| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
| |
Method and enum name differed in Chromium 69.
Change-Id: I72b34348f78aca1d9a1bef77808ab0d5b8536dbb
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
| |
ChangeOp used to be a static method in NodeProperties.
Change-Id: I9c4e0fa49fb9aac9eb4fbf0ba696f8d2ac4745e9
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally submitted as
https://gitlab.freedesktop.org/freetype/freetype/-/merge_requests/23/commits?commit_id=fb1beb00342d6905af5727b924ce6d8d80dcecaa:
Prevent glyph program state from persisting
FDEF instructions are specified as allowed only in 'prep' or 'fpgm'.
FreeType has attempted to prevent their use in the glyph program, but
they were still allowed in glyph program if defined in a function
defined in 'prep' or 'fpgm' and called from the glyph program.
Similarly, IDEF instructions are specified not to be able to modify any
existing instruction. FreeType has attempted to prevent their use in the
glyph program, but they can still be used like FDEF.
This change stores the initial bytecode range type and disallows the use
of FDEF and IDEF while running the glyph program.
Most other state is copied from the TT_Size into the execution context.
However, it is possible for a glyph program to use WS to write to the
storage area or WCVTP, WCVTF, and DELTAC1-3 to write to the control
value table.
Allowing any change to the global state from the glyph program is
problematic as the outlines of any given glyph may change based on the
order the glyphs are loaded or even how many times they are loaded.
There exist fonts which write to the storage area or the control value
table in the glyph program, so their use should not be an error.
Possible solutions to using these in the glyph program are
* ignore the writes.
* value level copy on write, discard modified values when finished.
* array level copy on write, discard the copy when finished.
* array level copy up front.
Ignoring the writes may break otherwise good uses. A full copy up front
was implemented, but was quite heavy as even well behaved fonts required
a full copy and the memory management that goes along with it. Value
level copy on write could use less memory but requires a great deal more
record keeping and complexity. This change implements array level copy
on write. If any attempt is made to write to the control value table or
the storage area when the initial bytecode range was in a glyph program
then the relevant array will be copied to a designated storage area and
the copy used for the rest of the glyph program's execution.
Change-Id: I65887f866c37321744e59f2e64b80f2b056a11a7
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2856118:
Replace std::vector with base::ObserverList to support container modification while iterating
TaskTracker saves list of viewers in vector, that needs to be notified
when distillation is completed. At the time of notifying the viewers,
we are indirectly erasing viewers from vector while iterating.
This is causing container-overflow in asan build when vector has more
than one viewer while notifying.
This change is to replace vector with ObserverList that can be modified
during iteration without invalidating the iterator.
Bug: 1203590
Change-Id: I7c7b8237584c48c9ebc2639b9268a6a78c2db4b2
Reviewed-by: Matt Jones <mdjones@chromium.org>
Commit-Queue: Akhila Veerapuraju <dhveerap@microsoft.com>
Cr-Commit-Position: refs/heads/master@{#877492}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2840452:
[compiler] Fix more truncation bugs in SimplifiedLowering
Bug: chromium:1200490
Change-Id: I3555b6d99bdb4b4e7c302a43a82c17e8bff84ebe
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74097}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2883604:
FileAPI: Terminate FileReaderLoader before dispatching onabort event.
Otherwise FileReader could end up in an inconsistent state where a load
is still in progress while the state was set to done.
Bug: 1201073
Change-Id: Ib2c833537e1badc57d125568d5d35f53f12582a8
Reviewed-by: Austin Sullivan <asully@chromium.org>
Commit-Queue: Marijn Kruisselbrink <mek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#877579}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2681148
Set mode for top-level module worker scripts to kSameOrigin
Bug: 1175503
Change-Id: I9a744da07beea87564b9563656c8ba81325d9a13
Commit-Queue: Hiroshige Hayashizaki <hiroshige@chromium.org>
Reviewed-by: Dominic Farolino <dom@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#851900}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2833911:
Merged: [turbofan] Harden ArrayPrototypePop and ArrayPrototypeShift
Revision: d4aafa4022b718596b3deadcc3cdcb9209896154
TBR=glazunov@chromium.org
BUG=chromium:1198696
NOTRY=true
NOPRESUBMIT=true
NOTREECHECKS=true
Change-Id: I1840ffabbed3a3caab75b0abea1d37d9ed446d3f
Reviewed-by: Georg Neis <neis@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/branch-heads/9.0@{#39}
Cr-Branched-From: bd0108b4c88e0d6f2350cb79b5f363fbd02f3eb7-refs/heads/9.0.257@{#1}
Cr-Branched-From: 349bcc6a075411f1a7ce2d866c3dfeefc2efa39d-refs/heads/master@{#73001}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport and adaptation to BindingSet of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2778871:
Never fail in ReceiverSet::Add
Because of how UniqueReceiverSet is implemented and used, it is
dangerous to allow Add() to fail: callers reasonably assume that added
objects are still alive immediately after the Add() call.
This changes ReceiverId to a uint64 and simply CHECK-fails on
insert collision.
This fundamentally increases binary size of 32-bit builds, because
a widely used 32-bit data type is expanding to 64 bits for the sake
of security and stability. It is effectively unavoidable for now, and
also just barely above the tolerable threshold.
A follow-up (but less backwards-mergeable) change should be able to
reduce binary size beyond this increase by consolidating shared
code among ReceiverSet template instantiations.
Fixed: 1185732
Change-Id: I9acf6aaaa36e10fdce5aa49a890173caddc13c52
Binary-Size: Unavoidable (see above)
Commit-Queue: Ken Rockot <rockot@google.com>
Auto-Submit: Ken Rockot <rockot@google.com>
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#865815}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2835705:
Fix off-by-one error in kAdditiveSafeInteger
Bug: chromium:1198705
Change-Id: I6b3ad82754e1ca72701ce57f16c4f085f8c87f77
Auto-Submit: Georg Neis <neis@chromium.org>
Commit-Queue: Nico Hartmann <nicohartmann@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#74033}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2839559:
Merged: [compiler] Fix a bug in VisitSpeculativeIntegerAdditiveOp
Revision: 9313c4ce3f32ad81df1c65becccec7e129181ce3
BUG=chromium:1199345
NOTRY=true
NOPRESUBMIT=true
NOTREECHECKS=true
R=nicohartmann@chromium.org
Change-Id: I0ee9f13815b1a7d248d4caa506c6930697e1866c
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/branch-heads/9.0@{#41}
Cr-Branched-From: bd0108b4c88e0d6f2350cb79b5f363fbd02f3eb7-refs/heads/9.0.257@{#1}
Cr-Branched-From: 349bcc6a075411f1a7ce2d866c3dfeefc2efa39d-refs/heads/master@{#73001}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2826321:
[views] Handle window deletion during HandleDisplayChange.
