| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
| |
Pick-to: 102-based
Pick-to: 87-based
Fixes: QTBUG-111697
Change-Id: I51fca3b3eb627b2617ff5c6c051fa1182671244d
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/464490
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
| |
Task-number: QTBUG-111958
Change-Id: I4a5074e3a39300f6ae02b160c41f94d3f00e0aa1
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/467012
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
| |
This reverts commit d2e9d29408e6cc3e1e6aa07686f4ae4403334619.
Task-number: QTBUG-111585
Change-Id: Ic0a9ab30cdbc7d38c40d50b4bb1c4fe468a5402b
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/465958
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
usage.""
It was assigning the wrong value to SHARED_IMAGE_RGB_EMULATION: 19 rather
than 1 << 19.
This fixed the WebGL issue by accident, but also resulted in wrong behavior in
video rendering.
Task-number: QTBUG-111784
Change-Id: I0bebb231a8d4835e0250cdd6de3ae8651d0aece2
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/465957
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
| |
Fixes: QTBUG-111496
Change-Id: I37c1451ad0d033ab46fabdfb71afbe9381e70330
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/465862
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
| |
It is needed for WebGL on macOS.
Change-Id: I3c6dad9e4ed23acb543de4a0037e4023d36d8f3b
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/464061
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4225393:
Further simplify WebMediaPlayerMSCompositor lifetime.
M108 merge issues:
third_party/blink/renderer/modules/mediastream/webmediaplayer_ms.cc:
- video_task_runner_ is named io_task_runner_ in 108
third_party/blink/renderer/modules/mediastream/webmediaplayer_ms_compositor.cc:
- video_task_runner_ is named io_task_runner_ in 108 (conflict in ReplaceCurrentFrameWithACopy)
Due to the raw pointer held by VideoFrameSubmitter, there may be
tasks pending on the compositor task runner after the RefCounted
traits have "destructed" WebMediaPlayerMSCompositor. Through this
raw pointer VFS was invoking OnContextLost which attempts to use
the zero ref count compositor.
The solution here is again similar to VideoFrameCompositor, its
destruction should be explicit instead of a tangle of RefCounted
owners.
(cherry picked from commit 1622bffc6534a0cc4f53d07c43e0cd8f49975d10)
Fixed: 1407701, 1411601
Change-Id: Ic77294d1113d54ab83bc0f5b625a997edf57bf7c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4210508
Commit-Queue: Tony Herre <toprice@chromium.org>
Auto-Submit: Dale Curtis <dalecurtis@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1099726}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4225393
Commit-Queue: Roger Felipe Zanoni da Silva <rzanoni@google.com>
Reviewed-by: Oleh Lamzin <lamzin@google.com>
Owners-Override: Oleh Lamzin <lamzin@google.com>
Cr-Commit-Position: refs/branch-heads/5359@{#1392}
Cr-Branched-From: 27d3765d341b09369006d030f83f582a29eb57ae-refs/heads/main@{#1058933}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/462815
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4225498:
Simplify WebMediaPlayerMSCompositor destruction.
The code was only sometimes calling StopUsingProvider() and posted
the submitter destruction unnecessarily.
Destruction now works the same as in VideoFrameCompositor, where the
class itself is responsible for calling StopUsingProvider() during
its own destruction.
(cherry picked from commit cbd238e85903b7d94910bd2c6362ff9abf9908cc)
Fixed: 1407701
Disallow-Recycled-Builds: test-failures
Change-Id: Ia649cb5532519468eea34e12745ed9c990580d82
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4195824
Auto-Submit: Dale Curtis <dalecurtis@chromium.org>
Commit-Queue: Tony Herre <toprice@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1098505}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4225498
Reviewed-by: Oleh Lamzin <lamzin@google.com>
Owners-Override: Oleh Lamzin <lamzin@google.com>
Commit-Queue: Roger Felipe Zanoni da Silva <rzanoni@google.com>
Cr-Commit-Position: refs/branch-heads/5359@{#1391}
Cr-Branched-From: 27d3765d341b09369006d030f83f582a29eb57ae-refs/heads/main@{#1058933}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/462814
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4274984:
Exclude Policy and Play API engines from Sync merging
There's a security bug in which the call to ResetTemplateURLGUID can
cause a policy-created engine to be deleted. This means that after
the call, either the current `conflicting_turl` pointer, or future
iterations in the loop may point to an already-freed TemplateURL,
causing the use-after free bug.
