- 
-         cx->clearPendingException();
-     }
-     JS::SetWarningReporter(cx, older);
- 
--    js_free(chars);
-     return result;
- }
- 
- JS_PUBLIC_API(JSObject*)
- JS_GetGlobalFromScript(JSScript* script)
- {
-     MOZ_ASSERT(!script->isCachedEval());
-     return &script->global();

frg/work-js/mozilla-release/patches/mozilla-central-push_423054.patch

@@ -1,83 +0,0 @@
-# HG changeset patch
-# User Robin Templeton <robin@igalia.com>
-# Date 1527576600 -10800
-#      Tue May 29 09:50:00 2018 +0300
-# Node ID fcf6bdd122add51175a57fdf4953aec895f18bfb
-# Parent  c14e3d00d74076f7908f4c1259ccd7e869e60a31
-bug 1464758 - BigInt shouldn't get the legacy fallback behaviour in Object.prototype.toString. r=anba
-
-Change BigInt's class name to "Object" so that the correct tag is used
-when the @@toStringTag property is not a string. Remove special cases
-for BigInt in GetBuiltinTagFast and GetBuiltinTagSlow.
-
-diff --git a/js/src/builtin/BigInt.cpp b/js/src/builtin/BigInt.cpp
---- a/js/src/builtin/BigInt.cpp
-+++ b/js/src/builtin/BigInt.cpp
-@@ -184,18 +184,19 @@ const ClassSpec BigIntObject::classSpec_
-     GenericCreateConstructor<BigIntConstructor, 1, gc::AllocKind::FUNCTION>,
-     CreateBigIntPrototype,
-     nullptr,
-     nullptr,
-     BigIntObject::methods,
-     BigIntObject::properties
- };
- 
-+// The class is named "Object" as a workaround for bug 1277801.
- const Class BigIntObject::class_ = {
--    "BigInt",
-+    "Object",
-     JSCLASS_HAS_CACHED_PROTO(JSProto_BigInt) |
-     JSCLASS_HAS_RESERVED_SLOTS(RESERVED_SLOTS),
-     JS_NULL_CLASS_OPS,
-     &BigIntObject::classSpec_
- };
- 
- const JSPropertySpec BigIntObject::properties[] = {
-     // BigInt proposal section 5.3.5
-diff --git a/js/src/builtin/Object.cpp b/js/src/builtin/Object.cpp
---- a/js/src/builtin/Object.cpp
-+++ b/js/src/builtin/Object.cpp
-@@ -469,21 +469,16 @@ GetBuiltinTagSlow(JSContext* cx, HandleO
-         builtinTag.set(cx->names().objectNumber);
-         return true;
-       case ESClass::Date:
-         builtinTag.set(cx->names().objectDate);
-         return true;
-       case ESClass::RegExp:
-         builtinTag.set(cx->names().objectRegExp);
-         return true;
--#ifdef ENABLE_BIGINT
--      case ESClass::BigInt:
--        builtinTag.set(cx->names().objectBigInt);
--        return true;
--#endif
-       default:
-         if (obj->isCallable()) {
-             // Non-standard: Prevent <object> from showing up as Function.
-             RootedObject unwrapped(cx, CheckedUnwrap(obj));
-             if (!unwrapped || !unwrapped->getClass()->isDOMClass()) {
-                 builtinTag.set(cx->names().objectFunction);
-                 return true;
-             }
-@@ -533,21 +528,16 @@ GetBuiltinTagFast(JSObject* obj, const C
-     if (obj->is<ErrorObject>())
-         return cx->names().objectError;
- 
-     if (obj->isCallable() && !obj->getClass()->isDOMClass()) {
-         // Non-standard: Prevent <object> from showing up as Function.
-         return cx->names().objectFunction;
-     }
- 
--#ifdef ENABLE_BIGINT
--    if (obj->is<BigIntObject>())
--        return cx->names().objectBigInt;
--#endif
--
-     return nullptr;
- }
- 
- // ES6 19.1.3.6
- bool
- js::obj_toString(JSContext* cx, unsigned argc, Value* vp)
- {
-     CallArgs args = CallArgsFromVp(argc, vp);

frg/work-js/mozilla-release/patches/mozilla-central-push_423179.patch

@@ -1,277 +0,0 @@
-# HG changeset patch
-# User Tom Schuster <evilpies@gmail.com>
-# Date 1528203433 -7200
-#      Tue Jun 05 14:57:13 2018 +0200
-# Node ID 82e3dae4079c749b36bd5634e31deb49182332a4
-# Parent  aa34ca78ad4d508e4e1c7a8ba0f278a5f83658bc
-Bug 1469540 - Remove option to disable Array.prototype.values. r=jandem
-
-diff --git a/dom/workers/RuntimeService.cpp b/dom/workers/RuntimeService.cpp
---- a/dom/workers/RuntimeService.cpp
-+++ b/dom/workers/RuntimeService.cpp
-@@ -303,19 +303,17 @@ LoadContextOptions(const char* aPrefName
-                 .setIon(GetWorkerPref<bool>(NS_LITERAL_CSTRING("ion")))
-                 .setNativeRegExp(GetWorkerPref<bool>(NS_LITERAL_CSTRING("native_regexp")))
-                 .setAsyncStack(GetWorkerPref<bool>(NS_LITERAL_CSTRING("asyncstack")))
-                 .setWerror(GetWorkerPref<bool>(NS_LITERAL_CSTRING("werror")))
- #ifdef FUZZING
-                 .setFuzzing(GetWorkerPref<bool>(NS_LITERAL_CSTRING("fuzzing.enabled")))
- #endif
-                 .setStreams(GetWorkerPref<bool>(NS_LITERAL_CSTRING("streams")))
--                .setExtraWarnings(GetWorkerPref<bool>(NS_LITERAL_CSTRING("strict")))
--                .setArrayProtoValues(GetWorkerPref<bool>(
--                      NS_LITERAL_CSTRING("array_prototype_values")));
-+                .setExtraWarnings(GetWorkerPref<bool>(NS_LITERAL_CSTRING("strict")));
- 
-   nsCOMPtr<nsIXULRuntime> xr = do_GetService("@mozilla.org/xre/runtime;1");
-   if (xr) {
-     bool safeMode = false;
-     xr->GetInSafeMode(&safeMode);
-     if (safeMode) {
-       contextOptions.disableOptionsForSafeMode();
-     }
-diff --git a/js/src/jsapi.h b/js/src/jsapi.h
---- a/js/src/jsapi.h
-+++ b/js/src/jsapi.h
-@@ -707,17 +707,16 @@ class JS_PUBLIC_API(ContextOptions) {
-         dumpStackOnDebuggeeWouldRun_(false),
-         werror_(false),
-         strictMode_(false),
-         extraWarnings_(false),
-         streams_(false)
- #ifdef FUZZING
-         , fuzzing_(false)
- #endif
--        , arrayProtoValues_(true)
-     {
-     }
- 
-     bool baseline() const { return baseline_; }
-     ContextOptions& setBaseline(bool flag) {
-         baseline_ = flag;
-         return *this;
-     }
-@@ -871,22 +870,16 @@ class JS_PUBLIC_API(ContextOptions) {
- #ifdef FUZZING
-     bool fuzzing() const { return fuzzing_; }
-     ContextOptions& setFuzzing(bool flag) {
-         fuzzing_ = flag;
-         return *this;
-     }
- #endif
- 
--    bool arrayProtoValues() const { return arrayProtoValues_; }
--    ContextOptions& setArrayProtoValues(bool flag) {
--        arrayProtoValues_ = flag;
--        return *this;
--    }
--
-     void disableOptionsForSafeMode() {
-         setBaseline(false);
-         setIon(false);
-         setAsmJS(false);
-         setWasm(false);
-         setWasmBaseline(false);
-         setWasmIon(false);
- #ifdef ENABLE_WASM_GC
-@@ -913,17 +906,16 @@ class JS_PUBLIC_API(ContextOptions) {
-     bool dumpStackOnDebuggeeWouldRun_ : 1;
-     bool werror_ : 1;
-     bool strictMode_ : 1;
-     bool extraWarnings_ : 1;
-     bool streams_: 1;
- #ifdef FUZZING
-     bool fuzzing_ : 1;
- #endif
--    bool arrayProtoValues_ : 1;
- 
- };
- 
- JS_PUBLIC_API(ContextOptions&)
- ContextOptionsRef(JSContext* cx);
- 
- /**
-  * Initialize the runtime's self-hosted code. Embeddings should call this
-diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
---- a/js/src/shell/js.cpp
-+++ b/js/src/shell/js.cpp
-@@ -495,17 +495,16 @@ static bool enableSharedMemory = SHARED_
- static bool enableWasmBaseline = false;
- static bool enableWasmIon = false;
- #ifdef ENABLE_WASM_GC
- static bool enableWasmGc = false;
- #endif
- static bool enableTestWasmAwaitTier2 = false;
- static bool enableAsyncStacks = false;
- static bool enableStreams = false;
--static bool enableArrayProtoValues = true;
- #ifdef JS_GC_ZEAL
- static uint32_t gZealBits = 0;
- static uint32_t gZealFrequency = 0;
- #endif
- static bool printTiming = false;
- static const char* jsCacheDir = nullptr;
- static const char* jsCacheAsmJSPath = nullptr;
- static RCFile* gErrFile = nullptr;
-@@ -8522,32 +8521,30 @@ SetContextOptions(JSContext* cx, const O
-     enableWasmBaseline = !op.getBoolOption("no-wasm-baseline");
-     enableWasmIon = !op.getBoolOption("no-wasm-ion");
- #ifdef ENABLE_WASM_GC
-     enableWasmGc = op.getBoolOption("wasm-gc");
- #endif
-     enableTestWasmAwaitTier2 = op.getBoolOption("test-wasm-await-tier2");
-     enableAsyncStacks = !op.getBoolOption("no-async-stacks");
-     enableStreams = op.getBoolOption("enable-streams");
--    enableArrayProtoValues = !op.getBoolOption("no-array-proto-values");
- 
-     JS::ContextOptionsRef(cx).setBaseline(enableBaseline)
-                              .setIon(enableIon)
-                              .setAsmJS(enableAsmJS)
-                              .setWasm(enableWasm)
-                              .setWasmBaseline(enableWasmBaseline)
-                              .setWasmIon(enableWasmIon)
- #ifdef ENABLE_WASM_GC
-                              .setWasmGc(enableWasmGc)
- #endif
-                              .setTestWasmAwaitTier2(enableTestWasmAwaitTier2)
-                              .setNativeRegExp(enableNativeRegExp)
-                              .setAsyncStack(enableAsyncStacks)
--                             .setStreams(enableStreams)
--                             .setArrayProtoValues(enableArrayProtoValues);
-+                             .setStreams(enableStreams);
- 
-     if (op.getBoolOption("no-unboxed-objects"))
-         jit::JitOptions.disableUnboxedObjects = true;
- 
-     if (const char* str = op.getStringOption("cache-ir-stubs")) {
-         if (strcmp(str, "on") == 0)
-             jit::JitOptions.disableCacheIR = false;
-         else if (strcmp(str, "off") == 0)
-@@ -8832,18 +8829,18 @@ SetWorkerContextOptions(JSContext* cx)
-                              .setWasm(enableWasm)
-                              .setWasmBaseline(enableWasmBaseline)
-                              .setWasmIon(enableWasmIon)
- #ifdef ENABLE_WASM_GC
-                              .setWasmGc(enableWasmGc)
- #endif
-                              .setTestWasmAwaitTier2(enableTestWasmAwaitTier2)
-                              .setNativeRegExp(enableNativeRegExp)
--                             .setStreams(enableStreams)
--                             .setArrayProtoValues(enableArrayProtoValues);
-+                             .setStreams(enableStreams);
-+
-     cx->runtime()->setOffthreadIonCompilationEnabled(offthreadCompilation);
-     cx->runtime()->profilingScripts = enableCodeCoverage || enableDisassemblyDumps;
- 
- #ifdef JS_GC_ZEAL
-     if (gZealBits && gZealFrequency) {
-         for (size_t i = 0; i < size_t(gc::ZealMode::Count); i++) {
-             if (gZealBits & (1 << i))
-                 cx->runtime()->gc.setZeal(i, gZealFrequency);
-@@ -9089,17 +9086,16 @@ main(int argc, char** argv, char** envp)
- #ifdef ENABLE_WASM_GC
-         || !op.addBoolOption('\0', "wasm-gc", "Enable wasm GC features")
- #else
-         || !op.addBoolOption('\0', "wasm-gc", "No-op")
- #endif
-         || !op.addBoolOption('\0', "no-native-regexp", "Disable native regexp compilation")
-         || !op.addBoolOption('\0', "no-unboxed-objects", "Disable creating unboxed plain objects")
-         || !op.addBoolOption('\0', "enable-streams", "Enable WHATWG Streams")
--        || !op.addBoolOption('\0', "no-array-proto-values", "Remove Array.prototype.values")
- #ifdef ENABLE_SHARED_ARRAY_BUFFER
-         || !op.addStringOption('\0', "shared-memory", "on/off",
-                                "SharedArrayBuffer and Atomics "
- #  if SHARED_MEMORY_DEFAULT
-                                "(default: on, off to disable)"
- #  else
-                                "(default: off, on to enable)"
- #  endif
-diff --git a/js/src/vm/JSObject.cpp b/js/src/vm/JSObject.cpp
---- a/js/src/vm/JSObject.cpp
-+++ b/js/src/vm/JSObject.cpp
-@@ -2987,21 +2987,16 @@ PropertySpecNameToId(JSContext* cx, cons
- static bool
- DefineFunctionFromSpec(JSContext* cx, HandleObject obj, const JSFunctionSpec* fs, unsigned flags,
-                        DefineAsIntrinsic intrinsic)
- {
-     RootedId id(cx);
-     if (!PropertySpecNameToId(cx, fs->name, &id))
-         return false;
- 
--    if (StandardProtoKeyOrNull(obj) == JSProto_Array && id == NameToId(cx->names().values)) {
--        if (!cx->options().arrayProtoValues())
--            return true;
--    }
--
-     JSFunction* fun = NewFunctionFromSpec(cx, fs, id);
-     if (!fun)
-         return false;
- 
-     if (intrinsic == AsIntrinsic)
-         fun->setIsIntrinsic();
- 
-     RootedValue funVal(cx, ObjectValue(*fun));
-diff --git a/js/xpconnect/src/XPCJSContext.cpp b/js/xpconnect/src/XPCJSContext.cpp
---- a/js/xpconnect/src/XPCJSContext.cpp
-+++ b/js/xpconnect/src/XPCJSContext.cpp
-@@ -805,18 +805,16 @@ ReloadPrefsCallback(const char* pref, vo
-         JS_SetGCZeal(cx, (uint8_t)zeal, zeal_frequency);
-     }
- #endif // JS_GC_ZEAL
- 
- #ifdef FUZZING
-     bool fuzzingEnabled = Preferences::GetBool("fuzzing.enabled");
- #endif
- 
--    bool arrayProtoValues = Preferences::GetBool(JS_OPTIONS_DOT_STR "array_prototype_values");
--
-     JS::ContextOptionsRef(cx).setBaseline(useBaseline)
-                              .setIon(useIon)
-                              .setAsmJS(useAsmJS)
-                              .setWasm(useWasm)
-                              .setWasmIon(useWasmIon)
-                              .setWasmBaseline(useWasmBaseline)
- #ifdef ENABLE_WASM_GC
-                              .setWasmGc(useWasmGc)
-@@ -826,18 +824,17 @@ ReloadPrefsCallback(const char* pref, vo
-                              .setAsyncStack(useAsyncStack)
-                              .setThrowOnDebuggeeWouldRun(throwOnDebuggeeWouldRun)
-                              .setDumpStackOnDebuggeeWouldRun(dumpStackOnDebuggeeWouldRun)
-                              .setWerror(werror)
- #ifdef FUZZING
-                              .setFuzzing(fuzzingEnabled)
- #endif
-                              .setStreams(streams)
--                             .setExtraWarnings(extraWarnings)
--                             .setArrayProtoValues(arrayProtoValues);
-+                             .setExtraWarnings(extraWarnings);
- 
-     nsCOMPtr<nsIXULRuntime> xr = do_GetService("@mozilla.org/xre/runtime;1");
-     if (xr) {
-         bool safeMode = false;
-         xr->GetInSafeMode(&safeMode);
-         if (safeMode) {
-             JS::ContextOptionsRef(cx).disableOptionsForSafeMode();
-         }
-diff --git a/modules/libpref/init/all.js b/modules/libpref/init/all.js
---- a/modules/libpref/init/all.js
-+++ b/modules/libpref/init/all.js
-@@ -1327,18 +1327,16 @@ pref("dom.event.coalesce_mouse_move",   
- pref("dom.webcomponents.shadowdom.enabled", true);
- pref("dom.webcomponents.customelements.enabled", true);
- #else
- pref("dom.webcomponents.shadowdom.enabled", false);
- pref("dom.webcomponents.customelements.enabled", false);
- #endif
- 
- pref("javascript.enabled",                  true);
--// Enable Array.prototype.values
--pref("javascript.options.array_prototype_values", true);
- pref("javascript.options.strict",           false);
- #ifdef DEBUG
- pref("javascript.options.strict.debug",     false);
- #endif
- pref("javascript.options.baselinejit",      true);
- pref("javascript.options.ion",              true);
- pref("javascript.options.asmjs",            true);
- pref("javascript.options.wasm",             true);

frg/work-js/mozilla-release/patches/mozilla-central-push_423198.patch

@@ -1,52 +0,0 @@
-# HG changeset patch
-# User Robin Templeton <robin@igalia.com>
-# Date 1529511000 -10800
-#      Wed Jun 20 19:10:00 2018 +0300
-# Node ID f87f53656ed51696c9b00b794f8718313f7e2721
-# Parent  c8a9cee249aa5a5b849de10870b2ef2daaab352b
-bug 1441098 - Part 1: Add BigInt support in BufferGrayRootsTracer. r=sfink
-
-This class is used for tracing DOM objects.
-
-diff --git a/js/src/gc/RootMarking.cpp b/js/src/gc/RootMarking.cpp
---- a/js/src/gc/RootMarking.cpp
-+++ b/js/src/gc/RootMarking.cpp
-@@ -465,16 +465,19 @@ class BufferGrayRootsTracer final : publ
- {
-     // Set to false if we OOM while buffering gray roots.
-     bool bufferingGrayRootsFailed;
- 
-     void onObjectEdge(JSObject** objp) override { bufferRoot(*objp); }
-     void onStringEdge(JSString** stringp) override { bufferRoot(*stringp); }
-     void onScriptEdge(JSScript** scriptp) override { bufferRoot(*scriptp); }
-     void onSymbolEdge(JS::Symbol** symbolp) override { bufferRoot(*symbolp); }
-+#ifdef ENABLE_BIGINT
-+    void onBigIntEdge(JS::BigInt** bip) override { bufferRoot(*bip); }
-+#endif
- 
-     void onChild(const JS::GCCellPtr& thing) override {
-         MOZ_CRASH("Unexpected gray root kind");
-     }
- 
-     template <typename T> inline void bufferRoot(T* thing);
- 
-   public:
-@@ -525,17 +528,17 @@ js::gc::GCRuntime::bufferGrayRoots()
- 
- template <typename T>
- inline void
- BufferGrayRootsTracer::bufferRoot(T* thing)
- {
-     MOZ_ASSERT(JS::RuntimeHeapIsBusy());
-     MOZ_ASSERT(thing);
-     // Check if |thing| is corrupt by calling a method that touches the heap.
--    MOZ_ASSERT(thing->getTraceKind() <= JS::TraceKind::Null);
-+    MOZ_ASSERT(thing->getTraceKind() != JS::TraceKind(0xff));
- 
-     TenuredCell* tenured = &thing->asTenured();
- 
-     // This is run from a helper thread while the mutator is paused so we have
-     // to use *FromAnyThread methods here.
-     Zone* zone = tenured->zoneFromAnyThread();
-     if (zone->isCollectingFromAnyThread()) {
-         // See the comment on SetMaybeAliveFlag to see why we only do this for

frg/work-js/mozilla-release/patches/mozilla-central-push_423199.patch

@@ -1,188 +0,0 @@
-# HG changeset patch
-# User Robin Templeton <robin@igalia.com>
-# Date 1529511000 -10800
-#      Wed Jun 20 19:10:00 2018 +0300
-# Node ID 940e6648c1f24868b5017f8fd4ed5b9a105bb848
-# Parent  f87f53656ed51696c9b00b794f8718313f7e2721
-bug 1441098 - Part 2: Define BigInt serialization methods. r=sfink
-
-writeBytes serializes a BigInt value as a little-endian byte sequence,
-ignoring its sign. createFromBytes can be used to deserialize the output
-of writeBytes.
-
-diff --git a/js/src/vm/BigIntType.cpp b/js/src/vm/BigIntType.cpp
---- a/js/src/vm/BigIntType.cpp
-+++ b/js/src/vm/BigIntType.cpp
-@@ -97,16 +97,39 @@ BigInt::createFromBoolean(JSContext* cx,
- {
-     BigInt* x = Allocate<BigInt>(cx);
-     if (!x)
-         return nullptr;
-     mpz_init_set_ui(x->num_, b);
-     return x;
- }
- 
-+BigInt*
-+BigInt::createFromBytes(JSContext* cx, int sign, void* bytes, size_t nbytes)
-+{
-+    BigInt* x = Allocate<BigInt>(cx);
-+    if (!x)
-+        return nullptr;
-+    // Initialize num_ to zero before calling mpz_import.
-+    mpz_init(x->num_);
-+
-+    if (nbytes == 0)
-+        return x;
-+
-+    mpz_import(x->num_, nbytes,
-+               -1, // order: least significant word first
-+               1, // size: one byte per "word"
-+               0, // endianness: native
-+               0, // nail bits: none; use full words
-+               bytes);
-+    if (sign < 0)
-+        mpz_neg(x->num_, x->num_);
-+    return x;
-+}
-+
- // BigInt proposal section 5.1.1
- static bool
- IsInteger(double d)
- {
-     // Step 1 is an assertion checked by the caller.
-     // Step 2.
-     if (!mozilla::IsFinite(d))
-         return false;
-@@ -289,16 +312,41 @@ js::StringToBigInt(JSContext* cx, Handle
-         }
-     }
- 
-     JS_ReportErrorNumberASCII(cx, GetErrorMessage, nullptr,
-                               JSMSG_BIGINT_INVALID_SYNTAX);
-     return nullptr;
- }
- 
-+size_t
-+BigInt::byteLength(BigInt* x)
-+{
-+    if (mpz_sgn(x->num_) == 0)
-+        return 0;
-+    return JS_HOWMANY(mpz_sizeinbase(x->num_, 2), 8);
-+}
-+
-+void
-+BigInt::writeBytes(BigInt* x, RangedPtr<uint8_t> buffer)
-+{
-+#ifdef DEBUG
-+    // Check that the buffer being filled is large enough to hold the
-+    // integer we're writing. The result of the RangedPtr addition is
-+    // restricted to the buffer's range.
-+    size_t reprSize = byteLength(x);
-+    MOZ_ASSERT(buffer + reprSize, "out of bounds access to buffer");
-+#endif
-+
-+    size_t count;
-+    // cf. mpz_import parameters in createFromBytes, above.
-+    mpz_export(buffer.get(), &count, -1, 1, 0, 0, x->num_);
-+    MOZ_ASSERT(count == reprSize);
-+}
-+
- void
- BigInt::finalize(js::FreeOp* fop)
- {
-     mpz_clear(num_);
- }
- 
- JSAtom*
- js::BigIntToAtom(JSContext* cx, BigInt* bi)
-@@ -310,16 +358,22 @@ js::BigIntToAtom(JSContext* cx, BigInt* 
- }
- 
- bool
- BigInt::toBoolean()
- {
-     return mpz_sgn(num_) != 0;
- }
- 
-+int8_t
-+BigInt::sign()
-+{
-+    return mpz_sgn(num_);
-+}
-+
- js::HashNumber
- BigInt::hash()
- {
-     const mp_limb_t* limbs = mpz_limbs_read(num_);
-     size_t limbCount = mpz_size(num_);
-     uint32_t hash = mozilla::HashBytes(limbs, limbCount * sizeof(mp_limb_t));
-     hash = mozilla::AddToHash(hash, mpz_sgn(num_));
-     return hash;
-diff --git a/js/src/vm/BigIntType.h b/js/src/vm/BigIntType.h
---- a/js/src/vm/BigIntType.h
-+++ b/js/src/vm/BigIntType.h
-@@ -3,16 +3,17 @@
-  * This Source Code Form is subject to the terms of the Mozilla Public
-  * License, v. 2.0. If a copy of the MPL was not distributed with this
-  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
- 
- #ifndef vm_BigIntType_h
- #define vm_BigIntType_h
- 
- #include "mozilla/Range.h"
-+#include "mozilla/RangedPtr.h"
- 
- #include <gmp.h>
- 
- #include "gc/Barrier.h"
- #include "gc/GC.h"
- #include "gc/Heap.h"
- #include "js/AllocPolicy.h"
- #include "js/GCHashTable.h"
-@@ -48,34 +49,46 @@ class BigInt final : public js::gc::Tenu
-   public:
-     // Allocate and initialize a BigInt value
-     static BigInt* create(JSContext* cx);
- 
-     static BigInt* createFromDouble(JSContext* cx, double d);
- 
-     static BigInt* createFromBoolean(JSContext* cx, bool b);
- 
-+    // Read a BigInt value from a little-endian byte array.
-+    static BigInt* createFromBytes(JSContext* cx, int sign, void* bytes, size_t nbytes);
-+
-     static const JS::TraceKind TraceKind = JS::TraceKind::BigInt;
- 
-     void traceChildren(JSTracer* trc);
- 
-     void finalize(js::FreeOp* fop);
- 
-     js::HashNumber hash();
- 
-     size_t sizeOfExcludingThis(mozilla::MallocSizeOf mallocSizeOf) const;
- 
-     bool toBoolean();
-+    int8_t sign();
- 
-     static void init();
- 
-     static BigInt* copy(JSContext* cx, Handle<BigInt*> x);
- 
-     static double numberValue(BigInt* x);
-     static JSLinearString* toString(JSContext* cx, BigInt* x, uint8_t radix);
-+
-+    // Return the length in bytes of the representation used by
-+    // writeBytes.
-+    static size_t byteLength(BigInt* x);
-+
-+    // Write a little-endian representation of a BigInt's absolute value
-+    // to a byte array.
-+    static void writeBytes(BigInt* x, mozilla::RangedPtr<uint8_t> buffer);
- };
- 
- static_assert(sizeof(BigInt) >= js::gc::MinCellSize,
-               "sizeof(BigInt) must be greater than the minimum allocation size");
- 
- } // namespace JS
- 
- namespace js {

frg/work-js/mozilla-release/patches/mozilla-central-push_423200.patch

@@ -1,291 +0,0 @@
-# HG changeset patch
-# User Robin Templeton <robin@igalia.com>
-# Date 1529511000 -10800
-#      Wed Jun 20 19:10:00 2018 +0300
-# Node ID 84ae27690d6b756b64d9bb951db4a035e7e56102
-# Parent  940e6648c1f24868b5017f8fd4ed5b9a105bb848
-bug 1441098 - Part 3: Add structured clone support for BigInt. r=sfink
-
-New data types are defined for primitive BigInt values and BigInt
-objects. BigInts are serialized starting with 32 bits of sign and length
-information, followed by a little-endian byte sequence representing an
-unsigned integer.
-
-diff --git a/js/src/vm/StructuredClone.cpp b/js/src/vm/StructuredClone.cpp
---- a/js/src/vm/StructuredClone.cpp
-+++ b/js/src/vm/StructuredClone.cpp
-@@ -26,44 +26,49 @@
-  *     in the spec's StructuredDeserialize.
-  */
- 
- #include "js/StructuredClone.h"
- 
- #include "mozilla/CheckedInt.h"
- #include "mozilla/EndianUtils.h"
- #include "mozilla/FloatingPoint.h"
-+#include "mozilla/RangedPtr.h"
- 
- #include <algorithm>
- #include <utility>
- 
- #include "jsapi.h"
- #include "jsdate.h"
- 
- #include "builtin/DataViewObject.h"
- #include "builtin/MapObject.h"
- #include "js/Date.h"
- #include "js/GCHashTable.h"
- #include "js/Wrapper.h"
-+#ifdef ENABLE_BIGINT
-+#include "vm/BigIntType.h"
-+#endif
- #include "vm/JSContext.h"
- #include "vm/RegExpObject.h"
- #include "vm/SavedFrame.h"
- #include "vm/SharedArrayObject.h"
- #include "vm/TypedArrayObject.h"
- #include "vm/WrapperObject.h"
- #include "wasm/WasmJS.h"
- 
- #include "vm/JSContext-inl.h"
- #include "vm/JSObject-inl.h"
- 
- using namespace js;
- 
- using mozilla::BitwiseCast;
- using mozilla::NativeEndian;
- using mozilla::NumbersAreIdentical;
-+using mozilla::RangedPtr;
- using JS::CanonicalizeNaN;
- 
- // When you make updates here, make sure you consider whether you need to bump the
- // value of JS_STRUCTURED_CLONE_VERSION in js/public/StructuredClone.h.  You will
- // likely need to increment the version if anything at all changes in the serialization
- // format.
- //
- // Note that SCTAG_END_OF_KEYS is written into the serialized form and should have
-@@ -102,16 +107,19 @@ enum StructuredDataType : uint32_t {
-     SCTAG_JSPRINCIPALS,
-     SCTAG_NULL_JSPRINCIPALS,
-     SCTAG_RECONSTRUCTED_SAVED_FRAME_PRINCIPALS_IS_SYSTEM,
-     SCTAG_RECONSTRUCTED_SAVED_FRAME_PRINCIPALS_IS_NOT_SYSTEM,
- 
-     SCTAG_SHARED_ARRAY_BUFFER_OBJECT,
-     SCTAG_SHARED_WASM_MEMORY_OBJECT,
- 
-+    SCTAG_BIGINT,
-+    SCTAG_BIGINT_OBJECT,
-+
-     SCTAG_TYPED_ARRAY_V1_MIN = 0xFFFF0100,
-     SCTAG_TYPED_ARRAY_V1_INT8 = SCTAG_TYPED_ARRAY_V1_MIN + Scalar::Int8,
-     SCTAG_TYPED_ARRAY_V1_UINT8 = SCTAG_TYPED_ARRAY_V1_MIN + Scalar::Uint8,
-     SCTAG_TYPED_ARRAY_V1_INT16 = SCTAG_TYPED_ARRAY_V1_MIN + Scalar::Int16,
-     SCTAG_TYPED_ARRAY_V1_UINT16 = SCTAG_TYPED_ARRAY_V1_MIN + Scalar::Uint16,
-     SCTAG_TYPED_ARRAY_V1_INT32 = SCTAG_TYPED_ARRAY_V1_MIN + Scalar::Int32,
-     SCTAG_TYPED_ARRAY_V1_UINT32 = SCTAG_TYPED_ARRAY_V1_MIN + Scalar::Uint32,
-     SCTAG_TYPED_ARRAY_V1_FLOAT32 = SCTAG_TYPED_ARRAY_V1_MIN + Scalar::Float32,
-@@ -408,16 +416,20 @@ struct JSStructuredCloneReader {
- 
-     bool readHeader();
-     bool readTransferMap();
- 
-     template <typename CharT>
-     JSString* readStringImpl(uint32_t nchars);
-     JSString* readString(uint32_t data);
- 
-+#ifdef ENABLE_BIGINT
-+    BigInt* readBigInt(uint32_t data);
-+#endif
-+
-     bool checkDouble(double d);
-     MOZ_MUST_USE bool readTypedArray(uint32_t arrayType, uint32_t nelems, MutableHandleValue vp,
-                                      bool v1Read = false);
-     MOZ_MUST_USE bool readDataView(uint32_t byteLength, MutableHandleValue vp);
-     MOZ_MUST_USE bool readArrayBuffer(uint32_t nbytes, MutableHandleValue vp);
-     MOZ_MUST_USE bool readSharedArrayBuffer(MutableHandleValue vp);
-     MOZ_MUST_USE bool readSharedWasmMemory(uint32_t nbytes, MutableHandleValue vp);
-     MOZ_MUST_USE bool readV1ArrayBuffer(uint32_t arrayType, uint32_t nelems, MutableHandleValue vp);
-@@ -510,16 +522,20 @@ struct JSStructuredCloneWriter {
-     bool writeSharedWasmMemory(HandleObject obj);
-     bool startObject(HandleObject obj, bool* backref);
-     bool startWrite(HandleValue v);
-     bool traverseObject(HandleObject obj);
-     bool traverseMap(HandleObject obj);
-     bool traverseSet(HandleObject obj);
-     bool traverseSavedFrame(HandleObject obj);
- 
-+#ifdef ENABLE_BIGINT
-+    bool writeBigInt(uint32_t tag, BigInt* bi);
-+#endif
-+
-     bool reportDataCloneError(uint32_t errorId);
- 
-     bool parseTransferable();
-     bool transferOwnership();
- 
-     inline void checkStack();
- 
-     SCOutput out;
-@@ -1155,16 +1171,38 @@ JSStructuredCloneWriter::writeString(uin
-         return false;
- 
-     JS::AutoCheckCannotGC nogc;
-     return linear->hasLatin1Chars()
-            ? out.writeChars(linear->latin1Chars(nogc), length)
-            : out.writeChars(linear->twoByteChars(nogc), length);
- }
- 
-+#ifdef ENABLE_BIGINT
-+bool
-+JSStructuredCloneWriter::writeBigInt(uint32_t tag, BigInt* bi)
-+{
-+    bool signBit = bi->sign() < 1;
-+    size_t length = BigInt::byteLength(bi);
-+    // The length must fit in 31 bits to leave room for a sign bit.
-+    if (length > size_t(INT32_MAX))
-+        return false;
-+    uint32_t lengthAndSign = length | (static_cast<uint32_t>(signBit) << 31);
-+
-+    js::UniquePtr<uint8_t> buf(static_cast<uint8_t*>(js_malloc(length)));
-+    if (!buf)
-+        return false;
-+
-+    BigInt::writeBytes(bi, RangedPtr<uint8_t>(buf.get(), length));
-+    if (!out.writePair(tag, lengthAndSign))
-+        return false;
-+    return out.writeBytes(buf.get(), length);
-+}
-+#endif
-+
- inline void
- JSStructuredCloneWriter::checkStack()
- {
- #ifdef DEBUG
-     // To avoid making serialization O(n^2), limit stack-checking at 10.
-     const size_t MAX = 10;
- 
-     size_t limit = Min(counts.length(), MAX);
-@@ -1529,17 +1567,23 @@ JSStructuredCloneWriter::startWrite(Hand
-     } else if (v.isDouble()) {
-         return out.writeDouble(v.toDouble());
-     } else if (v.isBoolean()) {
-         return out.writePair(SCTAG_BOOLEAN, v.toBoolean());
-     } else if (v.isNull()) {
-         return out.writePair(SCTAG_NULL, 0);
-     } else if (v.isUndefined()) {
-         return out.writePair(SCTAG_UNDEFINED, 0);
--    } else if (v.isObject()) {
-+    }
-+#ifdef ENABLE_BIGINT
-+    else if (v.isBigInt()) {
-+        return writeBigInt(SCTAG_BIGINT, v.toBigInt());
-+    }
-+#endif
-+    else if (v.isObject()) {
-         RootedObject obj(context(), &v.toObject());
- 
-         bool backref;
-         if (!startObject(obj, &backref))
-             return false;
-         if (backref)
-             return true;
- 
-@@ -1586,17 +1630,26 @@ JSStructuredCloneWriter::startWrite(Hand
-             RootedValue unboxed(context());
-             if (!Unbox(context(), obj, &unboxed))
-                 return false;
-             return writeString(SCTAG_STRING_OBJECT, unboxed.toString());
-         } else if (cls == ESClass::Map) {
-             return traverseMap(obj);
-         } else if (cls == ESClass::Set) {
-             return traverseSet(obj);
--        } else if (SavedFrame::isSavedFrameOrWrapperAndNotProto(*obj)) {
-+        }
-+#ifdef ENABLE_BIGINT
-+        else if (cls == ESClass::BigInt) {
-+            RootedValue unboxed(context());
-+            if (!Unbox(context(), obj, &unboxed))
-+                return false;
-+            return writeBigInt(SCTAG_BIGINT_OBJECT, unboxed.toBigInt());
-+        }
-+#endif
-+        else if (SavedFrame::isSavedFrameOrWrapperAndNotProto(*obj)) {
-             return traverseSavedFrame(obj);
-         }
- 
-         if (out.buf.callbacks_ && out.buf.callbacks_->write)
-             return out.buf.callbacks_->write(context(), this, obj, out.buf.closure_);
-         // else fall through
-     }
- 
-@@ -1899,16 +1952,35 @@ JSStructuredCloneReader::readStringImpl(
- JSString*
- JSStructuredCloneReader::readString(uint32_t data)
- {
-     uint32_t nchars = data & JS_BITMASK(31);
-     bool latin1 = data & (1 << 31);
-     return latin1 ? readStringImpl<Latin1Char>(nchars) : readStringImpl<char16_t>(nchars);
- }
- 
-+#ifdef ENABLE_BIGINT
-+BigInt*
-+JSStructuredCloneReader::readBigInt(uint32_t data)
-+{
-+    size_t nbytes = data & JS_BITMASK(31);
-+    bool isNegative = data & (1 << 31);
-+
-+    if (nbytes == 0)
-+        return BigInt::create(context());
-+
-+    UniquePtr<uint8_t> buf(static_cast<uint8_t*>(js_malloc(nbytes)));
-+    if (!buf)
-+        return nullptr;
-+    if (!in.readBytes(buf.get(), nbytes))
-+        return nullptr;
-+    return BigInt::createFromBytes(context(), isNegative ? -1 : 1, buf.get(), nbytes);
-+}
-+#endif
-+
- static uint32_t
- TagToV1ArrayType(uint32_t tag)
- {
-     MOZ_ASSERT(tag >= SCTAG_TYPED_ARRAY_V1_MIN && tag <= SCTAG_TYPED_ARRAY_V1_MAX);
-     return tag - SCTAG_TYPED_ARRAY_V1_MIN;
- }
- 
- bool
-@@ -2219,16 +2291,34 @@ JSStructuredCloneReader::startRead(Mutab
-         if (!in.readDouble(&d) || !checkDouble(d))
-             return false;
-         vp.setDouble(d);
-         if (!PrimitiveToObject(context(), vp))
-             return false;
-         break;
-       }
- 
-+      case SCTAG_BIGINT:
-+      case SCTAG_BIGINT_OBJECT: {
-+#ifdef ENABLE_BIGINT
-+        RootedBigInt bi(context(), readBigInt(data));
-+        if (!bi)
-+            return false;
-+        vp.setBigInt(bi);
-+        if (tag == SCTAG_BIGINT_OBJECT && !PrimitiveToObject(context(), vp))
-+            return false;
-+        break;
-+#else
-+        JS_ReportErrorNumberASCII(context(), GetErrorMessage, nullptr,
-+                                  JSMSG_SC_BAD_SERIALIZED_DATA,
-+                                  "BigInt unsupported");
-+        return false;
-+#endif
-+      }
-+
-       case SCTAG_DATE_OBJECT: {
-         double d;
-         if (!in.readDouble(&d) || !checkDouble(d))
-             return false;
-         JS::ClippedTime t = JS::TimeClip(d);
-         if (!NumbersAreIdentical(d, t.toDouble())) {
-             JS_ReportErrorNumberASCII(context(), GetErrorMessage, nullptr,
-                                       JSMSG_SC_BAD_SERIALIZED_DATA,

frg/work-js/mozilla-release/patches/mozilla-central-push_423433.patch

@@ -1,94 +0,0 @@
-# HG changeset patch
-# User Andre Bargull <andre.bargull@gmail.com>
-# Date 1528400020 25200
-#      Thu Jun 07 12:33:40 2018 -0700
-# Node ID 007392eca49c8fbad109ce5f6030a79a76fd6cbb
-# Parent  4789a350ec7ff9ed4d6f300bcecdde771f54cc77
-Bug 1467438 - Part 4: Remove ScopedJSFreePtr, ScopedJSDeletePtr, and ScopedReleasePtr. r=sfink
-
-diff --git a/ipc/glue/ProtocolUtils.h b/ipc/glue/ProtocolUtils.h
---- a/ipc/glue/ProtocolUtils.h
-+++ b/ipc/glue/ProtocolUtils.h
-@@ -24,16 +24,17 @@
- #include "mozilla/ipc/Shmem.h"
- #include "mozilla/ipc/Transport.h"
- #include "mozilla/ipc/MessageLink.h"
- #include "mozilla/LinkedList.h"
- #include "mozilla/Maybe.h"
- #include "mozilla/MozPromise.h"
- #include "mozilla/Mutex.h"
- #include "mozilla/NotNull.h"
-+#include "mozilla/Scoped.h"
- #include "mozilla/UniquePtr.h"
- #include "MainThreadUtils.h"
- #include "nsILabelableRunnable.h"
- 
- #if defined(ANDROID) && defined(DEBUG)
- #include <android/log.h>
- #endif
- 
-diff --git a/js/public/Utility.h b/js/public/Utility.h
---- a/js/public/Utility.h
-+++ b/js/public/Utility.h
-@@ -7,17 +7,16 @@
- #ifndef js_Utility_h
- #define js_Utility_h
- 
- #include "mozilla/Assertions.h"
- #include "mozilla/Atomics.h"
- #include "mozilla/Attributes.h"
- #include "mozilla/Compiler.h"
- #include "mozilla/Move.h"
--#include "mozilla/Scoped.h"
- #include "mozilla/TemplateLib.h"
- #include "mozilla/UniquePtr.h"
- #include "mozilla/WrappingOperations.h"
- 
- #include <stdlib.h>
- #include <string.h>
- 
- #ifdef JS_OOM_DO_BACKTRACES
-@@ -601,43 +600,16 @@ js_pod_realloc(T* prior, size_t oldSize,
- {
-     MOZ_ASSERT(!(oldSize & mozilla::tl::MulOverflowMask<sizeof(T)>::value));
-     size_t bytes;
-     if (MOZ_UNLIKELY(!js::CalculateAllocSize<T>(newSize, &bytes)))
-         return nullptr;
-     return static_cast<T*>(js_realloc(prior, bytes));
- }
- 
--namespace js {
--
--template<typename T>
--struct ScopedFreePtrTraits
--{
--    typedef T* type;
--    static T* empty() { return nullptr; }
--    static void release(T* ptr) { js_free(ptr); }
--};
--SCOPED_TEMPLATE(ScopedJSFreePtr, ScopedFreePtrTraits)
--
--template <typename T>
--struct ScopedDeletePtrTraits : public ScopedFreePtrTraits<T>
--{
--    static void release(T* ptr) { js_delete(ptr); }
--};
--SCOPED_TEMPLATE(ScopedJSDeletePtr, ScopedDeletePtrTraits)
--
--template <typename T>
--struct ScopedReleasePtrTraits : public ScopedFreePtrTraits<T>
--{
--    static void release(T* ptr) { if (ptr) ptr->release(); }
--};
--SCOPED_TEMPLATE(ScopedReleasePtr, ScopedReleasePtrTraits)
--
--} /* namespace js */
--
- namespace JS {
- 
- template<typename T>
- struct DeletePolicy
- {
-     constexpr DeletePolicy() {}
- 
-     template<typename U>

frg/work-js/mozilla-release/patches/mozilla-central-push_423434.patch

@@ -1,667 +0,0 @@
-# HG changeset patch
-# User Andre Bargull <andre.bargull@gmail.com>
-# Date 1529699379 25200
-#      Fri Jun 22 13:29:39 2018 -0700
-# Node ID d600ad533a95d45ae773c0888fb6093e711fe6b6
-# Parent  007392eca49c8fbad109ce5f6030a79a76fd6cbb
-Bug 1467438 - Part 1: Replace ScopedJSFreePtr with UniqueChars/UniqueTwoByteChars. r=sfink
-
-diff --git a/js/src/builtin/ReflectParse.cpp b/js/src/builtin/ReflectParse.cpp
---- a/js/src/builtin/ReflectParse.cpp
-+++ b/js/src/builtin/ReflectParse.cpp
-@@ -3346,17 +3346,17 @@ reflect_parse(JSContext* cx, uint32_t ar
-                                   "Reflect.parse", "0", "s");
-         return false;
-     }
- 
-     RootedString src(cx, ToString<CanGC>(cx, args[0]));
-     if (!src)
-         return false;
- 
--    ScopedJSFreePtr<char> filename;
-+    UniqueChars filename;
-     uint32_t lineno = 1;
-     bool loc = true;
-     RootedObject builder(cx);
-     ParseGoal target = ParseGoal::Script;
- 
-     RootedValue arg(cx, args.get(1));
- 
-     if (!arg.isNullOrUndefined()) {
-@@ -3385,17 +3385,17 @@ reflect_parse(JSContext* cx, uint32_t ar
-             if (!GetPropertyDefault(cx, config, sourceId, nullVal, &prop))
-                 return false;
- 
-             if (!prop.isNullOrUndefined()) {
-                 RootedString str(cx, ToString<CanGC>(cx, prop));
-                 if (!str)
-                     return false;
- 
--                filename = JS_EncodeString(cx, str);
-+                filename.reset(JS_EncodeString(cx, str));
-                 if (!filename)
-                     return false;
-             }
- 
-             /* config.line */
-             RootedId lineId(cx, NameToId(cx->names().line));
-             RootedValue oneValue(cx, Int32Value(1));
-             if (!GetPropertyDefault(cx, config, lineId, oneValue, &prop) ||
-@@ -3446,30 +3446,30 @@ reflect_parse(JSContext* cx, uint32_t ar
-             target = ParseGoal::Module;
-         } else {
-             JS_ReportErrorASCII(cx, "Bad target value, expected 'script' or 'module'");
-             return false;
-         }
-     }
- 
-     /* Extract the builder methods first to report errors before parsing. */
--    ASTSerializer serialize(cx, loc, filename, lineno);
-+    ASTSerializer serialize(cx, loc, filename.get(), lineno);
-     if (!serialize.init(builder))
-         return false;
- 
-     JSLinearString* linear = src->ensureLinear(cx);
-     if (!linear)
-         return false;
- 
-     AutoStableStringChars linearChars(cx);
-     if (!linearChars.initTwoByte(cx, linear))
-         return false;
- 
-     CompileOptions options(cx);
--    options.setFileAndLine(filename, lineno);
-+    options.setFileAndLine(filename.get(), lineno);
-     options.setCanLazilyParse(false);
-     options.allowHTMLComments = target == ParseGoal::Script;
-     mozilla::Range<const char16_t> chars = linearChars.twoByteRange();
-     UsedNameTracker usedNames(cx);
-     if (!usedNames.init())
-         return false;
- 
-     RootedScriptSourceObject sourceObject(cx, frontend::CreateScriptSourceObject(cx, options,
-diff --git a/js/src/jsapi.cpp b/js/src/jsapi.cpp
---- a/js/src/jsapi.cpp
-+++ b/js/src/jsapi.cpp
-@@ -6625,17 +6625,17 @@ JS_ObjectIsDate(JSContext* cx, HandleObj
-  * Regular Expressions.
-  */
- JS_PUBLIC_API(JSObject*)
- JS_NewRegExpObject(JSContext* cx, const char* bytes, size_t length, unsigned flags)
- {
-     AssertHeapIsIdle();
-     CHECK_REQUEST(cx);
- 
--    ScopedJSFreePtr<char16_t> chars(InflateString(cx, bytes, length));
-+    UniqueTwoByteChars chars(InflateString(cx, bytes, length));
-     if (!chars)
-         return nullptr;
- 
-     return RegExpObject::create(cx, chars.get(), length, RegExpFlag(flags), cx->tempLifoAlloc(),
-                                 GenericObject);
- }
- 
- JS_PUBLIC_API(JSObject*)
-diff --git a/js/src/jsnum.cpp b/js/src/jsnum.cpp
---- a/js/src/jsnum.cpp
-+++ b/js/src/jsnum.cpp
-@@ -81,32 +81,32 @@ EnsureDtoaState(JSContext* cx)
-  * Call js_strtod_harder to get the correct answer.
-  */
- template <typename CharT>
- static bool
- ComputeAccurateDecimalInteger(JSContext* cx, const CharT* start, const CharT* end,
-                               double* dp)
- {
-     size_t length = end - start;
--    ScopedJSFreePtr<char> cstr(cx->pod_malloc<char>(length + 1));
-+    UniqueChars cstr(cx->pod_malloc<char>(length + 1));
-     if (!cstr)
-         return false;
- 
-     for (size_t i = 0; i < length; i++) {
-         char c = char(start[i]);
-         MOZ_ASSERT(IsAsciiAlphanumeric(c));
-         cstr[i] = c;
-     }
-     cstr[length] = 0;
- 
-     if (!EnsureDtoaState(cx))
-         return false;
- 
-     char* estr;
--    *dp = js_strtod_harder(cx->dtoaState, cstr, &estr);
-+    *dp = js_strtod_harder(cx->dtoaState, cstr.get(), &estr);
- 
-     return true;
- }
- 
- namespace {
- 
- template <typename CharT>
- class BinaryDigitReader
-diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
---- a/js/src/shell/js.cpp
-+++ b/js/src/shell/js.cpp
-@@ -879,33 +879,33 @@ RunBinAST(JSContext* cx, const char* fil
- static bool
- InitModuleLoader(JSContext* cx)
- {
- 
-     // Decompress and evaluate the embedded module loader source to initialize
-     // the module loader for the current compartment.
- 
-     uint32_t srcLen = moduleloader::GetRawScriptsSize();
--    ScopedJSFreePtr<char> src(cx->pod_malloc<char>(srcLen));
-+    UniqueChars src(cx->pod_malloc<char>(srcLen));
-     if (!src || !DecompressString(moduleloader::compressedSources, moduleloader::GetCompressedSize(),
-                                   reinterpret_cast<unsigned char*>(src.get()), srcLen))
-     {
-         return false;
-     }
- 
-     CompileOptions options(cx);
-     options.setIntroductionType("shell module loader");
-     options.setFileAndLine("shell/ModuleLoader.js", 1);
-     options.setSelfHostingMode(false);
-     options.setCanLazilyParse(false);
-     options.werrorOption = true;
-     options.strictOption = true;
- 
-     RootedValue rv(cx);
--    return Evaluate(cx, options, src, srcLen, &rv);
-+    return Evaluate(cx, options, src.get(), srcLen, &rv);
- }
- 
- static bool
- GetLoaderObject(JSContext* cx, MutableHandleObject resultOut)
- {
-     // Look up the |Reflect.Loader| object that has been defined by the module
-     // loader.
- 
-diff --git a/js/src/util/StringBuffer.cpp b/js/src/util/StringBuffer.cpp
---- a/js/src/util/StringBuffer.cpp
-+++ b/js/src/util/StringBuffer.cpp
-@@ -2,16 +2,17 @@
-  * vim: set ts=8 sts=4 et sw=4 tw=99:
-  * This Source Code Form is subject to the terms of the Mozilla Public
-  * License, v. 2.0. If a copy of the MPL was not distributed with this
-  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
- 
- #include "util/StringBuffer.h"
- 
- #include "mozilla/Range.h"
-+#include "mozilla/Unused.h"
- 
- #include "vm/JSObject-inl.h"
- #include "vm/StringType-inl.h"
- 
- using namespace js;
- 
- template <typename CharT, class Buffer>
- static CharT*
-@@ -74,31 +75,31 @@ StringBuffer::inflateChars()
- template <typename CharT, class Buffer>
- static JSFlatString*
- FinishStringFlat(JSContext* cx, StringBuffer& sb, Buffer& cb)
- {
-     size_t len = sb.length();
-     if (!sb.append('\0'))
-         return nullptr;
- 
--    ScopedJSFreePtr<CharT> buf(ExtractWellSized<CharT>(cx, cb));
-+    UniquePtr<CharT[], JS::FreePolicy> buf(ExtractWellSized<CharT>(cx, cb));
-     if (!buf)
-         return nullptr;
- 
-     JSFlatString* str = NewStringDontDeflate<CanGC>(cx, buf.get(), len);
-     if (!str)
-         return nullptr;
- 
-     /*
-      * The allocation was made on a TempAllocPolicy, so account for the string
-      * data on the string's zone.
-      */
-     cx->updateMallocCounter(sizeof(CharT) * len);
- 
--    buf.forget();
-+    mozilla::Unused << buf.release();
-     return str;
- }
- 
- JSFlatString*
- StringBuffer::finishString()
- {
-     size_t len = length();
-     if (len == 0)
-diff --git a/js/src/vm/Compartment.cpp b/js/src/vm/Compartment.cpp
---- a/js/src/vm/Compartment.cpp
-+++ b/js/src/vm/Compartment.cpp
-@@ -122,32 +122,32 @@ CopyStringPure(JSContext* cx, JSString* 
-             return nullptr;
- 
-         return chars.isLatin1()
-                ? NewStringCopyN<CanGC>(cx, chars.latin1Range().begin().get(), len)
-                : NewStringCopyNDontDeflate<CanGC>(cx, chars.twoByteRange().begin().get(), len);
-     }
- 
-     if (str->hasLatin1Chars()) {
--        ScopedJSFreePtr<Latin1Char> copiedChars;
--        if (!str->asRope().copyLatin1CharsZ(cx, copiedChars))
-+        UniquePtr<Latin1Char[], JS::FreePolicy> copiedChars = str->asRope().copyLatin1CharsZ(cx);
-+        if (!copiedChars)
-             return nullptr;
- 
--        auto* rawCopiedChars = copiedChars.forget();
-+        auto* rawCopiedChars = copiedChars.release();
-         auto* result = NewString<CanGC>(cx, rawCopiedChars, len);
-         if (!result)
-             js_free(rawCopiedChars);
-         return result;
-     }
- 
--    ScopedJSFreePtr<char16_t> copiedChars;
--    if (!str->asRope().copyTwoByteCharsZ(cx, copiedChars))
-+    UniqueTwoByteChars copiedChars = str->asRope().copyTwoByteCharsZ(cx);
-+    if (!copiedChars)
-         return nullptr;
- 
--    auto* rawCopiedChars = copiedChars.forget();
-+    auto* rawCopiedChars = copiedChars.release();
-     auto* result = NewStringDontDeflate<CanGC>(cx, rawCopiedChars, len);
-     if (!result)
-         js_free(rawCopiedChars);
-     return result;
- }
- 
- bool
- Compartment::wrap(JSContext* cx, MutableHandleString strp)
-diff --git a/js/src/vm/MemoryMetrics.cpp b/js/src/vm/MemoryMetrics.cpp
---- a/js/src/vm/MemoryMetrics.cpp
-+++ b/js/src/vm/MemoryMetrics.cpp
-@@ -76,34 +76,36 @@ InefficientNonFlatteningStringHashPolicy
- template <typename Char1, typename Char2>
- static bool
- EqualStringsPure(JSString* s1, JSString* s2)
- {
-     if (s1->length() != s2->length())
-         return false;
- 
-     const Char1* c1;
--    ScopedJSFreePtr<Char1> ownedChars1;
-+    UniquePtr<Char1[], JS::FreePolicy> ownedChars1;
-     JS::AutoCheckCannotGC nogc;
-     if (s1->isLinear()) {
-         c1 = s1->asLinear().chars<Char1>(nogc);
-     } else {
--        if (!s1->asRope().copyChars<Char1>(/* tcx */ nullptr, ownedChars1))
-+        ownedChars1 = s1->asRope().copyChars<Char1>(/* tcx */ nullptr);
-+        if (!ownedChars1)
-             MOZ_CRASH("oom");
--        c1 = ownedChars1;
-+        c1 = ownedChars1.get();
-     }
- 
-     const Char2* c2;
--    ScopedJSFreePtr<Char2> ownedChars2;
-+    UniquePtr<Char2[], JS::FreePolicy> ownedChars2;
-     if (s2->isLinear()) {
-         c2 = s2->asLinear().chars<Char2>(nogc);
-     } else {
--        if (!s2->asRope().copyChars<Char2>(/* tcx */ nullptr, ownedChars2))
-+        ownedChars2 = s2->asRope().copyChars<Char2>(/* tcx */ nullptr);
-+        if (!ownedChars2)
-             MOZ_CRASH("oom");
--        c2 = ownedChars2;
-+        c2 = ownedChars2.get();
-     }
- 
-     return EqualChars(c1, c2, s1->length());
- }
- 
- /* static */ bool
- InefficientNonFlatteningStringHashPolicy::match(const JSString* const& k, const Lookup& l)
- {
-@@ -143,24 +145,25 @@ NotableStringInfo::NotableStringInfo()
- {
- }
- 
- template <typename CharT>
- static void
- StoreStringChars(char* buffer, size_t bufferSize, JSString* str)
- {
-     const CharT* chars;
--    ScopedJSFreePtr<CharT> ownedChars;
-+    UniquePtr<CharT[], JS::FreePolicy> ownedChars;
-     JS::AutoCheckCannotGC nogc;
-     if (str->isLinear()) {
-         chars = str->asLinear().chars<CharT>(nogc);
-     } else {
--        if (!str->asRope().copyChars<CharT>(/* tcx */ nullptr, ownedChars))
-+        ownedChars = str->asRope().copyChars<CharT>(/* tcx */ nullptr);
-+        if (!ownedChars)
-             MOZ_CRASH("oom");
--        chars = ownedChars;
-+        chars = ownedChars.get();
-     }
- 
-     // We might truncate |str| even if it's much shorter than 1024 chars, if
-     // |str| contains unicode chars.  Since this is just for a memory reporter,
-     // we don't care.
-     PutEscapedString(buffer, bufferSize, chars, str->length(), /* quote */ 0);
- }
- 
-diff --git a/js/src/vm/SelfHosting.cpp b/js/src/vm/SelfHosting.cpp
---- a/js/src/vm/SelfHosting.cpp
-+++ b/js/src/vm/SelfHosting.cpp
-@@ -2950,24 +2950,24 @@ JSRuntime::initSelfHosting(JSContext* cx
-     FillSelfHostingCompileOptions(options);
- 
-     RootedValue rv(cx);
- 
-     uint32_t srcLen = GetRawScriptsSize();
- 
-     const unsigned char* compressed = compressedSources;
-     uint32_t compressedLen = GetCompressedSize();
--    ScopedJSFreePtr<char> src(selfHostingGlobal_->zone()->pod_malloc<char>(srcLen));
-+    UniqueChars src(selfHostingGlobal_->zone()->pod_malloc<char>(srcLen));
-     if (!src || !DecompressString(compressed, compressedLen,
-                                   reinterpret_cast<unsigned char*>(src.get()), srcLen))
-     {
-         return false;
-     }
- 
--    if (!Evaluate(cx, options, src, srcLen, &rv))
-+    if (!Evaluate(cx, options, src.get(), srcLen, &rv))
-         return false;
- 
-     if (!VerifyGlobalNames(cx, shg))
-         return false;
- 
-     return true;
- }
- 
-diff --git a/js/src/vm/StringType.cpp b/js/src/vm/StringType.cpp
---- a/js/src/vm/StringType.cpp
-+++ b/js/src/vm/StringType.cpp
-@@ -274,81 +274,82 @@ AllocChars(JSString* str, size_t length,
-     /* Like length, capacity does not include the null char, so take it out. */
-     *capacity = numChars - 1;
- 
-     JS_STATIC_ASSERT(JSString::MAX_LENGTH * sizeof(CharT) < UINT32_MAX);
-     *chars = str->zone()->pod_malloc<CharT>(numChars);
-     return *chars != nullptr;
- }
- 
--bool
--JSRope::copyLatin1CharsZ(JSContext* cx, ScopedJSFreePtr<Latin1Char>& out) const
-+UniquePtr<Latin1Char[], JS::FreePolicy>
-+JSRope::copyLatin1CharsZ(JSContext* cx) const
- {
--    return copyCharsInternal<Latin1Char>(cx, out, true);
-+    return copyCharsInternal<Latin1Char>(cx, true);
- }
- 
--bool
--JSRope::copyTwoByteCharsZ(JSContext* cx, ScopedJSFreePtr<char16_t>& out) const
-+UniqueTwoByteChars
-+JSRope::copyTwoByteCharsZ(JSContext* cx) const
- {
--    return copyCharsInternal<char16_t>(cx, out, true);
-+    return copyCharsInternal<char16_t>(cx, true);
- }
- 
--bool
--JSRope::copyLatin1Chars(JSContext* cx, ScopedJSFreePtr<Latin1Char>& out) const
-+UniquePtr<Latin1Char[], JS::FreePolicy>
-+JSRope::copyLatin1Chars(JSContext* cx) const
- {
--    return copyCharsInternal<Latin1Char>(cx, out, false);
-+    return copyCharsInternal<Latin1Char>(cx, false);
- }
- 
--bool
--JSRope::copyTwoByteChars(JSContext* cx, ScopedJSFreePtr<char16_t>& out) const
-+UniqueTwoByteChars
-+JSRope::copyTwoByteChars(JSContext* cx) const
- {
--    return copyCharsInternal<char16_t>(cx, out, false);
-+    return copyCharsInternal<char16_t>(cx, false);
- }
- 
- template <typename CharT>
--bool
--JSRope::copyCharsInternal(JSContext* cx, ScopedJSFreePtr<CharT>& out,
--                          bool nullTerminate) const
-+UniquePtr<CharT[], JS::FreePolicy>
-+JSRope::copyCharsInternal(JSContext* cx, bool nullTerminate) const
- {
-     // Left-leaning ropes are far more common than right-leaning ropes, so
-     // perform a non-destructive traversal of the rope, right node first,
-     // splatting each node's characters into a contiguous buffer.
- 
-     size_t n = length();
-+
-+    UniquePtr<CharT[], JS::FreePolicy> out;
-     if (cx)
-         out.reset(cx->pod_malloc<CharT>(n + 1));
-     else
-         out.reset(js_pod_malloc<CharT>(n + 1));
- 
-     if (!out)
--        return false;
-+        return nullptr;
- 
-     Vector<const JSString*, 8, SystemAllocPolicy> nodeStack;
-     const JSString* str = this;
--    CharT* end = out + str->length();
-+    CharT* end = out.get() + str->length();
-     while (true) {
-         if (str->isRope()) {
-             if (!nodeStack.append(str->asRope().leftChild()))
--                return false;
-+                return nullptr;
-             str = str->asRope().rightChild();
-         } else {
-             end -= str->length();
-             CopyChars(end, str->asLinear());
-             if (nodeStack.empty())
-                 break;
-             str = nodeStack.popCopy();
-         }
-     }
- 
--    MOZ_ASSERT(end == out);
-+    MOZ_ASSERT(end == out.get());
- 
-     if (nullTerminate)
-         out[n] = 0;
- 
--    return true;
-+    return out;
- }
- 
- template <typename CharT>
- void AddStringToHash(uint32_t* hash, const CharT* chars, size_t len)
- {
-     // It's tempting to use |HashString| instead of this loop, but that's
-     // slightly different than our existing implementation for non-ropes. We
-     // want to pretend we have a contiguous set of chars so we need to
-@@ -1497,31 +1498,31 @@ static JSFlatString*
- NewStringDeflated(JSContext* cx, const char16_t* s, size_t n)
- {
-     if (JSFlatString* str = TryEmptyOrStaticString(cx, s, n))
-         return str;
- 
-     if (JSInlineString::lengthFits<Latin1Char>(n))
-         return NewInlineStringDeflated<allowGC>(cx, mozilla::Range<const char16_t>(s, n));
- 
--    ScopedJSFreePtr<Latin1Char> news(cx->pod_malloc<Latin1Char>(n + 1));
-+    UniquePtr<Latin1Char[], JS::FreePolicy> news(cx->pod_malloc<Latin1Char>(n + 1));
-     if (!news)
-         return nullptr;
- 
-     for (size_t i = 0; i < n; i++) {
-         MOZ_ASSERT(s[i] <= JSString::MAX_LATIN1_CHAR);
--        news.get()[i] = Latin1Char(s[i]);
-+        news[i] = Latin1Char(s[i]);
-     }
-     news[n] = '\0';
- 
-     JSFlatString* str = JSFlatString::new_<allowGC>(cx, news.get(), n);
-     if (!str)
-         return nullptr;
- 
--    news.forget();
-+    mozilla::Unused << news.release();
-     return str;
- }
- 
- template <AllowGC allowGC>
- static JSFlatString*
- NewStringDeflated(JSContext* cx, const Latin1Char* s, size_t n)
- {
-     MOZ_CRASH("Shouldn't be called for Latin1 chars");
-@@ -1599,31 +1600,31 @@ JSFlatString*
- NewStringCopyNDontDeflate(JSContext* cx, const CharT* s, size_t n)
- {
-     if (JSFlatString* str = TryEmptyOrStaticString(cx, s, n))
-         return str;
- 
-     if (JSInlineString::lengthFits<CharT>(n))
-         return NewInlineString<allowGC>(cx, mozilla::Range<const CharT>(s, n));
- 
--    ScopedJSFreePtr<CharT> news(cx->pod_malloc<CharT>(n + 1));
-+    UniquePtr<CharT[], JS::FreePolicy> news(cx->pod_malloc<CharT>(n + 1));
-     if (!news) {
-         if (!allowGC)
-             cx->recoverFromOutOfMemory();
-         return nullptr;
-     }
- 
-     PodCopy(news.get(), s, n);
-     news[n] = 0;
- 
-     JSFlatString* str = JSFlatString::new_<allowGC>(cx, news.get(), n);
-     if (!str)
-         return nullptr;
- 
--    news.forget();
-+    mozilla::Unused << news.release();
-     return str;
- }
- 
- template JSFlatString*
- NewStringCopyNDontDeflate<CanGC>(JSContext* cx, const char16_t* s, size_t n);
- 
- template JSFlatString*
- NewStringCopyNDontDeflate<NoGC>(JSContext* cx, const char16_t* s, size_t n);
-diff --git a/js/src/vm/StringType.h b/js/src/vm/StringType.h
---- a/js/src/vm/StringType.h
-+++ b/js/src/vm/StringType.h
-@@ -17,16 +17,17 @@
- #include "builtin/String.h"
- #include "gc/Barrier.h"
- #include "gc/Cell.h"
- #include "gc/Heap.h"
- #include "gc/Nursery.h"
- #include "gc/Rooting.h"
- #include "js/CharacterEncoding.h"
- #include "js/RootingAPI.h"
-+#include "js/UniquePtr.h"
- #include "util/Text.h"
- #include "vm/Printer.h"
- 
- class JSDependentString;
- class JSExtensibleString;
- class JSExternalString;
- class JSInlineString;
- class JSRope;
-@@ -661,18 +662,18 @@ class JSString : public js::gc::Cell
-     JSString() = delete;
-     JSString(const JSString& other) = delete;
-     void operator=(const JSString& other) = delete;
- };
- 
- class JSRope : public JSString
- {
-     template <typename CharT>
--    bool copyCharsInternal(JSContext* cx, js::ScopedJSFreePtr<CharT>& out,
--                           bool nullTerminate) const;
-+    js::UniquePtr<CharT[], JS::FreePolicy> copyCharsInternal(JSContext* cx,
-+                                                             bool nullTerminate) const;
- 
-     enum UsingBarrier { WithIncrementalBarrier, NoBarrier };
- 
-     template<UsingBarrier b, typename CharT>
-     JSFlatString* flattenInternal(JSContext* cx);
- 
-     template<UsingBarrier b>
-     JSFlatString* flattenInternal(JSContext* cx);
-@@ -684,26 +685,24 @@ class JSRope : public JSString
- 
-   public:
-     template <js::AllowGC allowGC>
-     static inline JSRope* new_(JSContext* cx,
-                                typename js::MaybeRooted<JSString*, allowGC>::HandleType left,
-                                typename js::MaybeRooted<JSString*, allowGC>::HandleType right,
-                                size_t length, js::gc::InitialHeap = js::gc::DefaultHeap);
- 
--    bool copyLatin1Chars(JSContext* cx,
--                         js::ScopedJSFreePtr<JS::Latin1Char>& out) const;
--    bool copyTwoByteChars(JSContext* cx, js::ScopedJSFreePtr<char16_t>& out) const;
-+    js::UniquePtr<JS::Latin1Char[], JS::FreePolicy> copyLatin1Chars(JSContext* cx) const;
-+    JS::UniqueTwoByteChars copyTwoByteChars(JSContext* cx) const;
- 
--    bool copyLatin1CharsZ(JSContext* cx,
--                          js::ScopedJSFreePtr<JS::Latin1Char>& out) const;
--    bool copyTwoByteCharsZ(JSContext* cx, js::ScopedJSFreePtr<char16_t>& out) const;
-+    js::UniquePtr<JS::Latin1Char[], JS::FreePolicy> copyLatin1CharsZ(JSContext* cx) const;
-+    JS::UniqueTwoByteChars copyTwoByteCharsZ(JSContext* cx) const;
- 
-     template <typename CharT>
--    bool copyChars(JSContext* cx, js::ScopedJSFreePtr<CharT>& out) const;
-+    js::UniquePtr<CharT[], JS::FreePolicy> copyChars(JSContext* cx) const;
- 
-     // Hash function specific for ropes that avoids allocating a temporary
-     // string. There are still allocations internally so it's technically
-     // fallible.
-     //
-     // Returns the same value as if this were a linear string being hashed.
-     MOZ_MUST_USE bool hash(uint32_t* outhHash) const;
- 
-@@ -1729,28 +1728,27 @@ JSLinearString::chars(const JS::AutoRequ
- template<>
- MOZ_ALWAYS_INLINE const JS::Latin1Char*
- JSLinearString::chars(const JS::AutoRequireNoGC& nogc) const
- {
-     return rawLatin1Chars();
- }
- 
- template <>
--MOZ_ALWAYS_INLINE bool
--JSRope::copyChars<JS::Latin1Char>(JSContext* cx,
--                                  js::ScopedJSFreePtr<JS::Latin1Char>& out) const
-+MOZ_ALWAYS_INLINE js::UniquePtr<JS::Latin1Char[], JS::FreePolicy>
-+JSRope::copyChars<JS::Latin1Char>(JSContext* cx) const
- {
--    return copyLatin1Chars(cx, out);
-+    return copyLatin1Chars(cx);
- }
- 
- template <>
--MOZ_ALWAYS_INLINE bool
--JSRope::copyChars<char16_t>(JSContext* cx, js::ScopedJSFreePtr<char16_t>& out) const
-+MOZ_ALWAYS_INLINE JS::UniqueTwoByteChars
-+JSRope::copyChars<char16_t>(JSContext* cx) const
- {
--    return copyTwoByteChars(cx, out);
-+    return copyTwoByteChars(cx);
- }
- 
- template<>
- MOZ_ALWAYS_INLINE bool
- JSThinInlineString::lengthFits<JS::Latin1Char>(size_t length)
- {
-     return length <= MAX_LENGTH_LATIN1;
- }

