[pull] master from chromium:master #4

pull · 2021-08-30T12:44:39Z

See Commits and Changes for more details.

Can you help keep this open source service alive? 💖 Please sponsor : )

The declarations of the move ctor and operator have "noexcept", but their impls don't have noexcept. That causes a compile failure on C++17 mode. Bug: 752720 Test: compile Change-Id: I6dabe840a8fa24ea44dde2991614f7719e89152e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3127821 Commit-Queue: Eric Willigers <ericwilligers@chromium.org> Auto-Submit: Yoshiki Iguchi <yoshiki@chromium.org> Reviewed-by: Eric Willigers <ericwilligers@chromium.org> Cr-Commit-Position: refs/heads/main@{#916319}

Bug: 1244450 Change-Id: I0708d06c3037bb0eaa814f85d867ce0cc5b028bd Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3127823 Commit-Queue: Yuki Shiino <yukishiino@chromium.org> Owners-Override: Yuki Shiino <yukishiino@chromium.org> Auto-Submit: Yuki Shiino <yukishiino@chromium.org> Reviewed-by: Kentaro Hara <haraken@chromium.org> Reviewed-by: Tal Pressman <talp@google.com> Reviewed-by: Takashi Sakamoto <tasak@google.com> Cr-Commit-Position: refs/heads/main@{#916320}

https://chrome-internal.googlesource.com/chrome/src-internal.git/+log/17de685cfee4..c3049aa34a2b If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://skia-autoroll.corp.goog/r/src-internal-chromium-autoroll Please CC yukishiino@google.com on the revert to ensure that a human is aware of the problem. To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md Cq-Include-Trybots: luci.chrome.try:linux-chromeos-chrome Bug: None Tbr: yukishiino@google.com Change-Id: Ica3962ac62fb772e74aa85f844a60bfbf85d7e27 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128484 Commit-Queue: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com> Bot-Commit: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com> Reviewed-by: Yuki Shiino <yukishiino@chromium.org> Cr-Commit-Position: refs/heads/main@{#916321}

This CL replaces std::vector with WTF::Vector in a file media_stream_constraints_util_video_device.cc Bug: 704136 Change-Id: Ib9245a9ce184d66d9be7841fbd1cd07f8b6a6248 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3094045 Commit-Queue: Sumaid <ssyed@igalia.com> Reviewed-by: Guido Urdaneta <guidou@chromium.org> Reviewed-by: Peter Kasting <pkasting@chromium.org> Cr-Commit-Position: refs/heads/main@{#916322}

https://skia.googlesource.com/skia.git/+log/09e533b744ea..91b781e7f670 2021-08-30 skia-autoroll@skia-public.iam.gserviceaccount.com Roll ANGLE from cf24931abf27 to bc89eda7bb6e (19 revisions) If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/skia-autoroll Please CC fmalita@google.com on the revert to ensure that a human is aware of the problem. To file a bug in Skia: https://bugs.chromium.org/p/skia/issues/entry To file a bug in Chromium: https://bugs.chromium.org/p/chromium/issues/entry To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md Cq-Include-Trybots: luci.chromium.try:android_optional_gpu_tests_rel;luci.chromium.try:linux-blink-rel;luci.chromium.try:linux-chromeos-compile-dbg;luci.chromium.try:linux_optional_gpu_tests_rel;luci.chromium.try:mac_optional_gpu_tests_rel;luci.chromium.try:win_optional_gpu_tests_rel Cq-Do-Not-Cancel-Tryjobs: true Bug: None Tbr: fmalita@google.com Test: Test: Test: Fortnite MEC Change-Id: I451c0bdf665b45f472de4c861ab74c6b2b01c038 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128761 Commit-Queue: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Bot-Commit: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#916323}

Added: - myself for all files - jopalmer@ and jiwan@ for input-related files (working on IME settings) Bug: None Change-Id: Ib6e259b1d7907a9d7e9256fddbb24e13d6f4201d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128442 Reviewed-by: My Nguyen <myy@chromium.org> Reviewed-by: John Palmer <jopalmer@chromium.org> Reviewed-by: Jing Wang <jiwan@chromium.org> Commit-Queue: Michael Cui <mlcui@google.com> Cr-Commit-Position: refs/heads/main@{#916324}

This is the third step in consolidating WebAppsBase, WebApps and WebAppsChromeOs into a single class. Bug: 1243588 Change-Id: Ic31f9b08666e767eb5130da0e9063194216c1e3e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3121769 Commit-Queue: Eric Willigers <ericwilligers@chromium.org> Reviewed-by: Nancy Wang <nancylingwang@chromium.org> Cr-Commit-Position: refs/heads/main@{#916325}

This reverts commit eb40791. Reason for revert: relanded "add fetch_reclient_cfgs step" https://chromium-review.googlesource.com/c/chromium/tools/build/+/3116836 "fetch_reclient_cfs step" should provide chromium-browser-clang/rewrapper.cfg etc, which was missed in https://ci.chromium.org/ui/p/v8/builders/ci/V8%20Linux64%20-%20builder%20(reclient%20compare)/378/overview ``` failed reading config file ../../buildtools/reclient_cfgs/chromium-browser-clang/rewrapper_linux.cfg: open ../../buildtools/reclient_cfgs/chromium-browser-clang/rewrapper_linux.cfg: no such file or directory ``` Original change's description: > Revert "use reclient cfgs cipd" > > This reverts commit f5587e8. > > Reason for revert: maybe causing this failure? > https://ci.chromium.org/p/v8/builders/ci/V8%20Linux64%20-%20builder%20(reclient%20compare) > > Original change's description: > > use reclient cfgs cipd > > > > fix fetch_reclient_cfgs.py to copy win-cross-experiments cfgs > > in win-cross-experiments dir, to make them available by just > > changing rbe_cfg_dir and because windows may not use symlinks. > > > > Bug: 1215035 > > Change-Id: Icfaf7dd6ca2e7ab01fd9c1574bc362c2664addb1 > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3096489 > > Auto-Submit: Fumitoshi Ukai <ukai@google.com> > > Reviewed-by: Yoshisato Yanagisawa <yyanagisawa@google.com> > > Reviewed-by: Dirk Pranke <dpranke@google.com> > > Commit-Queue: Dirk Pranke <dpranke@google.com> > > Cr-Commit-Position: refs/heads/master@{#912372} > > Bug: 1215035 > Change-Id: I0c73fd1e6841d808a8a1847ab4fc18a768cd1849 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3103130 > Reviewed-by: Takuto Ikuta <tikuta@chromium.org> > Reviewed-by: Dirk Pranke <dpranke@google.com> > Reviewed-by: Michael Savigny <msavigny@google.com> > Commit-Queue: Yoshisato Yanagisawa <yyanagisawa@google.com> > Cr-Commit-Position: refs/heads/main@{#913202} Bug: 1215035 Change-Id: Ic6befd7e21ba49de767cc17bf1dc72a5dd14b10f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3115662 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Fumitoshi Ukai <ukai@google.com> Reviewed-by: Takuto Ikuta <tikuta@chromium.org> Reviewed-by: Yoshisato Yanagisawa <yyanagisawa@google.com> Reviewed-by: Dirk Pranke <dpranke@google.com> Cr-Commit-Position: refs/heads/main@{#916326}

