diff --git a/backports/electron/0001-src-fix-HasOnly-capability-in-node-credentials.patch b/backports/electron/0001-src-fix-HasOnly-capability-in-node-credentials.patch new file mode 100644 index 0000000..616f0f0 --- /dev/null +++ b/backports/electron/0001-src-fix-HasOnly-capability-in-node-credentials.patch @@ -0,0 +1,55 @@ +From 0a26dd24fd73f5f5a34b4ba8d1441dbf3a426b3c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Tobias=20Nie=C3=9Fen?= +Date: Sat, 4 Nov 2023 00:39:57 +0000 +Subject: [PATCH 1/6] src: fix HasOnly(capability) in node::credentials + +SYS_capget with _LINUX_CAPABILITY_VERSION_3 returns the process's +permitted capabilities as two 32-bit values. To determine if the only +permitted capability is indeed CAP_NET_BIND_SERVICE, it is necessary to +check both of those values. + +Not doing so creates a vulnerability that potentially allows +unprivileged users to inject code into a privileged Node.js process +through environment variables such as NODE_OPTIONS. + +PR-URL: https://github.com/nodejs-private/node-private/pull/505 +Reviewed-By: Rafael Gonzaga +CVE-ID: CVE-2024-21892 +--- + src/node_credentials.cc | 13 ++++++------- + 1 file changed, 6 insertions(+), 7 deletions(-) + +diff --git a/third_party/electron_node/src/node_credentials.cc b/third_party/electron_node/src/node_credentials.cc +index 52abaab7a6..f2980007b9 100644 +--- a/third_party/electron_node/src/node_credentials.cc ++++ b/third_party/electron_node/src/node_credentials.cc +@@ -52,7 +52,7 @@ namespace credentials { + bool HasOnly(int capability) { + DCHECK(cap_valid(capability)); + +- struct __user_cap_data_struct cap_data[2]; ++ struct __user_cap_data_struct cap_data[_LINUX_CAPABILITY_U32S_3]; + struct __user_cap_header_struct cap_header_data = { + _LINUX_CAPABILITY_VERSION_3, + getpid()}; +@@ -61,12 +61,11 @@ bool HasOnly(int capability) { + if (syscall(SYS_capget, &cap_header_data, &cap_data) != 0) { + return false; + } +- if (capability < 32) { +- return cap_data[0].permitted == +- static_cast(CAP_TO_MASK(capability)); +- } +- return cap_data[1].permitted == +- static_cast(CAP_TO_MASK(capability)); ++ ++ static_assert(arraysize(cap_data) == 2); ++ return cap_data[CAP_TO_INDEX(capability)].permitted == ++ static_cast(CAP_TO_MASK(capability)) && ++ cap_data[1 - CAP_TO_INDEX(capability)].permitted == 0; + } + #endif + +-- +2.43.1 + diff --git a/backports/electron/0002-http-add-maximum-chunk-extension-size.patch b/backports/electron/0002-http-add-maximum-chunk-extension-size.patch new file mode 100644 index 0000000..fec3ff6 --- /dev/null +++ b/backports/electron/0002-http-add-maximum-chunk-extension-size.patch @@ -0,0 +1,273 @@ +From 01d3bb793a5ef3bf0a36dde868626869e09fb558 Mon Sep 17 00:00:00 2001 +From: Paolo Insogna +Date: Wed, 3 Jan 2024 07:23:15 +0100 +Subject: [PATCH] http: add maximum chunk extension size + +PR-URL: https://github.com/nodejs-private/node-private/pull/519 +Fixes: https://hackerone.com/reports/2233486 +Reviewed-By: Matteo Collina +Reviewed-By: Marco Ippolito +Reviewed-By: Rafael Gonzaga +CVE-ID: CVE-2024-22019 +--- + doc/api/errors.md | 12 ++ + lib/_http_server.js | 8 ++ + src/node_http_parser.cc | 23 ++- + .../test-http-chunk-extensions-limit.js | 131 ++++++++++++++++++ + 4 files changed, 171 insertions(+), 3 deletions(-) + create mode 100644 test/parallel/test-http-chunk-extensions-limit.js + +diff --git a/third_party/electron_node/doc/api/errors.md b/third_party/electron_node/doc/api/errors.md +index 95ad3c9c671..9429baff516 100644 +--- a/third_party/electron_node/doc/api/errors.md ++++ b/third_party/electron_node/doc/api/errors.md +@@ -3140,6 +3140,18 @@ malconfigured clients, if more than 8 KiB of HTTP header data is received then + HTTP parsing will abort without a request or response object being created, and + an `Error` with this code will be emitted. + ++ ++ ++### `HPE_CHUNK_EXTENSIONS_OVERFLOW` ++ ++ ++ ++Too much data was received for a chunk extensions. In order to protect against ++malicious or malconfigured clients, if more than 16 KiB of data is received ++then an `Error` with this code will be emitted. ++ + + + ### `HPE_UNEXPECTED_CONTENT_LENGTH` +diff --git a/third_party/electron_node/lib/_http_server.js b/third_party/electron_node/lib/_http_server.js +index c62ea175995..c512653e60e 100644 +--- a/third_party/electron_node/lib/_http_server.js ++++ b/third_party/electron_node/lib/_http_server.js +@@ -857,6 +857,11 @@ const requestHeaderFieldsTooLargeResponse = Buffer.from( + 'Connection: close\r\n\r\n', 'ascii', + ); + ++const requestChunkExtensionsTooLargeResponse = Buffer.from( ++ `HTTP/1.1 413 ${STATUS_CODES[413]}\r\n` + ++ 'Connection: close\r\n\r\n', 'ascii', ++); ++ + function warnUnclosedSocket() { + if (warnUnclosedSocket.emitted) { + return; +@@ -892,6 +897,9 @@ function socketOnError(e) { + case 'HPE_HEADER_OVERFLOW': + response = requestHeaderFieldsTooLargeResponse; + break; ++ case 'HPE_CHUNK_EXTENSIONS_OVERFLOW': ++ response = requestChunkExtensionsTooLargeResponse; ++ break; + case 'ERR_HTTP_REQUEST_TIMEOUT': + response = requestTimeoutResponse; + break; +diff --git a/third_party/electron_node/src/node_http_parser.cc b/third_party/electron_node/src/node_http_parser.cc +index a12d89c3cd6..c190eace435 100644 +--- a/third_party/electron_node/src/node_http_parser.cc ++++ b/third_party/electron_node/src/node_http_parser.cc +@@ -79,6 +79,8 @@ const uint32_t kOnExecute = 5; + const uint32_t kOnTimeout = 6; + // Any more fields than this will be flushed into JS + const size_t kMaxHeaderFieldsCount = 32; ++// Maximum size of chunk extensions ++const size_t kMaxChunkExtensionsSize = 16384; + + const uint32_t kLenientNone = 0; + const uint32_t kLenientHeaders = 1 << 0; +@@ -261,6 +263,7 @@ class Parser : public AsyncWrap, public StreamListener { + + num_fields_ = num_values_ = 0; + headers_completed_ = false; ++ chunk_extensions_nread_ = 0; + last_message_start_ = uv_hrtime(); + url_.Reset(); + status_message_.Reset(); +@@ -516,9 +519,22 @@ class Parser : public AsyncWrap, public StreamListener { + return 0; + } + +- // Reset nread for the next chunk ++ int on_chunk_extension(const char* at, size_t length) { ++ chunk_extensions_nread_ += length; ++ ++ if (chunk_extensions_nread_ > kMaxChunkExtensionsSize) { ++ llhttp_set_error_reason(&parser_, ++ "HPE_CHUNK_EXTENSIONS_OVERFLOW:Chunk extensions overflow"); ++ return HPE_USER; ++ } ++ ++ return 0; ++ } ++ ++ // Reset nread for the next chunk and also reset the extensions counter + int on_chunk_header() { + header_nread_ = 0; ++ chunk_extensions_nread_ = 0; + return 0; + } + +@@ -986,6 +1002,7 @@ class Parser : public AsyncWrap, public StreamListener { + bool headers_completed_ = false; + bool pending_pause_ = false; + uint64_t header_nread_ = 0; ++ uint64_t chunk_extensions_nread_ = 0; + uint64_t max_http_header_size_; + uint64_t last_message_start_; + ConnectionsList* connectionsList_; +@@ -1164,9 +1181,9 @@ const llhttp_settings_t Parser::settings = { + Proxy::Raw, + + // on_chunk_extension_name +- nullptr, ++ Proxy::Raw, + // on_chunk_extension_value +- nullptr, ++ Proxy::Raw, + + Proxy::Raw, + Proxy::Raw, +diff --git a/third_party/electron_node/test/parallel/test-http-chunk-extensions-limit.js b/third_party/electron_node/test/parallel/test-http-chunk-extensions-limit.js +new file mode 100644 +index 00000000000..6868b3da6cb +--- /dev/null ++++ b/third_party/electron_node/test/parallel/test-http-chunk-extensions-limit.js +@@ -0,0 +1,131 @@ ++'use strict'; ++ ++const common = require('../common'); ++const http = require('http'); ++const net = require('net'); ++const assert = require('assert'); ++ ++// Verify that chunk extensions are limited in size when sent all together. ++{ ++ const server = http.createServer((req, res) => { ++ req.on('end', () => { ++ res.writeHead(200, { 'Content-Type': 'text/plain' }); ++ res.end('bye'); ++ }); ++ ++ req.resume(); ++ }); ++ ++ server.listen(0, () => { ++ const sock = net.connect(server.address().port); ++ let data = ''; ++ ++ sock.on('data', (chunk) => data += chunk.toString('utf-8')); ++ ++ sock.on('end', common.mustCall(function() { ++ assert.strictEqual(data, 'HTTP/1.1 413 Payload Too Large\r\nConnection: close\r\n\r\n'); ++ server.close(); ++ })); ++ ++ sock.end('' + ++ 'GET / HTTP/1.1\r\n' + ++ 'Host: localhost:8080\r\n' + ++ 'Transfer-Encoding: chunked\r\n\r\n' + ++ '2;' + 'A'.repeat(20000) + '=bar\r\nAA\r\n' + ++ '0\r\n\r\n' ++ ); ++ }); ++} ++ ++// Verify that chunk extensions are limited in size when sent in intervals. ++{ ++ const server = http.createServer((req, res) => { ++ req.on('end', () => { ++ res.writeHead(200, { 'Content-Type': 'text/plain' }); ++ res.end('bye'); ++ }); ++ ++ req.resume(); ++ }); ++ ++ server.listen(0, () => { ++ const sock = net.connect(server.address().port); ++ let remaining = 20000; ++ let data = ''; ++ ++ const interval = setInterval( ++ () => { ++ if (remaining > 0) { ++ sock.write('A'.repeat(1000)); ++ } else { ++ sock.write('=bar\r\nAA\r\n0\r\n\r\n'); ++ clearInterval(interval); ++ } ++ ++ remaining -= 1000; ++ }, ++ common.platformTimeout(20), ++ ).unref(); ++ ++ sock.on('data', (chunk) => data += chunk.toString('utf-8')); ++ ++ sock.on('end', common.mustCall(function() { ++ assert.strictEqual(data, 'HTTP/1.1 413 Payload Too Large\r\nConnection: close\r\n\r\n'); ++ server.close(); ++ })); ++ ++ sock.write('' + ++ 'GET / HTTP/1.1\r\n' + ++ 'Host: localhost:8080\r\n' + ++ 'Transfer-Encoding: chunked\r\n\r\n' + ++ '2;' ++ ); ++ }); ++} ++ ++// Verify the chunk extensions is correctly reset after a chunk ++{ ++ const server = http.createServer((req, res) => { ++ req.on('end', () => { ++ res.writeHead(200, { 'content-type': 'text/plain', 'connection': 'close', 'date': 'now' }); ++ res.end('bye'); ++ }); ++ ++ req.resume(); ++ }); ++ ++ server.listen(0, () => { ++ const sock = net.connect(server.address().port); ++ let data = ''; ++ ++ sock.on('data', (chunk) => data += chunk.toString('utf-8')); ++ ++ sock.on('end', common.mustCall(function() { ++ assert.strictEqual( ++ data, ++ 'HTTP/1.1 200 OK\r\n' + ++ 'content-type: text/plain\r\n' + ++ 'connection: close\r\n' + ++ 'date: now\r\n' + ++ 'Transfer-Encoding: chunked\r\n' + ++ '\r\n' + ++ '3\r\n' + ++ 'bye\r\n' + ++ '0\r\n' + ++ '\r\n', ++ ); ++ ++ server.close(); ++ })); ++ ++ sock.end('' + ++ 'GET / HTTP/1.1\r\n' + ++ 'Host: localhost:8080\r\n' + ++ 'Transfer-Encoding: chunked\r\n\r\n' + ++ '2;' + 'A'.repeat(10000) + '=bar\r\nAA\r\n' + ++ '2;' + 'A'.repeat(10000) + '=bar\r\nAA\r\n' + ++ '2;' + 'A'.repeat(10000) + '=bar\r\nAA\r\n' + ++ '0\r\n\r\n' ++ ); ++ }); ++} +-- +2.44.0 + diff --git a/backports/electron/0004-lib-update-undici-to-v5.28.3.patch b/backports/electron/0004-lib-update-undici-to-v5.28.3.patch new file mode 100644 index 0000000..a6719cd --- /dev/null +++ b/backports/electron/0004-lib-update-undici-to-v5.28.3.patch @@ -0,0 +1,46 @@ +From 6027fadc38bd33317ac1f93629c72153741fbdc8 Mon Sep 17 00:00:00 2001 +From: Matteo Collina +Date: Mon, 5 Feb 2024 17:21:04 +0100 +Subject: [PATCH 4/6] lib: update undici to v5.28.3 + +Signed-off-by: Matteo Collina +PR-URL: https://github.com/nodejs-private/node-private/pull/536 +CVE-ID: CVE-2024-24758 + +backported (just secfix part) to v18.18.x +Co-developed-by: lauren n. liberda +Signed-off-by: lauren n. liberda +--- + deps/undici/src/lib/fetch/index.js | 3 +++ + deps/undici/undici.js | 1 + + 2 files changed, 4 insertions(+) + +diff --git a/third_party/electron_node/deps/undici/src/lib/fetch/index.js b/third_party/electron_node/deps/undici/src/lib/fetch/index.js +index 9f09670f82..5ef7a3f069 100644 +--- a/third_party/electron_node/deps/undici/src/lib/fetch/index.js ++++ b/third_party/electron_node/deps/undici/src/lib/fetch/index.js +@@ -1201,6 +1201,9 @@ async function httpRedirectFetch (fetchParams, response) { + // https://fetch.spec.whatwg.org/#cors-non-wildcard-request-header-name + request.headersList.delete('authorization') + ++ // https://fetch.spec.whatwg.org/#authentication-entries ++ request.headersList.delete('proxy-authorization', true) ++ + // "Cookie" and "Host" are forbidden request-headers, which undici doesn't implement. + request.headersList.delete('cookie') + request.headersList.delete('host') +diff --git a/third_party/electron_node/deps/undici/undici.js b/third_party/electron_node/deps/undici/undici.js +index 0c3dc7ebfc..84a3d63ca1 100644 +--- a/third_party/electron_node/deps/undici/undici.js ++++ b/third_party/electron_node/deps/undici/undici.js +@@ -9679,6 +9679,7 @@ var require_fetch = __commonJS({ + } + if (!sameOrigin(requestCurrentURL(request), locationURL)) { + request.headersList.delete("authorization"); ++ request.headersList.delete("proxy-authorization", true); + request.headersList.delete("cookie"); + request.headersList.delete("host"); + } +-- +2.43.1 + diff --git a/backports/electron/0005-zlib-pause-stream-if-outgoing-buffer-is-full.patch b/backports/electron/0005-zlib-pause-stream-if-outgoing-buffer-is-full.patch new file mode 100644 index 0000000..96f55cb --- /dev/null +++ b/backports/electron/0005-zlib-pause-stream-if-outgoing-buffer-is-full.patch @@ -0,0 +1,146 @@ +From c7201faa5a436566c01f8fa60ad58d631430850b Mon Sep 17 00:00:00 2001 +From: Matteo Collina +Date: Tue, 6 Feb 2024 16:47:20 +0100 +Subject: [PATCH 