diff --git a/bug1375074-save-restore-x28.patch b/bug1375074-save-restore-x28.patch new file mode 100644 index 0000000..57a83a2 --- /dev/null +++ b/bug1375074-save-restore-x28.patch @@ -0,0 +1,74 @@ +# HG changeset patch +# User Lars T Hansen +# Date 1519822672 -3600 +# Wed Feb 28 13:57:52 2018 +0100 +# Node ID 672f0415217b202ae59a930769dffd9d6ba6b87c +# Parent 825fd04dacc6297d3a980ec4184079405950b35d +Bug 1375074 - Save and restore non-volatile x28 on ARM64 for generated unboxed object constructor. + +diff --git a/js/src/jit-test/tests/bug1375074.js b/js/src/jit-test/tests/bug1375074.js +new file mode 100644 +--- /dev/null ++++ b/js/src/jit-test/tests/bug1375074.js +@@ -0,0 +1,18 @@ ++// This forces the VM to start creating unboxed objects and thus stresses a ++// particular path into generated code for a specialized unboxed object ++// constructor. ++ ++var K = 2000; // 2000 should be plenty ++var s = "["; ++var i; ++for ( i=0; i < K-1; i++ ) ++ s = s + `{"i":${i}},`; ++s += `{"i":${i}}]`; ++var v = JSON.parse(s); ++ ++assertEq(v.length == K, true); ++ ++for ( i=0; i < K; i++) { ++ assertEq(v[i] instanceof Object, true); ++ assertEq(v[i].i, i); ++} +diff --git a/js/src/vm/UnboxedObject.cpp b/js/src/vm/UnboxedObject.cpp +--- a/js/src/vm/UnboxedObject.cpp ++++ b/js/src/vm/UnboxedObject.cpp +@@ -95,7 +95,15 @@ UnboxedLayout::makeConstructorCode(JSCon + #endif + + #ifdef JS_CODEGEN_ARM64 +- // ARM64 communicates stack address via sp, but uses a pseudo-sp for addressing. ++ // ARM64 communicates stack address via sp, but uses a pseudo-sp (PSP) for ++ // addressing. The register we use for PSP may however also be used by ++ // calling code, and it is nonvolatile, so save it. Do this as a special ++ // case first because the generic save/restore code needs the PSP to be ++ // initialized already. ++ MOZ_ASSERT(PseudoStackPointer64.Is(masm.GetStackPointer64())); ++ masm.Str(PseudoStackPointer64, vixl::MemOperand(sp, -16, vixl::PreIndex)); ++ ++ // Initialize the PSP from the SP. + masm.initStackPtr(); + #endif + +@@ -233,7 +241,22 @@ UnboxedLayout::makeConstructorCode(JSCon + masm.pop(ScratchDoubleReg); + masm.PopRegsInMask(savedNonVolatileRegisters); + ++#ifdef JS_CODEGEN_ARM64 ++ // Now restore the value that was in the PSP register on entry, and return. ++ ++ // Obtain the correct SP from the PSP. ++ masm.Mov(sp, PseudoStackPointer64); ++ ++ // Restore the saved value of the PSP register, this value is whatever the ++ // caller had saved in it, not any actual SP value, and it must not be ++ // overwritten subsequently. ++ masm.Ldr(PseudoStackPointer64, vixl::MemOperand(sp, 16, vixl::PostIndex)); ++ ++ // Perform a plain Ret(), as abiret() will move SP <- PSP and that is wrong. ++ masm.Ret(vixl::lr); ++#else + masm.abiret(); ++#endif + + masm.bind(&failureStoreOther); + diff --git a/build-aarch64-skia.patch b/build-aarch64-skia.patch new file mode 100644 index 0000000..33d2d35 --- /dev/null +++ b/build-aarch64-skia.patch @@ -0,0 +1,21 @@ +diff -up firefox-60.0/gfx/skia/skia/src/jumper/SkJumper_stages.cpp.aarch64-skia firefox-60.0/gfx/skia/skia/src/jumper/SkJumper_stages.cpp +--- firefox-60.0/gfx/skia/skia/src/jumper/SkJumper_stages.cpp.aarch64-skia 2018-04-20 12:07:26.242037226 +0200 ++++ firefox-60.0/gfx/skia/skia/src/jumper/SkJumper_stages.cpp 2018-04-20 12:12:58.916428432 +0200 +@@ -666,7 +666,7 @@ SI F approx_powf(F x, F y) { + } + + SI F from_half(U16 h) { +-#if defined(__aarch64__) && !defined(SK_BUILD_FOR_GOOGLE3) // Temporary workaround for some Google3 builds. ++#if 0 && defined(__aarch64__) && !defined(SK_BUILD_FOR_GOOGLE3) // Temporary workaround for some Google3 builds. + return vcvt_f32_f16(h); + + #elif defined(JUMPER_IS_HSW) || defined(JUMPER_IS_AVX512) +@@ -686,7 +686,7 @@ SI F from_half(U16 h) { + } + + SI U16 to_half(F f) { +-#if