State banners have the added functionality of only appearing for a finite period of time (unless otherwise specified). This requires maintaining the time the banner has been visible in the Files app. This adds that functionality as well as the ability to return Banners.INFINITE_TIME_LIMIT if the banner needs to always persist. Bug: 1228128 Test: browser_tests --gtest_filter=FileManagerJsTest.Banner* Change-Id: I7236254c6af6aeca1275cbc283f7f603ee88d1f9 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3121633 Commit-Queue: Ben Reich <benreich@chromium.org> Reviewed-by: Luciano Pacheco <lucmult@chromium.org> Cr-Commit-Position: refs/heads/main@{#916327}

BUG=1243053 Change-Id: I9e0d01ef309da1f8afe1a08d66e8dd1754c70077 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3114198 Commit-Queue: Sadrul Chowdhury <sadrul@chromium.org> Reviewed-by: John Chen <johnchen@chromium.org> Cr-Commit-Position: refs/heads/main@{#916328}

This CL updates the ash version 95.0.4627.0 for Lacros version skew testing. If this CL caused regressions, please revert and stop the autoroller at https://luci-scheduler.appspot.com/jobs/chrome/lacros-version-skew-roller Also please file a bug to OS>LaCrOS>Partner, and CC svenzheng@chromium.org, liaoyuke@chromium.org, yjt@google.com. R=rubber-stamper@appspot.gserviceaccount.com Bug: None Change-Id: I05b02860c5d6cf10775fc0525ed85112d60ebedb Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128464 Auto-Submit: chrome-weblayer-builder <chrome-weblayer-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#916329}

This CL reports the hardware encoder capabilities about temporal and spatial scalability via VideoEncodeAccelerator::SupportedProfile for VideoEncodeAccelerator. Bug: 1217919 Change-Id: I1507fa3330e29b1122c398e1256a1ac1d1f1ea65 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3061830 Reviewed-by: Dominick Ng <dominickn@chromium.org> Reviewed-by: Hirokazu Honda <hiroh@chromium.org> Reviewed-by: Dale Curtis <dalecurtis@chromium.org> Commit-Queue: Zhaoliang Ma <zhaoliang.ma@intel.com> Cr-Commit-Position: refs/heads/main@{#916330}

Add a search parameter for CCA URL: ?mode={video,photo,square} to control what the default mode to use, and fallback to photo mode if the search parameter is not specified. Bug: b:189723935 Test: chrome://camera-app/views/main.html?mode=video in Chrome Test: tast run <ip> camera.CCAUISmoke* camera.CCAUIStress* camera.CCAUIIntent Change-Id: I1e5a6d1ecb5d448635c73a7e8da0ae1a69ba1d6e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3121877 Reviewed-by: Shik Chen <shik@chromium.org> Commit-Queue: Pi-Hsun Shih <pihsun@chromium.org> Cr-Commit-Position: refs/heads/main@{#916331}

The enable-experimental-accessibility-labels-debugging flag can be a helpful way to debug issues with the "Get Image Descriptions from Google" feature. However, it works by injecting a bit of CSS into a web page while accessibility serialization is happening, which triggers some checks that disallow transitioning the document lifecycle during that scope. To work around this, disable these checks when enable-experimental-accessibility-labels-debugging is enabled. It'd be better to change the debugging flag so that it doesn't modify the document in the same scope, but that'd be significantly more work and it's not clear it'd be worth it since the flag is only useful for occasional quick debugging by developers. Bug: None Change-Id: Id318c5cd0d3b044a29d4063f64f41ad3a290e814 AX-Relnotes: N/A Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3101472 Commit-Queue: Dominic Mazzoni <dmazzoni@chromium.org> Reviewed-by: Aaron Leventhal <aleventhal@chromium.org> Cr-Commit-Position: refs/heads/main@{#916332}

https://chromium.googlesource.com/devtools/devtools-frontend.git/+log/2260f9ed221c..fd9d2876226a 2021-08-30 devtools-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com Update DevTools Chromium DEPS. If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/devtools-frontend-chromium Please CC devtools-waterfall-sheriff-onduty@grotations.appspotmail.com on the revert to ensure that a human is aware of the problem. To file a bug in Chromium: https://bugs.chromium.org/p/chromium/issues/entry To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md Bug: None Tbr: devtools-waterfall-sheriff-onduty@grotations.appspotmail.com Change-Id: I50e5ccd13c5dcf9e91bb1612d644fd0f2e891060 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128624 Commit-Queue: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Bot-Commit: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#916333}

The DISMISS_FOREVER event is emitted by the EducationalBanner when dismiss has been pressed. CL:3121874 fixed up an error when the showLimit is hit but not properly hidden. The result of this meant during the current session if the limit is reached it will continue to show, but dismiss forever needs to force it to hide. Bug: 1228128 Test: browser_tests --gtest_filter=FileManagerJsTest.Banner* Test: Compile and verify the banner doesn't show after dismiss Change-Id: I272de0f96b22cf98318a26996ed24c60d2cb2000 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128405 Commit-Queue: Ben Reich <benreich@chromium.org> Reviewed-by: Luciano Pacheco <lucmult@chromium.org> Cr-Commit-Position: refs/heads/main@{#916334}

Summary of changes available at: https://chromium.googlesource.com/v8/v8/+log/062778b5..fc3c74dc Please follow these instructions for assigning/CC'ing issues: https://v8.dev/docs/triage-issues Please close rolling in case of a roll revert: https://v8-roll.appspot.com/ This only works with a Google account. CQ_INCLUDE_TRYBOTS=luci.chromium.try:linux-blink-rel CQ_INCLUDE_TRYBOTS=luci.chromium.try:linux_optional_gpu_tests_rel CQ_INCLUDE_TRYBOTS=luci.chromium.try:mac_optional_gpu_tests_rel CQ_INCLUDE_TRYBOTS=luci.chromium.try:win_optional_gpu_tests_rel CQ_INCLUDE_TRYBOTS=luci.chromium.try:android_optional_gpu_tests_rel R=hablich@chromium.org,vahl@chromium.org,v8-waterfall-sheriff@grotations.appspotmail.com Change-Id: Idc662e4015e1deec351c342434e1adef15f1a541 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3127646 Bot-Commit: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Commit-Queue: v8-ci-autoroll-builder <v8-ci-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#916335}

Added myself as the owner of enterprise histograms.xml as I have passed the metrics reviewing quiz. Bug: none Change-Id: I309b2dc022174776eb99275a56754d44a3bb794f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3122092 Reviewed-by: Mark Pearson <mpearson@chromium.org> Commit-Queue: Amr Aboelkher <amraboelkher@chromium.org> Cr-Commit-Position: refs/heads/main@{#916336}