This CL addresses that by forbidding Policy-created and Play API
engines from being merged into Synced engines.
Although Play API engines aren't directly affected, they seem to also
not be something that should be merged to Synced engines.
(cherry picked from commit 315632458eb795ef9d9dce3fd1062f9e6f2c2077)
Bug: 1414224
Change-Id: Ide43d71e9844e04a7ffe2e7ad2a522b6ca1535a3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4250623
Commit-Queue: Tommy Li <tommycli@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1106249}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4274984
Commit-Queue: Krishna Govind <govind@chromium.org>
Cr-Commit-Position: refs/branch-heads/5481@{#1238}
Cr-Branched-From: 130f3e4d850f4bc7387cfb8d08aa993d288a67a9-refs/heads/main@{#1084008}
(cherry picked from commit 06851790480e8e16a2913461d271437d525451a2)
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/462818
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4232858:
Fix UAF problem in AngleVulkanImageBacking
Right now, we use vulkan fence helper to release the backing.
It is right, if the last usage of the backing is by skia.
If the last usage is by gl, the fence helper(skia) isn't aware of
the submitted work from ANGLE, skia may call flush finish callback
to release the backing while the backing is still being referenced
by works in ANGLE. Fix the problem by calling glFinish() if the last
usage is GL.
Know issue: the finish callback of skia flush() is not always called
in order. So in edge cases, the UAF problem can still happen.
Bug: 1309035
Change-Id: I3562043650dd2b27bde3a370bef45b1226cdd48c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4232858
Reviewed-by: Vasiliy Telezhnikov <vasilyt@chromium.org>
Commit-Queue: Peng Huang <penghuang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1102905}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/462817
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://pdfium-review.googlesource.com/c/pdfium/+/103078:
Validate the page count.
In CountPages(), which recursively calls itself, validate the page
count. When any part of the pages tree contains bad data, bail out.
Bug: chromium:1404864
Change-Id: Ifdbc14213ec3f963b4b2cb5793b83c15d03336e8
Reviewed-on: https://pdfium-review.googlesource.com/c/pdfium/+/103078
Reviewed-by: Tom Sepez <tsepez@chromium.org>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/462816
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://webrtc-review.googlesource.com/c/src/+/292762:
Fix Destruction inside WGC Callback
If we are notified of the destruction of the window before a
CaptureFrame call can fail, then we may end up attempting to destroy the
underlying WGC object inside it's own event handler. This can be
problematic, as the class itself may want to run other code. Instead,
we just unsubscribe and signal that any future CaptureFrame calls should
reject.
This also removes setting "is_capture_started_=false" in the item closed
handler, as all that served to do is cause the WgcCapturerWin code to
attempt to restart the capturer, and somewhat muddies up our metrics.
Bug: chromium:1413005
Change-Id: Ibccb7a2e7ce531ba80b4b331b9bc2cda0ff75f4e
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/292762
Auto-Submit: Alexander Cooper <alcooper@chromium.org>
Reviewed-by: Mark Foltz <mfoltz@chromium.org>
Commit-Queue: Mark Foltz <mfoltz@chromium.org>
Commit-Queue: Alexander Cooper <alcooper@chromium.org>
Cr-Commit-Position: refs/heads/main@{#39275}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/462813
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4143606:
CHECK that YUV readback finished synchronously
DoReadbackYUVImagePixelsINTERNAL is implemented using skia asynchronous
readback and to make it synchronous we use sync cpu and gpu. In some
edge cases on linux we saw that doesn't happen if readback triggered
vulkan device lost.
To avoid use after free, CHECK that callback was actually called. In
case of device-lost gpu process will restart anyway, so while this is
not proper fix of the problem, it doesn't result in worse user visible
behaviour.