frg/work-js/mozilla-release/patches/mozilla-central-push_423435.patch

@@ -1,350 +0,0 @@
-# HG changeset patch
-# User Andre Bargull <andre.bargull@gmail.com>
-# Date 1529699379 25200
-#      Fri Jun 22 13:29:39 2018 -0700
-# Node ID 390ba7756cae841c7cb6b0b2787b3cc7347bda69
-# Parent  d600ad533a95d45ae773c0888fb6093e711fe6b6
-Bug 1467438 - Part 2: Replace remaining ScopedJSFreePtr with UniquePtr. r=sfink
-
-diff --git a/js/src/ctypes/CTypes.cpp b/js/src/ctypes/CTypes.cpp
---- a/js/src/ctypes/CTypes.cpp
-+++ b/js/src/ctypes/CTypes.cpp
-@@ -34,16 +34,17 @@
- #include "jsnum.h"
- 
- #include "builtin/TypedObject.h"
- #include "ctypes/Library.h"
- #include "gc/FreeOp.h"
- #include "gc/Policy.h"
- #include "gc/Zone.h"
- #include "jit/AtomicOperations.h"
-+#include "js/UniquePtr.h"
- #include "js/Vector.h"
- #include "util/Windows.h"
- #include "vm/JSContext.h"
- #include "vm/JSFunction.h"
- 
- #include "vm/JSObject-inl.h"
- 
- using namespace std;
-@@ -8388,35 +8389,34 @@ CDataFinalizer::Construct(JSContext* cx,
-   size_t sizeArg;
-   RootedValue valData(cx, args[0]);
-   if (!CType::GetSafeSize(objArgType, &sizeArg)) {
-     RootedValue valCodeType(cx, ObjectValue(*objCodeType));
-     return TypeError(cx, "a function with one known size argument",
-                      valCodeType);
-   }
- 
--  ScopedJSFreePtr<void> cargs(malloc(sizeArg));
-+  UniquePtr<void, JS::FreePolicy> cargs(malloc(sizeArg));
- 
-   if (!ImplicitConvert(cx, valData, objArgType, cargs.get(),
-                        ConversionType::Finalizer, &freePointer,
-                        objCodePtrType, 0)) {
-     return false;
-   }
-   if (freePointer) {
-     // Note: We could handle that case, if necessary.
-     JS_ReportErrorASCII(cx, "Internal Error during CDataFinalizer. Object cannot be represented");
-     return false;
-   }
- 
-   // 4. Prepare buffer for holding return value
- 
--  ScopedJSFreePtr<void> rvalue;
-+  UniquePtr<void, JS::FreePolicy> rvalue;
-   if (CType::GetTypeCode(returnType) != TYPE_void_t) {
--    rvalue = malloc(Align(CType::GetSize(returnType),
--                          sizeof(ffi_arg)));
-+    rvalue.reset(malloc(Align(CType::GetSize(returnType), sizeof(ffi_arg))));
-   } //Otherwise, simply do not allocate
- 
-   // 5. Create |objResult|
- 
-   JSObject* objResult = JS_NewObjectWithGivenProto(cx, &sCDataFinalizerClass, objProto);
-   if (!objResult) {
-     return false;
-   }
-@@ -8460,28 +8460,28 @@ CDataFinalizer::Construct(JSContext* cx,
-   ffi_type* rtype = CType::GetFFIType(cx, funInfoFinalizer->mReturnType);
-   if (!rtype) {
-     JS_ReportErrorASCII(cx, "Internal Error: "
-                         "Could not access ffi type of CDataFinalizer");
-     return false;
-   }
- 
-   // 7. Store C information as private
--  ScopedJSFreePtr<CDataFinalizer::Private>
-+  UniquePtr<CDataFinalizer::Private, JS::FreePolicy>
-     p((CDataFinalizer::Private*)malloc(sizeof(CDataFinalizer::Private)));
- 
-   memmove(&p->CIF, &funInfoFinalizer->mCIF, sizeof(ffi_cif));
- 
--  p->cargs = cargs.forget();
--  p->rvalue = rvalue.forget();
-+  p->cargs = cargs.release();
-+  p->rvalue = rvalue.release();
-   p->cargs_size = sizeArg;
-   p->code = code;
- 
- 
--  JS_SetPrivate(objResult, p.forget());
-+  JS_SetPrivate(objResult, p.release());
-   args.rval().setObject(*objResult);
-   return true;
- }
- 
- 
- /*
-  * Actually call the finalizer. Does not perform any cleanup on the object.
-  *
-diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
---- a/js/src/vm/JSScript.cpp
-+++ b/js/src/vm/JSScript.cpp
-@@ -32,16 +32,17 @@
- #include "frontend/BytecodeEmitter.h"
- #include "frontend/SharedContext.h"
- #include "gc/FreeOp.h"
- #include "jit/BaselineJIT.h"
- #include "jit/Ion.h"
- #include "jit/IonCode.h"
- #include "js/MemoryMetrics.h"
- #include "js/Printf.h"
-+#include "js/UniquePtr.h"
- #include "js/Utility.h"
- #include "js/Wrapper.h"
- #include "util/StringBuffer.h"
- #include "util/Text.h"
- #include "vm/ArgumentsObject.h"
- #include "vm/BytecodeUtil.h"
- #include "vm/Compression.h"
- #include "vm/Debugger.h"
-@@ -3446,17 +3447,17 @@ js::detail::CopyScript(JSContext* cx, Ha
-     uint32_t nscopes   = src->scopes()->length;
-     uint32_t ntrynotes = src->hasTrynotes() ? src->trynotes()->length : 0;
-     uint32_t nscopenotes = src->hasScopeNotes() ? src->scopeNotes()->length : 0;
-     uint32_t nyieldoffsets = src->hasYieldAndAwaitOffsets() ? src->yieldAndAwaitOffsets().length() : 0;
- 
-     /* Script data */
- 
-     size_t size = src->dataSize();
--    ScopedJSFreePtr<uint8_t> data(AllocScriptData(cx->zone(), size));
-+    UniquePtr<uint8_t, JS::FreePolicy> data(AllocScriptData(cx->zone(), size));
-     if (size && !data) {
-         ReportOutOfMemory(cx);
-         return false;
-     }
- 
-     /* Scopes */
- 
-     // The passed in scopes vector contains body scopes that needed to be
-@@ -3514,17 +3515,17 @@ js::detail::CopyScript(JSContext* cx, Ha
-             }
- 
-             if (!clone || !objects.append(clone))
-                 return false;
-         }
-     }
- 
-     /* This assignment must occur before all the Rebase calls. */
--    dst->data = data.forget();
-+    dst->data = data.release();
-     dst->dataSize_ = size;
-     MOZ_ASSERT(bool(dst->data) == bool(src->data));
-     if (dst->data)
-         memcpy(dst->data, src->data, size);
- 
-     if (cx->zone() != src->zoneFromAnyThread()) {
-         for (size_t i = 0; i < src->scriptData()->natoms(); i++)
-             cx->markAtom(src->scriptData()->atoms()[i]);
-@@ -4250,30 +4251,33 @@ LazyScript::CreateRaw(JSContext* cx, Han
- 
-     // Reset runtime flags to obtain a fresh LazyScript.
-     p.hasBeenCloned = false;
-     p.treatAsRunOnce = false;
- 
-     size_t bytes = (p.numClosedOverBindings * sizeof(JSAtom*))
-                  + (p.numInnerFunctions * sizeof(GCPtrFunction));
- 
--    ScopedJSFreePtr<uint8_t> table(bytes ? fun->zone()->pod_malloc<uint8_t>(bytes) : nullptr);
--    if (bytes && !table) {
--        ReportOutOfMemory(cx);
--        return nullptr;
-+    UniquePtr<uint8_t, JS::FreePolicy> table;
-+    if (bytes) {
-+        table.reset(fun->zone()->pod_malloc<uint8_t>(bytes));
-+        if (!table) {
-+            ReportOutOfMemory(cx);
-+            return nullptr;
-+        }
-     }
- 
-     LazyScript* res = Allocate<LazyScript>(cx);
-     if (!res)
-         return nullptr;
- 
-     cx->realm()->scheduleDelazificationForDebugger();
- 
--    return new (res) LazyScript(fun, *sourceObject, table.forget(), packed, sourceStart, sourceEnd,
--                                toStringStart, lineno, column);
-+    return new (res) LazyScript(fun, *sourceObject, table.release(), packed, sourceStart,
-+                                sourceEnd, toStringStart, lineno, column);
- }
- 
- /* static */ LazyScript*
- LazyScript::Create(JSContext* cx, HandleFunction fun,
-                    HandleScriptSourceObject sourceObject,
-                    const frontend::AtomVector& closedOverBindings,
-                    Handle<GCVector<JSFunction*, 8>> innerFunctions,
-                    uint32_t sourceStart, uint32_t sourceEnd,
-diff --git a/js/src/vm/ObjectGroup.cpp b/js/src/vm/ObjectGroup.cpp
---- a/js/src/vm/ObjectGroup.cpp
-+++ b/js/src/vm/ObjectGroup.cpp
-@@ -2,26 +2,28 @@
-  * vim: set ts=8 sts=4 et sw=4 tw=99:
-  * This Source Code Form is subject to the terms of the Mozilla Public
-  * License, v. 2.0. If a copy of the MPL was not distributed with this
-  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
- 
- #include "vm/ObjectGroup.h"
- 
- #include "mozilla/Maybe.h"
-+#include "mozilla/Unused.h"
- 
- #include "jsexn.h"
- 
- #include "builtin/DataViewObject.h"
- #include "gc/FreeOp.h"
- #include "gc/HashUtil.h"
- #include "gc/Policy.h"
- #include "gc/StoreBuffer.h"
- #include "gc/Zone.h"
- #include "js/CharacterEncoding.h"
-+#include "js/UniquePtr.h"
- #include "vm/ArrayObject.h"
- #include "vm/JSObject.h"
- #include "vm/RegExpObject.h"
- #include "vm/Shape.h"
- #include "vm/TaggedProto.h"
- 
- #include "gc/Marking-inl.h"
- #include "vm/UnboxedObject-inl.h"
-@@ -1225,53 +1227,53 @@ ObjectGroup::newPlainObject(JSContext* c
-         // will try to use an unboxed layout for the group.
-         PreliminaryObjectArrayWithTemplate* preliminaryObjects =
-             cx->new_<PreliminaryObjectArrayWithTemplate>(obj->lastProperty());
-         if (!preliminaryObjects)
-             return nullptr;
-         group->setPreliminaryObjects(preliminaryObjects);
-         preliminaryObjects->registerNewObject(obj);
- 
--        ScopedJSFreePtr<jsid> ids(group->zone()->pod_calloc<jsid>(nproperties));
-+        UniquePtr<jsid[], JS::FreePolicy> ids(group->zone()->pod_calloc<jsid>(nproperties));
-         if (!ids) {
-             ReportOutOfMemory(cx);
-             return nullptr;
-         }
- 
--        ScopedJSFreePtr<TypeSet::Type> types(
-+        UniquePtr<TypeSet::Type[], JS::FreePolicy> types(
-             group->zone()->pod_calloc<TypeSet::Type>(nproperties));
-         if (!types) {
-             ReportOutOfMemory(cx);
-             return nullptr;
-         }
- 
-         for (size_t i = 0; i < nproperties; i++) {
-             ids[i] = properties[i].id;
-             types[i] = GetValueTypeForTable(obj->getSlot(i));
-             AddTypePropertyId(cx, group, nullptr, IdToTypeId(ids[i]), types[i]);
-         }
- 
-         ObjectGroupRealm::PlainObjectKey key;
--        key.properties = ids;
-+        key.properties = ids.get();
-         key.nproperties = nproperties;
-         MOZ_ASSERT(ObjectGroupRealm::PlainObjectKey::match(key, lookup));
- 
-         ObjectGroupRealm::PlainObjectEntry entry;
-         entry.group.set(group);
-         entry.shape.set(obj->lastProperty());
--        entry.types = types;
-+        entry.types = types.get();
- 
-         ObjectGroupRealm::PlainObjectTable::AddPtr np = table->lookupForAdd(lookup);
-         if (!table->add(np, key, entry)) {
-             ReportOutOfMemory(cx);
-             return nullptr;
-         }
- 
--        ids.forget();
--        types.forget();
-+        mozilla::Unused << ids.release();
-+        mozilla::Unused << types.release();
- 
-         return obj;
-     }
- 
-     RootedObjectGroup group(cx, p->value().group);
- 
-     // AutoSweepObjectGroup checks no GC happens in its scope, so we use Maybe
-     // and reset() it before GC calls.
-diff --git a/js/src/vm/TypedArrayObject.cpp b/js/src/vm/TypedArrayObject.cpp
---- a/js/src/vm/TypedArrayObject.cpp
-+++ b/js/src/vm/TypedArrayObject.cpp
-@@ -25,16 +25,17 @@
- 
- #include "builtin/Array.h"
- #include "builtin/DataViewObject.h"
- #include "builtin/TypedObjectConstants.h"
- #include "gc/Barrier.h"
- #include "gc/Marking.h"
- #include "jit/InlinableNatives.h"
- #include "js/Conversions.h"
-+#include "js/UniquePtr.h"
- #include "js/Wrapper.h"
- #include "util/Windows.h"
- #include "vm/ArrayBufferObject.h"
- #include "vm/GlobalObject.h"
- #include "vm/Interpreter.h"
- #include "vm/JSContext.h"
- #include "vm/JSObject.h"
- #include "vm/PIC.h"
-@@ -647,33 +648,31 @@ class TypedArrayObjectTemplate : public 
-                                   ? GetGCObjectKind(clasp)
-                                   : AllocKindForLazyBuffer(nbytes);
-         MOZ_ASSERT(CanBeFinalizedInBackground(allocKind, clasp));
-         allocKind = GetBackgroundAllocKind(allocKind);
-         RootedObjectGroup group(cx, templateObj->group());
- 
-         NewObjectKind newKind = TenuredObject;
- 
--        ScopedJSFreePtr<void> buf;
-+        UniquePtr<void, JS::FreePolicy> buf;
-         if (!fitsInline && len > 0) {
--            buf = cx->zone()->pod_malloc<uint8_t>(nbytes);
-+            buf.reset(cx->zone()->pod_calloc<uint8_t>(nbytes));
-             if (!buf) {
-                 ReportOutOfMemory(cx);
-                 return nullptr;
-             }
--
--            memset(buf, 0, nbytes);
-         }
- 
-         TypedArrayObject* obj = NewObjectWithGroup<TypedArrayObject>(cx, group, allocKind, newKind);
-         if (!obj)
-             return nullptr;
- 
-         initTypedArraySlots(obj, len);
--        initTypedArrayData(cx, obj, len, buf.forget(), allocKind);
-+        initTypedArrayData(cx, obj, len, buf.release(), allocKind);
- 
-         return obj;
-     }
- 
-     // ES2018 draft rev 8340bf9a8427ea81bb0d1459471afbcc91d18add
-     // 22.2.4.1 TypedArray ( )
-     // 22.2.4.2 TypedArray ( length )
-     // 22.2.4.3 TypedArray ( typedArray )

frg/work-js/mozilla-release/patches/mozilla-central-push_423436.patch

@@ -1,401 +0,0 @@
-# HG changeset patch
-# User Andre Bargull <andre.bargull@gmail.com>
-# Date 1529699380 25200
-#      Fri Jun 22 13:29:40 2018 -0700
-# Node ID e4d237883ed6b8f6694f1e0af63d60a19625958b
-# Parent  390ba7756cae841c7cb6b0b2787b3cc7347bda69
-Bug 1467438 - Part 3: Replace ScopedJSDeletePtr with UniquePtr. r=sfink
-
-diff --git a/js/src/jit/Ion.cpp b/js/src/jit/Ion.cpp
---- a/js/src/jit/Ion.cpp
-+++ b/js/src/jit/Ion.cpp
-@@ -4,16 +4,17 @@
-  * License, v. 2.0. If a copy of the MPL was not distributed with this
-  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
- 
- #include "jit/Ion.h"
- 
- #include "mozilla/IntegerPrintfMacros.h"
- #include "mozilla/MemoryReporting.h"
- #include "mozilla/ThreadLocal.h"
-+#include "mozilla/Unused.h"
- 
- #include "gc/FreeOp.h"
- #include "gc/Marking.h"
- #include "jit/AliasAnalysis.h"
- #include "jit/AlignmentMaskAnalysis.h"
- #include "jit/BacktrackingAllocator.h"
- #include "jit/BaselineFrame.h"
- #include "jit/BaselineInspector.h"
-@@ -41,16 +42,17 @@
- #include "jit/PerfSpewer.h"
- #include "jit/RangeAnalysis.h"
- #include "jit/ScalarReplacement.h"
- #include "jit/Sink.h"
- #include "jit/StupidAllocator.h"
- #include "jit/ValueNumbering.h"
- #include "jit/WasmBCE.h"
- #include "js/Printf.h"
-+#include "js/UniquePtr.h"
- #include "util/Windows.h"
- #include "vm/Debugger.h"
- #include "vm/HelperThreads.h"
- #include "vm/Realm.h"
- #include "vm/TraceLogging.h"
- #include "vtune/VTuneWrapper.h"
- 
- #include "gc/PrivateIterators-inl.h"
-@@ -2040,23 +2042,21 @@ IonCompile(JSContext* cx, JSScript* scri
-     AutoTraceLog logCompile(logger, TraceLogger_IonCompilation);
- 
-     // Make sure the script's canonical function isn't lazy. We can't de-lazify
-     // it in a helper thread.
-     script->ensureNonLazyCanonicalFunction();
- 
-     TrackPropertiesForSingletonScopes(cx, script, baselineFrame);
- 
--    LifoAlloc* alloc = cx->new_<LifoAlloc>(TempAllocator::PreferredLifoChunkSize);
-+    auto alloc = cx->make_unique<LifoAlloc>(TempAllocator::PreferredLifoChunkSize);
-     if (!alloc)
-         return AbortReason::Alloc;
- 
--    ScopedJSDeletePtr<LifoAlloc> autoDelete(alloc);
--
--    TempAllocator* temp = alloc->new_<TempAllocator>(alloc);
-+    TempAllocator* temp = alloc->new_<TempAllocator>(alloc.get());
-     if (!temp)
-         return AbortReason::Alloc;
- 
-     JitContext jctx(cx, temp);
- 
-     if (!cx->realm()->ensureJitRealmExists(cx))
-         return AbortReason::Alloc;
- 
-@@ -2179,34 +2179,33 @@ IonCompile(JSContext* cx, JSScript* scri
-             return AbortReason::Alloc;
-         }
- 
-         if (!recompile)
-             builderScript->setIonScript(cx->runtime(), ION_COMPILING_SCRIPT);
- 
-         // The allocator and associated data will be destroyed after being
-         // processed in the finishedOffThreadCompilations list.
--        autoDelete.forget();
-+        mozilla::Unused << alloc.release();
- 
-         return AbortReason::NoAbort;
-     }
- 
-     bool succeeded = false;
-     {
--        ScopedJSDeletePtr<CodeGenerator> codegen;
-         AutoEnterAnalysis enter(cx);
--        codegen = CompileBackEnd(builder);
-+        UniquePtr<CodeGenerator> codegen(CompileBackEnd(builder));
-         if (!codegen) {
-             JitSpew(JitSpew_IonAbort, "Failed during back-end compilation.");
-             if (cx->isExceptionPending())
-                 return AbortReason::Error;
-             return AbortReason::Disable;
-         }
- 
--        succeeded = LinkCodeGen(cx, builder, codegen);
-+        succeeded = LinkCodeGen(cx, builder, codegen.get());
-     }
- 
-     if (succeeded)
-         return AbortReason::NoAbort;
-     if (cx->isExceptionPending())
-         return AbortReason::Error;
-     return AbortReason::Disable;
- }
-diff --git a/js/src/vm/HelperThreads.cpp b/js/src/vm/HelperThreads.cpp
---- a/js/src/vm/HelperThreads.cpp
-+++ b/js/src/vm/HelperThreads.cpp
-@@ -9,16 +9,17 @@
- #include "mozilla/Maybe.h"
- #include "mozilla/ScopeExit.h"
- #include "mozilla/Unused.h"
- 
- #include "builtin/Promise.h"
- #include "frontend/BytecodeCompiler.h"
- #include "gc/GCInternals.h"
- #include "jit/IonBuilder.h"
-+#include "js/UniquePtr.h"
- #include "js/Utility.h"
- #include "threading/CpuCount.h"
- #include "util/NativeStack.h"
- #include "vm/Debugger.h"
- #include "vm/ErrorReporting.h"
- #include "vm/SharedImmutableStringsCache.h"
- #include "vm/Time.h"
- #include "vm/TraceLogging.h"
-@@ -821,80 +822,75 @@ StartOffThreadParseTask(JSContext* cx, P
-     return true;
- }
- 
- bool
- js::StartOffThreadParseScript(JSContext* cx, const ReadOnlyCompileOptions& options,
-                               const char16_t* chars, size_t length,
-                               JS::OffThreadCompileCallback callback, void* callbackData)
- {
--    ScopedJSDeletePtr<ParseTask> task;
--    task = cx->new_<ScriptParseTask>(cx, chars, length, callback, callbackData);
--    if (!task || !StartOffThreadParseTask(cx, task, options))
-+    auto task = cx->make_unique<ScriptParseTask>(cx, chars, length, callback, callbackData);
-+    if (!task || !StartOffThreadParseTask(cx, task.get(), options))
-         return false;
- 
--    task.forget();
-+    Unused << task.release();
-     return true;
- }
- 
- bool
- js::StartOffThreadParseModule(JSContext* cx, const ReadOnlyCompileOptions& options,
-                               const char16_t* chars, size_t length,
-                               JS::OffThreadCompileCallback callback, void* callbackData)
- {
--    ScopedJSDeletePtr<ParseTask> task;
--    task = cx->new_<ModuleParseTask>(cx, chars, length, callback, callbackData);
--    if (!task || !StartOffThreadParseTask(cx, task, options))
-+    auto task = cx->make_unique<ModuleParseTask>(cx, chars, length, callback, callbackData);
-+    if (!task || !StartOffThreadParseTask(cx, task.get(), options))
-         return false;
- 
--    task.forget();
-+    Unused << task.release();
-     return true;
- }
- 
- bool
- js::StartOffThreadDecodeScript(JSContext* cx, const ReadOnlyCompileOptions& options,
-                                const JS::TranscodeRange& range,
-                                JS::OffThreadCompileCallback callback, void* callbackData)
- {
--    ScopedJSDeletePtr<ParseTask> task;
--    task = cx->new_<ScriptDecodeTask>(cx, range, callback, callbackData);
--    if (!task || !StartOffThreadParseTask(cx, task, options))
-+    auto task = cx->make_unique<ScriptDecodeTask>(cx, range, callback, callbackData);
-+    if (!task || !StartOffThreadParseTask(cx, task.get(), options))
-         return false;
- 
--    task.forget();
-+    Unused << task.release();
-     return true;
- }
- 
- bool
- js::StartOffThreadDecodeMultiScripts(JSContext* cx, const ReadOnlyCompileOptions& options,
-                                      JS::TranscodeSources& sources,
-                                      JS::OffThreadCompileCallback callback, void* callbackData)
- {
--    ScopedJSDeletePtr<ParseTask> task;
--    task = cx->new_<MultiScriptsDecodeTask>(cx, sources, callback, callbackData);
--    if (!task || !StartOffThreadParseTask(cx, task, options))
-+    auto task = cx->make_unique<MultiScriptsDecodeTask>(cx, sources, callback, callbackData);
-+    if (!task || !StartOffThreadParseTask(cx, task.get(), options))
-         return false;
- 
--    task.forget();
-+    Unused << task.release();
-     return true;
- }
- 
- #if defined(JS_BUILD_BINAST)
- 
- bool
- js::StartOffThreadDecodeBinAST(JSContext* cx, const ReadOnlyCompileOptions& options,
-                                const uint8_t* buf, size_t length,
-                                JS::OffThreadCompileCallback callback, void *callbackData)
- {
--    ScopedJSDeletePtr<ParseTask> task;
--    task = cx->new_<BinASTDecodeTask>(cx, buf, length, callback, callbackData);
--    if (!task || !StartOffThreadParseTask(cx, task, options))
-+    auto task = cx->make_unique<BinASTDecodeTask>(cx, buf, length, callback, callbackData);
-+    if (!task || !StartOffThreadParseTask(cx, task.get(), options))
-         return false;
- 
--    task.forget();
-+    Unused << task.release();
-     return true;
- }
- 
- #endif /* JS_BUILD_BINAST */
- 
- void
- js::EnqueuePendingParseTasksAfterGC(JSRuntime* rt)
- {
-@@ -1660,43 +1656,42 @@ GlobalHelperThreadState::removeFinishedP
- 
- template <typename F, typename>
- bool
- GlobalHelperThreadState::finishParseTask(JSContext* cx, ParseTaskKind kind,
-                                          JS::OffThreadToken* token, F&& finishCallback)
- {
-     MOZ_ASSERT(cx->realm());
- 
--    ScopedJSDeletePtr<ParseTask> parseTask(removeFinishedParseTask(kind, token));
-+    Rooted<UniquePtr<ParseTask>> parseTask(cx, removeFinishedParseTask(kind, token));
- 
-     // Make sure we have all the constructors we need for the prototype
-     // remapping below, since we can't GC while that's happening.
-     if (!EnsureParserCreatedClasses(cx, kind)) {
--        LeaveParseTaskZone(cx->runtime(), parseTask);
-+        LeaveParseTaskZone(cx->runtime(), parseTask.get().get());
-         return false;
-     }
- 
--    mergeParseTaskRealm(cx, parseTask, cx->realm());
--
--    bool ok = finishCallback(parseTask);
-+    mergeParseTaskRealm(cx, parseTask.get().get(), cx->realm());
-+
-+    bool ok = finishCallback(parseTask.get().get());
- 
-     for (auto& script : parseTask->scripts)
-         releaseAssertSameCompartment(cx, script);
- 
-     if (!parseTask->finish(cx) || !ok)
-         return false;
- 
-     // Report out of memory errors eagerly, or errors could be malformed.
-     if (parseTask->outOfMemory) {
-         ReportOutOfMemory(cx);
-         return false;
-     }
- 
--    // Report any error or warnings generated during the parse, and inform the
--    // debugger about the compiled scripts.
-+    // Report any error or warnings generated during the parse.
-     for (size_t i = 0; i < parseTask->errors.length(); i++)
-         parseTask->errors[i]->throwError(cx);
-     if (parseTask->overRecursed)
-         ReportOverRecursed(cx);
-     if (cx->isExceptionPending())
-         return false;
- 
-     return true;
-diff --git a/js/src/vm/TypeInference.cpp b/js/src/vm/TypeInference.cpp
---- a/js/src/vm/TypeInference.cpp
-+++ b/js/src/vm/TypeInference.cpp
-@@ -21,16 +21,17 @@
- #include "gc/HashUtil.h"
- #include "jit/BaselineJIT.h"
- #include "jit/CompileInfo.h"
- #include "jit/Ion.h"
- #include "jit/IonAnalysis.h"
- #include "jit/JitRealm.h"
- #include "jit/OptimizationTracking.h"
- #include "js/MemoryMetrics.h"
-+#include "js/UniquePtr.h"
- #include "vm/HelperThreads.h"
- #include "vm/JSContext.h"
- #include "vm/JSObject.h"
- #include "vm/JSScript.h"
- #include "vm/Opcodes.h"
- #include "vm/Printer.h"
- #include "vm/Shape.h"
- #include "vm/Time.h"
-@@ -3636,17 +3637,17 @@ PreliminaryObjectArrayWithTemplate::mayb
- {
-     // Don't perform the analyses until sufficient preliminary objects have
-     // been allocated.
-     if (!force && !full())
-         return;
- 
-     AutoEnterAnalysis enter(cx);
- 
--    ScopedJSDeletePtr<PreliminaryObjectArrayWithTemplate> preliminaryObjects(this);
-+    UniquePtr<PreliminaryObjectArrayWithTemplate> preliminaryObjects(this);
-     group->detachPreliminaryObjects();
- 
-     MOZ_ASSERT(shape());
-     MOZ_ASSERT(shape()->slotSpan() != 0);
-     MOZ_ASSERT(OnlyHasDataProperties(shape()));
- 
-     // Make sure all the preliminary objects reflect the properties originally
-     // in the template object.
-@@ -3658,17 +3659,17 @@ PreliminaryObjectArrayWithTemplate::mayb
- 
-         if (obj->inDictionaryMode() || !OnlyHasDataProperties(obj->lastProperty()))
-             return;
- 
-         if (CommonPrefix(obj->lastProperty(), shape()) != shape())
-             return;
-     }
- 
--    TryConvertToUnboxedLayout(cx, enter, shape(), group, preliminaryObjects);
-+    TryConvertToUnboxedLayout(cx, enter, shape(), group, preliminaryObjects.get());
-     AutoSweepObjectGroup sweep(group);
-     if (group->maybeUnboxedLayout(sweep))
-         return;
- 
-     // We weren't able to use an unboxed layout, but since the preliminary
-     // objects still reflect the template object's properties, and all
-     // objects in the future will be created with those properties, the
-     // properties can be marked as definite for objects in the group.
-@@ -3687,41 +3688,41 @@ TypeNewScript::make(JSContext* cx, Objec
-     AutoSweepObjectGroup sweep(group);
-     MOZ_ASSERT(cx->zone()->types.activeAnalysis);
-     MOZ_ASSERT(!group->newScript(sweep));
-     MOZ_ASSERT(!group->maybeUnboxedLayout(sweep));
- 
-     if (group->unknownProperties(sweep))
-         return true;
- 
--    ScopedJSDeletePtr<TypeNewScript> newScript(cx->new_<TypeNewScript>());
-+    auto newScript = cx->make_unique<TypeNewScript>();
-     if (!newScript)
-         return false;
- 
-     newScript->function_ = fun;
- 
-     newScript->preliminaryObjects = group->zone()->new_<PreliminaryObjectArray>();
-     if (!newScript->preliminaryObjects)
-         return true;
- 
--    group->setNewScript(newScript.forget());
-+    group->setNewScript(newScript.release());
- 
-     gc::gcTracer.traceTypeNewScript(group);
-     return true;
- }
- 
- // Make a TypeNewScript with the same initializer list as |newScript| but with
- // a new template object.
- /* static */ TypeNewScript*
- TypeNewScript::makeNativeVersion(JSContext* cx, TypeNewScript* newScript,
-                                  PlainObject* templateObject)
- {
-     MOZ_RELEASE_ASSERT(cx->zone()->types.activeAnalysis);
- 
--    ScopedJSDeletePtr<TypeNewScript> nativeNewScript(cx->new_<TypeNewScript>());
-+    auto nativeNewScript = cx->make_unique<TypeNewScript>();
-     if (!nativeNewScript)
-         return nullptr;
- 
-     nativeNewScript->function_ = newScript->function();
-     nativeNewScript->templateObject_ = templateObject;
- 
-     Initializer* cursor = newScript->initializerList;
-     while (cursor->kind != Initializer::DONE) { cursor++; }
-@@ -3729,17 +3730,17 @@ TypeNewScript::makeNativeVersion(JSConte
- 
-     nativeNewScript->initializerList = cx->zone()->pod_calloc<Initializer>(initializerLength);
-     if (!nativeNewScript->initializerList) {
-         ReportOutOfMemory(cx);
-         return nullptr;
-     }
-     PodCopy(nativeNewScript->initializerList, newScript->initializerList, initializerLength);
- 
--    return nativeNewScript.forget();
-+    return nativeNewScript.release();
- }
- 
- size_t
- TypeNewScript::sizeOfIncludingThis(mozilla::MallocSizeOf mallocSizeOf) const
- {
-     size_t n = mallocSizeOf(this);
-     n += mallocSizeOf(preliminaryObjects);
-     n += mallocSizeOf(initializerList);