Normal right click context menu is created with anchor width and height that are defined as 1x1. However, in case of extension context menu, the anchor is the size of the extension icon, and the menu must be placed below the anchor. Bug: 1163646 Change-Id: I8682ce30c365fb57cf1802b04ec0702993ee2180 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3118046 Commit-Queue: Maksim Sisov <msisov@igalia.com> Reviewed-by: Mike Wasserman <msw@chromium.org> Cr-Commit-Position: refs/heads/main@{#916337}

This CL adds WizardControllerCreated event, ProfilePreparedWaiter object, and makes LoginManagerMixin wait for WizardControllerCreated and waif for profile prepared in LoginAsNewUser. It also allows SessionStateWaiter to detect session change condition if it happened before Wait was called. Waiting for ProfilePrepared makes safe for most of the tests to do user checks after login (and those that need immediate status do not use this flow). chromeos::test::WaitForPrimaryUserSessionStart() also now waits for primary user profile. This removes flakiness in some tests. Waiting for WizardControllerCreated allows for it to be created asynchronously (in the future change). This is re-land of https://chromium-review.googlesource.com/c/chromium/src/+/3108506 after flaky tests were fixed by updating WaitForPrimaryUserSessionStart. Bug: 1218161,1243040 Change-Id: I7d002e56aa935ed57e8d65fefe06ab3ed0130cd1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3117925 Reviewed-by: Roman Sorokin [CET] <rsorokin@chromium.org> Commit-Queue: Roman Sorokin [CET] <rsorokin@chromium.org> Auto-Submit: Alexander Alekseev <alemate@chromium.org> Cr-Commit-Position: refs/heads/main@{#916338}

Split JaPhoneticMap from ja_phonetic_data.js to avoid loading large data when running the test. In test, JA_TEST_MAP is loaded instead of JaPhoneticMap.MAP. Also, this fixed the presubmit issue. Change bind(this) to arrow function in background.js. Bug: 1195393 Test: ChromeVoxPhoneticDataTest Change-Id: I668e71debeb3e2eccc1024cd29a33e31730b7fde AX-Relnotes: n/a. Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3112992 Commit-Queue: Chiaki Ushimaru <uchiaki@google.com> Reviewed-by: Akihiro Ota <akihiroota@chromium.org> Reviewed-by: Hiroki Sato <hirokisato@chromium.org> Cr-Commit-Position: refs/heads/main@{#916339}

Bug: 1244128 Change-Id: I8bb94866f7b9a8c3b3721304027eb7c9e9d442c1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3127970 Commit-Queue: Yuki Shiino <yukishiino@chromium.org> Commit-Queue: Kentaro Hara <haraken@chromium.org> Owners-Override: Yuki Shiino <yukishiino@chromium.org> Auto-Submit: Yuki Shiino <yukishiino@chromium.org> Reviewed-by: Kentaro Hara <haraken@chromium.org> Cr-Commit-Position: refs/heads/main@{#916340}

If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://autoroll.skia.org/r/fuchsia-sdk-chromium-autoroll Please CC chrome-fuchsia-gardener@grotations.appspotmail.com on the revert to ensure that a human is aware of the problem. To file a bug in Chromium: https://bugs.chromium.org/p/chromium/issues/entry To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md Cq-Include-Trybots: luci.chromium.try:fuchsia-arm64-cast;luci.chromium.try:fuchsia-deterministic-dbg;luci.chromium.try:fuchsia-x64-cast Tbr: chrome-fuchsia-gardener@grotations.appspotmail.com Disable-Retries: true Change-Id: I1da1aeebd4977217696d0c53003c8835e47a5357 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128762 Commit-Queue: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Bot-Commit: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#916341}

Fixed: chromium:1242479 Change-Id: Iefbafe2d27ad122ce92945d67e9153197d5e18f0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3122342 Reviewed-by: Yang Guo <yangguo@chromium.org> Reviewed-by: Robert Kaplow <rkaplow@chromium.org> Commit-Queue: Alex Rudenko <alexrudenko@chromium.org> Cr-Commit-Position: refs/heads/main@{#916342}

Bug: 1188290 Change-Id: I55be997b2f44b1c19db2e7fbfe6956fbbf74ccc0 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128053 Auto-Submit: Caitlin Fischer <caitlinfischer@google.com> Commit-Queue: Leszek Swirski <leszeks@chromium.org> Reviewed-by: Leszek Swirski <leszeks@chromium.org> Cr-Commit-Position: refs/heads/main@{#916343}

https://chrome-internal.googlesource.com/chrome/src-internal.git/+log/c3049aa34a2b..ede2ea6607a6 If this roll has caused a breakage, revert this CL and stop the roller using the controls here: https://skia-autoroll.corp.goog/r/src-internal-chromium-autoroll Please CC yukishiino@google.com on the revert to ensure that a human is aware of the problem. To report a problem with the AutoRoller itself, please file a bug: https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md Cq-Include-Trybots: luci.chrome.try:linux-chromeos-chrome Bug: None Tbr: yukishiino@google.com Change-Id: I0926d4ff42952c56c845a63b93ebb749fb385172 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128623 Commit-Queue: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com> Bot-Commit: chromium-internal-autoroll <chromium-internal-autoroll@skia-corp.google.com.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#916344}

Change-Id: I02182fd28d2f8c3fad30c240f970a922967c79a4 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128662 Commit-Queue: Internal Frameworks Autoroller <bling-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Bot-Commit: Internal Frameworks Autoroller <bling-autoroll-builder@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#916345}

On Linux, the "Use system title bar and borders" checkbox is not working. This CL fixes this problem. This problem is happening in beta channel. I think this problem is related to https://crrev.com/c/2944873 (https://chromiumdash.appspot.com/commit/1492ded5d27e956a8aaeb3ef0eb2ea6602df762b). In my environment (openbox WM), features::IsUsingOzonePlatform() returns false. In this case, the original following logic returns false. But it should be true. ``` const bool show_custom_chrome_frame = features::IsUsingOzonePlatform() && ui::OzonePlatform::GetInstance() ->GetPlatformRuntimeProperties() .supports_server_side_window_decorations; ``` Bug: 1243937 Change-Id: Iaf274a7353b5ceb63bf3b9aa9c674a3c1de3a02a Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3126256 Reviewed-by: Theodore Olsauskas-Warren <sauski@google.com> Reviewed-by: Alexander Dunaev <adunaev@igalia.com> Commit-Queue: Alexander Dunaev <adunaev@igalia.com> Cr-Commit-Position: refs/heads/main@{#916346}

Bug: 1188290 Change-Id: Ic0c3e3941973ff729f7d3238567e3b786acf9ad2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3128058 Auto-Submit: Caitlin Fischer <caitlinfischer@google.com> Commit-Queue: Illia Klimov <elklm@chromium.org> Reviewed-by: Illia Klimov <elklm@chromium.org> Cr-Commit-Position: refs/heads/main@{#916347}

