import changes from `dev' branch of rmottola/Arctic-Fox:

- Bug 1240330 - mozAlarm debug messages are turned on r=khuey (aa938a4371)
- fix (cdc44e8bc8)
- Bug 1239788 - Don't include non-main-thread assertions in the constructor enabled check for [Exposed=System] WebIDL interfaces; r=bzbarsky (5d05b4066a)
- Bug 1247346. Slot indices on IDL interface members that get a slot should be per-interface, not a single per-member number. r=peterv (640231c37e)
- Bug 1157469 - null check wrapper in case WrapNode fails, r=bholley (9fd9b038db)
- Bug 1242211 - Mark MozMapRooter as final; r=baku (f3b5cc7728)
- Bug 1243438. Don't try to include the filename '<unknown>' when including headers for unions that have a built-in typedef they're referenced by. r=peterv (781d1ec0af)
- Bug 1241021 part 1: Refactor GenerateCSS2PropertiesWebIDL.py to invoke a helper function for each line. r=bz (258b031fd8)
- Bug 1241021 part 2: Make GenerateCSS2PropertiesWebIDL.py produce capitalized as well as uncapitalized WebkitFoo/webkitFoo DOM style accessors. r=bz (0bf2ec95ae)
- Bug 1241021 part 3: Refactor CSS mochitest test_initial_storage.html to perform its DOM accessor consistency-checks via a helper-function. r=bz (3a0c1a1678)
- Bug 1241021 part 4: Extend mochitest test_initial_storage.html to test that uppercase Webkit DOM accessors for css properties are functional. r=bz (5a6a23c7ab)
- Bug 1240592 - Remove unnecessary -Wno-uninitialized from dom/bindings. r=khuey (c854f7b397)
- Bug 1200341 - Implement HKDF for WebCrypto r=rbarnes,smaug (2c830d65a1)
- Bug 1200341 - Use BufferSource instead of CryptoOperationData in the SubtleCrypto WebIDL spec r=smaug (8cece95b5c)
- Bug 1191936 - Implement RSA-PSS key generation r=rbarnes (ec9654595c)
- Bug 1191936 - Implement RSA-PSS signing and verification r=rbarnes,smaug (7653bdfced)
- Bug 1204763 follow-up: Fix the comments, DONTBUILD (8b26e6f3a9)
- Reformat clang-plugin.cpp using clang-format, no bug (9346eda9f4)
- Bug 1214037 - Don't consider the result of an assignment expression MOZ_MUST_USE, r=ehsan (70c7830c3a)
- Bug 1242789 - Allow lambdas to capture raw pointers to refcounted objects by reference, r=ehsan (e7158a7746)
- Bug 1238042 - Add about:checkerboard. r=ehsan,botond (f234ce7fa0)
- Bug 1237177. Make the this-rebinding callable proxy sandboxes use return the prototype of its target, not its own null prototype. r=efaust (694a8081dc)
- Bug 1248521 - Pack PrefHashEntry better. r=froydnj. (55e9d609fe)
- Bug 1240453 - enable shared memory in xpconnect. r=bz (58db0b406e)
- Bug 1202014 - Don't use-after-move in ActorsChild.cpp, r=khuey (382e7183c0)
- Bug 1136762 - TSan: data race xpcom/io/nsPipe3.cpp:1061 CloseWithStatus. r=nfroyd. (68fd82971d)
- Bug 1237668 - Remove nsSimpleUnicharStreamFactory r=froydnj (8bb6ec081c)
