This was done automatically replacing:
s/mozilla::Move/std::move/
s/ Move(/ std::move(/
s/(Move(/(std::move(/
Removing the 'using mozilla::Move;' lines.
And then with a few manual fixups, see the bug for the split series..
MozReview-Commit-ID: Jxze3adipUh
There are three things we want to be true:
a) If the child sends a large value and the parent can't allocate enough space
for it we use an infallible allocation so the parent dies with an OOM.
b) If a fuzzer generates (huge-length, small-data) we don't try to allocate
huge-length bytes; knowing that the read will fail.
c) No fuzzer-specific branches in the core IPC serialization code.
Finally, this makes (huge-length, small-data) consistent with other cases where
the data is potentially truncated: ReadParam returns false.
MozReview-Commit-ID: 6nDKrw5z4pt
--HG--
extra : rebase_source : 58372d29139e9545a6ed2852c7243affeab6fdb7
The FunctionBroker is a special kind of FunctionHook that brokers the hooked function on another process. In the child process, it uses the FunctionBrokerChild to request that the FunctionBrokerParent run a function and return the response. It handles most cases of parameter, return value and error marshaling on its own. It also guarantees that requests are issued from the proper thread.
ChildPrivileges is a leftover from the B2G process model; it's now
mostly unused, except for the Windows sandbox using it to carry whether
a content process has file:/// access.
In general, when sandboxing needs to interact with process launch, the
inputs are some subset of: the GeckoProcessType, the subtype if content,
various prefs and even GPU configuration; and the resulting launch
adjustments are platform-specific. And on some platforms (e.g., OS X)
it's all done after launch. So a simple enum used cross-platform isn't
a good fit.
MozReview-Commit-ID: K31OHOpJzla
--HG--
extra : rebase_source : 3928b44eb86cd076bcac7897536590555237b76b
Since NoFocusState is am empty struct used in the |mData| variant in
FocusTarget, we need to add a Reader and a Writer for IPC for NoFocusState so we
can properly read and write the |mData| variant. The NoFocusState Read and Write
methods do not read or write anything, since NoFocusState does not contain any
data. This is done by creating a helper class EmptyStructSerliazer and
inheritting from EmptyStructSerializer for the NoFocusState specialization.
The |Read| and |Write| methods for FocusTarget are updated by removing the read
and write code for the individual types of |mData| and instead makes use of the
IPC read and write methods for Variant.
MozReview-Commit-ID: 3159sp6FLek
--HG--
extra : rebase_source : ff82797c26abffbd8bbcc465dc40c621be3257d0
* VariantWriter construction switched to use aggregate initialization
* Call to AsVariant was inappropriately called via |paramType| when it should
have been called via |mozilla|
* |Next::Read| call in VariantReader specialization was missing the |result|
argument
MozReview-Commit-ID: Izany7iDX0k
--HG--
extra : rebase_source : 7387e72100c7d2ba8fcfd1e5a3b6d0ce6be6c740
Changes made:
* Add IPC::ParamTraits as a friend to mozilla::Variant in Variant.h.
This is required so that `tag` can be accessed in the
IPC::ParamTraits specialization.
* Add a IPC::ParamTraits specialization to IPCMessageUtils.h.
MozReview-Commit-ID: B3pGrZE1z0O
--HG--
extra : rebase_source : cb73873b87401846f79e124249c7ce00dff2de77
This allows specifying the highest legal value rather than a sentinel
value, to support enumerations that don't have a sentinel.
MozReview-Commit-ID: 5Vj7SnYlfkH
--HG--
extra : rebase_source : 30f567edc6c6bb75971d27226ebfc3574944a9bb
In JS StructuredClone BufferList<SystemAllocPolicy> is typedef'd to
JSStructuredCloneData and use everywhere in gecko that stores structured
clone data.
This patch changed some raw pointers to UniquePtr<JSStructuredCloneData>
and some to stack allocated JSStructuredCloneData for better life time
management. Some parameters or methods are deleted because of changing
to the new data structure.
MessagePortMessage now has the exactly same structure with
ClonedMessageData. Maybe in the future they can be consolidated.
MozReview-Commit-ID: 1IY9p5eKLgv
This patch is generated by the following commands (note: if you're running
using OS X's sed, which accepts slightly different flags, you'll have to
specify an actual backup suffix in -i, or use gsed from Homebrew):
hg stat -c \
| cut -c 3- \
| tr '\n' '\0' \
| xargs -0 -P 8 gsed --follow-symlinks 's/\bnsCSSProperty\b/nsCSSPropertyID/g' -i''
Then:
hg mv layout/style/nsCSSProperty.h layout/style/nsCSSPropertyID.h
... and finally, manually renaming nsCSSProperty in the include guard in
nsCSSProperty.h.
MozReview-Commit-ID: ZV6jyvmLfA
--HG--
rename : layout/style/nsCSSProperty.h => layout/style/nsCSSPropertyID.h
This should not change the behavior, because fallible_t is passed to
the array methods.
Rename from InfallibleTArray to nsTArray, because that is more usual.
Remove unnecessary spaces from some template definitions.
The first check in ByteLengthIsValid() says "nsTArray only handles
sizes up to INT32_MAX", but the actual requirement is that the
capacity is no larger than UINT32_MAX. The check is overly restrictive
if sizeof(E) is 1 byte, and overly permissive if sizeof(E) is greater
than 2 bytes. I removed this check. Internal nsTArray invariants
should be enforced by nsTArray methods.
The second check is trying to check for overflow, but that should just
be done using CheckedInt.