In principle there is no reason why the HWNDMessageHandler shouldn't be
deleted by a HandleDisplayChange() call out to the delegate, e.g. if the
change results in a change in window layout.
(cherry picked from commit 299155e5e37a77670b7969771e09e9a16b1f5612)
Bug: 1192552
Change-Id: I9fca35ff32e7037c6492f4cee7069e272059b920
Auto-Submit: Wez <wez@chromium.org>
Commit-Queue: Scott Violet <sky@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#869603}
Cr-Commit-Position: refs/branch-heads/4430@{#1291}
Cr-Branched-From: e5ce7dc4f7518237b3d9bb93cccca35d25216cbe-refs/heads/master@{#857950}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2837712:
M86-LTS: Mojo: Properly validate broadcast events
This corrects broadcast event deserialization by adding a missing
validation step when decoding the outer message header.
(cherry picked from commit 6740adb28374ddeee13febfd5e5d20cb8a365979)
Fixed: 1195308
Change-Id: Ia67a20e48614e7ef00b1b32f7f4e5f20235be310
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Commit-Queue: Ken Rockot <rockot@google.com>
Cr-Original-Commit-Position: refs/heads/master@{#870238}
Owners-Override: Achuith Bhandarkar <achuith@chromium.org>
Auto-Submit: Achuith Bhandarkar <achuith@chromium.org>
Reviewed-by: Artem Sumaneev <asumaneev@google.com>
Commit-Queue: Achuith Bhandarkar <achuith@chromium.org>
Cr-Commit-Position: refs/branch-heads/4240@{#1614}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/deps/sqlite/+/2730249:
Fix a couple of memory-sanitizer complaints that could be triggered by a corrupt database.
Cherry-picking from https://www.sqlite.org/src/info/39c8686cabe6c437
FossilOrigin-Name:
9c8686cabe6c437ba4860aade49a701c4f5772b97d9fbe6cb9a394e85b9c092
Bug: 1181276, 1175522
Change-Id: Icc7e115ec54789fab59c03071dccf97987d5ac7f
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of commit originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2792423:
Don't erase InterpolationTypes used by other documents
A registered custom property in one document caused the entry for the
same custom property (unregistered) used in another document to be
deleted, which caused a use-after-free.
Only store the CSSDefaultInterpolationType for unregistered custom
properties and never store registered properties in the map. They may
have different types in different documents when registered.
Bug: 1192054
Change-Id: I1af03d0a298795db99acc9c62f0d0fff8a5e801d
Commit-Queue: Rune Lillesveen <futhark@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#867692}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2799973:
Fix Mac crash due to use after free of BlinkScrollbarPartAnimation
What is happening is that the BlinkScrollbarPartAnimation instance
passed to BlinkScrollbarPartAnimationTimer is released while
the BlinkScrollbarPartAnimationTimer::TimerFired method runs as
part of BlinkScrollbarPartAnimation::setCurrentProgress call,
during the execution of ScrollbarPainter::setKnobAlpha which ends
up calling BlinkScrollbarPainterDelegate::setUpAlphaAnimation
through a chain of observers.
BlinkScrollbarPainterDelegate::setUpAlphaAnimation releases the
BlinkScrollbarPartAnimation instance which gets deallocated.
BlinkScrollbarPartAnimation::setCurrentProgress continues execution
after ScrollbarPainter::setKnobAlpha returns, but the _scrollbar
pointer is overwritten with garbage and when SetNeedsPaintInvalidation
is called the crash happens.
We retain self in BlinkScrollbarPartAnimation::setCurrentProgress
while it runs and release self before exit. By retaining self
Objective C runtime won't free BlinkScrollbarPartAnimation
while BlinkScrollbarPartAnimationTimer is running and the crash
should be avoided.
(cherry picked from commit 19207bea6bd8472aa4203db328fc7f51826956d4)
Bug: 1183276, 1189926, 1193025
Change-Id: Ibd5092a1dbae53bc21940c43883536624d1b03f3
Commit-Queue: Robert Flack <flackr@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#867587}
Commit-Queue: Liviu Tinta <liviutinta@chromium.org>
Cr-Commit-Position: refs/branch-heads/4430@{#979}
Cr-Branched-From: e5ce7dc4f7518237b3d9bb93cccca35d25216cbe-refs/heads/master@{#857950}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2787756:
DevTools: expect PageHandler may be destroyed during Page.navigate
Bug: 1188889
Change-Id: I5c2fcca84834d66c46d77a70683212c2330177a5
Commit-Queue: Andrey Kosyakov <caseq@chromium.org>
Reviewed-by: Dmitry Gozman <dgozman@chromium.org>
Reviewed-by: Karan Bhatia <karandeepb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#867507}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2727306:
Fix removal of observers in NetworkStateNotifier
The NetworkStateNotifier has a per-thread list of observer pointers. If
one is deleted mid-iteration, what we do is replace the pointer in the
list with a 0, and add the index to the zeroed list of observers to
remove after iteration completes. Well, the removal step was broken
for cases where there were multiple elements to remove. It didn't adjust
for the fact that the indexes shifted after each removal.
Bug: 1170148
Change-Id: I446acaae5f8a805a58142848634a0ee8c5f90882
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Josh Karlin <jkarlin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#858853}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2808893:
Mojo: Remove some inappropriate DCHECKs
There are a few places where we DCHECK conditions that cannot be
reliably asserted since they depend on untrusted inputs. These are
replaced with logic to conditionally terminate the connection to the
offending peer process.
Fixed: 1195333
Change-Id: I0c6873bf55d6b0b1d0cbb3c2e5b256e1a57ff696
Reviewed-by: Robert Sesek <rsesek@chromium.org>
Commit-Queue: Ken Rockot <rockot@google.com>
Cr-Commit-Position: refs/heads/master@{#870007}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2821879:
Forbid script execution while updating the paint lifecycle.