5/6] zlib: pause stream if outgoing buffer is full + +Signed-off-by: Matteo Collina +PR-URL: https://github.com/nodejs-private/node-private/pull/540 +Reviewed-By: Robert Nagy +Ref: https://hackerone.com/reports/2284065 +PR-URL: https://github.com/nodejs-private/node-private/pull/542 +CVE-ID: CVE-2024-22025 +--- + lib/zlib.js | 33 +++++++++++++++++++------- + test/parallel/test-zlib-brotli-16GB.js | 22 +++++++++++++++++ + test/parallel/test-zlib-params.js | 24 ++++++++++++------- + 3 files changed, 62 insertions(+), 17 deletions(-) + create mode 100644 test/parallel/test-zlib-brotli-16GB.js + +diff --git a/third_party/electron_node/lib/zlib.js b/third_party/electron_node/lib/zlib.js +index 2b90c6f91f..5e6a979370 100644 +--- a/third_party/electron_node/lib/zlib.js ++++ b/third_party/electron_node/lib/zlib.js +@@ -560,10 +560,11 @@ function processCallback() { + self.bytesWritten += inDelta; + + const have = handle.availOutBefore - availOutAfter; ++ let streamBufferIsFull = false; + if (have > 0) { + const out = self._outBuffer.slice(self._outOffset, self._outOffset + have); + self._outOffset += have; +- self.push(out); ++ streamBufferIsFull = !self.push(out); + } else { + assert(have === 0, 'have should not go down'); + } +@@ -588,13 +589,29 @@ function processCallback() { + handle.inOff += inDelta; + handle.availInBefore = availInAfter; + +- this.write(handle.flushFlag, +- this.buffer, // in +- handle.inOff, // in_off +- handle.availInBefore, // in_len +- self._outBuffer, // out +- self._outOffset, // out_off +- self._chunkSize); // out_len ++ ++ if (!streamBufferIsFull) { ++ this.write(handle.flushFlag, ++ this.buffer, // in ++ handle.inOff, // in_off ++ handle.availInBefore, // in_len ++ self._outBuffer, // out ++ self._outOffset, // out_off ++ self._chunkSize); // out_len ++ } else { ++ const oldRead = self._read; ++ self._read = (n) => { ++ self._read = oldRead; ++ this.write(handle.flushFlag, ++ this.buffer, // in ++ handle.inOff, // in_off ++ handle.availInBefore, // in_len ++ self._outBuffer, // out ++ self._outOffset, // out_off ++ self._chunkSize); // out_len ++ self._read(n); ++ }; ++ } + return; + } + +diff --git a/third_party/electron_node/test/parallel/test-zlib-brotli-16GB.js b/third_party/electron_node/test/parallel/test-zlib-brotli-16GB.js +new file mode 100644 +index 0000000000..ba4f7ef5ae +--- /dev/null ++++ b/third_party/electron_node/test/parallel/test-zlib-brotli-16GB.js +@@ -0,0 +1,22 @@ ++'use strict'; ++ ++const common = require('../common'); ++const { createBrotliDecompress } = require('node:zlib'); ++const strictEqual = require('node:assert').strictEqual; ++ ++// This tiny HEX string is a 16GB file. ++// This test verifies that the stream actually stops. ++/* eslint-disable max-len */ ++const content = 'cfffff7ff82700e2b14020f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c32200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bffcfffff7ff82700e2b00040f7fe9ffffffff04f00c4610180eefd3fffffffe19f0088c30200ddfb7ffeffffc33f0110870500baf7fffcffff877f02200e0b0074effff9ffff0fff04401c1600e8defff3ffff1ffe0980382c00d0bdffe7ffff3ffc1300715800a07bff3f'; ++ ++const buf = Buffer.from(content, 'hex'); ++ ++const decoder = createBrotliDecompress(); ++decoder.end(buf); ++ ++// We need to wait to verify that the libuv thread pool had time ++// to process the data and the buffer is not empty. ++setTimeout(common.mustCall(() => { ++ // There is only one chunk in the buffer ++ strictEqual(decoder._readableState.buffer.length, 1); ++}), common.platformTimeout(100)); +diff --git a/third_party/electron_node/test/parallel/test-zlib-params.js b/third_party/electron_node/test/parallel/test-zlib-params.js +index 30d4f133ad..18271fe022 100644 +--- a/third_party/electron_node/test/parallel/test-zlib-params.js ++++ b/third_party/electron_node/test/parallel/test-zlib-params.js +@@ -12,23 +12,29 @@ const deflater = zlib.createDeflate(opts); + const chunk1 = file.slice(0, chunkSize); + const chunk2 = file.slice(chunkSize); + const blkhdr = Buffer.from([0x00, 0x5a, 0x82, 0xa5, 0x7d]); +-const expected = Buffer.concat([blkhdr, chunk2]); +-let actual; ++const blkftr = Buffer.from('010000ffff7dac3072', 'hex'); ++const expected = Buffer.concat([blkhdr, chunk2, blkftr]); ++const bufs = []; ++ ++function read() { ++ let buf; ++ while ((buf = deflater.read()) !== null) { ++ bufs.push(buf); ++ } ++} + + deflater.write(chunk1, function() { + deflater.params(0, zlib.constants.Z_DEFAULT_STRATEGY, function() { + while (deflater.read()); +- deflater.end(chunk2, function() { +- const bufs = []; +- let buf; +- while ((buf = deflater.read()) !== null) +- bufs.push(buf); +- actual = Buffer.concat(bufs); +- }); ++ ++ deflater.on('readable', read); ++ ++ deflater.end(chunk2); + }); + while (deflater.read()); + }); + + process.once('exit', function() { ++ const actual = Buffer.concat(bufs); + assert.deepStrictEqual(actual, expected); + }); +-- +2.43.1 + diff --git a/backports/electron/0006-deps-fix-GHSA-f74f-cvh7-c6q6-CVE-2024-24806.patch b/backports/electron/0006-deps-fix-GHSA-f74f-cvh7-c6q6-CVE-2024-24806.patch new file mode 100644 index 0000000..2d7ba8c --- /dev/null +++ b/backports/electron/0006-deps-fix-GHSA-f74f-cvh7-c6q6-CVE-2024-24806.patch @@ -0,0 +1,74 @@ +From 4c475d0047768f2d3cec4fe628d85d601374c2fe Mon Sep 17 00:00:00 2001 +From: Santiago Gimeno +Date: Thu, 8 Feb 2024 00:17:40 +0100 +Subject: [PATCH 6/6] deps: fix GHSA-f74f-cvh7-c6q6/CVE-2024-24806 + +Refs: https://github.com/libuv/libuv/security/advisories/GHSA-f74f-cvh7-c6q6 +PR-URL: https://github.com/nodejs/node/pull/51614 +--- + deps/uv/src/idna.c | 8 ++++++-- + deps/uv/test/test-idna.c | 7 ++++++- + 2 files changed, 12 insertions(+), 3 deletions(-) + +diff --git a/third_party/electron_node/deps/uv/src/idna.c b/third_party/electron_node/deps/uv/src/idna.c +index 93d982ca01..858b19d00e 100644 +--- a/third_party/electron_node/deps/uv/src/idna.c ++++ b/third_party/electron_node/deps/uv/src/idna.c +@@ -274,6 +274,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) { + char* ds; + int rc; + ++ if (s == se) ++ return UV_EINVAL; ++ + ds = d; + + si = s; +@@ -308,8 +311,9 @@ long uv__idna_toascii(const char* s, const char* se, char* d, char* de) { + return rc; + } + +- if (d < de) +- *d++ = '\0'; ++ if (d >= de) ++ return UV_EINVAL; + ++ *d++ = '\0'; + return d - ds; /* Number of bytes written. */ + } +diff --git a/third_party/electron_node/deps/uv/test/test-idna.c b/third_party/electron_node/deps/uv/test/test-idna.c +index f4fad9653d..37da38de2d 100644 +--- a/third_party/electron_node/deps/uv/test/test-idna.c ++++ b/third_party/electron_node/deps/uv/test/test-idna.c +@@ -99,6 +99,7 @@ TEST_IMPL(utf8_decode1) { + TEST_IMPL(utf8_decode1_overrun) { + const char* p; + char b[1]; ++ char c[1]; + + /* Single byte. */ + p = b; +@@ -112,6 +113,10 @@ TEST_IMPL(utf8_decode1_overrun) { + ASSERT_EQ((unsigned) -1, uv__utf8_decode1(&p, b + 1)); + ASSERT_EQ(p, b + 1); + ++ b[0] = 0x7F; ++ ASSERT_EQ(UV_EINVAL, uv__idna_toascii(b, b + 0, c, c + 1)); ++ ASSERT_EQ(UV_EINVAL, uv__idna_toascii(b, b + 1, c, c + 1)); ++ + return 0; + } + +@@ -145,8 +150,8 @@ TEST_IMPL(idna_toascii) { + /* Illegal inputs. */ + F("\xC0\x80\xC1\x80", UV_EINVAL); /* Overlong UTF-8 sequence. */ + F("\xC0\x80\xC1\x80.com", UV_EINVAL); /* Overlong UTF-8 sequence. */ ++ F("", UV_EINVAL); + /* No conversion. */ +- T("", ""); + T(".", "."); + T(".com", ".com"); + T("example", "example"); +-- +2.43.1 + diff --git a/backports/electron/APKBUILD b/backports/electron/APKBUILD index afd4439..b947920 100644 --- a/backports/electron/APKBUILD +++ b/backports/electron/APKBUILD @@ -1,11 +1,10 @@ # Maintainer: lauren n. liberda pkgname=electron -pkgver=27.1.2 +pkgver=29.3.0 _semver="${pkgver/_beta/-beta.}" pkgrel=0 -_chromium=118.0.5993.162 +_chromium=122.0.6261.156 _depot_tools=b5509953468edd0906f2dc297886939abbd2bed5 -_extra_patches=118.0.5993.11 pkgdesc="Electron cross-platform desktop toolkit" url="https://github.com/electron/electron" arch="aarch64 x86_64" # same as chromium @@ -14,19 +13,22 @@ depends="gtk+3.0 so:libudev.so.1 xdg-utils" makedepends=" alsa-lib-dev aom-dev + base64-dev bash brotli-dev bsd-compat-headers bzip2-dev c-ares-dev cairo-dev - clang16-dev + clang-dev clang-extra-tools compiler-rt + crc32c-dev cups-dev curl-dev dav1d-dev dbus-glib-dev + double-conversion-dev eudev-dev ffmpeg-dev findutils @@ -38,23 +40,26 @@ makedepends=" gn gzip harfbuzz-dev + hdrhistogram-c-dev + highway-dev hunspell-dev http-parser-dev hwdata-dev java-jdk jpeg-dev - jsoncpp-dev krb5-dev lcms2-dev libarchive-tools libavif-dev libbsd-dev libcap-dev + libdrm-dev libevent-dev libexif-dev libgcrypt-dev libjpeg-turbo-dev libnotify-dev + libsecret-dev libusb-dev libva-dev libwebp-dev @@ -67,31 +72,30 @@ makedepends=" libxslt-dev linux-headers lld - llvm16 + llvm mesa-dev minizip-dev nghttp2-dev nodejs npm nss-dev + openh264-dev opus-dev pciutils-dev perl pipewire-dev pulseaudio-dev py3-httplib2 + py3-jinja2 py3-parsing py3-six python3 qt5-qtbase-dev - re2-dev rsync rust samurai - snappy-dev speex-dev sqlite-dev - woff2-dev xcb-proto yarn zlib-dev @@ -99,30 +103,47 @@ makedepends=" " subpackages="$pkgname-lang $pkgname-dev" # the lower patches are specific to electron, the top ones are from the equivalent chromium version -source="https://s3.sakamoto.pl/lnl-aports-snapshots/electron-$_semver-$_chromium.tar.zst - https://gitlab.com/Matt.Jolly/chromium-patches/-/archive/$_extra_patches/chromium-patches-$_extra_patches.tar.gz +source="https://ab-sn.lnl.gay/electron-$_semver-$_chromium.tar.zst + chromium-icu-74.patch chromium-revert-drop-of-system-java.patch - chromium-use-alpine-target.patch + compiler.patch + disable-failing-tests.patch + fc-cache-version.patch fix-missing-cstdint-include-musl.patch + fix-opus.patch + fstatat-32bit.patch gdbinit.patch + generic-sensor-include.patch import-version.patch libstdc++13.patch mman.patch + musl-auxv.patch musl-sandbox.patch musl-tid-caching.patch musl-v8-monotonic-pthread-cont_timedwait.patch no-execinfo.patch no-mallinfo.patch - no-mte.patch no-res-ninit-nclose.patch no-sandbox-settls.patch + partalloc-no-tagging-arm64.patch + perfetto-libstdc++.patch + pvalloc.patch + random-fixes.patch + quiche-array.patch + system-zstd.patch temp-failure-retry.patch + yes-musl.patch + disable-dns_config_service.patch icon.patch python-jinja-3.10.patch - vector-const.patch webpack-hash.patch - chromium-icu-74.patch + unbundle-node.patch + 0001-src-fix-HasOnly-capability-in-node-credentials.patch + 0002-http-add-maximum-chunk-extension-size.patch + 0004-lib-update-undici-to-v5.28.3.patch + 0005-zlib-pause-stream-if-outgoing-buffer-is-full.patch + 0006-deps-fix-GHSA-f74f-cvh7-c6q6-CVE-2024-24806.patch default.conf electron.desktop @@ -135,23 +156,31 @@ builddir="$srcdir/electron-$_semver-$_chromium" export PATH="$PATH:/usr/lib/qt5/bin" # clang uses much less memory (and this doesn't support gcc) -export CC=clang-16 -export CXX=clang++-16 +export CC=clang +export CXX=clang++ # required to find the tools -export AR=llvm16-ar -export NM=llvm16-nm -export LD=clang++-16 +export AR=llvm-ar +export NM=llvm-nm +export LD=clang++ # less log spam, reproducible export CFLAGS="${CFLAGS/-g/} -O2 -Wno-unknown-warning-option -Wno-builtin-macro-redefined -Wno-deprecated-declarations" export CXXFLAGS="${CXXFLAGS/-g/} -O2 -Wno-unknown-warning-option -Wno-builtin-macro-redefined -Wno-deprecated-declarations" export CPPFLAGS="${CPPFLAGS/-g/} -D__DATE__= -D__TIME__= -D__TIMESTAMP__=" +case "$CARCH" in + aarch64|arm*|riscv64) + # not supported by clang here + export CFLAGS="${CFLAGS/-fstack-clash-protection}" + export CXXFLAGS="${CXXFLAGS/-fstack-clash-protection}" + ;; +esac # breaks chromium-based stuff export CXXFLAGS="${CXXFLAGS/-D_GLIBCXX_ASSERTIONS=1}" # creates a dist tarball that does not need to git clone everything at build time. +_distbucket="sakamoto/lnl-aports-snapshots/" snapshot() { deps # vpython3 execs system python3 with this set @@ -159,14 +188,6 @@ snapshot() { export CHROMIUM_BUILDTOOLS_PATH="$srcdir/src/buildtools" mkdir -p "$srcdir" cd "$srcdir" - if ! [ -d src ]; then - git clone --branch=$_chromium --depth=1 \ - https://chromium.googlesource.com/chromium/src.git - fi - - if ! [ -d electron ]; then - git clone https://github.com/electron/electron.git - fi if ! [ -d depot_tools ]; then ( @@ -182,19 +203,18 @@ snapshot() { echo "solutions = [ { \"name\": \"src/electron\", - \"url\": \"file://$srcdir/electron@v$_semver\", + \"url\": \"https://github.com/electron/electron.git@v$_semver\", \"deps_file\": \"DEPS\", \"managed\": False, \"custom_deps\": { - \"src\": None, + \"src\": \"https://chromium.googlesource.com/chromium/src.git@$_chromium\", }, \"custom_vars\": {}, }, ]" > .gclient python3 depot_tools/gclient.py sync \ - --with_branch_heads \ - --with_tags \ + --no-history \ --nohooks python3 src/build/landmines.py @@ -206,11 +226,11 @@ snapshot() { python3 src/build/util/lastchange.py -m SKIA_COMMIT_HASH \ -s src/third_party/skia --header src/skia/ext/skia_commit_hash.h - # why? - cp -r electron/patches/ffmpeg src/electron/patches/ + # rolled newer chromium with it included + sed -i '/reland_mojom_ts_generator_handle_empty_module_path_identically_to.patch/d' src/electron/patches/chromium/.patches - python3 electron/script/apply_all_patches.py \ - electron/patches/config.json + python3 src/electron/script/apply_all_patches.py \ + src/electron/patches/config.json python3 src/tools/update_pgo_profiles.py \ --target=linux \ @@ -241,12 +261,8 @@ snapshot() { --exclude-vcs \ $pkgname-$_semver-$_chromium - zstd --auto-threads=logical --ultra --long -22 -T"${ZSTD_LIMIT:-0}" -vv $pkgname-$_semver-$_chromium.tar -} - -_extra_patch() { - msg chromium-"$1".patch - patch -Np1 < "$srcdir"/chromium-patches-"$_extra_patches"/chromium-"$1".patch + zstd --auto-threads=logical --ultra --long -22 -T"${ZSTD_LIMIT:-0}" -vv $pkgname-$_semver-$_chromium.tar -o "$SRCDEST"/$pkgname-$_semver-$_chromium.tar.zst + mcli cp "$SRCDEST"/$pkgname-$_semver-$_chromium.tar.zst "$_distbucket" } prepare() { @@ -254,12 +270,6 @@ prepare() { default_prepare - _extra_patch 118-SensorReadingField-include - _extra_patch 117-material-color-include - _extra_patch 118-system-freetype - _extra_patch 117-system-zstd - _extra_patch 118-compiler - git init -q . # link to system tools @@ -286,32 +296,37 @@ prepare() { ./update_npm_deps ) + # reusable system library settings + # libavif - https://github.com/AOMediaCodec/libavif/commit/4d2776a3 # libaom - https://aomedia.googlesource.com/aom/+/706ee36dcc82%5E%21/ - local use_system=" + # jsoncpp, re2, snappy, swiftshader-spirv, woff2 - requires use_custom_libcxx=false + local chromium_use_system=" + brotli + crc32c dav1d + double-conversion ffmpeg flac fontconfig freetype harfbuzz-ng + highway icu - jsoncpp - libavif libdrm libevent libjpeg + libsecret + libusb libwebp libxml libxslt + openh264 opus - re2 - snappy - woff2 zlib zstd " - for _lib in $use_system libjpeg_turbo; do + for _lib in $chromium_use_system jinja2 libjpeg_turbo; do msg "Removing buildscripts for system provided $_lib" find . -type f -path "*third_party/$_lib/*" \ \! -path "*third_party/$_lib/chromium/*" \ @@ -321,10 +336,39 @@ prepare() { \! -path './third_party/pdfium/third_party/freetype/include/pstables.h' \ \! -path './third_party/harfbuzz-ng/utils/hb_scoped.h' \ \! -path './third_party/crashpad/crashpad/third_party/zlib/zlib_crashpad.h' \ - \! -regex '.*\.\(gn\|gni\|isolate\|py\)' \ + \! -regex '.*\.\(gn\|gni\|gyp\|gypi\|isolate\|py\)' \ -delete done + # ada - needs use_custom_libcxx=false + # llhttp - 9.x needed, 8.x in repo (2023-12-17) + local node_use_system=" + base64 + brotli + cares + corepack + histogram + nghttp2 + nghttp3 + ngtcp2 + zlib + " + # some of these are provided by system, e.g. brotli. some are from chromium, + # e.g. boringssl (as openssl). some are not in use at all (corepack) + for _lib in $node_use_system openssl; do + msg "Removing buildscripts for $_lib" + find . -type f -path "*third_party/electron_node/deps/$_lib/*" \ + \! -path "*third_party/electron_node/deps/$_lib/chromium/*" \ + \! -path "*third_party/electron_node/deps/$_lib/google/*" \ + \! -regex '.*\.\(gn\|gni\|gyp\|gypi\|isolate\|py\)' \ + -delete + done + # XXX: hack. unbundle-node.patch uses this list to switch things + # in config.gypi. https://github.com/electron/electron/issues/40836 + echo $node_use_system > third_party/electron_node/use_system.txt + + rm -rf third_party/electron_node/tools/inspector_protocol/jinja2 + # https://groups.google.com/a/chromium.org/d/topic/chromium-packagers/9JX1N2nf4PU/discussion touch chrome/test/data/webui/i18n_process_css_test.html # Use the file at run time instead of effectively compiling it in @@ -333,7 +377,7 @@ prepare() { msg "Running debundle script" python3 build/linux/unbundle/replace_gn_files.py --system-libraries \ - $use_system + $chromium_use_system python3 third_party/libaddressinput/chromium/tools/update-strings.py # prevent annoying errors when regenerating gni @@ -358,8 +402,20 @@ _configure() { cd "$builddir" msg "Configuring build" + local clang_ver="$(clang -dumpversion)" + + case "$USE_CCACHE" in + 1) + local cc_wrapper="ccache" + ;; + *) + local cc_wrapper="" + ;; + esac + # shellcheck disable=2089 local gn_config=" + cc_wrapper=\"$cc_wrapper\" clang_base_path=\"/usr\" custom_toolchain=\"//build/toolchain/linux/unbundle:default\" host_toolchain=\"//build/toolchain/linux/unbundle:default\" @@ -368,6 +424,7 @@ _configure() { blink_enable_generated_code_formatting=false chrome_pgo_phase=0 clang_use_chrome_plugins=false + clang_version=\"${clang_ver%%.*}\" fatal_linker_warnings=false ffmpeg_branding=\"Chrome\" icu_use_data_file=true @@ -378,6 +435,8 @@ _configure() { is_official_build=true symbol_level=0 treat_warnings_as_errors=false + rustc_version=\"yes\" + rust_sysroot_absolute=\"/usr\" angle_enable_gl_null=false build_tflite_with_xnnpack=false @@ -387,11 +446,12 @@ _configure() { enable_library_cdms=false enable_media_remoting=false enable_nacl=false + enable_nocompile_tests=false enable_paint_preview=false enable_reading_list=false enable_remoting=false enable_reporting=false - enable_rust=false + enable_rust=true enable_screen_ai_service=false enable_service_discovery=false enable_stripping=false @@ -400,20 +460,22 @@ _configure() { link_pulseaudio=true proprietary_codecs=true + regenerate_x11_protos=true rtc_link_pipewire=true rtc_use_pipewire=true - use_custom_libcxx=false + skia_use_dawn=false + use_custom_libcxx=true use_dawn=false use_pulseaudio=true use_sysroot=false + use_system_base64=true use_system_cares=true - use_system_freetype=true - use_system_harfbuzz=true + use_system_histogram=true use_system_lcms2=true - use_system_libdrm=true use_system_libffi=true - use_system_libjpeg=true + use_system_llhttp=false use_system_nghttp2=true + use_thin_lto=false use_vaapi=true " @@ -428,8 +490,9 @@ build() { ninja -C out/Release \ electron_dist_zip \ node_gypi_headers \ - node_version_header \ - tar_headers + node_version_header + + cp -vf out/Release/gen/node_headers/include/node/config.gypi third_party/electron_node/config.gypi } package() { @@ -444,7 +507,12 @@ package() { mkdir -p "$pkgdir"/usr/include/electron - mv -v "$builddir"/out/Release/gen/node_headers "$pkgdir"/usr/include/electron + ( + cd third_party/electron_node/ + HEADERS_ONLY=1 python3 ./tools/install.py install "$pkgdir" "/usr/include/electron/node_headers" + ) + # required overrides + install -Dm644 out/Release/gen/node_headers/include/node/* -t "$pkgdir"/usr/include/electron/node_headers/include/node ln -sv /usr/include/electron/node_headers/include/node "$pkgdir"/usr/include/electron/node mkdir -p "$pkgdir"/usr/include/electron/node_headers/include/nan @@ -470,30 +538,47 @@ lang() { } sha512sums=" -07f653f24e7fe1ef96a0ff676fa3c987fd0826980b5e9611705cb7fc44f00182fa62e67e67c6df5a3b1b4c063d99a3266054a83aa67fb44b11ffffcd8e23c3eb electron-27.1.2-118.0.5993.162.tar.zst -194c3a7a0fa03a85df6fe52ece3d53d4d15b9d0cb440b56a2ccb1b5c0d3f6481b6f7287aa705c596ceea92d475677ddaf58926f3b31c03a3c20e80ad7e481ce7 chromium-patches-118.0.5993.11.tar.gz +aef4dc07d9924892472637f95485ac0e9ab6216a9da5b290d105d82e8688fc45643515e43a41aee6e002ec4dbce512ae11c8ebe171d6629741cf1587bdda8a5b electron-29.3.0-122.0.6261.156.tar.zst +4c540972fa12acd9f0aafb8dc7e9987c3d6e4f28ff679dde522ebcec2dc5ae1a62d9d255bed0a30b9c79ae3b90ab0f5b9ae1ef5b7bf338612e28d9ef70250ca3 chromium-icu-74.patch 29bb685e03356a77df5fd347cdf55194cc8b3265c421cc76e54d64edefc329dbcb052deb26b22e8f587ce68456876c071de1b7d258dd0fcc6ee66c875ec4a020 chromium-revert-drop-of-system-java.patch -fa291e941076146d0edd5b96c088240a44a6e0aca3dfc744929655607182d2dc47e6c35ecb419f7c623fcf7f26dc3c4dd924dbf5ed10c3b986283f5ef2f72573 chromium-use-alpine-target.patch +c116ad6325a79b799b6c56312891d5b3d2f0d0c1c3e2c03f339144b3f93b871db190f83fe5eadc5542303d61849cc362299932a2f93661198e11ba0c1e492e48 compiler.patch +111bc22fb704d97759988268a40d6b356c51b0bd7a8119a694e905ffe21850ff64e91566cd0dd0c9d62fcb46dca8acc821436c34eb0ba78be872ee4f7ec88a7b disable-failing-tests.patch +5fc5c012c1db6cf1ba82f38c6f3f4f5ca3a209e47ac708a74de379b018e0649b7694877c9571ef79002dde875ffc07b458a3355425f1c01867f362c66c2bc1bf fc-cache-version.patch 9200f78bad70e95c648a5e8392d50642190600f655c6baa366ff6467ebad52d3b3f305dad58f3610da67136f4b723557653b174ec5c25be8d8737ee04d9ee09f fix-missing-cstdint-include-musl.patch +b24563e9a738c00fce7ff2fbdee3d7c024d9125d7c74d9ab90af6bdb16f7ec8419f2c8aa78c0640f6d5d81c17dc2c673a194401d354f466749672729b48ed068 fix-opus.patch +c63dee5044353eb306a39ca1526158c0f003ab310ecb03d1c368dc2a979454590c84b8d3c15484517d5e66bb8add9b231da9abbadf2e50850abd72ac1345c4ab fstatat-32bit.patch 33ee60863cc438ef57ffef92ba4cf67a856a5ffc16138bce241bcf87e47b15154aa86918e793c26f7ec4dc62a445257ad5673ed7001daf22c4043cf6cc57da7f gdbinit.patch +36a764fa73443b47d38050b52dbe6ad2fa8d67201ff4ccdbad13b52308ef165ca046aac6f9609fe35890a6485f0f3e672e78cc41e3e44f3cdc7f145e540524e8 generic-sensor-include.patch 8de65109ece27ea63bd469f2220c56b8c752ba0a50fdf390082a2d5ae74b8e010199126175569f6d5084270dd4e0571e68aec32c0bca8211a6699925b3a09124 import-version.patch -49851d42ce8ccd533d01d1bb2477930802b0bcebab8dd52f2da292088378c6ed9b74146e7dad55edfe096281fc84b2c55abaf832744fd4553a97c38ed891df3a libstdc++13.patch -0e991842e23a4b9133898125eeb39e45e3f86f886eef5d2f0d9a72ee143a3e124b3b4f60be94edd57ce4185bcd69704edb51f76d08fdb6207f5559a08dd41ab0 mman.patch +993ce46dcd2c9e406d18d7af834e6e8cc4227bdba32c0b1804bb0489e11b47467557895281facf110abdb6aacf493b97f23bfb4f72ee95a41a618c547bfcea1a libstdc++13.patch +e75f57ae34c97ca1caf15fa4b4106c6c1e79c31ed66869cf92ed9ea0c449886c9511e455047c17c1e9ad8b9a46ad4948511a4f2995a4b6030fb4d1c7ae21d038 mman.patch +99bcc7dd485b404a90c606a96addab1d900852128d44fb8cea8acc7303189ef87c89a7b0e749fd0e10c5ef5f6bf1fadeb5c16a34503cab6a59938ce2653d887e musl-auxv.patch 50c274a420bb8a7f14fcb56e40920dac8f708792a4520789b4987facea459bef88113d5a2b60fa8c57bee6e92bff3617d6b73fa305c8c44614c638971cffd440 musl-sandbox.patch e7163ac5810ac85366cef2447412287c856e3d67c6b77f219a6e5a418b1965b98e449c409424ad0704a5bded9355dd0aec3dc4585918ce5a2ab36c079707afe2 musl-tid-caching.patch 92eb002718026611f5542362ad69b67f0a398ff71b3fca5c05d55cb5c6f9f29334e5e127bb4860cfaa3fba0f0d4c901e2b98808217e7dc02e254a64a5c9521aa musl-v8-monotonic-pthread-cont_timedwait.patch -8cc774e8d84e434960222c0497ad8193ae35c0732f98d3282d5fd4b4930f914809eec97832c199517ca89ca6b9d1d011db5ce533c40c68ce5fa464609d131a23 no-execinfo.patch -b5479874d125ee95a311295f227f8881a83023ec34fded7a6160b3ae32ea3ba0f2b833a9fb264c57f3d22746b6d8b00bdc8eb2ff86c43c412d6d3b55ae15b16b no-mallinfo.patch -8a52ff52201a5e20344f5497ee2ffef0520f7b2d934be92227e49c3f2c12a94c33650eefc88a0e451a6b81d44ce197db421aaec7388e6bb1cb525a43628779d3 no-mte.patch +5eb0b83264e2c9213fb871838827eb7875c05131a42d901032d6d1f05eec98609fefac4772385046887a773daf4f1e0ee5a647e82c1c3d73aec3fcf76f887084 no-execinfo.patch +8e17101d69e23b456a9c03dc2fe95bcd56846389707ba6f4720192a9e9168406d20d9168dbebbb3a47d921ec92e478f0e390f46e6b9bb43a34dda217c6e6448b no-mallinfo.patch e4c4e5bc6f828f9c883dd418c0ba01887949c29c311f76206a1ec29f620b0c0ba0452949dc2778a9c46ea066405857536964a36436a68eecf7da7952736333cf no-res-ninit-nclose.patch 6dc4d8dc92e685dace62265a1ddb3aebc558aed54d20ff6d36b030be0c48d7e84662326c31363612492574d9a03c62653cdc21a60995b97dee1d75cae86a9f9b no-sandbox-settls.patch +d4ac7f350806b4410ccb1df3b0ad7e90a7b6d724a16919761aa2d47a6f21008c7374da528b05b754ee712b85d23adfb113c7f7b9ca2ed5b47644fe3ea0cb9119 partalloc-no-tagging-arm64.patch +8e1aca983890c78d81a6f888b2cf1aa42878d1f8523e87d63b800e1e468cbfd33e5ff6a0975775ca222fe82f30c6497da95505da01b091c8776a44c98ac86f0f perfetto-libstdc++.patch +2eb434b4fc6aee77026492644cd86772a543d9845f112a75cd4c3e1f25c9435cc31f8454c1c73223451fc9be69b86e822ff68821978f67f2fc8bcba50296d8e0 pvalloc.patch +803b8117c65132f76bec42054a4b2257a078b15b07fd08645fec2dfd51aa4e0075a9015300cd579d4ae0d757d9850b9988e080cfc2eea093f6684fdf82c4722c random-fixes.patch +86f612dd2b39602984a75b1b11c2ab8bc8cc6b4e78fae998570a777a6901ae45fdcdb22e46dd006dab703a0674e64c72cf8120af2dc5b9e78004f402c7e65358 quiche-array.patch +b3beb98b539fe160fbc493ba410ae0f68540cc4b6834f1f8ce9a22c3f4f59ef5d583ad48793e10549fd02a701f833a3969791ef4524322cd1e715ca5bf226bc8 system-zstd.patch e48693e6b7aeebf69a5acbf80d9a35defe4c23835121dfeb58b051ac7c527e758a41004f4d193274fe1b01c0bfb1dbc77b09cb6a404a3fdee507a2918afb0edb temp-failure-retry.patch -905565c10f5e5600e7d4db965c892cc45009a258e9995da958974d838ace469e1db1019195307e8807860d5b55ba6bfeea478b1f39a9b99e82c619b2816a1a22 icon.patch +914ccf649d7771f19f209ab97f99c481aebc6f66174d68e8b539f6ad4a70bc8cb0fae2df6dadbf0415958ffb3574c420fe029079dcce45f5e5add4db2e903566 yes-musl.patch +4057cc78f10bfd64092bc35a373869abb1d68b880cdbca70422f39ffd78a929c19c7728d4d4c40709aaba25581148a93ae5343e724849fd35323062ed68753fa disable-dns_config_service.patch +465107da7818b237e3c144a318ab80c3c9343b51ed38b8971ef204692d13346929becbe94cefad4c153788d3a200642143584d5ca070f6304e768ba2139c19ec icon.patch e05180199ee1d559e4e577cedd3e589844ecf40d98a86321bf1bea5607b02eeb5feb486deddae40e1005b644550331f6b8500177aa7e79bcb3750d3c1ceb76c3 python-jinja-3.10.patch -71571b15cf8bd6259b7fd22bea0e46b64890f3db776365de33fe539f26ce9ef99459e05c3dde9434c3657225bc67160abc915acd93033cb487c770c6a2a5975f vector-const.patch 2aa340854316f1284217c0ca17cbf44953684ad6c7da90815117df30928612eb9fb9ffb734b948dfc309cd25d1a67cd57f77aac2d052a3dd9aca07a3a58cbb30 webpack-hash.patch -4c540972fa12acd9f0aafb8dc7e9987c3d6e4f28ff679dde522ebcec2dc5ae1a62d9d255bed0a30b9c79ae3b90ab0f5b9ae1ef5b7bf338612e28d9ef70250ca3 chromium-icu-74.patch -07e9203b05402f81c0ded5871a845e37bdc4c09b7bb2839312396f298a9ce8196e2c24508675e3d6f695f1e2b0ff1c2c64f4e9dfff3ff5359a87cb7b9b972393 default.conf +c83914c11d9f8f6d53653f67f91020db3d25d0614380053380f85e870418e834bf590afa065b182006d535290cc91a940fe085c1200cae9ca17107faceae1989 unbundle-node.patch +85973875fb3acddabe2507e255b38fe498cf0b5fce7dcb93e389ccb7b1cae8acd5225f00fa61b7bd556f7cae5080ed03dca7263505fe8974e3fbf3a93937c555 0001-src-fix-HasOnly-capability-in-node-credentials.patch +4b32258cc05ffe43364dbb775df53d0e7749d108ac31b3642cc069860b6e28d370bcb0cee01c652baed668c2c3111fde714084d0a85acd80b5b86880a703c2b2 0002-http-add-maximum-chunk-extension-size.patch +b8ea46e2c0ad7bab6383fa3a42619be735eac67156e501b173b36e9522e8c384feb758b48276a16ac6a68b64cab8fb4cd4ed1841720ecf628bc55f45c05b58c4 0004-lib-update-undici-to-v5.28.3.patch +1dc578fad461f8dc876a1bbbd9fd8f9b235a010fcfb30986cc2654253cce84040dc6fed37fa9fa5e70933ffb9d812c677ba0150e7d6a9d2032d412f9eba7f168 0005-zlib-pause-stream-if-outgoing-buffer-is-full.patch +793d94cc5aec81eace96ca86bd70ad122d82918a521ecb8d30251c492818c19c7a020eed4dccb13d4129b61f0ca82972bd34f480ad094c45633042552bd39fe9 0006-deps-fix-GHSA-f74f-cvh7-c6q6-CVE-2024-24806.patch +e8ea87c547546011c4c8fc2de30e4f443b85cd4cfcff92808e2521d2f9ada03feefb8e1b0cf0f6b460919c146e56ef8d5ad4bb5e2461cc5247c30d92eb4d068e default.conf 191559fc7aa1ea0353c6fb0cc321ee1d5803a0e44848c8be941cfab96277b0de6a59962d373e2a2a1686c8f9be2bcf2d2f33706759a339a959e297d3f7fda463 electron.desktop -ff1844036c8ae0a0a57a16211a816bc0ad550ccf6ea1cf718e228b8c95b9c4f5c9772d1a1a23638c0e140703a7b52874371e27a0d9d54a7b9468e5c384759be5 electron-launcher.sh +5f7ba5ad005f196facec1c0f26108356b64cafb1e5cfa462ff714a33b8a4c757ac00bfcb080da09eb5b65032f8eb245d9676a61ec554515d125ed63912708648 electron-launcher.sh " diff --git a/backports/electron/chromium-use-alpine-target.patch b/backports/electron/chromium-use-alpine-target.patch deleted file mode 100644 index ae57735..0000000 --- a/backports/electron/chromium-use-alpine-target.patch +++ /dev/null @@ -1,30 +0,0 @@ -building for arm targets by default passes --target to clang, because it -assumes it's cross compiling (so passes --target as if the host is different, -instead of assuming default) - -probably also works: removing this entirely. but to be safe, pass the alpine clang host triple --- ---- a/build/config/compiler/BUILD.gn -+++ b/build/config/compiler/BUILD.gn -@@ -915,8 +915,8 @@ config("compiler_cpu_abi") { - } else if (current_cpu == "arm") { - if (is_clang && !is_android && !is_nacl && - !(is_chromeos_lacros && is_chromeos_device)) { -- cflags += [ "--target=arm-linux-gnueabihf" ] -- ldflags += [ "--target=arm-linux-gnueabihf" ] -+ cflags += [ "--target=armv7-alpine-linux-musleabihf" ] -+ ldflags += [ "--target=armv7-alpine-linux-musleabihf" ] - } - if (!is_nacl) { - cflags += [ -@@ -930,8 +930,8 @@ config("compiler_cpu_abi") { - } else if (current_cpu == "arm64") { - if (is_clang && !is_android && !is_nacl && !is_fuchsia && - !(is_chromeos_lacros && is_chromeos_device)) { -- cflags += [ "--target=aarch64-linux-gnu" ] -- ldflags += [ "--target=aarch64-linux-gnu" ] -+ cflags += [ "--target=aarch64-alpine-linux-musl" ] -+ ldflags += [ "--target=aarch64-alpine-linux-musl" ] - } - if (is_android) { - # Outline atomics crash on Exynos 9810. http://crbug.com/1272795 diff --git a/backports/electron/compiler.patch b/backports/electron/compiler.patch new file mode 100644 index 0000000..2541d19 --- /dev/null +++ b/backports/electron/compiler.patch @@ -0,0 +1,123 @@ +--- ./build/config/compiler/BUILD.gn.orig ++++ ./build/config/compiler/BUILD.gn +@@ -616,24 +618,6 @@ + } + } + +- # TODO(crbug.com/1488374): This causes binary size growth and potentially +- # other problems. +- # TODO(crbug.com/1491036): This isn't supported by Cronet's mainline llvm version. +- if (default_toolchain != "//build/toolchain/cros:target" && +- !llvm_android_mainline) { +- cflags += [ +- "-mllvm", +- "-split-threshold-for-reg-with-hint=0", +- ] +- if (use_thin_lto && is_a_target_toolchain) { +- if (is_win) { +- ldflags += [ "-mllvm:-split-threshold-for-reg-with-hint=0" ] +- } else { +- ldflags += [ "-Wl,-mllvm,-split-threshold-for-reg-with-hint=0" ] +- } +- } +- } +- + # TODO(crbug.com/1235145): Investigate why/if this should be needed. + if (is_win) { + cflags += [ "/clang:-ffp-contract=off" ] +@@ -1011,17 +998,6 @@ + # `-nodefaultlibs` from the linker invocation from Rust, which would be used + # to compile dylibs on Android, such as for constructing unit test APKs. + "-Cdefault-linker-libraries", +- +- # To make Rust .d files compatible with ninja +- "-Zdep-info-omit-d-target", +- +- # If a macro panics during compilation, show which macro and where it is +- # defined. +- "-Zmacro-backtrace", +- +- # For deterministic builds, keep the local machine's current working +- # directory from appearing in build outputs. +- "-Zremap-cwd-prefix=.", + ] + + if (!is_win || force_rustc_color_output) { +@@ -1175,8 +1151,8 @@ + } else if (current_cpu == "arm") { + if (is_clang && !is_android && !is_nacl && + !(is_chromeos_lacros && is_chromeos_device)) { +- cflags += [ "--target=arm-linux-gnueabihf" ] +- ldflags += [ "--target=arm-linux-gnueabihf" ] ++ cflags += [ "--target=armv7-alpine-linux-musleabihf" ] ++ ldflags += [ "--target=armv7-alpine-linux-musleabihf" ] + } + if (!is_nacl) { + cflags += [ +@@ -1190,8 +1166,8 @@ + } else if (current_cpu == "arm64") { + if (is_clang && !is_android && !is_nacl && !is_fuchsia && + !(is_chromeos_lacros && is_chromeos_device)) { +- cflags += [ "--target=aarch64-linux-gnu" ] +- ldflags += [ "--target=aarch64-linux-gnu" ] ++ cflags += [ "--target=aarch64-alpine-linux-musl" ] ++ ldflags += [ "--target=aarch64-alpine-linux-musl" ] + } + } else if (current_cpu == "mipsel" && !is_nacl) { + ldflags += [ "-Wl,--hash-style=sysv" ] +--- ./build/config/rust.gni.orig ++++ ./build/config/rust.gni +@@ -186,11 +186,11 @@ + rust_abi_target = "" + if (is_linux || is_chromeos) { + if (current_cpu == "arm64") { +- rust_abi_target = "aarch64-unknown-linux-gnu" ++ rust_abi_target = "aarch64-alpine-linux-musl" + } else if (current_cpu == "x86") { +- rust_abi_target = "i686-unknown-linux-gnu" ++ rust_abi_target = "i586-alpine-linux-musl" + } else if (current_cpu == "x64") { +- rust_abi_target = "x86_64-unknown-linux-gnu" ++ rust_abi_target = "x86_64-alpine-linux-musl" + } else if (current_cpu == "arm") { + if (arm_float_abi == "hard") { + float_suffix = "hf" +@@ -199,13 +199,13 @@ + } + if (arm_arch == "armv7-a" || arm_arch == "armv7") { + # No way to inform Rust about the -a suffix. +- rust_abi_target = "armv7-unknown-linux-gnueabi" + float_suffix ++ rust_abi_target = "armv7-alpine-linux-musleabi" + float_suffix + } else { +- rust_abi_target = "arm-unknown-linux-gnueabi" + float_suffix ++ rust_abi_target = "armv6-alpine-linux-musleabi" + float_suffix + } + } else { + # Best guess for other future platforms. +- rust_abi_target = current_cpu + "-unknown-linux-gnu" ++ rust_abi_target = current_cpu + "-alpine-linux-musl" + } + } else if (is_android) { + import("//build/config/android/abi.gni") +--- ./build/config/clang/BUILD.gn.orig ++++ ./build/config/clang/BUILD.gn +@@ -128,14 +128,15 @@ + } else if (is_apple) { + _dir = "darwin" + } else if (is_linux || is_chromeos) { ++ _dir = "linux" + if (current_cpu == "x64") { +- _dir = "x86_64-unknown-linux-gnu" ++ _suffix = "-x86_64" + } else if (current_cpu == "x86") { +- _dir = "i386-unknown-linux-gnu" ++ _suffix = "-i386" + } else if (current_cpu == "arm") { +- _dir = "armv7-unknown-linux-gnueabihf" ++ _suffix = "-armhf" + } else if (current_cpu == "arm64") { +- _dir = "aarch64-unknown-linux-gnu" ++ _suffix = "-aarch64" + } else { + assert(false) # Unhandled cpu type + } diff --git a/backports/electron/crbug-1407202-mediarouter-crash.patch b/backports/electron/crbug-1407202-mediarouter-crash.patch deleted file mode 100644 index 6bd5c3a..0000000 --- a/backports/electron/crbug-1407202-mediarouter-crash.patch +++ /dev/null @@ -1,372 +0,0 @@ -From d0c1f5ee1f56c165bdf550c9e3be0d7313587b80 Mon Sep 17 00:00:00 2001 -From: Elly Fong-Jones -Date: Wed, 18 Jan 2023 22:33:11 +0000 -Subject: [PATCH] media: untangle MediaRouterUI lifetimes - -Currently, MediaRouterUI is owned by MediaItemUIDeviceSelectorView. -There is an observer method named "OnControllerInvalidated" which -MediaItemUIDeviceSelectorView reacts to by deleting the MediaRouterUI it -owns. However, OnControllerInvalidated can actually be called in two -different situations: - -* From MediaRouterUI::TakeMediaRouteStarter(), in which case the - MediaRouterUI object is *not* being destroyed, but should be, because - it can't be safely used after TakeMediaRouteStarter() ends; -* From MediaRouterUI::~MediaRouterUI(), in which case the MediaRouterUI - object *is* being destroyed already and should not be. - -In the second case, only the fact that libc++ nulls out unique_ptr -before destroying the pointed-to object saves us from a use-after-free; -under libstdc++, we UaF immediately by re-entering the destructor. Even -under libc++ though this is still very dangerous, because any observers -that happened to be registered after MediaItemUIDeviceSelectorView will -be invoked after the destruction of the object they're observing. Right -now there are no such other observers, but the fact remains that this -interface is basically a UaF timebomb. - -This change separates "this object is about to be destroyed" (an -observable state) from "please destroy this object, it is no longer -useful" (a callback that is made to the object's owner) by: - -1. Renaming OnControllerInvalidated to OnControllerDestroying, to make - it very clear what is happening to the object, and -2. Adding a RegisterDestructor method to CastDialogController, which - allows MediaItemUIDeviceSelectorView to pass a callback into - MediaRouterUI which MediaRouterUI can use to arrange for its own - destruction. - -This is still a bit tangled and ungainly, but it's safe. A fuller -writeup is on the linked bug. - -Fixed: 1407202 -Change-Id: Id9410de1fbf2cb42f13957dde316b7c9259f192f -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4165967 -Reviewed-by: Peter Kasting -Reviewed-by: Takumi Fujimoto -Commit-Queue: Elly Fong-Jones -Cr-Commit-Position: refs/heads/main@{#1094110} ---- - -diff --git a/chrome/browser/ui/media_router/cast_dialog_controller.h b/chrome/browser/ui/media_router/cast_dialog_controller.h -index 2a8de976..c3c0553 100644 ---- a/chrome/browser/ui/media_router/cast_dialog_controller.h -+++ b/chrome/browser/ui/media_router/cast_dialog_controller.h -@@ -24,10 +24,12 @@ - public: - virtual ~Observer() = default; - -- virtual void OnModelUpdated(const CastDialogModel& model) = 0; -+ virtual void OnModelUpdated(const CastDialogModel& model) {} - -- // Observer should drop its reference to the controller when this is called. -- virtual void OnControllerInvalidated() = 0; -+ // Notifies observers that the observed object is being destroyed. Observers -+ // MUST NOT try to destroy the observed object in response - to manage the -+ // lifetime of a CastDialogController, use RegisterDestructor() below. -+ virtual void OnControllerDestroying() {} - }; - - virtual ~CastDialogController() = default; -@@ -55,6 +57,16 @@ - // intended that this API should only be used to transfer ownership to some - // new component that will want to start casting on this dialog box's behalf. - virtual std::unique_ptr TakeMediaRouteStarter() = 0; -+ -+ // Registers a callback for when the CastDialogController has given up -+ // ownership of its MediaRouteStarter and is no longer safe to use. The -+ // provided closure must destroy |this| or otherwise ensure it is never used -+ // again. This method can only be called once. -+ // -+ // TODO(https://crbug.com/1408494): It's awkward that CastDialogController has -+ // a state where it exists but is unsafe to use, and doubly awkward that we -+ // have to paper over that with this callback. Can that be fixed? -+ virtual void RegisterDestructor(base::OnceClosure destructor) = 0; - }; - - } // namespace media_router -diff --git a/chrome/browser/ui/media_router/media_router_ui.cc b/chrome/browser/ui/media_router/media_router_ui.cc -index 1865115f..644d131 100644 ---- a/chrome/browser/ui/media_router/media_router_ui.cc -+++ b/chrome/browser/ui/media_router/media_router_ui.cc -@@ -83,6 +83,9 @@ - MediaRouterUI::~MediaRouterUI() { - if (media_route_starter_) - DetachFromMediaRouteStarter(); -+ for (CastDialogController::Observer& observer : observers_) { -+ observer.OnControllerDestroying(); -+ } - } - - // static -@@ -145,9 +148,6 @@ - } - - void MediaRouterUI::DetachFromMediaRouteStarter() { -- for (CastDialogController::Observer& observer : observers_) -- observer.OnControllerInvalidated(); -- - media_route_starter()->RemovePresentationRequestSourceObserver(this); - media_route_starter()->RemoveMediaSinkWithCastModesObserver(this); - } -@@ -181,8 +181,16 @@ - - std::unique_ptr MediaRouterUI::TakeMediaRouteStarter() { - DCHECK(media_route_starter_) << "MediaRouteStarter already