Bug: 1399742
Change-Id: Ie2172539bb907b9696ef62c70d398aca3967177c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4143606
Reviewed-by: Peng Huang <penghuang@chromium.org>
Commit-Queue: Vasiliy Telezhnikov <vasilyt@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1093064}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/462812
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4277341:
Skip finalizing permission requests in pending queue
Bug: 1415366
(cherry picked from commit dd597022c93047e88f6ddb812eb04ed392222b33)
Change-Id: I2bd464a202354d9941bed8498bd44b5c5ebea6de
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4271191
Commit-Queue: Thomas Nguyen <tungnh@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1107426}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4277341
Commit-Queue: Srinivas Sista <srinivassista@chromium.org>
Owners-Override: Srinivas Sista <srinivassista@chromium.org>
Cr-Commit-Position: refs/branch-heads/5414@{#1524}
Cr-Branched-From: 4417ee59d7bf6df7a9c9ea28f7722d2ee6203413-refs/heads/main@{#1070088}
(cherry picked from commit 2bd849cc947cff0607666fd9225f0f552f3c6f8b)
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/462618
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
| |
The lack of checksum may cause assert and error messages when a mailbox
is passed from a release render process to a debug render process.
Task-number: QTBUG-110504
Pick-to: 87-based 102-based
Change-Id: Ib7d78e1e86a3f2ddda6dc8066abf9198040c38f6
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461554
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
| |
Change-Id: I2aec8caffeebadc9feed34e64769149ffcb42172
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461405
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
|
| |
It was missing an include.
Change-Id: If33119a15942ad58bed3fdf03ab97031e641454a
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461649
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is officially not supported by upstream as android builds
should be done on linux only, however qt builds arm artifacts on mac.
Therefore fix support and keep changes to minimum.
Note this is fixes are just tested with pdfium and more likely
trying to build other targets can end up badly.
Task-number: QTBUG-83459
Change-Id: I8dbc3dbc19e419518ff800058fcd72bc2e5162f9
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461475
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |
|
|
|
|
|
| |
Task-number: QTBUG-83459
Change-Id: If36778671999ae3ccb53d82f8b9cfd50a77b19ca
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/392938
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| |\
| |
| |
| |
| | |
Task-number: QTBUG-83459
Change-Id: I017b5ded61ea9bfc7c691e7a72b123eccfb42c4b
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Add android related file for build support. These
are mainly missing pydeps, info and BUILD.gn files.
New snapshot removes also .mailmap files.
BASELINE: 108.0.5359.220
Note gn is left still behind upstream master snapshot and
transport_security_state_static.json.gz is updated.
Task-number: QTBUG-83459
Change-Id: I64a23bffbd1fe258f30a02338ae488b7d6d2c14b
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/392937
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/4204087:
Merged: [wasm] Fix printing of wasm-to-js frames
After https://crrev.com/c/3859787 those frames would be printed like
standard Wasm frames, but in the place of the WasmInstanceObject, they
have a WasmApiFunctionRef object instead.
So special-case the {WasmToJsFrame::instance()} to load the instance
properly. Also special-case the {position()} accessor for imported
functions.
R=victorgomes@chromium.org
(cherry picked from commit e17eee4894be67f715a7b2d7f17d8b69724f1cf8)
Bug: chromium:1402270
Change-Id: I0a287afbf14dd64edb859c6407ce7c0a3d159023
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4204087
Reviewed-by: Darius Mercadier <dmercadier@chromium.org>
Reviewed-by: Victor Gomes <victorgomes@chromium.org>
Commit-Queue: Clemens Backes <clemensb@chromium.org>
Reviewed-by: Maya Lekova <mslekova@chromium.org>
Cr-Commit-Position: refs/branch-heads/11.0@{#24}
Cr-Branched-From: 06097c6f0c5af54fd5d6965d37027efb72decd4f-refs/heads/11.0.226@{#1}
Cr-Branched-From: 6bf3344f5d9940de1ab253f1817dcb99c641c9d3-refs/heads/main@{#84857}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461064
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Manual cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4025933:
[MediaStream] Use bad message for unexpected OnStreamStarted IPC in MSDH
Originally we were using a DCHECK, but crashing the renderer process is
a safer option since a well-behaved renderer should not send it.