frg/work-js/mozilla-release/patches/mozilla-central_438583.patch

@@ -0,0 +1,2030 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1534993363 14400
+#      Wed Aug 22 23:02:43 2018 -0400
+# Node ID 78d60776b5be58408a15de4346b302d1df1f8c14
+# Parent  dc4ca2dbed1fbabaa968cc1b802ba31406e45941
+Bug 1485347 - Part 3: Use mozilla::Span for JSScript::data arrays. r=jandem
+
+Replace various custom data-types in JSScript interfaces with
+mozilla::Span. This abstracts implementation details and supports
+range-based for-loops. Underlying storage is unchanged, but this sets us
+up to be able to more easily change it.
+
+MozReview-Commit-ID: FDfIYsAxTA8
+
+diff --git a/js/src/frontend/BytecodeEmitter.cpp b/js/src/frontend/BytecodeEmitter.cpp
+--- a/js/src/frontend/BytecodeEmitter.cpp
++++ b/js/src/frontend/BytecodeEmitter.cpp
+@@ -10,16 +10,17 @@
+ 
+ #include "frontend/BytecodeEmitter.h"
+ 
+ #include "mozilla/ArrayUtils.h"
+ #include "mozilla/DebugOnly.h"
+ #include "mozilla/FloatingPoint.h"
+ #include "mozilla/Maybe.h"
+ #include "mozilla/PodOperations.h"
++#include "mozilla/ReverseIterator.h"
+ 
+ #include <string.h>
+ 
+ #include "jsnum.h"
+ #include "jstypes.h"
+ #include "jsutil.h"
+ 
+ #include "ds/Nestable.h"
+@@ -9625,22 +9626,22 @@ BytecodeEmitter::copySrcNotes(jssrcnote*
+     unsigned mainCount = main.notes.length();
+     // nsrcnotes includes SN_MAKE_TERMINATOR in addition to main.notes.
+     MOZ_ASSERT(mainCount == nsrcnotes - 1);
+     PodCopy(destination, main.notes.begin(), mainCount);
+     SN_MAKE_TERMINATOR(&destination[mainCount]);
+ }
+ 
+ void
+-CGNumberList::finish(ConstArray* array)
+-{
+-    MOZ_ASSERT(length() == array->length);
++CGNumberList::finish(mozilla::Span<GCPtrValue> array)
++{
++    MOZ_ASSERT(length() == array.size());
+ 
+     for (unsigned i = 0; i < length(); i++) {
+-        array->vector[i] = DoubleValue(list[i]);
++        array[i].init(DoubleValue(list[i]));
+     }
+ }
+ 
+ /*
+  * Find the index of the given object for code generator.
+  *
+  * Since the emitter refers to each parsed object only once, for the index we
+  * use the number of already indexed objects. We also add the object to a list
+@@ -9652,42 +9653,41 @@ CGObjectList::add(ObjectBox* objbox)
+ {
+     MOZ_ASSERT(!objbox->emitLink);
+     objbox->emitLink = lastbox;
+     lastbox = objbox;
+     return length++;
+ }
+ 
+ void
+-CGObjectList::finish(ObjectArray* array)
++CGObjectList::finish(mozilla::Span<GCPtrObject> array)
+ {
+     MOZ_ASSERT(length <= INDEX_LIMIT);
+-    MOZ_ASSERT(length == array->length);
+-
+-    js::GCPtrObject* cursor = array->vector + array->length;
++    MOZ_ASSERT(length == array.size());
++
+     ObjectBox* objbox = lastbox;
+-    do {
+-        --cursor;
+-        MOZ_ASSERT(!*cursor);
++    for (GCPtrObject& obj : mozilla::Reversed(array)) {
++        MOZ_ASSERT(obj == nullptr);
+         MOZ_ASSERT(objbox->object->isTenured());
+         if (objbox->isFunctionBox()) {
+             objbox->asFunctionBox()->finish();
+         }
+-        *cursor = objbox->object;
+-    } while ((objbox = objbox->emitLink) != nullptr);
+-    MOZ_ASSERT(cursor == array->vector);
++        obj.init(objbox->object);
++        objbox = objbox->emitLink;
++    }
+ }
+ 
+ void
+-CGScopeList::finish(ScopeArray* array)
++CGScopeList::finish(mozilla::Span<GCPtrScope> array)
+ {
+     MOZ_ASSERT(length() <= INDEX_LIMIT);
+-    MOZ_ASSERT(length() == array->length);
++    MOZ_ASSERT(length() == array.size());
++
+     for (uint32_t i = 0; i < length(); i++) {
+-        array->vector[i].init(vector[i]);
++        array[i].init(vector[i]);
+     }
+ }
+ 
+ bool
+ CGTryNoteList::append(JSTryNoteKind kind, uint32_t stackDepth, size_t start, size_t end)
+ {
+     MOZ_ASSERT(start <= end);
+     MOZ_ASSERT(size_t(uint32_t(start)) == start);
+@@ -9698,22 +9698,22 @@ CGTryNoteList::append(JSTryNoteKind kind
+     note.stackDepth = stackDepth;
+     note.start = uint32_t(start);
+     note.length = uint32_t(end - start);
+ 
+     return list.append(note);
+ }
+ 
+ void
+-CGTryNoteList::finish(TryNoteArray* array)
+-{
+-    MOZ_ASSERT(length() == array->length);
++CGTryNoteList::finish(mozilla::Span<JSTryNote> array)
++{
++    MOZ_ASSERT(length() == array.size());
+ 
+     for (unsigned i = 0; i < length(); i++) {
+-        array->vector[i] = list[i];
++        array[i] = list[i];
+     }
+ }
+ 
+ bool
+ CGScopeNoteList::append(uint32_t scopeIndex, uint32_t offset, bool inPrologue,
+                         uint32_t parent)
+ {
+     CGScopeNote note;
+@@ -9732,37 +9732,37 @@ CGScopeNoteList::recordEnd(uint32_t inde
+ {
+     MOZ_ASSERT(index < length());
+     MOZ_ASSERT(list[index].length == 0);
+     list[index].end = offset;
+     list[index].endInPrologue = inPrologue;
+ }
+ 
+ void
+-CGScopeNoteList::finish(ScopeNoteArray* array, uint32_t prologueLength)
+-{
+-    MOZ_ASSERT(length() == array->length);
++CGScopeNoteList::finish(mozilla::Span<ScopeNote> array, uint32_t prologueLength)
++{
++    MOZ_ASSERT(length() == array.size());
+ 
+     for (unsigned i = 0; i < length(); i++) {
+         if (!list[i].startInPrologue) {
+             list[i].start += prologueLength;
+         }
+         if (!list[i].endInPrologue && list[i].end != UINT32_MAX) {
+             list[i].end += prologueLength;
+         }
+         MOZ_ASSERT(list[i].end >= list[i].start);
+         list[i].length = list[i].end - list[i].start;
+-        array->vector[i] = list[i];
++        array[i] = list[i];
+     }
+ }
+ 
+ void
+-CGYieldAndAwaitOffsetList::finish(YieldAndAwaitOffsetArray& array, uint32_t prologueLength)
+-{
+-    MOZ_ASSERT(length() == array.length());
++CGYieldAndAwaitOffsetList::finish(mozilla::Span<uint32_t> array, uint32_t prologueLength)
++{
++    MOZ_ASSERT(length() == array.size());
+ 
+     for (unsigned i = 0; i < length(); i++) {
+         array[i] = prologueLength + list[i];
+     }
+ }
+ 
+ const JSSrcNoteSpec js_SrcNoteSpec[] = {
+ #define DEFINE_SRC_NOTE_SPEC(sym, name, arity) { name, arity },
+diff --git a/js/src/frontend/BytecodeEmitter.h b/js/src/frontend/BytecodeEmitter.h
+--- a/js/src/frontend/BytecodeEmitter.h
++++ b/js/src/frontend/BytecodeEmitter.h
+@@ -5,16 +5,17 @@
+  * file, You can obtain one at http://mozilla.org/MPL/2.0/. */
+ 
+ /* JS bytecode generation. */
+ 
+ #ifndef frontend_BytecodeEmitter_h
+ #define frontend_BytecodeEmitter_h
+ 
+ #include "mozilla/Attributes.h"
++#include "mozilla/Span.h"
+ 
+ #include "ds/InlineTable.h"
+ #include "frontend/BCEParserHandle.h"
+ #include "frontend/EitherParser.h"
+ #include "frontend/JumpList.h"
+ #include "frontend/NameFunctions.h"
+ #include "frontend/SharedContext.h"
+ #include "frontend/SourceNotes.h"
+@@ -29,48 +30,48 @@ class CGNumberList {
+     Vector<double> list;
+ 
+   public:
+     explicit CGNumberList(JSContext* cx) : list(cx) {}
+     MOZ_MUST_USE bool append(double v) {
+         return list.append(v);
+     }
+     size_t length() const { return list.length(); }
+-    void finish(ConstArray* array);
++    void finish(mozilla::Span<GCPtrValue> array);
+ };
+ 
+ struct CGObjectList {
+     uint32_t            length;     /* number of emitted so far objects */
+     ObjectBox*          lastbox;   /* last emitted object */
+ 
+     CGObjectList() : length(0), lastbox(nullptr) {}
+ 
+     unsigned add(ObjectBox* objbox);
+-    void finish(ObjectArray* array);
++    void finish(mozilla::Span<GCPtrObject> array);
+ };
+ 
+ struct MOZ_STACK_CLASS CGScopeList {
+     Rooted<GCVector<Scope*>> vector;
+ 
+     explicit CGScopeList(JSContext* cx)
+       : vector(cx, GCVector<Scope*>(cx))
+     { }
+ 
+     bool append(Scope* scope) { return vector.append(scope); }
+     uint32_t length() const { return vector.length(); }
+-    void finish(ScopeArray* array);
++    void finish(mozilla::Span<GCPtrScope> array);
+ };
+ 
+ struct CGTryNoteList {
+     Vector<JSTryNote> list;
+     explicit CGTryNoteList(JSContext* cx) : list(cx) {}
+ 
+     MOZ_MUST_USE bool append(JSTryNoteKind kind, uint32_t stackDepth, size_t start, size_t end);
+     size_t length() const { return list.length(); }
+-    void finish(TryNoteArray* array);
++    void finish(mozilla::Span<JSTryNote> array);
+ };
+ 
+ struct CGScopeNote : public ScopeNote
+ {
+     // The end offset. Used to compute the length; may need adjusting first if
+     // in the prologue.
+     uint32_t end;
+ 
+@@ -84,28 +85,28 @@ struct CGScopeNote : public ScopeNote
+ struct CGScopeNoteList {
+     Vector<CGScopeNote> list;
+     explicit CGScopeNoteList(JSContext* cx) : list(cx) {}
+ 
+     MOZ_MUST_USE bool append(uint32_t scopeIndex, uint32_t offset, bool inPrologue,
+                              uint32_t parent);
+     void recordEnd(uint32_t index, uint32_t offset, bool inPrologue);
+     size_t length() const { return list.length(); }
+-    void finish(ScopeNoteArray* array, uint32_t prologueLength);
++    void finish(mozilla::Span<ScopeNote> array, uint32_t prologueLength);
+ };
+ 
+ struct CGYieldAndAwaitOffsetList {
+     Vector<uint32_t> list;
+     uint32_t numYields;
+     uint32_t numAwaits;
+     explicit CGYieldAndAwaitOffsetList(JSContext* cx) : list(cx), numYields(0), numAwaits(0) {}
+ 
+     MOZ_MUST_USE bool append(uint32_t offset) { return list.append(offset); }
+     size_t length() const { return list.length(); }
+-    void finish(YieldAndAwaitOffsetArray& array, uint32_t prologueLength);
++    void finish(mozilla::Span<uint32_t> array, uint32_t prologueLength);
+ };
+ 
+ // Have a few inline elements, so as to avoid heap allocation for tiny
+ // sequences.  See bug 1390526.
+ typedef Vector<jsbytecode, 64> BytecodeVector;
+ typedef Vector<jssrcnote, 64> SrcNotesVector;
+ 
+ // Used to control whether JSOP_CALL_IGNORES_RV is emitted for function calls.
+diff --git a/js/src/jit/BaselineBailouts.cpp b/js/src/jit/BaselineBailouts.cpp
+--- a/js/src/jit/BaselineBailouts.cpp
++++ b/js/src/jit/BaselineBailouts.cpp
+@@ -484,49 +484,48 @@ GetNextNonLoopEntryPc(jsbytecode* pc, js
+ 
+ static bool
+ HasLiveStackValueAtDepth(JSScript* script, jsbytecode* pc, uint32_t stackDepth)
+ {
+     if (!script->hasTrynotes()) {
+         return false;
+     }
+ 
+-    JSTryNote* tn = script->trynotes()->vector;
+-    JSTryNote* tnEnd = tn + script->trynotes()->length;
+     uint32_t pcOffset = uint32_t(pc - script->main());
+-    for (; tn != tnEnd; ++tn) {
+-        if (pcOffset < tn->start) {
++
++    for (const JSTryNote& tn : script->trynotes()) {
++        if (pcOffset < tn.start) {
+             continue;
+         }
+-        if (pcOffset >= tn->start + tn->length) {
++        if (pcOffset >= tn.start + tn.length) {
+             continue;
+         }
+ 
+-        switch (tn->kind) {
++        switch (tn.kind) {
+           case JSTRY_FOR_IN:
+             // For-in loops have only the iterator on stack.
+-            if (stackDepth == tn->stackDepth) {
++            if (stackDepth == tn.stackDepth) {
+                 return true;
+             }
+             break;
+ 
+           case JSTRY_FOR_OF:
+             // For-of loops have the iterator, its next method and the
+             // result.value on stack.
+             // The iterator is below the result.value, the next method below
+             // the iterator.
+-            if (stackDepth == tn->stackDepth - 1 || stackDepth == tn->stackDepth - 2) {
++            if (stackDepth == tn.stackDepth - 1 || stackDepth == tn.stackDepth - 2) {
+                 return true;
+             }
+             break;
+ 
+           case JSTRY_DESTRUCTURING_ITERCLOSE:
+             // Destructuring code that need to call IteratorClose have both
+             // the iterator and the "done" value on the stack.
+-            if (stackDepth == tn->stackDepth || stackDepth == tn->stackDepth - 1) {
++            if (stackDepth == tn.stackDepth || stackDepth == tn.stackDepth - 1) {
+                 return true;
+             }
+             break;
+ 
+           default:
+             break;
+         }
+     }
+diff --git a/js/src/jit/BytecodeAnalysis.cpp b/js/src/jit/BytecodeAnalysis.cpp
+--- a/js/src/jit/BytecodeAnalysis.cpp
++++ b/js/src/jit/BytecodeAnalysis.cpp
+@@ -112,24 +112,22 @@ BytecodeAnalysis::init(TempAllocator& al
+                     infos_[targetOffset].jumpTarget = true;
+                 }
+                 pc2 += JUMP_OFFSET_LEN;
+             }
+             break;
+           }
+ 
+           case JSOP_TRY: {
+-            JSTryNote* tn = script_->trynotes()->vector;
+-            JSTryNote* tnlimit = tn + script_->trynotes()->length;
+-            for (; tn < tnlimit; tn++) {
+-                unsigned startOffset = script_->mainOffset() + tn->start;
++            for (const JSTryNote& tn : script_->trynotes()) {
++                unsigned startOffset = script_->mainOffset() + tn.start;
+                 if (startOffset == offset + 1) {
+-                    unsigned catchOffset = startOffset + tn->length;
++                    unsigned catchOffset = startOffset + tn.length;
+ 
+-                    if (tn->kind != JSTRY_FOR_IN) {
++                    if (tn.kind != JSTRY_FOR_IN) {
+                         infos_[catchOffset].init(stackDepth);
+                         infos_[catchOffset].jumpTarget = true;
+                     }
+                 }
+             }
+ 
+             // Get the pc of the last instruction in the try block. It's a JSOP_GOTO to
+             // jump over the catch/finally blocks.
+diff --git a/js/src/jit/IonControlFlow.cpp b/js/src/jit/IonControlFlow.cpp
+--- a/js/src/jit/IonControlFlow.cpp
++++ b/js/src/jit/IonControlFlow.cpp
+@@ -559,20 +559,18 @@ ControlFlowGenerator::processLabelEnd(CF
+ 
+ ControlFlowGenerator::ControlStatus
+ ControlFlowGenerator::processTry()
+ {
+     MOZ_ASSERT(JSOp(*pc) == JSOP_TRY);
+ 
+     // Try-finally is not yet supported.
+     if (!checkedTryFinally_) {
+-        JSTryNote* tn = script->trynotes()->vector;
+-        JSTryNote* tnlimit = tn + script->trynotes()->length;
+-        for (; tn < tnlimit; tn++) {
+-            if (tn->kind == JSTRY_FINALLY) {
++        for (const JSTryNote& tn : script->trynotes()) {
++            if (tn.kind == JSTRY_FINALLY) {
+                 return ControlStatus::Abort;
+             }
+         }
+         checkedTryFinally_ = true;
+     }
+ 
+     jssrcnote* sn = GetSrcNote(gsn, script, pc);
+     MOZ_ASSERT(SN_TYPE(sn) == SRC_TRY);
+diff --git a/js/src/jit/JitFrames.cpp b/js/src/jit/JitFrames.cpp
+--- a/js/src/jit/JitFrames.cpp
++++ b/js/src/jit/JitFrames.cpp
+@@ -100,17 +100,17 @@ ReadFrameBooleanSlot(JitFrameLayout* fp,
+ static uint32_t
+ NumArgAndLocalSlots(const InlineFrameIterator& frame)
+ {
+     JSScript* script = frame.script();
+     return CountArgSlots(script, frame.maybeCalleeTemplate()) + script->nfixed();
+ }
+ 
+ static void
+-CloseLiveIteratorIon(JSContext* cx, const InlineFrameIterator& frame, JSTryNote* tn)
++CloseLiveIteratorIon(JSContext* cx, const InlineFrameIterator& frame, const JSTryNote* tn)
+ {
+     MOZ_ASSERT(tn->kind == JSTRY_FOR_IN ||
+                tn->kind == JSTRY_DESTRUCTURING_ITERCLOSE);
+ 
+     bool isDestructuring = tn->kind == JSTRY_DESTRUCTURING_ITERCLOSE;
+     MOZ_ASSERT_IF(!isDestructuring, tn->stackDepth > 0);
+     MOZ_ASSERT_IF(isDestructuring, tn->stackDepth > 1);
+ 
+@@ -218,17 +218,17 @@ HandleExceptionIon(JSContext* cx, const 
+     RootedScript script(cx, frame.script());
+     if (!script->hasTrynotes()) {
+         return;
+     }
+ 
+     bool inForOfIterClose = false;
+ 
+     for (TryNoteIterIon tni(cx, frame); !tni.done(); ++tni) {
+-        JSTryNote* tn = *tni;
++        const JSTryNote* tn = *tni;
+ 
+         switch (tn->kind) {
+           case JSTRY_FOR_IN:
+           case JSTRY_DESTRUCTURING_ITERCLOSE:
+             // See corresponding comment in ProcessTryNotes.
+             if (inForOfIterClose) {
+                 break;
+             }
+@@ -300,27 +300,27 @@ OnLeaveBaselineFrame(JSContext* cx, cons
+ static inline void
+ ForcedReturn(JSContext* cx, const JSJitFrameIter& frame, jsbytecode* pc,
+              ResumeFromException* rfe)
+ {
+     OnLeaveBaselineFrame(cx, frame, pc, rfe, true);
+ }
+ 
+ static inline void
+-BaselineFrameAndStackPointersFromTryNote(JSTryNote* tn, const JSJitFrameIter& frame,
++BaselineFrameAndStackPointersFromTryNote(const JSTryNote* tn, const JSJitFrameIter& frame,
+                                          uint8_t** framePointer, uint8_t** stackPointer)
+ {
+     JSScript* script = frame.baselineFrame()->script();
+     *framePointer = frame.fp() - BaselineFrame::FramePointerOffset;
+     *stackPointer = *framePointer - BaselineFrame::Size() -
+                     (script->nfixed() + tn->stackDepth) * sizeof(Value);
+ }
+ 
+ static void
+-SettleOnTryNote(JSContext* cx, JSTryNote* tn, const JSJitFrameIter& frame,
++SettleOnTryNote(JSContext* cx, const JSTryNote* tn, const JSJitFrameIter& frame,
+                 EnvironmentIter& ei, ResumeFromException* rfe, jsbytecode** pc)
+ {
+     RootedScript script(cx, frame.baselineFrame()->script());
+ 
+     // Unwind environment chain (pop block objects).
+     if (cx->isExceptionPending()) {
+         UnwindEnvironment(cx, ei, UnwindEnvironmentToTryPc(script, tn));
+     }
+@@ -371,17 +371,17 @@ class TryNoteIterBaseline : public TryNo
+ // Close all live iterators on a BaselineFrame due to exception unwinding. The
+ // pc parameter is updated to where the envs have been unwound to.
+ static void
+ CloseLiveIteratorsBaselineForUncatchableException(JSContext* cx, const JSJitFrameIter& frame,
+                                                   jsbytecode* pc)
+ {
+     bool inForOfIterClose = false;
+     for (TryNoteIterBaseline tni(cx, frame.baselineFrame(), pc); !tni.done(); ++tni) {
+-        JSTryNote* tn = *tni;
++        const JSTryNote* tn = *tni;
+         switch (tn->kind) {
+           case JSTRY_FOR_IN: {
+             // See corresponding comment in ProcessTryNotes.
+             if (inForOfIterClose) {
+                 break;
+             }
+ 
+             uint8_t* framePointer;
+@@ -410,17 +410,17 @@ CloseLiveIteratorsBaselineForUncatchable
+ static bool
+ ProcessTryNotesBaseline(JSContext* cx, const JSJitFrameIter& frame, EnvironmentIter& ei,
+                         ResumeFromException* rfe, jsbytecode** pc)
+ {
+     RootedScript script(cx, frame.baselineFrame()->script());
+     bool inForOfIterClose = false;
+ 
+     for (TryNoteIterBaseline tni(cx, frame.baselineFrame(), *pc); !tni.done(); ++tni) {
+-        JSTryNote* tn = *tni;
++        const JSTryNote* tn = *tni;
+ 
+         MOZ_ASSERT(cx->isExceptionPending());
+         switch (tn->kind) {
+           case JSTRY_CATCH: {
+             // If we're closing a legacy generator, we have to skip catch
+             // blocks.
+             if (cx->isClosingGenerator()) {
+                 break;
+diff --git a/js/src/shell/js.cpp b/js/src/shell/js.cpp
+--- a/js/src/shell/js.cpp
++++ b/js/src/shell/js.cpp
+@@ -3067,63 +3067,59 @@ TryNotes(JSContext* cx, HandleScript scr
+     if (!script->hasTrynotes()) {
+         return true;
+     }
+ 
+     if (!sp->put("\nException table:\nkind               stack    start      end\n")) {
+         return false;
+     }
+ 
+-    JSTryNote* tn = script->trynotes()->vector;
+-    JSTryNote* tnlimit = tn + script->trynotes()->length;
+-    do {
+-        uint32_t startOff = script->pcToOffset(script->main()) + tn->start;
++    for (const JSTryNote& tn : script->trynotes()) {
++        uint32_t startOff = script->pcToOffset(script->main()) + tn.start;
+         if (!sp->jsprintf(" %-16s %6u %8u %8u\n",
+-                          TryNoteName(static_cast<JSTryNoteKind>(tn->kind)),
+-                          tn->stackDepth, startOff, startOff + tn->length))
++                          TryNoteName(static_cast<JSTryNoteKind>(tn.kind)),
++                          tn.stackDepth, startOff, startOff + tn.length))
+         {
+             return false;
+         }
+-    } while (++tn != tnlimit);
++    }
+     return true;
+ }
+ 
+ static MOZ_MUST_USE bool
+ ScopeNotes(JSContext* cx, HandleScript script, Sprinter* sp)
+ {
+     if (!script->hasScopeNotes()) {
+         return true;
+     }
+ 
+     if (!sp->put("\nScope notes:\n   index   parent    start      end\n")) {
+         return false;
+     }
+ 
+-    ScopeNoteArray* notes = script->scopeNotes();
+-    for (uint32_t i = 0; i < notes->length; i++) {
+-        const ScopeNote* note = &notes->vector[i];
+-        if (note->index == ScopeNote::NoScopeIndex) {
++    for (const ScopeNote& note : script->scopeNotes()) {
++        if (note.index == ScopeNote::NoScopeIndex) {
+             if (!sp->jsprintf("%8s ", "(none)")) {
+                 return false;
+             }
+         } else {
+-            if (!sp->jsprintf("%8u ", note->index)) {
+-                return false;
+-            }
+-        }
+-        if (note->parent == ScopeNote::NoScopeIndex) {
++            if (!sp->jsprintf("%8u ", note.index)) {
++                return false;
++            }
++        }
++        if (note.parent == ScopeNote::NoScopeIndex) {
+             if (!sp->jsprintf("%8s ", "(none)")) {
+                 return false;
+             }
+         } else {
+-            if (!sp->jsprintf("%8u ", note->parent)) {
+-                return false;
+-            }
+-        }
+-        if (!sp->jsprintf("%8u %8u\n", note->start, note->start + note->length)) {
++            if (!sp->jsprintf("%8u ", note.parent)) {
++                return false;
++            }
++        }
++        if (!sp->jsprintf("%8u %8u\n", note.start, note.start + note.length)) {
+             return false;
+         }
+     }
+     return true;
+ }
+ 
+ static MOZ_MUST_USE bool
+ DisassembleScript(JSContext* cx, HandleScript script, HandleFunction fun,
+@@ -3184,19 +3180,17 @@ DisassembleScript(JSContext* cx, HandleS
+     if (!TryNotes(cx, script, sp)) {
+         return false;
+     }
+     if (!ScopeNotes(cx, script, sp)) {
+         return false;
+     }
+ 
+     if (recursive && script->hasObjects()) {
+-        ObjectArray* objects = script->objects();
+-        for (unsigned i = 0; i != objects->length; ++i) {
+-            JSObject* obj = objects->vector[i];
++        for (JSObject* obj : script->objects()) {
+             if (obj->is<JSFunction>()) {
+                 if (!sp->put("\n")) {
+                     return false;
+                 }
+ 
+                 RootedFunction fun(cx, &obj->as<JSFunction>());
+                 if (fun->isInterpreted()) {
+                     RootedScript script(cx, JSFunction::getOrCreateScript(cx, fun));
+diff --git a/js/src/vm/BytecodeUtil.cpp b/js/src/vm/BytecodeUtil.cpp
+--- a/js/src/vm/BytecodeUtil.cpp
++++ b/js/src/vm/BytecodeUtil.cpp
+@@ -8,16 +8,17 @@
+  * JS bytecode descriptors, disassemblers, and (expression) decompilers.
+  */
+ 
+ #include "vm/BytecodeUtil-inl.h"
+ 
+ #define __STDC_FORMAT_MACROS
+ 
+ #include "mozilla/Attributes.h"
++#include "mozilla/ReverseIterator.h"
+ #include "mozilla/Sprintf.h"
+ #include "mozilla/Vector.h"
+ 
+ #include <algorithm>
+ #include <ctype.h>
+ #include <inttypes.h>
+ #include <stdio.h>
+ #include <string.h>
+@@ -940,29 +941,27 @@ BytecodeParser::parse()
+             break;
+           }
+ 
+           case JSOP_TRY: {
+             // Everything between a try and corresponding catch or finally is conditional.
+             // Note that there is no problem with code which is skipped by a thrown
+             // exception but is not caught by a later handler in the same function:
+             // no more code will execute, and it does not matter what is defined.
+-            JSTryNote* tn = script_->trynotes()->vector;
+-            JSTryNote* tnlimit = tn + script_->trynotes()->length;
+-            for (; tn < tnlimit; tn++) {
+-                uint32_t startOffset = script_->mainOffset() + tn->start;
++            for (const JSTryNote& tn : script_->trynotes()) {
++                uint32_t startOffset = script_->mainOffset() + tn.start;
+                 if (startOffset == offset + 1) {
+-                    uint32_t catchOffset = startOffset + tn->length;
+-                    if (tn->kind == JSTRY_CATCH) {
++                    uint32_t catchOffset = startOffset + tn.length;
++                    if (tn.kind == JSTRY_CATCH) {
+                         if (!addJump(catchOffset, &nextOffset, stackDepth, offsetStack,
+                                      pc, JumpKind::TryCatch))
+                         {
+                             return false;
+                         }
+-                    } else if (tn->kind == JSTRY_FINALLY) {
++                    } else if (tn.kind == JSTRY_FINALLY) {
+                         if (!addJump(catchOffset, &nextOffset, stackDepth, offsetStack,
+                                      pc, JumpKind::TryFinally))
+                         {
+                             return false;
+                         }
+                     }
+                 }
+             }
+@@ -1450,25 +1449,22 @@ Disassemble1(JSContext* cx, HandleScript
+     int i;
+     switch (JOF_TYPE(cs->format)) {
+       case JOF_BYTE:
+           // Scan the trynotes to find the associated catch block
+           // and make the try opcode look like a jump instruction
+           // with an offset. This simplifies code coverage analysis
+           // based on this disassembled output.
+           if (op == JSOP_TRY) {
+-              TryNoteArray* trynotes = script->trynotes();
+-              uint32_t i;
+               size_t mainOffset = script->mainOffset();
+-              for(i = 0; i < trynotes->length; i++) {
+-                  JSTryNote note = trynotes->vector[i];
+-                  if (note.kind == JSTRY_CATCH && note.start + mainOffset == loc + 1) {
++              for (const JSTryNote& tn : script->trynotes()) {
++                  if (tn.kind == JSTRY_CATCH && tn.start + mainOffset == loc + 1) {
+                       if (!sp->jsprintf(" %u (%+d)",
+-                                        unsigned(loc + note.length + 1),
+-                                        int(note.length + 1)))
++                                        unsigned(loc + tn.length + 1),
++                                        int(tn.length + 1)))
+                       {
+                           return 0;
+                       }
+                       break;
+                   }
+               }
+           }
+         break;
+@@ -3115,20 +3111,18 @@ GenerateLcovInfo(JSContext* cx, JS::Real
+ 
+             // Iterate from the last to the first object in order to have
+             // the functions them visited in the opposite order when popping
+             // elements from the stack of remaining scripts, such that the
+             // functions are more-less listed with increasing line numbers.
+             if (!script->hasObjects()) {
+                 continue;
+             }
+-            size_t idx = script->objects()->length;
+-            while (idx--) {
+-                JSObject* obj = script->getObject(idx);
+-
++            auto objects = script->objects();
++            for (JSObject* obj : mozilla::Reversed(objects)) {
+                 // Only continue on JSFunction objects.
+                 if (!obj->is<JSFunction>()) {
+                     continue;
+                 }
+                 fun = &obj->as<JSFunction>();
+ 
+                 // Let's skip wasm for now.
+                 if (!fun->isInterpreted()) {
+diff --git a/js/src/vm/Debugger.cpp b/js/src/vm/Debugger.cpp
+--- a/js/src/vm/Debugger.cpp
++++ b/js/src/vm/Debugger.cpp
+@@ -6233,22 +6233,20 @@ DebuggerScript_getChildScripts(JSContext
+     if (!result) {
+         return false;
+     }
+     if (script->hasObjects()) {
+         // script->savedCallerFun indicates that this is a direct eval script
+         // and the calling function is stored as script->objects()->vector[0].
+         // It is not really a child script of this script, so skip it using
+         // innerObjectsStart().
+-        ObjectArray* objects = script->objects();
+         RootedFunction fun(cx);
+         RootedScript funScript(cx);
+-        RootedObject obj(cx), s(cx);
+-        for (uint32_t i = 0; i < objects->length; i++) {
+-            obj = objects->vector[i];
++        RootedObject s(cx);
++        for (const GCPtrObject& obj : script->objects()) {
+             if (obj->is<JSFunction>()) {
+                 fun = &obj->as<JSFunction>();
+                 // The inner function could be a wasm native.
+                 if (fun->isNative()) {
+                     continue;
+                 }
+                 funScript = GetOrCreateFunctionScript(cx, fun);
+                 if (!funScript) {
+@@ -6424,23 +6422,21 @@ class FlowGraphSummary {
+                     pc += step;
+                 }
+             } else if (op == JSOP_TRY) {
+                 // As there is no literal incoming edge into the catch block, we
+                 // make a fake one by copying the JSOP_TRY location, as-if this
+                 // was an incoming edge of the catch block. This is needed
+                 // because we only report offsets of entry points which have
+                 // valid incoming edges.
+-                JSTryNote* tn = script->trynotes()->vector;
+-                JSTryNote* tnlimit = tn + script->trynotes()->length;
+-                for (; tn < tnlimit; tn++) {
+-                    uint32_t startOffset = script->mainOffset() + tn->start;
++                for (const JSTryNote& tn : script->trynotes()) {
++                    uint32_t startOffset = script->mainOffset() + tn.start;
+                     if (startOffset == r.frontOffset() + 1) {
+-                        uint32_t catchOffset = startOffset + tn->length;
+-                        if (tn->kind == JSTRY_CATCH || tn->kind == JSTRY_FINALLY) {
++                        uint32_t catchOffset = startOffset + tn.length;
++                        if (tn.kind == JSTRY_CATCH || tn.kind == JSTRY_FINALLY) {
+                             addEdge(lineno, column, catchOffset);
+                         }
+                     }
+                 }
+             }
+ 
+             prevLineno = lineno;
+             prevColumn = column;
+@@ -7450,27 +7446,24 @@ class DebuggerScriptIsInCatchScopeMatche
+             return false;
+         }
+ 
+         // Try note ranges are relative to the mainOffset of the script, so adjust
+         // offset accordingly.
+         size_t offset = offset_ - script->mainOffset();
+ 
+         if (script->hasTrynotes()) {
+-            JSTryNote* tnBegin = script->trynotes()->vector;
+-            JSTryNote* tnEnd = tnBegin + script->trynotes()->length;
+-            while (tnBegin != tnEnd) {
+-                if (tnBegin->start <= offset &&
+-                    offset <= tnBegin->start + tnBegin->length &&
+-                    tnBegin->kind == JSTRY_CATCH)
++            for (const JSTryNote& tn : script->trynotes()) {
++                if (tn.start <= offset &&
++                    offset <= tn.start + tn.length &&
++                    tn.kind == JSTRY_CATCH)
+                 {
+                     isInCatch_ = true;
+                     return true;
+                 }
+-                ++tnBegin;
+             }
+         }
+         isInCatch_ = false;
+         return true;
+     }
+     ReturnType match(Handle<LazyScript*> lazyScript) {
+         RootedScript script(cx_, DelazifyScript(cx_, lazyScript));
+         if (!script) {
+diff --git a/js/src/vm/EnvironmentObject.cpp b/js/src/vm/EnvironmentObject.cpp
+--- a/js/src/vm/EnvironmentObject.cpp
++++ b/js/src/vm/EnvironmentObject.cpp
+@@ -3907,21 +3907,19 @@ RemoveReferencedNames(JSContext* cx, Han
+         }
+ 
+         if (name) {
+             remainingNames.remove(name);
+         }
+     }
+ 
+     if (script->hasObjects()) {
+-        ObjectArray* objects = script->objects();
+         RootedFunction fun(cx);
+         RootedScript innerScript(cx);
+-        for (size_t i = 0; i < objects->length; i++) {
+-            JSObject* obj = objects->vector[i];
++        for (JSObject* obj : script->objects()) {
+             if (obj->is<JSFunction>() && obj->as<JSFunction>().isInterpreted()) {
+                 fun = &obj->as<JSFunction>();
+                 innerScript = JSFunction::getOrCreateScript(cx, fun);
+                 if (!innerScript) {
+                     return false;
+                 }
+ 
+                 if (!RemoveReferencedNames(cx, innerScript, remainingNames)) {
+@@ -3979,21 +3977,19 @@ AnalyzeEntrainedVariablesInScript(JSCont
+             buf.printf(" ");
+             buf.putString(r.front());
+         }
+ 
+         printf("%s\n", buf.string());
+     }
+ 
+     if (innerScript->hasObjects()) {
+-        ObjectArray* objects = innerScript->objects();
+         RootedFunction fun(cx);
+         RootedScript innerInnerScript(cx);
+-        for (size_t i = 0; i < objects->length; i++) {
+-            JSObject* obj = objects->vector[i];
++        for (JSObject* obj : script->objects()) {
+             if (obj->is<JSFunction>() && obj->as<JSFunction>().isInterpreted()) {
+                 fun = &obj->as<JSFunction>();
+                 innerInnerScript = JSFunction::getOrCreateScript(cx, fun);
+                 if (!innerInnerScript ||
+                     !AnalyzeEntrainedVariablesInScript(cx, script, innerInnerScript))
+                 {
+                     return false;
+                 }
+@@ -4017,21 +4013,19 @@ AnalyzeEntrainedVariablesInScript(JSCont
+ // |bar| unnecessarily entrains |b|, and |baz| unnecessarily entrains |a|.
+ bool
+ js::AnalyzeEntrainedVariables(JSContext* cx, HandleScript script)
+ {
+     if (!script->hasObjects()) {
+         return true;
+     }
+ 
+-    ObjectArray* objects = script->objects();
+     RootedFunction fun(cx);
+     RootedScript innerScript(cx);
+-    for (size_t i = 0; i < objects->length; i++) {
+-        JSObject* obj = objects->vector[i];
++    for (JSObject* obj : script->objects()) {
+         if (obj->is<JSFunction>() && obj->as<JSFunction>().isInterpreted()) {
+             fun = &obj->as<JSFunction>();
+             innerScript = JSFunction::getOrCreateScript(cx, fun);
+             if (!innerScript) {
+                 return false;
+             }
+ 
+             if (script->functionDelazifying() && script->functionDelazifying()->needsCallObject()) {
+diff --git a/js/src/vm/Interpreter.cpp b/js/src/vm/Interpreter.cpp
+--- a/js/src/vm/Interpreter.cpp
++++ b/js/src/vm/Interpreter.cpp
+@@ -1298,17 +1298,17 @@ js::UnwindAllEnvironmentsInFrame(JSConte
+ // block. We cannot unwind to *after* the JSOP_TRY, because that might be the
+ // first opcode of an inner scope, with the same problem as above. e.g.,
+ //
+ // try { { let x; } }
+ //
+ // will have no pc location distinguishing the try block scope from the inner
+ // let block scope.
+ jsbytecode*
+-js::UnwindEnvironmentToTryPc(JSScript* script, JSTryNote* tn)
++js::UnwindEnvironmentToTryPc(JSScript* script, const JSTryNote* tn)
+ {
+     jsbytecode* pc = script->main() + tn->start;
+     if (tn->kind == JSTRY_CATCH || tn->kind == JSTRY_FINALLY) {
+         pc -= JSOP_TRY_LENGTH;
+         MOZ_ASSERT(*pc == JSOP_TRY);
+     } else if (tn->kind == JSTRY_DESTRUCTURING_ITERCLOSE) {
+         pc -= JSOP_TRY_DESTRUCTURING_ITERCLOSE_LENGTH;
+         MOZ_ASSERT(*pc == JSOP_TRY_DESTRUCTURING_ITERCLOSE);
+@@ -1322,17 +1322,17 @@ ForcedReturn(JSContext* cx, InterpreterR
+     bool ok = Debugger::onLeaveFrame(cx, regs.fp(), regs.pc, true);
+     // Point the frame to the end of the script, regardless of error. The
+     // caller must jump to the correct continuation depending on 'ok'.
+     regs.setToEndOfScript();
+     return ok;
+ }
+ 
+ static void
+-SettleOnTryNote(JSContext* cx, JSTryNote* tn, EnvironmentIter& ei, InterpreterRegs& regs)
++SettleOnTryNote(JSContext* cx, const JSTryNote* tn, EnvironmentIter& ei, InterpreterRegs& regs)
+ {
+     // Unwind the environment to the beginning of the JSOP_TRY.
+     UnwindEnvironment(cx, ei, UnwindEnvironmentToTryPc(regs.fp()->script(), tn));
+ 
+     // Set pc to the first bytecode after the the try note to point
+     // to the beginning of catch or finally.
+     regs.pc = regs.fp()->script()->main() + tn->start + tn->length;
+     regs.sp = regs.spForStackDepth(tn->stackDepth);
+@@ -1358,17 +1358,17 @@ class TryNoteIterInterpreter : public Tr
+ 
+ static void
+ UnwindIteratorsForUncatchableException(JSContext* cx, const InterpreterRegs& regs)
+ {
+     // c.f. the regular (catchable) TryNoteIterInterpreter loop in
+     // ProcessTryNotes.
+     bool inForOfIterClose = false;
+     for (TryNoteIterInterpreter tni(cx, regs); !tni.done(); ++tni) {
+-        JSTryNote* tn = *tni;
++        const JSTryNote* tn = *tni;
+         switch (tn->kind) {
+           case JSTRY_FOR_IN: {
+             // See corresponding comment in ProcessTryNotes.
+             if (inForOfIterClose) {
+                 break;
+             }
+ 
+             Value* sp = regs.spForStackDepth(tn->stackDepth);
+@@ -1398,17 +1398,17 @@ enum HandleErrorContinuation
+     FinallyContinuation
+ };
+ 
+ static HandleErrorContinuation
+ ProcessTryNotes(JSContext* cx, EnvironmentIter& ei, InterpreterRegs& regs)
+ {
+     bool inForOfIterClose = false;
+     for (TryNoteIterInterpreter tni(cx, regs); !tni.done(); ++tni) {
+-        JSTryNote* tn = *tni;
++        const JSTryNote* tn = *tni;
+ 
+         switch (tn->kind) {
+           case JSTRY_CATCH:
+             /* Catch cannot intercept the closing of a generator. */
+             if (cx->isClosingGenerator()) {
+                 break;
+             }
+ 
+diff --git a/js/src/vm/Interpreter.h b/js/src/vm/Interpreter.h
+--- a/js/src/vm/Interpreter.h
++++ b/js/src/vm/Interpreter.h
+@@ -340,27 +340,28 @@ UnwindEnvironment(JSContext* cx, Environ
+ 
+ // Unwind all environments.
+ extern void
+ UnwindAllEnvironmentsInFrame(JSContext* cx, EnvironmentIter& ei);
+ 
+ // Compute the pc needed to unwind the scope to the beginning of the block
+ // pointed to by the try note.
+ extern jsbytecode*
+-UnwindEnvironmentToTryPc(JSScript* script, JSTryNote* tn);
++UnwindEnvironmentToTryPc(JSScript* script, const JSTryNote* tn);
+ 
+ template <class StackDepthOp>
+ class MOZ_STACK_CLASS TryNoteIter
+ {
+     RootedScript script_;
+     uint32_t pcOffset_;
+-    JSTryNote* tn_;
+-    JSTryNote* tnEnd_;
+     StackDepthOp getStackDepth_;
+ 
++    const JSTryNote* tn_;
++    const JSTryNote* tnEnd_;
++
+     void settle() {
+         for (; tn_ != tnEnd_; ++tn_) {
+             /* If pc is out of range, try the next one. */
+             if (pcOffset_ - tn_->start >= tn_->length) {
+                 continue;
+             }
+ 
+             /*
+@@ -391,31 +392,34 @@ class MOZ_STACK_CLASS TryNoteIter
+   public:
+     TryNoteIter(JSContext* cx, JSScript* script, jsbytecode* pc,
+                 StackDepthOp getStackDepth)
+       : script_(cx, script),
+         pcOffset_(pc - script->main()),
+         getStackDepth_(getStackDepth)
+     {
+         if (script->hasTrynotes()) {
+-            tn_ = script->trynotes()->vector;
+-            tnEnd_ = tn_ + script->trynotes()->length;
++            // NOTE: The Span is a temporary so we can't use begin()/end()
++            // here or the iterator will outlive the span.
++            auto trynotes = script->trynotes();
++            tn_ = trynotes.data();
++            tnEnd_ = tn_ + trynotes.size();
+         } else {
+             tn_ = tnEnd_ = nullptr;
+         }
+         settle();
+     }
+ 
+     void operator++() {
+         ++tn_;
+         settle();
+     }
+ 
+     bool done() const { return tn_ == tnEnd_; }
+-    JSTryNote* operator*() const { return tn_; }
++    const JSTryNote* operator*() const { return tn_; }
+ };
+ 
+ bool
+ HandleClosingGeneratorReturn(JSContext* cx, AbstractFramePtr frame, bool ok);
+ 
+ /************************************************************************/
+ 
+ bool
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -299,21 +299,20 @@ XDRRelazificationInfo(XDRState<mode>* xd
+     // have any.
+ 
+     return Ok();
+ }
+ 
+ static inline uint32_t
+ FindScopeIndex(JSScript* script, Scope& scope)
+ {
+-    ScopeArray* scopes = script->scopes();
+-    GCPtrScope* vector = scopes->vector;
+-    unsigned length = scopes->length;
++    auto scopes = script->scopes();
++    unsigned length = scopes.size();
+     for (uint32_t i = 0; i < length; ++i) {
+-        if (vector[i] == &scope) {
++        if (scopes[i] == &scope) {
+             return i;
+         }
+     }
+ 
+     MOZ_CRASH("Scope not found");
+ }
+ 
+ enum XDRClassKind {
+@@ -353,17 +352,17 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         HasNonSyntacticScope,
+         HasInnerFunctions,
+         NeedsHomeObject,
+         IsDerivedClassConstructor,
+         IsDefaultClassConstructor,
+     };
+ 
+     uint32_t length, lineno, column, nfixed, nslots;
+-    uint32_t natoms, nsrcnotes, i;
++    uint32_t natoms, nsrcnotes;
+     uint32_t nconsts, nobjects, nscopes, nregexps, ntrynotes, nscopenotes, nyieldoffsets;
+     uint32_t prologueLength;
+     uint32_t funLength = 0;
+     uint32_t nTypeSets = 0;
+     uint32_t scriptBits = 0;
+     uint32_t bodyScopeIndex = 0;
+ 
+     JSContext* cx = xdr->cx();
+@@ -403,30 +402,30 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         nslots = script->nslots();
+ 
+         bodyScopeIndex = script->bodyScopeIndex();
+         natoms = script->natoms();
+ 
+         nsrcnotes = script->numNotes();
+ 
+         if (script->hasConsts()) {
+-            nconsts = script->consts()->length;
++            nconsts = script->consts().size();
+         }
+         if (script->hasObjects()) {
+-            nobjects = script->objects()->length;
++            nobjects = script->objects().size();
+         }
+-        nscopes = script->scopes()->length;
++        nscopes = script->scopes().size();
+         if (script->hasTrynotes()) {
+-            ntrynotes = script->trynotes()->length;
++            ntrynotes = script->trynotes().size();
+         }
+         if (script->hasScopeNotes()) {
+-            nscopenotes = script->scopeNotes()->length;
++            nscopenotes = script->scopeNotes().size();
+         }
+         if (script->hasYieldAndAwaitOffsets()) {
+-            nyieldoffsets = script->yieldAndAwaitOffsets().length();
++            nyieldoffsets = script->yieldAndAwaitOffsets().size();
+         }
+ 
+         nTypeSets = script->nTypeSets();
+         funLength = script->funLength();
+ 
+         if (script->noScriptRval()) {
+             scriptBits |= (1 << NoScriptRval);
+         }
+@@ -699,17 +698,17 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+             script->freeScriptData();
+         }
+     });
+ 
+     jsbytecode* code = script->code();
+     MOZ_TRY(xdr->codeBytes(code, length));
+     MOZ_TRY(xdr->codeBytes(code + length, nsrcnotes));
+ 
+-    for (i = 0; i != natoms; ++i) {
++    for (uint32_t i = 0; i != natoms; ++i) {
+         if (mode == XDR_DECODE) {
+             RootedAtom tmp(cx);
+             MOZ_TRY(XDRAtom(xdr, &tmp));
+             script->atoms()[i].init(tmp);
+         } else {
+             RootedAtom tmp(cx, script->atoms()[i]);
+             MOZ_TRY(XDRAtom(xdr, &tmp));
+         }
+@@ -718,37 +717,36 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+     scriptDataGuard.release();
+     if (mode == XDR_DECODE) {
+         if (!script->shareScriptData(cx)) {
+             return xdr->fail(JS::TranscodeResult_Throw);
+         }
+     }
+ 
+     if (nconsts) {
+-        GCPtrValue* vector = script->consts()->vector;
+         RootedValue val(cx);
+-        for (i = 0; i != nconsts; ++i) {
++        for (GCPtrValue& elem : script->consts()) {
+             if (mode == XDR_ENCODE) {
+-                val = vector[i];
++                val = elem.get();
+             }
+             MOZ_TRY(XDRScriptConst(xdr, &val));
+             if (mode == XDR_DECODE) {
+-                vector[i].init(val);
++                elem.init(val);
+             }
+         }
+     }
+ 
+     {
+         MOZ_ASSERT(nscopes != 0);
+-        GCPtrScope* vector = script->scopes()->vector;
++        GCPtrScope* vector = script->scopes().data();
+         RootedScope scope(cx);
+         RootedScope enclosing(cx);
+         ScopeKind scopeKind;
+         uint32_t enclosingScopeIndex = 0;
+-        for (i = 0; i != nscopes; ++i) {
++        for (uint32_t i = 0; i != nscopes; ++i) {
+             if (mode == XDR_ENCODE) {
+                 scope = vector[i];
+                 scopeKind = scope->kind();
+             } else {
+                 scope = nullptr;
+             }
+ 
+             MOZ_TRY(xdr->codeEnum32(&scopeKind));
+@@ -829,128 +827,133 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         MOZ_TRY(xdr->codeMarker(0x48922BAB));
+     }
+ 
+     /*
+      * Here looping from 0-to-length to xdr objects is essential to ensure that
+      * all references to enclosing blocks (via FindScopeIndex below) happen
+      * after the enclosing block has been XDR'd.
+      */
+-    for (i = 0; i != nobjects; ++i) {
+-        GCPtrObject* objp = &script->objects()->vector[i];
+-        XDRClassKind classk;
+-
+-        if (mode == XDR_ENCODE) {
+-            JSObject* obj = *objp;
+-            if (obj->is<RegExpObject>()) {
+-                classk = CK_RegexpObject;
+-            } else if (obj->is<JSFunction>()) {
+-                classk = CK_JSFunction;
+-            } else if (obj->is<PlainObject>() || obj->is<ArrayObject>()) {
+-                classk = CK_JSObject;
+-            } else {
+-                MOZ_CRASH("Cannot encode this class of object.");
+-            }
+-        }
+-
+-        MOZ_TRY(xdr->codeEnum32(&classk));
+-
+-        switch (classk) {
+-          case CK_RegexpObject: {
+-            Rooted<RegExpObject*> regexp(cx);
+-            if (mode == XDR_ENCODE) {
+-                regexp = &(*objp)->as<RegExpObject>();
+-            }
+-            MOZ_TRY(XDRScriptRegExpObject(xdr, &regexp));
+-            if (mode == XDR_DECODE) {
+-                *objp = regexp;
+-            }
+-            break;
+-          }
+-
+-          case CK_JSFunction: {
+-            /* Code the nested function's enclosing scope. */
+-            uint32_t funEnclosingScopeIndex = 0;
+-            RootedScope funEnclosingScope(cx);
++    if (nobjects) {
++        for (GCPtrObject& elem : script->objects()) {
++            XDRClassKind classk;
++
+             if (mode == XDR_ENCODE) {
+-                RootedFunction function(cx, &(*objp)->as<JSFunction>());
+-
+-                if (function->isInterpretedLazy()) {
+-                    funEnclosingScope = function->lazyScript()->enclosingScope();
+-                } else if (function->isInterpreted()) {
+-                    funEnclosingScope = function->nonLazyScript()->enclosingScope();
++                JSObject* obj = elem.get();
++                if (obj->is<RegExpObject>()) {
++                    classk = CK_RegexpObject;
++                } else if (obj->is<JSFunction>()) {
++                    classk = CK_JSFunction;
++                } else if (obj->is<PlainObject>() || obj->is<ArrayObject>()) {
++                    classk = CK_JSObject;
+                 } else {
+-                    MOZ_ASSERT(function->isAsmJSNative());
+-                    return xdr->fail(JS::TranscodeResult_Failure_AsmJSNotSupported);
++                    MOZ_CRASH("Cannot encode this class of object.");
+                 }
+-
+-                funEnclosingScopeIndex = FindScopeIndex(script, *funEnclosingScope);
+-            }
+-
+-            MOZ_TRY(xdr->codeUint32(&funEnclosingScopeIndex));
+-
+-            if (mode == XDR_DECODE) {
+-                MOZ_ASSERT(funEnclosingScopeIndex < script->scopes()->length);
+-                funEnclosingScope = script->scopes()->vector[funEnclosingScopeIndex];
+             }
+ 
+-            // Code nested function and script.
+-            RootedFunction tmp(cx);
+-            if (mode == XDR_ENCODE) {
+-                tmp = &(*objp)->as<JSFunction>();
++            MOZ_TRY(xdr->codeEnum32(&classk));
++
++            switch (classk) {
++              case CK_RegexpObject: {
++                Rooted<RegExpObject*> regexp(cx);
++                if (mode == XDR_ENCODE) {
++                    regexp = &elem->as<RegExpObject>();
++                }
++                MOZ_TRY(XDRScriptRegExpObject(xdr, &regexp));
++                if (mode == XDR_DECODE) {
++                    elem.init(regexp);
++                }
++                break;
++              }
++
++              case CK_JSFunction: {
++                /* Code the nested function's enclosing scope. */
++                uint32_t funEnclosingScopeIndex = 0;
++                RootedScope funEnclosingScope(cx);
++                if (mode == XDR_ENCODE) {
++                    RootedFunction function(cx, &elem->as<JSFunction>());
++
++                    if (function->isInterpretedLazy()) {
++                        funEnclosingScope = function->lazyScript()->enclosingScope();
++                    } else if (function->isInterpreted()) {
++                        funEnclosingScope = function->nonLazyScript()->enclosingScope();
++                    } else {
++                        MOZ_ASSERT(function->isAsmJSNative());
++                        return xdr->fail(JS::TranscodeResult_Failure_AsmJSNotSupported);
++                    }
++
++                    funEnclosingScopeIndex = FindScopeIndex(script, *funEnclosingScope);
++                }
++
++                MOZ_TRY(xdr->codeUint32(&funEnclosingScopeIndex));
++
++                if (mode == XDR_DECODE) {
++                    funEnclosingScope = script->getScope(funEnclosingScopeIndex);
++                }
++
++                // Code nested function and script.
++                RootedFunction tmp(cx);
++                if (mode == XDR_ENCODE) {
++                    tmp = &elem->as<JSFunction>();
++                }
++                MOZ_TRY(XDRInterpretedFunction(xdr, funEnclosingScope, sourceObject, &tmp));
++                if (mode == XDR_DECODE) {
++                    elem.init(tmp);
++                }
++                break;
++              }
++
++              case CK_JSObject: {
++                /* Code object literal. */
++                RootedObject tmp(cx);
++                if (mode == XDR_ENCODE) {
++                    tmp = elem.get();
++                }
++                MOZ_TRY(XDRObjectLiteral(xdr, &tmp));
++                if (mode == XDR_DECODE) {
++                    elem.init(tmp);
++                }
++                break;
++              }
++
++              default: {
++                // Fail in debug, but only soft-fail in release
++                MOZ_ASSERT(false, "Bad XDR class kind");
++                return xdr->fail(JS::TranscodeResult_Failure_BadDecode);
++              }
+             }
+-            MOZ_TRY(XDRInterpretedFunction(xdr, funEnclosingScope, sourceObject, &tmp));
+-            *objp = tmp;
+-            break;
+-          }
+-
+-          case CK_JSObject: {
+-            /* Code object literal. */
+-            RootedObject tmp(cx, *objp);
+-            MOZ_TRY(XDRObjectLiteral(xdr, &tmp));
+-            *objp = tmp;
+-            break;
+-          }
+-
+-          default: {
+-            // Fail in debug, but only soft-fail in release
+-            MOZ_ASSERT(false, "Bad XDR class kind");
+-            return xdr->fail(JS::TranscodeResult_Failure_BadDecode);
+-          }
+         }
+     }
+ 
+     // Verify marker to detect data corruption after decoding object data. A
+     // mismatch here indicates we will almost certainly crash in release.
+     MOZ_TRY(xdr->codeMarker(0xF83B989A));
+ 
+-    if (ntrynotes != 0) {
+-        JSTryNote* tnfirst = script->trynotes()->vector;
+-        MOZ_ASSERT(script->trynotes()->length == ntrynotes);
+-        JSTryNote* tn = tnfirst + ntrynotes;
+-        do {
+-            --tn;
+-            MOZ_TRY(xdr->codeUint8(&tn->kind));
+-            MOZ_TRY(xdr->codeUint32(&tn->stackDepth));
+-            MOZ_TRY(xdr->codeUint32(&tn->start));
+-            MOZ_TRY(xdr->codeUint32(&tn->length));
+-        } while (tn != tnfirst);
+-    }
+-
+-    for (i = 0; i < nscopenotes; ++i) {
+-        ScopeNote* note = &script->scopeNotes()->vector[i];
+-        MOZ_TRY(xdr->codeUint32(&note->index));
+-        MOZ_TRY(xdr->codeUint32(&note->start));
+-        MOZ_TRY(xdr->codeUint32(&note->length));
+-        MOZ_TRY(xdr->codeUint32(&note->parent));
+-    }
+-
+-    for (i = 0; i < nyieldoffsets; ++i) {
+-        uint32_t* offset = &script->yieldAndAwaitOffsets()[i];
+-        MOZ_TRY(xdr->codeUint32(offset));
++    if (ntrynotes) {
++        for (JSTryNote& elem : script->trynotes()) {
++            MOZ_TRY(xdr->codeUint8(&elem.kind));
++            MOZ_TRY(xdr->codeUint32(&elem.stackDepth));
++            MOZ_TRY(xdr->codeUint32(&elem.start));
++            MOZ_TRY(xdr->codeUint32(&elem.length));
++        }
++    }
++
++    if (nscopenotes) {
++        for (ScopeNote& elem : script->scopeNotes()) {
++            MOZ_TRY(xdr->codeUint32(&elem.index));
++            MOZ_TRY(xdr->codeUint32(&elem.start));
++            MOZ_TRY(xdr->codeUint32(&elem.length));
++            MOZ_TRY(xdr->codeUint32(&elem.parent));
++        }
++    }
++
++    if (nyieldoffsets) {
++        for (uint32_t& elem : script->yieldAndAwaitOffsets()) {
++            MOZ_TRY(xdr->codeUint32(&elem));
++        }
+     }
+ 
+     if (scriptBits & (1 << HasLazyScript)) {
+         Rooted<LazyScript*> lazy(cx);
+         if (mode == XDR_ENCODE) {
+             lazy = script->maybeLazyScript();
+         }
+ 
+@@ -2962,54 +2965,54 @@ JSScript::partiallyInit(JSContext* cx, H
+     YieldAndAwaitOffsetArray* yieldAndAwaitOffsets = nullptr;
+     if (nyieldoffsets != 0) {
+         yieldAndAwaitOffsets = reinterpret_cast<YieldAndAwaitOffsetArray*>(cursor);
+         cursor += sizeof(YieldAndAwaitOffsetArray);
+     }
+ 
+     if (nconsts != 0) {
+         MOZ_ASSERT(reinterpret_cast<uintptr_t>(cursor) % sizeof(JS::Value) == 0);
+-        script->consts()->length = nconsts;
+-        script->consts()->vector = (GCPtrValue*)cursor;
+-        cursor += nconsts * sizeof(script->consts()->vector[0]);
+-    }
+-
+-    script->scopes()->length = nscopes;
+-    script->scopes()->vector = (GCPtrScope*)cursor;
+-    cursor += nscopes * sizeof(script->scopes()->vector[0]);
++        script->constsRaw()->length = nconsts;
++        script->constsRaw()->vector = (GCPtrValue*)cursor;
++        cursor += nconsts * sizeof(script->constsRaw()->vector[0]);
++    }
++
++    script->scopesRaw()->length = nscopes;
++    script->scopesRaw()->vector = (GCPtrScope*)cursor;
++    cursor += nscopes * sizeof(script->scopesRaw()->vector[0]);
+ 
+     if (nobjects != 0) {
+-        script->objects()->length = nobjects;
+-        script->objects()->vector = (GCPtrObject*)cursor;
+-        cursor += nobjects * sizeof(script->objects()->vector[0]);
++        script->objectsRaw()->length = nobjects;
++        script->objectsRaw()->vector = (GCPtrObject*)cursor;
++        cursor += nobjects * sizeof(script->objectsRaw()->vector[0]);
+     }
+ 
+     if (ntrynotes != 0) {
+-        script->trynotes()->length = ntrynotes;
+-        script->trynotes()->vector = reinterpret_cast<JSTryNote*>(cursor);
+-        size_t vectorSize = ntrynotes * sizeof(script->trynotes()->vector[0]);
++        script->trynotesRaw()->length = ntrynotes;
++        script->trynotesRaw()->vector = reinterpret_cast<JSTryNote*>(cursor);
++        size_t vectorSize = ntrynotes * sizeof(script->trynotesRaw()->vector[0]);
+ #ifdef DEBUG
+         memset(cursor, 0, vectorSize);
+ #endif
+         cursor += vectorSize;
+     }
+ 
+     if (nscopenotes != 0) {
+-        script->scopeNotes()->length = nscopenotes;
+-        script->scopeNotes()->vector = reinterpret_cast<ScopeNote*>(cursor);
+-        size_t vectorSize = nscopenotes * sizeof(script->scopeNotes()->vector[0]);
++        script->scopeNotesRaw()->length = nscopenotes;
++        script->scopeNotesRaw()->vector = reinterpret_cast<ScopeNote*>(cursor);
++        size_t vectorSize = nscopenotes * sizeof(script->scopeNotesRaw()->vector[0]);
+ #ifdef DEBUG
+         memset(cursor, 0, vectorSize);
+ #endif
+         cursor += vectorSize;
+     }
+ 
+     if (nyieldoffsets != 0) {
+         yieldAndAwaitOffsets->init(reinterpret_cast<uint32_t*>(cursor), nyieldoffsets);
+-        size_t vectorSize = nyieldoffsets * sizeof(script->yieldAndAwaitOffsets()[0]);
++        size_t vectorSize = nyieldoffsets * sizeof(script->yieldAndAwaitOffsetsRaw()[0]);
+ #ifdef DEBUG
+         memset(cursor, 0, vectorSize);
+ #endif
+         cursor += vectorSize;
+     }
+ 
+     MOZ_ASSERT(cursor == script->data + size);
+     return true;
+@@ -3034,17 +3037,17 @@ JSScript::initFunctionPrototype(JSContex
+     script->nTypeSets_ = 0;
+ 
+     RootedScope enclosing(cx, &cx->global()->emptyGlobalScope());
+     Scope* functionProtoScope = FunctionScope::create(cx, nullptr, false, false, functionProto,
+                                                       enclosing);
+     if (!functionProtoScope) {
+         return false;
+     }
+-    script->scopes()->vector[0].init(functionProtoScope);
++    script->scopesRaw()->vector[0].init(functionProtoScope);
+ 
+     uint32_t codeLength = 1;
+     uint32_t srcNotesLength = 1;
+     uint32_t numAtoms = 0;
+     if (!script->createScriptData(cx, codeLength, srcNotesLength, numAtoms)) {
+         return false;
+     }
+ 
+@@ -3267,27 +3270,25 @@ JSScript::assertValidJumpTargets() const
+                 MOZ_ASSERT_IF(off, mainEntry <= pc + off && pc + off < end);
+                 MOZ_ASSERT_IF(off, BytecodeIsJumpTarget(JSOp(*(pc + off))));
+             }
+         }
+     }
+ 
+     // Check catch/finally blocks as jump targets.
+     if (hasTrynotes()) {
+-        JSTryNote* tn = trynotes()->vector;
+-        JSTryNote* tnlimit = tn + trynotes()->length;
+-        for (; tn < tnlimit; tn++) {
+-            jsbytecode* tryStart = mainEntry + tn->start;
++        for (const JSTryNote& tn : trynotes()) {
++            jsbytecode* tryStart = mainEntry + tn.start;
+             jsbytecode* tryPc = tryStart - 1;
+-            if (tn->kind != JSTRY_CATCH && tn->kind != JSTRY_FINALLY) {
++            if (tn.kind != JSTRY_CATCH && tn.kind != JSTRY_FINALLY) {
+                 continue;
+             }
+ 
+             MOZ_ASSERT(JSOp(*tryPc) == JSOP_TRY);
+-            jsbytecode* tryTarget = tryStart + tn->length;
++            jsbytecode* tryTarget = tryStart + tn.length;
+             MOZ_ASSERT(mainEntry <= tryTarget && tryTarget < end);
+             MOZ_ASSERT(BytecodeIsJumpTarget(JSOp(*tryTarget)));
+         }
+     }
+ }
+ #endif
+ 
+ size_t
+@@ -3660,22 +3661,22 @@ js::detail::CopyScript(JSContext* cx, Ha
+         return false;
+     }
+ 
+     /* NB: Keep this in sync with XDRScript. */
+ 
+     /* Some embeddings are not careful to use ExposeObjectToActiveJS as needed. */
+     MOZ_ASSERT(!src->sourceObject()->isMarkedGray());
+ 
+-    uint32_t nconsts   = src->hasConsts()   ? src->consts()->length   : 0;
+-    uint32_t nobjects  = src->hasObjects()  ? src->objects()->length  : 0;
+-    uint32_t nscopes   = src->scopes()->length;
+-    uint32_t ntrynotes = src->hasTrynotes() ? src->trynotes()->length : 0;
+-    uint32_t nscopenotes = src->hasScopeNotes() ? src->scopeNotes()->length : 0;
+-    uint32_t nyieldoffsets = src->hasYieldAndAwaitOffsets() ? src->yieldAndAwaitOffsets().length() : 0;
++    uint32_t nconsts = src->hasConsts() ? src->consts().size() : 0;
++    uint32_t nobjects = src->hasObjects() ? src->objects().size() : 0;
++    uint32_t nscopes = src->scopes().size();
++    uint32_t ntrynotes = src->hasTrynotes() ? src->trynotes().size() : 0;
++    uint32_t nscopenotes = src->hasScopeNotes() ? src->scopeNotes().size() : 0;
++    uint32_t nyieldoffsets = src->hasYieldAndAwaitOffsets() ? src->yieldAndAwaitOffsets().size() : 0;
+ 
+     /* Script data */
+ 
+     size_t size = src->dataSize();
+     UniquePtr<uint8_t, JS::FreePolicy> data(AllocScriptData(cx, size));
+     if (size && !data) {
+         return false;
+     }
+@@ -3684,37 +3685,35 @@ js::detail::CopyScript(JSContext* cx, Ha
+ 
+     // The passed in scopes vector contains body scopes that needed to be
+     // cloned especially, depending on whether the script is a function or
+     // global scope. Starting at scopes.length() means we only deal with
+     // intra-body scopes.
+     {
+         MOZ_ASSERT(nscopes != 0);
+         MOZ_ASSERT(src->bodyScopeIndex() + 1 == scopes.length());
+-        GCPtrScope* vector = src->scopes()->vector;
+         RootedScope original(cx);
+         RootedScope clone(cx);
+-        for (uint32_t i = scopes.length(); i < nscopes; i++) {
+-            original = vector[i];
++        for (const GCPtrScope& elem : src->scopes().From(scopes.length())) {
++            original = elem.get();
+             clone = Scope::clone(cx, original, scopes[FindScopeIndex(src, *original->enclosing())]);
+             if (!clone || !scopes.append(clone)) {
+                 return false;
+             }
+         }
+     }
+ 
+     /* Objects */
+ 
+     AutoObjectVector objects(cx);
+     if (nobjects != 0) {
+-        GCPtrObject* vector = src->objects()->vector;
+         RootedObject obj(cx);
+         RootedObject clone(cx);
+-        for (unsigned i = 0; i < nobjects; i++) {
+-            obj = vector[i];
++        for (const GCPtrObject& elem : src->objects()) {
++            obj = elem.get();
+             clone = nullptr;
+             if (obj->is<RegExpObject>()) {
+                 clone = CloneScriptRegExpObject(cx, obj->as<RegExpObject>());
+             } else if (obj->is<JSFunction>()) {
+                 RootedFunction innerFun(cx, &obj->as<JSFunction>());
+                 if (innerFun->isNative()) {
+                     if (cx->compartment() != innerFun->compartment()) {
+                         MOZ_ASSERT(innerFun->isAsmJSNative());
+@@ -3791,45 +3790,45 @@ js::detail::CopyScript(JSContext* cx, Ha
+     dst->bitFields_.isDerivedClassConstructor_ = src->isDerivedClassConstructor();
+     dst->bitFields_.needsHomeObject_ = src->needsHomeObject();
+     dst->bitFields_.isDefaultClassConstructor_ = src->isDefaultClassConstructor();
+     dst->bitFields_.isAsync_ = src->bitFields_.isAsync_;
+     dst->bitFields_.hasRest_ = src->bitFields_.hasRest_;
+     dst->bitFields_.hideScriptFromDebugger_ = src->bitFields_.hideScriptFromDebugger_;
+ 
+     if (nconsts != 0) {
+-        GCPtrValue* vector = Rebase<GCPtrValue>(dst, src, src->consts()->vector);
+-        dst->consts()->vector = vector;
++        GCPtrValue* vector = Rebase<GCPtrValue>(dst, src, src->constsRaw()->vector);
++        dst->constsRaw()->vector = vector;
+         for (unsigned i = 0; i < nconsts; ++i) {
+             MOZ_ASSERT_IF(vector[i].isGCThing(), vector[i].toString()->isAtom());
+         }
+     }
+     if (nobjects != 0) {
+-        GCPtrObject* vector = Rebase<GCPtrObject>(dst, src, src->objects()->vector);
+-        dst->objects()->vector = vector;
++        GCPtrObject* vector = Rebase<GCPtrObject>(dst, src, src->objectsRaw()->vector);
++        dst->objectsRaw()->vector = vector;
+         for (unsigned i = 0; i < nobjects; ++i) {
+             vector[i].init(&objects[i]->as<NativeObject>());
+         }
+     }
+     {
+-        GCPtrScope* vector = Rebase<GCPtrScope>(dst, src, src->scopes()->vector);
+-        dst->scopes()->vector = vector;
++        GCPtrScope* vector = Rebase<GCPtrScope>(dst, src, src->scopesRaw()->vector);
++        dst->scopesRaw()->vector = vector;
+         for (uint32_t i = 0; i < nscopes; ++i) {
+             vector[i].init(scopes[i]);
+         }
+     }
+     if (ntrynotes != 0) {
+-        dst->trynotes()->vector = Rebase<JSTryNote>(dst, src, src->trynotes()->vector);
++        dst->trynotesRaw()->vector = Rebase<JSTryNote>(dst, src, src->trynotesRaw()->vector);
+     }
+     if (nscopenotes != 0) {
+-        dst->scopeNotes()->vector = Rebase<ScopeNote>(dst, src, src->scopeNotes()->vector);
++        dst->scopeNotesRaw()->vector = Rebase<ScopeNote>(dst, src, src->scopeNotesRaw()->vector);
+     }
+     if (nyieldoffsets != 0) {
+-        dst->yieldAndAwaitOffsets().vector_ =
+-            Rebase<uint32_t>(dst, src, src->yieldAndAwaitOffsets().vector_);
++        dst->yieldAndAwaitOffsetsRaw().vector_ =
++            Rebase<uint32_t>(dst, src, src->yieldAndAwaitOffsetsRaw().vector_);
+     }
+ 
+     return true;
+ }
+ 
+ static JSScript*
+ CreateEmptyScriptForClone(JSContext* cx, HandleScript src)
+ {
+@@ -4168,28 +4167,29 @@ JSScript::traceChildren(JSTracer* trc)
+     MOZ_ASSERT_IF(trc->isMarkingTracer() &&
+                   GCMarker::fromTracer(trc)->shouldCheckCompartments(),
+                   zone()->isCollecting());
+ 
+     if (scriptData()) {
+         scriptData()->traceChildren(trc);
+     }
+ 
+-    if (ScopeArray* scopearray = scopes()) {
+-        TraceRange(trc, scopearray->length, scopearray->vector, "scopes");
++    if (data) {
++        auto array = scopes();
++        TraceRange(trc, array.size(), array.data(), "scopes");
+     }
+ 
+     if (hasConsts()) {
+-        ConstArray* constarray = consts();
+-        TraceRange(trc, constarray->length, constarray->vector, "consts");
++        auto array = consts();
++        TraceRange(trc, array.size(), array.data(), "consts");
+     }
+ 
+     if (hasObjects()) {
+-        ObjectArray* objarray = objects();
+-        TraceRange(trc, objarray->length, objarray->vector, "objects");
++        auto array = objects();
++        TraceRange(trc, array.size(), array.data(), "objects");
+     }
+ 
+     MOZ_ASSERT_IF(sourceObject(), MaybeForwarded(sourceObject())->compartment() == compartment());
+     TraceNullableEdge(trc, &sourceObject_, "sourceObject");
+ 
+     if (maybeLazyScript()) {
+         TraceManuallyBarrieredEdge(trc, &lazyScript, "lazyScript");
+     }
+@@ -4247,35 +4247,35 @@ JSScript::lookupScope(jsbytecode* pc)
+     MOZ_ASSERT(containsPC(pc));
+ 
+     if (!hasScopeNotes()) {
+         return nullptr;
+     }
+ 
+     size_t offset = pc - code();
+ 
+-    ScopeNoteArray* notes = scopeNotes();
++    auto notes = scopeNotes();
+     Scope* scope = nullptr;
+ 
+     // Find the innermost block chain using a binary search.
+     size_t bottom = 0;
+-    size_t top = notes->length;
++    size_t top = notes.size();
+ 
+     while (bottom < top) {
+         size_t mid = bottom + (top - bottom) / 2;
+-        const ScopeNote* note = &notes->vector[mid];
++        const ScopeNote* note = &notes[mid];
+         if (note->start <= offset) {
+             // Block scopes are ordered in the list by their starting offset, and since
+             // blocks form a tree ones earlier in the list may cover the pc even if
+             // later blocks end before the pc. This only happens when the earlier block
+             // is a parent of the later block, so we need to check parents of |mid| in
+             // the searched range for coverage.
+             size_t check = mid;
+             while (check >= bottom) {
+-                const ScopeNote* checkNote = &notes->vector[check];
++                const ScopeNote* checkNote = &notes[check];
+                 MOZ_ASSERT(checkNote->start <= offset);
+                 if (offset < checkNote->start + checkNote->length) {
+                     // We found a matching block chain but there may be inner ones
+                     // at a higher block chain index than mid. Continue the binary search.
+                     if (checkNote->index == ScopeNote::NoScopeIndex) {
+                         scope = nullptr;
+                     } else {
+                         scope = getScope(checkNote->index);
+@@ -4719,20 +4719,18 @@ JSScript::updateJitCodeRaw(JSRuntime* rt
+ }
+ 
+ bool
+ JSScript::hasLoops()
+ {
+     if (!hasTrynotes()) {
+         return false;
+     }
+-    JSTryNote* tn = trynotes()->vector;
+-    JSTryNote* tnlimit = tn + trynotes()->length;
+-    for (; tn < tnlimit; tn++) {
+-        switch (tn->kind) {
++    for (const JSTryNote& tn : trynotes()) {
++        switch (tn.kind) {
+           case JSTRY_FOR_IN:
+           case JSTRY_FOR_OF:
+           case JSTRY_LOOP:
+             return true;
+           case JSTRY_CATCH:
+           case JSTRY_FINALLY:
+           case JSTRY_FOR_OF_ITERCLOSE:
+           case JSTRY_DESTRUCTURING_ITERCLOSE:
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -8,16 +8,17 @@
+ 
+ #ifndef vm_JSScript_h
+ #define vm_JSScript_h
+ 
+ #include "mozilla/ArrayUtils.h"
+ #include "mozilla/Atomics.h"
+ #include "mozilla/Maybe.h"
+ #include "mozilla/MemoryReporting.h"
++#include "mozilla/Span.h"
+ #include "mozilla/Variant.h"
+ 
+ #include "jstypes.h"
+ 
+ #include "frontend/NameAnalysisTypes.h"
+ #include "gc/Barrier.h"
+ #include "gc/Rooting.h"
+ #include "jit/IonCode.h"
+@@ -1820,28 +1821,26 @@ class JSScript : public js::gc::TenuredC
+ 
+     bool functionHasExtraBodyVarScope() const {
+         MOZ_ASSERT_IF(bitFields_.functionHasExtraBodyVarScope_, functionHasParameterExprs());
+         return bitFields_.functionHasExtraBodyVarScope_;
+     }
+ 
+     js::VarScope* functionExtraBodyVarScope() const {
+         MOZ_ASSERT(functionHasExtraBodyVarScope());
+-        for (uint32_t i = 0; i < scopes()->length; i++) {
+-            js::Scope* scope = getScope(i);
++        for (js::Scope* scope : scopes()) {
+             if (scope->kind() == js::ScopeKind::FunctionBodyVar) {
+                 return &scope->as<js::VarScope>();
+             }
+         }
+         MOZ_CRASH("Function extra body var scope not found");
+     }
+ 
+     bool needsBodyEnvironment() const {
+-        for (uint32_t i = 0; i < scopes()->length; i++) {
+-            js::Scope* scope = getScope(i);
++        for (js::Scope* scope : scopes()) {
+             if (ScopeKindIsInBody(scope->kind()) && scope->hasEnvironment()) {
+                 return true;
+             }
+         }
+         return false;
+     }
+ 
+     inline js::LexicalScope* maybeNamedLambdaScope() const;
+@@ -1926,46 +1925,80 @@ class JSScript : public js::gc::TenuredC
+     size_t yieldAndAwaitOffsetsOffset() const {
+         return OFF(scopeNotesOffset, hasScopeNotes, js::ScopeNoteArray);
+     }
+ 
+ #undef OFF
+ 
+     size_t dataSize() const { return dataSize_; }
+ 
+-    js::ConstArray* consts() {
++  private:
++
++    js::ConstArray* constsRaw() const {
+         MOZ_ASSERT(hasConsts());
+         return reinterpret_cast<js::ConstArray*>(data + constsOffset());
+     }
+ 
+-    js::ObjectArray* objects() {
++    js::ObjectArray* objectsRaw() const {
+         MOZ_ASSERT(hasObjects());
+         return reinterpret_cast<js::ObjectArray*>(data + objectsOffset());
+     }
+ 
+-    js::ScopeArray* scopes() const {
++    js::ScopeArray* scopesRaw() const {
+         return reinterpret_cast<js::ScopeArray*>(data + scopesOffset());
+     }
+ 
+-    js::TryNoteArray* trynotes() const {
++    js::TryNoteArray* trynotesRaw() const {
+         MOZ_ASSERT(hasTrynotes());
+         return reinterpret_cast<js::TryNoteArray*>(data + trynotesOffset());
+     }
+ 
+-    js::ScopeNoteArray* scopeNotes() {
++    js::ScopeNoteArray* scopeNotesRaw() const {
+         MOZ_ASSERT(hasScopeNotes());
+         return reinterpret_cast<js::ScopeNoteArray*>(data + scopeNotesOffset());
+     }
+ 
+-    js::YieldAndAwaitOffsetArray& yieldAndAwaitOffsets() {
++    js::YieldAndAwaitOffsetArray& yieldAndAwaitOffsetsRaw() const {
+         MOZ_ASSERT(hasYieldAndAwaitOffsets());
+         return *reinterpret_cast<js::YieldAndAwaitOffsetArray*>(data +
+                                                                 yieldAndAwaitOffsetsOffset());
+     }
+ 
++  public:
++
++    mozilla::Span<js::GCPtrValue> consts() const {
++        js::ConstArray* array = constsRaw();
++        return mozilla::MakeSpan(array->vector, array->length);
++    }
++
++    mozilla::Span<js::GCPtrObject> objects() const {
++        js::ObjectArray* array = objectsRaw();
++        return mozilla::MakeSpan(array->vector, array->length);
++    }
++
++    mozilla::Span<js::GCPtrScope> scopes() const {
++        js::ScopeArray* array = scopesRaw();
++        return mozilla::MakeSpan(array->vector, array->length);
++    }
++
++    mozilla::Span<JSTryNote> trynotes() const {
++        js::TryNoteArray* array = trynotesRaw();
++        return mozilla::MakeSpan(array->vector, array->length);
++    }
++
++    mozilla::Span<js::ScopeNote> scopeNotes() const {
++        js::ScopeNoteArray* array = scopeNotesRaw();
++        return mozilla::MakeSpan(array->vector, array->length);
++    }
++
++    mozilla::Span<uint32_t> yieldAndAwaitOffsets() const {
++        js::YieldAndAwaitOffsetArray& array = yieldAndAwaitOffsetsRaw();
++        return mozilla::MakeSpan(&array[0], array.length());
++    }
++
+     bool hasLoops();
+ 
+     uint32_t numNotes() const {
+         MOZ_ASSERT(scriptData_);
+         return scriptData_->numNotes();
+     }
+     jssrcnote* notes() const {
+         MOZ_ASSERT(scriptData_);
+@@ -1996,31 +2029,27 @@ class JSScript : public js::gc::TenuredC
+         return getAtom(index)->asPropertyName();
+     }
+ 
+     js::PropertyName* getName(jsbytecode* pc) const {
+         return getAtom(pc)->asPropertyName();
+     }
+ 
+     JSObject* getObject(size_t index) {
+-        js::ObjectArray* arr = objects();
+-        MOZ_ASSERT(index < arr->length);
+-        MOZ_ASSERT(arr->vector[index]->isTenured());
+-        return arr->vector[index];
++        MOZ_ASSERT(objects()[index]->isTenured());
++        return objects()[index];
+     }
+ 
+     JSObject* getObject(jsbytecode* pc) {
+         MOZ_ASSERT(containsPC(pc) && containsPC(pc + sizeof(uint32_t)));
+         return getObject(GET_UINT32_INDEX(pc));
+     }
+ 
+     js::Scope* getScope(size_t index) const {
+-        js::ScopeArray* array = scopes();
+-        MOZ_ASSERT(index < array->length);
+-        return array->vector[index];
++        return scopes()[index];
+     }
+ 
+     js::Scope* getScope(jsbytecode* pc) const {
+         // This method is used to get a scope directly using a JSOp with an
+         // index. To search through ScopeNotes to look for a Scope using pc,
+         // use lookupScope.
+         MOZ_ASSERT(containsPC(pc) && containsPC(pc + sizeof(uint32_t)));
+         MOZ_ASSERT(js::JOF_OPTYPE(JSOp(*pc)) == JOF_SCOPE,
+@@ -2035,19 +2064,17 @@ class JSScript : public js::gc::TenuredC
+         }
+         return nullptr;
+     }
+ 
+     inline js::RegExpObject* getRegExp(size_t index);
+     inline js::RegExpObject* getRegExp(jsbytecode* pc);
+ 
+     const js::Value& getConst(size_t index) {
+-        js::ConstArray* arr = consts();
+-        MOZ_ASSERT(index < arr->length);
+-        return arr->vector[index];
++        return consts()[index];
+     }
+ 
+     // The following 3 functions find the static scope just before the
+     // execution of the instruction pointed to by pc.
+ 
+     js::Scope* lookupScope(jsbytecode* pc);
+ 
+     js::Scope* innermostScope(jsbytecode* pc);
+diff --git a/js/src/vm/ObjectGroup.cpp b/js/src/vm/ObjectGroup.cpp
+--- a/js/src/vm/ObjectGroup.cpp
++++ b/js/src/vm/ObjectGroup.cpp
+@@ -235,25 +235,23 @@ ObjectGroup::useSingletonForAllocationSi
+     // All loops in the script will have a try note indicating their boundary.
+ 
+     if (!script->hasTrynotes()) {
+         return SingletonObject;
+     }
+ 
+     unsigned offset = script->pcToOffset(pc);
+ 
+-    JSTryNote* tn = script->trynotes()->vector;
+-    JSTryNote* tnlimit = tn + script->trynotes()->length;
+-    for (; tn < tnlimit; tn++) {
+-        if (tn->kind != JSTRY_FOR_IN && tn->kind != JSTRY_FOR_OF && tn->kind != JSTRY_LOOP) {
++    for (const JSTryNote& tn : script->trynotes()) {
++        if (tn.kind != JSTRY_FOR_IN && tn.kind != JSTRY_FOR_OF && tn.kind != JSTRY_LOOP) {
+             continue;
+         }
+ 
+-        unsigned startOffset = script->mainOffset() + tn->start;
+-        unsigned endOffset = startOffset + tn->length;
++        unsigned startOffset = script->mainOffset() + tn.start;
++        unsigned endOffset = startOffset + tn.length;
+ 
+         if (offset >= startOffset && offset < endOffset) {
+             return GenericObject;
+         }
+     }
+ 
+     return SingletonObject;
+ }
+diff --git a/js/src/vm/Realm.cpp b/js/src/vm/Realm.cpp
+--- a/js/src/vm/Realm.cpp
++++ b/js/src/vm/Realm.cpp
+@@ -705,19 +705,17 @@ Realm::setNewObjectMetadata(JSContext* c
+ }
+ 
+ static bool
+ AddInnerLazyFunctionsFromScript(JSScript* script, AutoObjectVector& lazyFunctions)
+ {
+     if (!script->hasObjects()) {
+         return true;
+     }
+-    ObjectArray* objects = script->objects();
+-    for (size_t i = 0; i < objects->length; i++) {
+-        JSObject* obj = objects->vector[i];
++    for (JSObject* obj : script->objects()) {
+         if (obj->is<JSFunction>() && obj->as<JSFunction>().isInterpretedLazy()) {
+             if (!lazyFunctions.append(obj)) {
+                 return false;
+             }
+         }
+     }
+     return true;
+ }