The wait for the error page to be displayed before ending the test (and releasing the WebState) Change-Id: I8a0321f800f56824faf722b7bcf801714a34944f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3122101 Reviewed-by: Gauthier Ambard <gambard@chromium.org> Commit-Queue: Olivier Robin <olivierrobin@chromium.org> Cr-Commit-Position: refs/heads/main@{#916348}

…ation At least on Linux X11, views::test::TestDesktopScreenOzone::Create() may try to retrieve a localized string for "Built-in display" after [1]. But screen creation happens early for interactive UI tests since [2], at least before ChromeFeatureListCreator::ConvertFlagsToSwitches() which assumes ui::ResourceBundle is not initialized. This is causing the crash below for all interactive UI tests on Linux X11, which this CL fixes by temporarily initializing ui::ResourceBundle during screen creation. See crbug.com/1457129 for details. [24841:24841:FATAL:resource_bundle.cc(357)] Check failed: g_shared_instance_ != nullptr. #0 0x5585747ceee2 base::debug::CollectStackTrace() #1 0x5585747b6213 base::debug::StackTrace::StackTrace() #2 0x5585746ab79d logging::LogMessage::~LogMessage() #3 0x5585746ac2ee logging::LogMessage::~LogMessage() #4 0x558574692437 logging::CheckError::~CheckError() #5 0x558574bd6075 ui::ResourceBundle::GetSharedInstance() #6 0x558574bc0a18 l10n_util::GetStringUTF8() #7 0x5585758fddc1 ui::BuildDisplaysFromXRandRInfo() #8 0x5585758fb539 ui::XDisplayManager::FetchDisplayList() #9 0x5585758fb449 ui::XDisplayManager::Init() #10 0x55856dd0e34c ui::X11ScreenOzone::Init() #11 0x55856d09ed3d views::test::TestDesktopScreenOzone::Create() #12 0x558572c7ec70 InProcessBrowserTest::SetScreenInstance() #13 0x558572c7e44f InProcessBrowserTest::SetUp() #14 0x55856d24c5f2 testing::Test::Run() #15 0x55856d24d865 testing::TestInfo::Run() #16 0x55856d24e337 testing::TestSuite::Run() #17 0x55856d25cf07 testing::internal::UnitTestImpl::RunAllTests() #18 0x55856d25c9ff testing::UnitTest::Run() #19 0x5585746730ec base::TestSuite::Run() #20 0x558572c5eddb ChromeTestSuiteRunner::RunTestSuiteInternal() #21 0x55856cc79be4 InteractiveUITestSuiteRunner::RunTestSuite() #22 0x558572c5f069 ChromeTestLauncherDelegate::RunTestSuite() #23 0x558573d7b9ab content::LaunchTestsInternal() #24 0x558572c5f325 LaunchChromeTests() Bug: 1457129 [1] crrev.com/1010705 [2] crrev.com/1011300 Change-Id: I173b41d4369fa26332a37b0f89e14669b6b227a1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4632804 Commit-Queue: Frédéric Wang <fwang@igalia.com> Reviewed-by: Scott Violet <sky@chromium.org> Cr-Commit-Position: refs/heads/main@{#1191366}

…reen creation" This reverts commit 5931e82. Reason for revert: Suspect causing multiple test failed on Linux Tests (dbg)(1) first failure: https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20Tests%20(dbg)(1)/115562/overview Original change's description: > interactive_ui_tests: use temporary ui::ResourceBundle for screen creation > > At least on Linux X11, views::test::TestDesktopScreenOzone::Create() may > try to retrieve a localized string for "Built-in display" after [1]. > But screen creation happens early for interactive UI tests since [2], at > least before ChromeFeatureListCreator::ConvertFlagsToSwitches() which > assumes ui::ResourceBundle is not initialized. This is causing the crash > below for all interactive UI tests on Linux X11, which this CL fixes by > temporarily initializing ui::ResourceBundle during screen creation. > See crbug.com/1457129 for details. > > [24841:24841:FATAL:resource_bundle.cc(357)] Check failed: g_shared_instance_ != nullptr. > #0 0x5585747ceee2 base::debug::CollectStackTrace() > #1 0x5585747b6213 base::debug::StackTrace::StackTrace() > #2 0x5585746ab79d logging::LogMessage::~LogMessage() > #3 0x5585746ac2ee logging::LogMessage::~LogMessage() > #4 0x558574692437 logging::CheckError::~CheckError() > #5 0x558574bd6075 ui::ResourceBundle::GetSharedInstance() > #6 0x558574bc0a18 l10n_util::GetStringUTF8() > #7 0x5585758fddc1 ui::BuildDisplaysFromXRandRInfo() > #8 0x5585758fb539 ui::XDisplayManager::FetchDisplayList() > #9 0x5585758fb449 ui::XDisplayManager::Init() > #10 0x55856dd0e34c ui::X11ScreenOzone::Init() > #11 0x55856d09ed3d views::test::TestDesktopScreenOzone::Create() > #12 0x558572c7ec70 InProcessBrowserTest::SetScreenInstance() > #13 0x558572c7e44f InProcessBrowserTest::SetUp() > #14 0x55856d24c5f2 testing::Test::Run() > #15 0x55856d24d865 testing::TestInfo::Run() > #16 0x55856d24e337 testing::TestSuite::Run() > #17 0x55856d25cf07 testing::internal::UnitTestImpl::RunAllTests() > #18 0x55856d25c9ff testing::UnitTest::Run() > #19 0x5585746730ec base::TestSuite::Run() > #20 0x558572c5eddb ChromeTestSuiteRunner::RunTestSuiteInternal() > #21 0x55856cc79be4 InteractiveUITestSuiteRunner::RunTestSuite() > #22 0x558572c5f069 ChromeTestLauncherDelegate::RunTestSuite() > #23 0x558573d7b9ab content::LaunchTestsInternal() > #24 0x558572c5f325 LaunchChromeTests() > > Bug: 1457129 > > [1] crrev.com/1010705 > [2] crrev.com/1011300 > > Change-Id: I173b41d4369fa26332a37b0f89e14669b6b227a1 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4632804 > Commit-Queue: Frédéric Wang <fwang@igalia.com> > Reviewed-by: Scott Violet <sky@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1191366} Bug: 1457129, 1478318 Change-Id: Ib5adf3d8d8fb0b80789b6351f90cade2d6a6b682 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4833241 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Owen Min <zmin@chromium.org> Reviewed-by: Peter Williamson <petewil@chromium.org> Owners-Override: Owen Min <zmin@chromium.org> Auto-Submit: Owen Min <zmin@chromium.org> Cr-Commit-Position: refs/heads/main@{#1191537}