(cherry picked from commit 5425d3b100fab533ea9ddc2ed8fbfc4870db0587)
Bug: 1196781
Change-Id: Idc8d24792d5c413691977b09ca821de4e13887ad
Commit-Queue: Adrian Taylor <adetaylor@chromium.org>
Commit-Queue: Robert Flack <flackr@chromium.org>
Reviewed-by: Xianzhu Wang <wangxianzhu@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#870275}
Reviewed-by: Robert Flack <flackr@chromium.org>
Reviewed-by: Achuith Bhandarkar <achuith@chromium.org>
Reviewed-by: Victor-Gabriel Savu <vsavu@google.com>
Commit-Queue: Jana Grill <janagrill@chromium.org>
Cr-Commit-Position: refs/branch-heads/4240@{#1601}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
for x86_64
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2820971:
[compiler][x64] Fix bug in InstructionSelector::ChangeInt32ToInt64
Bug: chromium:1196683
Change-Id: Ib4ea738b47b64edc81450583be4c80a41698c3d1
Commit-Queue: Georg Neis <neis@chromium.org>
Reviewed-by: Nico Hartmann <nicohartmann@chromium.org>
Cr-Commit-Position: refs/heads/master@{#73903}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
| |
Added include for SSE instructions.
Change-Id: I0deb6eac8fc2c1e05a88a6b39fb23ce34d8de63b
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
| |
Adjust source file to former subproject structure.
Change-Id: Iea1a9fcd5333a43f9184bf1f32fa181d4ae73123
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2691314:
Use a copy for transferring non detachable buffers
Currently, |DOMArrayBuffer::Transfer()| makes a copy, but still uses
the original buffer for transferring, thus making it possible to share a
regular ArrayBuffer (not SAB) with multiple threads.
Bug: 1177341
Change-Id: Idb48deb1698fe555f32531bc04b55dd3e1fb0a06
Reviewed-by: Srinivas Sista <srinivassista@chromium.org>
Cr-Commit-Position: refs/branch-heads/4145@{#6}
Cr-Branched-From: 247755238324ad7d4f4b4420523b887e49df2e48-refs/heads/master@{#768051}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2636213:
Test for persistent execution context during Animatable::animate.
Prior to the patch, the validity of the execution context was only
checked on entry to the method; however, the execution context can
be invalidated during the course of parsing keyframes or options.
The parsing of options is upstream of Animatable::animate and caught by
the existing check, but invalidation during keyframe parsing could fall
through triggering a crash.
Bug: 1161739
Change-Id: Ic0fc927d1d6ce902592bf92261fd4c506e96afac
Commit-Queue: Kevin Ellis <kevers@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#844622}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Partial cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2748077:
Merged: Squashed multiple commits.
Merged: [const-tracking] Mark const field as mutable when reconfiguring
Revision: 7535b91f7cb22274de734d5da7d0324d8653d626
Merged: [const-tracking] Fix incorrect DCHECK in MapUpdater
Revision: f95db8916a731e6e5ccc0282616bc907ce06012f
BUG=chromium:1161847,chromium:1185463,v8:9233
NOTRY=true
NOPRESUBMIT=true
NOTREECHECKS=true
R=ishell@chromium.org
Change-Id: I4a34bafb3b072f2e788b47949947c76110f1b85c
Reviewed-by: Igor Sheludko <ishell@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/branch-heads/9.0@{#18}
Cr-Branched-From: bd0108b4c88e0d6f2350cb79b5f363fbd02f3eb7-refs/heads/9.0.257@{#1}
Cr-Branched-From: 349bcc6a075411f1a7ce2d866c3dfeefc2efa39d-refs/heads/master@{#73001}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Partial cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2780300:
Merged: [deoptimizer] Fix bug in OptimizedFrame::Summarize
Revision: 3353a7d0b017146d543434be4036a81aaf7d25ae
BUG=chromium:1182647
NOTRY=true
NOPRESUBMIT=true
NOTREECHECKS=true
R=bmeurer@chromium.org
Change-Id: I86abd6a3f34169be5f99aa9f54bb7bb3706fa85a
Reviewed-by: Georg Neis <neis@chromium.org>
Reviewed-by: Benedikt Meurer <bmeurer@chromium.org>
Commit-Queue: Georg Neis <neis@chromium.org>
Cr-Commit-Position: refs/branch-heads/8.9@{#49}
Cr-Branched-From: 16b9bbbd581c25391981aa03180b76aa60463a3e-refs/heads/8.9.255@{#1}
Cr-Branched-From: d16a2a688498bd1c3e6a49edb25d8c4ca56232dc-refs/heads/master@{#72039}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2779918:
Don't use BigBuffer for IPC::Message transport
M86 merge conflicts and resolution:
* ipc/ipc_message_pipe_reader.cc
Fixed extra include.
(cherry picked from commit 85bd7c88523545ab0e497d5e7b3e929793813358)
(cherry picked from commit fad3b9ffe7c7ff82909d911c573bd185aa3b3b50)
Fixed: 1184399
Change-Id: Iddd91ae8d7ae63022b61c96239f5e39261dfb735
Commit-Queue: Ken Rockot <rockot@google.com>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Cr-Original-Original-Commit-Position: refs/heads/master@{#860010}
Auto-Submit: Ken Rockot <rockot@google.com>
Reviewed-by: Adrian Taylor <adetaylor@chromium.org>
Reviewed-by: Alex Gough <ajgo@chromium.org>
Commit-Queue: Alex Gough <ajgo@chromium.org>
Cr-Original-Commit-Position: refs/branch-heads/4389@{#1597}
Cr-Original-Branched-From: 9251c5db2b6d5a59fe4eac7aafa5fed37c139bb7-refs/heads/master@{#843830}
Reviewed-by: Victor-Gabriel Savu <vsavu@google.com>
Reviewed-by: Artem Sumaneev <asumaneev@google.com>
Reviewed-by: Ken Rockot <rockot@google.com>
Auto-Submit: Artem Sumaneev <asumaneev@google.com>
Commit-Queue: Artem Sumaneev <asumaneev@google.com>
Cr-Commit-Position: refs/branch-heads/4240@{#1587}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2779886:
x11/ozone: fix two edge cases
WindowTreeHost::OnHostMovedInPixels() may trigger a nested message
loop (tab dragging), which when the stack unravels means this may
be deleted. This adds an early out if this happens.