frg/work-js/mozilla-release/patches/mozilla-central_443893.patch

@@ -0,0 +1,459 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1534958731 14400
+#      Wed Aug 22 13:25:31 2018 -0400
+# Node ID 31db69b4f38d3d258e6cd886af06da94caf91d58
+# Parent  716e7d5c3da2378ced5c0b99032ac685799212e5
+Bug 1485347 - Part 4: Add js::PrivateScriptData type. r=waldo
+
+This will later be used to store variable length data that hangs off of
+each JSScript. This primarily is a refactor of existing JSScript code to
+put in its own data structure.
+
+- ScopeArray and friends now store offsets instead of pointers. This
+  saves memory on 64-bit platforms and simplifies cloning.
+- GCPtr constructors are used instead of relying on pod_calloc. This
+  fixes C++ object-model violations.
+- A packed bitfield is used to locate optional array headers instead of
+  previous daisy-chain approach. This also lets js::PrivateScriptData
+  understand array layout without coupling to JSScript.
+
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -3031,16 +3031,219 @@ js::FreeScriptData(JSRuntime* rt)
+                 scriptData, scriptData->refCount());
+ #endif
+         js_free(e.front());
+     }
+ 
+     table.clear();
+ }
+ 
++// Placement-new elements of an array. This should optimize away for types with
++// trivial default initiation.
++template <typename T>
++static void
++DefaultInitializeElements(void* arrayPtr, size_t length)
++{
++    uintptr_t elem = reinterpret_cast<uintptr_t>(arrayPtr);
++    MOZ_ASSERT(elem % alignof(T) == 0);
++
++    for (size_t i = 0; i < length; ++i) {
++        new (reinterpret_cast<T*>(elem)) T;
++        elem += sizeof(T);
++    }
++}
++
++/* static */ size_t
++PrivateScriptData::AllocationSize(uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
++                                  uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets)
++{
++    size_t size = sizeof(PrivateScriptData);
++
++    if (nconsts) { size += sizeof(PackedSpan); }
++    if (nobjects) { size += sizeof(PackedSpan); }
++    if (ntrynotes) { size += sizeof(PackedSpan); }
++    if (nscopenotes) { size += sizeof(PackedSpan); }
++    if (nyieldoffsets) { size += sizeof(PackedSpan); }
++
++    size += nscopes * sizeof(GCPtrScope);
++
++    if (nconsts) {
++        // The scope array doesn't maintain Value alignment, so compute the
++        // padding needed to remedy this.
++        size = JS_ROUNDUP(size, alignof(GCPtrValue));
++        size += nconsts * sizeof(GCPtrValue);
++    }
++    if (nobjects) {
++        size += nobjects * sizeof(GCPtrObject);
++    }
++    if (ntrynotes) {
++        size += ntrynotes * sizeof(JSTryNote);
++    }
++    if (nscopenotes) {
++        size += nscopenotes * sizeof(ScopeNote);
++    }
++    if (nyieldoffsets) {
++        size += nyieldoffsets * sizeof(uint32_t);
++    }
++
++    return size;
++}
++
++// Placement-new elements of an array. This should optimize away for types with
++// trivial default initiation.
++template <typename T>
++void
++PrivateScriptData::initElements(size_t offset, size_t length)
++{
++    uintptr_t base = reinterpret_cast<uintptr_t>(this);
++    DefaultInitializeElements<T>(reinterpret_cast<void*>(base + offset), length);
++}
++
++template <typename T>
++void
++PrivateScriptData::initSpan(size_t* cursor, uint32_t scaledSpanOffset, size_t length)
++{
++    // PackedSpans are elided when arrays are empty
++    if (scaledSpanOffset == 0) {
++        MOZ_ASSERT(length == 0);
++        return;
++    }
++
++    // Placement-new the PackedSpan
++    PackedSpan* span = packedOffsetToPointer<PackedSpan>(scaledSpanOffset);
++    span = new (span) PackedSpan { uint32_t(*cursor), uint32_t(length) };
++
++    // Placement-new the elements
++    initElements<T>(*cursor, length);
++
++    // Advance cursor
++    (*cursor) += length * sizeof(T);
++}
++
++// Initialize PackedSpans and placement-new the trailing arrays.
++PrivateScriptData::PrivateScriptData(uint32_t nscopes_, uint32_t nconsts, uint32_t nobjects,
++                                     uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets)
++  : nscopes(nscopes_)
++{
++    // Convert cursor possition to a packed offset.
++    auto ToPackedOffset = [](size_t cursor) {
++        MOZ_ASSERT(cursor % PackedOffsets::SCALE == 0);
++        return cursor / PackedOffsets::SCALE;
++    };
++
++    // Helper to allocate a PackedSpan from the variable length data.
++    auto TakeSpan = [=](size_t* cursor) {
++        size_t packedOffset = ToPackedOffset(*cursor);
++        MOZ_ASSERT(packedOffset <= PackedOffsets::MAX_OFFSET);
++
++        (*cursor) += sizeof(PackedSpan);
++        return packedOffset;
++    };
++
++    // Variable-length data begins immediately after PrivateScriptData itself.
++    // NOTE: Alignment is computed using cursor/offset so the alignment of
++    // PrivateScriptData must be stricter than any trailing array type.
++    size_t cursor = sizeof(*this);
++
++    // Layout PackedSpan structures and initialize packedOffsets fields.
++    static_assert(alignof(PrivateScriptData) >= alignof(PackedSpan),
++                  "Incompatible alignment");
++    if (nconsts) { packedOffsets.constsSpanOffset = TakeSpan(&cursor); }
++    if (nobjects) { packedOffsets.objectsSpanOffset = TakeSpan(&cursor); }
++    if (ntrynotes) { packedOffsets.tryNotesSpanOffset = TakeSpan(&cursor); }
++    if (nscopenotes) { packedOffsets.scopeNotesSpanOffset = TakeSpan(&cursor); }
++    if (nyieldoffsets) { packedOffsets.yieldOffsetsSpanOffset = TakeSpan(&cursor); }
++
++    // Layout and initialize the scopes array. Manually insert padding so that
++    // the subsequent |consts| array is aligned.
++    {
++        MOZ_ASSERT(nscopes > 0);
++
++        static_assert(alignof(PackedSpan) >= alignof(GCPtrScope),
++                      "Incompatible alignment");
++        initElements<GCPtrScope>(cursor, nscopes);
++        packedOffsets.scopesOffset = ToPackedOffset(cursor);
++
++        cursor += nscopes * sizeof(GCPtrScope);
++    }
++
++    if (nconsts) {
++        // Pad to required alignment if we are emitting constant array.
++        cursor = JS_ROUNDUP(cursor, alignof(GCPtrValue));
++
++        static_assert(alignof(PrivateScriptData) >= alignof(GCPtrValue),
++                      "Incompatible alignment");
++        initSpan<GCPtrValue>(&cursor, packedOffsets.constsSpanOffset, nconsts);
++    }
++
++    // Layout arrays, initialize PackedSpans and placement-new the elements.
++    static_assert(alignof(GCPtrValue) >= alignof(GCPtrObject),
++                  "Incompatible alignment");
++    static_assert(alignof(GCPtrScope) >= alignof(GCPtrObject),
++                  "Incompatible alignment");
++    initSpan<GCPtrObject>(&cursor, packedOffsets.objectsSpanOffset, nobjects);
++    static_assert(alignof(GCPtrObject) >= alignof(JSTryNote),
++                  "Incompatible alignment");
++    initSpan<JSTryNote>(&cursor, packedOffsets.tryNotesSpanOffset, ntrynotes);
++    static_assert(alignof(JSTryNote) >= alignof(ScopeNote),
++                  "Incompatible alignment");
++    initSpan<ScopeNote>(&cursor, packedOffsets.scopeNotesSpanOffset, nscopenotes);
++    static_assert(alignof(ScopeNote) >= alignof(uint32_t),
++                  "Incompatible alignment");
++    initSpan<uint32_t>(&cursor, packedOffsets.yieldOffsetsSpanOffset, nyieldoffsets);
++
++    // Sanity check
++    MOZ_ASSERT(AllocationSize(nscopes_, nconsts, nobjects,
++                              ntrynotes, nscopenotes, nyieldoffsets) == cursor);
++}
++
++/* static */ PrivateScriptData*
++PrivateScriptData::new_(JSContext* cx,
++                        uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
++                        uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets,
++                        uint32_t* dataSize)
++{
++    // Compute size including trailing arrays
++    size_t size = AllocationSize(nscopes, nconsts, nobjects,
++                                 ntrynotes, nscopenotes, nyieldoffsets);
++
++    // Allocate contiguous raw buffer
++    void* raw = cx->pod_malloc<uint8_t>(size);
++    MOZ_ASSERT(uintptr_t(raw) % alignof(PrivateScriptData) == 0);
++    if (!raw) {
++        return nullptr;
++    }
++
++    if (dataSize) {
++        *dataSize = size;
++    }
++
++    // Constuct the PrivateScriptData. Trailing arrays are uninitialized but
++    // GCPtrs are put into a safe state.
++    return new (raw) PrivateScriptData(nscopes, nconsts, nobjects,
++                                       ntrynotes, nscopenotes, nyieldoffsets);
++}
++
++void
++PrivateScriptData::traceChildren(JSTracer* trc)
++{
++    auto scopearray = scopes();
++    TraceRange(trc, scopearray.size(), scopearray.data(), "scopes");
++
++    if (hasConsts()) {
++        auto constarray = consts();
++        TraceRange(trc, constarray.size(), constarray.data(), "consts");
++    }
++
++    if (hasObjects()) {
++        auto objarray = objects();
++        TraceRange(trc, objarray.size(), objarray.data(), "objects");
++    }
++}
++
+ /*
+  * [SMDOC] JSScript data layout (unshared)
+  *
+  * JSScript::data and SharedScriptData::data have complex,
+  * manually-controlled, memory layouts.
+  *
+  * JSScript::data begins with some optional array headers. They are optional
+  * because they often aren't needed, i.e. the corresponding arrays often have
+@@ -4151,17 +4354,18 @@ js::detail::CopyScript(JSContext* cx, Ha
+     dst->bitFields_.isAsync_ = src->bitFields_.isAsync_;
+     dst->bitFields_.hasRest_ = src->bitFields_.hasRest_;
+     dst->bitFields_.hideScriptFromDebugger_ = src->bitFields_.hideScriptFromDebugger_;
+ 
+     if (nconsts != 0) {
+         GCPtrValue* vector = Rebase<GCPtrValue>(dst, src, src->constsRaw()->vector);
+         dst->constsRaw()->vector = vector;
+         for (unsigned i = 0; i < nconsts; ++i) {
+-            MOZ_ASSERT_IF(vector[i].isGCThing(), vector[i].toString()->isAtom());
++            // We don't support GCThings here and thus don't need to call |init|.
++            MOZ_ASSERT(!vector[i].isGCThing());
+         }
+     }
+     if (nobjects != 0) {
+         GCPtrObject* vector = Rebase<GCPtrObject>(dst, src, src->objectsRaw()->vector);
+         dst->objectsRaw()->vector = vector;
+         for (unsigned i = 0; i < nobjects; ++i) {
+             vector[i].init(&objects[i]->as<NativeObject>());
+         }
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -1269,16 +1269,192 @@ XDRLazyScript(XDRState<mode>* xdr, Handl
+ 
+ /*
+  * Code any constant value.
+  */
+ template<XDRMode mode>
+ XDRResult
+ XDRScriptConst(XDRState<mode>* xdr, MutableHandleValue vp);
+ 
++// [SMDOC] - JSScript data layout (unshared)
++//
++// PrivateScriptData stores variable-length data associated with a script.
++// Abstractly a PrivateScriptData consists of all these arrays:
++//
++//   * A non-empty array of GCPtrScope in scopes()
++//   * A possibly-empty array of GCPtrValue in consts()
++//   * A possibly-empty array of JSObject* in objects()
++//   * A possibly-empty array of JSTryNote in tryNotes()
++//   * A possibly-empty array of ScopeNote in scopeNotes()
++//   * A possibly-empty array of uint32_t in yieldAndAwaitOffsets()
++//
++// Accessing any of these arrays just requires calling the appropriate public
++// Span-computing function.
++//
++// Under the hood, PrivateScriptData is a small class followed by a memory
++// layout that compactly encodes all these arrays, in this manner (only
++// explicit padding, "--" separators for readability only):
++//
++//   <PrivateScriptData itself>
++//   --
++//   (OPTIONAL) PackedSpan for consts()
++//   (OPTIONAL) PackedSpan for objects()
++//   (OPTIONAL) PackedSpan for tryNotes()
++//   (OPTIONAL) PackedSpan for scopeNotes()
++//   (OPTIONAL) PackedSpan for yieldAndAwaitOffsets()
++//   --
++//   (REQUIRED) All the GCPtrScopes that constitute scopes()
++//   --
++//   (OPTIONAL) If there are consts, padding needed for space so far to be
++//              GCPtrValue-aligned
++//   (OPTIONAL) All the GCPtrValues that constitute consts()
++//   --
++//   (OPTIONAL) All the GCPtrObjects that constitute objects()
++//   --
++//   (OPTIONAL) All the JSTryNotes that constitute tryNotes()
++//   --
++//   (OPTIONAL) All the ScopeNotes that constitute scopeNotes()
++//   --
++//   (OPTIONAL) All the uint32_t's that constitute yieldAndAwaitOffsets()
++//
++// The contents of PrivateScriptData indicate which optional items are present.
++// PrivateScriptData::packedOffsets contains bit-fields, one per array.
++// Multiply each packed offset by sizeof(uint32_t) to compute a *real* offset.
++//
++// PrivateScriptData::scopesOffset indicates where scopes() begins. The bound
++// of five PackedSpans ensures we can encode this offset compactly.
++// PrivateScriptData::nscopes indicates the number of GCPtrScopes in scopes().
++//
++// The other PackedScriptData::*Offset fields indicate where a potential
++// corresponding PackedSpan resides. If the packed offset is 0, there is no
++// PackedSpan, and the array is empty. Otherwise the PackedSpan's uint32_t
++// offset and length fields store: 1) a *non-packed* offset (a literal count of
++// bytes offset from the *start* of PrivateScriptData struct) to the
++// corresponding array, and 2) the number of elements in the array,
++// respectively.
++//
++// PrivateScriptData and PackedSpan are 64-bit-aligned, so manual alignment in
++// trailing fields is only necessary before the first trailing fields with
++// increased alignment -- before GCPtrValues for consts(), on 32-bit, where the
++// preceding GCPtrScopes as pointers are only 32-bit-aligned.
++class alignas(JS::Value) PrivateScriptData final
++{
++    struct PackedOffsets
++    {
++        static constexpr size_t SCALE = sizeof(uint32_t);
++        static constexpr size_t MAX_OFFSET = 0b1111;
++
++        // (Scaled) offset to Scopes
++        uint32_t scopesOffset : 8;
++
++        // (Scaled) offset to Spans. These are set to 0 if they don't exist.
++        uint32_t constsSpanOffset : 4;
++        uint32_t objectsSpanOffset : 4;
++        uint32_t tryNotesSpanOffset : 4;
++        uint32_t scopeNotesSpanOffset : 4;
++        uint32_t yieldOffsetsSpanOffset : 4;
++    };
++
++    // Detect accidental size regressions.
++    static_assert(sizeof(PackedOffsets) == sizeof(uint32_t),
++                  "unexpected bit-field packing");
++
++    // A span describes base offset and length of one variable length array in
++    // the private data.
++    struct alignas(uintptr_t) PackedSpan
++    {
++        uint32_t offset;
++        uint32_t length;
++    };
++
++    // Concrete Fields
++    PackedOffsets packedOffsets = {}; // zeroes
++    uint32_t nscopes;
++
++    // Translate an offset into a concrete pointer.
++    template <typename T>
++    T* offsetToPointer(size_t offset)
++    {
++        uintptr_t base = reinterpret_cast<uintptr_t>(this);
++        uintptr_t elem = base + offset;
++        return reinterpret_cast<T*>(elem);
++    }
++
++    // Translate a PackedOffsets member into a pointer.
++    template <typename T>
++    T* packedOffsetToPointer(size_t packedOffset)
++    {
++        return offsetToPointer<T>(packedOffset * PackedOffsets::SCALE);
++    }
++
++    // Translates a PackedOffsets member into a PackedSpan* and then unpacks
++    // that to a mozilla::Span.
++    template <typename T>
++    mozilla::Span<T> packedOffsetToSpan(size_t scaledSpanOffset)
++    {
++        PackedSpan* span = packedOffsetToPointer<PackedSpan>(scaledSpanOffset);
++        T* base = offsetToPointer<T>(span->offset);
++        return mozilla::MakeSpan(base, span->length);
++    }
++
++    // Helpers for creating initializing trailing data
++    template <typename T>
++    void initSpan(size_t* cursor, uint32_t scaledSpanOffset, size_t length);
++
++    template <typename T>
++    void initElements(size_t offset, size_t length);
++
++    // Size to allocate
++    static size_t AllocationSize(uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
++                                 uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets);
++
++    // Initialize header and PackedSpans
++    PrivateScriptData(uint32_t nscopes_, uint32_t nconsts, uint32_t nobjects,
++                      uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets);
++
++  public:
++
++    // Accessors for typed array spans.
++    mozilla::Span<GCPtrScope> scopes() {
++        GCPtrScope* base = packedOffsetToPointer<GCPtrScope>(packedOffsets.scopesOffset);
++        return mozilla::MakeSpan(base, nscopes);
++    }
++    mozilla::Span<GCPtrValue> consts() {
++        return packedOffsetToSpan<GCPtrValue>(packedOffsets.constsSpanOffset);
++    }
++    mozilla::Span<GCPtrObject> objects() {
++        return packedOffsetToSpan<GCPtrObject>(packedOffsets.objectsSpanOffset);
++    }
++    mozilla::Span<JSTryNote> tryNotes() {
++        return packedOffsetToSpan<JSTryNote>(packedOffsets.tryNotesSpanOffset);
++    }
++    mozilla::Span<ScopeNote> scopeNotes() {
++        return packedOffsetToSpan<ScopeNote>(packedOffsets.scopeNotesSpanOffset);
++    }
++    mozilla::Span<uint32_t> yieldAndAwaitOffsets() {
++        return packedOffsetToSpan<uint32_t>(packedOffsets.yieldOffsetsSpanOffset);
++    }
++
++    // Fast tests for if array exists
++    bool hasConsts() const { return packedOffsets.constsSpanOffset != 0; }
++    bool hasObjects() const { return packedOffsets.objectsSpanOffset != 0; }
++    bool hasTryNotes() const { return packedOffsets.tryNotesSpanOffset != 0; }
++    bool hasScopeNotes() const { return packedOffsets.scopeNotesSpanOffset != 0; }
++    bool hasYieldOffsets() const { return packedOffsets.yieldOffsetsSpanOffset != 0; }
++
++    // Allocate a new PrivateScriptData. Headers and GCPtrs are initialized.
++    // The size of allocation is returned as an out parameter.
++    static PrivateScriptData* new_(JSContext* cx,
++                                   uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
++                                   uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets,
++                                   uint32_t* dataSize);
++
++    void traceChildren(JSTracer* trc);
++};
++
+ /*
+  * Common data that can be shared between many scripts in a single runtime.
+  */
+ class SharedScriptData
+ {
+     // This class is reference counted as follows: each pointer from a JSScript
+     // counts as one reference plus there may be one reference from the shared
+     // script data table.

frg/work-js/mozilla-release/patches/mozilla-central_443894.patch

@@ -0,0 +1,985 @@
+# HG changeset patch
+# User Ted Campbell <tcampbell@mozilla.com>
+# Date 1535070478 14400
+#      Thu Aug 23 20:27:58 2018 -0400
+# Node ID 1fbd4a0e4473c96caacf49896901a2fa956f0d10
+# Parent  31db69b4f38d3d258e6cd886af06da94caf91d58
+Bug 1485347 - Part 5: Use js::PrivateScriptData for JSScript. r=jandem
+
+- This makes JSScript::data arrays read-only. Initialization code
+ directly uses PrivateScriptData to mutate.
+
+MozReview-Commit-ID: LJFc8QazLfq
+
+diff --git a/js/src/jit/BaselineJIT.cpp b/js/src/jit/BaselineJIT.cpp
+--- a/js/src/jit/BaselineJIT.cpp
++++ b/js/src/jit/BaselineJIT.cpp
+@@ -791,17 +791,17 @@ BaselineScript::computeYieldAndAwaitNati
+     auto computeNative = [this,script](uint32_t pcOffset) {
+         PCMappingSlotInfo slotInfo;
+         uint8_t* nativeCode = maybeNativeCodeForPC(script, script->offsetToPC(pcOffset), &slotInfo);
+         MOZ_ASSERT(slotInfo.isStackSynced());
+ 
+         return nativeCode;
+     };
+ 
+-    mozilla::Span<uint32_t> pcOffsets = script->yieldAndAwaitOffsets();
++    mozilla::Span<const uint32_t> pcOffsets = script->yieldAndAwaitOffsets();
+     uint8_t** nativeOffsets = yieldEntryList();
+     std::transform(pcOffsets.begin(), pcOffsets.end(), nativeOffsets, computeNative);
+ }
+ 
+ void
+ BaselineScript::copyICEntries(JSScript* script, const ICEntry* entries)
+ {
+     // Fix up the return offset in the IC entries and copy them in.
+diff --git a/js/src/vm/JSScript.cpp b/js/src/vm/JSScript.cpp
+--- a/js/src/vm/JSScript.cpp
++++ b/js/src/vm/JSScript.cpp
+@@ -409,23 +409,23 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         nfixed = script->nfixed();
+         nslots = script->nslots();
+ 
+         bodyScopeIndex = script->bodyScopeIndex();
+         natoms = script->natoms();
+ 
+         nsrcnotes = script->numNotes();
+ 
++        nscopes = script->scopes().size();
+         if (script->hasConsts()) {
+             nconsts = script->consts().size();
+         }
+         if (script->hasObjects()) {
+             nobjects = script->objects().size();
+         }
+-        nscopes = script->scopes().size();
+         if (script->hasTrynotes()) {
+             ntrynotes = script->trynotes().size();
+         }
+         if (script->hasScopeNotes()) {
+             nscopenotes = script->scopeNotes().size();
+         }
+         if (script->hasYieldAndAwaitOffsets()) {
+             nyieldoffsets = script->yieldAndAwaitOffsets().size();
+@@ -727,32 +727,34 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+     }
+ 
+     if (mode == XDR_DECODE) {
+         if (!script->shareScriptData(cx)) {
+             return xdr->fail(JS::TranscodeResult_Throw);
+         }
+     }
+ 
++    js::PrivateScriptData* data = script->data_;
++
+     if (nconsts) {
+         RootedValue val(cx);
+-        for (GCPtrValue& elem : script->consts()) {
++        for (GCPtrValue& elem : data->consts()) {
+             if (mode == XDR_ENCODE) {
+                 val = elem.get();
+             }
+             MOZ_TRY(XDRScriptConst(xdr, &val));
+             if (mode == XDR_DECODE) {
+                 elem.init(val);
+             }
+         }
+     }
+ 
+     {
+         MOZ_ASSERT(nscopes != 0);
+-        GCPtrScope* vector = script->scopes().data();
++        GCPtrScope* vector = data->scopes().data();
+         RootedScope scope(cx);
+         RootedScope enclosing(cx);
+         ScopeKind scopeKind;
+         uint32_t enclosingScopeIndex = 0;
+         for (uint32_t i = 0; i != nscopes; ++i) {
+             if (mode == XDR_ENCODE) {
+                 scope = vector[i];
+                 scopeKind = scope->kind();
+@@ -839,17 +841,17 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+     }
+ 
+     /*
+      * Here looping from 0-to-length to xdr objects is essential to ensure that
+      * all references to enclosing blocks (via FindScopeIndex below) happen
+      * after the enclosing block has been XDR'd.
+      */
+     if (nobjects) {
+-        for (GCPtrObject& elem : script->objects()) {
++        for (GCPtrObject& elem : data->objects()) {
+             XDRClassKind classk;
+ 
+             if (mode == XDR_ENCODE) {
+                 JSObject* obj = elem.get();
+                 if (obj->is<RegExpObject>()) {
+                     classk = CK_RegexpObject;
+                 } else if (obj->is<JSFunction>()) {
+                     classk = CK_JSFunction;
+@@ -934,35 +936,35 @@ js::XDRScript(XDRState<mode>* xdr, Handl
+         }
+     }
+ 
+     // Verify marker to detect data corruption after decoding object data. A
+     // mismatch here indicates we will almost certainly crash in release.
+     MOZ_TRY(xdr->codeMarker(0xF83B989A));
+ 
+     if (ntrynotes) {
+-        for (JSTryNote& elem : script->trynotes()) {
++        for (JSTryNote& elem : data->tryNotes()) {
+             MOZ_TRY(xdr->codeUint8(&elem.kind));
+             MOZ_TRY(xdr->codeUint32(&elem.stackDepth));
+             MOZ_TRY(xdr->codeUint32(&elem.start));
+             MOZ_TRY(xdr->codeUint32(&elem.length));
+         }
+     }
+ 
+     if (nscopenotes) {
+-        for (ScopeNote& elem : script->scopeNotes()) {
++        for (ScopeNote& elem : data->scopeNotes()) {
+             MOZ_TRY(xdr->codeUint32(&elem.index));
+             MOZ_TRY(xdr->codeUint32(&elem.start));
+             MOZ_TRY(xdr->codeUint32(&elem.length));
+             MOZ_TRY(xdr->codeUint32(&elem.parent));
+         }
+     }
+ 
+     if (nyieldoffsets) {
+-        for (uint32_t& elem : script->yieldAndAwaitOffsets()) {
++        for (uint32_t& elem : data->yieldAndAwaitOffsets()) {
+             MOZ_TRY(xdr->codeUint32(&elem));
+         }
+     }
+ 
+     if (scriptBits & (1 << HasLazyScript)) {
+         Rooted<LazyScript*> lazy(cx);
+         if (mode == XDR_ENCODE) {
+             lazy = script->maybeLazyScript();
+@@ -3234,135 +3236,16 @@ PrivateScriptData::traceChildren(JSTrace
+     }
+ 
+     if (hasObjects()) {
+         auto objarray = objects();
+         TraceRange(trc, objarray.size(), objarray.data(), "objects");
+     }
+ }
+ 
+-/*
+- * [SMDOC] JSScript data layout (unshared)
+- *
+- * JSScript::data and SharedScriptData::data have complex,
+- * manually-controlled, memory layouts.
+- *
+- * JSScript::data begins with some optional array headers. They are optional
+- * because they often aren't needed, i.e. the corresponding arrays often have
+- * zero elements. Each header has a bit in JSScript::hasArrayBits that
+- * indicates if it's present within |data|; from this the offset of each
+- * present array header can be computed. Each header has an accessor function
+- * in JSScript that encapsulates this offset computation.
+- *
+- * Array type      Array elements  Accessor
+- * ----------      --------------  --------
+- * ConstArray      Consts          consts()
+- * ObjectArray     Objects         objects()
+- * ObjectArray     Regexps         regexps()
+- * TryNoteArray    Try notes       trynotes()
+- * ScopeNoteArray  Scope notes     scopeNotes()
+- *
+- * Then are the elements of several arrays.
+- * - Most of these arrays have headers listed above (if present). For each of
+- *   these, the array pointer and the array length is stored in the header.
+- * - The remaining arrays have pointers and lengths that are stored directly in
+- *   JSScript. This is because, unlike the others, they are nearly always
+- *   non-zero length and so the optional-header space optimization isn't
+- *   worthwhile.
+- *
+- * Array elements   Pointed to by         Length
+- * --------------   -------------         ------
+- * Consts           consts()->vector      consts()->length
+- * Objects          objects()->vector     objects()->length
+- * Regexps          regexps()->vector     regexps()->length
+- * Try notes        trynotes()->vector    trynotes()->length
+- * Scope notes      scopeNotes()->vector  scopeNotes()->length
+- *
+- * IMPORTANT: This layout has two key properties.
+- * - It ensures that everything has sufficient alignment; in particular, the
+- *   consts() elements need Value alignment.
+- * - It ensures there are no gaps between elements, which saves space and makes
+- *   manual layout easy. In particular, in the second part, arrays with larger
+- *   elements precede arrays with smaller elements.
+- *
+- * The following static assertions check JSScript::data's alignment properties.
+- */
+-
+-template<class T>
+-constexpr bool
+-KeepsValueAlignment() {
+-    return alignof(JS::Value) % alignof(T) == 0 &&
+-           sizeof(T) % sizeof(JS::Value) == 0;
+-}
+-
+-template<class T>
+-constexpr bool
+-HasValueAlignment() {
+-    return alignof(JS::Value) == alignof(T) &&
+-           sizeof(T) == sizeof(JS::Value);
+-}
+-
+-template<class T1, class T2>
+-constexpr bool
+-NoPaddingBetweenEntries() {
+-    return alignof(T1) % alignof(T2) == 0;
+-}
+-
+-/*
+- * These assertions ensure that there is no padding between the array headers,
+- * and also that the consts() elements (which follow immediately afterward) are
+- * Value-aligned.  (There is an assumption that |data| itself is Value-aligned;
+- * we check this below).
+- */
+-JS_STATIC_ASSERT(KeepsValueAlignment<ConstArray>());
+-JS_STATIC_ASSERT(KeepsValueAlignment<ObjectArray>());       /* there are two of these */
+-JS_STATIC_ASSERT(KeepsValueAlignment<TryNoteArray>());
+-JS_STATIC_ASSERT(KeepsValueAlignment<ScopeNoteArray>());
+-
+-/* These assertions ensure there is no padding required between array elements. */
+-JS_STATIC_ASSERT(HasValueAlignment<GCPtrValue>());
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<GCPtrValue, GCPtrObject>()));
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<GCPtrObject, GCPtrObject>()));
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<GCPtrObject, JSTryNote>()));
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<JSTryNote, uint32_t>()));
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<uint32_t, uint32_t>()));
+-
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<GCPtrValue, ScopeNote>()));
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<ScopeNote, ScopeNote>()));
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<JSTryNote, ScopeNote>()));
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<GCPtrObject, ScopeNote>()));
+-JS_STATIC_ASSERT((NoPaddingBetweenEntries<ScopeNote, uint32_t>()));
+-
+-static inline size_t
+-ScriptDataSize(uint32_t nscopes, uint32_t nconsts, uint32_t nobjects,
+-               uint32_t ntrynotes, uint32_t nscopenotes, uint32_t nyieldoffsets)
+-{
+-    size_t size = 0;
+-
+-    MOZ_ASSERT(nscopes != 0);
+-    size += sizeof(ScopeArray) + nscopes * sizeof(Scope*);
+-    if (nconsts != 0) {
+-        size += sizeof(ConstArray) + nconsts * sizeof(Value);
+-    }
+-    if (nobjects != 0) {
+-        size += sizeof(ObjectArray) + nobjects * sizeof(NativeObject*);
+-    }
+-    if (ntrynotes != 0) {
+-        size += sizeof(TryNoteArray) + ntrynotes * sizeof(JSTryNote);
+-    }
+-    if (nscopenotes != 0) {
+-        size += sizeof(ScopeNoteArray) + nscopenotes * sizeof(ScopeNote);
+-    }
+-    if (nyieldoffsets != 0) {
+-        size += sizeof(YieldAndAwaitOffsetArray) + nyieldoffsets * sizeof(uint32_t);
+-    }
+-
+-     return size;
+-}
+-
+ JSScript::JSScript(JS::Realm* realm, uint8_t* stubEntry, const ReadOnlyCompileOptions& options,
+                    HandleObject sourceObject, uint32_t bufStart, uint32_t bufEnd,
+                    uint32_t toStringStart, uint32_t toStringEnd)
+   :
+ #ifndef JS_CODEGEN_NONE
+     jitCodeRaw_(stubEntry),
+     jitCodeSkipArgCheck_(stubEntry),
+ #endif
+@@ -3486,102 +3369,26 @@ AllocScriptData(JSContext* cx, size_t si
+ 
+ /* static */ bool
+ JSScript::partiallyInit(JSContext* cx, HandleScript script, uint32_t nscopes,
+                         uint32_t nconsts, uint32_t nobjects, uint32_t ntrynotes,
+                         uint32_t nscopenotes, uint32_t nyieldoffsets)
+ {
+     cx->check(script);
+ 
+-    size_t size = ScriptDataSize(nscopes, nconsts, nobjects, ntrynotes,
+-                                 nscopenotes, nyieldoffsets);
+-    script->data = AllocScriptData(cx, size);
+-    if (size && !script->data) {
++    uint32_t dataSize;
++
++    PrivateScriptData* data = PrivateScriptData::new_(cx, nscopes, nconsts, nobjects, ntrynotes,
++                                                      nscopenotes, nyieldoffsets, &dataSize);
++    if (!data) {
+         return false;
+     }
+ 
+-    script->dataSize_ = size;
+-
+-    uint8_t* cursor = script->data;
+-
+-    // There must always be at least 1 scope, the body scope.
+-    MOZ_ASSERT(nscopes != 0);
+-    cursor += sizeof(ScopeArray);
+-
+-    if (nconsts != 0) {
+-        script->setHasArray(CONSTS);
+-        cursor += sizeof(ConstArray);
+-    }
+-    if (nobjects != 0) {
+-        script->setHasArray(OBJECTS);
+-        cursor += sizeof(ObjectArray);
+-    }
+-
+-    if (ntrynotes != 0) {
+-        script->setHasArray(TRYNOTES);
+-        cursor += sizeof(TryNoteArray);
+-    }
+-    if (nscopenotes != 0) {
+-        script->setHasArray(SCOPENOTES);
+-        cursor += sizeof(ScopeNoteArray);
+-    }
+-
+-    YieldAndAwaitOffsetArray* yieldAndAwaitOffsets = nullptr;
+-    if (nyieldoffsets != 0) {
+-        yieldAndAwaitOffsets = reinterpret_cast<YieldAndAwaitOffsetArray*>(cursor);
+-        cursor += sizeof(YieldAndAwaitOffsetArray);
+-    }
+-
+-    if (nconsts != 0) {
+-        MOZ_ASSERT(reinterpret_cast<uintptr_t>(cursor) % sizeof(JS::Value) == 0);
+-        script->constsRaw()->length = nconsts;
+-        script->constsRaw()->vector = (GCPtrValue*)cursor;
+-        cursor += nconsts * sizeof(script->constsRaw()->vector[0]);
+-    }
+-
+-    script->scopesRaw()->length = nscopes;
+-    script->scopesRaw()->vector = (GCPtrScope*)cursor;
+-    cursor += nscopes * sizeof(script->scopesRaw()->vector[0]);
+-
+-    if (nobjects != 0) {
+-        script->objectsRaw()->length = nobjects;
+-        script->objectsRaw()->vector = (GCPtrObject*)cursor;
+-        cursor += nobjects * sizeof(script->objectsRaw()->vector[0]);
+-    }
+-
+-    if (ntrynotes != 0) {
+-        script->trynotesRaw()->length = ntrynotes;
+-        script->trynotesRaw()->vector = reinterpret_cast<JSTryNote*>(cursor);
+-        size_t vectorSize = ntrynotes * sizeof(script->trynotesRaw()->vector[0]);
+-#ifdef DEBUG
+-        memset(cursor, 0, vectorSize);
+-#endif
+-        cursor += vectorSize;
+-    }
+-
+-    if (nscopenotes != 0) {
+-        script->scopeNotesRaw()->length = nscopenotes;
+-        script->scopeNotesRaw()->vector = reinterpret_cast<ScopeNote*>(cursor);
+-        size_t vectorSize = nscopenotes * sizeof(script->scopeNotesRaw()->vector[0]);
+-#ifdef DEBUG
+-        memset(cursor, 0, vectorSize);
+-#endif
+-        cursor += vectorSize;
+-    }
+-
+-    if (nyieldoffsets != 0) {
+-        yieldAndAwaitOffsets->init(reinterpret_cast<uint32_t*>(cursor), nyieldoffsets);
+-        size_t vectorSize = nyieldoffsets * sizeof(script->yieldAndAwaitOffsetsRaw()[0]);
+-#ifdef DEBUG
+-        memset(cursor, 0, vectorSize);
+-#endif
+-        cursor += vectorSize;
+-    }
+-
+-    MOZ_ASSERT(cursor == script->data + size);
++    script->data_ = data;
++    script->dataSize_ = dataSize;
+     return true;
+ }
+ 
+ /* static */ bool
+ JSScript::initFunctionPrototype(JSContext* cx, Handle<JSScript*> script,
+                                 HandleFunction functionProto)
+ {
+     uint32_t numScopes = 1;
+@@ -3599,17 +3406,19 @@ JSScript::initFunctionPrototype(JSContex
+     script->nTypeSets_ = 0;
+ 
+     RootedScope enclosing(cx, &cx->global()->emptyGlobalScope());
+     Scope* functionProtoScope = FunctionScope::create(cx, nullptr, false, false, functionProto,
+                                                       enclosing);
+     if (!functionProtoScope) {
+         return false;
+     }
+-    script->scopesRaw()->vector[0].init(functionProtoScope);
++
++    js::PrivateScriptData* data = script->data_;
++    data->scopes()[0].init(functionProtoScope);
+ 
+     uint32_t codeLength = 1;
+     uint32_t srcNotesLength = 1;
+     uint32_t numAtoms = 0;
+     if (!script->createScriptData(cx, codeLength, srcNotesLength, numAtoms)) {
+         return false;
+     }
+ 
+@@ -3737,31 +3546,33 @@ JSScript::fullyInitFromEmitter(JSContext
+     PodCopy<jsbytecode>(code + prologueLength, bce->main.code.begin(), mainLength);
+     bce->copySrcNotes((jssrcnote*)(code + script->length()), nsrcnotes);
+     InitAtomMap(*bce->atomIndices, script->atoms());
+ 
+     if (!script->shareScriptData(cx)) {
+         return false;
+     }
+ 
++    js::PrivateScriptData* data = script->data_;
+     if (bce->numberList.length() != 0) {
+-        bce->numberList.finish(script->consts());
++        bce->numberList.finish(data->consts());
+     }
+     if (bce->objectList.length != 0) {
+-        bce->objectList.finish(script->objects());
++        bce->objectList.finish(data->objects());
+     }
+     if (bce->scopeList.length() != 0) {
+-        bce->scopeList.finish(script->scopes());
++        bce->scopeList.finish(data->scopes());
+     }
+     if (bce->tryNoteList.length() != 0) {
+-        bce->tryNoteList.finish(script->trynotes(), prologueLength);
++        bce->tryNoteList.finish(data->tryNotes(), prologueLength);
+     }
+     if (bce->scopeNoteList.length() != 0) {
+-        bce->scopeNoteList.finish(script->scopeNotes(), prologueLength);
+-    }
++        bce->scopeNoteList.finish(data->scopeNotes(), prologueLength);
++    }
++
+     script->bitFields_.strict_ = bce->sc->strict();
+     script->bitFields_.explicitUseStrict_ = bce->sc->hasExplicitUseStrict();
+     script->bitFields_.bindingsAccessedDynamically_ = bce->sc->bindingsAccessedDynamically();
+     script->bitFields_.hasSingletons_ = bce->hasSingletons;
+ 
+     script->nfixed_ = bce->maxFixedSlots;
+     script->nslots_ = nslots;
+     script->bodyScopeIndex_ = bce->bodyScopeIndex;
+@@ -3775,17 +3586,17 @@ JSScript::fullyInitFromEmitter(JSContext
+         initFromFunctionBox(script, bce->sc->asFunctionBox());
+     } else if (bce->sc->isModuleContext()) {
+         initFromModuleContext(script);
+     }
+ 
+     // Copy yield offsets last, as the generator kind is set in
+     // initFromFunctionBox.
+     if (bce->yieldAndAwaitOffsetList.length() != 0) {
+-        bce->yieldAndAwaitOffsetList.finish(script->yieldAndAwaitOffsets(), prologueLength);
++        bce->yieldAndAwaitOffsetList.finish(data->yieldAndAwaitOffsets(), prologueLength);
+     }
+ 
+ #ifdef DEBUG
+     script->assertValidJumpTargets();
+ #endif
+ 
+     return true;
+ }
+@@ -3856,17 +3667,17 @@ size_t
+ JSScript::computedSizeOfData() const
+ {
+     return dataSize();
+ }
+ 
+ size_t
+ JSScript::sizeOfData(mozilla::MallocSizeOf mallocSizeOf) const
+ {
+-    return mallocSizeOf(data);
++    return mallocSizeOf(data_);
+ }
+ 
+ size_t
+ JSScript::sizeOfTypeScript(mozilla::MallocSizeOf mallocSizeOf) const
+ {
+     return types_ ? types_->sizeOfIncludingThis(mallocSizeOf) : 0;
+ }
+ 
+@@ -3898,19 +3709,19 @@ JSScript::finalize(FreeOp* fop)
+         types_->destroy();
+     }
+ 
+     jit::DestroyJitScripts(fop, this);
+ 
+     destroyScriptCounts();
+     destroyDebugScript(fop);
+ 
+-    if (data) {
+-        JS_POISON(data, 0xdb, computedSizeOfData(), MemCheckKind::MakeNoAccess);
+-        fop->free_(data);
++    if (data_) {
++        JS_POISON(data_, 0xdb, computedSizeOfData(), MemCheckKind::MakeNoAccess);
++        fop->free_(data_);
+     }
+ 
+     if (scriptData_) {
+         scriptData_->decRefCount();
+     }
+ 
+     // In most cases, our LazyScript's script pointer will reference this
+     // script, and thus be nulled out by normal weakref processing. However, if
+@@ -4152,24 +3963,16 @@ js::DescribeScriptedCallerForCompilation
+         maybeScript.set(iter.script());
+         *pcOffset = iter.pc() - maybeScript->code();
+     } else {
+         maybeScript.set(nullptr);
+         *pcOffset = 0;
+     }
+ }
+ 
+-template <class T>
+-static inline T*
+-Rebase(JSScript* dst, JSScript* src, T* srcp)
+-{
+-    size_t off = reinterpret_cast<uint8_t*>(srcp) - src->data;
+-    return reinterpret_cast<T*>(dst->data + off);
+-}
+-
+ static JSObject*
+ CloneInnerInterpretedFunction(JSContext* cx, HandleScope enclosingScope, HandleFunction srcFun)
+ {
+     /* NB: Keep this in sync with XDRInterpretedFunction. */
+     RootedObject cloneProto(cx);
+     if (srcFun->isGenerator() || srcFun->isAsync()) {
+         cloneProto = GlobalObject::getOrCreateGeneratorFunctionPrototype(cx, cx->global());
+         if (!cloneProto) {
+@@ -4222,28 +4025,27 @@ js::detail::CopyScript(JSContext* cx, Ha
+         return false;
+     }
+ 
+     /* NB: Keep this in sync with XDRScript. */
+ 
+     /* Some embeddings are not careful to use ExposeObjectToActiveJS as needed. */
+     MOZ_ASSERT(!src->sourceObject()->isMarkedGray());
+ 
++    uint32_t nscopes = src->scopes().size();
++#ifdef DEBUG
+     uint32_t nconsts = src->hasConsts() ? src->consts().size() : 0;
++#endif
+     uint32_t nobjects = src->hasObjects() ? src->objects().size() : 0;
+-    uint32_t nscopes = src->scopes().size();
+-    uint32_t ntrynotes = src->hasTrynotes() ? src->trynotes().size() : 0;
+-    uint32_t nscopenotes = src->hasScopeNotes() ? src->scopeNotes().size() : 0;
+-    uint32_t nyieldoffsets = src->hasYieldAndAwaitOffsets() ? src->yieldAndAwaitOffsets().size() : 0;
+ 
+     /* Script data */
+ 
+     size_t size = src->dataSize();
+     UniquePtr<uint8_t, JS::FreePolicy> data(AllocScriptData(cx, size));
+-    if (size && !data) {
++    if (!data) {
+         return false;
+     }
+ 
+     /* Scopes */
+ 
+     // The passed in scopes vector contains body scopes that needed to be
+     // cloned especially, depending on whether the script is a function or
+     // global scope. Starting at scopes.length() means we only deal with
+@@ -4299,23 +4101,19 @@ js::detail::CopyScript(JSContext* cx, Ha
+             }
+ 
+             if (!clone || !objects.append(clone)) {
+                 return false;
+             }
+         }
+     }
+ 
+-    /* This assignment must occur before all the Rebase calls. */
+-    dst->data = data.release();
++    dst->data_ = reinterpret_cast<js::PrivateScriptData*>(data.release());
+     dst->dataSize_ = size;
+-    MOZ_ASSERT(bool(dst->data) == bool(src->data));
+-    if (dst->data) {
+-        memcpy(dst->data, src->data, size);
+-    }
++    memcpy(dst->data_, src->data_, size);
+ 
+     if (cx->zone() != src->zoneFromAnyThread()) {
+         for (size_t i = 0; i < src->scriptData()->natoms(); i++) {
+             cx->markAtom(src->scriptData()->atoms()[i]);
+         }
+     }
+ 
+     /* Script filenames, bytecodes and atoms are runtime-wide. */
+@@ -4332,17 +4130,16 @@ js::detail::CopyScript(JSContext* cx, Ha
+         dst->setArgumentsHasVarBinding();
+         if (src->analyzedArgsUsage()) {
+             dst->setNeedsArgsObj(src->needsArgsObj());
+         }
+     }
+     dst->bitFields_.hasMappedArgsObj_ = src->hasMappedArgsObj();
+     dst->bitFields_.functionHasThisBinding_ = src->functionHasThisBinding();
+     dst->bitFields_.functionHasExtraBodyVarScope_ = src->functionHasExtraBodyVarScope();
+-    dst->cloneHasArray(src);
+     dst->bitFields_.strict_ = src->strict();
+     dst->bitFields_.explicitUseStrict_ = src->explicitUseStrict();
+     dst->bitFields_.hasNonSyntacticScope_ = scopes[0]->hasOnChain(ScopeKind::NonSyntactic);
+     dst->bitFields_.bindingsAccessedDynamically_ = src->bindingsAccessedDynamically();
+     dst->bitFields_.funHasExtensibleScope_ = src->funHasExtensibleScope();
+     dst->bitFields_.funHasAnyAliasedFormal_ = src->funHasAnyAliasedFormal();
+     dst->bitFields_.hasSingletons_ = src->hasSingletons();
+     dst->bitFields_.treatAsRunOnce_ = src->treatAsRunOnce();
+@@ -4350,48 +4147,37 @@ js::detail::CopyScript(JSContext* cx, Ha
+     dst->setGeneratorKind(src->generatorKind());
+     dst->bitFields_.isDerivedClassConstructor_ = src->isDerivedClassConstructor();
+     dst->bitFields_.needsHomeObject_ = src->needsHomeObject();
+     dst->bitFields_.isDefaultClassConstructor_ = src->isDefaultClassConstructor();
+     dst->bitFields_.isAsync_ = src->bitFields_.isAsync_;
+     dst->bitFields_.hasRest_ = src->bitFields_.hasRest_;
+     dst->bitFields_.hideScriptFromDebugger_ = src->bitFields_.hideScriptFromDebugger_;
+ 
+-    if (nconsts != 0) {
+-        GCPtrValue* vector = Rebase<GCPtrValue>(dst, src, src->constsRaw()->vector);
+-        dst->constsRaw()->vector = vector;
++    {
++        auto array = dst->data_->scopes();
++        for (uint32_t i = 0; i < nscopes; ++i) {
++            array[i].init(scopes[i]);
++        }
++    }
++#ifdef DEBUG
++    if (nconsts) {
++        auto array = dst->data_->consts();
+         for (unsigned i = 0; i < nconsts; ++i) {
+             // We don't support GCThings here and thus don't need to call |init|.
+-            MOZ_ASSERT(!vector[i].isGCThing());
+-        }
+-    }
+-    if (nobjects != 0) {
+-        GCPtrObject* vector = Rebase<GCPtrObject>(dst, src, src->objectsRaw()->vector);
+-        dst->objectsRaw()->vector = vector;
+-        for (unsigned i = 0; i < nobjects; ++i) {
+-            vector[i].init(&objects[i]->as<NativeObject>());
++            MOZ_ASSERT(!array[i].isGCThing());
+         }
+     }
+-    {
+-        GCPtrScope* vector = Rebase<GCPtrScope>(dst, src, src->scopesRaw()->vector);
+-        dst->scopesRaw()->vector = vector;
+-        for (uint32_t i = 0; i < nscopes; ++i) {
+-            vector[i].init(scopes[i]);
++#endif
++    if (nobjects) {
++        auto array = dst->data_->objects();
++        for (unsigned i = 0; i < nobjects; ++i) {
++            array[i].init(objects[i]);
+         }
+     }
+-    if (ntrynotes != 0) {
+-        dst->trynotesRaw()->vector = Rebase<JSTryNote>(dst, src, src->trynotesRaw()->vector);
+-    }
+-    if (nscopenotes != 0) {
+-        dst->scopeNotesRaw()->vector = Rebase<ScopeNote>(dst, src, src->scopeNotesRaw()->vector);
+-    }
+-    if (nyieldoffsets != 0) {
+-        dst->yieldAndAwaitOffsetsRaw().vector_ =
+-            Rebase<uint32_t>(dst, src, src->yieldAndAwaitOffsetsRaw().vector_);
+-    }
+ 
+     return true;
+ }
+ 
+ static JSScript*
+ CreateEmptyScriptForClone(JSContext* cx, HandleScript src)
+ {
+     /*
+@@ -4725,35 +4511,24 @@ JSScript::traceChildren(JSTracer* trc)
+     // may have created it and partially initialized it with
+     // JSScript::Create(), but not yet finished initializing it with
+     // fullyInitFromEmitter() or fullyInitTrivial().
+ 
+     MOZ_ASSERT_IF(trc->isMarkingTracer() &&
+                   GCMarker::fromTracer(trc)->shouldCheckCompartments(),
+                   zone()->isCollecting());
+ 
++    if (data_) {
++        data_->traceChildren(trc);
++    }
++
+     if (scriptData()) {
+         scriptData()->traceChildren(trc);
+     }
+ 
+-    if (data) {
+-        auto array = scopes();
+-        TraceRange(trc, array.size(), array.data(), "scopes");
+-    }
+-
+-    if (hasConsts()) {
+-        auto array = consts();
+-        TraceRange(trc, array.size(), array.data(), "consts");
+-    }
+-
+-    if (hasObjects()) {
+-        auto array = objects();
+-        TraceRange(trc, array.size(), array.data(), "objects");
+-    }
+-
+     MOZ_ASSERT_IF(sourceObject(), MaybeForwarded(sourceObject())->compartment() == compartment());
+     TraceNullableEdge(trc, &sourceObject_, "sourceObject");
+ 
+     if (maybeLazyScript()) {
+         TraceManuallyBarrieredEdge(trc, &lazyScript, "lazyScript");
+     }
+ 
+     if (trc->isMarkingTracer()) {
+diff --git a/js/src/vm/JSScript.h b/js/src/vm/JSScript.h
+--- a/js/src/vm/JSScript.h
++++ b/js/src/vm/JSScript.h
+@@ -142,63 +142,16 @@ struct ScopeNote {
+                                 // NoScopeIndex if there is no block scope in
+                                 // this range.
+     uint32_t        start;      // Bytecode offset at which this scope starts
+                                 // relative to script->code().
+     uint32_t        length;     // Bytecode length of scope.
+     uint32_t        parent;     // Index of parent block scope in notes, or NoScopeNote.
+ };
+ 
+-struct ConstArray {
+-    js::GCPtrValue* vector;     // array of indexed constant values
+-    uint32_t length;
+-};
+-
+-struct ObjectArray {
+-    js::GCPtrObject* vector;    // Array of indexed objects.
+-    uint32_t length;            // Count of indexed objects.
+-};
+-
+-struct ScopeArray {
+-    js::GCPtrScope* vector;     // Array of indexed scopes.
+-    uint32_t        length;     // Count of indexed scopes.
+-};
+-
+-struct TryNoteArray {
+-    JSTryNote*      vector;     // Array of indexed try notes.
+-    uint32_t        length;     // Count of indexed try notes.
+-};
+-
+-struct ScopeNoteArray {
+-    ScopeNote* vector;          // Array of indexed ScopeNote records.
+-    uint32_t   length;          // Count of indexed try notes.
+-};
+-
+-class YieldAndAwaitOffsetArray {
+-    friend bool
+-    detail::CopyScript(JSContext* cx, HandleScript src, HandleScript dst,
+-                       MutableHandle<GCVector<Scope*>> scopes);
+-
+-    uint32_t*       vector_;    // Array of bytecode offsets.
+-    uint32_t        length_;    // Count of bytecode offsets.
+-
+-  public:
+-    void init(uint32_t* vector, uint32_t length) {
+-        vector_ = vector;
+-        length_ = length;
+-    }
+-    uint32_t& operator[](uint32_t index) {
+-        MOZ_ASSERT(index < length_);
+-        return vector_[index];
+-    }
+-    uint32_t length() const {
+-        return length_;
+-    }
+-};
+-
+ class ScriptCounts
+ {
+   public:
+     typedef mozilla::Vector<PCCounts, 0, SystemAllocPolicy> PCCountsVector;
+ 
+     inline ScriptCounts();
+     inline explicit ScriptCounts(PCCountsVector&& jumpTargets);
+     inline ScriptCounts(ScriptCounts&& src);
+@@ -1575,23 +1528,23 @@ class JSScript : public js::gc::TenuredC
+ {
+   private:
+     // Pointer to baseline->method()->raw(), ion->method()->raw(), a wasm jit
+     // entry, the JIT's EnterInterpreter stub, or the lazy link stub. Must be
+     // non-null.
+     uint8_t* jitCodeRaw_ = nullptr;
+     uint8_t* jitCodeSkipArgCheck_ = nullptr;
+ 
++    // Shareable script data
+     js::SharedScriptData* scriptData_ = nullptr;
+ 
++    // Unshared variable-length data
++    js::PrivateScriptData* data_ = nullptr;
++
+   public:
+-    // Pointer to variable-length data array (see comment above Create() for
+-    // details).
+-    uint8_t* data = nullptr;
+-
+     JS::Realm* realm_ = nullptr;
+ 
+   private:
+     /* Persistent type information retained across GCs. */
+     js::TypeScript* types_ = nullptr;
+ 
+     // This script's ScriptSourceObject, or a CCW thereof.
+     //
+@@ -1710,24 +1663,16 @@ class JSScript : public js::gc::TenuredC
+     {
+         /*
+          * Bit-fields can't have member initializers til C++2a, i.e. probably
+          * C++20, so we can't initialize these to zero in place.  Instead we
+          * braced-init this to all zeroes in the JSScript constructor, then
+          * custom-assign particular bit-fields in the constructor body.
+          */
+ 
+-        // The bits in this field indicate the presence/non-presence of several
+-        // optional arrays in |data|.  See the comments above Create() for details.
+-        uint8_t hasArrayBits_ : ARRAY_KIND_BITS;
+-
+-        /*
+-         * All remaining bit-fields are single-bit bools.
+-         */
+-
+         // No need for result value of last expression statement.
+         bool noScriptRval_ : 1;
+ 
+         // Code is in strict mode.
+         bool strict_ : 1;
+ 
+         // Code has "use strict"; explicitly.
+         bool explicitUseStrict_ : 1;
+@@ -2563,109 +2508,53 @@ class JSScript : public js::gc::TenuredC
+      * computedSizeOfData() is the in-use size of all the data sections.
+      * sizeOfData() is the size of the block allocated to hold all the data
+      * sections (which can be larger than the in-use size).
+      */
+     size_t computedSizeOfData() const;
+     size_t sizeOfData(mozilla::MallocSizeOf mallocSizeOf) const;
+     size_t sizeOfTypeScript(mozilla::MallocSizeOf mallocSizeOf) const;
+ 
+-    bool hasArray(ArrayKind kind) const {
+-        return bitFields_.hasArrayBits_ & (1 << kind);
+-    }
+-    void setHasArray(ArrayKind kind) { bitFields_.hasArrayBits_ |= (1 << kind); }
+-    void cloneHasArray(JSScript* script) {
+-        bitFields_.hasArrayBits_ = script->bitFields_.hasArrayBits_;
+-    }
+-
+-    bool hasConsts() const       { return hasArray(CONSTS); }
+-    bool hasObjects() const      { return hasArray(OBJECTS); }
+-    bool hasTrynotes() const     { return hasArray(TRYNOTES); }
+-    bool hasScopeNotes() const   { return hasArray(SCOPENOTES); }
++    size_t dataSize() const { return dataSize_; }
++
++    bool hasConsts() const       { return data_->hasConsts(); }
++    bool hasObjects() const      { return data_->hasObjects(); }
++    bool hasTrynotes() const     { return data_->hasTryNotes(); }
++    bool hasScopeNotes() const   { return data_->hasScopeNotes(); }
+     bool hasYieldAndAwaitOffsets() const {
+-        return isGenerator() || isAsync();
++        return data_->hasYieldOffsets();
+     }
+ 
+-#define OFF(fooOff, hasFoo, t)   (fooOff() + (hasFoo() ? sizeof(t) : 0))
+-
+-    size_t scopesOffset() const       { return 0; }
+-    size_t constsOffset() const       { return scopesOffset() + sizeof(js::ScopeArray); }
+-    size_t objectsOffset() const      { return OFF(constsOffset,     hasConsts,     js::ConstArray); }
+-    size_t trynotesOffset() const     { return OFF(objectsOffset,    hasObjects,    js::ObjectArray); }
+-    size_t scopeNotesOffset() const   { return OFF(trynotesOffset,   hasTrynotes,   js::TryNoteArray); }
+-    size_t yieldAndAwaitOffsetsOffset() const {
+-        return OFF(scopeNotesOffset, hasScopeNotes, js::ScopeNoteArray);
++    mozilla::Span<const js::GCPtrScope> scopes() const {
++        return data_->scopes();
+     }
+ 
+-#undef OFF
+-
+-    size_t dataSize() const { return dataSize_; }
+-
+-  private:
+-
+-    js::ConstArray* constsRaw() const {
++    mozilla::Span<const js::GCPtrValue> consts() const {
+         MOZ_ASSERT(hasConsts());
+-        return reinterpret_cast<js::ConstArray*>(data + constsOffset());
+-    }
+-
+-    js::ObjectArray* objectsRaw() const {
+-        MOZ_ASSERT(hasObjects());
+-        return reinterpret_cast<js::ObjectArray*>(data + objectsOffset());
+-    }
+-
+-    js::ScopeArray* scopesRaw() const {
+-        return reinterpret_cast<js::ScopeArray*>(data + scopesOffset());
++        return data_->consts();
+     }
+ 
+-    js::TryNoteArray* trynotesRaw() const {
+-        MOZ_ASSERT(hasTrynotes());
+-        return reinterpret_cast<js::TryNoteArray*>(data + trynotesOffset());
+-    }
+-
+-    js::ScopeNoteArray* scopeNotesRaw() const {
+-        MOZ_ASSERT(hasScopeNotes());
+-        return reinterpret_cast<js::ScopeNoteArray*>(data + scopeNotesOffset());
++    mozilla::Span<const js::GCPtrObject> objects() const {
++        MOZ_ASSERT(hasObjects());
++        return data_->objects();
+     }
+ 
+-    js::YieldAndAwaitOffsetArray& yieldAndAwaitOffsetsRaw() const {
+-        MOZ_ASSERT(hasYieldAndAwaitOffsets());
+-        return *reinterpret_cast<js::YieldAndAwaitOffsetArray*>(data +
+-                                                                yieldAndAwaitOffsetsOffset());
+-    }
+-
+-  public:
+-
+-    mozilla::Span<js::GCPtrValue> consts() const {
+-        js::ConstArray* array = constsRaw();
+-        return mozilla::MakeSpan(array->vector, array->length);
++    mozilla::Span<const JSTryNote> trynotes() const {
++        MOZ_ASSERT(hasTrynotes());
++        return data_->tryNotes();
+     }
+ 
+-    mozilla::Span<js::GCPtrObject> objects() const {
+-        js::ObjectArray* array = objectsRaw();
+-        return mozilla::MakeSpan(array->vector, array->length);
+-    }
+-
+-    mozilla::Span<js::GCPtrScope> scopes() const {
+-        js::ScopeArray* array = scopesRaw();
+-        return mozilla::MakeSpan(array->vector, array->length);
++    mozilla::Span<const js::ScopeNote> scopeNotes() const {
++        MOZ_ASSERT(hasScopeNotes());
++        return data_->scopeNotes();
+     }
+ 
+-    mozilla::Span<JSTryNote> trynotes() const {
+-        js::TryNoteArray* array = trynotesRaw();
+-        return mozilla::MakeSpan(array->vector, array->length);
+-    }
+-
+-    mozilla::Span<js::ScopeNote> scopeNotes() const {
+-        js::ScopeNoteArray* array = scopeNotesRaw();
+-        return mozilla::MakeSpan(array->vector, array->length);
+-    }
+-
+-    mozilla::Span<uint32_t> yieldAndAwaitOffsets() const {
+-        js::YieldAndAwaitOffsetArray& array = yieldAndAwaitOffsetsRaw();
+-        return mozilla::MakeSpan(&array[0], array.length());
++    mozilla::Span<const uint32_t> yieldAndAwaitOffsets() const {
++        MOZ_ASSERT(hasYieldAndAwaitOffsets());
++        return data_->yieldAndAwaitOffsets();
+     }
+ 
+     bool hasLoops();
+ 
+     uint32_t numNotes() const {
+         MOZ_ASSERT(scriptData_);
+         return scriptData_->numNotes();
+     }

frg/work-js/mozilla-release/patches/mozilla-central_452400.patch

@@ -6,9 +6,9 @@
 # Parent  4001453082049c7f1729f464baff027eb079a8a8
 Bug 1342012 - Refactor nsJSUtils::ExecutionContext to separate compilation and execution steps and allow extraction of compiled JSScript r=nbp r=smaug
 
-diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp
---- a/dom/base/nsGlobalWindowInner.cpp
-+++ b/dom/base/nsGlobalWindowInner.cpp
+diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp
+--- a/dom/base/nsGlobalWindow.cpp
++++ b/dom/base/nsGlobalWindow.cpp
 @@ -5996,17 +5996,18 @@ bool nsGlobalWindowInner::RunTimeoutHand
        AutoEntryScript aes(this, reason, true);
        JS::CompileOptions options(aes.cx());
@@ -632,30 +632,6 @@ diff --git a/dom/jsurl/nsJSProtocolHandler.cpp b/dom/jsurl/nsJSProtocolHandler.c
      return NS_ERROR_MALFORMED_URI;
    } else if (v.isUndefined()) {
      return NS_ERROR_DOM_RETVAL_UNDEFINED;
-diff --git a/dom/plugins/base/nsNPAPIPlugin.cpp b/dom/plugins/base/nsNPAPIPlugin.cpp
---- a/dom/plugins/base/nsNPAPIPlugin.cpp
-+++ b/dom/plugins/base/nsNPAPIPlugin.cpp
-@@ -993,18 +993,18 @@ bool _evaluate(NPP npp, NPObject *npobj,
-       js::GetObjectCompartment(obj) == js::GetContextCompartment(cx),
-       "nsNPObjWrapper::GetNewOrUsed must wrap its return value");
-   obj = JS::CurrentGlobalOrNull(cx);
-   MOZ_ASSERT(obj);
-   nsresult rv = NS_OK;
-   {
-     nsJSUtils::ExecutionContext exec(cx, obj);
-     exec.SetScopeChain(scopeChain);
--    exec.CompileAndExec(options, utf16script);
--    rv = exec.ExtractReturnValue(&rval);
-+    exec.Compile(options, utf16script);
-+    rv = exec.ExecScript(&rval);
-   }
- 
-   if (!JS_WrapValue(cx, &rval)) {
-     return false;
-   }
- 
-   return NS_SUCCEEDED(rv) &&
-          (!result || JSValToNPVariant(npp, cx, rval, result));
 diff --git a/dom/script/ScriptLoader.cpp b/dom/script/ScriptLoader.cpp
 --- a/dom/script/ScriptLoader.cpp
 +++ b/dom/script/ScriptLoader.cpp

frg/work-js/mozilla-release/patches/mozilla-central_452403.patch

@@ -6,9 +6,9 @@
 # Parent  0833244e1e018c2daf196eda87cf4ff97db148fc
 Bug 1342012 - Support import from timeout handlers by associating the initiating script with the compiled JSScript r=smaug
 
-diff --git a/dom/base/nsGlobalWindowInner.cpp b/dom/base/nsGlobalWindowInner.cpp
---- a/dom/base/nsGlobalWindowInner.cpp
-+++ b/dom/base/nsGlobalWindowInner.cpp
+diff --git a/dom/base/nsGlobalWindow.cpp b/dom/base/nsGlobalWindow.cpp
+--- a/dom/base/nsGlobalWindow.cpp
++++ b/dom/base/nsGlobalWindow.cpp
 @@ -229,16 +229,17 @@
  #include "mozilla/dom/HashChangeEvent.h"
  #include "mozilla/dom/IntlUtils.h"

frg/work-js/mozilla-release/patches/series

@@ -4613,7 +4613,7 @@ NOBUG-20231031-formattingfixes-253.patch
 1462489-4only-62a1.patch
 1465807-62a1.patch
 1464477-62a1.patch
-1459900-62a1.patch
+1459900-1-62a1.patch
 1464036-2-62a1.patch
 1464789-62a1.patch
 1464134-2-62a1.patch
@@ -4736,6 +4736,9 @@ NOBUG-20231031-formattingfixes-253.patch
 1461948-1-62a1.patch
 1461948-2-62a1.patch
 1466931-62a1.patch
+1461948-3-62a1.patch
+1461948-4-62a1.patch
+1461948-5-62a1.patch
 1459754-62a1.patch
 1460154-1-62a1.patch
 1460154-2-62a1.patch
@@ -4823,7 +4826,10 @@ taken-out-stuff-comes-here.patch
 1466254-2no3-62a1.patch
 1467319-1only-62a1.patch
 1466401-62a1.patch
+1467274-62a1.patch
 1468860-62a1.patch
+1459900-2-62a1.patch
+1459900-3-62a1.patch
 1469067-62a1.patch
 948882-62a1.patch
 1467307-62a1.patch
@@ -4864,6 +4870,7 @@ taken-out-stuff-comes-here.patch
 1467438-5-62a1.patch
 1466626-2no1-62a1.patch
 1466626-3-62a1.patch
+1471272-63a1.patch
 1466211-1-63a1.patch
 1466211-2-63a1.patch
 1466211-3-63a1.patch
@@ -5258,6 +5265,7 @@ taken-out-stuff-comes-here.patch
 1483761-4-63a1.patch
 1485545-63a1.patch
 1485610-63a1.patch
+1473272-63a1.patch
 1466427-63a1.patch
 NOBUG-20180824-buildsetting-63a1.patch
 1446923-63a1.patch
@@ -5284,6 +5292,8 @@ NOBUG-20180824-buildsetting-63a1.patch
 1478269-3-63a1.patch
 1486654-63a1.patch
 1485759-63a1.patch
+1485347-1-63a1.patch
+1485347-2-63a1.patch
 1486729-63a1.patch
 1486957-63a1.patch
 1457092-5-63a1.patch
@@ -5308,6 +5318,8 @@ NOBUG-20180824-buildsetting-63a1.patch
 1435552-63a1.patch
 1487595-1-63a1.patch
 1487595-2-63a1.patch
+1487346-1-63a1.patch
+1487346-2-63a1.patch
 1480552-63a1.patch
 1483323-6-64a1.patch
 1484611-2ano1-64a1.patch
@@ -5315,7 +5327,13 @@ NOBUG-20180824-buildsetting-63a1.patch
 1417646-1-64a1.patch
 1487419-64a1.patch
 1488698-2-PARTIAL-biginttype-64a1.patch
-1489944-64a1.patch
+#435732.patch
+#1484948-64a1.patch
+#1489944-64a1.patch
+#1492074-64a1.patch
+#mozilla-central_438583.patch
+#mozilla-central_443893.patch
+#mozilla-central_443894.patch
 1493227-64a1.patch
 1467523-2-64a1.patch
 1482425-64a1.patch
@@ -5415,50 +5433,11 @@ NOBUG-20180824-buildsetting-63a1.patch
 1414287-2no3-64a1.patch
 1427808-3-64a1.patch
 1427808-4-64a1.patch
-#dynamic-imports-start
-#mozilla-esr68-push_483181.patch
-#mozilla-esr68-push_483182.patch
-#mozilla-esr68-push_483185.patch
-#1498980-64a1.patch
-#1484948-64a1.patch
-#1482153-64a1.patch
-#check-me
-#1499140-1-64a1.patch
-#1499140-2-64a1.patch
-#1499140-3-64a1.patch
-#1499140-4-64a1.patch
-#1499335-64a1.patch
-#1501154-65a1.patch
-#1501157-65a1.patch
-#1503009-1-65a1.patch
-#1503009-2-65a1.patch
-#mozilla-central_452396.patch
-#mozilla-central_452397.patch
-#mozilla-central_452398.patch
-#mozilla-central_452399.patch
-#mozilla-central_452400.patch
-#mozilla-central_452401.patch
-#mozilla-central_452402.patch
-#mozilla-central_452403.patch
-#mozilla-central_452404.patch
-#mozilla-central_452405.patch
-#mozilla-central_452406.patch
-#mozilla-central_452407.patch
-#mozilla-central_452408.patch
-#mozilla-central_452409.patch
-#mozilla-central_452410.patch
-#mozilla-central_452411.patch
-#L-1518075-1-66a1.patch
-#L-1518075-2-66a1.patch
-#L-1518075-3-66a1.patch
-#1519140-66a1.patch
-#1522491-67a1.patch
-#1524946-67a1.patch
-#1517546-67a1.patch
-#1291535-74a1.patch
-#fix-for1472211
-#1709328-90a1.patch
-#dynamic-imports-end
+1489477-1-64a1.patch
+1489477-2-64a1.patch
+1489477-3-64a1.patch
+1498980-64a1.patch
+1482153-64a1.patch
 1486554-1-64a1.patch
 1486554-3no2-64a1.patch
 1479298-64a1.patch
@@ -5549,6 +5528,11 @@ NOBUG-20180824-buildsetting-63a1.patch
 1492915-60.patch
 1478843-60.patch
 1500484-64a1.patch
+#1499140-1-64a1.patch
+#1499140-2-64a1.patch
+#1499140-3-64a1.patch
+#1499140-4-64a1.patch
+#1499335-64a1.patch
 1479853-60.patch
 1475566-60.patch
 1491848-60.patch
@@ -5615,6 +5599,15 @@ NOBUG-20180824-buildsetting-63a1.patch
 1488217-64a1.patch
 1489454-libmar-64a1.patch
 1458129-64a1.patch
+#1501154-65a1.patch
+#1501157-65a1.patch
+#1502481-1-65a1.patch
+#1502481-2-65a1.patch
+#1502481-3-65a1.patch
+#1502481-4-65a1.patch
+#1502481-5-65a1.patch
+#1503009-1-65a1.patch
+#1503009-2-65a1.patch
 1499844-65a1.patch
 1498072-65a1.patch
 1501712-65a1.patch
@@ -5786,10 +5779,40 @@ NOBUG-20180824-buildsetting-63a1.patch
 1513798-11-66a1.patch
 1513798-12-66a1.patch
 1513798-13-66a1.patch
+#1512509-66a1.patch
 1515581-66a1.patch
 1515577-66a1.patch
 1515808-66a1.patch
 1515629-66a1.patch
+#dynamic-imports-start
+#mozilla-central_452396.patch
+#mozilla-central_452397.patch
+#mozilla-central_452398.patch
+#mozilla-central_452399.patch
+#mozilla-central_452400.patch
+#mozilla-central_452401.patch
+#mozilla-central_452402.patch
+#mozilla-central_452403.patch
+#mozilla-central_452404.patch
+#mozilla-central_452405.patch
+#mozilla-central_452406.patch
+#mozilla-central_452407.patch
+#mozilla-central_452408.patch
+#mozilla-central_452409.patch
+#mozilla-central_452410.patch
+#mozilla-central_452411.patch
+#L-1518075-1-66a1.patch
+#L-1518075-2-66a1.patch
+#L-1518075-3-66a1.patch
+#1519140-66a1.patch
+#1522491-67a1.patch
+#1524565-67a1.patch
+#1524946-67a1.patch
+#1517546-67a1.patch
+#1291535-74a1.patch
+#fix-for1472211
+#1709328-90a1.patch
+#dynamic-imports-end
 1517222-66a1.patch
 1514625-66a1.patch
 1519740-66a1.patch
@@ -7729,11 +7752,12 @@ TOP-NOBUG-REGEXP-44-irregexp-25318.patch
 TOP-NOBUG-REGEXP-45-final-25318.patch
 TOP-NOBUG-REGEXP-46-fixes-25318.patch
 TOP-NOBUG-REGEXP-47-fixes-25319.patch
+dynamic-imports-ioptionsl-start
+ccccccc.fixit.patch
 