@AliMariam

@AliMariam reported the dangling pointer detector found a new dangling pointer when running tests on linux Workstation. The error is: ``` The memory was freed at: #3 allocator_shim::internal::PartitionFree() #4 bluez::BluezDBusThreadManager::~BluezDBusThreadManager() #5 bluez::BluezDBusThreadManager::Shutdown() #6 ChromeBrowserMainPartsLinux::PostDestroyThreads() #7 content::BrowserMainLoop::ShutdownThreadsAndCleanUp() #8 content::BrowserMainRunnerImpl::Shutdown() #9 content::BrowserMain() #10 content::RunBrowserProcessMain() #11 content::ContentMainRunnerImpl::RunBrowser() #12 content::ContentMainRunnerImpl::Run() #13 content::RunContentProcess() #14 content::ContentMain() #15 ChromeMain The dangling raw_ptr was released at: #3 base::internal::RawPtrBackupRefImpl<>::ReleaseInternal() #4 dbus::ObjectManager::~ObjectManager() #5 std::__Cr::__tuple_impl<>::~__tuple_impl() #6 base::internal::BindState<>::Destroy() #7 base::[...]::LazilyDeallocatedDeque<>::Ring::~Ring() #8 base::[...]::TaskQueueImpl::UnregisterTaskQueue() #9 base::[...]::SequenceManagerImpl::UnregisterTaskQueueImpl() #10 base::sequence_manager::TaskQueue::ShutdownTaskQueue() #11 content::BrowserTaskQueues::~BrowserTaskQueues() #12 content::BrowserUIThreadScheduler::~BrowserUIThreadScheduler() #13 content::BrowserTaskExecutor::[...]::~UIThreadExecutor() #14 content::BrowserTaskExecutor::[...]::~UIThreadExecutor() #15 content::BrowserTaskExecutor::Shutdown() #16 content::ContentMainRunnerImpl::Shutdown() #17 content::RunContentProcess() #18 content::ContentMain() #19 ChromeMain ``` Diagnostic: - `bluez::BluezDBusThreadManager` owns a `dbus::Bus` as `system_bus`. - `dbus::Bus` owns: - The set of `dbus::ObjectManager` as `object_manager_table_`. - The DBus task runner as `dbus_task_runner_`. - The `dbus::ObjectManager` references `dbus::Bus` via `bus_`. So far so good, the ownership is clear. The problem happens when calling `dbus::Bus::RemoveObjectManager`. Indeed this moves the ObjectManager out of `dbus::Bus` toward a callback to a new thread. This still works transitively, because the dbus::Bus owns the thread. The problem happens after a second transfer back to the original thread. Indeed, there is a race condition possible: Behavior without problems: ----------------------------------- ┌─────────────┐ ┌───────────┐ │Origin thread│ │DBus thread│ └──────┬──────┘ └─────┬─────┘ RemoveObjectManager() │ │────────────────────────────────>│ │ RemoveObjectManagerInternal() │<────────────────────────────────│ RemoveObjectManagerInternalHelper() │ ~ObjectManager() │ │ ┌─────┴─────┐ Shutdown DBus Thread ─────────────>│DBus thread│ Shutdown DBus Thread <─────────────│DBus thread│ │ └───────────┘ ~Bus ┌──────┴──────┐ │Origin thread│ └─────────────┘ Behavior with problems: ---------------------------------------- ┌─────────────┐ ┌───────────┐ │Origin thread│ │DBus thread│ └──────┬──────┘ └─────┬─────┘ RemoveObjectManager() │ │────────────────────────────────>│ │ RemoveObjectManagerInternal() │ ┌────────────│ │ │ ┌─────┴─────┐ Shutdown DBus Thread ─────────────>│DBus thread│ Shutdown DBus Thread <─────────────│DBus thread│ │ │ └───────────┘ ~Bus() │ │ │ │<───────────────────┘ RemoveObjectManagerInternalHelper() ~ObjectManager() ┌──────┴──────┐ │Origin thread│ └─────────────┘ ----------------------------------------------------------------- In the second case: ~Bus() is called before ~ObjectManager(). The fix is a use `ObjectManager::Cleanup()` to cleanup the raw_ptr while the object is still transitively owned by the object it referenced. Bug: chromium:1478759 Fixed: chromium:1478759 Change-Id: I4ac04d449ab8a7b860256c490f8ac878c1c5c7c5 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4839496 Reviewed-by: Ryo Hashimoto <hashimoto@chromium.org> Commit-Queue: Arthur Sonzogni <arthursonzogni@chromium.org> Cr-Commit-Position: refs/heads/main@{#1192343}

This CL essentially reverts https://crrev.com/c/1761606 from 2019, except for the 7 files related to AutofillTable. Those will be handled separately in CL #4. CL #5 will consist of anything remaining that was missed (a couple things were mentioned in CL #1 regarding this). Bug: 1465990, 1440281 Change-Id: I828b7ee8f946adb32e7e44afd6ea566ef6ca274e Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4848457 Code-Coverage: findit-for-me@appspot.gserviceaccount.com <findit-for-me@appspot.gserviceaccount.com> Reviewed-by: Peter Kotwicz <pkotwicz@chromium.org> Commit-Queue: Olivia Saul <jsaul@google.com> Cr-Commit-Position: refs/heads/main@{#1193759}

Disable following tests: WebUITestCase/testChromeAutofillInternalsSite WebUITestCase/testChromeURLBackAndForwardAndReloadNavigation WebUITestCase/testChromeURLsLoadWithoutError OverlayPresentationContextViewControllerTest.PresentedOverCurrentContext OverlayPresentationContextViewControllerTest.ResizingPresentedOverlay RecentTabsTestCase/testNoPromoIfSignedInAndSyncDisabledByPolicy Bug: 1487987, 1487982, 1487984 Change-Id: Ibdf9aecf3a9e358ef6d2080fde160a92aeead63d Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4902232 Code-Coverage: findit-for-me@appspot.gserviceaccount.com <findit-for-me@appspot.gserviceaccount.com> Commit-Queue: Gayane Petrosyan <gayane@google.com> Owners-Override: Gayane Petrosyan <gayane@google.com> Reviewed-by: Ali Juma <ajuma@chromium.org> Cr-Commit-Position: refs/heads/main@{#1203371}

