chore: cherry-pick 0407102d19b9 and 183a57f4eabc from chromium #37661
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ppontes
added
security 🔒
semver/patch
electron-cation
bot
added
new-pr 🌱
ppontes
force-pushed
the
cherry-pick/22-x-y/chromium/0407102d19b9
branch
from
7645eed
to
25428b3
Compare
ppontes
changed the title
jkleinsc
approved these changes
Mar 27, 2023
|
Release Notes Persisted
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
[M108-LTS] Convert known it != end() DCHECK failures to CHECK
These have hit on DCHECK builds in the wild and precede erasing or
dereferencing an iterator that is UB.
This CL excludes DCHECK failures that precede non-DCHECK handling of the
it != end() failures. Those should probably be rewritten as CHECKs
but are less urgent and semi-orthogonal.
Known crashes (one per file) are:
crash/dc49e3cadab36d4c
crash/0ee3427d25937024
crash/b89303e84d123019
crash/cc35183b861a4992
(cherry picked from commit 1aec0b297900a7b59bd24314dff239f3c5697f45)
Bug: 1418734
Change-Id: I81ed7b45be33769e250c65c8bb7334a34be4380e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4288168
Commit-Queue: Peter Boström pbos@chromium.org
Cr-Original-Commit-Position: refs/heads/main@{#1109350}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4296138
Commit-Queue: Roger Felipe Zanoni da Silva rzanoni@google.com
Reviewed-by: Achuith Bhandarkar achuith@chromium.org
Owners-Override: Achuith Bhandarkar achuith@chromium.org
Reviewed-by: Peter Boström pbos@chromium.org
Cr-Commit-Position: refs/branch-heads/5359@{#1406}
Cr-Branched-From: 27d3765d341b09369006d030f83f582a29eb57ae-refs/heads/main@{#1058933}
============
[M108-LTS] Fix crash in AnnotationAgentImpl
This crash was occurring because the EphemeralRangeInFlatTree didn't
produce a Node. This is surprising since the RangeInFlatTree that it
comes from is checked for !IsCollapsed().
It turns out it's possible for RangeInFlatTree to be !IsCollapsed but
converting to EphemeralRangeInFlatTree causes IsCollapsed.
This CL ensures we early-out in the case that's tripping the CHECK. It
keeps the early-out exactly matching the CHECK since it must be merged
so we want to be extra sure. A followup will change this condition to
!EphemeralRangeInFlatTree::IsCollapsed which should be equivalent.
(cherry picked from commit 92782b6d34b7a5e26d184e217f8f44e97539686e)
Bug: 1419712, 1418734
Change-Id: Id1d66a7a67711d463780b37c00600183d6c14f32
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4304486
Commit-Queue: David Bokan bokan@chromium.org
Cr-Original-Commit-Position: refs/heads/main@{#1112568}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4337742
Reviewed-by: Achuith Bhandarkar achuith@chromium.org
Owners-Override: Achuith Bhandarkar achuith@chromium.org
Commit-Queue: Zakhar Voit voit@google.com
Cr-Commit-Position: refs/branch-heads/5359@{#1409}
Cr-Branched-From: 27d3765d341b09369006d030f83f582a29eb57ae-refs/heads/main@{#1058933}
Notes: Security: backported fix for 1418734.