Arthur Sonzogni (Gerrit)

unread,

Nov 7, 2025, 12:10:47 PMNov 7

to Stephen Chenney, Hirokazu Honda, chromium...@chromium.org, Hongchan Choi, Kentaro Hara, Dirk Schulze, kinuko...@chromium.org, video-networking...@google.com, mac-r...@chromium.org, drott+bl...@chromium.org, blink-re...@chromium.org, blink-...@chromium.org, kouhe...@chromium.org, oilpan-rev...@chromium.org, fmalit...@chromium.org, fserb...@chromium.org, ipc-securi...@chromium.org, blink-reviews-p...@chromium.org

Arthur Sonzogni has uploaded the change for review

Commit message

Convert to UNSAFE_TODO in third_party/blink

This is an automated #cleanup patch using the [Script] below.

We are migrating from coarse-grained file-level suppression (#pragma
allow_unsafe_buffers) to granular, expression-level markers
(UNSAFE_TODO()). The pragma disables safety checks for an entire file,
whereas UNSAFE_TODO() isolates specific potentially unsafe operations, allowing
the rest of the file to be enforced as safe.

This CL was uploaded by git cl split.

Script: https://docs.google.com/document/d/1ORQGBNn2R-CEvNbDTjRd-GrOBOFlCxIHdcvSUA_EhR4/edit?usp=sharing

AX-Relnotes: N/A

Cleanup: This is an automated #cleanup.

Bug: 409340989

Change-Id: I288f6783738c71a3c0ca9aede185394a8db73ed3

Change diff

Change information

Files:

M third_party/blink/public/common/input/web_gesture_event.h
M third_party/blink/renderer/modules/webaudio/cpu/arm/oscillator_kernel_neon.cc
M third_party/blink/renderer/modules/webaudio/oscillator_handler.cc
M third_party/blink/renderer/modules/webaudio/periodic_wave.cc
M third_party/blink/renderer/platform/audio/biquad.cc
M third_party/blink/renderer/platform/audio/cpu/arm/delay_neon.cc
M third_party/blink/renderer/platform/audio/cpu/arm/vector_math_neon.h
M third_party/blink/renderer/platform/audio/cpu/x86/vector_math_impl.h
M third_party/blink/renderer/platform/audio/cpu/x86/vector_math_x86.h
M third_party/blink/renderer/platform/audio/sinc_resampler.cc
M third_party/blink/renderer/platform/audio/vector_math_scalar.h
M third_party/blink/renderer/platform/graphics/cpu/arm/webgl_image_conversion_neon.h
M third_party/blink/renderer/platform/graphics/cpu/x86/webgl_image_conversion_sse.h
M third_party/blink/renderer/platform/graphics/gpu/webgl_image_conversion.cc
M third_party/blink/renderer/platform/graphics/test/mock_embedded_frame_sink_provider.h
M third_party/blink/renderer/platform/heap/collection_support/heap_hash_table_backing.h
M third_party/blink/renderer/platform/heap/collection_support/heap_vector_backing.h
M third_party/blink/renderer/platform/heap/test/concurrent_marking_test.cc
M third_party/blink/renderer/platform/mac/color_mac.mm
M third_party/blink/renderer/platform/mojo/string16_mojom_traits.h
M third_party/blink/renderer/platform/peerconnection/h265_parameter_sets_tracker.cc
M third_party/blink/renderer/platform/peerconnection/rtc_video_encoder_test.cc

Change size: XL

Delta: 22 files changed, 1438 insertions(+), 1351 deletions(-)

Open in Gerrit

Related details

Attention set is empty

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Arthur Sonzogni (Gerrit)

unread,

Nov 8, 2025, 2:39:50 AMNov 8

to chromium...@chromium.org, Dirk Schulze, Kentaro Hara, Hirokazu Honda, Hongchan Choi, Stephen Chenney, blink-re...@chromium.org, blink-reviews-p...@chromium.org, blink-...@chromium.org, drott+bl...@chromium.org, fmalit...@chromium.org, fserb...@chromium.org, ipc-securi...@chromium.org, kinuko...@chromium.org, kouhe...@chromium.org, mac-r...@chromium.org, oilpan-rev...@chromium.org, video-networking...@google.com

Arthur Sonzogni voted Commit-Queue+1

Commit-Queue

+1

Open in Gerrit

Related details

Attention set is empty

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Arthur Sonzogni (Gerrit)

unread,

Nov 13, 2025, 5:46:56 AMNov 13

to Mike West, Chromium LUCI CQ, chromium...@chromium.org, Dirk Schulze, Kentaro Hara, Hirokazu Honda, Hongchan Choi, Stephen Chenney, blink-re...@chromium.org, blink-reviews-p...@chromium.org, blink-...@chromium.org, drott+bl...@chromium.org, fmalit...@chromium.org, fserb...@chromium.org, ipc-securi...@chromium.org, kinuko...@chromium.org, kouhe...@chromium.org, mac-r...@chromium.org, oilpan-rev...@chromium.org, video-networking...@google.com

Attention needed from Mike West

Arthur Sonzogni voted and added 1 comment

Votes added by Arthur Sonzogni

Auto-Submit	+1
Commit-Queue	+1

1 comment

Patchset-level comments

File-level comment, Patchset 5:

Arthur Sonzogni . resolved

Hi @mk...@chromium.org
Could you please take a look:

**Manual change:**
I [reverted 3 files](https://chromium-review.googlesource.com/c/chromium/src/+/7131920/3..6), because there was too many UNSAFE_TODO(...). It is preferable to keep the file-level opt-out in this case IMO.