taken!"; -- DetachFromMediaRouteStarter(); -- return std::move(media_route_starter_); -+ auto starter = std::move(media_route_starter_); -+ if (destructor_) { -+ std::move(destructor_).Run(); // May destroy `this`. -+ } -+ return starter; -+} -+ -+void MediaRouterUI::RegisterDestructor(base::OnceClosure destructor) { -+ DCHECK(!destructor_); -+ destructor_ = std::move(destructor); - } - - bool MediaRouterUI::CreateRoute(const MediaSink::Id& sink_id, -diff --git a/chrome/browser/ui/media_router/media_router_ui.h b/chrome/browser/ui/media_router/media_router_ui.h -index 5c2f14e..7afe775 100644 ---- a/chrome/browser/ui/media_router/media_router_ui.h -+++ b/chrome/browser/ui/media_router/media_router_ui.h -@@ -100,8 +100,10 @@ - void StopCasting(const std::string& route_id) override; - void ClearIssue(const Issue::Id& issue_id) override; - // Note that |MediaRouterUI| should not be used after |TakeMediaRouteStarter| -- // is called. -+ // is called. To enforce that, |TakeMediaRouteStarter| calls the destructor -+ // callback given to |RegisterDestructor| to destroy itself. - std::unique_ptr TakeMediaRouteStarter() override; -+ void RegisterDestructor(base::OnceClosure destructor) override; - - // Requests a route be created from the source mapped to - // |cast_mode|, to the sink given by |sink_id|. -@@ -337,6 +339,8 @@ - raw_ptr router_; - raw_ptr logger_; - -+ base::OnceClosure destructor_; -+ - // NOTE: Weak pointers must be invalidated before all other member variables. - // Therefore |weak_factory_| must be placed at the end. - base::WeakPtrFactory weak_factory_{this}; -diff --git a/chrome/browser/ui/media_router/media_router_ui_unittest.cc b/chrome/browser/ui/media_router/media_router_ui_unittest.cc -index 2cc243d1..c33437b 100644 ---- a/chrome/browser/ui/media_router/media_router_ui_unittest.cc -+++ b/chrome/browser/ui/media_router/media_router_ui_unittest.cc -@@ -80,11 +80,11 @@ - } - - MOCK_METHOD1(OnModelUpdated, void(const CastDialogModel& model)); -- void OnControllerInvalidated() override { -+ void OnControllerDestroying() override { - controller_ = nullptr; -- OnControllerInvalidatedInternal(); -+ OnControllerDestroyingInternal(); - } -- MOCK_METHOD0(OnControllerInvalidatedInternal, void()); -+ MOCK_METHOD0(OnControllerDestroyingInternal, void()); - - private: - raw_ptr controller_ = nullptr; -@@ -295,7 +295,7 @@ - }))); - NotifyUiOnRoutesUpdated({route}); - -- EXPECT_CALL(observer, OnControllerInvalidatedInternal()); -+ EXPECT_CALL(observer, OnControllerDestroyingInternal()); - ui_.reset(); - } - -diff --git a/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view.cc b/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view.cc -index 34dad46..d843bba 100644 ---- a/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view.cc -+++ b/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view.cc -@@ -222,6 +222,11 @@ - if (cast_controller) { - cast_controller_ = std::move(cast_controller); - cast_controller_->AddObserver(this); -+ cast_controller_->RegisterDestructor( -+ base::BindOnce(&MediaItemUIDeviceSelectorView::DestroyCastController, -+ // Unretained is safe: this callback is held by -+ // cast_controller_, which is owned by this object. -+ base::Unretained(this))); - } - } - -@@ -499,10 +504,6 @@ - observer.OnMediaItemUIDeviceSelectorUpdated(device_entry_ui_map_); - } - --void MediaItemUIDeviceSelectorView::OnControllerInvalidated() { -- cast_controller_.reset(); --} -- - void MediaItemUIDeviceSelectorView::OnDeviceSelected(int tag) { - auto it = device_entry_ui_map_.find(tag); - DCHECK(it != device_entry_ui_map_.end()); -@@ -658,5 +659,9 @@ - weak_ptr_factory_.GetWeakPtr())); - } - -+void MediaItemUIDeviceSelectorView::DestroyCastController() { -+ cast_controller_.reset(); -+} -+ - BEGIN_METADATA(MediaItemUIDeviceSelectorView, views::View) - END_METADATA -diff --git a/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view.h b/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view.h -index e950565..222fc20 100644 ---- a/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view.h -+++ b/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view.h -@@ -81,7 +81,6 @@ - - // media_router::CastDialogController::Observer - void OnModelUpdated(const media_router::CastDialogModel& model) override; -- void OnControllerInvalidated() override; - - // MediaItemUIFooterView::Delegate - void OnDeviceSelected(int tag) override; -@@ -121,6 +120,7 @@ - void RecordCastDeviceCount(); - DeviceEntryUI* GetDeviceEntryUI(views::View* view) const; - void RegisterAudioDeviceCallbacks(); -+ void DestroyCastController(); - - bool has_expand_button_been_shown_ = false; - bool have_devices_been_shown_ = false; -diff --git a/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view_unittest.cc b/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view_unittest.cc -index c3bcc6cc..6ae3dde8 100644 ---- a/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view_unittest.cc -+++ b/chrome/browser/ui/views/global_media_controls/media_item_ui_device_selector_view_unittest.cc -@@ -156,6 +156,7 @@ - MOCK_METHOD1(ClearIssue, void(const media_router::Issue::Id& issue_id)); - MOCK_METHOD0(TakeMediaRouteStarter, - std::unique_ptr()); -+ MOCK_METHOD1(RegisterDestructor, void(base::OnceClosure)); - }; - - } // anonymous namespace -diff --git a/chrome/browser/ui/views/media_router/cast_dialog_coordinator_unittest.cc b/chrome/browser/ui/views/media_router/cast_dialog_coordinator_unittest.cc -index f6c80d6a..2dedc7e 100644 ---- a/chrome/browser/ui/views/media_router/cast_dialog_coordinator_unittest.cc -+++ b/chrome/browser/ui/views/media_router/cast_dialog_coordinator_unittest.cc -@@ -40,6 +40,7 @@ - MOCK_METHOD(void, StopCasting, (const std::string& route_id)); - MOCK_METHOD(void, ClearIssue, (const Issue::Id& issue_id)); - MOCK_METHOD(std::unique_ptr, TakeMediaRouteStarter, ()); -+ MOCK_METHOD(void, RegisterDestructor, (base::OnceClosure)); - }; - - class CastDialogCoordinatorTest : public TestWithBrowserView { -diff --git a/chrome/browser/ui/views/media_router/cast_dialog_view.cc b/chrome/browser/ui/views/media_router/cast_dialog_view.cc -index e3c7dadb..711d081 100644 ---- a/chrome/browser/ui/views/media_router/cast_dialog_view.cc -+++ b/chrome/browser/ui/views/media_router/cast_dialog_view.cc -@@ -125,9 +125,9 @@ - observer.OnDialogModelUpdated(this); - } - --void CastDialogView::OnControllerInvalidated() { -+void CastDialogView::OnControllerDestroying() { - controller_ = nullptr; -- // We don't destroy the dialog here because if the invalidation was caused by -+ // We don't destroy the dialog here because if the destruction was caused by - // activating the toolbar icon in order to close the dialog, then it would - // cause the dialog to immediately open again. - } -diff --git a/chrome/browser/ui/views/media_router/cast_dialog_view.h b/chrome/browser/ui/views/media_router/cast_dialog_view.h -index d87fdda..d44d4e0 100644 ---- a/chrome/browser/ui/views/media_router/cast_dialog_view.h -+++ b/chrome/browser/ui/views/media_router/cast_dialog_view.h -@@ -66,7 +66,7 @@ - - // CastDialogController::Observer: - void OnModelUpdated(const CastDialogModel& model) override; -- void OnControllerInvalidated() override; -+ void OnControllerDestroying() override; - - // views::BubbleDialogDelegateView: - void OnPaint(gfx::Canvas* canvas) override; -diff --git a/chrome/browser/ui/views/media_router/cast_dialog_view_browsertest.cc b/chrome/browser/ui/views/media_router/cast_dialog_view_browsertest.cc -index 1c584120..a7af3c8 100644 ---- a/chrome/browser/ui/views/media_router/cast_dialog_view_browsertest.cc -+++ b/chrome/browser/ui/views/media_router/cast_dialog_view_browsertest.cc -@@ -70,6 +70,7 @@ - override { - return nullptr; - } -+ void RegisterDestructor(base::OnceClosure destructor) override {} - }; - - } // namespace -diff --git a/chrome/browser/ui/views/media_router/cast_dialog_view_unittest.cc b/chrome/browser/ui/views/media_router/cast_dialog_view_unittest.cc -index 5326467..988cb07a 100644 ---- a/chrome/browser/ui/views/media_router/cast_dialog_view_unittest.cc -+++ b/chrome/browser/ui/views/media_router/cast_dialog_view_unittest.cc -@@ -91,6 +91,7 @@ - MOCK_METHOD1(StopCasting, void(const std::string& route_id)); - MOCK_METHOD1(ClearIssue, void(const Issue::Id& issue_id)); - MOCK_METHOD0(TakeMediaRouteStarter, std::unique_ptr()); -+ MOCK_METHOD1(RegisterDestructor, void(base::OnceClosure)); - }; - - class CastDialogViewTest : public ChromeViewsTestBase { -diff --git a/chrome/browser/ui/views/media_router/media_router_dialog_controller_views.cc b/chrome/browser/ui/views/media_router/media_router_dialog_controller_views.cc -index ad379b2..244d523 100644 ---- a/chrome/browser/ui/views/media_router/media_router_dialog_controller_views.cc -+++ b/chrome/browser/ui/views/media_router/media_router_dialog_controller_views.cc -@@ -51,7 +51,7 @@ - std::move(context)); - } - -- ShowGlobalMeidaControlsDialog(std::move(context)); -+ ShowGlobalMediaControlsDialog(std::move(context)); - return true; - } - -@@ -155,9 +155,20 @@ - initiator(), std::move(start_presentation_context_)) - : MediaRouterUI::CreateWithDefaultMediaSourceAndMirroring( - initiator()); -+ ui_->RegisterDestructor( -+ base::BindOnce(&MediaRouterDialogControllerViews::DestroyMediaRouterUI, -+ // Safe to use base::Unretained here: the callback being -+ // bound is held by the MediaRouterUI we are creating and -+ // owning, and ownership of |ui_| is never transferred -+ // away from this object. -+ base::Unretained(this))); - } - --void MediaRouterDialogControllerViews::ShowGlobalMeidaControlsDialog( -+void MediaRouterDialogControllerViews::DestroyMediaRouterUI() { -+ ui_.reset(); -+} -+ -+void MediaRouterDialogControllerViews::ShowGlobalMediaControlsDialog( - std::unique_ptr context) { - // Show the WebContents requesting a dialog. - initiator()->GetDelegate()->ActivateContents(initiator()); -diff --git a/chrome/browser/ui/views/media_router/media_router_dialog_controller_views.h b/chrome/browser/ui/views/media_router/media_router_dialog_controller_views.h -index 0a5fdb1..7c97211 100644 ---- a/chrome/browser/ui/views/media_router/media_router_dialog_controller_views.h -+++ b/chrome/browser/ui/views/media_router/media_router_dialog_controller_views.h -@@ -69,13 +69,14 @@ - // MediaRouterUIService::Observer: - void OnServiceDisabled() override; - -- // Initializes |ui_|. -+ // Initializes and destroys |ui_| respectively. - void InitializeMediaRouterUI(); -+ void DestroyMediaRouterUI(); - - // If there exists a media button, show the GMC dialog anchored to the media - // button. Otherwise, show the dialog anchored to the top center of the web - // contents. -- void ShowGlobalMeidaControlsDialog( -+ void ShowGlobalMediaControlsDialog( - std::unique_ptr context); - - // Returns the media button from the browser that initiates the request to diff --git a/backports/electron/default.conf b/backports/electron/default.conf index 2fb04de..41f3f03 100644 --- a/backports/electron/default.conf +++ b/backports/electron/default.conf @@ -2,4 +2,8 @@ # the electron launcher. # Options to pass to electron. -ELECTRON_FLAGS="--ozone-platform-hint=auto --enable-features=WebRTCPipeWireCapturer" +ELECTRON_FLAGS="--enable-features=WebRTCPipeWireCapturer" + +# This can be 'x11', 'wayland', or 'auto'. Overriding default to 'auto', +# but respecting the variable content if any +ELECTRON_OZONE_PLATFORM_HINT="${ELECTRON_OZONE_PLATFORM_HINT:-auto}" diff --git a/backports/electron/disable-dns_config_service.patch b/backports/electron/disable-dns_config_service.patch new file mode 100644 index 0000000..a72e1c4 --- /dev/null +++ b/backports/electron/disable-dns_config_service.patch @@ -0,0 +1,15 @@ +diff --git a/net/dns/BUILD.gn b/net/dns/BUILD.gn +index f36bf68..805d9a6 100644 +--- a/net/dns/BUILD.gn ++++ b/net/dns/BUILD.gn +@@ -130,8 +130,8 @@ source_set("dns") { + ] + } else if (is_linux) { + sources += [ +- "dns_config_service_linux.cc", +- "dns_config_service_linux.h", ++ "dns_config_service_fuchsia.cc", ++ "dns_config_service_fuchsia.h", + ] + } else if (is_posix) { + sources += [ diff --git a/backports/electron/disable-failing-tests.patch b/backports/electron/disable-failing-tests.patch new file mode 100644 index 0000000..2ee8f2b --- /dev/null +++ b/backports/electron/disable-failing-tests.patch @@ -0,0 +1,361 @@ +safesprintf emitnull: + error: conversion from 'std::nullptr_t' to 'const internal::Arg' is ambiguous + const internal::Arg arg_array[] = { args... }; + +flatmap incompletetype: + error: static assertion failed due to requirement 'std::__is_complete_or_unbounded(std::__type_identity>{})': template argument must be a complete class or an unbounded array + static_assert(std::__is_complete_or_unbounded(__type_identity<_Tp>{}), + +i18n, time: + various icu failures (new icu time formatting? internal api difference?) + a ton of these fail: + + Expected equality of these values: + u"Monday 16 May – Saturday 28 May" + Which is: u"Monday 16 May \x2013 Saturday 28 May" + DateIntervalFormat(begin_time, end_time, DATE_FORMAT_MONTH_WEEKDAY_DAY) + Which is: u"Monday 16\x2009\x2013\x2009Saturday 28 May" + + ../../base/i18n/time_formatting_unittest.cc:84: Failure + Expected equality of these values: + clock12h_pm + Which