Bug: 829317
Change-Id: I41be62b11ecce82c94a56c604e8475be9071fbf5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4025933
Reviewed-by: Elad Alon <eladalon@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Commit-Queue: Guido Urdaneta <guidou@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1071628}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461078
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Manual cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4020095:
Make browser start recording indicator
Prior to this CL, the recording indicator was turned on by a call sent
by the renderer process.
This CL makes the browser process turn on the indicator directly, which protects against a potential malicious renderer that intentionally does
not make the call.
The difference in behavior is that, originally, the indicator was turned on after the tracks were started and now it is turned on before they start. The same approach is already in use for pepper media capture.
In both cases, the indicator was turned off by the browser when the sources backing the tracks stopped.
Bug: 829317
Change-Id: I1af1f481cbc0e8eb0fb96919313b667ac1fa0a0a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4020095
Reviewed-by: Tomas Gunnarsson <tommi@chromium.org>
Commit-Queue: Guido Urdaneta <guidou@chromium.org>
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1070795}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461077
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/3131643:
Protect thread-safe refcounts against overflow.
Implementing tests for this also tickled a surprising edge case in the
way RefCounted/RefCountedThreadSafe signalled whether the refcount
should begin at 0 or 1. Previously, this was signalled using a static
data member; however, local classes (which the updated tests use) cannot
contain static data members.
As a result, this CL "minimally" updates the tagging mechanism to use a
type alias while leaving as much of the existing tagging mechanism
intact as possible.
Bug: 1238642
Change-Id: I16f3ab243745e11bbde755f826d430e85cc33a93
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3131643
Reviewed-by: Lei Zhang <thestig@chromium.org>
Owners-Override: Lei Zhang <thestig@chromium.org>
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1071489}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461076
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4020813
Use helper for declaring refcount type rather than using base::subtle directly.
Implementation details of base::subtle are subject to change; non-base
code should not be using it directly.
Bug: 1238642
Change-Id: Ic47c40ced7a743594515a06f1be103cd7b3acb37
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4020813
Commit-Queue: Klaus Weidner <klausw@chromium.org>
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Auto-Submit: Daniel Cheng <dcheng@chromium.org>
Reviewed-by: Klaus Weidner <klausw@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1070122}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461075
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/v8/v8/+/4152511:
Merged: [log] Remove is_listening_to_code_events cache
V8FileLogger has a dynamic behaviour when listening to
code events, i.e., it can stop listening without removing
itself from the Logger, which invalidates the field
is_listening_to_code_events_. This field is only updated
when adding/removing an event listener.
This cache was recently introduced in a refactoring
https://crrev.com/c/3582125
Bug: chromium:1400809
Change-Id: Icf7b8c27eef0cb9444cacf0e21659334206fc7c0
Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/4152511
Reviewed-by: Patrick Thier <pthier@chromium.org>
Commit-Queue: Victor Gomes <victorgomes@chromium.org>
Cr-Commit-Position: refs/branch-heads/11.0@{#18}
Cr-Branched-From: 06097c6f0c5af54fd5d6965d37027efb72decd4f-refs/heads/11.0.226@{#1}
Cr-Branched-From: 6bf3344f5d9940de1ab253f1817dcb99c641c9d3-refs/heads/main@{#84857}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461074
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4024654:
Mojo: Add release-mode sequence checks
A fairly common class of bugs is for Mojo consumers to use thread-affine
objects like Remote<T> from the wrong thread. These bugs are dangerous
since they can lead to UAFs etc.
This CL enables release-mode sequence checks on InterfaceEndpointClient,
the main thread-affine state object underying Remote<T> etc.
Fixed: 1325096
Change-Id: I362b798b015c021316ddca14ea35cb7618942538
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4024654
Commit-Queue: Ken Rockot <rockot@google.com>
Reviewed-by: Oksana Zhuravlova <oksamyt@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1074883}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461073
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Manual cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4166946:
ClearBrowsingData: Prevent heap overflow with false data type
Users can call ClearBrowsingDataHandler::HandleClearBrowsingData with
false arguments through devtools. This usually results in a clean crash.
Passing an invalid data type results in a heap overflow. This is turned
into a clean crash by changing a DCHECK into a CHECK.