Open in Gerrit

Related details

Attention is currently required from:

Mike West

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Arthur Sonzogni (Gerrit)

unread,

Nov 14, 2025, 6:04:48 AMNov 14

to Mike West, Chromium LUCI CQ, chromium...@chromium.org, Dirk Schulze, Kentaro Hara, Hirokazu Honda, Hongchan Choi, Stephen Chenney, blink-re...@chromium.org, blink-reviews-p...@chromium.org, blink-...@chromium.org, drott+bl...@chromium.org, fmalit...@chromium.org, fserb...@chromium.org, ipc-securi...@chromium.org, kinuko...@chromium.org, kouhe...@chromium.org, mac-r...@chromium.org, oilpan-rev...@chromium.org, video-networking...@google.com

Attention needed from Mike West

Arthur Sonzogni voted Auto-Submit+1

Auto-Submit

+1

Open in Gerrit

Related details

Attention is currently required from:

Mike West

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

unsatisfied_requirement

open

diffy

Mike West (Gerrit)

unread,

Nov 15, 2025, 6:56:35 PMNov 15

to Arthur Sonzogni, Chromium LUCI CQ, chromium...@chromium.org, Dirk Schulze, Kentaro Hara, Hirokazu Honda, Hongchan Choi, Stephen Chenney, blink-re...@chromium.org, blink-reviews-p...@chromium.org, blink-...@chromium.org, drott+bl...@chromium.org, fmalit...@chromium.org, fserb...@chromium.org, ipc-securi...@chromium.org, kinuko...@chromium.org, kouhe...@chromium.org, mac-r...@chromium.org, oilpan-rev...@chromium.org, video-networking...@google.com

Attention needed from Arthur Sonzogni

Mike West voted and added 2 comments

Votes added by Mike West

Code-Review

+1

2 comments

Patchset-level comments

File-level comment, Patchset 7 (Latest):

Mike West . resolved

LGTM.

File third_party/blink/renderer/platform/audio/biquad.cc

Line 107, Patchset 7 (Latest): UNSAFE_TODO(a2[k]) * y2;

Mike West . resolved

As an aside, it would be nice if there was a way to wrap a broader expression in `UNSAFE_TODO`, as this is somewhat verbose and makes the code harder to understand.

That said, perhaps that's the point to some extent?

Open in Gerrit

Related details

Attention is currently required from:

Arthur Sonzogni

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

open

diffy

Arthur Sonzogni (Gerrit)

unread,

Nov 17, 2025, 8:31:52 AMNov 17

to Mike West, Chromium LUCI CQ, chromium...@chromium.org, Dirk Schulze, Kentaro Hara, Hirokazu Honda, Hongchan Choi, Stephen Chenney, blink-re...@chromium.org, blink-reviews-p...@chromium.org, blink-...@chromium.org, drott+bl...@chromium.org, fmalit...@chromium.org, fserb...@chromium.org, ipc-securi...@chromium.org, kinuko...@chromium.org, kouhe...@chromium.org, mac-r...@chromium.org, oilpan-rev...@chromium.org, video-networking...@google.com

Arthur Sonzogni voted and added 2 comments

Votes added by Arthur Sonzogni

Auto-Submit	+1
Commit-Queue	+2

2 comments

Patchset-level comments

File-level comment, Patchset 8 (Latest):

Arthur Sonzogni . resolved

Thanks Mike!

File third_party/blink/renderer/platform/audio/biquad.cc

Line 107, Patchset 7: UNSAFE_TODO(a2[k]) * y2;

Mike West . resolved

As an aside, it would be nice if there was a way to wrap a broader expression in `UNSAFE_TODO`, as this is somewhat verbose and makes the code harder to understand.
That said, perhaps that's the point to some extent?

Arthur Sonzogni

Both!

The macro is enclosing the expression with pragma before and after.
It is possible to enclose the whole instruction as opposed to individual issues.

That's not something I can automate, because clang issue multiple range, but I can do it manually here if you want.