 
 
 
-dynamic-imports-ioptionsl-start
 1485615-1-63a1.patch
 1485615-2-63a1.patch
 L-1460489-6-63a1.patch
@@ -10556,20 +10580,13 @@ mozilla-central-push_422885.patch
 mozilla-central-push_422903.patch
 mozilla-central-push_422904.patch
 mozilla-central-push_422905.patch
-mozilla-central-push_422913.patch
 mozilla-central-push_422914.patch
 mozilla-central-push_422915.patch
-mozilla-central-push_422916.patch
-mozilla-central-push_422917.patch
 mozilla-central-push_422918.patch
 mozilla-central-push_422919.patch
 mozilla-central-push_422969.patch
 mozilla-central-push_422970.patch
 mozilla-central-push_422976.patch
-mozilla-central-push_423054.patch
-mozilla-central-push_423129.patch
-mozilla-central-push_423130.patch
-mozilla-central-push_423131.patch
 mozilla-central-push_423135.patch
 mozilla-central-push_423155.patch
 mozilla-central-push_423157.patch
@@ -10578,10 +10595,6 @@ mozilla-central-push_423159.patch
 mozilla-central-push_423160.patch
 mozilla-central-push_423175.patch
 mozilla-central-push_423178.patch
-mozilla-central-push_423179.patch
-mozilla-central-push_423198.patch
-mozilla-central-push_423199.patch
-mozilla-central-push_423200.patch
 mozilla-central-push_423218.patch
 mozilla-central-push_423250.patch
 mozilla-central-push_423251.patch
@@ -10592,20 +10605,14 @@ mozilla-central-push_423255.patch
 mozilla-central-push_423256.patch
 mozilla-central-push_423257.patch
 mozilla-central-push_423265.patch
-mozilla-central-push_423270.patch
 mozilla-central-push_423286.patch
 mozilla-central-push_423303.patch
-mozilla-central-push_423357.patch
 mozilla-central-push_423359.patch
 mozilla-central-push_423362.patch
 mozilla-central-push_423363.patch
 mozilla-central-push_423364.patch
 mozilla-central-push_423385.patch
 mozilla-central-push_423401.patch
-mozilla-central-push_423433.patch
-mozilla-central-push_423434.patch
-mozilla-central-push_423435.patch
-mozilla-central-push_423436.patch
 mozilla-central-push_423440.patch
 bbbbbbbbbbbbbbbbbbbbbbbbbb
 mozilla-central_424539.patch

frg/work-js/mozilla-release/patches/series-test

@@ -4613,7 +4613,7 @@ NOBUG-20231031-formattingfixes-253.patch
 1462489-4only-62a1.patch
 1465807-62a1.patch
 1464477-62a1.patch
-1459900-62a1.patch
+1459900-1-62a1.patch
 1464036-2-62a1.patch
 1464789-62a1.patch
 1464134-2-62a1.patch
@@ -4736,6 +4736,9 @@ NOBUG-20231031-formattingfixes-253.patch
 1461948-1-62a1.patch
 1461948-2-62a1.patch
 1466931-62a1.patch
+1461948-3-62a1.patch
+1461948-4-62a1.patch
+1461948-5-62a1.patch
 1459754-62a1.patch
 1460154-1-62a1.patch
 1460154-2-62a1.patch
@@ -4822,7 +4825,10 @@ NOBUG-20231031-formattingfixes-253.patch
 1466254-2no3-62a1.patch
 1467319-1only-62a1.patch
 1466401-62a1.patch
+1467274-62a1.patch
 1468860-62a1.patch
+1459900-2-62a1.patch
+1459900-3-62a1.patch
 1469067-62a1.patch
 948882-62a1.patch
 1467307-62a1.patch
@@ -4863,6 +4869,7 @@ NOBUG-20231031-formattingfixes-253.patch
 1467438-5-62a1.patch
 1466626-2no1-62a1.patch
 1466626-3-62a1.patch
+1471272-63a1.patch
 1466211-1-63a1.patch
 1466211-2-63a1.patch
 1466211-3-63a1.patch
@@ -5257,6 +5264,7 @@ NOBUG-20231031-formattingfixes-253.patch
 1483761-4-63a1.patch
 1485545-63a1.patch
 1485610-63a1.patch
+1473272-63a1.patch
 1466427-63a1.patch
 NOBUG-20180824-buildsetting-63a1.patch
 1446923-63a1.patch
@@ -5283,6 +5291,8 @@ NOBUG-20180824-buildsetting-63a1.patch
 1478269-3-63a1.patch
 1486654-63a1.patch
 1485759-63a1.patch
+1485347-1-63a1.patch
+1485347-2-63a1.patch
 1486729-63a1.patch
 1486957-63a1.patch
 1457092-5-63a1.patch
@@ -5307,6 +5317,8 @@ NOBUG-20180824-buildsetting-63a1.patch
 1435552-63a1.patch
 1487595-1-63a1.patch
 1487595-2-63a1.patch
+1487346-1-63a1.patch
+1487346-2-63a1.patch
 1480552-63a1.patch
 1483323-6-64a1.patch
 1484611-2ano1-64a1.patch
@@ -5414,6 +5426,11 @@ NOBUG-20180824-buildsetting-63a1.patch
 1414287-2no3-64a1.patch
 1427808-3-64a1.patch
 1427808-4-64a1.patch
+1489477-1-64a1.patch
+1489477-2-64a1.patch
+1489477-3-64a1.patch
+1498980-64a1.patch
+1482153-64a1.patch
 1486554-1-64a1.patch
 1486554-3no2-64a1.patch
 1479298-64a1.patch