…Item`" This reverts commit 08e77e6. Reason for revert: Builder: Linux ChromiumOS MSan Tests https://ci.chromium.org/p/chromium/builders/ci/Linux%20ChromiumOS%20MSan%20Tests First failing build: https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20ChromiumOS%20MSan%20Tests/38777/overview Sample stack trace: ==235916==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x56206b82114e in ash::OverviewGrid::FitWindowRectsInBounds() ./../../ash/wm/overview/overview_grid.cc:2609:9 #1 0x56206b803b04 in ash::OverviewGrid::GetWindowRects() ./../../ash/wm/overview/overview_grid.cc:2441:24 #2 0x56206b806fce in ash::OverviewGrid::PositionWindows() ./../../ash/wm/overview/overview_grid.cc:689:13 #3 0x56206b80c92a in ash::OverviewGrid::AddItem() ./../../ash/wm/overview/overview_grid.cc:835:5 #4 0x56206b865c27 in ash::OverviewSession::AddItem() ./../../ash/wm/overview/overview_session.cc:565:9 #5 0x56206b80fb65 in ash::OverviewGrid::AddDropTargetForDraggingFromThisGrid(ash::OverviewItemBase*) ./../../ash/wm/overview/overview_grid.cc:949:22 #6 0x56206b8817d0 in ash::OverviewWindowDragController::StartNormalDragMode(gfx::PointF const&) ./../../ash/wm/overview/overview_window_drag_controller.cc:352:18 #7 0x56206b8811a3 in ash::OverviewWindowDragController::Drag(gfx::PointF const&) ./../../ash/wm/overview/overview_window_drag_controller.cc:281:7 Original change's description: > snap-group: Correct drop target bounds for the `OverviewGroupItem` > > The bounds for the drop target should match the item which the drop > target is a placeholder for. It should also be applicable for group > item. This cl does the following things to make it work: > 1. Update the logic in > `OverviewGrid::CalculateWidthAndMaybeSetUnclippedBounds()` where > the width for the drop target widget is calculated; > 2. Update `IsDropTargetWindow()` to `IsDropTargetItem()` in order to > take the overview group item into account; > 3. Update the insets value in `OverviewGroupItem` anonymous space, to > only have insets in the middle. > > Fixed: b/301490403 > Demo: http://b/301490403#comment2 > Test: Added unit tests + manual > Change-Id: I67e84bdf795833e9b92bbca39098013485953dd7 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4906318 > Reviewed-by: Ahmed Fakhry <afakhry@chromium.org> > Commit-Queue: Michele Fan <michelefan@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1204855} Bug: 1489085 Change-Id: I282a746c4c4fe7ff58f679c6339970c59ae47e68 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4904793 Owners-Override: Giovanni Ortuno Urquidi <ortuno@chromium.org> Commit-Queue: Giovanni Ortuno Urquidi <ortuno@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Giovanni Ortuno Urquidi <ortuno@chromium.org> Cr-Commit-Position: refs/heads/main@{#1205009}

The font size may exceed UINT_MAX, as in FontCacheTest.GetLargerThanMaxUnsignedFont: [ RUN ] FontCacheTest.GetLargerThanMaxUnsignedFont ../../third_party/blink/renderer/platform/fonts/font_cache_key.h:69:20: runtime error: 4.29497e+11 is outside the range of representable values of type 'unsigned int' #0 0x559310083f05 in blink::FontCacheKey::FontCacheKey(blink::FontFaceCreationParams, float, unsigned int, float, blink::FontSizeAdjust, scoped_refptr<blink::FontVariationSettings>, scoped_refptr<blink::FontPalette>, scoped_refptr<blink::FontVariantAlternates>, bool) third_party/blink/renderer/platform/fonts/font_cache_key.h:69:20 #1 0x559310083c07 in blink::FontDescription::CacheKey(blink::FontFaceCreationParams const&, bool) const third_party/blink/renderer/platform/fonts/font_description.cc:285:16 #2 0x559310091444 in blink::FontPlatformDataCache::GetOrCreateFontPlatformData(blink::FontCache*, blink::FontDescription const&, blink::FontFaceCreationParams const&, blink::AlternateFontName) third_party/blink/renderer/platform/fonts/font_platform_data_cache.cc:69:24 #3 0x55931007ab39 in blink::FontCache::GetFontPlatformData(blink::FontDescription const&, blink::FontFaceCreationParams const&, blink::AlternateFontName) third_party/blink/renderer/platform/fonts/font_cache.cc:150:37 #4 0x55931007afef in blink::FontCache::GetFontData(blink::FontDescription const&, WTF::AtomicString const&, blink::AlternateFontName, blink::ShouldRetain) third_party/blink/renderer/platform/fonts/font_cache.cc:197:41 #5 0x55930bd6ed0a in blink::FontCacheTest_GetLargerThanMaxUnsignedFont_Test::TestBody() third_party/blink/renderer/platform/fonts/font_cache_test.cc:152:18 Casting float to integer is undefined behavior if it overflows. Use a saturated cast for clamping behavior. Note to reviewers, please look at this carefully. I don't know if this is the correct fix, or whether you all want to handle larger values differently. E.g. should the value instead be stored as a float? That would avoid clamping, but I'm assuming the rounding behavior is desirable for more caching? Making the type a float but storing std::round(font_size * kFontSizePrecisionMultiplier) might also work? Bug: 1394755 Change-Id: I36fa8d4da54e440a22e287f723b509e43499c096 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5002078 Reviewed-by: Dominik Röttsches <drott@chromium.org> Commit-Queue: David Benjamin <davidben@chromium.org> Auto-Submit: David Benjamin <davidben@chromium.org> Commit-Queue: Dominik Röttsches <drott@chromium.org> Cr-Commit-Position: refs/heads/main@{#1219526}

Fixes crashes from ChromeOS LKGM and uprev: 2023-12-05T01:55:19.934369Z FATAL chrome[3861:1]: [v8_initializer.cc(784)] V8 error: Cannot create a handle without a HandleScope (v8::HandleScope::CreateHandle()). #0 0x58368e9b9372 base::debug::CollectStackTrace() #1 0x58368e99e243 base::debug::StackTrace::StackTrace() #2 0x583687fa98c8 logging::LogMessage::~LogMessage() #3 0x58369371ae51 blink::ReportV8FatalError() #4 0x5836898c46b8 v8::Utils::ReportApiFailure() #5 0x583697d32136 v8::internal::HandleScope::Extend() #6 0x583697944118 v8::HandleScope::CreateHandle() #7 0x5836946bd75c blink::SoftNavigationHeuristics::SetCurrentTimeAsStartTime() #8 0x5836946be3d0 blink::SoftNavigationEventScope::~SoftNavigationEventScope() #9 0x583697fb0441 blink::EventDispatcher::Dispatch() #10 0x583693d5380c blink::MouseEvent::DispatchEvent() Bug: 1507981 Change-Id: I4106e037bc08c81ede1f2d497b9f993991fb9e47 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5087067 Reviewed-by: Yoav Weiss <yoavweiss@chromium.org> Commit-Queue: Yoav Weiss <yoavweiss@chromium.org> Cr-Commit-Position: refs/heads/main@{#1233189}

When the kAppServiceStorage flag is enabled, AppService blocks the app publishers creating until it's ready, after reading from the AppStorage file. This affects some tests, e.g. ChromeHidDelegateRenderFrameTest.*. Those tests crash, because TestingProfileManager's ScopedTestingLocalState setting in TestingBrowserProcess. ExtensionAppsChromeOs::Initialize observes policy in pref, which depends on ScopedTestingLocalState. Well, TestingBrowserProcess::SetLocalState uses some workaround for PrefService. So when the test is existing it may cause the error: Received signal 11 SEGV_ACCERR 5610a0fd0680 #0 0x7fed5d5089cc base::debug::CollectStackTrace() #1 0x7fed5d4c0a1a base::debug::StackTrace::StackTrace() #2 0x7fed5d4c09d5 base::debug::StackTrace::StackTrace() #3 0x7fed5d508388 base::debug::(anonymous namespace)::StackDumpSignalHandler() #4 0x7fecdb07d510 (/usr/lib/x86_64-linux-gnu/libc.so.6+0x3c50f) #5 0x5610a0fd0680 <unknown> Modify the test setup process to create the user manager first, then create the profile to align with the production code in ChromeOS. BUG=1385932, b:307623506 Change-Id: I05e255e0602e45fbd3f37add472ea80f24002648 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5082856 Reviewed-by: Reilly Grant <reillyg@chromium.org> Commit-Queue: Nancy Wang <nancylingwang@chromium.org> Cr-Commit-Position: refs/heads/main@{#1234258}