Open in Gerrit

Related details

Attention set is empty

Submit Requirements:

Code-Coverage
Code-Owners
Code-Review
Review-Enforcement

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

satisfied_requirement

open

diffy

Chromium LUCI CQ (Gerrit)

unread,

Nov 17, 2025, 9:24:46 AMNov 17

to Arthur Sonzogni, Mike West, chromium...@chromium.org, Dirk Schulze, Kentaro Hara, Hirokazu Honda, Hongchan Choi, Stephen Chenney, blink-re...@chromium.org, blink-reviews-p...@chromium.org, blink-...@chromium.org, drott+bl...@chromium.org, fmalit...@chromium.org, fserb...@chromium.org, ipc-securi...@chromium.org, kinuko...@chromium.org, kouhe...@chromium.org, mac-r...@chromium.org, oilpan-rev...@chromium.org, video-networking...@google.com

Chromium LUCI CQ submitted the change with unreviewed changes

Unreviewed changes

7 is the latest approved patch-set.
The change was submitted with unreviewed changes in the following files:

```
The name of the file: third_party/blink/renderer/platform/audio/biquad.cc
Insertions: 2, Deletions: 3.

The diff is too large to show. Please review the diff.
```

Change information

Commit message:

Convert to UNSAFE_TODO in third_party/blink

This is an automated #cleanup patch using the [Script] below.

We are migrating from coarse-grained file-level suppression (#pragma
allow_unsafe_buffers) to granular, expression-level markers
(UNSAFE_TODO()). The pragma disables safety checks for an entire file,
whereas UNSAFE_TODO() isolates specific potentially unsafe operations,
allowing the rest of the file to be enforced as safe.

This CL was uploaded by git cl split.

Script: https://docs.google.com/document/d/1ORQGBNn2R-CEvNbDTjRd-GrOBOFlCxIHdcvSUA_EhR4/edit?usp=sharing

AX-Relnotes: N/A

Cleanup: This is an automated #cleanup.

Bug: 409340989

Change-Id: I288f6783738c71a3c0ca9aede185394a8db73ed3

Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/7131920

Auto-Submit: Arthur Sonzogni <arthurs...@chromium.org>

Commit-Queue: Arthur Sonzogni <arthurs...@chromium.org>

Reviewed-by: Mike West <mk...@chromium.org>

Cr-Commit-Position: refs/heads/main@{#1545877}

Files:

M third_party/blink/public/common/input/web_gesture_event.h
M third_party/blink/renderer/modules/webaudio/cpu/arm/oscillator_kernel_neon.cc
M third_party/blink/renderer/modules/webaudio/oscillator_handler.cc
M third_party/blink/renderer/modules/webaudio/periodic_wave.cc
M third_party/blink/renderer/platform/audio/biquad.cc
M third_party/blink/renderer/platform/audio/cpu/arm/delay_neon.cc
M third_party/blink/renderer/platform/audio/cpu/arm/vector_math_neon.h
M third_party/blink/renderer/platform/audio/cpu/x86/vector_math_impl.h
M third_party/blink/renderer/platform/audio/cpu/x86/vector_math_x86.h

M third_party/blink/renderer/platform/graphics/cpu/arm/webgl_image_conversion_neon.h
M third_party/blink/renderer/platform/graphics/cpu/x86/webgl_image_conversion_sse.h

M third_party/blink/renderer/platform/graphics/test/mock_embedded_frame_sink_provider.h
M third_party/blink/renderer/platform/heap/collection_support/heap_hash_table_backing.h
M third_party/blink/renderer/platform/heap/collection_support/heap_vector_backing.h
M third_party/blink/renderer/platform/heap/test/concurrent_marking_test.cc

M third_party/blink/renderer/platform/mojo/string16_mojom_traits.h
M third_party/blink/renderer/platform/peerconnection/h265_parameter_sets_tracker.cc
M third_party/blink/renderer/platform/peerconnection/rtc_video_encoder_test.cc

Change size: L

Delta: 18 files changed, 410 insertions(+), 419 deletions(-)

Branch: refs/heads/main

Submit Requirements:

Code-Review: +1 by Mike West

Open in Gerrit

Inspect html for hidden footers to help with email filtering. To unsubscribe visit settings.

Gerrit

open

diffy

satisfied_requirement

Reply all

Reply to author

Forward

Convert to UNSAFE_TODO in third_party/blink [chromium/src : main]

Arthur Sonzogni (Gerrit)

Arthur Sonzogni has uploaded the change for review

Commit message

Change diff

Change information

Related details

Arthur Sonzogni (Gerrit)

Arthur Sonzogni voted Commit-Queue+1

Related details

Arthur Sonzogni (Gerrit)

Arthur Sonzogni voted and added 1 comment

Votes added by Arthur Sonzogni

1 comment

Related details

Arthur Sonzogni (Gerrit)

Arthur Sonzogni voted Auto-Submit+1

Related details

Mike West (Gerrit)

Mike West voted and added 2 comments

Votes added by Mike West

2 comments

Related details

Arthur Sonzogni (Gerrit)

Arthur Sonzogni voted and added 2 comments

Votes added by Arthur Sonzogni

2 comments

Related details

Chromium LUCI CQ (Gerrit)

Chromium LUCI CQ submitted the change with unreviewed changes

Unreviewed changes

Change information