frg/work-js/mozilla-release/patches/series-test.bak

@@ -0,0 +1,7686 @@
+1773966-1-NSS380-103a1.patch
+1773966-2-NSS380-103a1.patch
+1779398-1-NSS381-104a1.patch
+1779398-2-NSS381-104a1.patch
+1779398-3-NSS381-104a1.patch
+1785784-NSS382-105a1.patch
+1787505-NSS383-106a1.patch
+1788009-1-NSPR435-106a1.patch
+1788009-2-NSPR435-106a1.patch
+1787505-2-NSS383-106a1.patch
+1787505-3-NSS383-106a1.patch
+1792135-1-NSS384-107a1.patch
+1792135-2-NSS384-107a1.patch
+1795087-1-NSS385-108a1.patch
+1795087-2-NSS385-108a1.patch
+1795087-3-NSS385-108a1.patch
+1795087-4-NSS385-108a1.patch
+1802996-1-NSS386-109a1.patch
+1802996-2-NSS386-109a1.patch
+1805486-1-NSS387-110a1.patch
+1805486-2-NSS387-110a1.patch
+1808725-1-NSS388-111a1.patch
+1808725-2-NSS388-111a1.patch
+1815978-NSS3881-111a1.patch
+1815435-1-NSS389-112a1.patch
+1815435-2-NSS389-112a1.patch
+1831621-NSS3891-114a1.patch
+1821434-1-NSS390-114a1.patch
+1821434-2-NSS390-114a1.patch
+NOBUG-20170803-promisehelper-57a1.patch
+1386275-57a1.patch
+1373563-1-57a1.patch
+1380617-01-57a1.patch
+1380617-02-57a1.patch
+1380617-03-57a1.patch
+1380617-04-57a1.patch
+1380617-05-57a1.patch
+1380617-06-57a1.patch
+1380617-07-57a1.patch
+1380617-08no09-57a1.patch
+1388954-57a1.patch
+1372927-57a1.patch
+1380617-10-57a1.patch
+1380512-57a1.patch
+1390675-57a1.patch
+1387088-57a1.patch
+1372592-57a1.patch
+1393900-57a1.patch
+1394235-57a1.patch
+1391704-57a1.patch
+1388331-57a1.patch
+1395990-1no2-57a1.patch
+1395990-3-57a1.patch
+1396888-57a1.patch
+1394554-1-57a1.patch
+1394554-2-57a1.patch
+1394554-3-57a1.patch
+1396798-1-57a1.patch
+1396798-2-57a1.patch
+1398691-57a1.patch
+1399699-57a1.patch
+1398692-1-57a1.patch
+1398692-2-57a1.patch
+1401242-57a1.patch
+1394804-1-57a1.patch
+1394804-2-57a1.patch
+1394804-3-57a1.patch
+1391421-2no1-58a1.patch
+1391421-4no3or5to9-58a1.patch
+1400846-58a1.patch
+1401187-1-58a1.patch
+1401187-2-58a1.patch
+1401146-58a1.patch
+1250832-58a1.patch
+1394559-58a1.patch
+1304328-58a1.patch
+1403175-1-58a1.patch
+1403175-2-58a1.patch
+1403489-58a1.patch
+1398576-58a1.patch
+1403494-58a1.patch
+1403486-58a1.patch
+1403831-58a1.patch
+1401343-58a1.patch
+1402394-58a1.patch
+1402237-58a1.patch
+1392533-58a1.patch
+1305777-1-58a1.patch
+1305777-2-58a1.patch
+1305777-3-58a1.patch
+1305777-4-58a1.patch
+1305777-5-58a1.patch
+1305777-6-58a1.patch
+1305777-7-58a1.patch
+1402262-58a1.patch
+1404578-58a1.patch
+1331163-1-58a1.patch
+1331163-2-58a1.patch
+1331163-3-58a1.patch
+1398524-58a1.patch
+1385398-58a1.patch
+1399948-2-58a1.patch
+1403065-58a1.patch
+1402397-58a1.patch
+1403244-58a1.patch
+1383037-58a1.patch
+1398722-58a1.patch
+1403389-58a1.patch
+1405063-58a1.patch
+1402848-58a1.patch
+1399589-1-58a1.patch
+1399589-2-58a1.patch
+1399589-3-58a1.patch
+1399589-4-58a1.patch
+1402387-58a1.patch
+1348960-58a1.patch
+1404197-58a1.patch
+1403641-1-58a1.patch
+1403641-2-58a1.patch
+1405339-58a1.patch
+1405246-58a1.patch
+1385995-58a1.patch
+1406085-58a1.patch
+1401560-58a1.patch
+1405958-58a1.patch
+1250255-58a1.patch
+1404227-58a1.patch
+1399886-1-58a1.patch
+1399886-2-58a1.patch
+1399886-3-58a1.patch
+1399886-4-58a1.patch
+1396286-58a1.patch
+1406042-58a1.patch
+1406182-58a1.patch
+1406660-58a1.patch
+1405983-1-58a1.patch
+1405983-2-58a1.patch
+1168092-58a1.patch
+1402389-58a1.patch
+1402391-58a1.patch
+1407230-58a1.patch
+1400023-58a1.patch
+1404130-58a1.patch
+1406551-58a1.patch
+1383870-58a1.patch
+1406312-58a1.patch
+1407026-58a1.patch
+1404843-58a1.patch
+1395759-1-58a1.patch
+1395759-2-58a1.patch
+1342549-58a1.patch
+1406564-58a1.patch
+1406778-58a1.patch
+1403910-58a1.patch
+1405070-1-58a1.patch
+1405070-2-58a1.patch
+1355747-58a1.patch
+1407840-58a1.patch
+1399314-1-58a1.patch
+1399314-2-58a1.patch
+1407548-58a1.patch
+1403680-58a1.patch
+1407552-58a1.patch
+1408777-3-58a1.patch
+1404882-58a1.patch
+1408958-58a1.patch
+1281875-58a1.patch
+1005755-1-58a1.patch
+1005755-2-58a1.patch
+1005755-3-58a1.patch
+1005755-4-58a1.patch
+1005755-5-58a1.patch
+1408321-58a1.patch
+1408845-58a1.patch
+1406100-58a1.patch
+1407426-1-58a1.patch
+1407426-2-58a1.patch
+1179820-1-58a1.patch
+1179820-2-58a1.patch
+1179820-3-58a1.patch
+1179820-4-58a1.patch
+1179820-5-58a1.patch
+1407900-1-58a1.patch
+1407900-2-58a1.patch
+1407900-3-58a1.patch
+1407900-4-58a1.patch
+1407830-1-58a1.patch
+1407830-2-58a1.patch
+1407830-3-58a1.patch
+1387827-58a1.patch
+1408870-58a1.patch
+1407550-58a1.patch
+833747-58a1.patch
+1408451-58a1.patch
+1408872-58a1.patch
+1406311-1-58a1.patch
+1406311-2-58a1.patch
+1406311-3-58a1.patch
+1406311-4-58a1.patch
+1406311-5-58a1.patch
+1408085-58a1.patch
+1405456-58a1.patch
+1399493-58a1.patch
+1409684-58a1.patch
+1339800-58a1.patch
+1402390-58a1.patch
+1408143-58a1.patch
+1408468-1-58a1.patch
+1408468-2-58a1.patch
+1401207-1-58a1.patch
+1401207-2-58a1.patch
+1230373-3a-58a1.patch
+1406061-58a1.patch
+1408562-58a1.patch
+1409968-1-58a1.patch
+1409968-2-58a1.patch
+1404829-58a1.patch
+1408915-58a1.patch
+1403927-1-58a1.patch
+1403927-2-58a1.patch
+1409436-58a1.patch
+1409606-58a1.patch
+1408916-58a1.patch
+1406375-1-58a1.patch
+1406375-2-58a1.patch
+1406375-3-58a1.patch
+1384463-58a1.patch
+1405652-58a1.patch
+1410071-58a1.patch
+1171482-1-58a1.patch
+1171482-2-58a1.patch
+1171482-3-58a1.patch
+1171482-4-58a1.patch
+1411231-58a1.patch
+1251836-58a1.patch
+1410119-58a1.patch
+1411202-58a1.patch
+1411199-58a1.patch
+1409970-1-58a1.patch
+1409970-2-58a1.patch
+1409064-58a1.patch
+1411531-58a1.patch
+1408917-58a1.patch
+1411502-58a1.patch
+1408918-58a1.patch
+1403458-58a1.patch
+1409967-58a1.patch
+1408921-58a1.patch
+1411863-58a1.patch
+1410782-58a1.patch
+1388335-58a1.patch
+1377677-58a1.patch
+1405585-1-PARTIAL-58a1.patch
+1411160-58a1.patch
+1411161-58a1.patch
+1411368-2-58a1.patch
+1411368-4-58a1.patch
+1399465-58a1.patch
+1400115-1-58a1.patch
+1400115-2-58a1.patch
+1400115-3-58a1.patch
+1404801-1-58a1.patch
+1404801-2-58a1.patch
+1404801-3-58a1.patch
+1404801-4-58a1.patch
+1404801-5-58a1.patch
+1404801-6-58a1.patch
+1406610-1-58a1.patch
+1406610-2-58a1.patch
+1412538-58a1.patch
+1411090-1-58a1.patch
+1411090-2-58a1.patch
+1408923-58a1.patch
+1408922-58a1.patch
+1391688-1-58a1.patch
+1391688-2-58a1.patch
+1391688-3-58a1.patch
+1412049-58a1.patch
+1408924-58a1.patch
+1408737-58a1.patch
+1412074-58a1.patch
+1411727-58a1.patch
+1411855-58a1.patch
+1411887-PARTIAL-58a1.patch
+1412269-58a1.patch
+1413478-58a1.patch
+1360457-58a1.patch
+1412311-58a1.patch
+1411920-58a1.patch
+1412023-58a1.patch
+1412555-58a1.patch
+1413941-58a1.patch
+1413829-58a1.patch
+1373258-58a1.patch
+1407561-58a1.patch
+1404850-58a1.patch
+1408964-58a1.patch
+1282721-1-58a1.patch
+1282721-2-58a1.patch
+1412273-58a1.patch
+1412359-1-58a1.patch
+1412359-2-58a1.patch
+1413605-58a1.patch
+1403814-1-58a1.patch
+1403814-2-58a1.patch
+1403814-3-58a1.patch
+1403870-1-58a1.patch
+1403870-2-58a1.patch
+1412278-58a1.patch
+1410416-1-58a1.patch
+1410416-2-58a1.patch
+1413938-58a1.patch
+1409413-1-58a1.patch
+1409413-2-58a1.patch
+1409413-3-58a1.patch
+1414053-58a1.patch
+1413765-1-58a1.patch
+1413765-2-58a1.patch
+1415137-58a1.patch
+1413540-58a1.patch
+1400963-58a1.patch
+1408919-58a1.patch
+1408920-58a1.patch
+1406069-58a1.patch
+1403449-58a1.patch
+1401958-58a1.patch
+1408928-58a1.patch
+1414609-58a1.patch
+1408790-58a1.patch
+1412029-1only-58a1.patch
+1408198-58a1.patch
+1407891-1-58a1.patch
+1407891-2-58a1.patch
+1414981-58a1.patch
+1394841-1-58a1.patch
+1394841-2-58a1.patch
+1394841-3-58a1.patch
+1415502-58a1.patch
+1415728-58a1.patch
+1366531-58a1.patch
+1408337-58a1.patch
+1415919-58a1.patch
+1412608-58a1.patch
+1415300-58a1.patch
+1411402-58a1.patch
+1416358-58a1.patch
+1353319-1-59a1.patch
+1353319-2-59a1.patch
+1353319-3-59a1.patch
+1404176-59a1.patch
+1413860-59a1.patch
+1399125-59a1.patch
+1407178-59a1.patch
+1403452-59a1.patch
+1408926-59a1.patch
+1403899-59a1.patch
+1414159-59a1.patch
+1409651-59a1.patch
+1416704-59a1.patch
+1363957-59a1.patch
+1414275-1-59a1.patch
+1414275-2-59a1.patch
+1414275-3-59a1.patch
+1414362-59a1.patch
+1414124-59a1.patch
+1403977-1-59a1.patch
+1403977-2-59a1.patch
+1371293-3-59a1.patch
+1371293-4-59a1.patch
+1371293-5-59a1.patch
+1371293-7-59a1.patch
+1406287-1-59a1.patch
+1406287-2-59a1.patch
+1406287-3-59a1.patch
+1406287-4-59a1.patch
+1416193-59a1.patch
+1415554-59a1.patch
+1415612-59a1.patch
+1404917-1-59a1.patch
+1404917-2-59a1.patch
+1404917-3-59a1.patch
+1416194-59a1.patch
+1411645-59a1.patch
+1414447-59a1.patch
+1416960-59a1.patch
+1387511-1-59a1.patch
+1387511-2-59a1.patch
+1415167-59a1.patch
+1417368-59a1.patch
+1415650-59a1.patch
+1406030-59a1.patch
+1383711-59a1.patch
+1408339-2only-PARTIAL-59a1.patch
+1417512-59a1.patch
+1417462-59a1.patch
+1416105-59a1.patch
+1417501-59a1.patch
+1353716-59a1.patch
+1417035-59a1.patch
+1410351-59a1.patch
+1417483-59a1.patch
+1408927-59a1.patch
+1404400-59a1.patch
+1398229-3-59a1.patch
+1398229-2-59a1.patch
+1398229-1-59a1.patch
+1408970-59a1.patch
+1417444-59a1.patch
+1418250-59a1.patch
+1418320-59a1.patch
+1319597-59a1.patch
+1333254-59a1.patch
+1371936-59a1.patch
+1408929-59a1.patch
+1398229-4-59a1.patch
+1405008-59a1.patch
+1419059-59a1.patch
+1408930-59a1.patch
+1378524-59a1.patch
+1415205-1-59a1.patch
+1415205-2-59a1.patch
+1408182-59a1.patch
+1411889-59a1.patch
+1372115-59a1.patch
+1399242-1-59a1.patch
+1399242-2-59a1.patch
+1399242-3-59a1.patch
+1405288-1-59a1.patch
+1405288-2-59a1.patch
+1405288-3-59a1.patch
+1405288-4-59a1.patch
+1418808-59a1.patch
+1403871-1-59a1.patch
+1403871-2-59a1.patch
+1403871-3-59a1.patch
+1418274-59a1.patch
+1419447-59a1.patch
+1408401-59a1.patch
+1419665-59a1.patch
+1381648-59a1.patch
+1419416-59a1.patch
+1419075-59a1.patch
+1408944-59a1.patch
+1419382-1-59a1.patch
+1419382-2-59a1.patch
+1419382-3-59a1.patch
+1419382-4-59a1.patch
+1414318-59a1.patch
+1402633-59a1.patch
+1404929-59a1.patch
+1419792-59a1.patch
+1418477-1-59a1.patch
+1418477-2-59a1.patch
+1416201-1-59a1.patch
+1416201-2-59a1.patch
+1416201-3-59a1.patch
+1420037-1-59a1.patch
+1420037-2-59a1.patch
+1416711-1-59a1.patch
+1416711-2-59a1.patch
+1416711-3-59a1.patch
+1416711-4-59a1.patch
+1416711-5-59a1.patch
+1416711-6-59a1.patch
+1419410-59a1.patch
+1419787-59a1.patch
+1419487-59a1.patch
+1415532-1-59a1.patch
+1415532-2-59a1.patch
+1419734-59a1.patch
+1408931-59a1.patch
+1419426-59a1.patch
+1408947-59a1.patch
+1420179-59a1.patch
+1420273-59a1.patch
+1420272-59a1.patch
+1294873-59a1.patch
+1419407-59a1.patch
+1405350-59a1.patch
+1416928-1-59a1.patch
+1416928-2-59a1.patch
+1408938-59a1.patch
+1420711-59a1.patch
+1416394-59a1.patch
+1420451-59a1.patch
+1419471-59a1.patch
+1421242-59a1.patch
+1417805-59a1.patch
+1419533-59a1.patch
+1408946-59a1.patch
+1408945-59a1.patch
+1408943-59a1.patch
+1408948-59a1.patch
+1420395-59a1.patch
+1421066-59a1.patch
+1420604-59a1.patch
+1418066-59a1.patch
+1419076-59a1.patch
+1419087-59a1.patch
+1417439-59a1.patch
+1419828-59a1.patch
+1408941-59a1.patch
+1404851-59a1.patch
+1408942-59a1.patch
+1420419-1-59a1.patch
+1420419-2-59a1.patch
+1404928-59a1.patch
+1401548-59a1.patch
+1408124-59a1.patch
+1411565-59a1.patch
+1420233-59a1.patch
+1420303-59a1.patch
+1401942-1-59a1.patch
+1401942-2-59a1.patch
+1333140-2no1-59a1.patch
+1421582-59a1.patch
+1403536-59a1.patch
+1418928-59a1.patch
+1419367-59a1.patch
+1419368-59a1.patch
+1419405-59a1.patch
+1417039-59a1.patch
+1422258-59a1.patch
+1422265-59a1.patch
+1422282-59a1.patch
+1419801-59a1.patch
+1408936-59a1.patch
+1408937-59a1.patch
+1408935-59a1.patch
+1408940-59a1.patch
+1408939-59a1.patch
+1408934-59a1.patch
+1419301-59a1.patch
+1422314-59a1.patch
+1420594-1-59a1.patch
+1420594-2-59a1.patch
+1420594-3-59a1.patch
+1419592-59a1.patch
+1419369-59a1.patch
+1220758-59a1.patch
+1408949-1-59a1.patch
+1408949-2-59a1.patch
+1408949-3-59a1.patch
+1420954-1-59a1.patch
+1420954-2-59a1.patch
+1422341-59a1.patch
+1401944-59a1.patch
+1422218-1-59a1.patch
+1422218-2-59a1.patch
+1422218-3-59a1.patch
+1422218-4-59a1.patch
+1102464-1-59a1.patch
+1102464-2-59a1.patch
+1419925-59a1.patch
+1423502-59a1.patch
+1422841-1-59a1.patch
+1422841-2-59a1.patch
+1369945-59a1.patch
+1422470-59a1.patch
+1420499-59a1.patch
+1423961-59a1.patch
+1419336-1-59a1.patch
+1419336-2-59a1.patch
+1408933-59a1.patch
+1241131-1-59a1.patch
+1241131-2-59a1.patch
+1424025-59a1.patch
+1386613-1-59a1.patch
+1386613-2-59a1.patch
+1386613-3-59a1.patch
+1421663-59a1.patch
+1424362-59a1.patch
+1419401-59a1.patch
+1424658-59a1.patch
+1411622-59a1.patch
+1424916-59a1.patch
+1272969-59a1.patch
+1424669-59a1.patch
+1419479-59a1.patch
+1419078-59a1.patch
+1424275-59a1.patch
+1425270-59a1.patch
+1422815-59a1.patch
+1419083-59a1.patch
+1423158-59a1.patch
+1424949-1-59a1.patch
+1424949-2-59a1.patch
+1418927-1-59a1.patch
+1418927-2-59a1.patch
+1424162-59a1.patch
+1415472-59a1.patch
+1425318-1-59a1.patch
+1425318-2-59a1.patch
+1425318-3-59a1.patch
+1415574-59a1.patch
+1424721-59a1.patch
+1420622-59a1.patch
+1419086-59a1.patch
+1421491-59a1.patch
+1426251-59a1.patch
+1425876-59a1.patch
+1426018-59a1.patch
+1419366-59a1.patch
+1421992-4c-59a1.patch
+1426108-59a1.patch
+1420289-59a1.patch
+1425897-59a1.patch
+1365574-59a1.patch
+1402485-59a1.patch
+1425653-59a1.patch
+1425839-59a1.patch
+1426462-59a1.patch
+1227746-59a1.patch
+1424690-59a1.patch
+1427051-59a1.patch
+1426996-59a1.patch
+1427595-59a1.patch
+1425280-59a1.patch
+1405252-59a1.patch
+1408932-59a1.patch
+1425733-59a1.patch
+1426094-59a1.patch
+1426809-59a1.patch
+1419088-59a1.patch
+1421335-1-59a1.patch
+1421335-2-59a1.patch
+1426688-1-59a1.patch
+1426688-2-59a1.patch
+1428006-59a1.patch
+1404368-59a1.patch
+1408950-59a1.patch
+1426194-1-59a1.patch
+1426194-2-59a1.patch
+1426057-59a1.patch
+1406038-59a1.patch
+1427184-59a1.patch
+1424722-59a1.patch
+1426908-59a1.patch
+1151156-59a1.patch
+1426920-59a1.patch
+1428231-59a1.patch
+1428043-59a1.patch
+1427392-59a1.patch
+1427187-59a1.patch
+1398981-59a1.patch
+1427908-59a1.patch
+1396434-59a1.patch
+1404853-59a1.patch
+1306892-1-59a1.patch
+1428394-1-59a1.patch
+1428394-2-59a1.patch
+1405254-59a1.patch
+1405333-59a1.patch
+1408893-59a1.patch
+1428521-59a1.patch
+1393464-59a1.patch
+1428455-59a1.patch
+1426501-1-59a1.patch
+1426501-2-59a1.patch
+1426501-3-59a1.patch
+1426501-4-59a1.patch
+1306892-2-59a1.patch
+1427077-59a1.patch
+1424156-1-59a1.patch
+1424156-2-59a1.patch
+1424156-3-59a1.patch
+1424156-4-59a1.patch
+1428717-59a1.patch
+1414554-59a1.patch
+1426634-59a1.patch
+1404392-59a1.patch
+1428014-59a1.patch
+1428191-59a1.patch
+1407085-59a1.patch
+1381463-59a1.patch
+1401953-59a1.patch
+1398904-59a1.patch
+994559-59a1.patch
+1349483-1-59a1.patch
+1349483-2-59a1.patch
+1397366-59a1.patch
+1427677-1-59a1.patch
+1427677-2-59a1.patch
+1428925-59a1.patch
+1428777-59a1.patch
+1429254-59a1.patch
+1403907-59a1.patch
+1419370-59a1.patch
+1429238-59a1.patch
+1428429-59a1.patch
+1404849-59a1.patch
+1405636-59a1.patch
+1429599-59a1.patch
+1419326-59a1.patch
+1420934-59a1.patch
+1429721-59a1.patch
+1399897-1-59a1.patch
+1399897-2-59a1.patch
+1406841-59a1.patch
+1429271-59a1.patch
+1391277-59a1.patch
+1428722-1-59a1.patch
+1428722-2-59a1.patch
+1428722-3-59a1.patch
+1429982-59a1.patch
+1429656-59a1.patch
+1430001-59a1.patch
+1420811-59a1.patch
+1430237-59a1.patch
+1405340-59a1.patch
+1405341-59a1.patch
+1430547-59a1.patch
+1429365-59a1.patch
+1430329-59a1.patch
+1430758-59a1.patch
+1425964-1-59a1.patch
+1425964-2-59a1.patch
+1425273-1-59a1.patch
+1430770-59a1.patch
+1429121-1-59a1.patch
+1429121-2-59a1.patch
+1425273-2-59a1.patch
+1303171-59a1.patch
+1406039-59a1.patch
+1427006-59a1.patch
+1428685-59a1.patch
+1429908-59a1.patch
+1430799-59a1.patch
+1427718-59a1.patch
+1421213-1-59a1.patch
+1421213-2-59a1.patch
+1396666-59a1.patch
+1405637-59a1.patch
+1430745-59a1.patch
+1430703-59a1.patch
+1422061-59a1.patch
+1404378-59a1.patch
+1431282-59a1.patch
+1431334-59a1.patch
+1417446-59a1.patch
+1430773-59a1.patch
+1404371-59a1.patch
+1430855-59a1.patch
+1430299-59a1.patch
+1406285-01-59a1.patch
+1406285-02-59a1.patch
+1406285-03-59a1.patch
+1406285-04-59a1.patch
+1406285-05-59a1.patch
+1406285-06-59a1.patch
+1406285-07-59a1.patch
+1406285-08-59a1.patch
+1406285-09-59a1.patch
+1406285-10-59a1.patch
+1406285-11-59a1.patch
+1406285-12-59a1.patch
+1406285-13-59a1.patch
+1406285-14-59a1.patch
+1406285-15-59a1.patch
+1406285-16-59a1.patch
+1406285-17-59a1.patch
+1406285-18-59a1.patch
+1431204-1-59a1.patch
+1431204-2-59a1.patch
+1430776-59a1.patch
+1431327-59a1.patch
+1416104-00-59a1.patch
+1416104-01-59a1.patch
+1416104-02-59a1.patch
+1416104-03-59a1.patch
+1416104-04-59a1.patch
+1416104-05-59a1.patch
+1416104-06-59a1.patch
+1416104-07-59a1.patch
+1416104-08-59a1.patch
+1416104-09-59a1.patch
+1416104-10-59a1.patch
+1404384-59a1.patch
+1431236-59a1.patch
+1430925-59a1.patch
+1431740-59a1.patch
+1421389-59a1.patch
+1423007-1-59a1.patch
+1423007-2-59a1.patch
+1430408-1-59a1.patch
+1430408-2-59a1.patch
+1430383-59a1.patch
+1430871-60a1.patch
+servo-19830-60a1.patch
+1432134-60a1.patch
+1401062-1-60a1.patch
+1401062-2-60a1.patch
+1401062-3-60a1.patch
+1409672-60a1.patch
+1432061-60a1.patch
+1430654-1-60a1.patch
+1430654-2-60a1.patch
+1430654-3-60a1.patch
+1431760-60a1.patch
+1311177-60a1.patch
+1431395-60a1.patch
+1431457-60a1.patch
+1432112-60a1.patch
+1422820-1-60a1.patch
+816876-60a1.patch
+1432202-60a1.patch
+1431898-60a1.patch
+1431672-60a1.patch
+1418361-60a1.patch
+1430143-60a1.patch
+1426386-1-60a1.patch
+1426386-2-60a1.patch
+1426386-3-60a1.patch
+1428952-1-60a1.patch
+1428952-2-60a1.patch
+1428952-3-60a1.patch
+1428952-4-60a1.patch
+1432104-60a1.patch
+1415507-60a1.patch
+1432009-60a1.patch
+servo-19829-60a1.patch
+servo-19841-60a1.patch
+1430494-60a1.patch
+1431758-60a1.patch
+1421208-60a1.patch
+1335316-60a1.patch
+1064821-60a1.patch
+1414125-60a1.patch
+1431304-60a1.patch
+1429603-01-60a1.patch
+1429603-02-60a1.patch
+1429603-03-60a1.patch
+1429603-04-60a1.patch
+1429603-05-60a1.patch
+1429603-06-60a1.patch
+1429603-08-60a1.patch
+1429603-10-60a1.patch
+1424146-2-60a1.patch
+1424146-3-60a1.patch
+1424146-4-60a1.patch
+1424146-5-60a1.patch
+1424146-6-60a1.patch
+1414825-1-60a1.patch
+1393270-1-60a1.patch
+1393270-2-60a1.patch
+1393270-3-60a1.patch
+1393270-4-60a1.patch
+1393270-5-60a1.patch
+1430738-60a1.patch
+1431781-1-60a1.patch
+1431781-2-60a1.patch
+1431232-60a1.patch
+1431127-60a1.patch
+servo-19845-60a1.patch
+1431539-60a1.patch
+1430021-1-60a1.patch
+1430021-2-60a1.patch
+1430319-60a1.patch
+1430982-01-60a1.patch
+1430982-02-60a1.patch
+1430982-03-60a1.patch
+1430982-04-60a1.patch
+1430982-05-60a1.patch
+1430982-06-60a1.patch
+1430982-07-60a1.patch
+1430982-08-60a1.patch
+1430982-09-60a1.patch
+1430982-10-60a1.patch
+1430785-60a1.patch
+1431052-60a1.patch
+1411581-60a1.patch
+1431132-60a1.patch
+1431669-1-60a1.patch
+1431669-2-60a1.patch
+1431669-3-60a1.patch
+1431669-4-60a1.patch
+1431474-1-60a1.patch
+1431474-2-60a1.patch
+1345077-1only-60a1.patch
+servo-19842-60a1.patch
+servo-19838-60a1.patch
+servo-19850-60a1.patch
+1432463-60a1.patch
+1432635-60a1.patch
+1418969-60a1.patch
+1404883-60a1.patch
+1404884-60a1.patch
+1432637-60a1.patch
+1404482-60a1.patch
+1432733-60a1.patch
+1431776-1-60a1.patch
+1431776-2-60a1.patch
+1431776-3-60a1.patch
+1432212-1-60a1.patch
+1432212-2-60a1.patch
+1432212-3-60a1.patch
+1431842-60a1.patch
+1432811-60a1.patch
+1428774-60a1.patch
+1432414-60a1.patch
+1432187-1-60a1.patch
+1432187-2-60a1.patch
+1432187-3-60a1.patch
+1431912-1-60a1.patch
+1431912-2-60a1.patch
+1386523-60a1.patch
+1428863-12-60a1.patch
+1429390-60a1.patch
+1431122-1-60a1.patch
+1431122-2-60a1.patch
+1393907-60a1.patch
+1419528-60a1.patch
+1422288-1-60a1.patch
+1422288-2-60a1.patch
+1432316-60a1.patch
+1432472-60a1.patch
+1432378-60a1.patch
+1432314-60a1.patch
+1432318-60a1.patch
+1432346-60a1.patch
+1431874-60a1.patch
+1126437-1-60a1.patch
+1126437-2-60a1.patch
+1386019-1-60a1.patch
+1386019-2-60a1.patch
+1386019-3-60a1.patch
+1432393-60a1.patch
+1432479-60a1.patch
+1425547-60a1.patch
+1429763-60a1.patch
+1429373-1-60a1.patch
+1429373-2-60a1.patch
+1429373-3-60a1.patch
+1432954-60a1.patch
+1432528-1-60a1.patch
+1432528-2-60a1.patch
+1432528-3-60a1.patch
+1432528-4-60a1.patch
+1432715-60a1.patch
+1422234-1only-60a1.patch
+1432813-60a1.patch
+1432851-60a1.patch
+1425577-60a1.patch
+1429819-60a1.patch
+1412320-60a1.patch
+1430446-60a1.patch
+1432516-1-60a1.patch
+1432516-2-60a1.patch
+1432516-3-60a1.patch
+1431866-60a1.patch
+1432553-60a1.patch
+1431864-60a1.patch
+1431025-60a1.patch
+1431049-60a1.patch
+1370881-60a1.patch
+1272774-1-60a1.patch
+1272774-2-60a1.patch
+1272774-3-60a1.patch
+1272774-4-60a1.patch
+1272774-5-60a1.patch
+1432834-60a1.patch
+1421225-60a1.patch
+1404888-60a1.patch
+1432520-60a1.patch
+1431402-1-60a1.patch
+1431402-2-60a1.patch
+1430161-60a1.patch
+1412238-1-60a1.patch
+1433056-60a1.patch
+1433123-60a1.patch
+1433065-60a1.patch
+1431096-60a1.patch
+1431173-60a1.patch
+1432956-1-60a1.patch
+1398149-60a1.patch
+1255378-1-60a1.patch
+1255378-2-60a1.patch
+1432541-1-60a1.patch
+1432541-2-60a1.patch
+1408792-60a1.patch
+servo-19854-60a1.patch
+servo-19868-60a1.patch
+1429759-60a1.patch
+1428530-60a1.patch
+1430628-60a1.patch
+1428234-1-60a1.patch
+1428234-2-60a1.patch
+1426831-60a1.patch
+1417358-60a1.patch
+1425691-60a1.patch
+1432842-1-60a1.patch
+1432842-2-60a1.patch
+1422635-60a1.patch
+1430442-1-60a1.patch
+1430442-2-60a1.patch
+1433404-60a1.patch
+1431024-60a1.patch
+1432865-60a1.patch
+1420112-60a1.patch
+1433100-60a1.patch
+1428698-60a1.patch
+1431217-60a1.patch
+1432923-60a1.patch
+1432789-1-60a1.patch
+1432789-2-60a1.patch
+1432850-60a1.patch
+servo-19877-60a1.patch
+1419508-60a1.patch
+1433101-1-60a1.patch
+1433101-2-60a1.patch
+1431855-60a1.patch
+1433492-1-60a1.patch
+1433492-2-60a1.patch
+1433098-60a1.patch
+1323743-1-60a1.patch
+1323743-3-60a1.patch
+1323743-4-60a1.patch
+1323743-5-1-60a1.patch
+1323743-5-2-60a1.patch
+1323743-6-60a1.patch
+1433139-1-60a1.patch
+1433139-2-60a1.patch
+1419764-1-60a1.patch
+1433551-60a1.patch
+1433576-60a1.patch
+1412066-60a1.patch
+685236-5-60a1.patch
+685236-7-60a1.patch
+1419764-2-60a1.patch
+1382251-01-60a1.patch
+1382251-02no03to06-60a1.patch
+1382251-07no08or09-PARTIAL-60a1.patch
+1382251-10no11-60a1.patch
+1423878-60a1.patch
+1428170-60a1.patch
+1433591-1only-60a1.patch
+1415563-60a1.patch
+1429411-60a1.patch
+servo-19881-60a1.patch
+1415780-01-60a1.patch
+1415780-02-60a1.patch
+1415780-03-60a1.patch
+1415780-04-60a1.patch
+1415780-05-60a1.patch
+1415780-06-60a1.patch
+1415780-07-60a1.patch
+1415780-08-60a1.patch
+1415780-09-60a1.patch
+1415780-10-60a1.patch
+1415780-11-60a1.patch
+1415780-12-60a1.patch
+1415780-13-60a1.patch
+1424880-60a1.patch
+1421395-60a1.patch
+1433810-60a1.patch
+1428453-06-60a1.patch
+1433345-1-60a1.patch
+1433345-2-60a1.patch
+1433345-3-60a1.patch
+1433345-4-60a1.patch
+1397740-60a1.patch
+1432771-60a1.patch
+1430979-60a1.patch
+1404477-1-60a1.patch
+1404477-2-60a1.patch
+1432552-1-60a1.patch
+1432552-2-60a1.patch
+1432552-3-60a1.patch
+1432552-4-60a1.patch
+1433402-60a1.patch
+1426519-1only-PARTIAL-60a1.patch
+1420910-1-60a1.patch
+1420910-2-60a1.patch
+1424978-60a1.patch
+1433837-1-60a1.patch
+1433837-2-60a1.patch
+1433837-3-60a1.patch
+1433837-4-60a1.patch
+1433597-60a1.patch
+1433497-60a1.patch
+1430817-1-60a1.patch
+1430817-2-60a1.patch
+1430817-3-60a1.patch
+1411977-1-60a1.patch
+1411977-2-60a1.patch
+1411977-3-60a1.patch
+1411977-4-60a1.patch
+1411977-5-60a1.patch
+1411977-6-60a1.patch
+1297480-60a1.patch
+servo-19851-60a1.patch
+servo-19878-60a1.patch
+1433501-1-60a1.patch
+1433501-2-60a1.patch
+1433846-1-60a1.patch
+1433846-2-60a1.patch
+1433846-3-60a1.patch
+1433850-60a1.patch
+1433008-1-60a1.patch
+1433008-2-60a1.patch
+1430258-60a1.patch
+1411129-60a1.patch
+1432968-60a1.patch
+1432348-60a1.patch
+1427229-60a1.patch
+1432186-13-PARTIAL-60a1.patch
+1407347-60a1.patch
+1432869-1-60a1.patch
+1432869-2-60a1.patch
+1432869-3-60a1.patch
+1432869-4-60a1.patch
+1432869-5-60a1.patch
+1432869-6-60a1.patch
+1432869-7-60a1.patch
+servo-19824-60a1.patch
+1406274-60a1.patch
+1433671-1-60a1.patch
+1280162-1-60a1.patch
+1434171-60a1.patch
+1433117-60a1.patch
+1425340-60a1.patch
+1434219-60a1.patch
+1255379-60a1.patch
+1433567-1-60a1.patch
+1433567-2-60a1.patch
+1421380-1-60a1.patch
+servo-19902-60a1.patch
+1434202-60a1.patch
+1102240-1-60a1.patch
+1102240-2-60a1.patch
+1102240-3-60a1.patch
+1413314-60a1.patch
+1430993-1-60a1.patch
+1430993-2-60a1.patch
+1434328-60a1.patch
+1433139-3-60a1.patch
+1434270-60a1.patch
+1426146-1-60a1.patch
+1426146-2no3-60a1.patch
+1432794-60a1.patch
+1431533-5aa-60a1.patch
+1356331-1-60a1.patch
+1356331-2-60a1.patch
+1422393-60a1.patch
+1434293-60a1.patch
+1433971-60a1.patch
+1432320-1-60a1.patch
+1432320-2-60a1.patch
+1434410-60a1.patch
+1387632-60a1.patch
+1207734-01a-60a1.patch
+1207734-01b-60a1.patch
+1207734-01c-60a1.patch
+1207734-01d-60a1.patch
+1207734-02-60a1.patch
+1207734-03a-60a1.patch
+1207734-03b-60a1.patch
+1207734-04a-60a1.patch
+1207734-04b-60a1.patch
+1207734-04c-60a1.patch
+1207734-05-60a1.patch
+1207734-06-60a1.patch
+1433982-60a1.patch
+1434306-60a1.patch
+1431209-1-60a1.patch
+1431209-2-60a1.patch
+1431209-3-60a1.patch
+1433062-1-60a1.patch
+1433062-2-60a1.patch
+1433062-3-60a1.patch
+1433062-4-60a1.patch
+1411857-60a1.patch
+1432341-1-60a1.patch
+1432341-2-60a1.patch
+1432341-3-60a1.patch
+1432341-4-60a1.patch
+1408294-1-60a1.patch
+1408294-2-60a1.patch
+1408294-3-60a1.patch
+1408294-4-60a1.patch
+1408294-5-60a1.patch
+1408294-6-60a1.patch
+1408294-7-60a1.patch
+1299515-01-60a1.patch
+1299515-02-60a1.patch
+1299515-03-60a1.patch
+1299515-04-60a1.patch
+1299515-05-60a1.patch
+1299515-06-60a1.patch
+1299515-07-60a1.patch
+1299515-08-60a1.patch
+1299515-09-60a1.patch
+1299515-10-60a1.patch
+1299515-11-60a1.patch
+1299515-12-60a1.patch
+1299515-13-60a1.patch
+1299515-14-60a1.patch
+1299515-15-60a1.patch
+1299515-16-60a1.patch
+1299515-17-60a1.patch
+1299515-18-60a1.patch
+1299515-19-60a1.patch
+1299515-20-60a1.patch
+1299515-21-60a1.patch
+1299515-22-60a1.patch
+1299515-23-60a1.patch
+1299515-24-60a1.patch
+1299515-25-60a1.patch
+1426718-60a1.patch
+1431698-1-60a1.patch
+1431698-2-60a1.patch
+1320353-60a1.patch
+1425583-1-60a1.patch
+1425583-2-60a1.patch
+1425583-3-60a1.patch
+1434628-60a1.patch
+1433579-60a1.patch
+servo-19465-60a1.patch
+servo-19906-60a1.patch
+servo-19911-60a1.patch
+servo-19914-60a1.patch
+1255380-60a1.patch
+servo-19915-60a1.patch
+1420485-1-60a1.patch
+1420485-2-60a1.patch
+1420485-3-60a1.patch
+1420485-4-60a1.patch
+1420485-5-60a1.patch
+1429915-60a1.patch
+1433715-60a1.patch
+1433265-60a1.patch
+1434217-1-60a1.patch
+1434217-2-60a1.patch
+1434217-3-60a1.patch
+1269527-60a1.patch
+1419328-60a1.patch
+1134540-60a1.patch
+1434279-60a1.patch
+1434267-60a1.patch
+1433496-60a1.patch
+1434546-60a1.patch
+1433432-60a1.patch
+1432168-1-60a1.patch
+1432168-2-60a1.patch
+1432168-3-60a1.patch
+1434025-60a1.patch
+1434318-01-60a1.patch
+1434318-02-60a1.patch
+1434169-1-60a1.patch
+1434169-2-60a1.patch
+1434514-60a1.patch
+1420026-5no4-60a1.patch
+1430014-1-60a1.patch
+1430014-2-60a1.patch
+1430014-3-60a1.patch
+1430014-4-60a1.patch
+1430014-5-60a1.patch
+1430014-6-60a1.patch
+1255369-60a1.patch
+1432309-60a1.patch
+1434288-1-60a1.patch
+1434288-2-60a1.patch
+servo-19859-60a1.patch
+servo-19912-60a1.patch
+1434747-60a1.patch
+1430949-60a1.patch
+1213998-60a1.patch
+1207734-09a-60a1.patch
+1207734-09b-60a1.patch
+1207734-09e-60a1.patch
+1207734-09f-60a1.patch
+1207734-09i-60a1.patch
+1207734-10-60a1.patch
+1426054-60a1.patch
+1432803-1-60a1.patch
+1432803-2-60a1.patch
+1426906-60a1.patch
+1433344-60a1.patch
+1403334-1-60a1.patch
+servo-19903-60a1.patch
+1434724-60a1.patch
+servo-19918-60a1.patch
+1434474-60a1.patch
+1431459-60a1.patch
+1419293-60a1.patch
+1430793-60a1.patch
+1434524-60a1.patch
+1434697-2-60a1.patch
+1434699-60a1.patch
+1386404-1-60a1.patch
+1386404-2-60a1.patch
+1386404-3-60a1.patch
+1386404-4-60a1.patch
+1386404-5-60a1.patch
+1386404-6-60a1.patch
+1386404-7-60a1.patch
+1417388-60a1.patch
+1434622-60a1.patch
+1434224-60a1.patch
+1434835-60a1.patch
+1434790-60a1.patch
+1433837-5-60a1.patch
+1433837-6-60a1.patch
+1434263-60a1.patch
+1434295-60a1.patch
+1423582-60a1.patch
+servo-19923-60a1.patch
+servo-19924-60a1.patch
+servo-19529-60a1.patch
+1174091-60a1.patch
+1431867-1-60a1.patch
+1431867-2-60a1.patch
+1434803-60a1.patch
+1434686-1-60a1.patch
+1434686-2-60a1.patch
+1434686-3-60a1.patch
+1434686-4-60a1.patch
+1417380-1-60a1.patch
+1417380-2-60a1.patch
+1339461-1a-60a1.patch
+servo-19927-60a1.patch
+1434429-1-60a1.patch
+1434429-2-60a1.patch
+1434429-3-60a1.patch
+1434429-4-60a1.patch
+1434429-5-60a1.patch
+1434988-60a1.patch
+1435022-01-60a1.patch
+1435022-02-60a1.patch
+1435022-03-60a1.patch
+1435022-04-60a1.patch
+1435022-05-60a1.patch
+1435022-06-60a1.patch
+1435022-07-60a1.patch
+1435022-08-60a1.patch
+1435022-09-60a1.patch
+1435022-10-60a1.patch
+1435022-11-60a1.patch
+1435022-12-60a1.patch
+1434981-60a1.patch
+1430916-60a1.patch
+1434225-60a1.patch
+1433849-60a1.patch
+1207734-11-60a1.patch
+1434769-60a1.patch
+1434958-60a1.patch
+1435002-60a1.patch
+1435244-60a1.patch
+1435366-60a1.patch
+1435180-60a1.patch
+1435307-60a1.patch
+1435286-60a1.patch
+1435382-60a1.patch
+1431461-60a1.patch
+1434789-1-60a1.patch
+1434789-2-60a1.patch
+1435187-60a1.patch
+1435228-60a1.patch
+1434689-2-60a1.patch
+1434689-3-60a1.patch
+1434689-4-60a1.patch
+1435219-60a1.patch
+1435262-60a1.patch
+1435015-60a1.patch
+1435200-60a1.patch
+servo-19935-60a1.patch
+servo-19938-60a1.patch
+servo-19945-60a1.patch
+1435618-1-60a1.patch
+1435618-2-60a1.patch
+1433389-60a1.patch
+1435214-60a1.patch
+servo-19953-60a1.patch
+servo-19954-60a1.patch
+servo-19955-60a1.patch
+1435282-1-60a1.patch
+1435282-2-60a1.patch
+1435282-3-60a1.patch
+1435282-4-60a1.patch
+1435297-1-60a1.patch
+1435297-2-60a1.patch
+1435175-60a1.patch
+1434969-60a1.patch
+1392996-1only-60a1.patch
+1167238-1-60a1.patch
+1167238-2-60a1.patch
+1167238-3-60a1.patch
+1167238-4-60a1.patch
+1167238-5-60a1.patch
+1167238-6-60a1.patch
+1435406-60a1.patch
+1435814-60a1.patch
+1433139-4-60a1.patch
+1431813-1-60a1.patch
+1431813-2-60a1.patch
+1431813-3-60a1.patch
+1435149-1-60a1.patch
+1435149-2-60a1.patch
+1432599-1-60a1.patch
+1431561-60a1.patch
+NOBUG-20180206-jsgdb-60a1.patch
+1435220-60a1.patch
+1435293-60a1.patch
+1435673-1-60a1.patch
+1435673-2-60a1.patch
+1435673-3-60a1.patch
+1435673-4-60a1.patch
+1434600-1-60a1.patch
+1434600-2-60a1.patch
+1434600-3-60a1.patch
+1434723-1-60a1.patch
+1434723-2-60a1.patch
+1434723-3-60a1.patch
+1434723-4-60a1.patch
+1362115-1-60a1.patch
+1362115-2-60a1.patch
+1362115-3-60a1.patch
+servo-19933-60a1.patch
+servo-19948-60a1.patch
+servo-19956-60a1.patch
+1435701-60a1.patch
+1422163-1-60a1.patch
+1422163-2-60a1.patch
+1435084-60a1.patch
+1433655-60a1.patch
+1432381-60a1.patch
+1435325-60a1.patch
+1414825-2-60a1.patch
+1432956-2-60a1.patch
+1435756-60a1.patch
+1435295-60a1.patch
+1435249-60a1.patch
+1435570-60a1.patch
+1425580-01-60a1.patch
+1425580-02-60a1.patch
+1425580-03-60a1.patch
+1425580-03a-60a1.patch
+1434953-1-60a1.patch
+1434953-2-60a1.patch
+1434979-60a1.patch
+1435001-60a1.patch
+1432992-1a-60a1.patch
+1432992-1b-60a1.patch
+1436134-60a1.patch
+1348959-1-60a1.patch
+1348959-2-60a1.patch
+1348959-3-60a1.patch
+1431179-1-60a1.patch
+1431179-2-60a1.patch
+1431179-3-60a1.patch
+servo-19957-60a1.patch
+servo-19964-60a1.patch
+servo-19966-60a1.patch
+servo-19969-60a1.patch
+servo-19970-60a1.patch
+1436084-1-60a1.patch
+1436084-2-60a1.patch
+1419339-60a1.patch
+1432759-60a1.patch
+1420838-2-60a1.patch
+1420838-3-60a1.patch
+1420838-4-60a1.patch
+1431202-1-60a1.patch
+1431202-2-60a1.patch
+1435730-1-60a1.patch
+1435730-2-60a1.patch
+1399158-60a1.patch
+1403334-2-60a1.patch
+1434861-60a1.patch
+1434946-1-60a1.patch
+1434946-2-60a1.patch
+1434946-3-60a1.patch
+1418930-1-60a1.patch
+1418930-2-60a1.patch
+1418930-3-60a1.patch
+1418930-4-60a1.patch
+1418930-5-60a1.patch
+1418930-6-60a1.patch
+servo-19931-60a1.patch
+servo-19973-60a1.patch
+1435248-1-60a1.patch
+1435248-2-60a1.patch
+1435248-3-60a1.patch
+1435939-1-60a1.patch
+1435939-2-60a1.patch
+1435939-3-60a1.patch
+1435939-4-60a1.patch
+1428072-1-60a1.patch
+1230369-1a-60a1.patch
+1383682-1-60a1.patch
+1383682-2-60a1.patch
+1383682-3-60a1.patch
+1435209-60a1.patch
+1436065-60a1.patch
+1435796-60a1.patch
+1435525-60a1.patch
+1436353-1-60a1.patch
+1436353-2-60a1.patch
+1436353-3-60a1.patch
+1435266-60a1.patch
+1436210-60a1.patch
+1436343-60a1.patch
+1392391-1-60a1.patch
+1392391-2-60a1.patch
+1392391-3-60a1.patch
+1392391-4-60a1.patch
+1392391-5-60a1.patch
+1392391-6-60a1.patch
+servo-19974-60a1.patch
+servo-19981-60a1.patch
+1436279-1-60a1.patch
+1436279-2-60a1.patch
+1385998-1-60a1.patch
+1385998-2-60a1.patch
+1436076-1-60a1.patch
+1436076-2-60a1.patch
+1436076-3-60a1.patch
+1435320-60a1.patch
+1435143-60a1.patch
+1436265-60a1.patch
+1435624-60a1.patch
+1435185-60a1.patch
+1436272-60a1.patch
+1432678-60a1.patch
+1432679-60a1.patch
+1431900-60a1.patch
+1433959-60a1.patch
+1435146-60a1.patch
+1436185-60a1.patch
+1436541-60a1.patch
+servo-19984-60a1.patch
+servo-19985-60a1.patch
+1435803-60a1.patch
+1430857-1-60a1.patch
+1430857-2-60a1.patch
+1436216-60a1.patch
+1434218-60a1.patch
+1434884-60a1.patch
+1436362-60a1.patch
+1436190-60a1.patch
+1433932-60a1.patch
+1435321-60a1.patch
+1404710-60a1.patch
+1436792-1-60a1.patch
+1436792-2-60a1.patch
+1436725-60a1.patch
+1420322-60a1.patch
+1429338-1-60a1.patch
+1429338-2-60a1.patch
+1376910-3-60a1.patch
+1425274-60a1.patch
+1436790-60a1.patch
+1436684-60a1.patch
+1373558-60a1.patch
+1267462-01-60a1.patch
+1267462-02-60a1.patch
+1267462-03-60a1.patch
+1267462-04-60a1.patch
+1267462-05-60a1.patch
+1267462-06-60a1.patch
+1267462-07-60a1.patch
+1267462-08-60a1.patch
+1267462-09-60a1.patch
+1267462-10-60a1.patch
+1436841-60a1.patch
+1436832-1-60a1.patch
+1436832-2-60a1.patch
+1436295-60a1.patch
+1435090-1-60a1.patch
+1435090-2-60a1.patch
+1434230-1-60a1.patch
+1434230-2-60a1.patch
+1434230-3-60a1.patch
+1434243-1-60a1.patch
+1434243-2-60a1.patch
+1434243-3-60a1.patch
+1434243-4-60a1.patch
+1404364-60a1.patch
+1404886-60a1.patch
+1416179-2-60a1.patch
+1389988-60a1.patch
+1435456-60a1.patch
+1432599-2-60a1.patch
+1425580-04-60a1.patch
+1425580-05-60a1.patch
+1319203-1-60a1.patch
+1319203-2-60a1.patch
+1319203-3-60a1.patch
+1319203-4-60a1.patch
+1319203-5-60a1.patch
+1382458-60a1.patch
+1432764-60a1.patch
+1433552-60a1.patch
+1435670-60a1.patch
+1436882-60a1.patch
+1432411-60a1.patch
+servo-20001-60a1.patch
+servo-20003-60a1.patch
+1374166-60a1.patch
+1416824-1-60a1.patch
+1416824-2-60a1.patch
+1416824-3-60a1.patch
+1416824-4-60a1.patch
+1406022-60a1.patch
+1436831-1-60a1.patch
+1436831-2-60a1.patch
+1434230-4-60a1.patch
+1433111-1-60a1.patch
+1433111-2-60a1.patch
+1436893-60a1.patch
+1435025-60a1.patch
+servo-19980-60a1.patch
+NOBUG-20180210-debug_unreachable-60a1.patch
+servo-20004-60a1.patch
+1434996-60a1.patch
+1434250-1-60a1.patch
+1434250-2-60a1.patch
+1434250-3-60a1.patch
+1434250-4-60a1.patch
+1425243-1-60a1.patch
+1425243-2-60a1.patch
+1425243-3-60a1.patch
+1429768-60a1.patch
+1415443-60a1.patch
+servo-20011-60a1.patch
+servo-20010-60a1.patch
+1435139-60a1.patch
+servo-20013-60a1.patch
+1436742-60a1.patch
+1436743-60a1.patch
+1429508-1-60a1.patch
+1429508-2-60a1.patch
+1429508-3-60a1.patch
+1437184-60a1.patch
+1437248-60a1.patch
+1405650-60a1.patch
+servo-20014-60a1.patch
+1426063-60a1.patch
+1436663-60a1.patch
+1435684-60a1.patch
+1429603-12-60a1.patch
+1429603-13-60a1.patch
+1435643-60a1.patch
+1435650-60a1.patch
+1435649-60a1.patch
+1429932-1-60a1.patch
+1429932-2-60a1.patch
+1429932-3-60a1.patch
+1429932-4-60a1.patch
+1429932-5-60a1.patch
+1429932-6-60a1.patch
+1429932-7-60a1.patch
+servo-20017-60a1.patch
+1394233-2-60a1.patch
+servo-20016-60a1.patch
+servo-20018-60a1.patch
+servo-20019-60a1.patch
+servo-20026-60a1.patch
+1437484-60a1.patch
+servo-20025-60a1.patch
+servo-20027-60a1.patch
+1436058-1-60a1.patch
+1436058-2-60a1.patch
+1436058-3-60a1.patch
+1436058-4-60a1.patch
+1436058-5-60a1.patch
+1169290-01-60a1.patch
+1169290-02-60a1.patch
+1169290-03-60a1.patch
+1169290-04-60a1.patch
+1169290-05-60a1.patch
+1169290-06-60a1.patch
+1169290-07-60a1.patch
+1169290-08-60a1.patch
+1169290-09-60a1.patch
+1169290-10-60a1.patch
+1169290-11-60a1.patch
+1407693-1-60a1.patch
+1407693-2-60a1.patch
+785440-2-60a1.patch
+1437028-60a1.patch
+1430918-1-60a1.patch
+1430918-2-60a1.patch
+1405641-60a1.patch
+1406028-60a1.patch
+1404832-1-60a1.patch
+1404832-2-60a1.patch
+1403200-60a1.patch
+1403205-60a1.patch
+1403196-60a1.patch
+1437152-1-60a1.patch
+1437152-2-60a1.patch
+1435938-1-60a1.patch
+1435938-2-60a1.patch
+1432375-1-60a1.patch
+1432375-2-60a1.patch
+1435296-1-60a1.patch
+1435296-2-60a1.patch
+1435296-3-60a1.patch
+1435296-4-60a1.patch
+1435296-5-60a1.patch
+1435296-6-60a1.patch
+1435296-7-60a1.patch
+1436697-60a1.patch
+1422043-1-60a1.patch
+1436773-1-60a1.patch
+1436773-2-60a1.patch
+1437125-60a1.patch
+1425580-06-60a1.patch
+1425580-07-60a1.patch
+1436983-60a1.patch
+servo-20033-60a1.patch
+1237454-1-60a1.patch
+1237454-2-60a1.patch
+1237454-3-60a1.patch
+1237454-4-60a1.patch
+1237454-5-60a1.patch
+1237454-6-60a1.patch
+1237454-7-60a1.patch
+1437625-60a1.patch
+1430919-60a1.patch
+1434429-6-60a1.patch
+1434429-7-60a1.patch
+1428453-07-60a1.patch
+1428453-08-60a1.patch
+1428453-09-60a1.patch
+1428453-10-60a1.patch
+1436150-60a1.patch
+1429647-60a1.patch
+1425580-08-60a1.patch
+1425580-09-60a1.patch
+1437481-60a1.patch
+1437471-60a1.patch
+1434544-60a1.patch
+1434565-60a1.patch
+1437795-60a1.patch
+1436110-1-60a1.patch
+1436110-2-60a1.patch
+1436110-3-60a1.patch
+1436978-60a1.patch
+1404359-60a1.patch
+1404844-60a1.patch
+1437802-60a1.patch
+servo-19925-60a1.patch
+NOBUG-20180214-revendor-60a1.patch
+1436639-60a1.patch
+1231203-60a1.patch
+1435984-1-60a1.patch
+1435984-2-60a1.patch
+1435984-3-60a1.patch
+1435984-4-60a1.patch
+1435984-5-60a1.patch
+1435984-6-60a1.patch
+1435984-7-60a1.patch
+1435984-9-60a1.patch
+servo-20022-60a1.patch
+NOBUG-20180214-darling-60a1.patch
+servo-20039-60a1.patch
+servo-20038-60a1.patch
+servo-20040-60a1.patch
+servo-20042-60a1.patch
+servo-20044-60a1.patch
+1437949-1-60a1.patch
+1436625-60a1.patch
+1437623-1-60a1.patch
+1437623-2-60a1.patch
+1437623-3-60a1.patch
+1436415-1-60a1.patch
+1436415-2-60a1.patch
+1437723-60a1.patch
+1429150-2-60a1.patch
+1437548-1-60a1.patch
+1437548-2-60a1.patch
+1437548-3-60a1.patch
+1434155-1-60a1.patch
+1434155-2-60a1.patch
+1437856-60a1.patch
+1403454-60a1.patch
+1436926-1-60a1.patch
+1436926-2-60a1.patch
+1418469-60a1.patch
+1436723-1-60a1.patch
+1436723-2-60a1.patch
+1437750-60a1.patch
+1437309-60a1.patch
+1437554-60a1.patch
+1344613-60a1.patch
+1428442-60a1.patch
+1437978-60a1.patch
+1437501-60a1.patch
+1437499-60a1.patch
+1428431-60a1.patch
+1428432-1-60a1.patch
+1428432-2-60a1.patch
+1428432-3-60a1.patch
+1428436-60a1.patch
+1431056-60a1.patch
+1437832-1-60a1.patch
+1437832-2-60a1.patch
+1437832-3-60a1.patch
+1437832-4-60a1.patch
+1436759-60a1.patch
+servo-20046-60a1.patch
+servo-20049-60a1.patch
+1429962-60a1.patch
+1437965-60a1.patch
+1436659-09no01to08-60a1.patch
+1436659-10-60a1.patch
+1436659-11-60a1.patch
+1436659-12-60a1.patch
+1436659-13-60a1.patch
+1436659-14-60a1.patch
+1434846-1-60a1.patch
+1434846-2-60a1.patch
+1438020-60a1.patch
+1406726-60a1.patch
+1438055-60a1.patch
+1437427-60a1.patch
+1311171-60a1.patch
+1403450-60a1.patch
+1435368-60a1.patch
+1436690-1-60a1.patch
+1436690-2-60a1.patch
+1436690-3-60a1.patch
+1436690-4-60a1.patch
+1436690-5-60a1.patch
+1429212-60a1.patch
+1437267-60a1.patch
+1429206-1-60a1.patch
+1429206-3no2-60a1.patch
+1429206-4-60a1.patch
+1429206-5-60a1.patch
+1429206-6-60a1.patch
+1429206-7-60a1.patch
+1429206-8-60a1.patch
+903519-01-60a1.patch
+903519-02-60a1.patch
+903519-03-60a1.patch
+903519-04-60a1.patch
+903519-05-60a1.patch
+903519-06-60a1.patch
+903519-07-60a1.patch
+903519-08-60a1.patch
+903519-09-60a1.patch
+903519-10-60a1.patch
+903519-11-60a1.patch
+903519-12-60a1.patch
+903519-13-60a1.patch
+903519-14-60a1.patch
+903519-15-60a1.patch
+903519-16-60a1.patch
+903519-17-60a1.patch
+903519-18-60a1.patch
+903519-19-60a1.patch
+903519-20-60a1.patch
+1436020-60a1.patch
+1433646-60a1.patch
+1437571-2-60a1.patch
+1407588-1-60a1.patch
+1407588-2-60a1.patch
+1407588-3-60a1.patch
+1407588-4-60a1.patch
+1407588-5-60a1.patch
+1407588-6-60a1.patch
+1438073-60a1.patch
+1437055-60a1.patch
+1428443-60a1.patch
+1431015-60a1.patch
+1437534-60a1.patch
+1437546-60a1.patch
+1437780-1-60a1.patch
+1425580-10-60a1.patch
+1438126-1-60a1.patch
+1438126-2-60a1.patch
+1438126-3-60a1.patch
+1437602-1-60a1.patch
+1437602-2-60a1.patch
+1437602-3-60a1.patch
+1437926-60a1.patch
+1437491-60a1.patch
+1437448-60a1.patch
+1435369-60a1.patch
+1438251-60a1.patch
+1438502-60a1.patch
+1438232-60a1.patch
+1437731-60a1.patch
+1437970-60a1.patch
+1428453-11-60a1.patch
+1428453-12-60a1.patch
+1428453-13-60a1.patch
+1422043-2-60a1.patch
+1422043-3-60a1.patch
+1422043-4-60a1.patch
+1422043-5-60a1.patch
+1435569-1-60a1.patch
+1435569-2-60a1.patch
+1425580-11-60a1.patch
+1425580-12-60a1.patch
+1438670-60a1.patch
+servo-20047-60a1.patch
+712130-1-60a1.patch
+712130-2-60a1.patch
+712130-3-60a1.patch
+712130-4-60a1.patch
+1438035-1-60a1.patch
+1438035-2-60a1.patch
+1438097-60a1.patch
+1422160-60a1.patch
+1416106-01-60a1.patch
+1416106-02-60a1.patch
+1416106-03-60a1.patch
+1416106-04-60a1.patch
+1416106-05-60a1.patch
+1416106-06-60a1.patch
+1416106-07-60a1.patch
+1416106-08-60a1.patch
+1416106-09-60a1.patch
+1416106-10-60a1.patch
+1416106-11-60a1.patch
+1416106-12-60a1.patch
+1416106-13-60a1.patch
+1429803-1-60a1.patch
+1429803-2-60a1.patch
+1405245-1-60a1.patch
+1405245-2-60a1.patch
+1405647-60a1.patch
+1405648-60a1.patch
+1405649-60a1.patch
+1437949-2-60a1.patch
+1436997-1-60a1.patch
+1436997-2-60a1.patch
+1421737-1-60a1.patch
+1421737-2-60a1.patch
+1421737-3-60a1.patch
+1421737-4-60a1.patch
+1438014-60a1.patch
+1429361-60a1.patch
+1438704-60a1.patch
+1173851-1only-60a1.patch
+1434528-60a1.patch
+1436575-2a-60a1.patch
+1405087-1-60a1.patch
+1405087-2-60a1.patch
+1405087-3no4-60a1.patch
+1405087-5-60a1.patch
+servo-20056-60a1.patch
+1361618-60a1.patch
+1438348-60a1.patch
+1437828-60a1.patch
+1437852-60a1.patch
+1438174-60a1.patch
+1438508-60a1.patch
+1438127-60a1.patch
+1438425-fix-60a1.patch
+1438408-60a1.patch
+1438321-60a1.patch
+1437729-60a1.patch
+1437374-60a1.patch
+1432853-1-60a1.patch
+1432853-2-60a1.patch
+1436863-1-60a1.patch
+1385998-3-60a1.patch
+1438040-60a1.patch
+1437728-60a1.patch
+servo-20061-60a1.patch
+1437572-1-60a1.patch
+1437572-2-60a1.patch
+1437912-1-60a1.patch
+1437912-2-60a1.patch
+1437912-3-60a1.patch
+1438476-1-60a1.patch
+1438476-2-60a1.patch
+1438476-3-60a1.patch
+1404877-60a1.patch
+1437147-60a1.patch
+1437886-60a1.patch
+1436247-1-60a1.patch
+1436247-2-60a1.patch
+1436247-3-60a1.patch
+1438207-60a1.patch
+1438673-60a1.patch
+1437741-1-60a1.patch
+1437741-2-60a1.patch
+servo-20064-60a1.patch
+servo-20065-60a1.patch
+1393609-60a1.patch
+1438489-60a1.patch
+1439000-60a1.patch
+1307899-60a1.patch
+1405352-60a1.patch
+1438888-60a1.patch
+1438631-1-60a1.patch
+1438631-2-60a1.patch
+1438674-60a1.patch
+1429603-14-60a1.patch
+1429603-15-60a1.patch
+1429603-16-60a1.patch
+1429603-17-60a1.patch
+1429603-18-60a1.patch
+1429603-19-60a1.patch
+1429603-20-60a1.patch
+1429603-21-60a1.patch
+1429603-22-60a1.patch
+1429603-23-60a1.patch
+1429603-24-60a1.patch
+1429603-25-60a1.patch
+1429603-26-60a1.patch
+1429603-27-60a1.patch
+1438278-0-60a1.patch
+1438278-1-60a1.patch
+1438278-2-60a1.patch
+1438278-3-60a1.patch
+1438278-4-60a1.patch
+1438278-5-60a1.patch
+1438278-6-60a1.patch
+1439003-1-60a1.patch
+1439003-2-60a1.patch
+1439003-3-60a1.patch
+1437492-1-60a1.patch
+1437492-2-60a1.patch
+1438797-60a1.patch
+1436151-60a1.patch
+1438002-60a1.patch
+1436263-1-PARTIAL-dommedia-60a1.patch
+1436263-1-PARTIAL-js-60a1.patch
+1436263-2-PARTIAL-dommedia-60a1.patch
+1436263-2-PARTIAL-js-60a1.patch
+1436263-3-PARTIAL-js-60a1.patch
+1436263-5-60a1.patch
+1437530-60a1.patch
+1438618-60a1.patch
+1428453-14-60a1.patch
+1428453-15-60a1.patch
+1439234-60a1.patch
+1425580-13-60a1.patch
+1439361-1-60a1.patch
+1439361-2-60a1.patch
+1439361-3-60a1.patch
+1284414-60a1.patch
+1439004-1-60a1.patch
+1439005-60a1.patch
+1438527-60a1.patch
+1438165-60a1.patch
+1438133-60a1.patch
+1438599-1-60a1.patch
+1438599-2-60a1.patch
+1438599-3-60a1.patch
+1438157-1-60a1.patch
+1438157-2-60a1.patch
+1429603-28-60a1.patch
+1430856-1-60a1.patch
+1430856-2-60a1.patch
+servo-20070-60a1.patch
+1438297-60a1.patch
+servo-20072-60a1.patch
+servo-20073-60a1.patch
+1396819-60a1.patch
+1438463-60a1.patch
+1435092-1-60a1.patch
+1435092-2-60a1.patch
+1436670-60a1.patch
+servo-20078-60a1.patch
+1438892-1-60a1.patch
+1438892-2-60a1.patch
+1438892-3-60a1.patch
+1438892-4-60a1.patch
+1438892-5-60a1.patch
+1438892-6-60a1.patch
+1438892-7-60a1.patch
+1043775-60a1.patch
+1439362-60a1.patch
+1439375-60a1.patch
+1438542-60a1.patch
+1438442-60a1.patch
+1427118-60a1.patch
+1414674-60a1.patch
+1438538-60a1.patch
+1436352-60a1.patch
+1290949-60a1.patch
+1435329-60a1.patch
+1439016-1-60a1.patch
+1439016-2-60a1.patch
+1439016-3-60a1.patch
+1439016-4-60a1.patch
+1439016-5-60a1.patch
+1439435-60a1.patch
+1438332-60a1.patch
+1414751-60a1.patch
+1439371-60a1.patch
+1438641-60a1.patch
+1439634-60a1.patch
+1438930-60a1.patch
+1439001-60a1.patch
+1439474-60a1.patch
+servo-20079-60a1.patch
+1435671-60a1.patch
+1438696-60a1.patch
+1438697-60a1.patch
+1438086-1-fix-60a1.patch
+servo-20081-60a1.patch
+servo-20082-60a1.patch
+1439793-1-60a1.patch
+1439793-2-60a1.patch
+1439793-3-60a1.patch
+1439793-4-60a1.patch
+1439018-60a1.patch
+1438482-60a1.patch
+1438750-60a1.patch
+1438569-60a1.patch
+1433406-60a1.patch
+1437039-60a1.patch
+1439336-60a1.patch
+1439908-60a1.patch
+1438988-60a1.patch
+1439626-60a1.patch
+1439663-60a1.patch
+903519-21-60a1.patch
+1439004-2-60a1.patch
+1440224-60a1.patch
+1440226-60a1.patch
+1434843-1-60a1.patch
+1434843-2-60a1.patch
+1434843-3-60a1.patch
+1434843-4-60a1.patch
+1434843-5-60a1.patch
+1434843-6-60a1.patch
+1428453-16-60a1.patch
+1435317-1-60a1.patch
+1437377-60a1.patch
+1439898-1-60a1.patch
+1439898-2-60a1.patch
+1440519-60a1.patch
+1439898-3-60a1.patch
+1440369-60a1.patch
+1423528-60a1.patch
+1435648-1-60a1.patch
+1435648-2-60a1.patch
+1439763-60a1.patch
+1438389-60a1.patch
+1439923-60a1.patch
+1438118-60a1.patch
+1434593-60a1.patch
+1439736-60a1.patch
+1439437-60a1.patch
+1439041-60a1.patch
+1439076-1-60a1.patch
+1439076-2-60a1.patch
+1434300-2a-60a1.patch
+servo-20088-60a1.patch
+servo-20102-60a1.patch
+1418770-60a1.patch
+1425573-1-60a1.patch
+1425573-2-60a1.patch
+1425573-3-60a1.patch
+1425573-4-60a1.patch
+1428769-60a1.patch
+1440188-60a1.patch
+1431029-1-60a1.patch
+1431029-2-60a1.patch
+1438487-60a1.patch
+1438962-1-60a1.patch
+1438962-2-60a1.patch
+1420130-60a1.patch
+1439828-60a1.patch
+1439953-60a1.patch
+1437087-60a1.patch
+1434792-60a1.patch
+1439433-60a1.patch
+1435100-60a1.patch
+servo-20104-60a1.patch
+1440256-60a1.patch
+1434414-60a1.patch
+1437855-60a1.patch
+1437849-60a1.patch
+1439925-60a1.patch
+1433015-3-60a1.patch
+1431570-60a1.patch
+1439242-60a1.patch
+1439285-1-60a1.patch
+1439285-2-60a1.patch
+1428816-1-60a1.patch
+1428816-2-60a1.patch
+1428816-3-60a1.patch
+1382199-60a1.patch
+1437417-1-60a1.patch
+1437417-2-60a1.patch
+1440411-60a1.patch
+1427639-1-60a1.patch
+1427639-2-60a1.patch
+1436904-1-60a1.patch
+1436904-2-60a1.patch
+1439471-60a1.patch
+1430841-1-60a1.patch
+1430841-2-60a1.patch
+1430841-3-60a1.patch
+1438471-60a1.patch
+1440347-60a1.patch
+1439937-60a1.patch
+1439565-1-60a1.patch
+1439565-2-60a1.patch
+1432232-60a1.patch
+1440670-60a1.patch
+1438848-60a1.patch
+1439063-0-60a1.patch
+1439063-1-60a1.patch
+1439063-2-60a1.patch
+1438086-3a-60a1.patch
+1438086-4a-60a1.patch
+1438827-60a1.patch
+1426006-60a1.patch
+1438841-60a1.patch
+1438851-60a1.patch
+1438853-60a1.patch
+1438860-60a1.patch
+1438934-60a1.patch
+1439638-60a1.patch
+1438838-60a1.patch
+1438877-60a1.patch
+1438883-60a1.patch
+1438941-60a1.patch
+1440559-60a1.patch
+1438638-60a1.patch
+1438846-1only-60a1.patch
+1440043-60a1.patch
+1428433-60a1.patch
+1439619-60a1.patch
+1440118-1-60a1.patch
+1440118-2-60a1.patch
+1440164-1-60a1.patch
+1440164-2-60a1.patch
+1437851-60a1.patch
+1438017-60a1.patch
+1440431-1-60a1.patch
+1440431-2-60a1.patch
+1440431-3-60a1.patch
+1438870-60a1.patch
+1436691-60a1.patch
+1440626-60a1.patch
+1440735-60a1.patch
+1437483-1-60a1.patch
+1437483-2-60a1.patch
+1437483-2a-60a1.patch
+1438800-60a1.patch
+1437780-2-60a1.patch
+1439333-60a1.patch
+1436953-60a1.patch
+1313336-1-60a1.patch
+1313336-2-60a1.patch
+1313336-3-60a1.patch
+1313336-4-60a1.patch
+1313336-5-60a1.patch
+1313336-6-60a1.patch
+1313336-7-60a1.patch
+1436955-60a1.patch
+1438113-1-60a1.patch
+1435317-2-60a1.patch
+1438113-2-60a1.patch
+1432345-1-60a1.patch
+1440372-60a1.patch
+1426457-60a1.patch
+1437483-3-60a1.patch
+1437483-4-60a1.patch
+1439284-1-60a1.patch
+1441152-60a1.patch
+1441443-60a1.patch
+1440512-60a1.patch
+1439284-2-60a1.patch
+1359342-1-60a1.patch
+1359342-2-60a1.patch
+1359342-3-60a1.patch
+1359342-4-60a1.patch
+1437428-60a1.patch
+1440739-60a1.patch
+1038099-60a1.patch
+1441487-1-60a1.patch
+1441487-2-60a1.patch
+1440330-60a1.patch
+1432446-60a1.patch
+1440309-60a1.patch
+1441038-60a1.patch
+1440599-60a1.patch
+1441587-1-60a1.patch
+1441587-2-60a1.patch
+1341261-1-60a1.patch
+1341261-2-60a1.patch
+1341261-3-60a1.patch
+1432345-2-60a1.patch
+1441521-60a1.patch
+1441494-60a1.patch
+1441335-60a1.patch
+1438842-1-60a1.patch
+1438842-2-60a1.patch
+1438842-3-60a1.patch
+1438842-4-60a1.patch
+1438842-5-60a1.patch
+1437450-60a1.patch
+1441783-60a1.patch
+1441988-1-60a1.patch
+1440394-1-60a1.patch
+1440394-2-60a1.patch
+1440394-3-60a1.patch
+1441927-1-60a1.patch
+1441988-2-60a1.patch
+903519-22-60a1.patch
+903519-23-60a1.patch
+1440112-1-60a1.patch
+1440112-2-60a1.patch
+1439954-60a1.patch
+servo-20117-60a1.patch
+1438467-60a1.patch
+1439036-1-60a1.patch
+1439036-2-60a1.patch
+1432490-1-60a1.patch
+1432490-2-60a1.patch
+1437714-60a1.patch
+1440961-60a1.patch
+1441009-1-60a1.patch
+1440221-60a1.patch
+1439920-60a1.patch
+1440093-60a1.patch
+1439711-60a1.patch
+1438794-60a1.patch
+1439046-60a1.patch
+1440252-60a1.patch
+1436117-60a1.patch
+servo-20123-60a1.patch
+1440682-60a1.patch
+1353461-1-60a1.patch
+1353461-2-60a1.patch
+1353461-3-60a1.patch
+1353461-5-60a1.patch
+1353461-6-60a1.patch
+1432745-60a1.patch
+1439673-60a1.patch
+1439991-1-60a1.patch
+1439991-2-60a1.patch
+1437850-60a1.patch
+1437854-60a1.patch
+1439500-60a1.patch
+1439723-60a1.patch
+1440538-1-60a1.patch
+1440538-2-60a1.patch
+1440538-3-60a1.patch
+1440538-4-60a1.patch
+1440538-5-60a1.patch
+1440029-60a1.patch
+servo-20124-60a1.patch
+1439485-60a1.patch
+1432509-60a1.patch
+1370794-1-60a1.patch
+1370794-2-60a1.patch
+1438790-60a1.patch
+1432416-1-60a1.patch
+1432416-2-60a1.patch
+1432416-3-60a1.patch
+1432416-4-60a1.patch
+1429185-1-60a1.patch
+1429185-2no3or4-60a1.patch
+1439411-60a1.patch
+1440550-60a1.patch
+1432682-0-60a1.patch
+1432682-1-60a1.patch
+1441225-60a1.patch
+1439529-60a1.patch
+1439378-60a1.patch
+servo-20133-60a1.patch
+1441019-09-60a1.patch
+servo-20058-60a1.patch
+NOBUG-20180227-rayon-60a1.patch
+1439395-1-60a1.patch
+1439395-2-60a1.patch
+1402064-PARTIAL-60a1.patch
+1441019-01-60a1.patch
+1441019-02-60a1.patch
+1441019-03-60a1.patch
+1441019-04-60a1.patch
+1441019-05-60a1.patch
+1441019-06-60a1.patch
+1441019-07-60a1.patch
+1441019-08-60a1.patch
+1441019-10-60a1.patch
+1441019-11-60a1.patch
+1441019-12-60a1.patch
+1439897-60a1.patch
+1440740-60a1.patch
+1433060-60a1.patch
+1433929-1-60a1.patch
+1433929-2-60a1.patch
+1433929-3no4-60a1.patch
+1433929-5-60a1.patch
+1441192-60a1.patch
+1441460-60a1.patch
+1425246-60a1.patch
+1414176-60a1.patch
+servo-20131-60a1.patch
+servo-20134-60a1.patch
+servo-20136-60a1.patch
+1441558-60a1.patch
+1441547-60a1.patch
+1440761-60a1.patch
+1434333-60a1.patch
+1440320-1-60a1.patch
+1440320-2-60a1.patch
+1441528-60a1.patch
+1439767-60a1.patch
+1427608-1-60a1.patch
+1427608-2-60a1.patch
+1437332-1-60a1.patch
+1437332-2-60a1.patch
+1431646-60a1.patch
+1435910-0_2-60a1.patch
+1433175-1a-60a1.patch
+1437893-60a1.patch
+1441500-60a1.patch
+servo-20138-60a1.patch
+NOBUG-20180228-euclid-60a1.patch
+servo-20140-60a1.patch
+servo-20141-60a1.patch
+servo-20146-60a1.patch
+1441112-60a1.patch
+1441613-1-60a1.patch
+1382606-60a1.patch
+1437848-60a1.patch
+1441825-60a1.patch
+1441218-60a1.patch
+1441527-60a1.patch
+1441578-60a1.patch
+1441896-60a1.patch
+523950-01-60a1.patch
+523950-02-60a1.patch
+523950-03-60a1.patch
+523950-04-60a1.patch
+523950-05-60a1.patch
+523950-06-60a1.patch
+523950-07-60a1.patch
+523950-08-60a1.patch
+523950-09-60a1.patch
+523950-10-60a1.patch
+1441613-2-60a1.patch
+1441613-3-60a1.patch
+1440555-1-60a1.patch
+1440555-2-60a1.patch
+1410456-02no01-60a1.patch
+1410456-03-60a1.patch
+1410456-04-60a1.patch
+1410456-05-60a1.patch
+1410456-06-60a1.patch
+1410456-07-60a1.patch
+1410456-08-60a1.patch
+1410456-09-60a1.patch
+1410456-10-60a1.patch
+1410456-11-60a1.patch
+1441830-60a1.patch
+NOBUG-20180301-itertools-60a1.patch
+servo-20143-60a1.patch
+1438391-60a1.patch
+1438401-60a1.patch
+1441868-60a1.patch
+1419350-1-60a1.patch
+1419350-2-60a1.patch
+1437847-60a1.patch
+1437890-1-60a1.patch
+1437890-2-60a1.patch
+1441974-60a1.patch
+1442001-60a1.patch
+1442150-1-60a1.patch
+1441424-1-60a1.patch
+1436510-60a1.patch
+1436845-1-60a1.patch
+1436845-2-60a1.patch
+1436845-3-60a1.patch
+1441872-60a1.patch
+1442266-60a1.patch
+1432195-60a1.patch
+1437003-60a1.patch
+servo-20145-60a1.patch
+1441182-60a1.patch
+1428795-60a1.patch
+1428795-1-60a1.patch
+1428795-2-60a1.patch
+1428795-3-60a1.patch
+1428795-4-60a1.patch
+1441226-60a1.patch
+1441882-1-60a1.patch
+1441882-2-60a1.patch
+1437845-60a1.patch
+1438326-60a1.patch
+1440938-1-60a1.patch
+1440938-2-60a1.patch
+1423261-1-60a1.patch
+1438837-60a1.patch
+1441622-60a1.patch
+servo-20170-60a1.patch
+1440040-1-60a1.patch
+1440040-2-60a1.patch
+1440040-3-60a1.patch
+1440040-4-60a1.patch
+1440664-1-60a1.patch
+1440664-2-60a1.patch
+1440664-3-60a1.patch
+1440664-4-60a1.patch
+1440664-5-60a1.patch
+1440664-6-60a1.patch
+1440177-1-60a1.patch
+1440177-2-60a1.patch
+1440177-3-60a1.patch
+1440177-4-60a1.patch
+1440177-5-60a1.patch
+1440177-6-60a1.patch
+1440177-7-60a1.patch
+1430942-60a1.patch
+1441424-2-60a1.patch
+1357688-60a1.patch
+1440497-60a1.patch
+1442037-60a1.patch
+1432642-60a1.patch
+1440867-60a1.patch
+1441765-1-60a1.patch
+1441765-2-60a1.patch
+1439403-60a1.patch
+1425580-14-60a1.patch
+1438151-60a1.patch
+1441779-1-60a1.patch
+1441779-2-60a1.patch
+1440169-1-60a1.patch
+1440169-2-60a1.patch
+1382609-60a1.patch
+1233890-60a1.patch
+1382577-60a1.patch
+1441260-60a1.patch
+1442075-60a1.patch
+1432153-60a1.patch
+servo-20171-60a1.patch
+servo-20173-60a1.patch
+NOBUG-20180302-bindgen-60a1.patch
+1441916-1-60a1.patch
+1441916-2-60a1.patch
+1441916-3-60a1.patch
+1441916-4-60a1.patch
+1441916-5-60a1.patch
+1441916-6-60a1.patch
+1441916-7-60a1.patch
+1437844-60a1.patch
+1442305-60a1.patch
+1441153-60a1.patch
+1442318-60a1.patch
+1413049-1-60a1.patch
+1413049-1a-60a1.patch
+1413049-2-60a1.patch
+1405843-60a1.patch
+1438880-60a1.patch
+1440914-60a1.patch
+1422043-60a1.patch
+1441454-60a1.patch
+1421818-60a1.patch
+1441145-1-60a1.patch
+1441145-2-60a1.patch
+1441588-1-60a1.patch
+1441588-2-60a1.patch
+1248498-60a1.patch
+1437806-60a1.patch
+1442785-60a1.patch
+1442608-60a1.patch
+1441860-60a1.patch
+1442451-60a1.patch
+1442295-60a1.patch
+1439839-60a1.patch
+1424154-60a1.patch
+1442385-60a1.patch
+1435692-1-60a1.patch
+1435692-2-60a1.patch
+1435692-3-60a1.patch
+1435692-4-60a1.patch
+servo-20178-60a1.patch
+1442246-60a1.patch
+servo-20180-60a1.patch
+servo-20183-60a1.patch
+servo-20187-60a1.patch
+1415886-60a1.patch
+1193394-1-60a1.patch
+1193394-2-60a1.patch
+1441864-60a1.patch
+1438121-1-60a1.patch
+1438121-2-60a1.patch
+1438121-3-60a1.patch
+1438121-4-60a1.patch
+1438121-5-60a1.patch
+1438121-6-60a1.patch
+1438121-7-60a1.patch
+1442753-60a1.patch
+1443121-60a1.patch
+1440102-60a1.patch
+1442813-60a1.patch
+1307925-60a1.patch
+1442680-60a1.patch
+1442146-60a1.patch
+1435983-60a1.patch
+servo-20193-60a1.patch
+servo-20191-60a1.patch
+servo-20189-60a1.patch
+servo-20192-60a1.patch
+servo-20194-60a1.patch
+servo-20196-60a1.patch
+servo-20198-60a1.patch
+1442640-60a1.patch
+1441380-60a1.patch
+1436200-60a1.patch
+1443231-1-60a1.patch
+1443231-2-60a1.patch
+1443231-3-60a1.patch
+1437694-60a1.patch
+1443163-60a1.patch
+1382604-60a1.patch
+253143-1only-60a1.patch
+1440511-01-60a1.patch
+1440511-02-60a1.patch
+1440511-03-60a1.patch
+1440511-04-60a1.patch
+1440511-05-60a1.patch
+1440511-06-60a1.patch
+1440511-07-60a1.patch
