chore: cherry-pick 3 changes from 1-M129 (#44255)

* chore: [31-x-y] cherry-pick 3 changes from 1-M129 * 85dd0fcc70ed from chromium * 8068f489ec2c from v8 * f612d9a40b19 from v8 * chore: update patches * chore: remove cherry-pick-85dd0fcc70ed.patch * 901496: [M126-LTS][ganesh] Avoid int overflow in DrawAtlasOpImpl | https://skia-review.googlesource.com/c/skia/+/901496 * Trigger CI --------- Co-authored-by: John Kleinschmidt <jkleinsc@electronjs.org>
2026-04-10 03:01:51 -04:00 · 2024-10-18 09:52:41 -04:00
parent 2f247ad050
commit c2c6bc57c1
5 changed files with 75 additions and 1 deletions
--- a/patches/config.json
+++ b/patches/config.json
@@ -11,5 +11,6 @@
  { "patch_dir": "src/electron/patches/Mantle", "repo": "src/third_party/squirrel.mac/vendor/Mantle" },
  { "patch_dir": "src/electron/patches/ReactiveObjC", "repo": "src/third_party/squirrel.mac/vendor/ReactiveObjC" },
  { "patch_dir": "src/electron/patches/webrtc", "repo": "src/third_party/webrtc" },
-  { "patch_dir": "src/electron/patches/reclient-configs", "repo": "src/third_party/engflow-reclient-configs" }
+  { "patch_dir": "src/electron/patches/reclient-configs", "repo": "src/third_party/engflow-reclient-configs" },
+  { "patch_dir": "src/electron/patches/skia", "repo": "src/third_party/skia" }
 ]
--- a/patches/skia/.patches
+++ b/patches/skia/.patches
@@ -0,0 +1 @@
+m126-lts_ganesh_avoid_int_overflow_in_drawatlasopimpl.patch
--- a/patches/skia/m126-lts_ganesh_avoid_int_overflow_in_drawatlasopimpl.patch
+++ b/patches/skia/m126-lts_ganesh_avoid_int_overflow_in_drawatlasopimpl.patch
@@ -0,0 +1,42 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: James Godfrey-Kittle <jamesgk@google.com>
+Date: Wed, 11 Sep 2024 16:18:40 -0400
+Subject: Avoid int overflow in DrawAtlasOpImpl
+
+Bug: b/365884464
+Change-Id: I4dc9f259165c88c1d7ae5dc38c6cae02ca18f509
+Reviewed-on: https://skia-review.googlesource.com/c/skia/+/898756
+Commit-Queue: James Godfrey-Kittle <jamesgk@google.com>
+Reviewed-by: Brian Osman <brianosman@google.com>
+(cherry picked from commit 2b40b50ea423e11073b742b3bd785975a6019046)
+Reviewed-on: https://skia-review.googlesource.com/c/skia/+/901177
+Reviewed-by: Michael Ludwig <michaelludwig@google.com>
+(cherry picked from commit dda581d538cb6532cda841444e7b4ceacde01ec9)
+Reviewed-on: https://skia-review.googlesource.com/c/skia/+/901496
+Commit-Queue: Gyuyoung Kim (xWF) <qkim@google.com>
+Reviewed-by: James Godfrey-Kittle <jamesgk@google.com>
+
+diff --git a/src/gpu/ganesh/ops/DrawAtlasOp.cpp b/src/gpu/ganesh/ops/DrawAtlasOp.cpp
+index 065011699f755b3c87f6cf9a9b19e4d5d42e91df..edf201a8bf9e26cda3e80e9c142bb777beb9549a 100644
+--- a/src/gpu/ganesh/ops/DrawAtlasOp.cpp
+++ b/src/gpu/ganesh/ops/DrawAtlasOp.cpp
+@@ -111,6 +111,7 @@ DrawAtlasOpImpl::DrawAtlasOpImpl(GrProcessorSet* processorSet, const SkPMColor4f
+         : GrMeshDrawOp(ClassID()), fHelper(processorSet, aaType), fColor(color) {
+     SkASSERT(xforms);
+     SkASSERT(rects);
+    SkASSERT(spriteCount >= 0);
+ 
+     fViewMatrix = viewMatrix;
+     Geometry& installedGeo = fGeoData.push_back();
+@@ -126,6 +127,11 @@ DrawAtlasOpImpl::DrawAtlasOpImpl(GrProcessorSet* processorSet, const SkPMColor4f
+         vertexStride += sizeof(GrColor);
+     }
+ 
+    // Bail out if we'd overflow from a really large draw
+    if (spriteCount > SK_MaxS32 / static_cast<int>(4 * vertexStride)) {
+        return;
+    }
+
+     // Compute buffer size and alloc buffer
+     fQuadCount = spriteCount;
+     int allocSize = static_cast<int>(4 * vertexStride * spriteCount);
--- a/patches/v8/.patches
+++ b/patches/v8/.patches
@@ -5,3 +5,4 @@ revert_api_cleanup_remove_setaccessor_and_setnativedataproperty.patch
 spill_all_loop_inputs_before_entering_loop.patch
 cherry-pick-9542895cdd3d.patch
 cherry-pick-81155a8f3b20.patch
+cherry-pick-f612d9a40b19.patch
--- a/patches/v8/cherry-pick-f612d9a40b19.patch
+++ b/patches/v8/cherry-pick-f612d9a40b19.patch
@@ -0,0 +1,29 @@
+From 0000000000000000000000000000000000000000 Mon Sep 17 00:00:00 2001
+From: Thibaud Michaud <thibaudm@chromium.org>
+Date: Tue, 17 Sep 2024 16:49:30 +0200
+Subject: Check strict type equality for Tag imports
+
+R=manoskouk@chromium.org
+
+Fixed: 365802567
+Change-Id: I38d70f157f9a78fe56eb0c377776dfe794872473
+Reviewed-on: https://chromium-review.googlesource.com/c/v8/v8/+/5868875
+Commit-Queue: Thibaud Michaud <thibaudm@chromium.org>
+Reviewed-by: Manos Koukoutos <manoskouk@chromium.org>
+Cr-Commit-Position: refs/heads/main@{#96143}
+
+diff --git a/src/wasm/wasm-objects.cc b/src/wasm/wasm-objects.cc
+index 85dca1183a22039732def26e473b42645c497856..9b24adc335fc0326041cf60117212134ae955762 100644
+--- a/src/wasm/wasm-objects.cc
+++ b/src/wasm/wasm-objects.cc
+@@ -1843,8 +1843,8 @@ Handle<WasmTagObject> WasmTagObject::New(Isolate* isolate,
+ }
+ 
+ bool WasmTagObject::MatchesSignature(uint32_t expected_canonical_type_index) {
+-  return wasm::GetWasmEngine()->type_canonicalizer()->IsCanonicalSubtype(
+-      this->canonical_type_index(), expected_canonical_type_index);
+  return static_cast<uint32_t>(this->canonical_type_index()) ==
+         expected_canonical_type_index;
+ }
+ 
+ const wasm::FunctionSig* WasmCapiFunction::GetSignature(Zone* zone) const {
				`@@ -0,0 +1 @@`
				`m126-lts_ganesh_avoid_int_overflow_in_drawatlasopimpl.patch`