X11WholeScreenMoveLoop has a similar issue, in so far as notifying
the delegate may delete this.
BUG=1185482
TEST=WindowTreeHostPlatform.DeleteHostFromOnHostMovedInPixels
(cherry picked from commit 5e3a738b1204941aab9f15c0eb3d06e20fefd96e)
Change-Id: Ieca1c90b3e4358da50b332abe2941fdbb50c5c25
Reviewed-by: Thomas Anderson <thomasanderson@chromium.org>
Commit-Queue: Scott Violet <sky@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#860852}
Cr-Commit-Position: refs/branch-heads/4389@{#1583}
Cr-Branched-From: 9251c5db2b6d5a59fe4eac7aafa5fed37c139bb7-refs/heads/master@{#843830}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport (library update) of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2692542:
Roll src/third_party/libyuv/ 6866adbec..1d3f901aa (17 commits)
https://chromium.googlesource.com/libyuv/libyuv.git/+log/6866adbec5af..1d3f901aa016
$ git log 6866adbec..1d3f901aa --date=short --no-merges --format='%ad %ae %s'
2020-12-25 fbarchard Scale bug fix with msan when scaling up in height and down in width with box filter.
2020-12-22 fbarchard Test Box filter scale plane with 1 dimension growing and the other reducing
2020-12-03 eshr NV12 Copy, include scale_uv.h
2020-11-18 thakis Stop setting mac_xcode_version in DEPS
2020-11-06 libyuv-ci-autoroll-builder Roll chromium_revision 5aaa70b53c..64c8c30faa (822628:824854)
2020-11-03 fbarchard Scale by even factor low level row function
2020-10-30 libyuv-ci-autoroll-builder Roll chromium_revision df9aecfc0b..5aaa70b53c (820568:822628)
2020-10-28 fbarchard PlaneScale, UVScale and ARGBScale test 3x and 4x down sample.
2020-10-27 fbarchard MJPGToNV12 added and build files sorted
2020-10-24 libyuv-ci-autoroll-builder Roll chromium_revision e812106b13..df9aecfc0b (817907:820568)
2020-10-16 libyuv-ci-autoroll-builder Roll chromium_revision 4892423355..e812106b13 (815587:817907)
2020-10-13 fbarchard UVScale down use AVX2 and Neon for aarch32
2020-10-13 fbarchard UVScale down by 4 use SSSE3/NEON
2020-10-12 fbarchard 2x down sample for UV planes ported to SSSE3 / NEON
2020-10-09 libyuv-ci-autoroll-builder Roll chromium_revision ccec2ad009..4892423355 (811963:815587)
2020-10-02 fbarchard I420ToARGB prototype added to convert_from.h
2020-10-01 fbarchard scale neon adjust PRFM instruction to co-issue with math
Created with:
roll-dep src/third_party/libyuv
(cherry picked from commit 1a60856f34aa15def686168c3b392dc37a120c51)
Bug: chromium:1158178, chromium:1062941, libyuv:875, b/176195584
Change-Id: Iecf360198a90acabcbd71e57791634f5e3e861c3
Commit-Queue: Frank Barchard <fbarchard@chromium.org>
Reviewed-by: Frank Barchard <fbarchard@chromium.org>
Reviewed-by: Eugene Zemtsov <eugene@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#839493}
Commit-Queue: Jana Grill <janagrill@chromium.org>
Reviewed-by: Victor-Gabriel Savu <vsavu@google.com>
Cr-Commit-Position: refs/branch-heads/4240@{#1545}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2731577:
Strip url to origin in X-Frame-Options violation messages
X-Frame-Options violations are logged via a console message in the
parent frame. To avoid leaking sensitive data to the parent frame,
let's report as "blocked url" just the origin of the blocked frame's
url, as we are already doing for the frame-ancestors CSP directive.
[M86 Merge]: ancestor_throttle.cc was moved.
(cherry picked from commit 93ce5606cd9a9597993ba70670b4092ab6722281)
Bug: 1146651
Change-Id: If5e5ac62f7e44e714b109e6adc389f11999e0f8b
Commit-Queue: Antonio Sartori <antoniosartori@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Reviewed-by: Arthur Sonzogni <arthursonzogni@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#828651}
Reviewed-by: Achuith Bhandarkar <achuith@chromium.org>
Commit-Queue: Victor-Gabriel Savu <vsavu@google.com>
Cr-Commit-Position: refs/branch-heads/4240@{#1563}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Partial manual backport (library update) of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2600334:
Roll src/third_party/sqlite/src/ 0324bd3ef..d9581878f (171 commits)
https://chromium.googlesource.com/chromium/deps/sqlite.git/+log/0324bd3ef1af..d9581878fcf8
$ git log 0324bd3ef..d9581878f --date=short --no-merges --format='%ad %ae %s'
2020-12-22 huangdarwin Fix SQLITE_OMIT_WINDOWFUNC builds by moving declaration of sqlite3ExpandSubquery out of "ifndef SQLITE_OMIT_WINDOWFUNC" block.
2020-12-22 huangdarwin Amalgamations for release 3.34.0
2020-12-01 drh Version 3.34.0
2020-11-30 Dan Kennedy Update the tea/win/makefile.vc file that ships as part of the autoconf package to use "sqlite3" instead of "tclsqlite3" for the installed dll filename.
2020-11-30 drh Do not reuse the obsolete SQLITE_TESTCTRL_PRNG_RESET value for SQLITE_TESTCTRL_SEEK_COUNT. Give SEEK_COUNT its own unique value. This avoids incompatibility with legacy test code.
2020-11-27 Dan Kennedy Fix a compiler warning in fts5_aux.c.
2020-11-27 Dan Kennedy Add missing cast to fts5 bm25() code.
2020-11-27 Dan Kennedy Remove a redundant "if( rc==SQLITE_OK )" from the fts5 bm25() code.
2020-11-27 Dan Kennedy Move an "if( rc==SQLITE_OK )" to outside a loop body in the fts5 bm25() code.
2020-11-27 Dan Kennedy Fix a case in the FTS5 integrity check where a corrupt database could cause a buffer overread.
2020-11-26 Dan Kennedy Update mkunicode.tcl to match the change erroneously made to machine generated file fts5_unicode2.c in [b7b7bde9].
2020-11-25 drh Update a requirement mark in the e_expr.test script.
2020-11-25 drh Fix harmless compiler warnings about unused function parameters.