Bug: 1405123
Change-Id: I00c7d7aefcd8b1d68a285fce62edf8ebdf2e3b4b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4166946
Reviewed-by: Demetrios Papadopoulos <dpapad@chromium.org>
Commit-Queue: Demetrios Papadopoulos <dpapad@chromium.org>
Auto-Submit: Christian Dullweber <dullweber@chromium.org>
Reviewed-by: Martin Šrámek <msramek@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1093506}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461072
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/3645670:
Ensure WFWI::current_drag_data_ is null at the end of a drag.
This is a tentative fix for the DCHECK bugs below. The bugs appeared at
two different times, but they share the common symptom that
WebFrameWidgetImpl::DragTargetDragEnter very infrequently encounters a
non-null current_drag_data_. We were not able to repro the problem.
This tentative fix assumes that an early return on a drag-leave may
be accidentally skipping setting the state to null.
Bug: 1316301, 1367848
Change-Id: Ib6e9e000271515a0659a6780a59467db149d3b3f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3645670
Commit-Queue: Mustaq Ahmed <mustaq@chromium.org>
Reviewed-by: Robert Flack <flackr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1075157}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461070
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4083922:
Clear data if GetBucketContents early terminates
Follow up to
https://chromium-review.googlesource.com/c/chromium/src/+/4076865
Bug: 1371859
Change-Id: I33dbcd6e7e8094d44fe3d7623dc9c152224342e2
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4083922
Commit-Queue: Brandon Jones <bajones@chromium.org>
Reviewed-by: Victor Miura <vmiura@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1080121}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461069
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4076865:
Early terminate GetBucketContents if WaitForCmd fails
This should avoid the scenario outlined in crbug.com/1371859 where the
command isn't run due to the GPU process shutting down, but the memcpy
is attempted anyway.
Bug: 1371859
Change-Id: Ib2a4b735365f29d092be8003ba668854be1d5c3b
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4076865
Reviewed-by: Victor Miura <vmiura@chromium.org>
Commit-Queue: Brandon Jones <bajones@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1078779}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461068
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://chromium-review.googlesource.com/c/chromium/src/+/4183821:
Check arguments type in DevToolsHost.showContextMenuAtPoint
(cherry picked from commit 954e76692edf965e588ee80350c20ad403f82ea0)
Bug: 1405574
Change-Id: Id06637839096402e05a2278b06f2f84b3037e21d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4165089
Auto-Submit: Danil Somsikov <dsv@chromium.org>
Commit-Queue: Kouhei Ueno <kouhei@chromium.org>
Reviewed-by: Yang Guo <yangguo@chromium.org>
Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1093205}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4183821
Cr-Commit-Position: refs/branch-heads/5481@{#498}
Cr-Branched-From: 130f3e4d850f4bc7387cfb8d08aa993d288a67a9-refs/heads/main@{#1084008}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461067
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originally reviewed on
https://webrtc-review.googlesource.com/c/src/+/291112:
Handle the case of missing certificates.
Creating a data channel or negotiating it can make the SCTP transport
name go from nothing (empty string) to something. Inside the
RTCStatsCollector this is relevant because which transports we have
affect which certificates we should cache, so this is an instance of
having to call ClearStatsCache().
The bug is that we don't. This CL fixes the bug.
I tried to create unittests to cover this, but I was unable to
reproduce the race in a testing environment (if I did it would have
hit an RTC_DCHECK). Not ideal... but I hope we can land it anyway since
the fix is trivial and clearing the cache in response to API calls is
worst case harmless.
Bug: webrtc:14844
Change-Id: Ia7174cde040839e5555237db6de285297120b123
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/291112
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Commit-Queue: Henrik Boström <hbos@webrtc.org>
Cr-Commit-Position: refs/heads/main@{#39160}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461066
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Cherry-pick of patch originallt reviewed on
https://webrtc-review.googlesource.com/c/src/+/291709:
Handle the case of missing certificates.
M108 merge issues:
No conflict but needed to reset the author of this commit to be able
to upload it. Original author: Henrik Boström <hbos@webrtc.org>
Certificates being missing is a sign of a bug (e.g. webrtc:14844, to be
fixed separately) which is why we have a DCHECK. But this DCHECK does
not protect against accessing the invalid iterator if it is a release
build. This CL makes that safe.