- Bug 1189998, Part 4 - Add authentication secret to Push data test. r=dragana (122a0bd5f9)
- Bug 1205137 - Add a PushSubscription serializer. r=mt,smaug (aa9e847c42)
- Bug 1232910 - Use channel.asyncOpen2 within dom/push/PushServiceHttp2.jsm. r=sicking r=dragana (a2f483a983)
- Bug 1246632 - Fix ackMsgRecv in PushServiceHttp2.js. r=kitcambridge (c1559e0539)
- Bug 1240615 - Make PushService protocol init method return a Promise. r=kitcambridge (4d52dc6a41)
- Bug 1246784 - Expose Console to the WorkerDebuggerGlobalScope, r=khuey (a992fdc555)
- misspatch (33708903c4)
- Bug 1207494 - Part 5: Remove use of expression closure from dom/contacts/. r=reuben (256b3831a4)
- Bug 1207494 - Part 4: Remove use of expression closure from dom/canvas/. r=gw280 (1666e49673)
- Bug 1207494 - Part 3: Remove use of expression closure from dom/browser-element/. r=smaug (a891769373)
- Bug 1207494 - Part 2: Remove use of expression closure from dom/base/test/. r=peterv (01762e3181)
- Bug 1207494 - Part 1: Remove use of expression closure from dom/apps/. r=ferjm (2474c8619b)
- Bug 1247108 - Pass securityFlag when creating a new channel within webapps (r=fabrice) (8305294f26)
- Bug 1219004 - Improve error management in getFullAppByManifestURL r=ferjm (c3ad64df7a)
- revert contains/includes (29c60a77e5)
- Bug 1147562 - Update remaining callsites of newChannel before landing the shim in dom/ (r=sicking) (0cd64e20e1)
- Bug 1243924 - Convert remaining callsites within dom/ to use channel.open2() (r=sicking) (43b01f88ba)
- Bug 1162658 - Update FormData to match latest spec, r=smaug (a42ca52ad5)
- Bug 1208895 - Fix a typo in nsGenericHTMLElement::GetItemId(); r=baku (2d6f2d79f4)
- Bug 1223523. The named getter on document should not return images with an empty name. r=peterv (da3d1f52f5)
- Bug 1183491. Null-check the document we get from our contentWindow in the contentDocument getter, because apparently it can end up null. r=bkelly (3002a4375c)
- Bug 1203430 - Intermittent crash in PNeckoChild::SendHTMLDNSPrefetch. r=jdm (3b82b57cbf)
- Bug 893332, part 1 - Rename misnamed SetValidityState/GetValidityState arguments. r=baku (d403b12c9a)
- Bug 893332, part 2 - Update validity state before asserting range underflow state. r=baku (a4cbce224c)
- Bug 893332, part 3 - Don't assert range underflow state under the parser. r=baku (763e99ed8e)
- Bug 893332, part 4 - Crashtests. r=baku (7cdcdc02c4)
- Bug 1240336 Setting same value to either <input> or <textarea> shouldn't cause committing existing composition r=ehsan (5cc2c35dbb)
- Bug 1228708. Fix UndoManager to correctly suppress exceptions it wants to suppress on ErrorResults. r=smaug (905207a3b4)
- Bug 1230295 - Add telemetry to report when Ogg chaining is used. r=rillian,r=vladan (e47c49f508)