2020-11-25 drh Fix a potential NULL pointer dereference in the geopoly_overlap() routine of the GeoPoly extension.
2020-11-25 drh Fix the shell1.test test script so that it works on windows.
2020-11-25 drh Change the -init option to the command-line shell to honor the -bail option. Also change it to report an error if the filename mentioned cannot be opened.
2020-11-24 drh Fix a typo in the sqlite3_txn_state() documentation.
2020-11-24 drh Add the new sqlite3_txn_state() interface to the set of routines accessible by run-time loadables extensions.
2020-11-24 drh Fix a harmless typo in a comment.
2020-11-24 dan Fix a bug in OOM handling code introduced by [6a28713d].
2020-11-24 dan Ensure that super-journal and other journal filenames passed by SQLite to an sqlite3_vfs.xOpen() implementation may be safely passed to sqlite3_uri_parameter() and similar functions.
2020-11-24 drh Remove the VERSION_NUMBER macro from configure.ac as it has been unused since 2009 check-in [7f4810747b086498]. See also [forum:/forumpost/bb2c634fcd|forum post bb2c634fcd].
2020-11-23 drh Syntactic changes to work around a bug in gcov 9.3.0. No changes to the generated code for release builds.
2020-11-23 drh In os_unix.c, put ALWAYS() on unreachable branches associated with pathname normalization.
2020-11-23 dan Fix a test script problem causing crash8.test to fail when run with leak-sanitizer.
2020-11-23 drh Allow "substring()" as an alias for "substr()" for compatibility with other SQL engines.
2020-11-20 dan Add file doc/vdbesort-memory.md, containing notes on the way vdbesort.c uses heap memory.
2020-11-19 drh More test case changes so that shared-cache mode tests all work with normalized database names.
2020-11-19 drh Fix the tkt3793 test case so that work even when filenames are normalized.
2020-11-18 drh Improvements to the mechanism that attempts to report SQLITE_CORRUPT if pread() says that the underlying filesystem is corrupt.
2020-11-18 dan Update cksumvfs.c so that if SQLITE_AMALGAMATION is defined, SQLITE_CKSUMVFS_STATIC is implied.
2020-11-18 dan Add test infrastructure for cksumvfs. And update cksumvfs so that it works in concert with version 2 VFSs. No changes to core SQLite.
2020-11-18 dan Fix a problem causing sqlite3_carray_bind() to return an undefined value.
2020-11-18 dan Update test code to fix a problem with SQLITE_OMIT_VIRTUAL_TABLE builds.
2020-11-18 drh On unix, for certain error codes of read()/pread() return SQLITE_IOERR_CORRUPTFS instead of SQLITE_IOERR_READ. And then convert this error into SQLITE_CORRUPT prior to returning back to the application.
2020-11-17 drh Claw back most of the performance lost in the previous commit.
2020-11-17 dan Fix trivial memory leaks in the shell and sqldiff programs.
2020-11-17 dan Fix test file busy2.test so that it works with the "inmemory_journal" permutation.
2020-11-17 drh Add a single-argument form to the CARRAY table-valued function, with content bound using the sqlite3_carray_bind() interface that is included with the extension.
2020-11-16 drh Enhance the unix VFS so that it removes extra "/", "/./" and "/../" from the database filename.
2020-11-14 drh Modify UPDATE so that two-pass updates on a rowid table use an ephemeral table to store rowids rather than a RowSet. This uses less memory, though it is slower.
2020-11-12 drh Improved diagnostics output with ".wheretrace 0x800". No changes to non-debug builds.
2020-11-11 drh Fix a typo in a comment. No changes to code.
2020-11-08 drh Use NEVER and ALWAYS macros to confirm that the return value from sqlite3ExprSkipCollateAndLikely() is never NULL in some of its use cases.
2020-11-06 drh Add ALWAYS() to conditionals associated with SHM locking that are always true.
2020-11-05 drh Suppress errors associated with TEMP triggers that reference objects in non-TEMP databases. This is a continuation of the fix for ticket #3810 shown in check-in [ba1afc040171810d] from [/timeline?c=trunk:200908061743|2009-08-06], based on a bug report in [forum:/forumpost/157dc791df|forum post 157dc791df]
2020-11-05 drh Remove unused variable from speedtest1.c
2020-11-02 drh Fix an another OSS-Fuzz discovered assertion fault due to ALTER TABLE and strange triggers.
2020-10-31 drh Add the -tabs command-line option to the CLI.
2020-10-31 dan Update the ALTER TABLE command to correctly handle UPDATE ... FROM statements within trigger programs.
(...)
2020-09-15 drh Do not invoke usleep() for more than 999999 microseconds.
2020-09-11 dan Catch fts5 index corruption caused by issuing 'delete' commands with incorrect data earlier in some cases. Also fix a couple of test script problems.
2020-09-10 drh Try again to fix the typo in the sqlite3_txn_state() documentation.
2020-09-10 drh Fix typo in the documentation for the new sqlite3_txn_state() interface.
2020-09-10 drh If an amalgamation is created using SQLITE_ENABLE_UPDATE_DELETE_LIMIT, ensure that it can still be compiled without that option by setting the SQLITE_UDL_CAPABLE_PARSER flag in the preamble.
2020-09-07 dan Fix another (harmless in practice) tsan error in shared-cache mode.
2020-09-06 drh Remove an artifical limitation on the length of columns in the "box" output mode of the command-line shell.
2020-09-05 drh Fix a bug in Fossil that might cause it to crash if there is a multi-terminal token with a space following the "|" separator. This does not affect SQLite.
2020-09-04 dan Fix a tsan error that could occur when using shared-cache mode.
2020-09-04 dan Ensure that the busy-handler count is reset at the end of each sqlite3_file_control() and sqlite3_prepare() (and _v2() and _v3()).
2020-09-01 mistachkin Fix harmless compiler warning.
2020-09-01 drh In the Lemon output, add a prefix comment that explains that the output file is automatically generated and shows the name of the source file.
2020-09-01 drh Lemon updates: (1) include the #defines for all tokens in the generated C file, so that the C-file can be stand-alone. (2) If the grammar begins with a %include {...} directive on line one, make that directive the header for the generated C file. (3) Enhance the lemon.html documentation.
2020-09-01 drh Improvements to the IN-early-out optimization so that it works more efficiently when there are two or more indexed IN clauses on a single table.