This reverts commit b573ec1. Reason for revert: file read on main thread causes crashes https://ci.chromium.org/ui/p/chrome/builders/ci/chromeos-reven-chrome/9260/overview 2023-12-11T23:44:32.631073Z FATAL chrome[4644:4644]: [thread_restrictions.cc(58)] Check failed: !tls_blocking_disallowed. Function marked as blocking was called from a scope that disallows blocking! If this task is running inside the ThreadPool, it needs to have MayBlock() in its TaskTraits. Otherwise, consider making this blocking work asynchronous or, as a last resort, you may use ScopedAllowBlocking (see its documentation for best practices). tls_blocking_disallowed 1 set by #0 0x580a56a26b42 base::debug::CollectStackTrace() #1 0x580a56a0d4d3 base::debug::StackTrace::StackTrace() #2 0x580a569e746f base::DisallowUnresponsiveTasks() #3 0x580a5391e8ef content::BrowserMainLoop::PreMainMessageLoopRun() #4 0x580a5062f27f base::OnceCallback<>::Run() #5 0x580a540ca43b content::StartupTaskRunner::RunAllTasksNow() #6 0x580a5391e206 content::BrowserMainLoop::CreateStartupTasks() #7 0x580a5392166e content::BrowserMainRunnerImpl::Initialize() #8 0x580a5391bad6 content::BrowserMain() #9 0x580a560952b6 content::RunBrowserProcessMain() #10 0x580a56097a80 content::ContentMainRunnerImpl::RunBrowser() #11 0x580a5609715e content::ContentMainRunnerImpl::Run() #12 0x580a56093df5 content::RunContentProcess() #13 0x580a56093f42 content::ContentMain() #14 0x580a5010c79d ChromeMain #15 0x7d10446316c6 __libc_start_call_main #16 0x7d1044631782 __libc_start_main_alias_2 #17 0x580a5010c531 _start #0 0x580a56a26b42 base::debug::CollectStackTrace() #1 0x580a56a0d4d3 base::debug::StackTrace::StackTrace() #2 0x580a4ffa72c8 logging::LogMessage::~LogMessage() #3 0x580a56923860 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() #4 0x580a4ffa6d67 logging::CheckError::~CheckError() #5 0x580a569e680b base::internal::AssertBlockingAllowed() #6 0x580a50037d3b base::ScopedBlockingCall::ScopedBlockingCall() #7 0x580a5fffd0fb base::File::Stat() #8 0x580a56a21ae3 base::GetFileInfo() #9 0x580a5a144486 first_run::GetFirstRunSentinelCreationTime() #10 0x580a55d04f18 ash::ReportControllerInitializer::OwnershipStatusChanged() #11 0x580a55d3a722 ash::DeviceSettingsService::NotifyOwnershipStatusChanged() #12 0x580a55d39e59 ash::DeviceSettingsService::HandleCompletedOperation() #13 0x580a55d3a0c8 ash::DeviceSettingsService::HandleCompletedAsyncOperation() #14 0x580a538a96d8 base::internal::FunctorTraits<>::Invoke<>() #15 0x580a55d3a8c2 base::internal::Invoker<>::RunOnce() Original change's description: > Create ReportInitializer that checks for browser preconditions > > Introduce ReportControllerInitializer class in chrome/browser/ash, > functioning as a DeviceSettingsService::Observer. The class waits for > the OwnershipStatusChanged callback with ownership status indicating > device ownership, checks for the presence of the .oobe_completed file, > and waits for CrosSettings::PrepareTrustedValues to signal TRUSTED > status. > > Only after these preconditions are met does the class proceed > to initialize the ReportController. > > BUG=chromium:1504019 > > Change-Id: I0bd93c2eb9f83669ea23395d59b292a4cc858bcb > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5047743 > Reviewed-by: Xiyuan Xia <xiyuan@chromium.org> > Commit-Queue: Hirthanan Subenderan <hirthanan@google.com> > Reviewed-by: Pavol Marko <pmarko@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1235879} Bug: chromium:1504019 Change-Id: If41cc3e2fa0330afa6cb5aeb84f05efd1e614669 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5113660 Auto-Submit: Joel Hockey <joelhockey@chromium.org> Reviewed-by: Hirthanan Subenderan <hirthanan@google.com> Commit-Queue: Joel Hockey <joelhockey@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: James Cook <jamescook@chromium.org> Cr-Commit-Position: refs/heads/main@{#1236048}

A new schema is introduced into CdmStorageDatabase to add last_modified and file_size to be able to support time-based deletion and time-based usage calculation. Methods were implemented to delete by time frame, by storage key, and to calculate file size using SQL queries for time frames by storing the file size into the CdmStorageDatabase to be a one time operation. This CL also provides the functionality that automatically deletes the database if a Delete function for a subset (i.e file, storage key, time-frame) ends up removing entries such that there are no more entries in the database. An SQL statement is used to alter the version1 database so that we don't run into crashes when a user that already has the CdmStorageDatabase v1.0 in their profile runs into queries that are made for the v2.0, such as writing into the column file_size, since file_size is only in v2.0. Testing: unittests + Manual Testing Steps for the Schema Alter code: 1. Build chrome on main branch. 2. Go to chrome://flags and enable kCdmStorageDatabase and kCdmStorageDatabaseMigration. 3. Open a new profile, name it CdmStorageDatabase (or anything you want) 4. Play this website: https://integration.staging.widevine.com/player?contentUrl=https://storage.googleapis.com/wvtemp/hmchen/poc/tears_hd_cenc.mpd&proxyServerUrl=https://proxy.uat.widevine.com/proxy?video_id=GTS_CAN_PLAY_CLIENT_TOKEN%26provider=widevine_test%26full_response=true&persistentStateRequired=true 5. Log the kVersionNumber (should be 1) (I did this through LOG(ERROR)). 6. A value should be written. 7. Quit Chrome. 8. Switch your branch to these changes using git and build chrome. 9. Open chrome, verify the same flags are still enabled, and open the same profile you used as before. 10. Play same website as step #4. 11. log the kVersionNumber (should be 2) (I did this through LOG(ERROR)) 12. View in chrome://histograms/Media.EME that the IncompatibleDatabaseDetected histogram was triggered. 13. Verify that playback plays continuously and Chrome does not crash. OBSOLETE_HISTOGRAMS= Media.EME.CdmStorageManager.DeleteDatabaseError.Incognito, Media.EME.CdmStorageManager.DeleteDatabaseError.NonIncognito. Bug: 1454512 Change-Id: I64f9dff580114545ececf5d7b4f03124b1f55192 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4994868 Reviewed-by: Evan Stade <estade@chromium.org> Reviewed-by: Evan Liu <evliu@google.com> Reviewed-by: John Rummell <jrummell@chromium.org> Commit-Queue: Vikram Pasupathy <vpasupathy@chromium.org> Cr-Commit-Position: refs/heads/main@{#1242731}