+1440511-08-60a1.patch
+1440511-09-60a1.patch
+1440511-10-60a1.patch
+1440511-11-60a1.patch
+1440511-12-60a1.patch
+1411415-1a-60a1.patch
+1438121-8-60a1.patch
+1442150-2-60a1.patch
+1442150-3-60a1.patch
+1442150-4-60a1.patch
+1442150-5-60a1.patch
+1438655-60a1.patch
+1443368-60a1.patch
+1443402-60a1.patch
+servo-20200-60a1.patch
+1442627-1-60a1.patch
+1442627-2-60a1.patch
+1442627-3-60a1.patch
+1442627-4-60a1.patch
+1442627-5-60a1.patch
+1442627-6-60a1.patch
+1442627-7-60a1.patch
+1442543-60a1.patch
+1443367-60a1.patch
+1363862-1-60a1.patch
+1363862-2-60a1.patch
+1438608-60a1.patch
+1437807-60a1.patch
+1401847-60a1.patch
+1442160-60a1.patch
+1421387-60a1.patch
+1443193-60a1.patch
+1434439-60a1.patch
+servo-20211-60a1.patch
+1434483-60a1.patch
+1442523-60a1.patch
+1280099-60a1.patch
+1414901-1a-60a1.patch
+1414901-1b-60a1.patch
+1414901-2-60a1.patch
+1442404-60a1.patch
+1434822-1-60a1.patch
+1434822-2-60a1.patch
+1434822-3-60a1.patch
+1430438-1-60a1.patch
+1443147-60a1.patch
+1441012-60a1.patch
+1443592-1-60a1.patch
+1443592-2-60a1.patch
+1443592-3-60a1.patch
+1443592-4-60a1.patch
+1443592-5-60a1.patch
+1443592-6-60a1.patch
+1443592-7-60a1.patch
+1425580-15-60a1.patch
+1425580-16-60a1.patch
+1425580-17-60a1.patch
+1425580-18-60a1.patch
+1425580-19-60a1.patch
+1443727-60a1.patch
+1439026-1-60a1.patch
+1439026-2-60a1.patch
+1444081-60a1.patch
+1442656-60a1.patch
+1438886-1-60a1.patch
+1438886-2-60a1.patch
+1442748-1-60a1.patch
+1442748-2-60a1.patch
+1443357-60a1.patch
+1442126-60a1.patch
+1443344-60a1.patch
+1443393-60a1.patch
+1443697-60a1.patch
+1436096-1-60a1.patch
+1436096-2-60a1.patch
+1024082-1-60a1.patch
+1024082-2-60a1.patch
+1024082-3-60a1.patch
+1441462-60a1.patch
+1441271-60a1.patch
+1435013-60a1.patch
+servo-20230-60a1.patch
+1436341-1-60a1.patch
+1436341-2-60a1.patch
+1443585-1-60a1.patch
+1443585-2-60a1.patch
+1442422-60a1.patch
+1154874-60a1.patch
+1382605-60a1.patch
+1363061-60a1.patch
+1442767-1-60a1.patch
+1442767-2-60a1.patch
+1443187-60a1.patch
+1443397-60a1.patch
+1436187-1-60a1.patch
+1436187-2-60a1.patch
+1436187-3-60a1.patch
+1436187-4-60a1.patch
+1443470-1-60a1.patch
+1443470-2-60a1.patch
+1443470-3-60a1.patch
+1439846-60a1.patch
+1443932-1-60a1.patch
+1443932-2-60a1.patch
+1442502-60a1.patch
+1442304-60a1.patch
+1438835-60a1.patch
+1443988-1-60a1.patch
+1443988-2-60a1.patch
+1443198-1-60a1.patch
+1443198-2-60a1.patch
+1443301-1-60a1.patch
+1443301-2-60a1.patch
+1443301-3-60a1.patch
+1443301-4-60a1.patch
+1437272-1-60a1.patch
+1437272-2-60a1.patch
+1437272-3-60a1.patch
+1443046-60a1.patch
+servo-20238-60a1.patch
+1434855-1-60a1.patch
+1434855-2-60a1.patch
+1441761-60a1.patch
+1444036-60a1.patch
+1444004-60a1.patch
+1443746-60a1.patch
+1352877-1-60a1.patch
+1440966-60a1.patch
+1438394-60a1.patch
+servo-20236-60a1.patch
+servo-20237-60a1.patch
+1440322-60a1.patch
+1436197-60a1.patch
+1440678-60a1.patch
+1444073-60a1.patch
+servo-20245-60a1.patch
+NOBUG-20180309-revendor-60a1.patch
+1434392-60a1.patch
+1444221-60a1.patch
+1434885-60a1.patch
+1443461-60a1.patch
+NOBUG-20180309-euclid-60a1.patch
+servo-20254-60a1.patch
+1307928-1-60a1.patch
+1307928-2-60a1.patch
+1307928-3-60a1.patch
+1307928-4-60a1.patch
+1441885-60a1.patch
+1415211-60a1.patch
+1444150-60a1.patch
+1434692-1only-60a1.patch
+1443685-60a1.patch
+1325320-1-60a1.patch
+1443232-1-60a1.patch
+1443232-2-60a1.patch
+1428430-60a1.patch
+1443228-60a1.patch
+1444175-60a1.patch
+1443807-1-60a1.patch
+1443807-2-60a1.patch
+1444404-60a1.patch
+1307555-1-60a1.patch
+1307555-2-60a1.patch
+1434849-60a1.patch
+1435959-60a1.patch
+1442312-1-60a1.patch
+1442312-2-60a1.patch
+1442312-3-60a1.patch
+1441531-60a1.patch
+1443642-60a1.patch
+1444252-60a1.patch
+1440206-60a1.patch
+1444494-60a1.patch
+1444539-1-60a1.patch
+1444539-2-60a1.patch
+1443640-60a1.patch
+1443232-3-60a1.patch
+1438121-09-60a1.patch
+1438121-10-60a1.patch
+1438121-11-60a1.patch
+1438121-12-60a1.patch
+1438121-13-60a1.patch
+1438121-14-60a1.patch
+1408673-60a1.patch
+1425626-60a1.patch
+1425580-20-60a1.patch
+1439885-60a1.patch
+1438121-15-60a1.patch
+1442561-1-60a1.patch
+1442561-2-60a1.patch
+1437733-60a1.patch
+1442561-3-60a1.patch
+1444593-60a1.patch
+1437295-1-60a1.patch
+1437295-2-60a1.patch
+1437295-3-60a1.patch
+1437295-4-60a1.patch
+1437295-5-60a1.patch
+1444082-60a1.patch
+1444666-60a1.patch
+servo-20274-60a1.patch
+1444374-60a1.patch
+1444679-1-60a1.patch
+1444679-2-60a1.patch
+1441817-60a1.patch
+1420485-6-60a1.patch
+1382841-1-60a1.patch
+1382841-2-60a1.patch
+1382841-3-60a1.patch
+1382841-4-60a1.patch
+1382841-5-60a1.patch
+1444303-61a1.patch
+1447391-61a1.patch
+1444881-61a1.patch
+1421563-61a1.patch
+1401129-7-61a1.patch
+1401129-8-61a1.patch
+1444357-61a1.patch
+1444106-61a1.patch
+1444414-61a1.patch
+1437627-1-61a1.patch
+1437627-2-61a1.patch
+1437627-3-61a1.patch
+1416726-61a1.patch
+1444339-61a1.patch
+1439026-3-61a1.patch
+1439026-4-61a1.patch
+1423261-2-61a1.patch
+1443224-61a1.patch
+1443831-61a1.patch
+1431050-61a1.patch
+servo-20204-61a1.patch
+1444416-1-61a1.patch
+1444416-2no3-61a1.patch
+1444628-61a1.patch
+1443557-61a1.patch
+1444380-61a1.patch
+1443152-61a1.patch
+1445073-61a1.patch
+1432683-61a1.patch
+1443081-01-client-aboutdebugging-61a1.patch
+1443081-02-client-animationinspector-61a1.patch
+1443081-03-client-root-61a1.patch
+1443081-04-client-dom-61a1.patch
+1443081-05-client-framework-61a1.patch
+1443081-06-client-inspector-61a1.patch
+1443081-07-client-jsonview-61a1.patch
+1443081-08-client-memory-61a1.patch
+1443081-09-client-netmonitor-61a1.patch
+1443081-10-client-performance-61a1.patch
+1443081-11-client-responsive-61a1.patch
+1443081-12-client-shared-61a1.patch
+1443081-13-client-sourceeditor-61a1.patch
+1443081-14-client-storage-61a1.patch
+1443081-15-client-styleeditor-61a1.patch
+1443081-16-client-webconsole-61a1.patch
+1443081-17-server-actors-61a1.patch
+1443081-18-server-root-61a1.patch
+1443081-19-server-performance-61a1.patch
+1443081-20-server-tests-61a1.patch
+1443081-21-shared-61a1.patch
+1443081-22-shim-61a1.patch
+1440321-1a-aboutdebugging-61a1.patch
+1440321-1b-canvasdebugger-61a1.patch
+1440321-1c-commandline-61a1.patch
+1440321-1d-debugger-61a1.patch
+1440321-1e-dom-61a1.patch
+1440321-1f-framework-61a1.patch
+1440321-1g-inspector-61a1.patch
+1440321-1h-jsonview-61a1.patch
+1440321-1i-memory-61a1.patch
+1440321-1j-performance-61a1.patch
+1440321-1k-scratchpad-61a1.patch
+1440321-1l-shadereditor-61a1.patch
+1440321-1m-shared-61a1.patch
+1440321-1n-sourceeditor-61a1.patch
+1440321-1o-storage-61a1.patch
+1440321-1p-styleeditor-61a1.patch
+1440321-1q-webaudioeditor-61a1.patch
+1440321-1r-webconsole-61a1.patch
+1440321-2-61a1.patch
+1440321-3-61a1.patch
+1440321-4-61a1.patch
+1441703-1-61a1.patch
+1441703-2-61a1.patch
+1411037-61a1.patch
+servo-20288-61a1.patch
+NOBUG-20180313-toml-61a1.patch
+NOBUG-20180313-revendor-61a1.patch
+1444048-61a1.patch
+1443518-61a1.patch
+1416016-2-61a1.patch
+1445026-61a1.patch
+NOBUG-20180313-fixnames-61a1.patch
+NOBUG-20180313-fixeol-61a1.patch
+NOBUG-20180313-compilefix-61a1.patch
+1375074-61a1.patch
+1442583-61a1.patch
+1439404-1-61a1.patch
+1439404-2-61a1.patch
+1439404-3-61a1.patch
+1439404-4-61a1.patch
+1441142-1-61a1.patch
+1441142-2-61a1.patch
+1440618-61a1.patch
+1434054-61a1.patch
+1333018-2-61a1.patch
+1401939-61a1.patch
+1419094-1-61a1.patch
+1445181-1-61a1.patch
+1445181-2-61a1.patch
+1445181-3-61a1.patch
+1445196-61a1.patch
+1419094-2-61a1.patch
+1444506-6-61a1.patch
+1426588-61a1.patch
+1442967-1-61a1.patch
+1442967-2-61a1.patch
+1442967-3-61a1.patch
+1444680-1a-61a1.patch
+1444680-1b-61a1.patch
+1444680-2-61a1.patch
+1444680-3-61a1.patch
+1444680-4-61a1.patch
+1444680-5-61a1.patch
+1444680-6-61a1.patch
+1444680-7a-61a1.patch
+1444680-7b-61a1.patch
+1444680-7c-61a1.patch
+1444680-7d-61a1.patch
+1444680-7e-61a1.patch
+1444680-7f-61a1.patch
+1444680-7g-61a1.patch
+1444680-7h-61a1.patch
+1444758-01-61a1.patch
+1444905-61a1.patch
+1431573-00-61a1.patch
+1431573-01-61a1.patch
+1431573-02-61a1.patch
+1431573-03-61a1.patch
+1431573-04-61a1.patch
+1431573-05-61a1.patch
+1431573-06-61a1.patch
+1431573-07-61a1.patch
+1431573-08-61a1.patch
+1431573-09-61a1.patch
+1431573-10-61a1.patch
+1431573-11-61a1.patch
+1431573-12-61a1.patch
+NOBUG-20180313-inspector-61a1.patch
+1445245-61a1.patch
+1441495-61a1.patch
+1443792-1-61a1.patch
+1443792-2-61a1.patch
+1443792-3-61a1.patch
+1443792-4-61a1.patch
+1443792-5-61a1.patch
+1445193-61a1.patch
+1444167-1only-61a1.patch
+1445019-61a1.patch
+1363900-61a1.patch
+1442200-61a1.patch
+1435291-1-61a1.patch
+1325320-2-61a1.patch
+1325320-3-61a1.patch
+1325320-4-61a1.patch
+1445117-61a1.patch
+1441635-1-61a1.patch
+1441635-2-61a1.patch
+1351685-61a1.patch
+1391255-61a1.patch
+1437532-61a1.patch
+1445633-61a1.patch
+1444834-61a1.patch
+1445592-61a1.patch
+977538-2-61a1.patch
+1435360-1-61a1.patch
+1435360-2-61a1.patch
+1435360-3-61a1.patch
+1435360-4-61a1.patch
+1445658-61a1.patch
+1445704-61a1.patch
+1445610-61a1.patch
+1442599-1-61a1.patch
+1442599-2-61a1.patch
+1442599-3-61a1.patch
+1442599-4-61a1.patch
+1442599-5-61a1.patch
+1442599-6-61a1.patch
+1442599-7-61a1.patch
+1444335-61a1.patch
+1445978-61a1.patch
+1445936-61a1.patch
+1443080-PARTIAL-js-61a1.patch
+1445235-1-61a1.patch
+1445235-2-61a1.patch
+1445403-1-61a1.patch
+1445403-2-61a1.patch
+1445403-3-61a1.patch
+1445419-61a1.patch
+1435788-61a1.patch
+1419226-1-61a1.patch
+1419226-2-61a1.patch
+1443457-61a1.patch
+1445153-61a1.patch
+1435291-2-61a1.patch
+1443671-1-61a1.patch
+1445081-1-61a1.patch
+1445081-2-61a1.patch
+1445003-61a1.patch
+1440638-61a1.patch
+1445188-61a1.patch
+1445766-1a-61a1.patch
+1445008-61a1.patch
+1432039-61a1.patch
+1437032-61a1.patch
+1445556-1-61a1.patch
+1445556-2-61a1.patch
+1445556-3-61a1.patch
+1445888-61a1.patch
+1425573-5-61a1.patch
+1445662-1-61a1.patch
+1445662-2-61a1.patch
+1445662-3-61a1.patch
+1445662-4-61a1.patch
+1445662-5-61a1.patch
+1445662-6-61a1.patch
+1445662-7-61a1.patch
+1445662-8-61a1.patch
+1443292-61a1.patch
+1445496-61a1.patch
+1446071-61a1.patch
+1445955-61a1.patch
+1445947-61a1.patch
+1445619-61a1.patch
+1446166-61a1.patch
+1445935-61a1.patch
+1354883-61a1.patch
+1445776-61a1.patch
+1446064-61a1.patch
+1425599-01-61a1.patch
+1425599-02-61a1.patch
+1425599-03-61a1.patch
+1425599-04-61a1.patch
+1425599-05-61a1.patch
+1425599-06-61a1.patch
+1425599-07-61a1.patch
+1425599-08-61a1.patch
+1425599-09-61a1.patch
+1425599-10-61a1.patch
+1425599-11-61a1.patch
+1425599-12-61a1.patch
+1425599-13-61a1.patch
+1425599-14-61a1.patch
+1425599-15-61a1.patch
+1425599-16-61a1.patch
+1425599-17-61a1.patch
+1443803-61a1.patch
+1445763-61a1.patch
+1444946-1-61a1.patch
+1444946-2-61a1.patch
+1382585-61a1.patch
+1382599-61a1.patch
+1382600-61a1.patch
+1382602-61a1.patch
+1444798-61a1.patch
+1445229-61a1.patch
+1445230-61a1.patch
+1446471-1-61a1.patch
+1446471-2-61a1.patch
+1446471-3-61a1.patch
+1441324-1-61a1.patch
+1441324-2-61a1.patch
+1441324-3-61a1.patch
+1441324-4-61a1.patch
+1435816-61a1.patch
+1382581-1-61a1.patch
+1382581-2-61a1.patch
+1382581-3-61a1.patch
+1382581-4-61a1.patch
+1382581-5-61a1.patch
+1382581-6-61a1.patch
+1382581-7-61a1.patch
+1382581-8-61a1.patch
+1446254-61a1.patch
+1445595-61a1.patch
+1440531-61a1.patch
+1446315-1-61a1.patch
+1446315-2-61a1.patch
+1438839-1-61a1.patch
+1438839-2-61a1.patch
+1438839-3-61a1.patch
+1438839-4-61a1.patch
+1440714-05-61a1.patch
+1439006-61a1.patch
+1397795-1-61a1.patch
+1369711-1-61a1.patch
+1369711-2-61a1.patch
+1446280-61a1.patch
+1446680-61a1.patch
+1440388-1-61a1.patch
+1440388-2-61a1.patch
+1440388-3-61a1.patch
+1440388-4-61a1.patch
+1444177-61a1.patch
+1446583-61a1.patch
+1446766-1-61a1.patch
+1446766-2-61a1.patch
+1446766-3-61a1.patch
+1446061-61a1.patch
+1445966-61a1.patch
+1446348-61a1.patch
+1362417-61a1.patch
+1442465-1-61a1.patch
+1442465-2-61a1.patch
+1442465-3-61a1.patch
+1442465-4_1-61a1.patch
+1442465-4_2-61a1.patch
+1442465-5-61a1.patch
+1442465-6-61a1.patch
+1442465-7-61a1.patch
+1447091-61a1.patch
+1447070-61a1.patch
+servo-20339-61a1.patch
+servo-20351-61a1.patch
+1445837-61a1.patch
+1403188-61a1.patch
+1444327-61a1.patch
+1443671-2-61a1.patch
+1443599-61a1.patch
+1407240-61a1.patch
+1446022-61a1.patch
+1188955-1-61a1.patch
+1188955-2-61a1.patch
+1188955-3-61a1.patch
+1446941-61a1.patch
+1446614-61a1.patch
+1413392-61a1.patch
+1446342-61a1.patch
+1445291-61a1.patch
+1438755-1-61a1.patch
+1438755-2-61a1.patch
+1438755-3-61a1.patch
+1438755-4-61a1.patch
+1437366-1-61a1.patch
+1437366-2-61a1.patch
+1437366-3-61a1.patch
+1437366-4-61a1.patch
+1437366-5-61a1.patch
+1437366-6-61a1.patch
+1443898-61a1.patch
+1446358-61a1.patch
+1444152-61a1.patch
+1382601-1-61a1.patch
+1382601-2-61a1.patch
+1447154-1-61a1.patch
+1447154-2-61a1.patch
+1435472-61a1.patch
+1444894-61a1.patch
+1388842-1-61a1.patch
+1444926-1-61a1.patch
+1444926-2-61a1.patch
+1447401-61a1.patch
+1443208-1only-61a1.patch
+1447086-61a1.patch
+1444594-61a1.patch
+1446592-61a1.patch
+1446833-1-61a1.patch
+1446833-2-61a1.patch
+1446833-3-61a1.patch
+1446833-4-61a1.patch
+1446833-5-61a1.patch
+1446571-2a-61a1.patch
+1446571-2b-61a1.patch
+1446571-3a-61a1.patch
+1446571-3b-61a1.patch
+1446571-3c-61a1.patch
+1446571-3d-61a1.patch
+1446571-3e-61a1.patch
+1444541-61a1.patch
+1446588-61a1.patch
+1447450-61a1.patch
+1445302-61a1.patch
+1441287-1-61a1.patch
+1441287-2-61a1.patch
+1441287-3-61a1.patch
+1441287-4-61a1.patch
+1397795-2-61a1.patch
+1397795-3-61a1.patch
+1447262-61a1.patch
+1203273-61a1.patch
+1445970-1-61a1.patch
+1445970-2-61a1.patch
+1444604-1-61a1.patch
+1444604-2-61a1.patch
+1444604-3-61a1.patch
+1444604-4-61a1.patch
+1444604-5-61a1.patch
+1444604-6-61a1.patch
+1444604-7-61a1.patch
+1443583-01-61a1.patch
+1443583-02-61a1.patch
+1443583-03-61a1.patch
+1443583-04-61a1.patch
+1443583-05-61a1.patch
+1443583-06-61a1.patch
+1443583-07-61a1.patch
+1443583-08-61a1.patch
+1443583-09-61a1.patch
+1443583-10-61a1.patch
+1437537-61a1.patch
+1367833-61a1.patch
+1447073-61a1.patch
+1447074-61a1.patch
+1447632-61a1.patch
+1447157-61a1.patch
+1447326-61a1.patch
+1435036-61a1.patch
+1439960-1-61a1.patch
+1439960-2-61a1.patch
+1447528-61a1.patch
+1401879-61a1.patch
+1438072-0-61a1.patch
+1438072-1-61a1.patch
+1438072-2-61a1.patch
+1438072-3-61a1.patch
+1437730-1-61a1.patch
+1437730-2-61a1.patch
+1437730-3-61a1.patch
+1443614-61a1.patch
+1445624-1-61a1.patch
+1445624-2-61a1.patch
+1445624-3-61a1.patch
+1447286-1-61a1.patch
+1447286-2-61a1.patch
+1447286-3-61a1.patch
+1447286-4-61a1.patch
+1447286-5-61a1.patch
+1448006-61a1.patch
+1447062-61a1.patch
+1444007-61a1.patch
+1447750-61a1.patch
+1447728-1only-61a1.patch
+1447578-1-61a1.patch
+1447578-2-61a1.patch
+1447578-3-61a1.patch
+1447578-4-61a1.patch
+1447578-5-61a1.patch
+1371591-1-61a1.patch
+1371591-2-61a1.patch
+1371591-3-61a1.patch
+1446051-61a1.patch
+1447018-61a1.patch
+1429818-1-61a1.patch
+1412238-2-61a1.patch
+1447017-61a1.patch
+1447362-61a1.patch
+1447763-61a1.patch
+1083458-1-61a1.patch
+1083458-2-61a1.patch
+1443608-61a1.patch
+1447359-61a1.patch
+1439788-61a1.patch
+1447835-61a1.patch
+1446650-61a1.patch
+1428387-61a1.patch
+1447742-61a1.patch
+1446811-61a1.patch
+1447914-61a1.patch
+1416045-61a1.patch
+1443846-1-61a1.patch
+1443846-2-61a1.patch
+1443846-3-61a1.patch
+1440013-61a1.patch
+1448288-61a1.patch
+1414286-1-61a1.patch
+1414286-2-61a1.patch
+1434007-2-61a1.patch
+1444033-61a1.patch
+1448138-61a1.patch
+servo-20407-61a1.patch
+1446617-1-61a1.patch
+1448387-61a1.patch
+1440714-09-61a1.patch
+1445207-61a1.patch
+1447817-61a1.patch
+1431221-01-61a1.patch
+1431221-02-61a1.patch
+1431221-03-61a1.patch
+1431221-04-61a1.patch
+1431221-05-61a1.patch
+1431221-06-61a1.patch
+1431221-07-61a1.patch
+1431221-08-61a1.patch
+1431221-09-61a1.patch
+1431221-10-61a1.patch
+1431221-11-61a1.patch
+1431221-12-61a1.patch
+1431221-13-61a1.patch
+1431221-14-61a1.patch
+1432779-1-61a1.patch
+1432779-2-61a1.patch
+1432779-3-61a1.patch
+1432779-4-61a1.patch
+1432779-5-61a1.patch
+1432779-6-61a1.patch
+1432779-7-61a1.patch
+1432779-8-61a1.patch
+1432779-9-61a1.patch
+1444479-01-61a1.patch
+1444479-02-61a1.patch
+1444479-03-61a1.patch
+1444479-04-61a1.patch
+1444479-05-61a1.patch
+1444479-06-61a1.patch
+1444479-07-61a1.patch
+1444479-08-61a1.patch
+1444479-09-61a1.patch
+1444479-10-61a1.patch
+1444479-11-61a1.patch
+1448436-61a1.patch
+1447059-61a1.patch
+1447166-1-61a1.patch
+1447166-2-61a1.patch
+1447166-3-61a1.patch
+1447166-4-61a1.patch
+1434513-61a1.patch
+1448627-61a1.patch
+1448490-1-61a1.patch
+1448071-61a1.patch
+1445528-61a1.patch
+1442153-61a1.patch
+1438990-1-61a1.patch
+1438990-2-61a1.patch
+1448883-61a1.patch
+1425603-61a1.patch
+1437880-61a1.patch
+1448378-61a1.patch
+1433037-61a1.patch
+1440714-10-61a1.patch
+1448978-61a1.patch
+1448221-3only-PARTIAL-61a1.patch
+1447903-3a-61a1.patch
+1447903-3c-61a1.patch
+1447903-6a-61a1.patch
+1447903-6b-61a1.patch
+1447903-8a-61a1.patch
+1447903-9a-61a1.patch
+1447903-10a-61a1.patch
+1447903-19a-61a1.patch
+1441509-61a1.patch
+1447821-1-61a1.patch
+1447821-2-61a1.patch
+1444904-61a1.patch
+1449159-61a1.patch
+1423370-61a1.patch
+1447964-61a1.patch
+1412238-3no4-61a1.patch
+1447385-61a1.patch
+1445907-61a1.patch
+1447996-61a1.patch
+1448174-1-61a1.patch
+1448174-2-61a1.patch
+1448174-3-61a1.patch
+1428453-1-61a1.patch
+1428453-2-61a1.patch
+1444673-61a1.patch
+1448809-61a1.patch
+1447261-1-61a1.patch
+1447261-2-61a1.patch
+1447261-3-61a1.patch
+1448552-1-61a1.patch
+1449034-61a1.patch
+1448546-61a1.patch
+1381453-61a1.patch
+1449131-61a1.patch
+1448028-61a1.patch
+1448015-61a1.patch
+1448605-61a1.patch
+1448691-61a1.patch
+1449135-1-61a1.patch
+1449135-2-61a1.patch
+1449135-3-61a1.patch
+1443603-61a1.patch
+1448834-61a1.patch
+1444086-61a1.patch
+1444537-1-61a1.patch
+1444537-2-61a1.patch
+1444219-61a1.patch
+1446993-61a1.patch
+1449299-61a1.patch
+776137-61a1.patch
+1446466-1-61a1.patch
+1446466-2-61a1.patch
+1434717-1-61a1.patch
+1434717-2-61a1.patch
+1434717-3-61a1.patch
+1434717-4-61a1.patch
+1434717-5-61a1.patch
+1434717-6-61a1.patch
+1447457-61a1.patch
+1449194-61a1.patch
+1448136-61a1.patch
+1448232-61a1.patch
+1449099-61a1.patch
+1449285-61a1.patch
+1449296-61a1.patch
+1449051-61a1.patch
+1449254-61a1.patch
+1441141-1-61a1.patch
+1441141-2-61a1.patch
+1448329-61a1.patch
+1448821-61a1.patch
+1448552-2-61a1.patch
+1449029-61a1.patch
+1447563-1-61a1.patch
+1447563-2-61a1.patch
+1448380-61a1.patch
+1447904-61a1.patch
+1448412-61a1.patch
+1444499-1-61a1.patch
+1444499-2-61a1.patch
+1446233-1-61a1.patch
+1446233-2-61a1.patch
+1447998-1-61a1.patch
+1447998-2-61a1.patch
+1447998-3-61a1.patch
+1447998-4-61a1.patch
+1449478-1-61a1.patch
+1449478-2-61a1.patch
+1449392-61a1.patch
+1431439-61a1.patch
+1448835-61a1.patch
+1448836-61a1.patch
+1448582-61a1.patch
+1448838-61a1.patch
+1448837-61a1.patch
+1448839-61a1.patch
+1445235-3-61a1.patch
+1445235-4-61a1.patch
+1445235-5-61a1.patch
+1445235-6-61a1.patch
+1445235-7-61a1.patch
+1449153-61a1.patch
+1449541-61a1.patch
+1449571-61a1.patch
+1449506-61a1.patch
+1448589-1-61a1.patch
+1449213-61a1.patch
+1449511-61a1.patch
+1433909-1-61a1.patch
+1433909-2-61a1.patch
+1433909-3-61a1.patch
+1448771-1-61a1.patch
+1448771-2-61a1.patch
+1448490-2-61a1.patch
+1382982-61a1.patch
+1449118-61a1.patch
+1447131-1-61a1.patch
+1447131-2-61a1.patch
+1447131-3-61a1.patch
+1449145-61a1.patch
+1447299-1-61a1.patch
+1447299-2-61a1.patch
+1447299-3-61a1.patch
+1447299-4-61a1.patch
+1447299-5-61a1.patch
+1447299-6-61a1.patch
+1449620-61a1.patch
+servo-20465-61a1.patch
+servo-20468-61a1.patch
+NOBUG-20180329-revendor-61a1.patch
+1440719-61a1.patch
+1449075-1-61a1.patch
+NOBUG-20180329-extensions-61a1.patch
+1449042-61a1.patch
+1438250-61a1.patch
+1436802-61a1.patch
+1449612-61a1.patch
+1449862-61a1.patch
+1441796-1-61a1.patch
+1441796-2-61a1.patch
+1441796-3-61a1.patch
+1449640-61a1.patch
+1440827-61a1.patch
+1449337-61a1.patch
+1444119-61a1.patch
+1337157-61a1.patch
+1449759-61a1.patch
+1450047-1-61a1.patch
+1450047-2-61a1.patch
+1448306-1-61a1.patch
+1448306-2-61a1.patch
+1448306-3-61a1.patch
+1448306-4-61a1.patch
+1448306-5-61a1.patch
+1437533-1-61a1.patch
+1449051-1-61a1.patch
+1449051-2-61a1.patch
+1448589-2-61a1.patch
+1449189-1-61a1.patch
+1449189-2-61a1.patch
+1450311-61a1.patch
+1449887-61a1.patch
+1449066-61a1.patch
+1441359-61a1.patch
+1450101-61a1.patch
+1449746-61a1.patch
+1447736-61a1.patch
+1428214-61a1.patch
+1450133-61a1.patch
+1446617-2-61a1.patch
+1449518-61a1.patch
+1450221-61a1.patch
+1449975-61a1.patch
+1428468-61a1.patch
+1448519-61a1.patch
+1450699-61a1.patch
+1436809-61a1.patch
+1442669-61a1.patch
+1449342-61a1.patch
+1442330-61a1.patch
+1443525-1-61a1.patch
+1443525-2-61a1.patch
+1429019-1-61a1.patch
+1429019-2-61a1.patch
+1448591-61a1.patch
+1447925-1-61a1.patch
+1447925-2-61a1.patch
+1448320-61a1.patch
+1450724-61a1.patch
+1451038-61a1.patch
+1083458-3-61a1.patch
+1450242-61a1.patch
+1450310-61a1.patch
+1449087-1-61a1.patch
+1450740-61a1.patch
+1443380-61a1.patch
+1083458-4-61a1.patch
+1450804-61a1.patch
+1450802-61a1.patch
+1083458-5-61a1.patch
+1431949-61a1.patch
+1450790-61a1.patch
+1444473-61a1.patch
+1449291-61a1.patch
+1447097-61a1.patch
+1434711-61a1.patch
+1449094-61a1.patch
+1430558-61a1.patch
+1341088-1-61a1.patch
+1341088-2-61a1.patch
+1451246-61a1.patch
+1450099-1-61a1.patch
+1450099-2-61a1.patch
+1451251-61a1.patch
+1450800-1-61a1.patch
+1450800-2-61a1.patch
+1451292-61a1.patch
+1449562-1-61a1.patch
+1449562-2-61a1.patch
+1447193-2-61a1.patch
+1450162-1-61a1.patch
+1450162-2-61a1.patch
+1450162-3-61a1.patch
+1451331-61a1.patch
+1451316-61a1.patch
+1451310-61a1.patch
+1450574-1-61a1.patch
+1443600-61a1.patch
+1448863-61a1.patch
+1451501-61a1.patch
+1323302-61a1.patch
+1451825-61a1.patch
+1328273-61a1.patch
+1348223-1-61a1.patch
+1348223-2-61a1.patch
+1348223-3-61a1.patch
+1348223-4-61a1.patch
+1432793-1-61a1.patch
+1432793-2-61a1.patch
+1432793-3-61a1.patch
+1449976-1-61a1.patch
+1449976-2-61a1.patch
+1449976-3-61a1.patch
+1433408-61a1.patch
+1450182-61a1.patch
+1451296-61a1.patch
+1451761-61a1.patch
+1448667-61a1.patch
+1450574-2no3-61a1.patch
+1448194-61a1.patch
+1452098-61a1.patch
+1437004-3only-61a1.patch
+1450795-1-61a1.patch
+1446904-61a1.patch
+1451945-1-61a1.patch
+1451945-2-61a1.patch
+1450209-61a1.patch
+1450574-4-61a1.patch
+1451443-61a1.patch
+1448887-61a1.patch
+1445973-1-61a1.patch
+1445973-2-61a1.patch
+1445973-3-61a1.patch
+1445973-4-61a1.patch
+1437510-61a1.patch
+1452491-61a1.patch
+1452406-61a1.patch
+1450796-61a1.patch
+1452581-61a1.patch
+1452592-61a1.patch
+1451976-61a1.patch
+1451658-1-61a1.patch
+1451658-61a1.patch
+NOBUG-20180411-jsvalue-61a1.patch
+1452619-1a-fix-61a1.patch
+1373368-1-61a1.patch
+1373368-2-61a1.patch
+1373368-3-61a1.patch
+1373368-4-61a1.patch
+1451733-1-61a1.patch
+1451733-2-61a1.patch
+1451733-3-61a1.patch
+1344350-1-61a1.patch
+1344350-2no3-61a1.patch
+1430803-61a1.patch
+1286861-1-61a1.patch
+1286861-2-61a1.patch
+1286861-3-61a1.patch
+1447180-61a1.patch
+1450163-61a1.patch
+1451798-61a1.patch
+servo-20592-61a1.patch
+1447480-1-61a1.patch
+1447480-2-61a1.patch
+1451453-1-61a1.patch
+1451453-2-61a1.patch
+1451453-3-61a1.patch
+1451453-4-61a1.patch
+1451453-5-61a1.patch
+1452041-61a1.patch
+1452466-61a1.patch
+1452472-61a1.patch
+1452601-61a1.patch
+1451372-61a1.patch
+1452090-61a1.patch
+1449641-1-61a1.patch
+1449641-2-61a1.patch
+1449641-3-61a1.patch
+1440690-61a1.patch
+1420512-61a1.patch
+1451727-1-61a1.patch
+1451727-2-61a1.patch
+1451727-3-61a1.patch
+1451727-4-61a1.patch
+1451727-5-61a1.patch
+1452769-61a1.patch
+1447057-1-61a1.patch
+1452864-1-61a1.patch
+1452864-2-61a1.patch
+1452791-61a1.patch
+1449982-01-61a1.patch
+1449982-02-61a1.patch
+1449982-03-61a1.patch
+1449982-04-61a1.patch
+1449982-05-61a1.patch
+1449982-06-61a1.patch
+1449982-07-61a1.patch
+1449982-08-61a1.patch
+1449982-09-61a1.patch
+1449982-10-61a1.patch
+1449982-11-61a1.patch
+1429816-2-61a1.patch
+1389805-2only-61a1.patch
+1451940-61a1.patch
+1444125-1-61a1.patch
+1444125-2-61a1.patch
+1445536-61a1.patch
+1317539-61a1.patch
+1434926-61a1.patch
+1445668-61a1.patch
+1452818-1-61a1.patch
+1452818-2-61a1.patch
+1452924-61a1.patch
+1452898-61a1.patch
+1452827-1-61a1.patch
+1452827-2-61a1.patch
+1452307-1-61a1.patch
+1453090-61a1.patch
+1447273-1-61a1.patch
+1447273-2-61a1.patch
+1447273-3-61a1.patch
+1453006-61a1.patch
+1453132-61a1.patch
+1452982-01-61a1.patch
+1452982-02-61a1.patch
+1453278-61a1.patch
+1453647-61a1.patch
+1452982-03-61a1.patch
+1452982-04-61a1.patch
+1452982-05-61a1.patch
+1451931-2only-61a1.patch
+1452982-06-61a1.patch
+1449220-61a1.patch
+1436179-61a1.patch
+1445272-1-61a1.patch
+1445272-2-61a1.patch
+1445272-3-61a1.patch
+1445272-4-61a1.patch
+1445272-5-61a1.patch
+1445272-6-61a1.patch
+1445277-61a1.patch
+1434710-61a1.patch
+NOBUG-20160413-qualify-61a1.patch
+1447442-01-61a1.patch
+1447442-02-61a1.patch
+1447442-03-61a1.patch
+1447442-04-61a1.patch
+1447442-05-61a1.patch
+1447442-06-61a1.patch
+1447442-07-61a1.patch
+1447442-08-61a1.patch
+1447442-09-61a1.patch
+1447442-10-61a1.patch
+1447442-11-61a1.patch
+1447442-12-61a1.patch
+1447442-13-61a1.patch
+1447442-14-61a1.patch
+1447442-15-61a1.patch
+1447442-16-61a1.patch
+1452982-09-61a1.patch
+1452982-08-61a1.patch
+1452982-07-61a1.patch
+1391154-61a1.patch
+servo-20619-61a1.patch
+1453030-1-61a1.patch
+1453030-2-61a1.patch
+1452620-1-61a1.patch
+1452620-2-61a1.patch
+1452620-3-61a1.patch
+1442183-61a1.patch
+1453345-1no2-61a1.patch
+1453345-3-61a1.patch
+1453345-4-61a1.patch
+1453345-5-61a1.patch
+1453487-1-61a1.patch
+1453487-2-61a1.patch
+1453397-61a1.patch
+1450954-1-61a1.patch
+1452496-1-61a1.patch
+1452496-2-60.patch
+1452496-3-61a1.patch
+1452496-4-61a1.patch
+1452603-1-61a1.patch
+1452603-2-61a1.patch
+1452603-3-61a1.patch
+1451681-61a1.patch
+1452509-1-61a1.patch
+1452509-2-61a1.patch
+1452509-3-61a1.patch
+1452509-4-61a1.patch
+1278361-1-61a1.patch
+1278361-2-61a1.patch
+1453364-61a1.patch
+1449835-61a1.patch
+1428306-61a1.patch
+1413854-61a1.patch
+1449555-61a1.patch
+1453639-61a1.patch
+1453740-61a1.patch
+1453480-1-61a1.patch
+1453480-4-61a1.patch
+1453559-61a1.patch
+1278920-61a1.patch
+1453814-1-61a1.patch
+1453814-2-61a1.patch
+1452417-61a1.patch
+1453924-61a1.patch
+1447668-1-61a1.patch
+1453456-1-61a1.patch
+1453456-2-61a1.patch
+1453456-3-61a1.patch
+1452982-00-61a1.patch
+1447989-61a1.patch
+1453628-61a1.patch
+1454207-1-61a1.patch
+1454207-2-61a1.patch
+1454207-3-61a1.patch
+1447693-61a1.patch
+1453028-1-61a1.patch
+1453028-2-61a1.patch
+1453028-3-61a1.patch
+1453028-4-61a1.patch
+1454161-61a1.patch
+1452982-11-61a1.patch
+1452982-12-61a1.patch
+1453884-61a1.patch
+1452982-13-61a1.patch
+1425076-1-61a1.patch
+1425076-2-61a1.patch
+1453929-61a1.patch
+1449832-61a1.patch
+1453872-61a1.patch
+1450801-1-61a1.patch
+1450801-2-61a1.patch
+1420908-1-61a1.patch
+1420908-2-61a1.patch
+1443615-61a1.patch
+1454242-1-61a1.patch
+1454242-2-61a1.patch
+1454338-61a1.patch
+1453741-1-61a1.patch
+1453741-2-61a1.patch
+1445944-1-61a1.patch
+1445944-2-61a1.patch
+1445944-3-61a1.patch
+1445944-4-61a1.patch
+1445944-5-61a1.patch
+1445944-6-61a1.patch
+1445944-7-61a1.patch
+1445944-8-61a1.patch
+1445944-9-61a1.patch
+1454440-61a1.patch
+1453463-1-61a1.patch
+1453463-2-61a1.patch
+1453463-3-61a1.patch
+1452699-1-61a1.patch
+1452699-2-61a1.patch
+1454416-61a1.patch
+1454514-61a1.patch
+1454430-61a1.patch
+1437345-2no1-61a1.patch
+1437345-3-61a1.patch
+1342070-0-61a1.patch
+1342070-1-61a1.patch
+1342070-2-61a1.patch
+1342070-3-61a1.patch
+1342070-4-61a1.patch
+1450847-61a1.patch
+1429727-61a1.patch
+1447284-61a1.patch
+1437995-61a1.patch
+1446693-61a1.patch
+1365177-2-61a1.patch
+1453469-61a1.patch
+1452800-61a1.patch
+1454485-1-61a1.patch
+1454485-2-61a1.patch
+1423261-5-61a1.patch
+1064316-1-61a1.patch
+1442947-61a1.patch
+1454398-1-61a1.patch
+1453809-61a1.patch
+1451088-61a1.patch
+1454923-61a1.patch
+1439712-1-61a1.patch
+1439712-2-61a1.patch
+1454512-61a1.patch
+1454987-61a1.patch
+1453921-61a1.patch
+1455071-61a1.patch
+1455071-2-PARTIAL-61a1.patch
+1455071-6-PARTIAL-61a1.patch
+1455071-7-61a1.patch
+1454940-61a1.patch
+1453922-61a1.patch
+1436662-1a-61a1.patch
+1445479-61a1.patch
+1454027-1-61a1.patch
+1454027-2-61a1.patch
+1451469-1-61a1.patch
+1451469-2-61a1.patch
+1451469-3-61a1.patch
+1451469-4-61a1.patch
+1451469-5-61a1.patch
+1451469-6-61a1.patch
+1451469-7-61a1.patch
+1451469-8-61a1.patch
+1454721-61a1.patch
+1444363-61a1.patch
+1454625-1-61a1.patch
+1454625-2-61a1.patch
+1252998-01-61a1.patch
+1252998-02-61a1.patch
+1252998-03-61a1.patch
+1252998-04-61a1.patch
+1252998-05-61a1.patch
+1252998-06-61a1.patch
+1252998-07-61a1.patch
+1252998-08-61a1.patch
+1252998-09-61a1.patch
+1252998-10-61a1.patch
+1252998-11-61a1.patch
+1455120-61a1.patch
+1453426-61a1.patch
+1445067-1-61a1.patch
+1445067-2-61a1.patch
+1445067-3-61a1.patch
+1451745-61a1.patch
+1454094-61a1.patch
+1451211-61a1.patch
+1455127-1-61a1.patch
+1455127-2-61a1.patch
+1455127-3-61a1.patch
+1455162-61a1.patch
+1415342-1only-61a1.patch
+1450954-2-61a1.patch
+1064316-2-61a1.patch
+1454914-1-61a1.patch
+1454914-2-61a1.patch
+1453589-61a1.patch
+1452982-14-61a1.patch
+1452982-15-61a1.patch
+1452602-61a1.patch
+1453932-61a1.patch
+1443468-61a1.patch
+1452571-61a1.patch
+1455179-61a1.patch
+1451065-1-61a1.patch
+1451065-2-61a1.patch
+1451065-3-61a1.patch
+1455143-01-61a1.patch
+1455143-02-61a1.patch
+1455143-03-61a1.patch
+1455143-04-61a1.patch
+1455143-05-61a1.patch
+1455143-06-61a1.patch
+1455143-07-61a1.patch
+1455143-08-61a1.patch
+1455143-09-61a1.patch
+1455143-10no11-61a1.patch
+1455086-61a1.patch
+1453818-61a1.patch
+1454573-61a1.patch
+1410424-1-61a1.patch
+1410424-2-61a1.patch
+1410424-3-61a1.patch
+1455451-61a1.patch
+1443424-61a1.patch
+1455285-61a1.patch
+1448089-1-61a1.patch
+1448089-2-61a1.patch
+1454592-1-61a1.patch
+1454592-2-61a1.patch
+1451198-1-61a1.patch
+1451198-2-61a1.patch
+1419373-61a1.patch
+1415852-61a1.patch
+1454398-61a1.patch
+1448563-1-61a1.patch
+1448563-2-61a1.patch
+1448563-3-61a1.patch
+1448563-4-61a1.patch
+1448563-5-61a1.patch
+1448563-6-61a1.patch
+1448563-7-61a1.patch
+1400153-1-61a1.patch
+1400153-2-61a1.patch
+1455599-61a1.patch
+1448563-8-61a1.patch
+1400153-61a1.patch
+1455608-1-61a1.patch
+1455608-2-61a1.patch
+1455693-61a1.patch
+1455703-61a1.patch
+1394399-1-61a1.patch
+1394399-2no3-61a1.patch
+1455569-61a1.patch
+1430215-1only-61a1.patch
+1446019-61a1.patch
+1432653-61a1.patch
+1451002-61a1.patch
+1450834-61a1.patch
+1453274-1-61a1.patch
+1453274-2-61a1.patch
+1455708-61a1.patch
+1441338-61a1.patch
+1455100-61a1.patch
+1448934-1-61a1.patch
+1441246-61a1.patch
+1064316-3-61a1.patch
+1455702-61a1.patch
+1456100-61a1.patch
+1448563-9-61a1.patch
+1285909-2-61a1.patch
+1456203-61a1.patch
+1451524-1-61a1.patch
+1456054-61a1.patch
+1387399-61a1.patch
+1444537-3-61a1.patch
+1444537-4-61a1.patch
+1455406-61a1.patch
+1456119-1-61a1.patch
+1456119-2-61a1.patch
+1455504-61a1.patch
+1455970-61a1.patch
+1433642-2only-PARTIAL-61a1.patch
+1455612-61a1.patch
+1456470-61a1.patch
+1451248-61a1.patch
+1455709-61a1.patch
+1455280-61a1.patch
+1456881-61a1.patch
+1455611-61a1.patch
+1456952-61a1.patch
+1456296-61a1.patch
+1452935-1only-61a1.patch
+1451082-61a1.patch
+1275292-61a1.patch
+1448522-61a1.patch
+1456494-61a1.patch
+1452114-1-61a1.patch
+1452114-2-61a1.patch
+1455795-61a1.patch
+1455016-61a1.patch
+1455019-61a1.patch
+1455028-61a1.patch
+1443555-61a1.patch
+1456435-2a-61a1.patch
+1437842-00-61a1.patch
+1437842-01-61a1.patch
+1437842-02-61a1.patch
+1437842-03-61a1.patch
+1437842-04-61a1.patch
+1437842-05-61a1.patch
+1437842-06-61a1.patch
+1437842-07-61a1.patch
+1437842-08-61a1.patch
+1437842-09-61a1.patch
+1437842-10-61a1.patch
+1437842-11-61a1.patch
+1437842-12-61a1.patch
+1437842-13-61a1.patch
+1457030-61a1.patch
+1456422-61a1.patch
+1440714-16-61a1.patch
+912079-1-61a1.patch
+912079-2-61a1.patch
+912079-3-61a1.patch
+912079-4-61a1.patch
+1457326-61a1.patch
+1451826-01-61a1.patch
+1451826-02-61a1.patch
+1451826-03-61a1.patch
+1451826-04-61a1.patch
+1451826-05-61a1.patch
+1451826-06-61a1.patch
+1451826-07-61a1.patch
+1451826-08-61a1.patch
+1451826-09-61a1.patch
+1451826-10-61a1.patch
+1457125-61a1.patch
+1408412-61a1.patch
+1457475-61a1.patch
+887889-1-61a1.patch
+887889-2-61a1.patch
+887889-3-61a1.patch
+887889-4-61a1.patch
+887889-5-61a1.patch
+887889-6-61a1.patch
+887889-7-61a1.patch
+1455860-61a1.patch
+1456565-61a1.patch
+1425866-61a1.patch
+1410214-1-61a1.patch
+1410214-2-61a1.patch
+1410214-3-61a1.patch
+1451524-2-61a1.patch
+1448944-1-61a1.patch
+1448944-2-61a1.patch
+1456652-61a1.patch
+1434130-2-PARTIAL-61a1.patch
+1449075-2-61a1.patch
+1456259-61a1.patch
+1427011-61a1.patch
+1457600-61a1.patch
+1456875-61a1.patch
+1457193-61a1.patch
+1456508-61a1.patch
+1409815-1-PARTIAL-61a1.patch
+1409815-2-PARTIAL-61a1.patch
+1457365-61a1.patch
+1454728-PARTIAL-61a1.patch
+1456858-61a1.patch
+1454887-1-61a1.patch
+1454887-2-61a1.patch
+1458091-61a1.patch
+1450503-61a1.patch
+1458236-61a1.patch
+1458382-61a1.patch
+1456039-1-61a1.patch
+1456039-2-61a1.patch
+1458154-61a1.patch
+1458008-61a1.patch
+1457501-1-61a1.patch
+1457501-2-61a1.patch
+1457743-61a1.patch
+1457412-61a1.patch
+1451511-61a1.patch
+1457765-61a1.patch
+1372381-1no2-61a1.patch
+1372381-3no4-61a1.patch
+1457963-61a1.patch
+1456743-1-61a1.patch
+1456743-2-61a1.patch
+1456743-3-61a1.patch
+1456743-4-61a1.patch
+1458161-61a1.patch
+1437593-02no1-61a1.patch
+1437593-03-61a1.patch
+1437593-04-61a1.patch
+1437593-05-61a1.patch
+1437593-06-61a1.patch
+1437593-07-61a1.patch
+1437593-08-61a1.patch
+1437593-09-61a1.patch
+1437593-10-61a1.patch
+1458173-61a1.patch
+1458217-61a1.patch
+1455603-61a1.patch
+1140152-61a1.patch
+1455610-61a1.patch
+1458567-61a1.patch
+1458198-61a1.patch
+1458456-2-61a1.patch
+1458839-61a1.patch
+1456536-61a1.patch
+1458961-61a1.patch
+1458456-3a-61a1.patch
+1458456-3b-61a1.patch
+1458456-4-61a1.patch
+1458456-5-61a1.patch
+1458456-6-61a1.patch
+1458456-7-61a1.patch
+1458456-8-61a1.patch
+1431434-61a1.patch
+1458456-9-61a1.patch
+1458011-61a1.patch
+1453274-3-61a1.patch
+1457488-61a1.patch
+1458199-61a1.patch
+1433968-3only-61a1.patch
+1454888-61a1.patch
+1451168-1-61a1.patch
+1451168-2-61a1.patch
+1458588-61a1.patch
+1457882-61a1.patch
+1454824-61a1.patch
+1457107-61a1.patch
+1457967-61a1.patch
+1455892-61a1.patch
+1451159-1-61a1.patch
+1451159-2-61a1.patch
+1451159-3-61a1.patch
+1451159-4-61a1.patch
+1455316-61a1.patch
+1459026-61a1.patch
+1458700-2no1-61a1.patch
+1458700-3no4to11-61a1.patch
+NOBUG-20180505-lint-61a1.patch
+1459074-62a1.patch
+1456112-62a1.patch
+888600-1only-61a1.patch
+888600-1aonly-61a1.patch
+1446930-62a1.patch
+1451524-3-62a1.patch
+1457999-1-62a1.patch
+1457999-2-62a1.patch
+1457999-3-62a1.patch
+1457999-4-62a1.patch
+1459609-62a1.patch
+1458973-62a1.patch
+1437533-2-62a1.patch
+1459258-62a1.patch
+1459225-1-62a1.patch
+1459880-1-62a1.patch
+1459880-2-62a1.patch
+1459880-3-62a1.patch
+1459880-4-62a1.patch
+1459880-5-62a1.patch
+1459880-6-62a1.patch
+1459880-7-62a1.patch
+1458646-62a1.patch
+1459611-62a1.patch
+1416289-1-62a1.patch
+1416289-2-62a1.patch
+1416289-3-62a1.patch
+1458029-1-62a1.patch
+1458029-2-62a1.patch
+1456085-62a1.patch
+833098-1-62a1.patch
+1458627-62a1.patch
+1458897-62a1.patch
+1459598-62a1.patch
+1456071-1only-62a1.patch
+1414829-1-62a1.patch
+1414829-2-62a1.patch
+453968-62a1.patch
+1460055-62a1.patch
+1457338-62a1.patch
+1451683-62a1.patch
+1456118-62a1.patch
+1454149-62a1.patch
+1460258-62a1.patch
+1459382-1-62a1.patch
+1459382-2-62a1.patch
+1459382-3-62a1.patch
+1459382-4-62a1.patch
+NOBUG-20180508-hashtable-62a1.patch
+1459384-01-62a1.patch
+1459384-02-62a1.patch
+1459384-03-62a1.patch
+1459384-04-62a1.patch
+1459384-05-62a1.patch
+1459384-06-62a1.patch
+1459384-07-62a1.patch
+1459384-08-62a1.patch
+1459384-09-62a1.patch
+1459384-10-62a1.patch
+1459384-11-62a1.patch
+1459384-12-62a1.patch
+1459384-13-62a1.patch
+1459384-14-62a1.patch
+1459384-15-62a1.patch
+1459384-16-62a1.patch
+1459384-17-62a1.patch
+1459384-18-62a1.patch
+1459384-19-62a1.patch
+1459384-20-62a1.patch
+1459979-62a1.patch
+1460451-62a1.patch
+1374699-1-62a1.patch
+1374699-2-62a1.patch
+1374699-3-62a1.patch
+1374699-4-62a1.patch
+1335148-1-62a1.patch
+1335148-2no3-62a1.patch
+1335148-4-62a1.patch
+1460385-62a1.patch
+1460373-62a1.patch
+1460367-62a1.patch
+1460407-62a1.patch
+1442481-1-62a1.patch
+1442481-2-62a1.patch
+1442481-3-62a1.patch
+1459568-62a1.patch
+1457703-2-62a1.patch
+1401927-62a1.patch
+1456774-62a1.patch
+1459607-62a1.patch
+1434783-62a1.patch
+1459225-2-62a1.patch
+1457359-62a1.patch
+1454640-4-62a1.patch
+1441914-1-62a1.patch
+1441914-2-62a1.patch
+1427660-1a-62a1.patch
+1460402-1-62a1.patch
+1460402-2-62a1.patch
+1460402-3-62a1.patch
+1460636-62a1.patch
+1415202-62a1.patch
+1459220-62a1.patch
+1459127-62a1.patch
+1459552-62a1.patch
+1458325-1-62a1.patch
+1458325-2-62a1.patch
+1460748-1-62a1.patch
+1460629-62a1.patch
+1452715-62a1.patch
+1449033-62a1.patch
+1460966-62a1.patch
+1454667-62a1.patch
+1432410-62a1.patch
+1460341-1-62a1.patch
+1348792-62a1.patch
+1460381-1-62a1.patch
+1460381-2-62a1.patch
+1459940-62a1.patch
+1453990-62a1.patch
+1459850-62a1.patch
+1461034-62a1.patch
+1460381-3-62a1.patch
+1459225-62a1.patch
+1455954-62a1.patch
+1460436-62a1.patch
+1440610-62a1.patch
+1459761-1-62a1.patch
+1460895-62a1.patch
+1430438-2-62a1.patch
+1459633-62a1.patch
+1461339-62a1.patch
+1426124-62a1.patch
+1461053-1-62a1.patch
+1461053-2-62a1.patch
+1460957-1-62a1.patch
+1460957-2-62a1.patch
+1459862-62a1.patch
+1461048-1-62a1.patch
+1461048-2-PARTIAL-62a1.patch
+1454912-2no1-62a1.patch
+1454912-3-62a1.patch
+1454912-4-62a1.patch
+1460690-62a1.patch
+1458878-62a1.patch
+1422930-62a1.patch
+1459893-62a1.patch
+1461337-1-62a1.patch
+1461337-2-62a1.patch
+1375504-62a1.patch
+1461272-62a1.patch
+1431187-62a1.patch
+1461555-1-62a1.patch
+1461555-2-62a1.patch
+1461600-62a1.patch
+1461398-62a1.patch
+1460021-62a1.patch
+1461291-62a1.patch
+1461292-1-62a1.patch
+1461292-2-62a1.patch
+1461027-62a1.patch
+1461319-62a1.patch
+1461751-62a1.patch
+1444956-PARTIAL-62a1.patch
+1461292-3-62a1.patch
+1461928-1-62a1.patch
+1461928-2-62a1.patch
+1461791-1-62a1.patch
+1461791-2-62a1.patch
+1456524-62a1.patch
+1461399-62a1.patch
+1461481-1-62a1.patch
+1461481-2-62a1.patch
+1461554-62a1.patch
+1461556-01-62a1.patch
+1461821-1-62a1.patch
+1461821-2-62a1.patch
+1461556-02-62a1.patch
+1461556-03-62a1.patch
+1461556-04-62a1.patch
+1461301-62a1.patch
+1461605-1-62a1.patch
+1461605-2-62a1.patch
+1461605-3-62a1.patch
+1461689-62a1.patch
+1461383-62a1.patch
+1461221-62a1.patch
+1460997-62a1.patch
+1461590-62a1.patch
+1461795-62a1.patch
+1460647-62a1.patch
+1423767-62a1.patch
+1460003-62a1.patch
+1457499-1-62a1.patch
+1457499-2-62a1.patch
+1457499-3-62a1.patch
+1450795-2-62a1.patch
+1460098-1-62a1.patch
+1460098-2-62a1.patch
+1460098-3-62a1.patch
+1460098-4-62a1.patch
+1457483-62a1.patch
+1451005-1-62a1.patch
+1451005-2-62a1.patch
+1451005-3no4-62a1.patch
+1461677-62a1.patch
+1461938-01-62a1.patch
+1461938-02-62a1.patch
+1461938-03-62a1.patch
+1461938-04-62a1.patch
+1459761-2-62a1.patch
+1462273-1-62a1.patch
+1462273-2-62a1.patch
+1461432-62a1.patch
+1420350-62a1.patch
+1462444-62a1.patch
+1237182-03-62a1.patch
+1455337-62a1.patch
+1461372-62a1.patch
+1462326-62a1.patch
+1461938-05-62a1.patch
+1461938-06-62a1.patch
+1461938-07-62a1.patch
+1461929-62a1.patch
+1462448-62a1.patch
+1461556-05-62a1.patch
+1461556-06-62a1.patch
+NOBUG-20180516-gccice-62a1.patch
+1461556-07-62a1.patch
+1461556-08-62a1.patch
+1461556-09-62a1.patch
+1461556-10-62a1.patch
+1461556-11-62a1.patch
+1462540-1-62a1.patch
+1462540-2-62a1.patch
+1462540-3-62a1.patch
+1462544-1-62a1.patch
+1462544-2-62a1.patch
+1461556-12-62a1.patch
+1461556-13-62a1.patch
+1461376-62a1.patch
+1462751-1-62a1.patch
+1462751-2-62a1.patch
+1462751-3-62a1.patch
+1461178-62a1.patch
+1461672-62a1.patch
+1461888-62a1.patch
+1462353-62a1.patch
+1461836-1-62a1.patch
+1461836-2-62a1.patch
+1462280-62a1.patch
+1462337-62a1.patch
+1460883-62a1.patch
+1456512-1-62a1.patch
+1456518-62a1.patch
+1456512-2-62a1.patch
+1462486-62a1.patch
+1457162-1-62a1.patch
+1457162-2-62a1.patch
+1462157-62a1.patch
+1462358-62a1.patch
+1456552-62a1.patch
+1442481-4-62a1.patch
+1442481-5-62a1.patch
+1442722-1-PARTIAL-62a1.patch
+1441876-62a1.patch
+NOBUG-20231031-formattingfixes-253.patch
+1462341-62a1.patch
+1461938-08-62a1.patch
+1461938-09-62a1.patch
+1461938-10-62a1.patch
+1461938-11-62a1.patch
+1461938-12-62a1.patch
+1461938-13-62a1.patch
+1461938-14-62a1.patch
+1461938-15-62a1.patch
+1462335-62a1.patch
+1462333-1-62a1.patch
+1462333-2-62a1.patch
+1463378-62a1.patch
+1462566-62a1.patch
+1461012-62a1.patch
+1456512-3-62a1.patch
+1427610-1-62a1.patch
+1427610-2-62a1.patch
+1427610-3-62a1.patch
+1427610-4-62a1.patch
+1461938-16-62a1.patch
+1461938-17-62a1.patch
+1461938-18-62a1.patch
+1461938-19-62a1.patch
+1461938-20-62a1.patch
+1461938-21-62a1.patch
+1457059-62a1.patch
+1461938-22-62a1.patch
+1461938-23-62a1.patch
+1461938-24-62a1.patch
+1461938-25-62a1.patch
+1461938-26-62a1.patch
+1461938-27-62a1.patch
+1461938-28-62a1.patch
+1461938-29-62a1.patch
+1461938-30-62a1.patch
+1438556-2-fix-whitespace-62a1.patch
+1462939-1-62a1.patch
+1420894-62a1.patch
+1463717-62a1.patch
+1463723-62a1.patch
+1461938-31-62a1.patch
+1461938-32-62a1.patch
+1461938-33-62a1.patch
+1461938-34-62a1.patch
+1463847-1-62a1.patch
+1463847-2-62a1.patch
+1463939-1-62a1.patch
+1463939-2-62a1.patch
+1463939-3-62a1.patch
+1463939-4-62a1.patch
+1366287-1_0-62a1.patch
+1463939-5-62a1.patch
+1463923-1-62a1.patch
+1463923-2-62a1.patch
+1366287-2_0-62a1.patch
+1366287-2_1-62a1.patch
+1366287-3-62a1.patch
+1366287-4-62a1.patch
+1366287-5-62a1.patch
+1366287-6-62a1.patch
+1464002-62a1.patch
+1463501-62a1.patch
+1464075-62a1.patch
+1460341-2-62a1.patch
+1461938-35-62a1.patch
+1461938-36-62a1.patch
+1461938-37-62a1.patch
+1461938-38-62a1.patch
+1461938-39-62a1.patch
+1461938-40-62a1.patch
+1463371-62a1.patch
+1401842-62a1.patch
+1464092-62a1.patch
+1463373-62a1.patch
+1461727-62a1.patch
+1463465-62a1.patch
+1462958-62a1.patch
+1436242-62a1.patch
+1463036-2-62a1.patch
+1460600-62a1.patch
+1345875-62a1.patch
+1463425-2-62a1.patch
+1463425-3-62a1.patch
+1463425-4-62a1.patch
+1463425-5-62a1.patch
+1463425-6-62a1.patch
+1346026-1-62a1.patch
+1346026-2-62a1.patch
+1346026-3-62a1.patch
+1463921-1only-62a1.patch
+1460838-62a1.patch
+1453765-62a1.patch
+1461268-2only-62a1.patch
+1452653-2-62a1.patch
+1463924-62a1.patch
+1144632-62a1.patch
+1464128-62a1.patch
+1462138-1-62a1.patch
+1462138-2-62a1.patch
+1464088-62a1.patch
+1450607-1-62a1.patch
+1450607-2-62a1.patch
+1450607-3-62a1.patch
+1382683-1-62a1.patch
+1382683-2-62a1.patch
+1382683-3-62a1.patch
+1460796-62a1.patch
+1459577-62a1.patch
+1464368-62a1.patch
+1463645-62a1.patch
+1464036-1-62a1.patch
+1452588-62a1.patch
+1464321-62a1.patch
+1464134-1-62a1.patch
+1463884-1-62a1.patch
+1457110-62a1.patch
+1461304-62a1.patch
+1464366-62a1.patch
+1464656-62a1.patch
+1464751-62a1.patch
+1464757-62a1.patch
+1203273-2-62a1.patch
+1464387-62a1.patch
+1464494-1-62a1.patch
+1464494-2-62a1.patch
+1465039-1-62a1.patch
+1463637-62a1.patch
+1388721-62a1.patch
+1463884-2-62a1.patch
+1463884-3-62a1.patch
+1464381-62a1.patch
+1464809-62a1.patch
+1463840-62a1.patch
+1457661-1-62a1.patch
+1457661-2-62a1.patch
+1454630-1-62a1.patch
+1454630-2-62a1.patch
+1454630-3-62a1.patch
+1454630-4-62a1.patch
+1435828-1-62a1.patch
+1435828-2-62a1.patch
+1464472-62a1.patch
+1464912-62a1.patch
+1047514-62a1.patch
+1464954-1-62a1.patch
+1464249-62a1.patch
+1464161-62a1.patch
+1464202-62a1.patch
+1454868-62a1.patch
+1464082-62a1.patch
+1465274-62a1.patch
+1464758-62a1.patch
+1253064-62a1.patch
+1464537-1-62a1.patch
+1464537-2-62a1.patch
+1457590-1-62a1.patch
+1457590-2-62a1.patch
+1457590-3-62a1.patch
+1465245-62a1.patch
+1388013-1-62a1.patch
+1388013-2-62a1.patch
+1388013-3-62a1.patch
+1462489-4only-62a1.patch
+1465807-62a1.patch
+1464477-62a1.patch
+1459900-62a1.patch
+1464036-2-62a1.patch
+1464789-62a1.patch
+1464134-2-62a1.patch
+1464134-3-62a1.patch
+1464134-4-62a1.patch
+1464134-5-62a1.patch
+1464134-6-62a1.patch
+1464134-7-62a1.patch
+1464134-8-62a1.patch
+1465396-62a1.patch
+1464266-62a1.patch
+1465173-62a1.patch
+1465002-62a1.patch
+1465037-62a1.patch
+1459845-1-62a1.patch
+1459845-2-62a1.patch
+1459845-3-62a1.patch
+1459845-4-62a1.patch
+1459845-5-62a1.patch
+1459845-6-62a1.patch
+1460126-1-62a1.patch
+1460126-2-62a1.patch
+1460126-3-62a1.patch
+1460126-4-62a1.patch
+1459845-7-62a1.patch
+1464134-9-62a1.patch
+1464374-2no1-62a1.patch
+1464374-3-62a1.patch
+1464374-4-62a1.patch
+1464374-5-62a1.patch
+1464374-6-62a1.patch
+1464374-7-62a1.patch
+1464374-8-62a1.patch
+1464378-9-62a1.patch
+1465472-1-62a1.patch
+1465011-62a1.patch
+1465062-62a1.patch
+1464986-1-62a1.patch
+1464986-2-62a1.patch
+1463961-62a1.patch
+1444597-62a1.patch
+1465585-1-std-62a1.patch
+1465585-2-std-62a1.patch
+1465585-3-std-62a1.patch
+1465695-62a1.patch
+1465163-62a1.patch
+1465002-2-62a1.patch
+1466166-62a1.patch
+1466050-62a1.patch
+1465770-1-62a1.patch
+1465770-2-62a1.patch
+1466168-PARTIAL-js-62a1.patch
+1466083-1-62a1.patch
+1466083-2-62a1.patch
+1466083-3-62a1.patch
+1466083-4-62a1.patch
+1466083-5-62a1.patch
+1466083-6-62a1.patch
+1461050-62a1.patch
+1464772-1-62a1.patch
+1464772-2-62a1.patch
+1464772-3-62a1.patch
+1429818-1-62a1.patch
+1462693-62a1.patch
+1464794-62a1.patch
+1459274-62a1.patch
+1464680-62a1.patch
+1463581-2-62a1.patch
+1466066-62a1.patch
+1237182-13-62a1.patch
+1237182-14-62a1.patch
+1465580-62a1.patch
+1465587-62a1.patch
+1466008-1-62a1.patch
+1466008-2-62a1.patch
+1466095-62a1.patch
+1463596-62a1.patch
+1465585-4-std-62a1.patch
+1270217-62a1.patch
+1463834-62a1.patch
+1466060-62a1.patch
+1437526-62a1.patch
+1463184-62a1.patch
+1466054-1-62a1.patch
+1466054-2-62a1.patch
+1465996-62a1.patch
+1464773-62a1.patch
+1465060-1-std-62a1.patch
+1465060-2-std-62a1.patch
+1466171-62a1.patch
+1465860-62a1.patch
+1459860-62a1.patch
+1466693-62a1.patch
+1464845-62a1.patch
+1465836-62a1.patch
+1466789-1-62a1.patch
+1466789-2-62a1.patch
+1457482-1-62a1.patch
+1464954-2-62a1.patch
+1455138-62a1.patch
+1443086-62a1.patch
+1464869-03-62a1.patch
+1464869-08-62a1.patch
+1464869-09-62a1.patch
+1464869-11-62a1.patch
+1464869-17-62a1.patch
+1465728-1-62a1.patch
+1465728-2-62a1.patch
+1465728-3-62a1.patch
+1464772-5-62a1.patch
+1466792-62a1.patch
+1434983-62a1.patch
+1450781-62a1.patch
+1467282-62a1.patch
+1417920-62a1.patch
+1466487-62a1.patch
+1466083-7-62a1.patch
+1466083-8-62a1.patch
+1466083-9-62a1.patch
+1461948-1-62a1.patch
+1461948-2-62a1.patch
+1466931-62a1.patch
+1459754-62a1.patch
+1460154-1-62a1.patch
+1460154-2-62a1.patch
+1466189-1-62a1.patch
+1466189-2-62a1.patch
+1467052-62a1.patch
+1457560-62a1.patch
+1467311-62a1.patch
+1467605-62a1.patch
+1462498-62a1.patch
+1466909-62a1.patch
+1467334-62a1.patch
+1467335-62a1.patch
+1467336-01-62a1.patch
+1467336-02-62a1.patch
+1467336-03-62a1.patch
+1467336-04-62a1.patch
+1467336-05-62a1.patch
+1467336-06-62a1.patch
+1467336-07-62a1.patch
+1467336-09-62a1.patch
+1467071-62a1.patch
+1461375-62a1.patch
+1445025-2-62a1.patch
+1445025-3-62a1.patch
+1437942-62a1.patch
+1439383-62a1.patch
+1467938-62a1.patch
+1465709-1-62a1.patch
+1467403-62a1.patch
+1467496-62a1.patch
+1467658-2-62a1.patch
+1466893-1-62a1.patch
+1466893-2-62a1.patch
+1468272-62a1.patch
+1435813-1a-62a1.patch
+1329321-62a1.patch
+1308735-62a1.patch
+1467336-10-62a1.patch
+1467336-11-62a1.patch
+1467336-12-62a1.patch
+1467336-13-62a1.patch
+1467336-14-62a1.patch
+1467336-15-62a1.patch
+1467336-16-62a1.patch
+1467336-17-62a1.patch
+1467336-18-62a1.patch
+1467336-19-62a1.patch
+1467336-20-62a1.patch
+1467336-21-62a1.patch
+1467336-22-62a1.patch
+1467336-23-62a1.patch
+1468449-1-62a1.patch
+1468449-2-62a1.patch
+1465350-62a1.patch
+1465081-62a1.patch
+1462286-62a1.patch
+1464790-62a1.patch
+1468629-62a1.patch
+1468984-62a1.patch
+1468786-62a1.patch
+1466633-62a1.patch
+1468867-1-62a1.patch
+1468867-2-62a1.patch
+1469593-62a1.patch
+1469444-62a1.patch
+1469469-62a1.patch
+1319228-3only-62a1.patch
+1319228-6only-62a1.patch
+1468830-62a1.patch
+1464928-62a1.patch
+1468328-1-62a1.patch
+1454187-62a1.patch
+1465887-62a1.patch
+1467882-62a1.patch
+1351354-62a1.patch
+1468328-2-62a1.patch
+1389251-1-62a1.patch
+1389251-2no3-62a1.patch
+1409018-1-62a1.patch
+1409018-2no3-62a1.patch
+1467039-62a1.patch
+1466254-1-62a1.patch
+1466254-2no3-62a1.patch
+1467319-1only-62a1.patch
+1466401-62a1.patch
+1468860-62a1.patch
+1469067-62a1.patch
+948882-62a1.patch
+1467307-62a1.patch
+1466910-1only-62a1.patch
+1469712-62a1.patch
+1467275-62a1.patch
+1467276-62a1.patch
+1443722-1-62a1.patch
+1443722-2-62a1.patch
+1467183-62a1.patch
+1444734-62a1.patch
+1441098-1-62a1.patch
+1441098-2-62a1.patch
+1441098-3-62a1.patch
+1441098-4-62a1.patch
+1468792-62a1.patch
+1465709-2-62a1.patch
+1468811-1-62a1.patch
+1468811-2-62a1.patch
+1468811-3-62a1.patch
+1470055-62a1.patch
+1480521-BACKOUT-60.patch
+1453795-36-62a1.patch
+1453795-41-62a1.patch
+1470492-62a1.patch
+1470494-1-62a1.patch
+1470494-2-62a1.patch
+1470488-62a1.patch
+1470552-62a1.patch
+1466661-62a1.patch
+1466826-62a1.patch
+1466363-62a1.patch
+1467753-62a1.patch
+1467438-4-62a1.patch
+1467438-1-62a1.patch
+1467438-2-62a1.patch
+1467438-3-62a1.patch
+1467438-5-62a1.patch
+1466626-2no1-62a1.patch
+1466626-3-62a1.patch
+1466211-1-63a1.patch
+1466211-2-63a1.patch
+1466211-3-63a1.patch
+1466211-4-63a1.patch
+1466211-5-63a1.patch
+1466211-6-63a1.patch
+1466211-7-63a1.patch
+1469999-2-63a1.patch
+1469999-3-63a1.patch
+1469999-4-63a1.patch
+1428362-1-63a1.patch
+1428362-2-63a1.patch
+1428362-3-63a1.patch
+1309172-63a1.patch
+1388016-3only-63a1.patch
+1471096-1-63a1.patch
+1471096-2-SIMPLIFIED-63a1.patch
+1471132-1-63a1.patch
+1471132-2-63a1.patch
+1471132-3-63a1.patch
+1471132-4-63a1.patch
+1471177-63a1.patch
+1470449-63a1.patch
+1471261-1-63a1.patch
+1471261-2-63a1.patch
+1464257-63a1.patch
+1470250-1-63a1.patch
+1464782-1-63a1.patch
+1464782-2no34-63a1.patch
+1470522-63a1.patch
+1472734-63a1.patch
+1471931-1-63a1.patch
+1471931-2-63a1.patch
+1471931-3-63a1.patch
+1471931-4-63a1.patch
+1471931-5-63a1.patch
+1472666-63a1.patch
+1464782-5-63a1.patch
+1471491-63a1.patch
+1469441-1-63a1.patch
+1469441-2-63a1.patch
+1471542-63a1.patch
+1471164-63a1.patch
+928735-63a1.patch
+1471486-1only-63a1.patch
+1471285-63a1.patch
+1471620-63a1.patch
+1471415-63a1.patch
+1472001-63a1.patch
+1472030-63a1.patch
+1400266-63a1.patch
+1453751-PARTIAL-63a1.patch
+1472201-63a1.patch
+1470608-63a1.patch
+1470716-63a1.patch
+1471171-1-63a1.patch
+1471171-2-63a1.patch
+1468394-63a1.patch
+1351663-1-63a1.patch
+1351663-2-63a1.patch
+1351663-3-63a1.patch
+1467148-63a1.patch
+1472502-63a1.patch
+1472805-63a1.patch
+1472721-63a1.patch
+1471622-1-63a1.patch
+1471622-2-63a1.patch
+1471028-1-63a1.patch
+1472789-63a1.patch
+1460022-01-63a1.patch
+1460022-02-63a1.patch
+1460022-03-63a1.patch
+1460022-04-63a1.patch
+1460022-06-63a1.patch
+1460022-08-63a1.patch
+1460022-09-63a1.patch
+1460022-10-63a1.patch
+1460022-11-63a1.patch
+1460022-12-63a1.patch
+1460022-13-63a1.patch
+1472806-1-63a1.patch
+1472806-2-63a1.patch
+1472806-3-63a1.patch
+1471028-2-63a1.patch
+1473331-63a1.patch
+1397807-63a1.patch
+1403027-63a1.patch
+1471625-1-63a1.patch
+1471625-2-63a1.patch
+1471625-3-63a1.patch
+1457168-63a1.patch
+1473436-1-63a1.patch
+1473436-2-63a1.patch
+1473121-63a1.patch
+1472199-1-63a1.patch
+1472199-2-63a1.patch
+1473308-63a1.patch
+1473954-63a1.patch
+1468207-63a1.patch
+1469088-63a1.patch
+1469091-63a1.patch
+1467897-63a1.patch
+1473371-63a1.patch
+1471556-63a1.patch
+1473297-63a1.patch
+1471134-1-63a1.patch
+1471134-2-63a1.patch
+1471134-3-63a1.patch
+1471134-4-63a1.patch
+1471134-5-63a1.patch
+1468547-3only-63a1.patch
+1458109-63a1.patch
+1444171-1-63a1.patch
+1444171-2-63a1.patch
+1444171-3-63a1.patch
+1444171-4-63a1.patch
+1444171-5-63a1.patch
+1463190-63a1.patch
+1469152-63a1.patch
+1312864-63a1.patch
+1474531-63a1.patch
+1443411-63a1.patch
+1473453-1-63a1.patch
+1473453-2-63a1.patch
+1473453-3-63a1.patch
+1473727-63a1.patch
+1413922-1-63a1.patch
+1413922-2-PARTIAL-63a1.patch
+1443471-2-63a1.patch
+1474786-63a1.patch
+1474871-63a1.patch
+1475067-63a1.patch
+1475058-63a1.patch
+1475210-63a1.patch
+1475504-PARTIAL-63a1.patch
+1472716-1-63a1.patch
+1472490-63a1.patch
+1475649-1-63a1.patch
+1475642-63a1.patch
+1448976-63a1.patch
+1475650-63a1.patch
+1448980-0-63a1.patch
+1448980-1-63a1.patch
+1476003-63a1.patch
+1475649-2-63a1.patch
+1428709-1-63a1.patch
+1428709-2-63a1.patch
+1428709-3-63a1.patch
+1475443-63a1.patch
+1474024-63a1.patch
+1475335-63a1.patch
+1475660-63a1.patch
+1290972-63a1.patch
+1473217-2-63a1.patch
+1473217-3-63a1.patch
+1475882-01-63a1.patch
+1475882-02-63a1.patch
+1475882-03-63a1.patch
+1475882-04-63a1.patch
+1475882-05-63a1.patch
+1475882-06-63a1.patch
+1475882-07-63a1.patch
+1475882-08-63a1.patch
+1475882-09-63a1.patch
+1475882-10-63a1.patch
+1475882-11-63a1.patch
+1468273-1-63a1.patch
+1468273-2-63a1.patch
+1468273-3-63a1.patch
+1468273-4-63a1.patch
+1468273-5-63a1.patch
+1468273-6-63a1.patch
+1468273-7-63a1.patch
+1468273-8-63a1.patch
+1476548-63a1.patch
+1476174-63a1.patch
+1476030-1-63a1.patch
+1476390-63a1.patch
+1476762-63a1.patch
+1476875-63a1.patch
+1471339-3-63a1.patch
+1471339-5-63a1.patch
+1471339-6-63a1.patch
+1354232-1-63a1.patch
+1354232-2-63a1.patch
+1354232-3-63a1.patch
+1476874-63a1.patch
+1379704-63a1.patch
+1264876-63a1.patch
+1413418-63a1.patch
+1476278-63a1.patch
+1477219-63a1.patch
+1467798-63a1.patch
+1323381-63a1.patch
+1477579-1-63a1.patch
+1477579-2-63a1.patch
+1477579-3-63a1.patch
+1477579-4-63a1.patch
+1477979-63a1.patch
+1447932-63a1.patch
+1473667-63a1.patch
+1472177-63a1.patch
+1243108-63a1.patch
+1477047-63a1.patch
+1477332-63a1.patch
+1476790-63a1.patch
+1477010-63a1.patch
+1426827-63a1.patch
+1478343-3-63a1.patch
+1478070-63a1.patch
+1477343-63a1.patch
+1478000-1-63a1.patch
+1476427-1-63a1.patch
+1476427-2-63a1.patch
+1476427-3-63a1.patch
+1473423-63a1.patch
+1478020-63a1.patch
+1478927-63a1.patch
+1478923-63a1.patch
+1478919-2only-63a1.patch
+1467673-63a1.patch
+1467523-1-63a1.patch
+1478903-63a1.patch
+1476263-63a1.patch
+1478097-1-63a1.patch
+1478000-2-63a1.patch
+1475277-63a1.patch
+1478097-2-63a1.patch
+1472975-63a1.patch
+1465798-63a1.patch
+1409276-1-63a1.patch
+1409276-2-63a1.patch
+1409276-3-63a1.patch
+1409276-4-63a1.patch
+1472121-63a1.patch
+1478036-63a1.patch
+1472211-1-63a1.patch
+1472211-2-63a1.patch
+1477090-63a1.patch
+1469004-63a1.patch
+1480720-63a1.patch
+1426176-63a1.patch
+1476034-63a1.patch
+1478499-1-63a1.patch
+1478499-3no2-63a1.patch
+1478499-4-63a1.patch
+1478499-5no6-63a1.patch
+1479851-63a1.patch
+1479456-63a1.patch
+1480370-63a1.patch
+1434281-63a1.patch
+1478986-63a1.patch
+1444141-4only-63a1.patch
+1341525-63a1.patch
+1479777-63a1.patch
+1480553-1no2-63a1.patch
+1480553-3-63a1.patch
+1479950-63a1.patch
+1478503-63a1.patch
+1471878-63a1.patch
+1479900-1-63a1.patch
+1479900-2-63a1.patch
+1480588-63a1.patch
+1481016-63a1.patch
+1481097-1-63a1.patch
+1481097-2-63a1.patch
+1481097-3-63a1.patch
+1481032-63a1.patch
+1480963-63a1.patch
+1472291-1-63a1.patch
+1472291-2-63a1.patch
+1460489-0-63a1.patch
+1460489-1-63a1.patch
+1460489-2-63a1.patch
+1460489-3-63a1.patch
+1460489-4-63a1.patch
+1460489-5-63a1.patch
+1456006-1-63a1.patch
+1456006-2-63a1.patch
+1440481-1-63a1.patch
+1440481-2-63a1.patch
+1477621-0-63a1.patch
+1477621-1-63a1.patch
+1477621-2-63a1.patch
+1477621-3-63a1.patch
+1477621-4-63a1.patch
+1456404-1-63a1.patch
+1456404-2-63a1.patch
+1456404-3-63a1.patch
+1456404-4-63a1.patch
+1456404-5-63a1.patch
+1456404-6-63a1.patch
+1456404-7-63a1.patch
+1378808-1-63a1.patch
+1378808-2-63a1.patch
+1378808-3-63a1.patch
+1481555_63a1.patch
+1478153-63a1.patch
+1473278-63a1.patch
+1481505-63a1.patch
+1481534-63a1.patch
+1476467-63a1.patch
+1479599-63a1.patch
+1481989-1-63a1.patch
+1481989-2-63a1.patch
+1481956-63a1.patch
+1348273-63a1.patch
+1480145-63a1.patch
+1480116-63a1.patch
+1480819-1-63a1.patch
+1480819-2-63a1.patch
+1480819-3-63a1.patch
+1480819-4-63a1.patch
+1480819-5-63a1.patch
+1480819-6-63a1.patch
+1480819-7-63a1.patch
+1474028-1only-63a1.patch
+1482442-63a1.patch
+1482335-63a1.patch
+1482516-63a1.patch
+1481693-1-63a1.patch
+1481693-2-63a1.patch
+1481693-3-63a1.patch
+1481693-4-63a1.patch
+1481693-5-63a1.patch
+1481693-6-63a1.patch
+1481097-4-63a1.patch
+1482694-63a1.patch
+1479501-63a1.patch
+1478813-1-63a1.patch
+1482676-63a1.patch
+1478798-63a1.patch
+1482841-1-63a1.patch
+1482841-2-63a1.patch
+1482605-63a1.patch
+1469287-63a1.patch
+1481441-63a1.patch
+1482695-63a1.patch
+1479878-63a1.patch
+1476147-63a1.patch
+1461992-1-63a1.patch
+1461992-2no3-PARTIAL-63a1.patch
+1483123-63a1.patch
+1480631-63a1.patch
+1483595-63a1.patch
+1257478-63a1.patch
+1482299-63a1.patch
+1479800-63a1.patch