2020-09-01 drh Fix a harmless compiler warning.
2020-08-31 drh New test-control that returns the number of calls to sqlite3BtreeMovetoUnpacked() on the main database and then resets the counter. This only works for SQLITE_DEBUG builds.
2020-08-31 drh Fix the documentation for the OP_IdxGT family of opcodes to show that the P5 operand is not used.
2020-08-29 dan Fix a sanitizer warning in zipfile.c.
2020-08-28 dan Fix handling of an xShmLock(SHARED, UNLOCK) call when the caller does not hold any lock on the specified slot, but another connection in the same process holds an EXCLUSIVE.
2020-08-28 dan Modify the unixShmLock() function to avoid iterating through the (possibly large) set of connections to the same database file.
2020-08-28 mistachkin Add the miscellaneous 'series' extension to the shell.
2020-08-28 drh Update Lemon documentation. Patches from sgbeal.
2020-08-28 drh Fix a couple of unreachable branches.
2020-08-28 dan Add fts5 test to confirm that for a table with columns a, b, c and d, "{a b}" and "-{c d}" are handled similarly.
2020-08-27 drh Remove a (harmless) redundant variable from the CLI implementation.
2020-08-27 drh Include the original text of the CHECK constraint in the error message for anonymous CHECK constraints.
2020-08-27 drh Apple the same fix for ticket [9eda2697f5cc1aba] to text-to-integer conversions that was done for floating point conversions by check-in [1c76f1d8ec0937a2].
2020-08-27 dan Do not attempt to run test script analyze3.test as part of the "prepare" permutation.
2020-08-26 drh Enhance the ".databases" command in the CLI so that it shows the result of sqlite3_db_readonly() and sqlite3_txn_state() for each database file.
2020-08-26 drh If the argument to the ".read" command in the CLI begins with "|" then run the remainder of the argument as a command and read input from the output of that command.
2020-08-25 drh Add support for the sqlite3_txn_state() interface.
2020-08-24 drh Reduce the N in the logN term for the sorting cost associated with computing DISTINCT by B-Tree by half, under the assumption that the DISTINCT will eliminate about half the rows of output. This is really a wild guess. But we do not have any better way of estimating what the row-count reduction due to DISTINCT will actually be.
2020-08-24 dan Correctly handle expressions like "x IS (not) true/false" within the rhs of IN() expressions. Fix for [f3ff1472].
2020-08-20 dan Fix a crash that could occur in SQLITE_MAX_EXPR_DEPTH=0 builds when processing SQL containing syntax errors.
2020-08-20 dan Avoid a buffer overrun in test code that could occur if certain test functions were passed a hex-string containing an odd number of digits.
2020-08-19 drh Try to make SQLite easier to compiler for Mac Catalyst. See [https://sqlite.org/forum/forumpost/803387a1c5|forum post 803387a1c5].
2020-08-19 drh Do not skip over TK_IF_NULL_ROW operators when bypassing TK_COLLATE operators. Fix to check-in [ac31edd3eeafcef4] which was itself a fix for ticket [45f4bf4eb4ffd788].
2020-08-19 dan Update releasetest_data.tcl so that the "Fast-One" configuration runs bigmmap.test as part of release testing.
2020-08-19 dan Fix a problem in test file bigmmap.test.
2020-08-17 drh Fix the -quote option on the CLI to set the correct column separator.
2020-08-16 drh Optimization to sqlite3BeginWriteOperation().
2020-08-15 drh Optimization of the sqlite3SrcListDelete() routine.
2020-08-15 drh Remove more unnecessary sqlite3GetVdbe() calls, replacing them with assert()s.
2020-08-15 drh Avoid unnecessary calls to the sqlite3GetVdbe() routine. Add assert() statements to prove each call is unnecessary.
2020-08-15 drh Omit the unnecessary not-NULL check on the upper bound of a forward index range scan. The subsequent OP_IdxGT will always catch the NULL. Similarly, omit the not-NULL check on the lower bound of a reverse index range scan, as the SeekLE opcode will disallow the NULL.
2020-08-14 drh Update the version number to 3.34.0 for the next development cycle.
2020-08-14 drh Optimizations to the logic that converts main table accesses into equivalent index accesses. Code is now slightly smaller and faster than trunk.
2020-08-14 drh For UPDATE and DELETE, use OP_DeferredSeek always. If the seek must later be resolved, add the OP_FinishSeek opcode after all WHERE clause terms have been processed. This obviates the need for the WHERE_SEEK_TABLE and WHERE_SEEK_UNIQ_TABLE flags to sqlite3WhereBegin() and the ensuing complication, and it allows the covering index optimization to be used further into WHERE clause processing.
2020-08-14 drh Experimental change to try to get some DELETE operations to access values using the index rather than the main table, so as to avoid unnecessary main table seeks.
2020-08-14 dan Fix an inconsequential memory leak in sqldiff. Update the "Sanitize" case in wapptest.tcl to use -fsanitize=address,undefined, and to run more tests.
Created with:
roll-dep src/third_party/sqlite/src
Bug: 1161048
Change-Id: Ieb8f0154930d6cc0597b5aee9444678cf021035b
Reviewed-by: Chris Mumford <cmumford@google.com>
Commit-Queue: Darwin Huang <huangdarwin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#839609}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2748756:
Mark additional RootInlineBox dirty when culled inline box is removed
When a |LayoutInline| is removed, |LineBoxList::
DirtyLinesFromChangedChild| tries to mark affected
|RootInlineBox| dirty.
When the |LayoutInline| to be removed is culled, it tries to
find the |RootInlineBox| from its previous siblings, then look
for its previous and next |RootInlineBox|es.
Occasionally, the next next line of the previous sibling is
wrapped at the |LayoutInline|, and that its |LineBreakObj()|
holds the reference to the |LayoutInline|. This patch marks
such |RootInlineBox| dirty.
(cherry picked from commit 2dbdabb28d647c8ee20cbe36e3c957e74aff663b)
Bug: 1186287
Change-Id: I8ca73ebb4f5e4f13e997662fffd803d6a74ef49a
Auto-Submit: Koji Ishii <kojii@chromium.org>
Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org>
Commit-Queue: Ian Kilpatrick <ikilpatrick@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#861724}
Commit-Queue: Jana Grill <janagrill@chromium.org>
Reviewed-by: Achuith Bhandarkar <achuith@chromium.org>
Reviewed-by: Koji Ishii <kojii@chromium.org>
Cr-Commit-Position: refs/branch-heads/4240@{#1577}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2628044:
Validate return code from FPDF_PageToDevice()
A DCHECK() here isn't sufficient to prevent the use of uninitialized
memory should this someday return false.