is: u"3:42 PM" + TimeFormatTimeOfDay(time) + Which is: u"3:42\x202FPM" + + .. and so on + +fileutiltest filetofile: + ../../base/files/file_util_unittest.cc:2692: Failure + Value of: stream + Actual: true + Expected: false + +stacktracetest: crashes (this doesn't seem to use execinfo so probably relies on glibc internal layout for tracing here) + +platformthreadtest canchangethreadtype: + ../../base/threading/platform_thread_unittest.cc:445: Failure + Expected equality of these values: + PlatformThread::CanChangeThreadType(ThreadType::kBackground, ThreadType::kResourceEfficient) + Which is: true + kCanIncreasePriority + Which is: false + +scopedfdownershiptrackingtest crashonunownedclose: fails due to scoped-file-no-close.patch + +stackcontainer customallocator: + ../../base/containers/stack_container_unittest.cc:211: Failure + Expected equality of these values: + 1 + Allocator::deallocated + Which is: 0 + +nativelibrarytest loadlibrarypreferownsymbols: crashes (probably musl dlopen does not play nice here) + +spantest empty: crashes (this looks fishy) + +readelfbuildid: crashes (this looks like glibc dynamic linker semantics) + +nss db unittest: various nss failures: e.g.: + ../../net/cert/nss_cert_database_unittest.cc:209: Failure + Expected equality of these values: + OK + Which is: 0 + cert_db_->ImportFromPKCS12(GetPublicSlot(), pkcs12_data, u"12345", true, nullptr) + Which is: -702 + +processutiltest cloneflags: fails in CI (ulimit? too many threads?) + ../../base/process/process_util_unittest.cc:1434: Failure + Value of: process.IsValid() + Actual: false + Expected: true + +addresstrackerlinuxnetlinktest: + ../../net/base/address_tracker_linux_unittest.cc:886: Failure + Value of: child.process.IsValid() + Actual: false + Expected: true + +ToAddressDoesNotDereference: ; Expected `get_for_extraction_cnt` to be 1 but got 0; + +DataCapturedManyThreads: flaky + +ProcessAlternativeServicesTest.Process*: crashed ? + +--- a/base/strings/safe_sprintf_unittest.cc ++++ b/base/strings/safe_sprintf_unittest.cc +@@ -740,6 +740,7 @@ + #endif + } + ++#if 0 + TEST(SafeSPrintfTest, EmitNULL) { + char buf[40]; + #if defined(__GNUC__) +@@ -756,6 +757,7 @@ + #pragma GCC diagnostic pop + #endif + } ++#endif + + TEST(SafeSPrintfTest, PointerSize) { + // The internal data representation is a 64bit value, independent of the +--- a/base/containers/flat_map_unittest.cc ++++ b/base/containers/flat_map_unittest.cc +@@ -52,6 +52,7 @@ + + } // namespace + ++#if 0 + TEST(FlatMap, IncompleteType) { + struct A { + using Map = flat_map; +@@ -65,6 +66,7 @@ + + A a; + } ++#endif + + TEST(FlatMap, RangeConstructor) { + flat_map::value_type input_vals[] = { +--- a/base/BUILD.gn ++++ b/base/BUILD.gn +@@ -3194,21 +3194,6 @@ + "hash/md5_constexpr_unittest.cc", + "hash/md5_unittest.cc", + "hash/sha1_unittest.cc", +- "i18n/break_iterator_unittest.cc", +- "i18n/case_conversion_unittest.cc", +- "i18n/char_iterator_unittest.cc", +- "i18n/character_encoding_unittest.cc", +- "i18n/file_util_icu_unittest.cc", +- "i18n/icu_string_conversions_unittest.cc", +- "i18n/icu_util_unittest.cc", +- "i18n/message_formatter_unittest.cc", +- "i18n/number_formatting_unittest.cc", +- "i18n/rtl_unittest.cc", +- "i18n/streaming_utf8_validator_unittest.cc", +- "i18n/string_search_unittest.cc", +- "i18n/time_formatting_unittest.cc", +- "i18n/timezone_unittest.cc", +- "i18n/transliterator_unittest.cc", + "immediate_crash_unittest.cc", + "json/json_parser_unittest.cc", + "json/json_reader_unittest.cc", +--- a/base/files/file_util_unittest.cc ++++ b/base/files/file_util_unittest.cc +@@ -2686,6 +2686,7 @@ + } + } + ++#if 0 + TEST_F(FileUtilTest, FileToFILE) { + File file; + FILE* stream = FileToFILE(std::move(file), "w"); +@@ -2700,6 +2701,7 @@ + EXPECT_FALSE(file.IsValid()); + EXPECT_TRUE(CloseFile(stream)); + } ++#endif + + TEST_F(FileUtilTest, FILEToFile) { + ScopedFILE stream; +--- a/base/debug/stack_trace_unittest.cc ++++ b/base/debug/stack_trace_unittest.cc +@@ -345,6 +345,7 @@ + // sometimes we read fp / pc from the place that previously held + // uninitialized value. + // TODO(crbug.com/1132511): Enable this test on Fuchsia. ++#if 0 + #if defined(MEMORY_SANITIZER) || BUILDFLAG(IS_FUCHSIA) + #define MAYBE_TraceStackFramePointersFromBuffer \ + DISABLED_TraceStackFramePointersFromBuffer +@@ -357,6 +358,7 @@ + const void* frames[kDepth]; + ExpectStackFramePointers(frames, kDepth, /*copy_stack=*/true); + } ++#endif + + #if BUILDFLAG(IS_ANDROID) || BUILDFLAG(IS_APPLE) + #define MAYBE_StackEnd StackEnd +--- a/base/threading/platform_thread_unittest.cc ++++ b/base/threading/platform_thread_unittest.cc +@@ -416,6 +416,7 @@ + // platforms for all priorities. This not being the case. This test documents + // and hardcodes what we know. Please inform scheduler-dev@chromium.org if this + // proprerty changes for a given platform. ++#if 0 + TEST(PlatformThreadTest, CanChangeThreadType) { + #if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) + // On Ubuntu, RLIMIT_NICE and RLIMIT_RTPRIO are 0 by default, so we won't be +@@ -472,6 +473,7 @@ + ThreadType::kBackground)); + #endif + } ++#endif + + TEST(PlatformThreadTest, SetCurrentThreadTypeTest) { + TestPriorityResultingFromThreadType(ThreadType::kBackground, +--- a/base/files/scoped_file_linux_unittest.cc ++++ b/base/files/scoped_file_linux_unittest.cc +@@ -42,11 +42,13 @@ + EXPECT_DEATH(ScopedFD(fd.get()), ""); + } + ++#if 0 + TEST_F(ScopedFDOwnershipTrackingTest, CrashOnUnownedClose) { + ScopedFD fd = OpenFD(); + subtle::EnableFDOwnershipEnforcement(true); + EXPECT_DEATH(close(fd.get()), ""); + } ++#endif + + #endif // defined(GTEST_HAS_DEATH_TEST) + +--- a/base/native_library_unittest.cc ++++ b/base/native_library_unittest.cc +@@ -139,6 +139,7 @@ + // Verifies that the |prefer_own_symbols| option satisfies its guarantee that + // a loaded library will always prefer local symbol resolution before + // considering global symbols. ++#if 0 + TEST(NativeLibraryTest, LoadLibraryPreferOwnSymbols) { + NativeLibraryOptions options; + options.prefer_own_symbols = true; +@@ -171,6 +172,7 @@ + EXPECT_EQ(2, NativeLibraryTestIncrement()); + EXPECT_EQ(3, NativeLibraryTestIncrement()); + } ++#endif + + #endif // !BUILDFLAG(IS_ANDROID) && !defined(THREAD_SANITIZER) && \ + // !defined(MEMORY_SANITIZER) +--- a/base/containers/span_unittest.cc ++++ b/base/containers/span_unittest.cc +@@ -995,6 +995,7 @@ + } + } + ++#if 0 + TEST(SpanTest, Empty) { + { + span span; +@@ -1014,6 +1015,7 @@ + EXPECT_TRUE(span_of_checked_iterators.empty()); + } + } ++#endif + + TEST(SpanTest, OperatorAt) { + static constexpr int kArray[] = {1, 6, 1, 8, 0}; +--- a/base/debug/elf_reader_unittest.cc ++++ b/base/debug/elf_reader_unittest.cc +@@ -194,6 +194,7 @@ + } + } + ++#if 0 + TEST(ElfReaderTestWithCurrentImage, ReadElfBuildId) { + #if BUILDFLAG(IS_ANDROID) + // On Android the library loader memory maps the full so file. +@@ -229,6 +230,7 @@ + UnloadNativeLibrary(library); + #endif + } ++#endif + + } // namespace debug + } // namespace base +--- a/net/BUILD.gn ++++ b/net/BUILD.gn +@@ -4826,7 +4826,6 @@ + sources += [ + "cert/internal/system_trust_store_nss_unittest.cc", + "cert/internal/trust_store_nss_unittest.cc", +- "cert/nss_cert_database_unittest.cc", + "cert/x509_util_nss_unittest.cc", + ] + if (!is_castos) { +--- a/base/process/process_util_unittest.cc ++++ b/base/process/process_util_unittest.cc +@@ -1419,7 +1419,7 @@ + return kSuccess; + } + +-#if defined(CLONE_NEWUSER) && defined(CLONE_NEWPID) ++#if 0 && defined(CLONE_NEWUSER) && defined(CLONE_NEWPID) + TEST_F(ProcessUtilTest, CloneFlags) { + if (!PathExists(FilePath("/proc/self/ns/user")) || + !PathExists(FilePath("/proc/self/ns/pid"))) { +--- a/net/base/address_tracker_linux_unittest.cc ++++ b/net/base/address_tracker_linux_unittest.cc +@@ -831,6 +831,7 @@ + // + // This test creates multiple concurrent `AddressTrackerLinux` instances in + // separate processes, each in their own PID namespaces. ++#if 0 + TEST(AddressTrackerLinuxNetlinkTest, TestInitializeTwoTrackersInPidNamespaces) { + // This test initializes `kNumChildren` instances of `AddressTrackerLinux` in + // tracking mode, each in their own child process running in a PID namespace. +@@ -901,6 +902,7 @@ + ASSERT_EQ(exit_code, 0); + } + } ++#endif + + MULTIPROCESS_TEST_MAIN(ChildProcessInitializeTrackerForTesting) { + base::test::TaskEnvironment task_env( +--- a/base/trace_event/trace_event_unittest.cc ++++ b/base/trace_event/trace_event_unittest.cc +@@ -1368,6 +1368,7 @@ + } + + // Test that data sent from multiple threads is gathered ++#if 0 + TEST_F(TraceEventTestFixture, DataCapturedManyThreads) { + BeginTrace(); + +@@ -1408,6 +1409,7 @@ + delete task_complete_events[i]; + } + } ++#endif + + // Test that thread and process names show up in the trace. + // In SDK build, thread names are not tracked inside //base. Instead, there's +--- a/base/allocator/partition_allocator/src/partition_alloc/pointers/raw_ptr_unittest.cc ++++ b/base/allocator/partition_allocator/src/partition_alloc/pointers/raw_ptr_unittest.cc +@@ -1481,6 +1481,7 @@ + // `base::to_address()` will use the dereference operator. This is not + // what we want; this test enforces extraction semantics for + // `to_address()`. ++#if 0 + TEST_F(RawPtrTest, ToAddressDoesNotDereference) { + CountingRawPtr ptr = nullptr; + int* raw = base::to_address(ptr); +@@ -1492,6 +1493,7 @@ + .get_for_duplication_cnt = 0}), + CountersMatch()); + } ++#endif + + TEST_F(RawPtrTest, ToAddressGivesBackRawAddress) { + int* raw = nullptr; +--- a/net/http/http_stream_factory_unittest.cc ++++ b/net/http/http_stream_factory_unittest.cc +@@ -3477,6 +3477,7 @@ + DefaultCTPolicyEnforcer ct_policy_enforcer_; + }; + ++#if 0 + TEST_F(ProcessAlternativeServicesTest, ProcessEmptyAltSvc) { + session_ = + std::make_unique(session_params_, session_context_); +@@ -3585,6 +3586,7 @@ + alternatives[0].host_port_pair()); + EXPECT_EQ(0u, alternatives[0].advertised_versions().size()); + } ++#endif + + } // namespace + diff --git a/backports/electron/electron-launcher.sh b/backports/electron/electron-launcher.sh index e49141f..546d4cc 100644 --- a/backports/electron/electron-launcher.sh +++ b/backports/electron/electron-launcher.sh @@ -10,6 +10,8 @@ done # Prefer user defined ELECTRON_USER_FLAGS (from env) over system # default ELECTRON_FLAGS (from /etc/electron/default.conf). export ELECTRON_FLAGS="$ELECTRON_FLAGS ${ELECTRON_USER_FLAGS:-"$ELECTRON_USER_FLAGS"}" +# Re-export, for it to be accessible by the process +export ELECTRON_OZONE_PLATFORM_HINT="${ELECTRON_OZONE_PLATFORM_HINT}" if [ "$ELECTRON_RUN_AS_NODE" == "1" ] && [ "$ELECTRON_STILL_PASS_THE_DEFAULT_FLAGS" != "1" ]; then exec "/usr/lib/electron/electron" "$@" diff --git a/backports/electron/fc-cache-version.patch b/backports/electron/fc-cache-version.patch new file mode 100644 index 0000000..3b76897 --- /dev/null +++ b/backports/electron/fc-cache-version.patch @@ -0,0 +1,13 @@ +instead of hardcoding the version, use the defined macro. +-- +--- a/third_party/test_fonts/fontconfig/generate_fontconfig_caches.cc ++++ b/third_party/test_fonts/fontconfig/generate_fontconfig_caches.cc +@@ -56,7 +56,7 @@ + FcFini(); + + // Check existence of intended fontconfig cache file. +- auto cache = fontconfig_caches + "/" + kCacheKey + "-le64.cache-9"; ++ auto cache = fontconfig_caches + "/" + kCacheKey + "-le64.cache-" + FC_CACHE_VERSION; + bool cache_exists = access(cache.c_str(), F_OK) == 0; + return !cache_exists; + } diff --git a/backports/electron/fix-opus.patch b/backports/electron/fix-opus.patch new file mode 100644 index 0000000..8841a32 --- /dev/null +++ b/backports/electron/fix-opus.patch @@ -0,0 +1,12 @@ +--- a/media/filters/ffmpeg_glue.cc ++++ b/media/filters/ffmpeg_glue.cc +@@ -142,7 +142,7 @@ const char* FFmpegGlue::GetAllowedAudioDecoders() { + static const base::NoDestructor kAllowedAudioCodecs([]() { + // This should match the configured lists in //third_party/ffmpeg. + std::string allowed_decoders( +- "vorbis,libopus,flac,pcm_u8,pcm_s16le,pcm_s24le,pcm_s32le,pcm_f32le," ++ "vorbis,opus,libopus,flac,pcm_u8,pcm_s16le,pcm_s24le,pcm_s32le,pcm_f32le," + "mp3,pcm_s16be,pcm_s24be,pcm_mulaw,pcm_alaw"); + #if BUILDFLAG(USE_PROPRIETARY_CODECS) + allowed_decoders += ",aac"; + diff --git a/backports/electron/fstatat-32bit.patch b/backports/electron/fstatat-32bit.patch new file mode 100644 index 0000000..1627ffa --- /dev/null +++ b/backports/electron/fstatat-32bit.patch @@ -0,0 +1,17 @@ +fstatat64 is macrod to fstatat in sys/stat.h in musl- but then that fstatat is +used in the _syscall4 macro mapping to __NR_$name, and __NR_fstatat is not +defined anywhere here, as it wants the 64 name. + +so, just let it keep the name with an undef of the stat.h macro, then the macro +expansion below evaluates correctly. +--- a/third_party/lss/linux_syscall_support.h ++++ b/third_party/lss/linux_syscall_support.h +@@ -4947,7 +4947,8 @@ + # endif + #endif + #if defined(__NR_fstatat64) ++ #undef fstatat64 + LSS_INLINE _syscall4(int, fstatat64, int, d, + const char *, p, + struct kernel_stat64 *, b, int, f) + #endif diff --git a/backports/electron/generic-sensor-include.patch b/backports/electron/generic-sensor-include.patch new file mode 100644 index 0000000..e8e2563 --- /dev/null +++ b/backports/electron/generic-sensor-include.patch @@ -0,0 +1,11 @@ +--- a/services/device/public/cpp/generic_sensor/sensor_reading.h ++++ b/services/device/public/cpp/generic_sensor/sensor_reading.h +@@ -5,6 +5,8 @@ + #ifndef SERVICES_DEVICE_PUBLIC_CPP_GENERIC_SENSOR_SENSOR_READING_H_ + #define SERVICES_DEVICE_PUBLIC_CPP_GENERIC_SENSOR_SENSOR_READING_H_ + ++#include ++#include + #include + + namespace device { diff --git a/backports/electron/icon.patch b/backports/electron/icon.patch index 6a999f1..101b60a 100644 --- a/backports/electron/icon.patch +++ b/backports/electron/icon.patch @@ -1,11 +1,11 @@ --- a/electron/default_app/default_app.ts +++ b/electron/default_app/default_app.ts -@@ -60,7 +60,7 @@ +@@ -61,7 +61,7 @@ }; if (process.platform === 'linux') { -- options.icon = path.join(__dirname, 'icon.png'); -+ options.icon = '/usr/share/icons/hicolor/1024x1024/apps/electron.png'; +- options.icon = url.fileURLToPath(new URL('icon.png', import.meta.url)); ++ options.icon = 'file:///usr/share/icons/hicolor/1024x1024/apps/electron.png'; } mainWindow = new BrowserWindow(options); diff --git a/backports/electron/jsoncpp.patch b/backports/electron/jsoncpp.patch deleted file mode 100644 index c9ea765..0000000 --- a/backports/electron/jsoncpp.patch +++ /dev/null @@ -1,39 +0,0 @@ -Patch-Source: https://github.com/archlinux/svntogit-packages/blob/bf2401407df5bcc938382eb03748fbef41e41c89/trunk/unbundle-jsoncpp-avoid-CFI-faults-with-is_cfi-true.patch -From ed8d931e35f81d8566835a579caf7d61368f85b7 Mon Sep 17 00:00:00 2001 -From: Evangelos Foutras -Date: Tue, 27 Sep 2022 22:20:41 +0000 -Subject: [PATCH] unbundle/jsoncpp: avoid CFI faults with is_cfi=true - -Ensure jsoncpp symbols have public visibility and are thus excluded from -CFI checks and whole-program optimization. This is achieved by defining -JSON_DLL_BUILD which in turn causes json/config.h to define JSON_API as -__attribute__((visibility("default"))). The latter macro is used to tag -jsoncpp classes and namespace functions throughout jsoncpp's headers. - -BUG=1365218 - -Change-Id: I56277737b7d9ecaeb5e17c8d21a2e55f3d5d5bc9 -Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3919652 -Reviewed-by: Thomas Anderson -Commit-Queue: Thomas Anderson -Cr-Commit-Position: refs/heads/main@{#1052077} ---- - build/linux/unbundle/jsoncpp.gn | 5 +++++ - 1 file changed, 5 insertions(+) - -diff --git a/build/linux/unbundle/jsoncpp.gn b/build/linux/unbundle/jsoncpp.gn -index 544f9d13c9..e84a0ef27a 100644 ---- a/build/linux/unbundle/jsoncpp.gn -+++ b/build/linux/unbundle/jsoncpp.gn -@@ -3,6 +3,11 @@ import("//build/shim_headers.gni") - - pkg_config("jsoncpp_config") { - packages = [ "jsoncpp" ] -+ -+ # Defining JSON_DLL_BUILD applies public visibility to jsoncpp classes -+ # thus deactivating CFI checks for them. This avoids CFI violations in -+ # virtual calls to system jsoncpp library (https://crbug.com/1365218). -+ defines = [ "JSON_DLL_BUILD" ] - } - - shim_headers("jsoncpp_shim") { diff --git a/backports/electron/libstdc++13.patch b/backports/electron/libstdc++13.patch index b85df2c..b04fa35 100644 --- a/backports/electron/libstdc++13.patch +++ b/backports/electron/libstdc++13.patch @@ -20,26 +20,6 @@ missing libstdc++13 includes #include #include #include ---- a/third_party/vulkan_memory_allocator/include/vk_mem_alloc.h -+++ b/third_party/vulkan_memory_allocator/include/vk_mem_alloc.h -@@ -2389,6 +2389,7 @@ - #undef VMA_IMPLEMENTATION - - #include -+#include - #include - #include - #include ---- a/third_party/vulkan-deps/vulkan-validation-layers/src/layers/external/vma/vk_mem_alloc.h -+++ b/third_party/vulkan-deps/vulkan-validation-layers/src/layers/external/vma/vk_mem_alloc.h -@@ -2389,6 +2389,7 @@ - #undef VMA_IMPLEMENTATION - - #include -+#include - #include - #include - #include --- a/ui/base/prediction/kalman_filter.h +++ b/ui/base/prediction/kalman_filter.h @@ -8,6 +8,8 @@ @@ -265,16 +245,6 @@ missing libstdc++13 includes #include #include #include ---- a/chrome/browser/privacy_budget/encountered_surface_tracker.h -+++ b/chrome/browser/privacy_budget/encountered_surface_tracker.h -@@ -5,6 +5,7 @@ - #ifndef CHROME_BROWSER_PRIVACY_BUDGET_ENCOUNTERED_SURFACE_TRACKER_H_ - #define CHROME_BROWSER_PRIVACY_BUDGET_ENCOUNTERED_SURFACE_TRACKER_H_ - -+#include - #include - - #include "base/containers/flat_set.h" --- a/chrome/browser/resource_coordinator/decision_details.h +++ b/chrome/browser/resource_coordinator/decision_details.h @@ -5,6 +5,7 @@ @@ -296,16 +266,6 @@ missing libstdc++13 includes namespace quic { // This interface writes encoder/decoder data to peer. ---- a/third_party/perfetto/src/trace_processor/sqlite/query_constraints.h -+++ b/third_party/perfetto/src/trace_processor/sqlite/query_constraints.h -@@ -17,6 +17,7 @@ - #ifndef SRC_TRACE_PROCESSOR_SQLITE_QUERY_CONSTRAINTS_H_ - #define SRC_TRACE_PROCESSOR_SQLITE_QUERY_CONSTRAINTS_H_ - -+#include - #include - #include - --- a/third_party/perfetto/include/perfetto/base/export.h +++ b/third_party/perfetto/include/perfetto/base/export.h @@ -17,6 +17,8 @@ diff --git a/backports/electron/mman.patch b/backports/electron/mman.patch index 748696c..d15605a 100644 --- a/backports/electron/mman.patch +++ b/backports/electron/mman.patch @@ -1,8 +1,8 @@ needed for PKEY_DISABLE_WRITE. these are documented as also being from sys/ mman.h with GNU_SOURCE, but musl doesn't do that, so these are strictly from kernel headers ---- a/base/allocator/partition_allocator/partition_alloc_unittest.cc -+++ b/base/allocator/partition_allocator/partition_alloc_unittest.cc +--- a/base/allocator/partition_allocator/src/partition_alloc/partition_alloc_unittest.cc ++++ b/base/allocator/partition_allocator/src/partition_alloc/partition_alloc_unittest.cc @@ -60,6 +60,7 @@ #include #include diff --git a/backports/electron/musl-auxv.patch b/backports/electron/musl-auxv.patch new file mode 100644 index 0000000..ce348cc --- /dev/null +++ b/backports/electron/musl-auxv.patch @@ -0,0 +1,11 @@ +--- ./v8/src/base/cpu.cc.orig ++++ ./v8/src/base/cpu.cc +@@ -14,7 +14,7 @@ + #if V8_OS_LINUX + #include // AT_HWCAP + #endif +-#if V8_GLIBC_PREREQ(2, 16) || V8_OS_ANDROID ++#if 1 + #include // getauxval() + #endif + #if V8_OS_QNX diff --git a/backports/electron/no-execinfo.patch b/backports/electron/no-execinfo.patch index 79e3327..4b57897 100644 --- a/backports/electron/no-execinfo.patch +++ b/backports/electron/no-execinfo.patch @@ -67,12 +67,3 @@ for discussion about this, see https://www.openwall.com/lists/musl/2021/07/16/1 // StackTrace::OutputToStream() is not implemented under uclibc, nor AIX. // See https://crbug.com/706728 -@@ -156,7 +156,7 @@ - - #endif // !defined(__UCLIBC__) && !defined(_AIX) - --#if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_ANDROID) -+#if (BUILDFLAG(IS_POSIX) && defined(__GLIBC__)) && !BUILDFLAG(IS_ANDROID) - #if !BUILDFLAG(IS_IOS) - static char* newArray() { - // Clang warns about the mismatched new[]/delete if they occur in the same diff --git a/backports/electron/no-mallinfo.patch b/backports/electron/no-mallinfo.patch index 90824e8..37abb3f 100644 --- a/backports/electron/no-mallinfo.patch +++ b/backports/electron/no-mallinfo.patch @@ -100,8 +100,8 @@ musl does not implement mallinfo()/mallinfo2() /* Define to 1 if you have the header file. */ #define HAVE_MALLOC_H 1 ---- a/base/allocator/partition_allocator/shim/allocator_shim_default_dispatch_to_partition_alloc.cc -+++ b/base/allocator/partition_allocator/shim/allocator_shim_default_dispatch_to_partition_alloc.cc +--- a/base/allocator/partition_allocator/src/partition_alloc/shim/allocator_shim_default_dispatch_to_partition_alloc.cc ++++ b/base/allocator/partition_allocator/src/partition_alloc/shim/allocator_shim_default_dispatch_to_partition_alloc.cc @@ -717,7 +717,7 @@ #endif // !BUILDFLAG(IS_APPLE) && !BUILDFLAG(IS_ANDROID) @@ -111,8 +111,8 @@ musl does not implement mallinfo()/mallinfo2() SHIM_ALWAYS_EXPORT struct mallinfo mallinfo(void) __THROW { base::SimplePartitionStatsDumper allocator_dumper; Allocator()->DumpStats("malloc", true, &allocator_dumper); ---- a/base/allocator/partition_allocator/shim/allocator_shim_default_dispatch_to_partition_alloc_unittest.cc -+++ b/base/allocator/partition_allocator/shim/allocator_shim_default_dispatch_to_partition_alloc_unittest.cc +--- a/base/allocator/partition_allocator/src/partition_alloc/shim/allocator_shim_default_dispatch_to_partition_alloc_unittest.cc ++++ b/base/allocator/partition_allocator/src/partition_alloc/shim/allocator_shim_default_dispatch_to_partition_alloc_unittest.cc @@ -24,7 +24,7 @@ #if BUILDFLAG(USE_PARTITION_ALLOC_AS_MALLOC) diff --git a/backports/electron/no-mte.patch b/backports/electron/no-mte.patch deleted file mode 100644 index 2f5cead..0000000 --- a/backports/electron/no-mte.patch +++ /dev/null @@ -1,13 +0,0 @@ -M115 needs ifuncs for this --- ---- a/base/allocator/partition_allocator/partition_alloc_config.h -+++ b/base/allocator/partition_allocator/partition_alloc_config.h -@@ -155,7 +155,7 @@ - #define PA_CONFIG_HAS_MEMORY_TAGGING() \ - (defined(ARCH_CPU_ARM64) && defined(__clang__) && \ - !defined(ADDRESS_SANITIZER) && \ -- (BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_ANDROID))) -+ ((BUILDFLAG(IS_LINUX) && defined(__GLIBC__)) || BUILDFLAG(IS_ANDROID))) - - #if PA_CONFIG(HAS_MEMORY_TAGGING) - static_assert(sizeof(void*) == 8); diff --git a/backports/electron/partalloc-no-tagging-arm64.patch b/backports/electron/partalloc-no-tagging-arm64.patch new file mode 100644 index 0000000..e5c7525 --- /dev/null +++ b/backports/electron/partalloc-no-tagging-arm64.patch @@ -0,0 +1,14 @@ +Hard-disable memory tagging on ARM64 - it does exist there but musl is +missing some required interface headers for it, and it's not clear how +to make the partalloc support code for it work. +--- ./base/allocator/partition_allocator/partition_alloc.gni.orig ++++ ./base/allocator/partition_allocator/partition_alloc.gni +@@ -30,7 +30,7 @@ + } + + has_memory_tagging = +- current_cpu == "arm64" && is_clang && !is_asan && (is_linux || is_android) ++ false + + declare_args() { + # Causes all the allocations to be routed via allocator_shim.cc. Usually, diff --git a/backports/electron/perfetto-libstdc++.patch b/backports/electron/perfetto-libstdc++.patch new file mode 100644 index 0000000..31ff9d9 --- /dev/null +++ b/backports/electron/perfetto-libstdc++.patch @@ -0,0 +1,20 @@ +--- a/third_party/perfetto/src/trace_processor/perfetto_sql/engine/created_function.cc ++++ b/third_party/perfetto/src/trace_processor/perfetto_sql/engine/created_function.cc +@@ -107,7 +107,7 @@ + // the destructors run correctly for non-trivial members of the + // union. + using Data = +- std::variant; ++ std::variant; + + StoredSqlValue(SqlValue value) { + switch (value.type) { +@@ -132,7 +132,7 @@ + } + + SqlValue AsSqlValue() { +- if (std::holds_alternative(data)) { ++ if (std::holds_alternative(data)) { + return SqlValue(); + } else if (std::holds_alternative(data)) { + return SqlValue::Long(std::get(data)); diff --git a/backports/electron/pvalloc.patch b/backports/electron/pvalloc.patch new file mode 100644 index 0000000..1d874d6 --- /dev/null +++ b/backports/electron/pvalloc.patch @@ -0,0 +1,33 @@ +the pvalloc/valloc symbols are obsolete and not implemented in musl +-- +--- a/base/allocator/partition_allocator/src/partition_alloc/shim/allocator_shim_unittest.cc ++++ b/base/allocator/partition_allocator/src/partition_alloc/shim/allocator_shim_unittest.cc +@@ -375,7 +375,7 @@ + ASSERT_GE(aligned_allocs_intercepted_by_alignment[128], 1u); + ASSERT_GE(aligned_allocs_intercepted_by_size[53], 1u); + +-#if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_ANDROID) ++#if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_ANDROID) && defined(__GLIBC__) + void* pvalloc_ptr = pvalloc(67); + ASSERT_NE(nullptr, pvalloc_ptr); + ASSERT_EQ(0u, reinterpret_cast(pvalloc_ptr) % kPageSize); +@@ -414,7 +414,7 @@ + free(memalign_ptr); + ASSERT_GE(frees_intercepted_by_addr[Hash(memalign_ptr)], 1u); + +-#if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_ANDROID) ++#if BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_ANDROID) && defined(__GLIBC__) + free(pvalloc_ptr); + ASSERT_GE(frees_intercepted_by_addr[Hash(pvalloc_ptr)], 1u); + #endif // BUILDFLAG(IS_POSIX) && !BUILDFLAG(IS_ANDROID) +--- a/base/process/memory_unittest.cc ++++ b/base/process/memory_unittest.cc +@@ -359,7 +359,7 @@ + #endif // BUILDFLAG(IS_WIN) + #endif // !BUILDFLAG(IS_MAC) + +-#if BUILDFLAG(IS_LINUX) || BUILDFLAG(IS_CHROMEOS) ++#if (BUILDFLAG(IS_LINUX) && defined(__GLIBC__)) || BUILDFLAG(IS_CHROMEOS) + + TEST_F(OutOfMemoryDeathTest, Valloc) { + ASSERT_OOM_DEATH({ diff --git a/backports/electron/quiche-array.patch b/backports/electron/quiche-array.patch new file mode 100644 index 0000000..d016b38 --- /dev/null +++ b/backports/electron/quiche-array.patch @@ -0,0 +1,12 @@ +needed for push_back on array +-- +--- a/net/third_party/quiche/src/quiche/common/quiche_endian.h ++++ b/net/third_party/quiche/src/quiche/common/quiche_endian.h +@@ -6,6 +6,7 @@ + #define QUICHE_COMMON_QUICHE_ENDIAN_H_ + + #include ++#include + #include + #include + diff --git a/backports/electron/random-fixes.patch b/backports/electron/random-fixes.patch new file mode 100644 index 0000000..5bfdef5 --- /dev/null +++ b/backports/electron/random-fixes.patch @@ -0,0 +1,94 @@ +Patch-Source: https://gitlab.archlinux.org/archlinux/packaging/packages/chromium/-/blob/c073b0c20935d7eb452732e0f3b2860a96c3db21/random-build-fixes.patch +-- +diff --git a/chrome/browser/download/bubble/download_bubble_update_service.cc b/chrome/browser/download/bubble/download_bubble_update_service.cc +index 41b647f7b44..8940c6bb7fc 100644 +--- a/chrome/browser/download/bubble/download_bubble_update_service.cc ++++ b/chrome/browser/download/bubble/download_bubble_update_service.cc +@@ -91,7 +91,7 @@ ItemSortKey GetSortKey(const Item& item) { + // Helper to get an iterator to the last element in the cache. The cache + // must not be empty. + template +-SortedItems::const_iterator GetLastIter(const SortedItems& cache) { ++typename SortedItems::const_iterator GetLastIter(const SortedItems& cache) { + CHECK(!cache.empty()); + auto it = cache.end(); + return std::prev(it); +@@ -967,9 +967,9 @@ bool DownloadBubbleUpdateService::CacheManager::RemoveItemFromCacheImpl( + } + + template +-SortedItems::iterator ++typename SortedItems::iterator + DownloadBubbleUpdateService::CacheManager::RemoveItemFromCacheByIter( +- SortedItems::iterator iter, ++ typename SortedItems::iterator iter, + SortedItems& cache, + IterMap& iter_map) { + CHECK(iter != cache.end()); +diff --git a/chrome/test/chromedriver/capabilities.cc b/chrome/test/chromedriver/capabilities.cc +index c0708681ebd..98b8494d170 100644 +--- a/chrome/test/chromedriver/capabilities.cc ++++ b/chrome/test/chromedriver/capabilities.cc +@@ -355,7 +355,7 @@ Status ParseMobileEmulation(const base::Value& option, + "'version' field of type string"); + } + +- brands.emplace_back(*brand, *version); ++ brands.emplace_back(BrandVersion{*brand, *version}); + } + + client_hints.brands = std::move(brands); +@@ -392,7 +392,7 @@ Status ParseMobileEmulation(const base::Value& option, + "a 'version' field of type string"); + } + +- full_version_list.emplace_back(*brand, *version); ++ full_version_list.emplace_back(BrandVersion{*brand, *version}); + } + + client_hints.full_version_list = std::move(full_version_list); +diff --git a/components/optimization_guide/core/tflite_model_executor.h b/components/optimization_guide/core/tflite_model_executor.h +index c4f750f4684..b5635f4108b 100644 +--- a/components/optimization_guide/core/tflite_model_executor.h ++++ b/components/optimization_guide/core/tflite_model_executor.h +@@ -189,7 +189,7 @@ class TFLiteModelExecutor : public ModelExecutor { + void SendForBatchExecution( + BatchExecutionCallback callback_on_complete, + base::TimeTicks start_time, +- ModelExecutor::ConstRefInputVector inputs) ++ typename ModelExecutor::ConstRefInputVector inputs) + override { + DCHECK(execution_task_runner_->RunsTasksInCurrentSequence()); + DCHECK_CALLED_ON_VALID_SEQUENCE(sequence_checker_); +diff --git a/third_party/blink/renderer/core/html/parser/html_document_parser_fastpath.cc b/third_party/blink/renderer/core/html/parser/html_document_parser_fastpath.cc +index 2dc0b304092..a82f255090b 100644 +--- a/third_party/blink/renderer/core/html/parser/html_document_parser_fastpath.cc ++++ b/third_party/blink/renderer/core/html/parser/html_document_parser_fastpath.cc +@@ -169,7 +169,7 @@ class HTMLFastPathParser { + using Span = base::span; + using USpan = base::span; + // 32 matches that used by HTMLToken::Attribute. +- typedef std::conditional, ++ typedef typename std::conditional, + UCharLiteralBuffer<32>, + LCharLiteralBuffer<32>>::type LiteralBufferType; + typedef UCharLiteralBuffer<32> UCharLiteralBufferType; +diff --git a/third_party/blink/renderer/modules/canvas/canvas2d/canvas_style.cc b/third_party/blink/renderer/modules/canvas/canvas2d/canvas_style.cc +index f0b49139147..a308fb67982 100644 +--- a/third_party/blink/renderer/modules/canvas/canvas2d/canvas_style.cc ++++ b/third_party/blink/renderer/modules/canvas/canvas2d/canvas_style.cc +@@ -91,12 +91,12 @@ void CanvasStyle::ApplyToFlags(cc::PaintFlags& flags, + case kGradient: + GetCanvasGradient()->GetGradient()->ApplyToFlags(flags, SkMatrix::I(), + ImageDrawOptions()); +- flags.setColor(SkColor4f(0.0f, 0.0f, 0.0f, global_alpha)); ++ flags.setColor(SkColor4f{0.0f, 0.0f, 0.0f, global_alpha}); + break; + case kImagePattern: + GetCanvasPattern()->GetPattern()->ApplyToFlags( + flags, AffineTransformToSkMatrix(GetCanvasPattern()->GetTransform())); +- flags.setColor(SkColor4f(0.0f, 0.0f, 0.0f, global_alpha)); ++ flags.setColor(SkColor4f{0.0f, 0.0f, 0.0f, global_alpha}); + break; + default: + NOTREACHED(); diff --git a/backports/electron/remove-broken-patch.patch b/backports/electron/remove-broken-patch.patch deleted file mode 100644 index cf57c12..0000000 --- a/backports/electron/remove-broken-patch.patch +++ /dev/null @@ -1,10 +0,0 @@ ---- a/third_party/node/update_npm_deps -+++ b/third_party/node/update_npm_deps -@@ -20,7 +20,6 @@ - - patch -d node_modules/@types/d3/ -p1 < chromium_d3_types_index.patch - patch -d node_modules/html-minifier/ -p1 < html_minifier.patch --patch -p1 < typescript.patch - - rsync -c --delete -r -q --include-from="npm_include.txt" --exclude-from="npm_exclude.txt" \ - --prune-empty-dirs "node_modules/" "node_modules_filtered/" diff --git a/backports/electron/system-zstd.patch b/backports/electron/system-zstd.patch new file mode 100644 index 0000000..0fcd3ef --- /dev/null +++ b/backports/electron/system-zstd.patch @@ -0,0 +1,46 @@ +From ae3ae3711784865bdc38bf119a6182a7b8dae91c Mon Sep 17 00:00:00 2001 +From: Matt Jolly +Date: Sun, 17 Sep 2023 16:51:42 +1000 +Subject: [PATCH] Add system-zstd + +--- a/build/linux/unbundle/replace_gn_files.py ++++ b/build/linux/unbundle/replace_gn_files.py +@@ -74,6 +74,7 @@ REPLACEMENTS = { + # + 'woff2': 'third_party/woff2/BUILD.gn', + 'zlib': 'third_party/zlib/BUILD.gn', ++ 'zstd': 'third_party/zstd/BUILD.gn', + } + + +--- /dev/null ++++ b/build/linux/unbundle/zstd.gn +@@ -0,0 +1,25 @@ ++import("//build/config/linux/pkg_config.gni") ++import("//build/shim_headers.gni") ++ ++pkg_config("system_zstd") { ++ packages = [ "libzstd" ] ++} ++ ++shim_headers("zstd_shim") { ++ root_path = "src/lib" ++ headers = [ ++ "zdict.h", ++ "zstd.h", ++ "zstd_errors.h", ++ ] ++} ++ ++source_set("zstd") { ++ deps = [ ":zstd_shim" ] ++ public_configs = [ ":system_zstd" ] ++} ++ ++source_set("decompress") { ++ deps = [ ":zstd_shim" ] ++ public_configs = [ ":system_zstd" ] ++} +-- +2.42.0 + diff --git a/backports/electron/unbundle-node.patch b/backports/electron/unbundle-node.patch new file mode 100644 index 0000000..58ec814 --- /dev/null +++ b/backports/electron/unbundle-node.patch @@ -0,0 +1,56 @@ +--- ./third_party/electron_node/BUILD.gn.orig ++++ ./third_party/electron_node/BUILD.gn +@@ -39,6 +39,7 @@ + node_release_urlbase = "" + + # Allows downstream packagers (eg. Linux distributions) to build Electron against system shared libraries. ++ use_system_base64 = false + use_system_cares = false + use_system_nghttp2 = false + use_system_llhttp = false +@@ -47,6 +48,11 @@ + + if (is_linux) { + import("//build/config/linux/pkg_config.gni") ++ if (use_system_base64) { ++ pkg_config("base64") { ++ packages = [ "base64" ] ++ } ++ } + if (use_system_cares) { + pkg_config("cares") { + packages = [ "libcares" ] +@@ -208,7 +214,6 @@ + ":node_js2c", + "deps/googletest:gtest", + "deps/ada", +- "deps/base64", + "deps/simdutf", + "deps/uvwasi", + "//third_party/zlib", +@@ -216,6 +221,11 @@ + "//third_party/brotli:enc", + "//v8:v8_libplatform", + ] ++ if (use_system_base64) { ++ configs += [ ":base64" ] ++ } else { ++ deps += [ "deps/base64" ] ++ } + if (use_system_cares) { + configs += [ ":cares" ] + } else { +--- ./electron/script/generate-config-gypi.py.orig ++++ ./electron/script/generate-config-gypi.py +@@ -62,6 +62,11 @@ + # Used by certain versions of node-gyp. + v['build_v8_with_gn'] = 'false' + ++ with open(os.path.join(NODE_DIR, 'use_system.txt')) as f: ++ for dep in f.read().strip().split(' '): ++ if v.get(f'node_shared_{dep}') is not None: ++ v[f'node_shared_{dep}'] = 'true' ++ + with open(target_file, 'w+') as f: + f.write(pprint.pformat(config, indent=2)) + diff --git a/backports/electron/vector-const.patch b/backports/electron/vector-const.patch deleted file mode 100644 index cb65e12..0000000 --- a/backports/electron/vector-const.patch +++ /dev/null @@ -1,113 +0,0 @@ ---- a/chrome/browser/process_singleton_posix.cc -+++ b/chrome/browser/process_singleton_posix.cc -@@ -607,7 +607,7 @@ - // |reader| is for sending back ACK message. - void HandleMessage(const std::string& current_dir, - const std::vector& argv, -- const std::vector additional_data, -+ const std::vector additional_data, - SocketReader* reader); - - private: -@@ -664,7 +664,7 @@ - void ProcessSingleton::LinuxWatcher::HandleMessage( - const std::string& current_dir, - const std::vector& argv, -- const std::vector additional_data, -+ const std::vector additional_data, - SocketReader* reader) { - DCHECK(ui_task_runner_->BelongsToCurrentThread()); - DCHECK(reader); -@@ -754,7 +754,7 @@ - base::StringToSizeT(tokens[0], &num_args); - std::vector command_line(tokens.begin() + 1, tokens.begin() + 1 + num_args); - -- std::vector additional_data; -+ std::vector additional_data; - if (tokens.size() >= 3 + num_args) { - size_t additional_data_size; - base::StringToSizeT(tokens[1 + num_args], &additional_data_size); -@@ -763,7 +763,7 @@ - std::string(1, kTokenDelimiter)); - const uint8_t* additional_data_bits = - reinterpret_cast(remaining_args.c_str()); -- additional_data = std::vector( -+ additional_data = std::vector( - additional_data_bits, additional_data_bits + additional_data_size); - } - ---- a/chrome/browser/process_singleton.h -+++ b/chrome/browser/process_singleton.h -@@ -102,7 +102,7 @@ - using NotificationCallback = - base::RepeatingCallback additional_data)>; -+ const std::vector additional_data)>; - - #if BUILDFLAG(IS_WIN) - ProcessSingleton(const std::string& program_name, ---- a/chrome/browser/process_singleton_win.cc -+++ b/chrome/browser/process_singleton_win.cc -@@ -81,7 +81,7 @@ - bool ParseCommandLine(const COPYDATASTRUCT* cds, - base::CommandLine* parsed_command_line, - base::FilePath* current_directory, -- std::vector* parsed_additional_data) { -+ std::vector* parsed_additional_data) { - // We should have enough room for the shortest command (min_message_size) - // and also be a multiple of wchar_t bytes. The shortest command - // possible is L"START\0\0" (empty command line, current directory, -@@ -163,7 +163,7 @@ - msg.substr(fourth_null + 1, fifth_null - fourth_null); - const uint8_t* additional_data_bytes = - reinterpret_cast(additional_data.c_str()); -- *parsed_additional_data = std::vector(additional_data_bytes, -+ *parsed_additional_data = std::vector(additional_data_bytes, - additional_data_bytes + additional_data_length); - - return true; -@@ -187,7 +187,7 @@ - - base::CommandLine parsed_command_line(base::CommandLine::NO_PROGRAM); - base::FilePath current_directory; -- std::vector additional_data; -+ std::vector additional_data; - if (!ParseCommandLine(cds, &parsed_command_line, ¤t_directory, &additional_data)) { - *result = TRUE; - return true; ---- a/electron/shell/browser/api/electron_api_app.cc -+++ b/electron/shell/browser/api/electron_api_app.cc -@@ -519,10 +519,10 @@ - const base::RepeatingCallback< - void(const base::CommandLine& command_line, - const base::FilePath& current_directory, -- const std::vector additional_data)>& callback, -+ const std::vector additional_data)>& callback, - const base::CommandLine& cmd, - const base::FilePath& cwd, -- const std::vector additional_data) { -+ const std::vector additional_data) { - // Make sure the callback is called after app gets ready. - if (Browser::Get()->is_ready()) { - callback.Run(cmd, cwd, std::move(additional_data)); -@@ -1082,7 +1082,7 @@ - - void App::OnSecondInstance(const base::CommandLine& cmd, - const base::FilePath& cwd, -- const std::vector additional_data) { -+ const std::vector additional_data) { - v8::Isolate* isolate = JavascriptEnvironment::GetIsolate(); - v8::Locker locker(isolate); - v8::HandleScope handle_scope(isolate); ---- a/electron/shell/browser/api/electron_api_app.h -+++ b/electron/shell/browser/api/electron_api_app.h -@@ -195,7 +195,7 @@ - std::string GetLocaleCountryCode(); - void OnSecondInstance(const base::CommandLine& cmd, - const base::FilePath& cwd, -- const std::vector additional_data); -+ const std::vector additional_data); - bool HasSingleInstanceLock() const; - bool RequestSingleInstanceLock(gin::Arguments* args); - void ReleaseSingleInstanceLock(); diff --git a/backports/electron/yes-musl.patch b/backports/electron/yes-musl.patch new file mode 100644 index 0000000..e860b8e --- /dev/null +++ b/backports/electron/yes-musl.patch @@ -0,0 +1,11 @@ +--- ./buildtools/third_party/libc++/__config_site.orig ++++ ./buildtools/third_party/libc++/__config_site +@@ -18,7 +18,7 @@ + /* #undef _LIBCPP_ABI_FORCE_MICROSOFT */ + /* #undef _LIBCPP_HAS_NO_THREADS */ + /* #undef _LIBCPP_HAS_NO_MONOTONIC_CLOCK */ +-/* #undef _LIBCPP_HAS_MUSL_LIBC */ ++#define _LIBCPP_HAS_MUSL_LIBC 1 + /* #undef _LIBCPP_HAS_THREAD_API_PTHREAD */ + /* #undef _LIBCPP_HAS_THREAD_API_EXTERNAL */ + /* #undef _LIBCPP_HAS_THREAD_API_WIN32 */