defined(__aarch64__) && !defined(SK_BUILD_FOR_GOOGLE3) // Temporary workaround for some Google3 builds. ++#if 0 && defined(__aarch64__) && !defined(SK_BUILD_FOR_GOOGLE3) // Temporary workaround for some Google3 builds. + return vcvt_f16_f32(f); + + #elif defined(JUMPER_IS_HSW) || defined(JUMPER_IS_AVX512) diff --git a/build-jit-atomic-always-lucky.patch b/build-jit-atomic-always-lucky.patch new file mode 100644 index 0000000..31bc5ec --- /dev/null +++ b/build-jit-atomic-always-lucky.patch @@ -0,0 +1,30 @@ +diff -up firefox-57.0b5/js/src/jit/AtomicOperations.h.jit-atomic-lucky firefox-57.0b5/js/src/jit/AtomicOperations.h +--- firefox-57.0b5/js/src/jit/AtomicOperations.h.jit-atomic-lucky 2017-10-06 12:34:02.338973607 +0200 ++++ firefox-57.0b5/js/src/jit/AtomicOperations.h 2017-10-06 12:38:24.632622215 +0200 +@@ -415,7 +415,7 @@ AtomicOperations::isLockfreeJS(int32_t s + #elif defined(__s390__) || defined(__s390x__) + # include "jit/none/AtomicOperations-feeling-lucky.h" + #else +-# error "No AtomicOperations support provided for this platform" ++# include "jit/none/AtomicOperations-feeling-lucky.h" + #endif + + #endif // jit_AtomicOperations_h +diff -up firefox-57.0b5/js/src/jit/none/AtomicOperations-feeling-lucky.h.jit-atomic-lucky firefox-57.0b5/js/src/jit/none/AtomicOperations-feeling-lucky.h +--- firefox-57.0b5/js/src/jit/none/AtomicOperations-feeling-lucky.h.jit-atomic-lucky 2017-09-19 06:18:28.000000000 +0200 ++++ firefox-57.0b5/js/src/jit/none/AtomicOperations-feeling-lucky.h 2017-10-06 12:34:02.338973607 +0200 +@@ -79,6 +79,14 @@ + # define GNUC_COMPATIBLE + #endif + ++#ifdef __s390__ ++# define GNUC_COMPATIBLE ++#endif ++ ++#ifdef __s390x__ ++# define GNUC_COMPATIBLE ++#endif ++ + // The default implementation tactic for gcc/clang is to use the newer + // __atomic intrinsics added for use in C++11 . Where that + // isn't available, we use GCC's older __sync functions instead. diff --git a/rhbz-1354671.patch b/rhbz-1354671.patch new file mode 100644 index 0000000..6ee89b7 --- /dev/null +++ b/rhbz-1354671.patch @@ -0,0 +1,12 @@ +diff -up firefox-53.0/layout/base/nsIPresShell.h.1354671 firefox-53.0/layout/base/nsIPresShell.h +--- firefox-53.0/layout/base/nsIPresShell.h.1354671 2017-04-27 13:07:43.808653320 +0200 ++++ firefox-53.0/layout/base/nsIPresShell.h 2017-04-27 13:09:40.404427641 +0200 +@@ -212,7 +212,7 @@ public: + * to the same aSize value. AllocateFrame is infallible and will abort + * on out-of-memory. + */ +- void* AllocateFrame(nsQueryFrame::FrameIID aID, size_t aSize) ++ void* __attribute__((optimize("no-lifetime-dse"))) AllocateFrame(nsQueryFrame::FrameIID aID, size_t aSize) + { + void* result = mFrameArena.AllocateByFrameID(aID, aSize); + RecordAlloc(result); diff --git a/thunderbird.spec b/thunderbird.spec index ba27549..faa5c66 100644 --- a/thunderbird.spec +++ b/thunderbird.spec @@ -105,12 +105,16 @@ Source21: thunderbird.sh.in # Mozilla (XULRunner) patches Patch9: mozilla-build-arm.patch Patch26: build-icu-big-endian.patch +Patch37: build-jit-atomic-always-lucky.patch +Patch40: build-aarch64-skia.patch +Patch226: rhbz-1354671.patch +Patch415: Bug-1238661---fix-mozillaSignalTrampoline-to-work-.patch +Patch417: bug1375074-save-restore-x28.patch # Build patches Patch103: rhbz-1219542-s390-build.patch Patch104: firefox-gcc-6.0.patch - # PPC fix Patch304: mozilla-1245783.patch Patch305: build-big-endian.patch @@ -228,6 +232,17 @@ debug %{name}, you want to install %{name}-debuginfo instead. # Patch for big endian platforms only %if 0%{?big_endian} %patch26 -p1 -b .icu +%patch37 -p1 -b .jit-atomic-lucky +%patch40 -p1 -b .aarch64-skia +#ARM run-time patch +%ifarch aarch64 +%patch226 -p1 -b .1354671 +%endif +%ifarch %{arm} +%patch415 -p1 -b .mozilla-1238661 +%endif +%patch417 -p1 -b .bug1375074-save-restore-x28 + %patch305 -p1 -b .big-endian %patch306 -p1 -b .1353817 %endif