Bug: 1166091
Change-Id: I4cfd28653f2e6882f227299d68605be706b75b44
Reviewed-by: K. Moon <kmoon@chromium.org>
Commit-Queue: Tom Sepez <tsepez@chromium.org>
Cr-Commit-Position: refs/heads/master@{#843247}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2727697:
Convert AudioParam NaN values to the default value
If any output value of an AudioParam (including the intrinsic values
and any inputs to the AudioParam), should be NaN, replace the NaN
value with the associated defaultValue.
This causes some slowdowns so SIMD/NEON code was added to mitigate the
degradation. There is still some slowdown, but the worst case is now
about 7% slower on x86 and 10% on arm. Generally, the slowdown is less
than 2% and 5%, respectively. (Perversely, some results got faster,
and the differences are statistically significant.)
Full details can be found at
https://docs.google.com/spreadsheets/d/1EhbLHm-9cUoEO5aj1vYemVBLQ3Dh4dCJPPLTfZPrZt4/edit?usp=sharing
Manually tested the test case from the bug and the issue no longer
occurs.
(cherry picked from commit ab1862017b5717271a28376659944dddc602195c)
(cherry picked from commit eb0c0353bf245885797d8ce0d1b864d88a381fbb)
Bug: 1170531
Change-Id: I00d902b40a9ef9da990c6d68b664b1dcfc31b091
Commit-Queue: Raymond Toy <rtoy@chromium.org>
Reviewed-by: Hongchan Choi <hongchan@chromium.org>
Cr-Original-Original-Commit-Position: refs/heads/master@{#851733}
Reviewed-by: Raymond Toy <rtoy@chromium.org>
Cr-Original-Commit-Position: refs/branch-heads/4389@{#880}
Cr-Original-Branched-From: 9251c5db2b6d5a59fe4eac7aafa5fed37c139bb7-refs/heads/master@{#843830}
Reviewed-by: Victor-Gabriel Savu <vsavu@google.com>
Commit-Queue: Artem Sumaneev <asumaneev@google.com>
Cr-Commit-Position: refs/branch-heads/4240@{#1551}
Cr-Branched-From: f297677702651916bbf65e59c0d4bbd4ce57d1ee-refs/heads/master@{#800218}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Prevent accessing shared buffers from audio rendering thread
The shared buffer in ScriptProcessorNode can be accessed by the
audio rendering thread when it is held by the main thread.
The solution suggested here is simply to expand the scope of
the mutex to minimize the code change. This is a deprecated
feature in Web Audio, so making significant changes is not
sensible. By locking the entire scope of Process() call, this
area would be immune to the similar problems in the future.
Bug: 1174582
Test: The repro case doesn't crash on ASAN.
Change-Id: I2b292f94be65e6ec26c6eb0e0ed32b3fb2d88466
Commit-Queue: Hongchan Choi <hongchan@chromium.org>
Reviewed-by: Raymond Toy <rtoy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#852240}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2713912:
Don't store BlobStorageLimits as a reference in transport strategy.
Rather than storing a const reference to something of unclear lifetime,
just make a copy. We could just copy the specific limits we need, but
there shouldn't be many TransportStrategy instances alive at the same
time anyway, so the cost of duplicating shouldn't be too high.
Bug: 1180871
Change-Id: Ie1e31728b18f02c5d35df0ac0f285eb8f70cb268
Reviewed-by: Olivier Yiptong <oyiptong@chromium.org>
Reviewed-by: Darwin Huang <huangdarwin@chromium.org>
Reviewed-by: Victor Costan <pwnall@chromium.org>
Commit-Queue: Marijn Kruisselbrink <mek@chromium.org>
Cr-Commit-Position: refs/heads/master@{#856503}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2655089:
WebSocket: Don't clear event queue on destruction
It's unnecessary to clear the event queue as it will be garbage
collected anyway. Stop doing it.
Also add a unit test for GC with pending events. This can only happen if
the execution context changes while the events are pending.
BUG=1170657
Change-Id: I01e5a687587f7471e88640c43f0dfe83e5c01bd1
Reviewed-by: Yutaka Hirano <yhirano@chromium.org>
Commit-Queue: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/master@{#848065}
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2674169:
[Merged ][wasm] PostMessage of Memory.buffer should throw
PostMessage of an ArrayBuffer that is not detachable should result
in a DataCloneError.
TBR=gdeepti@chromium.org
(cherry picked from commit dfcf1e86fac0a7b067caf8fdfc13eaf3e3f445e4)
Bug: chromium:1170176, chromium:961059
No-Try: true
No-Presubmit: true
No-Tree-Checks: true
Change-Id: Ife852df032841b7001375acd5e101d614c4b0771
Reviewed-by: Zhi An Ng <zhin@chromium.org>
Commit-Queue: Zhi An Ng <zhin@chromium.org>
Cr-Commit-Position: refs/branch-heads/8.8@{#30}
Cr-Branched-From: 2dbcdc105b963ee2501c82139eef7e0603977ff0-refs/heads/8.8.278@{#1}
Cr-Branched-From: 366d30c99049b3f1c673f8a93deb9f879d0fa9f0-refs/heads/master@{#71094}
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/devtools/devtools-frontend/+/2466187:
[Network] Properly escape form data for copy as curl
Fixed: 1093791
Change-Id: I3cf1438d319d234a4bfe102eebd053f071d78db3
Reviewed-by: Mathias Bynens <mathias@chromium.org>
Commit-Queue: Jan Scheffler <janscheffler@chromium.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Jüri Valdmann <juri.valdmann@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2465555:
Roll WOFF2 1bccf208bc..a0d0ed7da2
This includes a fix for integer overflow, and relicensing to MIT.
Bug: 1135594
Change-Id: Ia1ee98441f240a9e073cb05408801581144bbd0a
Reviewed-by: Kenichi Ishibashi <bashi@chromium.org>
Commit-Queue: Kunihiko Sakamoto <ksakamoto@chromium.org>
Cr-Commit-Position: refs/heads/master@{#817815}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2645491:
Disable GPU acceleration on all Mesa software rasterizers
The previous entry only disabled acceleration on swrast, but softpipe
and llvmpipe shouldn't be used for "GPU" acceleration either.