No-Try: True
Bug: chromium:1408392
Change-Id: I97a82786028e41c58ef8ef15002c3f959bbec7f1
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/291109
Commit-Queue: Henrik Boström <hbos@webrtc.org>
Cr-Original-Commit-Position: refs/heads/main@{#39159}
Reviewed-on: https://webrtc-review.googlesource.com/c/src/+/291709
Commit-Queue: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Henrik Boström <hbos@webrtc.org>
Reviewed-by: Evan Shrubsole <eshr@webrtc.org>
Reviewed-by: Mirko Bonadei <mbonadei@webrtc.org>
Reviewed-by: Harald Alvestrand <hta@webrtc.org>
Cr-Commit-Position: refs/branch-heads/5359@{#6}
Cr-Branched-From: fb3bd4a01d7c840dfe7b3efa144c0fbcb6a97fef-refs/heads/main@{#38387}
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/461065
Reviewed-by: Michal Klocek <michal.klocek@qt.io>
|
| |\ \
| |/
| |
| | |
Change-Id: If5e536a757d31d01c1041798381eadb094336fc9
|
| | |
| |
| |
| |
| |
| | |
Change-Id: Ibfd5669271969a41c1e74a55be1ffcd5d32c8e98
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/460143
Reviewed-by: Michael Brüning <michael.bruning@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Make Linux GPU memory buffers compile time optional based on use_vaapi
Task-number: QTBUG-91677
Change-Id: I07880836a3e2944dd2079e982d9eaf3ac3fde97e
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/454907
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I7285edcdb44fc887bc6b6606845ec5fb39620011
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/458675
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I43996503437f477356db5617e75bdd5c3ddf16a0
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/458674
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Try to get libdrm gpu-memory-buffers working.
Change-Id: I81a4bc01afaa1651721cb9b3f6793bbe5bbe534c
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/454906
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I541ac42ffd1592f4c69df06ee4630cec8168ccec
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/459099
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Revert the change made in ffmpeg_demuxer.cc as it messing up
timestamp calculations that makes some mp4s unplayable.
This fix breaks the compatibility with system ffmpeg 5.0 and above
as chromium tries to use the 'first_dts' value, that has been moved
out from public api and it is only available from bundled ffmpeg.
See: https://github.com/FFmpeg/FFmpeg/commit/591b88e6787c
Pick-to: 102-based
Fixes: QTBUG-110749
Change-Id: I5786b1a40939d7c9e490ad51ae2e910b8498c71c
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/457644
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I8349d1f822a2ccd464000406f9a484a3c85426a2
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/459483
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I0a4c051f0bb7234d13eeb37a841f063d15d083cf
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/458676
Reviewed-by: Peter Varga <pvarga@inf.u-szeged.hu>
|
| | |
| |
| |
| |
| |
| |
| |
| | |
Drop dependency on extensions
Change-Id: Icc9cf842dd8f1919160535eafb66d42bf6f8e435
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/459484
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes clang build on Linux:
ld.lld: error: undefined symbol: __atomic_is_lock_free
Change-Id: Ie0456a01f0970f7dfb736bdaaaa98e3e538ae132
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/459068
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
Fixes performance profiling in devtools.
Fixes: QTBUG-101983
Pick-to: 102-based
Change-Id: I232165f8449a42aa1b2d7a7c2eb2423c5a32a271
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/458710
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| | |
Change-Id: I29d85f699b43244a8fa4c4a9996021fc74d16526
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/458542
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
This change adds the flag url::CustomScheme::FetchApiAllowed, as well as
serialization logic for it in url_util_qt.cc.
If this flag is set the custom URL scheme can be used with the HTML5
fetch api.
Task-number: QTBUG-88830
Change-Id: I01a778864315a505c317d922b7128163251c92c4
Reviewed-on: https://codereview.qt-project.org/c/qt/qtwebengine-chromium/+/458060
Reviewed-by: Allan Sandfeld Jensen <allan.jensen@qt.io>
|