dom/html/HTMLInputElement.cpp

@@ -1175,7 +1175,6 @@ HTMLInputElement::AfterSetAttr(int32_t aNameSpaceID, nsIAtom* aName,
       UpdateTypeMismatchValidityState();
     } else if (aName == nsGkAtoms::max) {
       UpdateHasRange();
-      UpdateRangeOverflowValidityState();
       if (mType == NS_FORM_INPUT_RANGE) {
         // The value may need to change when @max changes since the value may
         // have been invalid and can now change to a valid value, or vice
@@ -1193,25 +1192,34 @@ HTMLInputElement::AfterSetAttr(int32_t aNameSpaceID, nsIAtom* aName,
         nsresult rv =
           SetValueInternal(value, nsTextEditorState::eSetValue_Internal);
         NS_ENSURE_SUCCESS(rv, rv);
-        MOZ_ASSERT(!GetValidityState(VALIDITY_STATE_RANGE_UNDERFLOW),
-                   "HTML5 spec does not allow this");
       }
+      // Validity state must be updated *after* the SetValueInternal call above
+      // or else the following assert will not be valid.
+      // We don't assert the state of underflow during parsing since
+      // DoneCreatingElement sanitizes.
+      UpdateRangeOverflowValidityState();
+      MOZ_ASSERT(mParserCreating ||
+                 mType != NS_FORM_INPUT_RANGE ||
+                 !GetValidityState(VALIDITY_STATE_RANGE_UNDERFLOW),
+                 "HTML5 spec does not allow underflow for type=range");
     } else if (aName == nsGkAtoms::min) {
       UpdateHasRange();
+      if (mType == NS_FORM_INPUT_RANGE) {
+        // See @max comment
+        nsAutoString value;
+        GetValue(value);
+        nsresult rv =
+          SetValueInternal(value, nsTextEditorState::eSetValue_Internal);
+        NS_ENSURE_SUCCESS(rv, rv);
+      }
+      // See corresponding @max comment
       UpdateRangeUnderflowValidityState();
       UpdateStepMismatchValidityState();
-      if (mType == NS_FORM_INPUT_RANGE) {
-        // See @max comment
-        nsAutoString value;
-        GetValue(value);
-        nsresult rv =
-          SetValueInternal(value, nsTextEditorState::eSetValue_Internal);
-        NS_ENSURE_SUCCESS(rv, rv);
-        MOZ_ASSERT(!GetValidityState(VALIDITY_STATE_RANGE_UNDERFLOW),
-                   "HTML5 spec does not allow this");
-      }
+      MOZ_ASSERT(mParserCreating ||
+                 mType != NS_FORM_INPUT_RANGE ||
+                 !GetValidityState(VALIDITY_STATE_RANGE_UNDERFLOW),
+                 "HTML5 spec does not allow underflow for type=range");
     } else if (aName == nsGkAtoms::step) {
-      UpdateStepMismatchValidityState();
       if (mType == NS_FORM_INPUT_RANGE) {
         // See @max comment
         nsAutoString value;
@@ -1219,9 +1227,13 @@ HTMLInputElement::AfterSetAttr(int32_t aNameSpaceID, nsIAtom* aName,
         nsresult rv =
           SetValueInternal(value, nsTextEditorState::eSetValue_Internal);
         NS_ENSURE_SUCCESS(rv, rv);
-        MOZ_ASSERT(!GetValidityState(VALIDITY_STATE_RANGE_UNDERFLOW),
-                   "HTML5 spec does not allow this");
       }
+      // See corresponding @max comment
+      UpdateStepMismatchValidityState();
+      MOZ_ASSERT(mParserCreating ||
+                 mType != NS_FORM_INPUT_RANGE ||
+                 !GetValidityState(VALIDITY_STATE_RANGE_UNDERFLOW),
+                 "HTML5 spec does not allow underflow for type=range");
     } else if (aName == nsGkAtoms::dir &&
                aValue && aValue->Equals(nsGkAtoms::_auto, eIgnoreCase)) {
       SetDirectionIfAuto(true, aNotify);
@@ -5562,14 +5574,14 @@ HTMLInputElement::SubmitNamesValues(nsFormSubmission* aFormSubmission)
     const nsTArray<RefPtr<File>>& files = GetFilesInternal();
 
     for (uint32_t i = 0; i < files.Length(); ++i) {
-      aFormSubmission->AddNameFilePair(name, files[i]);
+      aFormSubmission->AddNameBlobPair(name, files[i]);
     }
 
     if (files.IsEmpty()) {
       RefPtr<BlobImpl> blobImpl =
-        new BlobImplEmptyFile(NS_LITERAL_STRING("application/octet-stream"));
-      RefPtr<File> file = File::Create(OwnerDoc()->GetInnerWindow(), blobImpl);
-      aFormSubmission->AddNameFilePair(name, file);
+        new EmptyBlobImpl(NS_LITERAL_STRING("application/octet-stream"));
+      RefPtr<Blob> blob = Blob::Create(OwnerDoc()->GetInnerWindow(), blobImpl);
+      aFormSubmission->AddNameBlobPair(name, blob);
     }
 
     return NS_OK;