+1473821-63a1.patch
+1346211-1-63a1.patch
+1346211-2-63a1.patch
+1346211-3-63a1.patch
+1346211-4-63a1.patch
+1346211-5-63a1.patch
+1346211-6-63a1.patch
+1484282-63a1.patch
+1478813-2-63a1.patch
+1484100-63a1.patch
+1484473-63a1.patch
+1459212-63a1.patch
+1465046-63a1.patch
+1483937-63a1.patch
+1471371-63a1.patch
+1473228-63a1.patch
+1480558-1-63a1.patch
+1480558-2-63a1.patch
+1480558-3-63a1.patch
+1480558-4-63a1.patch
+1440282-63a1.patch
+1417050-1a-63a1.patch
+1456392-63a1.patch
+1413728-63a1.patch
+1482272-63a1.patch
+1484868-63a1.patch
+1484844-63a1.patch
+1479420-63a1.patch
+1483566-63a1.patch
+1484846-63a1.patch
+1485072-63a1.patch
+1484888-63a1.patch
+1483778-63a1.patch
+1485114-63a1.patch
+1484535-63a1.patch
+1484485-63a1.patch
+1470921-63a1.patch
+1484243-63a1.patch
+1485245-63a1.patch
+1473230-63a1.patch
+1483761-1-63a1.patch
+1483761-2-63a1.patch
+1483761-3-63a1.patch
+1483761-4-63a1.patch
+1485545-63a1.patch
+1485610-63a1.patch
+1466427-63a1.patch
+NOBUG-20180824-buildsetting-63a1.patch
+1446923-63a1.patch
+1432135-63a1.patch
+1485949-63a1.patch
+1483953-63a1.patch
+1482178-63a1.patch
+1485396-63a1.patch
+1485174-63a1.patch
+1486173-1-63a1.patch
+1486173-2-63a1.patch
+1486173-3-63a1.patch
+1471922-63a1.patch
+1486056-63a1.patch
+1486020-63a1.patch
+1485485-1-63a1.patch
+1485485-2-63a1.patch
+1486281-63a1.patch
+1486166-63a1.patch
+1485701-63a1.patch
+1486068-63a1.patch
+1478269-1-63a1.patch
+1478269-2-63a1.patch
+1478269-3-63a1.patch
+1486654-63a1.patch
+1485759-63a1.patch
+1486729-63a1.patch
+1486957-63a1.patch
+1457092-5-63a1.patch
+1486452-63a1.patch
+1481121-1only-63a1.patch
+1487168-63a1.patch
+1480549-63a1.patch
+1486998-63a1.patch
+1471920-1-63a1.patch
+1482810-1-63a1.patch
+1482810-2-63a1.patch
+1486905-63a1.patch
+1485698-63a1.patch
+1487517-63a1.patch
+1480457-1-63a1.patch
+1480457-4-63a1.patch
+1480457-5-63a1.patch
+1487449-63a1.patch
+1486739-1-crashreporter-63a1.patch
+1487330-63a1.patch
+1487603-63a1.patch
+1435552-63a1.patch
+1487595-1-63a1.patch
+1487595-2-63a1.patch
+1480552-63a1.patch
+1483323-6-64a1.patch
+1484611-2ano1-64a1.patch
+1484611-2b-64a1.patch
+1417646-1-64a1.patch
+1487419-64a1.patch
+1488698-2-PARTIAL-biginttype-64a1.patch
+1489944-64a1.patch
+1493227-64a1.patch
+1467523-2-64a1.patch
+1482425-64a1.patch
+1420028-2-fix-64a1.patch
+1488632-64a1.patch
+1488463-64a1.patch
+1475141-64a1.patch
+1489001-64a1.patch
+1446066-64a1.patch
+1282098-64a1.patch
+1481721-64a1.patch
+1481515-64a1.patch
+1490355-64a1.patch
+1490167-64a1.patch
+1490845-64a1.patch
+1491198-64a1.patch
+1489102-1-64a1.patch
+1489102-2-64a1.patch
+1489102-3-64a1.patch
+1489102-4-64a1.patch
+1489102-5-64a1.patch
+1490413-64a1.patch
+1469027-3only-64a1.patch
+1440879-1-64a1.patch
+1440879-2-64a1.patch
+1489091-64a1.patch
+1399870-64a1.patch
+1492268-64a1.patch
+1493413-64a1.patch
+1397263-1-64a1.patch
+1397263-2-64a1.patch
+1397263-3-64a1.patch
+1397263-4-64a1.patch
+1397263-5-PARTIAL-64a1.patch
+1397263-6-64a1.patch
+1496327-1-64a1.patch
+1496327-2-64a1.patch
+1237610-1only-PARTIAL-64a1.patch
+1487122-64a1.patch
+1478370-64a1.patch
+1484829-64a1.patch
+1491159-64a1.patch
+1494150-64a1.patch
+1486055-64a1.patch
+1496591-64a1.patch
+1497440-1only-64a1.patch
+1496733-64a1.patch
+1496708-1-64a1.patch
+1496708-2-64a1.patch
+1490227-64a1.patch
+1497741-64a1.patch
+1494287-1-64a1.patch
+1494287-2-64a1.patch
+1497677-64a1.patch
+1497439-64a1.patch
+1499580-64a1.patch
+1494222-1-64a1.patch
+1494222-2-no3to5-64a1.patch
+1496610-64a1.patch
+1497350-64a1.patch
+1497359-64a1.patch
+1496136-64a1.patch
+1498031-64a1.patch
+1336712-1-64a1.patch
+1336712-2-64a1.patch
+1336712-3-64a1.patch
+1336712-4-64a1.patch
+1336712-5-64a1.patch
+1336712-6-64a1.patch
+1336712-7-64a1.patch
+1489287-64a1.patch
+1486410-64a1.patch
+1488687-64a1.patch
+1488778-64a1.patch
+1486759-64a1.patch
+1489096-64a1.patch
+1491788-64a1.patch
+1477490-64a1.patch
+1480089-64a1.patch
+1473217-1-64a1.patch
+1492770-64a1.patch
+1481338-64a1.patch
+1493672-64a1.patch
+1493922-64a1.patch
+1492508-64a1.patch
+1494384-64a1.patch
+1494326-64a1.patch
+1492037-64a1.patch
+1493641-64a1.patch
+1495641-64a1.patch
+1487321-64a1.patch
+1496084-64a1.patch
+1494951-64a1.patch
+1253844-64a1.patch
+1496379-64a1.patch
+1414287-1-64a1.patch
+1414287-2no3-64a1.patch
+1427808-3-64a1.patch
+1427808-4-64a1.patch
+1486554-1-64a1.patch
+1486554-3no2-64a1.patch
+1479298-64a1.patch
+1498958-64a1.patch
+1492401-64a1.patch
+1471622-4-64a1.patch
+1471622-5-64a1.patch
+1471622-6-64a1.patch
+1471622-7-64a1.patch
+1471622-8-64a1.patch
+1438830-64a1.patch
+1399877-64a1.patch
+1481097-5-64a1.patch
+1490128-64a1.patch
+1490253-1-64a1.patch
+1490253-2-64a1.patch
+1490253-3-64a1.patch
+1487049-1-64a1.patch
+1487049-2-64a1.patch
+1487049-3-64a1.patch
+1473915-64a1.patch
+1495874-64a1.patch
+1490566-64a1.patch
+1490765-64a1.patch
+1474488-2only-64a1.patch
+1490463-1-64a1.patch
+1490463-2-64a1.patch
+1490463-3-64a1.patch
+1138579-64a1.patch
+1443332-64a1.patch
+1490542-64a1.patch
+1490130-64a1.patch
+1494511-64a1.patch
+1460856-1-64a1.patch
+1460856-2-64a1.patch
+1460856-3-64a1.patch
+1460856-4-64a1.patch
+1487425-64a1.patch
+1491577-4-64a1.patch
+1487931-64a1.patch
+1488587-64a1.patch
+1489205-64a1.patch
+1393570-3only-64a1.patch
+1494300-64a1.patch
+1481612-1-64a1.patch
+1481612-2-64a1.patch
+1481612-3-64a1.patch
+1481612-4-64a1.patch
+1485638-1-64a1.patch
+1485638-2-64a1.patch
+1482435-64a1.patch
+1496080-64a1.patch
+1491615-64a1.patch
+1486866-64a1.patch
+1448417-1-64a1.patch
+1448417-2-64a1.patch
+1448417-3-64a1.patch
+1494069-1-64a1.patch
+1494069-2-64a1.patch
+1494069-3-64a1.patch
+1494069-4-64a1.patch
+1494069-5-64a1.patch
+1494069-6-64a1.patch
+1494069-7-64a1.patch
+1494069-8-64a1.patch
+1493345-64a1.patch
+1079662-1-64a1.patch
+1079662-2-64a1.patch
+1079662-3-64a1.patch
+1489443-64a1.patch
+1491132-64a1.patch
+1492365-64a1.patch
+1486086-64a1.patch
+1478685-60.patch
+1487811-1-64a1.patch
+1487811-2-64a1.patch
+1487811-3-64a1.patch
+1487811-4-64a1.patch
+1351501-1-64a1.patch
+1351501-2-64a1.patch
+1491889-1-64a1.patch
+1491889-2-64a1.patch
+1494178-1-64a1.patch
+1494178-2-64a1.patch
+1495514-64a1.patch
+1496501-64a1.patch
+1489757-60.patch
+1492915-60.patch
+1478843-60.patch
+1500484-64a1.patch
+1479853-60.patch
+1475566-60.patch
+1491848-60.patch
+979649-1-64a1.patch
+1493788-1-64a1.patch
+1493788-2-64a1.patch
+1491236-64a1.patch
+1488307-64a1.patch
+1493142-64a1.patch
+1494216-64a1.patch
+1490738-64a1.patch
+1492526-64a1.patch
+1499510-64a1.patch
+1375861-64a1.patch
+1500447-64a1.patch
+1490589-64a1.patch
+1471888-1-64a1.patch
+1483651-64a1.patch
+1480834-64a1.patch
+1490549-3-64a1.patch
+1237610-3-64a1.patch
+1499778-64a1.patch
+1489052-64a1.patch
+1498519-64a1.patch
+1500377-1-64a1.patch
+1500377-2-64a1.patch
+1493590-64a1.patch
+1499198-64a1.patch
+1494038-64a1.patch
+715884-64a1.patch
+1438975-1-64a1.patch
+1438975-2-64a1.patch
+1275926-1-64a1.patch
+1275926-2-64a1.patch
+1491489-64a1.patch
+1491419-1-64a1.patch
+1491419-2-64a1.patch
+1491419-3-64a1.patch
+1491419-4-64a1.patch
+1491419-5-64a1.patch
+1491419-6-64a1.patch
+1491419-7-64a1.patch
+1491419-8-64a1.patch
+1491419-9-64a1.patch
+1498289-64a1.patch
+1489021-64a1.patch
+1488523-2-64a1.patch
+1372826-64a1.patch
+1490725-64a1.patch
+1463048-64a1.patch
+1488181-64a1.patch
+1492341-64a1.patch
+1490240-64a1.patch
+1390547-64a1.patch
+1497692-64a1.patch
+1498274-64a1.patch
+1498765-64a1.patch
+1492599-64a1.patch
+1492601-64a1.patch
+1494398-64a1.patch
+1497586-64a1.patch
+1489550-64a1.patch
+1476062-64a1.patch
+1488217-64a1.patch
+1489454-libmar-64a1.patch
+1458129-64a1.patch
+1499844-65a1.patch
+1498072-65a1.patch
+1501712-65a1.patch
+1496619-9-65a1.patch
+1502488-65a1.patch
+1502801-65a1.patch
+1502599-65a1.patch
+1503817-65a1.patch
+1482923-65a1.patch
+1499026-1-65a1.patch
+1499026-2-65a1.patch
+1473588-PARTIAL-65a1.patch
+1502530-1-65a1.patch
+1502530-2-65a1.patch
+1502530-3-65a1.patch
+1504844-65a1.patch
+1483941-PARTIAL-65a1.patch
+1503687-65a1.patch
+1447643-65a1.patch
+1506180-2only-65a1.patch
+1505007-65a1.patch
+1506317-65a1.patch
+1502021-65a1.patch
+1507032-65a1.patch
+1506027-2-65a1.patch
+1497669-65a1.patch
+1506798-65a1.patch
+1503366-2only-65a1.patch
+1509296-65a1.patch
+1510128-65a1.patch
+1505844-65a1.patch
+1511181-PARTIAL-hyphenation-only-65a1.patch
+1505386-65a1.patch
+1497940-3-65a1.patch
+1499430-605.patch
+1507057-65a1.patch
+1500241-65a1.patch
+1485179-1-65a1.patch
+1485179-2-65a1.patch
+1508927-65a1.patch
+1511319-65a1.patch
+1508184-65a1.patch
+1499028-65a1.patch
+1492128-1only-65a1.patch
+1502159-1-65a1.patch
+1502159-2-65a1.patch
+1504727-65a1.patch
+1489698-1-65a1.patch
+1489698-2-65a1.patch
+1489698-3-65a1.patch
+1489698-4-65a1.patch
+1489698-5-65a1.patch
+1489698-6-65a1.patch
+1489698-7-65a1.patch
+1489698-8-65a1.patch
+1482395-1-65a1.patch
+1504938-65a1.patch
+1505819-65a1.patch
+1481425-1-65a1.patch
+1480550-65a1.patch
+1502457-4-65a1.patch
+1507342-65a1.patch
+1509878-65a1.patch
+1509387-65a1.patch
+1511079-65a1.patch
+1501507-65a1.patch
+1408675-1-65a1.patch
+1408675-2-65a1.patch
+1408675-3-65a1.patch
+1408675-4-65a1.patch
+1508506-65a1.patch
+1507389-65a1.patch
+979649-3-65a1.patch
+979649-4-65a1.patch
+1503589-65a1.patch
+1492663-65a1.patch
+1509391-65a1.patch
+1503599-65a1.patch
+1483548-65a1.patch
+1499933-65a1.patch
+1502810-65a1.patch
+1504334-65a1.patch
+1507047-65a1.patch
+1497638-65a1.patch
+1505205-PARTIAL-65a1.patch
+1508635-65a1.patch
+1509276-65a1.patch
+1510637-65a1.patch
+1510919-65a1.patch
+1511258-65a1.patch
+1511285-1-65a1.patch
+1511285-2-65a1.patch
+1510458-1-65a1.patch
+1510458-2-65a1.patch
+1510458-3-65a1.patch
+1509872-65a1.patch
+1467406-65a1.patch
+1501381-65a1.patch
+1501605-65a1.patch
+1502165-65a1.patch
+1503240-65a1.patch
+1504932-65a1.patch
+1471535-2-65a1.patch
+1425277-2-65a1.patch
+1425277-3-65a1.patch
+1509875-1-65a1.patch
+1509875-2-65a1.patch
+1509875-3-65a1.patch
+1504452-65a1.patch
+1305743-65a1.patch
+1494752-604.patch
+1501218-65a1.patch
+1500154-65a1.patch
+1503537-65a1.patch
+1510183-65a1.patch
+1501224-1-65a1.patch
+1501224-2-65a1.patch
+1502534-65a1.patch
+1498942-1-65a1.patch
+1498942-2-65a1.patch
+1496503-1-65a1.patch
+1496503-2-65a1.patch
+1496503-3-65a1.patch
+1496503-4-65a1.patch
+1511181-crashreporter-65a1.patch
+1352355-1-65a1.patch
+1352355-4-65a1.patch
+1506138-65a1.patch
+1501227-1-65a1.patch
+1501227-2-65a1.patch
+1501227-3-65a1.patch
+1502190-3-65a1.patch
+1504117-3-65a1.patch
+1493192-65a1.patch
+1497937-65a1.patch
+1468539-65a1.patch
+1468544-65a1.patch
+1468542-65a1.patch
+1468556-65a1.patch
+1468552-65a1.patch
+1511181-bspatch-65a1.patch
+1504147-66a1.patch
+1512673-66a1.patch
+1514121-66a1.patch
+1489094-66a1.patch
+1514124-66a1.patch
+1514884-1-66a1.patch
+1514884-2-66a1.patch
+1515170-66a1.patch
+1515843-1-66a1.patch
+1515843-2-66a1.patch
+1515843-3-66a1.patch
+1504656-66a1.patch
+1513934-66a1.patch
+1513900-PARTIAL-stdcppcompat-60.patch
+1513009-2-66a1.patch
+1514104-66a1.patch
+1514089-66a1.patch
+1514448-66a1.patch
+1513798-01-66a1.patch
+1513798-02-66a1.patch
+1513798-04no03-66a1.patch
+1513798-05-66a1.patch
+1513798-06-66a1.patch
+1513798-07-66a1.patch
+1513798-08-66a1.patch
+1513798-09-66a1.patch
+1513798-10-66a1.patch
+1513798-11-66a1.patch
+1513798-12-66a1.patch
+1513798-13-66a1.patch
+1515581-66a1.patch
+1515577-66a1.patch
+1515808-66a1.patch
+1515629-66a1.patch
+1517222-66a1.patch
+1514625-66a1.patch
+1519740-66a1.patch
+1520410-66a1.patch
+1487490-66a1.patch
+1477487-1only-66a1.patch
+1516513-1-66a1.patch
+1516513-2-66a1.patch
+1517055-1-66a1.patch
+1517055-2-66a1.patch
+1519040-66a1.patch
+1519042-1-66a1.patch
+1519042-2-66a1.patch
+1519042-3-66a1.patch
+1445942-66a1.patch
+1510574-66a1.patch
+1460620-66a1.patch
+1519325-66a1.patch
+1519307-66a1.patch
+1521438-66a1.patch
+1485216-1-66a1.patch
+1485216-2-66a1.patch
+1515268-66a1.patch
+1519660-66a1.patch
+NOBUG-20190118-zlib-66a1.patch
+1520647-66a1.patch
+1460619-66a1.patch
+1513615-1-66a1.patch
+1513615-2-66a1.patch
+1513615-3-66a1.patch
+1430149-4-66a1.patch
+1515257-1-66a1.patch
+1515257-2-66a1.patch
+1515257-3-66a1.patch
+1515257-4-66a1.patch
+1515257-5-66a1.patch
+1515257-6-66a1.patch
+1515257-7-66a1.patch
+1515257-8-66a1.patch
+1515852-66a1.patch
+1516128-66a1.patch
+1492149-66a1.patch
+1522016-66a1.patch
+1515579-2only-66a1.patch
+1515528-2-66a1.patch
+1515528-3-66a1.patch
+1515528-4-66a1.patch
+1515528-5-66a1.patch
+1520108-66a1.patch
+1519603-1-66a1.patch
+1519603-2-66a1.patch
+1519603-3-66a1.patch
+1519603-4-66a1.patch
+1519603-5-66a1.patch
+1519603-6-66a1.patch
+1519603-7-66a1.patch
+1432133-66a1.patch
+1520340-1-66a1.patch
+1520340-2-66a1.patch
+1520340-3-66a1.patch
+1520340-4-66a1.patch
+1520340-5-66a1.patch
+1520340-6-66a1.patch
+1520369-1-66a1.patch
+1520369-2-66a1.patch
+1520369-3-66a1.patch
+1520377-1-66a1.patch
+1520377-2-66a1.patch
+1520377-3-66a1.patch
+1520394-1-66a1.patch
+1520394-2-66a1.patch
+1520394-3-66a1.patch
+1520394-4-66a1.patch
+1520394-5-66a1.patch
+1521284-66a1.patch
+1513134-1no2-66a1.patch
+1513134-3-66a1.patch
+1513134-4-66a1.patch
+1520718-66a1.patch
+1515604-66a1.patch
+1500504-66a1.patch
+1515595-1-66a1.patch
+1515595-2-66a1.patch
+1516374-66a1.patch
+1517419-66a1.patch
+1518726-66a1.patch
+1520681-66a1.patch
+1518630-66a1.patch
+1514209-66a1.patch
+1519281-66a1.patch
+1520516-66a1.patch
+1521478-66a1.patch
+1522507-66a1.patch
+1521691-1-66a1.patch
+1521691-2-66a1.patch
+1519629-66a1.patch
+1252556-66a1.patch
+1519319-1-66a1.patch
+1520683-66a1.patch
+1515261-66a1.patch
+1513073-66a1.patch
+1520308-66a1.patch
+1512462-66a1.patch
+1443429-1-66a1.patch
+1443429-2-66a1.patch
+1443429-3-66a1.patch
+1443429-4-66a1.patch
+1515021-66a1.patch
+1519030-66a1.patch
+1519047-66a1.patch
+1519308-66a1.patch
+1519744-66a1.patch
+1520393-66a1.patch
+1257904-66a1.patch
+1513677-66a1.patch
+1516829-66a1.patch
+1519729-2-66a1.patch
+1519729-3-66a1.patch
+1519319-2-66a1.patch
+1521791-66a1.patch
+1518106-1-66a1.patch
+1518106-2-66a1.patch
+1506524-66a1.patch
+1522150-1-66a1.patch
+1521584-66a1.patch
+1518586-1-66a1.patch
+1518586-2-66a1.patch
+1520006-66a1.patch
+1521460-2-crashreporter-66a1.patch
+1514435-66a1.patch
+1504017-webp-66a1.patch
+1517730-66a1.patch
+1518922-1-66a1.patch
+1518922-2-66a1.patch
+1521000-2-crashreporter-66a1.patch
+1518115-66a1.patch
+1517298-66a1.patch
+1514285-1-66a1.patch
+1514285-2-66a1.patch
+1508782-66a1.patch
+1514532-1-66a1.patch
+1514532-2-66a1.patch
+1523223-67a1.patch
+1522788-67a1.patch
+1522354-1-67a1.patch
+1522354-2-67a1.patch
+1523341-PARTIAL-67a1.patch
+1524194-1-67a1.patch
+1518947-67a1.patch
+1525416-67a1.patch
+1528194-2-67a1.patch
+1523874-67a1.patch
+1522066-67a1.patch
+1529139-1-67a1.patch
+1529139-2-67a1.patch
+1506291-1only-67a1.patch
+1531912-67a1.patch
+1514202-2only-SIMPLIFIED-67a1.patch
+1515356-67a1.patch
+1511224-1a-nasm-67a1.patch
+1428713-67a1.patch
+1481097-6-67a1.patch
+1523153-1-67a1.patch
+1523153-3-67a1.patch
+1528194-1-67a1.patch
+1522354-3-67a1.patch
+1523204-1-67a1.patch
+1526062-1-67a1.patch
+1526062-2-67a1.patch
+1526062-3-67a1.patch
+1471920-2-67a1.patch
+1528241-67a1.patch
+1483228-1-67a1.patch
+1483228-2-67a1.patch
+1486994-67a1.patch
+1525069-2no1-67a1.patch
+1525069-3-67a1.patch
+1518175-67a1.patch
+1525688-67a1.patch
+1531680-67a1.patch
+1523198-1-67a1.patch
+1523198-2-67a1.patch
+1523198-3-67a1.patch
+1523204-2-67a1.patch
+1519010-67a1.patch
+1520232-67a1.patch
+1523851-1-67a1.patch
+1523851-2-67a1.patch
+1523851-3-67a1.patch
+1523851-5-67a1.patch
+1527471-1-67a1.patch
+1527471-2-67a1.patch
+1523153-2-67a1.patch
+1523593-67a1.patch
+1515004-PARTIAL-67a1.patch
+1526509-67a1.patch
+1520920-67a1.patch
+1527016-67a1.patch
+1525100-67a1.patch
+1528892-67a1.patch
+1485117-67a1.patch
+1513951-4only-67a1.patch
+1523835-67a1.patch
+1521186-67a1.patch
+NOBUG-removenonascii67a1-25314.patch
+1526062-4-67a1.patch
+1526062-5-67a1.patch
+1524435-67a1.patch
+1529894-1-67a1.patch
+1529894-2-67a1.patch
+1533043-1only-67a1.patch
+1515746-1-67a1.patch
+1515746-2-67a1.patch
+1515746-3-67a1.patch
+1367092-1-67a1.patch
+1367092-2-67a1.patch
+1367092-3-67a1.patch
+1367092-4-67a1.patch
+1367092-5-67a1.patch
+1530016-67a1.patch
+1525474-67a1.patch
+1524444-67a1.patch
+1530352-67a1.patch
+1530908-3-67a1.patch
+1529799-1-67a1.patch
+1529799-2-67a1.patch
+1524461-67a1.patch
+1530587-67a1.patch
+1513605-67a1.patch
+1349064-1-67a1.patch
+1349064-2-67a1.patch
+1349064-3-67a1.patch
+1518572-1-67a1.patch
+1522614-1-67a1.patch
+1522614-2-67a1.patch
+1522614-3-67a1.patch
+1522614-4-67a1.patch
+1522614-5-67a1.patch
+1522614-6-67a1.patch
+1522614-8-67a1.patch
+1522609-1-67a1.patch
+1522609-2-67a1.patch
+1529691-67a1.patch
+1534630-67a1.patch
+1506665-67a1.patch
+1496118-67a1.patch
+1521304-67a1.patch
+1528028-67a1.patch
+1504339-67a1.patch
+1533133-1only-67a1.patch
+1518283-crashreporter-67a1.patch
+1247453-1-67a1.patch
+1247453-2-67a1.patch
+1522078-67a1.patch
+NOBUG-20190207-crashreporter-67a1.patch
+1428706-1-67a1.patch
+1428706-2-67a1.patch
+1472589-67a1.patch
+1523969-12-crashreporter-67a1.patch
+1529363-1-67a1.patch
+1529363-2-67a1.patch
+1529363-3-67a1.patch
+1021926-67a1.patch
+1527858-67a1.patch
+1528304-67a1.patch
+1535050-67a1.patch
+1535026-67a1.patch
+1535649-67a1.patch
+1471648-67a1.patch
+1526973-67a1.patch
+1428714-67a1.patch
+1528652-67a1.patch
+1532553-67a1.patch
+1535242-68a1.patch
+1530544-68a1.patch
+1535243-68a1.patch
+1524429-1-68a1.patch
+1524429-2-68a1.patch
+1536887-68a1.patch
+1536783-68a1.patch
+1380031-68a1.patch
+1480480-68a1.patch
+1539574-68a1.patch
+1377304-68a1.patch
+1434848-68a1.patch
+1540540-68a1.patch
+524410-1-68a1.patch
+524410-2-68a1.patch
+524410-3-68a1.patch
+524410-4-68a1.patch
+524410-5-68a1.patch
+1541068-68a1.patch
+1538810-1-68a1.patch
+1538810-2-68a1.patch
+1405345-68a1.patch
+1544431-68a1.patch
+1544981-68a1.patch
+1545521-68a1.patch
+1545583-68a1.patch
+1544980-68a1.patch
+1546491-68a1.patch
+1547143-PARTIAL-hyphenation-only-68a1.patch
+1457669-68a1.patch
+1549833-68a1.patch
+1550532-68a1.patch
+1540733-68a1.patch
+1549886-1only-PARTIAL-68a1.patch
+1505471-68a1.patch
+1552336-68a1.patch
+1633880-1-68.patch
+1633880-2-68.patch
+1521734-1-68a1.patch
+1521734-2-68a1.patch
+1521734-3-68a1.patch
+1542826-6only-68a1.patch
+1550868-68a1.patch
+1530659-68a1.patch
+1520948-1-68a1.patch
+1520948-2-68a1.patch
+1539648-68a1.patch
+1546558-68a1.patch
+1549646-68a1.patch
+1544881-68a1.patch
+1536672-PARTIAL-68a1.patch
+1525968-3only-PARTIAL-68a1.patch
+1540079-68a1.patch
+1541329-68a1.patch
+1542673-68a1.patch
+1545567-68a1.patch
+1535948-68a1.patch
+1504308-68a1.patch
+1540089-1-68a1.patch
+1540089-2-68a1.patch
+1526072-PARTIAL-68a1.patch
+1537574-68a1.patch
+1543663-1no2-68a1.patch
+1543663-3-68a1.patch
+1549206-1-68a1.patch
+1549206-2-68a1.patch
+1537644-68a1.patch
+1540136-1-68a1.patch
+1540136-2-68a1.patch
+1540136-3-68a1.patch
+1540136-4-68a1.patch
+1540136-5-68a1.patch
+1536836-68a1.patch
+1552430-68a1.patch
+1533481-1-68a1.patch
+1533481-2-68a1.patch
+1533481-3-68a1.patch
+1533481-4-68a1.patch
+1533481-5-68a1.patch
+1533481-6-68a1.patch
+1533481-7no8-68a1.patch
+1533481-9no10-68a1.patch
+1543644-68a1.patch
+1532630-68a1.patch
+1541818-68a1.patch
+1522931-1only-68a1.patch
+1495672-68a1.patch
+1547847-68a1.patch
+1549554-68a1.patch
+1549794-68a1.patch
+1353680-1-68a1.patch
+1353680-2-68a1.patch
+1521996-1-PARTIAL-68a1.patch
+1543642-1-68a1.patch
+1543642-2-68a1.patch
+1543642-3-68a1.patch
+1543642-4-68a1.patch
+1543642-5-68a1.patch
+1543642-6-68a1.patch
+1535355-1-68a1.patch
+1535355-2-68a1.patch
+1536763-68a1.patch
+1537576-68a1.patch
+1542878-68a1.patch
+1542097-68a1.patch
+1536410-68a1.patch
+1534341-68a1.patch
+1538382-68a1.patch
+1540653-68a1.patch
+1536230-68a1.patch
+1195299-2only-68a1.patch
+1547038-68a1.patch
+1540145-68a1.patch
+1526243-68a1.patch
+1542691-68a1.patch
+1547931-68a1.patch
+1535226-68a1.patch
+1541269-68a1.patch
+1519636-13-crashreporter-68a1.patch
+1433685-68a1.patch
+1546697-1-68a1.patch
+1547143-2-crashreporter-68a1.patch
+1547698-1-68a1.patch
+1547698-2-68a1.patch
+1547698-3-68a1.patch
+1547698-4-68a1.patch
+1541285-68a1.patch
+1546501-crashreporter-68a1.patch
+1540142-68a1.patch
+1551084-1-69a1.patch
+1551084-2-69a1.patch
+1551084-3-69a1.patch
+1551084-4-69a1.patch
+1551084-5-69a1.patch
+1552627-2only-69a1.patch
+1552672-69a1.patch
+1480236-PARTIAL-notests-69a1.patch
+1543829-69a1.patch
+1519636-PARTIAL-hyphenation-only-69a1.patch
+1556257-69a1.patch
+1555329-69a1.patch
+1553864-69a1.patch
+1554306-69a1.patch
+1556662-69a1.patch
+1552658-69a1.patch
+1551639-1-69a1.patch
+1551639-2-69a1.patch
+1551639-3-69a1.patch
+1501277-69a1.patch
+1549386-69a1.patch
+1557229-69a1.patch
+1557291-69a1.patch
+1552121-69a1.patch
+1551844-69a1.patch
+1558883-69a1.patch
+1558737-69a1.patch
+1524194-2-69a1.patch
+1410013-69a1.patch
+1559900-69a1.patch
+1560439-69a1.patch
+1556103-1only-69a1.patch
+1551690-69a1.patch
+1547730-01-69a1.patch
+1547730-02-69a1.patch
+1547730-03-69a1.patch
+1547730-04-69a1.patch
+1547730-06-69a1.patch
+1547730-07-69a1.patch
+1547730-08-69a1.patch
+1547730-09-69a1.patch
+1547730-10-69a1.patch
+1547730-11-69a1.patch
+1547730-12-69a1.patch
+1547730-13-69a1.patch
+1547730-14-69a1.patch
+1547730-15-69a1.patch
+1547730-16-69a1.patch
+1547730-17-69a1.patch
+1547730-18-69a1.patch
+1547730-19-69a1.patch
+1547730-20-69a1.patch
+1547730-21-69a1.patch
+1547730-22-69a1.patch
+1547730-23-69a1.patch
+1547730-24-69a1.patch
+1547730-25-69a1.patch
+1547730-26-69a1.patch
+1547730-27-69a1.patch
+1547730-28-69a1.patch
+1473498-01-69a1.patch
+1473498-02-69a1.patch
+1473498-03-69a1.patch
+1473498-04-69a1.patch
+1473498-05-69a1.patch
+1547193-69a1.patch
+1507696-69a1.patch
+1550956-69a1.patch
+1554186-69a1.patch
+1557583-1-69a1.patch
+1557583-2-69a1.patch
+1560527-69a1.patch
+1561465-1-69a1.patch
+1561465-2-69a1.patch
+1561822-69a1.patch
+1556880-69a1.patch
+1551078-69a1.patch
+1554115-69a1.patch
+1561069-69a1.patch
+1561088-69a1.patch
+1559975-01-69a1.patch
+1559975-02-69a1.patch
+1559975-03-69a1.patch
+1559975-04-69a1.patch
+1520001-1only-69a1.patch
+1552687-69a1.patch
+1542746-1-PARTIAL-69a1.patch
+1542746-3no2-69a1.patch
+1542963-1-69a1.patch
+1542963-2-69a1.patch
+1542963-3-69a1.patch
+1542963-4-69a1.patch
+1542963-5-69a1.patch
+1542963-6-69a1.patch
+1542963-7-69a1.patch
+1557336-69a1.patch
+1551368-1-69a1.patch
+1551368-2-69a1.patch
+1551368-3-69a1.patch
+1559975-08-69a1.patch
+1557278-69a1.patch
+1464007-69a1.patch
+1559740-1-69a1.patch
+1559740-2-69a1.patch
+1555824-69a1.patch
+1554056-69a1.patch
+1554928-69a1.patch
+1560044-1-69a1.patch
+1560044-2-69a1.patch
+1560044-3-69a1.patch
+1557213-1only-69a1.patch
+1557528-69a1.patch
+1618065-69a1.patch
+1548563-69a1.patch
+1562083-69a1.patch
+1553226-69a1.patch
+1555427-69a1.patch
+1555917-69a1.patch
+1556073-69a1.patch
+1561494-69a1.patch
+1556891-1-69a1.patch
+1556891-2-69a1.patch
+1558554-69a1.patch
+1555954-69a1.patch
+1543725-69a1.patch
+1561435-62-69a1.patch
+1558372-70a1.patch
+1561749-70a1.patch
+1564117-1-70a1.patch
+1564117-2-70a1.patch
+1563937-70a1.patch
+1564643-70a1.patch
+1510351-70a1.patch
+1526744-70a1.patch
+1539451-PARTIAL-webide-70a1.patch
+1563133-70a1.patch
+1565130-70a1.patch
+1569223-2-70a1.patch
+1570334-70a1.patch
+1539780-70a1.patch
+1574058-70a1.patch
+1575420-70a1.patch
+1564897-70a1.patch
+1560700-1-70a1.patch
+1560700-2-70a1.patch
+1574056-70a1.patch
+1570697-70a1.patch
+1572986-70a1.patch
+1574402-70a1.patch
+1404367-70a1.patch
+1402379-1only-70a1.patch
+1562686-2only-70a1.patch
+1577685-70a1.patch
+1559195-PARTIAL-70a1.patch
+1577867-70a1.patch
+1577869-70a1.patch
+1564216-1-70a1.patch
+1562462-2-70a1.patch
+1473498-06-70a1.patch
+1473498-07-70a1.patch
+1473498-08-70a1.patch
+1473498-09no10-70a1.patch
+1473498-11-70a1.patch
+1473498-12-70a1.patch
+1575135-2-70a1.patch
+1563085-70a1.patch
+1566032-70a1.patch
+1559975-10-70a1.patch
+1559975-11-70a1.patch
+1559975-12-70a1.patch
+1559975-13-70a1.patch
+1559975-14-70a1.patch
+1559975-15-70a1.patch
+1559975-16-70a1.patch
+1559975-17-70a1.patch
+1559975-18-70a1.patch
+1559975-19-70a1.patch
+1559975-20-70a1.patch
+1559975-21-70a1.patch
+1559975-22-70a1.patch
+1559975-23-70a1.patch
+1559975-24-70a1.patch
+1559975-25-70a1.patch
+1559975-26-70a1.patch
+1559975-28-70a1.patch
+1559975-29-70a1.patch
+1559975-30-70a1.patch
+1559975-31-70a1.patch
+1559975-32-70a1.patch
+1559975-33-70a1.patch
+1559975-35-70a1.patch
+1559975-36-70a1.patch
+1559975-37-70a1.patch
+1562462-1-70a1.patch
+1563797-1-70a1.patch
+1563797-2-70a1.patch
+1563797-3-70a1.patch
+1563797-4-70a1.patch
+1568713-70a1.patch
+1569075-70a1.patch
+1575135-1-70a1.patch
+1575135-3-70a1.patch
+1575135-4-70a1.patch
+1575135-5-70a1.patch
+1575135-6-70a1.patch
+1575135-7-70a1.patch
+1575135-8-70a1.patch
+844509-1-70a1.patch
+844509-2-70a1.patch
+844509-3-70a1.patch
+844509-4-70a1.patch
+1575375-01-70a1.patch
+1575375-03-70a1.patch
+1575375-04-70a1.patch
+1575375-05-70a1.patch
+1575375-06-70a1.patch
+1575375-07-70a1.patch
+1575375-08no09-70a1.patch
+1575375-10-70a1.patch
+1575804-1-70a1.patch
+1575804-2-70a1.patch
+1473498-13-70a1.patch
+1473498-14-70a1.patch
+1473498-15-70a1.patch
+1473498-16-70a1.patch
+1473498-17-70a1.patch
+1210157-1-70a1.patch
+1210157-2-70a1.patch
+1210157-3-70a1.patch
+1210157-4-70a1.patch
+1210157-5-70a1.patch
+1210157-6-70a1.patch
+1210157-7-70a1.patch
+1577603-70a1.patch
+1561695-70a1.patch
+1566180-70a1.patch
+1571934-1-70a1.patch
+1571934-2-70a1.patch
+1573406-70a1.patch
+1570597-70a1.patch
+1564434-70a1.patch
+1573722-70a1.patch
+1357317-70a1.patch
+1560574-70a1.patch
+1555762-70a1.patch
+1512487-1-70a1.patch
+1512487-2-70a1.patch
+1568484-70a1.patch
+1485793-70a1.patch
+1562645-1-70a1.patch
+1562645-2-70a1.patch
+1570772-1-70a1.patch
+1570772-2-70a1.patch
+1570772-3-70a1.patch
+1570772-4-70a1.patch
+1570772-5no67-70a1.patch
+1573080-1-70a1.patch
+1573080-2-70a1.patch
+1576097-1-70a1.patch
+1561323-70a1.patch
+1513705-70a1.patch
+1575436-70a1.patch
+1321281-1-70a1.patch
+1321281-2-70a1.patch
+1564330-70a1.patch
+1565717-1-70a1.patch
+1565717-2-70a1.patch
+1565717-3-70a1.patch
+1565717-4-70a1.patch
+1565717-5-70a1.patch
+1568515-70a1.patch
+1564449-70a1.patch
+1566960-70a1.patch
+1567888-70a1.patch
+1435498-70a1.patch
+1572046-70a1.patch
+1572394-70a1.patch
+1573314-70a1.patch
+1573861-70a1.patch
+1573566-6-70a1.patch
+1565725-70a1.patch
+1574761-70a1.patch
+1568634-70a1.patch
+1576941-70a1.patch
+1577326-70a1.patch
+1565314-70a1.patch
+1566855-70a1.patch
+1578531-71a1.patch
+1577411-71a1.patch
+1579546-71a1.patch
+1579545-71a1.patch
+1577799-71a1.patch
+1581921-71a1.patch
+1582078-71a1.patch
+1567642-8-71a1.patch
+1581248-71a1.patch
+1539462-1only-webide-71a1.patch
+1583177-71a1.patch
+1585305-71a1.patch
+1576859-71a1.patch
+1550108-1only-71a1.patch
+1580356-3only-PARTIAL-71a1.patch
+1587187-71a1.patch
+1201401-682.patch
+1584907-71a1.patch
+1577871-71a1.patch
+1577908-71a1.patch
+1559975-38-71a1.patch
+1559975-39-71a1.patch
+1559975-40-71a1.patch
+1559975-41-71a1.patch
+1578198-71a1.patch
+1577517-71a1.patch
+1577826-1-71a1.patch
+1577826-2-71a1.patch
+1567642-1-71a1.patch
+1567642-2-71a1.patch
+1567642-3-71a1.patch
+1567642-4-71a1.patch
+1579455-1-71a1.patch
+1579455-2-71a1.patch
+1579455-3-71a1.patch
+1583958-71a1.patch
+1580533-71a1.patch
+1494090-71a1.patch
+1562996-71a1.patch
+1433941-71a1.patch
+1586358-71a1.patch
+1584452-71a1.patch
+1587206-1-71a1.patch
+1583582-71a1.patch
+1587913-71a1.patch
+1587715-PARTIAL-71a1.patch
+1580280-3-71a1.patch
+1580280-9-71a1.patch
+1398167-71a1.patch
+1570772-8-71a1.patch
+1577501-71a1.patch
+1580492-71a1.patch
+1580280-1-71a1.patch
+1580280-2-71a1.patch
+1580280-4-71a1.patch
+1580280-6-71a1.patch
+1554657-71a1.patch
+1580280-7-71a1.patch
+1577726-1-71a1.patch
+1577726-2-71a1.patch
+1577726-3-71a1.patch
+1577726-4-71a1.patch
+1585686-71a1.patch
+1585565-1-71a1.patch
+1585565-2-71a1.patch
+1585702-1-71a1.patch
+1585702-2-71a1.patch
+1585702-3-71a1.patch
+1584567-1-71a1.patch
+1585828-71a1.patch
+1578348-71a1.patch
+1581015-71a1.patch
+1586010-71a1.patch
+1579775-1-71a1.patch
+1579775-2-71a1.patch
+1578776-71a1.patch
+1578478-71a1.patch
+1579523-71a1.patch
+1580931-71a1.patch
+1582743-71a1.patch
+1579479-71a1.patch
+1586165-71a1.patch
+1579758-71a1.patch
+1496746-71a1.patch
+1580317-71a1.patch
+1583360-71a1.patch
+1575216-71a1.patch
+1585146-1-71a1.patch
+1585146-2-71a1.patch
+1585672-71a1.patch
+1578145-71a1.patch
+1588947-72a1.patch
+1426865-2-72a1.patch
+1426865-4-72a1.patch
+1584296-72a1.patch
+1569728-1only-72a1.patch
+1593966-72a1.patch
+1587116-72a1.patch
+1590907-2-72a1.patch
+1579189-72a1.patch
+1371390-72a1.patch
+1577336-3only-PARTIAL-72a1.patch
+1536848-72a1.patch
+1595674-72a1.patch
+1598164-3only-72a1.patch
+1566141-1-72a1.patch
+1566141-2-72a1.patch
+1566141-3-72a1.patch
+1566141-4-PARTIAL-72a1.patch
+1566141-5-72a1.patch
+1566141-6-72a1.patch
+1566141-7-72a1.patch
+1566141-8-72a1.patch
+1593415-1-72a1.patch
+1593415-2-72a1.patch
+1599163-72a1.patch
+1578576-1-72a1.patch
+1578576-2no34-72a1.patch
+1562642-16-72a1.patch
+1562642-21-72a1.patch
+1562642-25-72a1.patch
+1578910-72a1.patch
+1598202-72a1.patch
+1590344-72a1.patch
+1591220-72a1.patch
+1212502-1-72a1.patch
+1212502-2-72a1.patch
+1212502-3-72a1.patch
+1590907-5-72a1.patch
+1595995-72a1.patch
+1598417-72a1.patch
+1508320-72a1.patch
+1595836-72a1.patch
+1596431-72a1.patch
+1598830-72a1.patch
+1587232-72a1.patch
+1598273-72a1.patch
+1593105-72a1.patch
+1581224-72a1.patch
+1593486-1-72a1.patch
+1593486-2-72a1.patch
+1593486-3-72a1.patch
+1592855-1-72a1.patch
+1592855-2-72a1.patch
+1592855-3-72a1.patch
+1592855-4-72a1.patch
+1597686-72a1.patch
+1598839-72a1.patch
+1598099-72a1.patch
+1589792-72a1.patch
+1588123-72a1.patch
+1599648-72a1.patch
+1599744-72a1.patch
+1428718-1-72a1.patch
+1595220-72a1.patch
+1448349-72a1.patch
+1485057-72a1.patch
+1596807-72a1.patch
+1516367-72a1.patch
+838896-72a1.patch
+1598382-72a1.patch
+1420363-72a1.patch
+1583353-9-72a1.patch
+1596911-1-72a1.patch
+1599235-73a1.patch
+1592302-1-73a1.patch
+1592302-2-73a1.patch
+1592302-3-73a1.patch
+1594903-73a1.patch
+1595218-3only-73a1.patch
+1585404-73a1.patch
+1600782-73a1.patch
+1592307-01-73a1.patch
+1592307-02-73a1.patch
+1592307-03-73a1.patch
+1592307-04-73a1.patch
+1592307-05-73a1.patch
+1592307-06-73a1.patch
+1592307-07-73a1.patch
+1592307-08-73a1.patch
+1592307-09-73a1.patch
+1592307-10-73a1.patch
+1592307-11-73a1.patch
+1592307-12-73a1.patch
+1592307-13-73a1.patch
+1592307-14-73a1.patch
+1592307-15-73a1.patch
+1592307-16a-73a1.patch
+1592307-16b-73a1.patch
+1592307-17-73a1.patch
+1592307-18-73a1.patch
+1600664-73a1.patch
+1600911-73a1.patch
+1603561-73a1.patch
+1601703-73a1.patch
+1559975-42-73a1.patch
+1559975-43-73a1.patch
+1602525-73a1.patch
+1603181-73a1.patch
+1603262-73a1.patch
+1602540-73a1.patch
+1604277-73a1.patch
+1604337-73a1.patch
+1581016-73a1.patch
+1590745-73a1.patch
+1464038-73a1.patch
+1600695-73a1.patch
+1601578-73a1.patch
+1606008-73a1.patch
+1606160-73a1.patch
+1606336-73a1.patch
+1606340-73a1.patch
+1606462-73a1.patch
+1605264-73a1.patch
+1606490-73a1.patch
+1606504-73a1.patch
+1606692-73a1.patch
+726479-73a1.patch
+1581684-1-73a1.patch
+1581684-2-73a1.patch
+1581684-3-73a1.patch
+1604360-1-73a1.patch
+1604360-2-73a1.patch
+1604360-3-73a1.patch
+1604360-4-73a1.patch
+1604360-5-73a1.patch
+1604360-6-73a1.patch
+1604360-7-73a1.patch
+1604360-8-73a1.patch
+1604360-9-73a1.patch
+1604814-73a1.patch
+1604307-73a1.patch
+1604557-73a1.patch
+1604881-73a1.patch
+1603645-73a1.patch
+1605144-73a1.patch
+1605145-73a1.patch
+1516279-73a1.patch
+1280561-73a1.patch
+1596660-PARTIAL-removeonly-73a1.patch
+1606728-74a1.patch
+1606124-74a1.patch
+1607919-1-74a1.patch
+1607919-2-74a1.patch
+1607919-3-74a1.patch
+1563797-5-74a1.patch
+1607284-74a1.patch
+1607345-74a1.patch
+1607503-74a1.patch
+1607512-74a1.patch
+1563797-6-74a1.patch
+1607470-74a1.patch
+1608091-74a1.patch
+1608880-74a1.patch
+1609281-74a1.patch
+1610774-74a1.patch
+1609483-74a1.patch
+1610778-74a1.patch
+1608235-74a1.patch
+1607193-1-74a1.patch
+1611088-74a1.patch
+1608535-1-74a1.patch
+1608535-2-74a1.patch
+1607204-74a1.patch
+1610944-74a1.patch
+1611340-74a1.patch
+1612025-74a1.patch
+1611002-74a1.patch
+1611465-74a1.patch
+1601684-74a1.patch
+1604667-74a1.patch
+1569059-74a1.patch
+1612579-74a1.patch
+1608570-PARTIAL-74a1.patch
+1572355-74a1.patch
+1605328-74a1.patch
+1596737-74a1.patch
+1609649-74a1.patch
+1486331-75a1.patch
+1609595-75a1.patch
+1613823-1-75a1.patch
+1614771-75a1.patch
+1614994-1-75a1.patch
+1614994-2-75a1.patch
+1608256-75a1.patch
+1616426-75a1.patch
+1606970-75a1.patch
+1615423-75a1.patch
+1614518-1-75a1.patch
+1614518-2-75a1.patch
+1614518-3-75a1.patch
+1614518-4-75a1.patch
+1614518-5-75a1.patch
+1614518-6-75a1.patch
+1614518-7-75a1.patch
+1614518-8-75a1.patch
+1617095-75a1.patch
+1617652-gyp-75a1.patch
+1617639-75a1.patch
+1614136-75a1.patch
+1618288-1-75a1.patch
+1618288-2-75a1.patch
+1616885-75a1.patch
+1616920-75a1.patch
+1616989-75a1.patch
+1617014-75a1.patch
+1617303-75a1.patch
+1617313-75a1.patch
+1618775-75a1.patch
+1609116-75a1.patch
+1611006-75a1.patch
+1618620-3-75a1.patch
+1618620-4-75a1.patch
+1618620-5-75a1.patch
+1618620-6-75a1.patch
+1618620-9-75a1.patch
+1612077-75a1.patch
+1619408-75a1.patch
+1619280-75a1.patch
+1620035-2-75a1.patch
+1620035-3-75a1.patch
+1620035-5-75a1.patch
+1620035-8-75a1.patch
+1617147-75a1.patch
+1620158-75a1.patch
+1620513-75a1.patch
+1619475-1-75a1.patch
+1619475-2-75a1.patch
+1613263-75a1.patch
+1619788-75a1.patch
+1604616-75a1.patch
+1619867-75a1.patch
+1612060-75a1.patch
+1615511-3-75a1.patch
+1620140-1-75a1.patch
+1620140-2-75a1.patch
+1620140-4-75a1.patch
+1620140-6-75a1.patch
+1620140-7-75a1.patch
+1620140-8-75a1.patch
+1620140-9-75a1.patch
+1620449-75a1.patch
+1618879-75a1.patch
+1583854-75a1.patch
+1620433-76a1.patch
+1620744-01-76a1.patch
+1620744-02-76a1.patch
+1620744-03no04-76a1.patch
+1620744-05-76a1.patch
+1620744-08-76a1.patch
+1620744-09-76a1.patch
+1620744-10-76a1.patch
+1620744-11-76a1.patch
+1620744-12-76a1.patch
+1620744-13-76a1.patch
+1620020-01-76a1.patch
+1620020-02-76a1.patch
+1620020-03-76a1.patch
+1620020-04-76a1.patch
+1620020-05-76a1.patch
+1620020-06-76a1.patch
+1620020-07-76a1.patch
+1620020-08-76a1.patch
+1620020-09-76a1.patch
+1620020-10-76a1.patch
+1620020-11-76a1.patch
+1620020-12-76a1.patch
+1620020-13-76a1.patch
+1620020-14-76a1.patch
+1620020-15-76a1.patch
+1622227-76a1.patch
+1623132-1-76a1.patch
+1623132-2-76a1.patch
+1622356-76a1.patch
+1620471-76a1.patch
+1624015-1-76a1.patch
+1624015-2-76a1.patch
+1624015-3-76a1.patch
+1624015-4-76a1.patch
+1623593-76a1.patch
+1626007-76a1.patch
+1594545-01-76a1.patch
+1594545-02-76a1.patch
+1594545-03-76a1.patch
+1594545-04-76a1.patch
+1594545-05-76a1.patch
+1594545-06-76a1.patch
+1594545-07-76a1.patch
+1594545-08-76a1.patch
+1594545-09-76a1.patch
+1594545-10-76a1.patch
+1594545-11-76a1.patch
+1594545-12-76a1.patch
+1594545-13-76a1.patch
+1613985-PARTIAL-jsoncpponly-76a1.patch
+1627439-76a1.patch
+1619154-76a1.patch
+1623952-76a1.patch
+1602271-76a1.patch
+1601140-1-76a1.patch
+1601140-2-76a1.patch
+1622021-76a1.patch
+1622405-1-76a1.patch
+1622405-2-76a1.patch
+1607193-2-76a1.patch
+1607193-3-76a1.patch
+1623656-76a1.patch
+1622974-1-76a1.patch
+1622974-2-76a1.patch
+1621322-2-76a1.patch
+1623339-1-76a1.patch
+1623339-2-76a1.patch
+1623339-3-76a1.patch
+1626104-76a1.patch
+1616584-76a1.patch
+1623765-76a1.patch
+1624190-1-76a1.patch
+1624190-2-76a1.patch
+1619460-76a1.patch
+1623982-76a1.patch
+1621439-76a1.patch
+1622789-76a1.patch
+1626163-76a1.patch
+1621198-76a1.patch
+1623684-76a1.patch
+1624670-1-76a1.patch
+1624670-2-76a1.patch
+1626550-76a1.patch
+1623321-76a1.patch
+1609823-76a1.patch
+1606703-77a1.patch
+1616353-1-77a1.patch
+1627255-1-77a1.patch
+1627255-2-77a1.patch
+1627992-77a1.patch
+1625285-77a1.patch
+1623701-77a1.patch
+1627163-01-77a1.patch
+1627163-02-77a1.patch
+1627163-03-77a1.patch
+1627163-04-77a1.patch
+1627163-05-77a1.patch
+1627163-07-77a1.patch
+1627163-08-77a1.patch
+1627163-09-77a1.patch
+1627163-10-77a1.patch
+1627163-11-77a1.patch
+1627163-12-77a1.patch
+1627163-13-77a1.patch
+1627163-15-77a1.patch
+1627163-16-77a1.patch
+1627163-17-77a1.patch
+1628683-77a1.patch
+1628205-77a1.patch
+1628748-77a1.patch
+1628641-77a1.patch
+1628498-1-77a1.patch
+1617748-77a1.patch
+1621436-77a1.patch
+1628498-2-77a1.patch
+1628131-77a1.patch
+1628976-77a1.patch
+1628927-77a1.patch
+1629159-77a1.patch
+1621359-1-77a1.patch
+1621359-2-77a1.patch
+1628663-1-77a1.patch
+1628663-2-77a1.patch
+1629595-77a1.patch
+1628621-77a1.patch
+1630426-77a1.patch
+1628954-1-77a1.patch
+1628954-2-77a1.patch
+1621440-77a1.patch
+1629797-77a1.patch
+1621441-77a1.patch
+1632354-77a1.patch
+1632353-77a1.patch
+1627072-77a1.patch
+1628726-77a1.patch
+1578917-77a1.patch
+1621361-77a1.patch
+1632348-77a1.patch
+1631063-77a1.patch
+1632461-77a1.patch
+1632770-77a1.patch
+1632974-77a1.patch
+1632300-77a1.patch
+1634834-77a1.patch
+1634187-77a1.patch
+1631211-77a1.patch
+1634623-1-78a1.patch
+1634623-2-78a1.patch
+1634623-3-78a1.patch
+1632916-78a1.patch
+1633039-78a1.patch
+1633037-78a1.patch
+1635585-78a1.patch
+1636209-78a1.patch
+1633156-78a1.patch
+1633628-78a1.patch
+1636265-78a1.patch
+1636122-78a1.patch
+1637474-1-78a1.patch
+1637474-2-78a1.patch
+1638036-78a1.patch
+1638195-PARTIAL-78a1.patch
+1639813-78a1.patch
+1638060-78a1.patch
+1624857-78a1.patch
+1641073-78a1.patch
+1635764-78a1.patch
+1641640-2-78a1.patch
+1635491-78a1.patch
+1635514-78a1.patch
+1632429-3-PARTIAL-78a1.patch
+1637778-78a1.patch
+1579329-78a1.patch
+1639151-78a1.patch
+1638948-78a1.patch
+1638951-78a1.patch
+1638967-78a1.patch
+1638982-2-78a1.patch
+1638995-78a1.patch
+1638983-78a1.patch
+1634675-78a1.patch
+1638993-78a1.patch
+1638976-78a1.patch
+1637305-78a1.patch
+1637665-78a1.patch
+1637737-78a1.patch
+1639815-1-78a1.patch
+1639815-2-78a1.patch
+1639815-3-78a1.patch
+1639815-4-78a1.patch
+1639815-5-78a1.patch
+1639815-6-78a1.patch
+1639815-7-78a1.patch
+1639815-8-78a1.patch
+1632345-78a1.patch
+1637911-78a1.patch
+1634535-78a1.patch
+1635481-78a1.patch
+1635271-78a1.patch
+1637254-2-78a1.patch
+1635573-PARTIAL-78a1.patch
+1640171-2-78a1.patch
+1631197-78a1.patch
+1638780-78a1.patch
+1637381-1-78a1.patch
+1637381-7-78a1.patch
+1640716-78a1.patch
+1641242-78a1.patch
+1639313-78a1.patch
+1639624-78a1.patch
+1643026-78a1.patch
+1634563-78a1.patch
+1635099-78a1.patch
+1637409-78a1.patch
+1633016-78a1.patch
+1639569-78a1.patch
+1638870-78a1.patch
+1619339-78a1.patch
+1638965-78a1.patch
+1638954-78a1.patch
+1638978-78a1.patch
+1127565-78a1.patch
+1621960-781.patch
+1635834-78a1.patch
+1638012-78a1.patch
+985141-1-78a1.patch
+985141-3-78a1.patch
+1642032-1-79a1.patch
+1642032-2-79a1.patch
+1642032-3-79a1.patch
+1635293-79a1.patch
+1642005-79a1.patch
+1623024-1-79a1.patch
+1623024-4-79a1.patch
+1643229-79a1.patch
+1633937-79a1.patch
+1496639-79a1.patch
+1646421-1-79a1.patch
+1646421-2-79a1.patch
+1646421-3-79a1.patch
+1646421-4-79a1.patch
+1634765-79a1.patch
+1643166-79a1.patch
+1622963-79a1.patch
+1621960-1-79a1.patch
+1621960-2-79a1.patch
+1621960-4-79a1.patch
+1621960-5-79a1.patch
+1632429-09-79a1.patch
+1632429-10-79a1.patch
+1463035-79a1.patch
+1643258-PARTIAL-79a1.patch
+1632080-79a1.patch
+1642040-79a1.patch
+1642446-79a1.patch
+1632874-1-79a1.patch
+1647865-79a1.patch
+1648336-79a1.patch
+1240930-80a1.patch
+1649850-80a1.patch
+1654796-80a1.patch
+1652675-80a1.patch
+1481425-2-80a1.patch
+1607426-80a1.patch
+1616694-1only-80a1.patch
+1650306-1-80a1.patch
+1650306-2-80a1.patch
+1650834-2-80a1.patch
+1651403-80a1.patch
+1652756-80a1.patch
+1653201-80a1.patch
+1646406-81a1.patch
+1655361-81a1.patch
+1656993-81a1.patch
+1658486-81a1.patch
+1660105-81a1.patch
+1654470-81a1.patch
+1654074-1-81a1.patch
+1657168-81a1.patch
+1652374-2only-81a1.patch
+1657650-78.patch
+1659047-81a1.patch
+1659575-81a1.patch
+1662381-78.patch
+1661485-81a1.patch
+1665675-78.patch
+1656044-PARTIAL-81a1.patch
+1659265-PARTIAL-81a1.patch
+1722225-1-killtelemetry-bhr-2539.patch
+1722225-2-killtelemetry-bhr-2539.patch
+1655835-81a1.patch
+1657504-1-81a1.patch
+1657504-2-81a1.patch
+1594914-81a1.patch
+1656611-81a1.patch
+1657677-81a1.patch
+1656614-81a1.patch
+1657717-81a1.patch
+1658651-81a1.patch
+1659539-82a1.patch
+1659542-82a1.patch
+1662775-82a1.patch
+1662819-82a1.patch
+1662851-82a1.patch
+1663863-82a1.patch
+1665494-82a1.patch
+1662793-82a1.patch
+1664210-82a1.patch
+1627944-83a1.patch
+1654457-1-83a1.patch
+1654457-2-83a1.patch
+1667394-83a1.patch
+1670039-83a1.patch
+1670784-83a1.patch
+1658308-1-83a1.patch
+1667835-83a1.patch
+1667473-1-83a1.patch
+1667473-2-83a1.patch
+1605273-83a1.patch
+1663550-8-83a1.patch
+1667896-83a1.patch
+1669615-83a1.patch
+1669471-83a1.patch
+1670130-83a1.patch
+1672563-84a1.patch
+1672506-84a1.patch
+1654103-PARTIAL-ANGLE-84a1.patch
+1661450-1no2or3-84a1.patch
+1661450-4no5-84a1.patch
+1620075-1-84a1.patch
+1620075-2-84a1.patch
+1620075-3-84a1.patch
+1620075-4-84a1.patch
+1620075-5-84a1.patch
+1677187-84a1.patch
+1672940-84a1.patch
+1674923-84a1.patch
+1675675-84a1.patch
+1675707-1-84a1.patch
+1575293-84a1.patch
+1495733-1-84a1.patch
+1675587-84a1.patch
+1661624-85a1.patch
+1680162-85a1.patch
+1666345-85a1.patch
+1667152-85a1.patch
+1680519-85a1.patch
+1681406-85a1.patch
+1677914-2only-85a1.patch
+1678291-2-85a1.patch
+1678291-3-85a1.patch
+1680152-2-85a1.patch
+1680152-3-85a1.patch
+1671545-85a1.patch
+1680345-85a1.patch
+1679056-85a1.patch
+1680152-1-85a1.patch
+1658308-2-85a1.patch
+1679073-86a1.patch
+1680802-1-86a1.patch
+1680802-2-86a1.patch
+1680802-3-86a1.patch
+1681560-86a1.patch
+1681372-86a1.patch
+1685381-86a1.patch
+1686287-86a1.patch
+1581678-86a1.patch
+1680894-86a1.patch
+1480005-3-86a1.patch
+1687812-86a1.patch
+1656894-86a1.patch
+1682604-86a1.patch
+1684163-86a1.patch
+1619197-86a1.patch
+1681160-86a1.patch
+1691695-partial-87a1.patch
+1689034-3fix-87a1.patch
+1692135-87a1.patch
+1670538-87a1.patch
+1676636-87a1.patch
+1691317-87a1.patch
+1690349-1-87a1.patch
+1690349-2-87a1.patch
+1690349-3no4-87a1.patch
+1690349-5-87a1.patch
+1690745-87a1.patch
+1340901-87a1.patch
+1691957-87a1.patch
+1692254-87a1.patch
+1692383-87a1.patch
+1695773-88a1.patch
+1699332-88a1.patch
+1700171-88a1.patch
+1696581-1-88a1.patch
+1696581-2-88a1.patch
+1696935-88a1.patch
+1690604-88a1.patch
+1692940-5-88a1.patch
+1513184-88a1.patch
+1698827-88a1.patch
+1698592-89a1.patch
+1698595-1-PARTIAL-89a1.patch
+1698595-2-89a1.patch
+1377445-1-89a1.patch
+1377445-2no3-89a1.patch
+1700621-2only-89a1.patch
+1711050-nsrefreshdriveroptimize-2538.patch
+1695161-789.patch
+1680166-1-7811.patch
+1680166-2-7811.patch
+1602862-7811.patch
+1612116-7811.patch
+1707559-7811.patch
+739096-7only-90a1.patch
+1681371-90a1.patch
+1601904-90a1.patch
+1711044-2-version-mr-2538.patch
+1703760-7811.patch
+1717309-version-mr-2538.patch
+1665836-7812.patch
+1711576-7812.patch
+1709976-7812.patch
+1704784-90a1.patch
+1676542-90a1.patch
+1706452-90a1.patch
+1707834-90a1.patch
+1710369-90a1.patch
+1710957-90a1.patch
+1704683-90a1.patch
+1709791-90a1.patch
+1712675-3-90a1.patch
+1717528-1-version-mr-2539.patch
+1714872-msvc-nosse41-2539.patch
+1416891-5-BACKOUT-2539.patch
+1711811-90a1.patch
+1705837-2-90a1.patch
+1711816-90a1.patch
+1712023-2no1-90a1.patch
+1707953-90a1.patch
+1705837-1-90a1.patch
+1711872-91a1.patch
+1717559-91a1.patch
+1713081-2only-PARTIAL-zlib-91a1.patch
+1714177-91a1.patch
+1715254-91a1.patch
+1719146-91a1.patch
+1715766-91a1.patch
+1717185-91a1.patch
+1716518-toml-91a1.patch
+1666184-7813.patch
+1720568-7813.patch
+1720031-7813.patch
+1722204-7813.patch
+1722227-removecasting-2539.patch
+1714632-92a1.patch
+1720703-92a1.patch
+1721149-92a1.patch
+1722083-7813.patch
+1717528-2-version-mr-2539.patch
+1662676-7813.patch
+1726944-version-mr-2539.patch
+1727000-1-version-mr-25310.patch
+1721370-92a1.patch
+1716613-92a1.patch
+1728996-httpbrotli-25310.patch
+1602259-2-VS2019-gyp-25310.patch
+1728988-1-VS2022-base-25310.patch
+1728988-2-VS2022-gyp-25310.patch
+1724107-7814.patch
+1721107-7814.patch
+1724101-7814.patch
+1723391-7814.patch
+1725335-7815.patch
+1728321-7815.patch
+1737436-version-25310.patch
+1727000-2-version-mr-25310.patch
+1721326-2-92a1.patch
+1713769-1-913.patch
+1713769-2-913.patch
+1737845-version-mr-25310.patch
+1720432-92a1.patch
+1727014-1-93a1.patch
+531915-1-93a1.patch
+531915-2-93a1.patch
+531915-3-93a1.patch
+531915-4-93a1.patch
+531915-5-93a1.patch
+1729748-94a1.patch
+1729611-1-94a1.patch
+1729611-2-94a1.patch
+1729611-3-94a1.patch
+1730397-4only-94a1.patch
+1723031-1-94a1.patch
+1709303-1-94a1.patch
+1709303-2-94a1.patch
+1738598-PARTIAL-95a1.patch
+1730048-913.patch
+1730935-913.patch
+1730156-913.patch
+1735152-913.patch
+1729517-913.patch
+1736049-913.patch
+1712671-913.patch
+1606864-913.patch
+1737515-914.patch
+1696685-914.patch
+1739352-914.patch
+1723281-914.patch
+1727374-914.patch
+1730120-914.patch
+1736046-914.patch
+1737009-914.patch
+1738237-914.patch
+1739091-914.patch
+1739421-914.patch
+1722833-2-95a1.patch
+1730145-96a1.patch
+1746785-rust157fix-253102.patch
+1438084-createmar-mr-253102.patch
+1737435-1-version-mr-25311.patch
+1736486-PARTIAL-96a1.patch
+1739222-96a1.patch
+1742168-PARTIAL-96a1.patch
+1743538-96a1.patch
+1743780-96a1.patch
+1730033-96a1.patch
+1511670-1-webp-96a1.patch
+1495733-2-97a1.patch
+1747754-PARTIAL-97a1.patch
+1747783-1-97a1.patch
+1747783-2-97a1.patch
+1747782-97a1.patch
+1737252-915.patch
+1740389-915.patch
+1742334-915.patch
+1735071-915.patch
+1731430-915.patch
+1737816-915.patch
+1746011-915.patch
+1746720-915.patch
+1664149-915.patch
+1748325-1-915.patch
+1748325-2-915.patch
+1748325-3-915.patch
+1747325-97a1.patch
+1746299-97a1.patch
+1744575-97a1.patch
+1748279-916.patch
+1750407-killmoztelemetry-25311.patch
+1750407-killmozhealthreport-25311.patch
+1737435-2-version-mr-25311.patch
+1750902-916.patch
+1739957-916.patch
+1743012-916.patch
+1747185-916.patch
+1750168-916.patch
+1749283-917.patch
+1755289-version-mr-25311.patch
+1750406-1-version-mr-25312.patch
+1755558-nodeprecation-25312.patch
+1743309-97a1.patch
+1748859-97a1.patch
+1742849-97a1.patch
+1744234-97a1.patch
+1432983-97a1.patch
+1737313-2-97a1.patch
+1745177-97a1.patch
+1747773-98a1.patch
+1752025-webp-98a1.patch
+1687541-webp-98a1.patch
+1753050-webp-98a1.patch
+1745860-98a1.patch
+1741873-99a1.patch
+1754724-1-99a1.patch
+1754724-2-99a1.patch
+1754724-3-99a1.patch
+1750760-1-99a1.patch
+1750760-3-99a1.patch
+1750760-4-99a1.patch
+1757308-99a1.patch
+1758062-9162.patch
+NOBUG-removemobilepromo-25312.patch
+NOBUG-disableupdates-25312.patch
+NOBUG-pocket2-25312.patch
+NOBUG-removeflashhang-25312.patch
+1756701-1-100a1.patch
+1756701-2-100a1.patch
+1762733-removepluginprefs-25312.patch
+1762733-removeflashblocking-25312.patch
+1756957-918.patch
+1761026-918.patch
+1750406-2-version-beta-mr-25312.patch
+1765521-version-release-mr-25312.patch
+1762781-1-version-prebeta-mr-25313.patch
+1753729-1only-100a1.patch
+1761799-100a1.patch
+1761974-100a1.patch
+1756061-100a1.patch
+1088140-100a1.patch
+1762614-1-101a1.patch
+1762614-2-101a1.patch
+1764778-919.patch
+1684739-919.patch
+1762125-919.patch
+1762620-919.patch
+1660745-101a1.patch
+1766853-101a1.patch
+1765474-3only-101a1.patch
+1766081-101a1.patch
+1761534-2-101a1.patch
+1758008-101a1.patch
+1771434-102a1.patch
+NOBUG-cleanbootstrap-25313.patch
+1730434-9110.patch
+1770137-1-9110.patch
+1770137-2-9110.patch
+1770048-9110.patch
+1762781-2-version-beta-mr-25313.patch
+1765049-9191.patch
+1743767-9110.patch
+1771381-9111.patch
+1770123-9111.patch
+1497246-9111.patch
+1757604-9111.patch
+1773717-9111.patch
+1769627-102a.patch
+1772805-version-release-mr-25313.patch
+1772804-1-version-prebeta-mr-25314.patch
+1761764-102a1.patch
+1766848-102a1.patch
+1142667-102a1.patch
+1768568-102a1.patch
+1766085-102a1.patch
+1761275-webp-102a1.patch
+1776344-103a1.patch
+1773952-103a1.patch
+1773584-103a1.patch
+1772635-104a1.patch
+1743947-104a1.patch
+NOBUG-vendorrust-25314.patch
+1779037-removewhitelist-25314.patch
+NOBUG-wfx-pgo-25314.patch
+1783784-105a1.patch
+1595259-1-105a1.patch
+1595259-2-105a1.patch
+1595259-3-105a1.patch
+1776210-105a1.patch
+1782988-1only-105a1.patch
+1783985-1-105a1.patch
+1783985-2no3-105a1.patch
+1772804-2-version-beta-mr-25314.patch
+1786135-version-release-mr-25314.patch
+1786133-1-version-prebeta-mr-25315.patch
+1392929-mc-contentprefs2-25315.patch
+NOBUG-ppcheck-25315.patch
+1788233-106a1.patch
+1792041-1024.patch
+1785953-106a1.patch
+1787959-106a1.patch
+1789729-1024.patch
+1737436-2-version-25315.patch
+1789560-107a1.patch
+1791598-107a1.patch
+1734650-108a1.patch
+1786133-2-version-beta-mr-25315.patch
+1796811-108a1.patch
+1767920-1025.patch
+1797336-108a1.patch
+1761303-108a1.patch
+1789808-1025.patch
+1799748-1025.patch
+1746139-1026.patch
+1633019-1026.patch
+1801315-1026.patch
+1801102-1026.patch
+1687303-1026.patch
+1795778-version-release-mr-25315.patch
+1795774-1-version-prebeta-mr-25316.patch
+1795324-108a1.patch
+1795568-108a1.patch
+1796013-PARTIAL-108a1.patch
+1799982-108a1.patch
+1806974-1027.patch
+1800425-1027.patch
+1777800-1027.patch
+1801894-109a1.patch
+1804298-3no12-109a1.patch
+1804298-4-109a1.patch
+1801893-webp-109a1.patch
+1803469-webp-109a1.patch
+1801583-109a1.patch
+1787515-109a1.patch
+1782344-1-110a1.patch
+1782344-2-110a1.patch
+1782344-3-110a1.patch
+1782344-4-110a1.patch
+1782344-5-110a1.patch
+1782344-6-110a1.patch
+1760633-1-110a1.patch
+1760633-2-110a1.patch
+1760633-3-110a1.patch
+1810078-webp-111a1.patch
+1815737-111a1.patch
+1819374-4-112a1.patch
+1816737-112a1.patch
+1817900-13-112a1.patch
+NOBUG-licensepaths-25316.patch
+NOBUG-msvc-py3-25316.patch
+NOBUG-nofeatures-repack-25316.patch
+NOBUG-killtelemetry-ext-25316.patch
+NOBUG-killtelemetrytests-25316.patch
+1371065-1-sdk-removetests-25316.patch
+1371065-2-sdk-removemisc-25316.patch
+1371065-3-sdk-removemore-25316.patch
+1812155-cleanup-wcreporter-25316.patch
+1790160-1-1028.patch
+1790160-2-1028.patch
+1813424-1028.patch
+1811939-1028.patch
+1795774-2-version-beta-mr-25316.patch
+1811627-1029.patch
+1817442-1029.patch
+1816667-25316.patch
+1817655-version-release-mr-25316.patch
+1817654-1-version-prebeta-mr-25317.patch
+1814899-1029.patch
+1818674-1029.patch
+1817768-1029.patch
+1784348-10210.patch
+1823077-10210.patch
+1822216-113a1.patch
+1819244-webp-113a1.patch
+1826666-10211.patch
+1645865-10211.patch
+1827019-10211.patch
+1111233-115a1.patch
+1832984-115a1.patch
+1832708-115a1.patch
+NOBUG-cleanextensions-25317.patch
+NOBUG-removegctel-25317.patch
+NOBUG-disabledatareporting-25317.patch
+NOBUG-killtelemetrystartup-25317.patch
+NOBUG-killtelemetry-docshell-25317.patch
+1817654-2-version-beta-mr-25317.patch
+NOBUG-histo-utf-25317.patch
+1842686-stackoverflow-25317.patch
+1813299-116a1.patch
+1836529-webp-116a1.patch
+1840202-webp-116a1.patch
+1846080-10215.patch
+1841943-117a1.patch
+1837263-version-release-mr-25317.patch
+1837261-1-version-prebeta-mr-25318.patch
+NOBUG-removemobilethemes-25318.patch
+1842688-disablemaint-mozilla-25318.patch
+1842687-bundledfonts-25318.patch
+1850034-2only-118a1.patch
+1845205-118a1.patch
+1849470-1only-118a1.patch
+1849874-11503.patch
+1855550-11504.patch
+1852649-webp-119a1.patch
+1853098-webp-119a1.patch
+1852749-webp-119a1.patch
+1738426-119a1.patch
+1802057-119a1.patch
+1849433-11504.patch
+1801501-PARTIAL-NOTESTS-120a1.patch
+1836607-11504.patch
+1648336-120a1.patch
+1835524-sym-upload-fix-v1_2-25318.patch
+1835524-bugsplat-mr-v1_6-25318.patch
+1858551-crashreporter-vendor-v1_2-25318.patch
+1858570-11505.patch
+1854076-11505.patch
+1721612-11506.patch
+1837261-2-version-beta-mr-25318.patch
+1861842-version-release-mr-25318.patch
+1861843-1-version-prebeta-mr-25319.patch
+1826791-121a1.patch
+1660223-11507.patch
+NOBUG-removessdks-25319.patch
+NOBUG-nukemozlinker-25319.patch
+PPPPPPP-check_stdcxx-warn.patch
+PPPPPPP-NOBUG-PLASTER-getrandom.patch
+PPPPPPP-NSSgetentropy.patch
+WIP-1729459-comment25.patch
+TOP-1294490-7-PLASTER-webp-2535.patch
+TOP-1493400-6-PLASTER-dav1d-avoid-mColorDepth-2535.patch
+TOP-1445683-14-PLASTER-aom-fix-win32-bustage-2535.patch
+TOP-1683545-PLASTER-webrender-2536.patch
+TOP-1667581-3-PLASTER-2537.patch
+TOP-1469021-PLASTER-2538.patch
+TOP-1699835-PARTIAL-7810.patch
+TOP-1758291-fixgithubpolyfill-253111.patch
+TOP-1398895-2a-57a1.patch
+TOP-NOBUG-skiptests-25312.patch
+TOP-NOBUG-dav1d-V1-support-25312.patch
+TOP-NOBUG-unfiedloadicon-25312.patch
+TOP-NOBUG-nometadata-25312.patch
+TOP-1641640-BACKOUT-25313.patch
+TOP-NOBUG-fixup-VS2022-25313.patch
+TOP-1779027-freebsd-25314.patch
+TOP-1722226-aarch64-webrtc-25315.patch
+TOP-NOBUG-nsslink-25315.patch
+TOP-NOBUG-fixtests-25315.patch
+TOP-NOBUG-nonodedefault-25315.patch
+TOP-1797696-macos11sdk-25315.patch
+TOP-1804537-macostransparent-25315.patch
+TOP-1804537-macosfullscreen-25315.patch
+TOP-1804539-fixlangpack-25316.patch
+TOP-1750671-1only-PARTIAL-98a1.patch
+TOP-1788837-PARTIAL-108a1.patch
+TOP-1807802-shared-tree-styling-25316.patch
+TOP-1584803-rust133.patch
+TOP-1584803-rust135.patch
+TOP-NOBUG-cubeb-25317.patch
+TOP-NOBUG-PLASTER-IOSurface-fix-25317.patch
+TOP-1512450-60.patch
+TOP-NOBUG-PLASTER-wayland-25317.patch
+TOP-NOBUG-PLASTER-Stylo-25314.patch
+TOP-1834230-HTMLTableEditor-tb-td-25317.patch
+TOP-1794292-1-10210.patch
+TOP-1794292-2-10210.patch
+TOP-NOBUG-PLASTER-PY3-Codegen-25317.patch
+TOP-NOBUG-PLASTER-PY3-GenerateCSSPropsGenerated-25317.patch
+TOP-NOBUG-PLASTER-PY3-idl-parser-25317.patch
+TOP-NOBUG-PLASTER-PY3-typelib-25317.patch
+TOP-NOBUG-PLASTER-PY3-check_binary-25317.patch
+TOP-1620143-PARTIAL-PY3-dependentlibs-75a1.patch
+TOP-NOBUG-PLASTER-PY3-25317.patch
+TOP-NOBUG-PLASTER-PY310_support-25314.patch
+TOP-NOBUG-PLASTER-PY311_support-25317.patch
+TOP-NOBUG-enableCE-25318.patch
+TOP-NOBUG-revendor-25318.patch
+TOP-NOBUG-test-fixes-25318.patch
+TOP-NOBUG-PLASTER-fix-strip-25319.patch
+TOP-1707096-91a1.patch
+TOP-1846703-binutilsfix-11504.patch
+TOP-1859635-NSS3901-11506.patch
+TOP-NOBUG-killtelemetry-debugger-25319.patch
+TOP-1864587-angle-11507.patch
+TOP-NOBUG-fixcompile-25319.patch
+TOP-NOBUG-backout1440761-25318.patch
+TOP-1472170-PARTIAL-NOTESTS-63a1.patch
+TOP-1539694-allsettled-68a1-25313.patch
+TOP-1466000-1-optchain-64a1-25313.patch
+TOP-1518661-3-67a1-25319.patch
+TOP-1566143-1to2-optchain-74a1-25313.patch
+TOP-1566143-3-optchain-74a1-25313.patch
+TOP-1610447-optchain-74a1-25313.patch
+TOP-1611777-12-74a1-25313.patch
+TOP-NOBUG-optchain-baselinejit-25313.patch
+TOP-1629106-1-logicassign-25317.patch
+TOP-1629106-2-logicassign-25317.patch
+TOP-NOBUG-PLASTER-25319.patch
+TOP-NOBUG-REGEXP-01-Import-25318.patch
+TOP-NOBUG-REGEXP-02-1361856-1-dotall-76a1-25318.patch
+TOP-NOBUG-REGEXP-03-1537978-68a1-25318.patch
+TOP-NOBUG-REGEXP-04-1539690-68a1-25318.patch
+TOP-NOBUG-REGEXP-05-1546300-68a1-25318.patch
+TOP-NOBUG-REGEXP-06-1504947-10-68a1-25318.patch
+TOP-NOBUG-REGEXP-07-1626713-76a1-25318.patch
+TOP-NOBUG-REGEXP-09-1627356-77a1-25318.patch
+TOP-NOBUG-REGEXP-10-1627838-77a1-25318.patch
+TOP-NOBUG-REGEXP-11-deunify-25318.patch
+TOP-NOBUG-REGEXP-12-1628835-77a1-25318.patch
+TOP-NOBUG-REGEXP-13-1361856-2-76a1-25318.patch
+TOP-NOBUG-REGEXP-14-1629670-77a1-25318.patch
+TOP-NOBUG-REGEXP-15-1630090-1-77a1-25318.patch
+TOP-NOBUG-REGEXP-16-1630090-2-77a1-25318.patch
+TOP-1630383-02-77a1.patch
+TOP-1630383-07-77a1.patch
+TOP-NOBUG-REGEXP-17-1630383-77a1-25318.patch
+TOP-1607405-77a1.patch
+TOP-1636495-1-78a1.patch
+TOP-1636495-2no3-78a1.patch
+TOP-1637199-78a1.patch
+TOP-NOBUG-REGEXP-21-1634135-78a1-25318.patch
+TOP-NOBUG-REGEXP-22-1637977-78a1-25318.patch
+TOP-NOBUG-REGEXP-23-1637913-78a1-25318.patch
+TOP-NOBUG-REGEXP-24-1631504-77a1-25318.patch
+TOP-NOBUG-REGEXP-25-1362154-1to4-78a1-25318.patch
+TOP-NOBUG-REGEXP-26-1362154-5to9-78a1-25318.patch
+TOP-NOBUG-REGEXP-27-1640487-78a1-25318.patch
+TOP-NOBUG-REGEXP-28-1640592-78a1-25318.patch
+TOP-NOBUG-REGEXP-29-1640475-78a1-25318.patch
+TOP-NOBUG-REGEXP-30-1640479-78a1-25318.patch
+TOP-NOBUG-REGEXP-31-1640473-78a1-25318.patch
+TOP-NOBUG-REGEXP-32-1638154-78a1-25318.patch
+TOP-NOBUG-REGEXP-33-1641352-79a1-25318.patch
+TOP-NOBUG-REGEXP-34-1361856-1-fix-76a1-25318.patch
+TOP-NOBUG-REGEXP-35-1435829-66a1-25318.patch
+TOP-NOBUG-REGEXP-36-1590543-73a1-25318.patch
+TOP-NOBUG-REGEXP-37-1642493-79a1-25318.patch
+TOP-NOBUG-REGEXP-38-1662073-82a1-25318.patch
+TOP-NOBUG-REGEXP-39-1681084-1-85a1-25318.patch
+TOP-NOBUG-REGEXP-40-1644590-79a1-25318.patch
+TOP-NOBUG-REGEXP-41-1667094-83a1-25318.patch
+TOP-NOBUG-REGEXP-42-1643171-79a1-25318.patch
+TOP-NOBUG-REGEXP-43-1691184-88a1-25318.patch
+TOP-NOBUG-REGEXP-44-irregexp-25318.patch
+TOP-NOBUG-REGEXP-45-final-25318.patch
+TOP-NOBUG-REGEXP-46-fixes-25318.patch
+TOP-NOBUG-REGEXP-47-fixes-25319.patch