This should apply to Linux but not ChromeOS, AFAICT.
This only improves an existing software rendering list entry, but here
is the rationale: We prefer to rely on our own (domain specific, so more
efficient) software paths, at least for everything other than WebGL. And
for WebGL, SwiftShader avoids unknown factors like
llvmpipe/softpipe/swrast.
If you are running a Mesa GL driver (not e.g. NVIDIA) then you can force
these configurations with:
- LIBGL_ALWAYS_SOFTWARE=1
https://docs.mesa3d.org/envvars.html#libgl-environment-variables:~:text=LIBGL_ALWAYS_SOFTWARE
- GALLIUM_DRIVER=llvmpipe, softpipe, or swr (though swr didn't work for me)
https://docs.mesa3d.org/envvars.html#gallium-environment-variables:~:text=GALLIUM_DRIVER
The GL_RENDERER strings are:
- swrast: "Software Rasterizer" (couldn't test this locally; found this online)
- softpipe: "softpipe" (on one machine)
- llvmpipe: "llvmpipe (LLVM 10.0.0, 256 bits)" (on one machine)
Drive-by updates the description of another item to be more accurate
(SVGA3D is virtualized over hardware; it's not a software renderer).
Bug: 1155974
Change-Id: I0571c1a1bf526260f7ea6cd53f88eec768973b13
Commit-Queue: Kai Ninomiya <kainino@chromium.org>
Reviewed-by: Zhenyao Mo <zmo@chromium.org>
Auto-Submit: Kai Ninomiya <kainino@chromium.org>
Cr-Commit-Position: refs/heads/master@{#846422}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/2437383:
Do not pause on breaks while installing additional command line API
A break may cause the session disconnect (and therefore agents destruction)
on a nested message loop. The runtime agent code is generally prepared to
handle this during evaluate, but the code outside of it may be not. Besides,
having a break before the console API installed is generally not what
user wants or expects, so just disable all breaks while installing the API.
Bug: chromium:1122487
Change-Id: I1d40f5007f2e1e4ec07a50ef57988513d0309b7e
Commit-Queue: Andrey Kosyakov <caseq@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#70209}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://pdfium-review.googlesource.com/c/pdfium/+/75410:
Prevent undefined behavior in CFX_DIBBase::GetOverlapRect().
Use FX_SAFE_INT32 to prevent integer overflows/underflows. Also mark the
method const.
Bug: chromium:1097499
Change-Id: Ie3809f0cb43cdf9558b40ec2a2e805f535ab749e
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://webrtc-review.googlesource.com/c/src/+/191222:
Check for oversized TURN usernames
Bug: chromium:1144646
Change-Id: I8e71a025246708f05e38ba6f397f9655251da788
Reviewed-by: Philipp Hancke <philipp.hancke@googlemail.com>
Reviewed-by: Jonas Oreland <jonaso@webrtc.org>
Commit-Queue: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32536}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://webrtc-review.googlesource.com/c/src/+/190761:
Update set of known root certificates.
Removes:
AddTrust_External_Root_certificate
GlobalSign_Root_CA___R8_certificate
This has been automatically generated by running [1]. It also updates
[1] to produce the full ssl_roots.h file without requiring any manual
modifications.
See https://codereview.webrtc.org/1503473002 for some background about
the generator script.
[1] - https://cs.chromium.org/chromium/src/third_party/webrtc/tools_webrtc/sslroots/generate_sslroots.py
No-Presubmit: True
Bug: webrtc:12105
Change-Id: I0ee979bd8ab4e5f4ff4d55ad6f2fd21bf122a7ca
Commit-Queue: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Cr-Commit-Position: refs/heads/master@{#32523}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Manual backport of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2606399:
MediaCapabilities: Use threadsafe static wtf::String
This replaces DEFINE_THREAD_SAFE_STATIC_LOCAL(const String, ...).
StringImpl ref counting (behind that macro) is not currently threadsafe.
(cherry picked from commit f9add3b8e53c440129f7be4a181a22c440e856bc)
Bug: 1160534
Change-Id: I70f4aa796aaefabbee36db4fcdf0fbf0defe4959
Commit-Queue: Chrome Cunningham <chcunningham@chromium.org>
Reviewed-by: Jeremy Roman <jbroman@chromium.org>
Auto-Submit: Chrome Cunningham <chcunningham@chromium.org>
Cr-Original-Commit-Position: refs/heads/master@{#839863}
Reviewed-by: Chrome Cunningham <chcunningham@chromium.org>
Cr-Commit-Position: refs/branch-heads/4324@{#1460}
Cr-Branched-From: c73b5a651d37a6c4d0b8e3262cc4015a5579c6c8-refs/heads/master@{#827102}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2463708:
Add nullptr check.
Bug: 1136327
Change-Id: I8ced300d7de0e2465e54d5111f915af425c66c40
Auto-Submit: David Manouchehri <david@davidmanouchehri.com>
Commit-Queue: Reilly Grant <reillyg@chromium.org>
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#816320}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit 2ff6540525094f46488c4b1833bc9e27430793d9)
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/2459447:
Initialize urb to make MSan happy.
Bug: 1136327
Change-Id: Id47e06bfd088e5c72d5f41c091882e99768fb93d
Commit-Queue: Reilly Grant <reillyg@chromium.org>
Auto-Submit: David Manouchehri <david@davidmanouchehri.com>
Reviewed-by: Reilly Grant <reillyg@chromium.org>
Cr-Commit-Position: refs/heads/master@{#815025}
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
(cherry picked from commit f195542986b3d88fa7cd92fbe89d7c0f7d1341cd)
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
Partial backport (leaving out irrelevant parts and version strings)
of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/deps/sqlite/+/2607419:
Fix a problem handling sub-queries with both a correlated WHERE clause and a "HAVING 0" clause where the parent query is itself an aggregate.
FossilOrigin-Name: f62f983b56623f0ec34f9a54ce1c21b013a20399162f5ee6ee43b23f10c2ecd5
(cherry picked from commit f39168e468af3b1d6b6d37efdcb081eced6724b2)
Bug: 1160602
Change-Id: I76aaeedc167c8ed8a9b47805cd6ebb29fba0a704
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