- Adds click behavior + updates relevant metrics - Adds aria-pressed behavior * Hiding the button for users who don't have wallpaper search setting turned on will happen in another CL. Click behavior works in tandem with the Customize Chrome button. User journeys for clicking Wallpaper Search button: - Side panel is closed -> Opens Wallpaper search - Side panel is open to non Wallpaper Search page -> Opens Wallpaper search - Side panel is open to Wallpaper Search -> Closes side panel *video demo in bug comment #4* Change-Id: I6d5ace655e5cda6ad83f44394fa49d8313de7083 Bug: 324631907 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5304132 Reviewed-by: Tibor Goldschwendt <tiborg@chromium.org> Reviewed-by: Alex Gough <ajgo@chromium.org> Commit-Queue: Paul Adedeji <pauladedeji@google.com> Cr-Commit-Position: refs/heads/main@{#1262041}

Simplify the handling of SHORTCUT roots, deferring the handling of stale entry to the `changeDirectory()` action/reducer. Fix the clearCachedEntriesReducer() which wasn't clearing entries that were expanded, even if nothing pointed to such entry. Minor changes: Fix some spelling Drives vs Drive. Remove the word `entry` in the directory_tree_container.ts to make easier to find entry usage. Remove `Entry` word from `isEntryInsideDrive()` since it also accepts FileData. Bug: b:327534506 Change-Id: Iee082bc628ea62778a31d9324aaf04babcd574b4 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5348266 Commit-Queue: Luciano Pacheco <lucmult@chromium.org> Reviewed-by: Luciano Pacheco <lucmult@chromium.org> Reviewed-by: Wenbo Jie <wenbojie@chromium.org> Cr-Commit-Position: refs/heads/main@{#1269986}

This reverts commit 6f447d5. Reason for revert: Crashes on ChromeOS as soon as I touch the device's touchpad 2024-03-26T00:58:16.588106Z FATAL chrome[5433:5496]: [sequence_checker.cc(21)] Check failed: checker.CalledOnValidSequence(&bound_at). #0 0x56f06aa34da2 base::debug::CollectStackTrace() #1 0x56f06aa19ba2 base::debug::StackTrace::StackTrace() #2 0x56f06a934073 logging::LogMessage::Flush() #3 0x56f063de6fcd logging::LogMessage::~LogMessage() #4 0x56f06a92053c logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() #5 0x56f06a9205ae logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() #6 0x56f063dc2ba6 logging::CheckError::~CheckError() #7 0x56f063de9d22 base::ScopedValidateSequenceChecker::ScopedValidateSequenceChecker() #8 0x56f063de4706 base::ObserverList<>::begin() #9 0x56f06bfa75eb ui::CursorController::SetCursorLocation() #10 0x56f0646d9be5 ui::DrmCursor::SetCursorLocationLocked() #11 0x56f0646da6bf ui::DrmCursor::MoveCursor() #12 0x56f06bfd76e6 ui::GestureInterpreterLibevdevCros::OnGestureMove() Original change's description: > Mark WeakLinkNode sequence checking expensive > > This makes for-each-node sequence checking expensive (which seems > redundant). As a compromise we do non-"expensive" sequence checking in > ObserverList::begin(), which should provide the same level of protection > unless iterators are passed between sequences, which would be one heck > of a thing to try to do. > > This accounts for about 60% of sequence checking in a profile I did way > back. I have not profiled to see how much sequence checking remains with > the sequence checking moved to begin() nor do I know the average > ObserverList size. Let's try it out. > > In the same profile (though I don't remember what I profiled) sequence > checking accounted for 1.2% of cycles. Hopefully this explains some of > the performance gap between a DCHECK and regular Canary build. > > Bug: 40241607 > Change-Id: Id80d3363771e05e6f38c1432ae66b4c352acf8b8 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5319909 > Reviewed-by: François Degros <fdegros@chromium.org> > Commit-Queue: Peter Boström <pbos@chromium.org> > Reviewed-by: danakj <danakj@chromium.org> > Reviewed-by: Vasiliy Telezhnikov <vasilyt@chromium.org> > Reviewed-by: Colin Blundell <blundell@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1277148} Bug: 40241607 Change-Id: I8e11a7d796ba10a38453dff336f46e3aba04ab97 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5394849 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: François Degros <fdegros@chromium.org> Commit-Queue: François Degros <fdegros@chromium.org> Cr-Commit-Position: refs/heads/main@{#1278133}

This reverts commit abec508. Reason for revert: Suspect this broke QuickStartBrowserTest.EndToEndWithEmptyWifiCreds Sample failure log: 024-03-26T19:37:47.953153Z VERBOSE1 browser_tests[1612997:1612997]: [wizard_controller.cc(3010)] AdvanceToScreen user-creation 2024-03-26T19:37:47.953317Z VERBOSE1 browser_tests[1612997:1612997]: [wizard_controller.cc(2864)] SetCurrentScreen: user-creation 2024-03-26T19:37:48.052577Z ERROR browser_tests[1612997:1612997]: [auto_enrollment_type_checker.cc(205)] Kill switch config request failed with code -102 2024-03-26T19:37:48.052765Z WARNING browser_tests[1612997:1612997]: [auto_enrollment_controller.cc(237)] Starting auto-enrollment controller. 2024-03-26T19:37:48.055312Z ERROR browser_tests[1612997:1612997]: [auto_enrollment_controller.cc(185)] Failed to retrieve firmware management parameters. 2024-03-26T19:37:48.055419Z WARNING browser_tests[1612997:1612997]: [auto_enrollment_type_checker.cc(517)] Auto-enrollment disabled. 2024-03-26T19:37:48.055443Z WARNING browser_tests[1612997:1612997]: [auto_enrollment_controller.cc(529)] New auto-enrollment state: No enrollment 2024-03-26T19:37:48.958545Z VERBOSE1 browser_tests[1612997:1612997]: [wizard_controller.cc(1946)] Wizard screen network-selection exited with reason: Connected 2024-03-26T19:37:54.008532Z ERROR browser_tests[1612997:1613031]: [external_metrics.cc(224)] Failed to create DirReaderPosix. Cannot read per-pid uma files. 2024-03-26T19:37:48.958646Z FATAL browser_tests[1612997:1612997]: [wizard_controller.cc(1952)] Check failed: current_screen_->screen_id() == screen. #0 0x7f7062f3960c base::debug::CollectStackTrace() [../../base/debug/stack_trace_posix.cc:1039:7] #1 0x7f7062ef1045 base::debug::StackTrace::StackTrace() [../../base/debug/stack_trace.cc:229:20] #2 0x7f7062ef0fd5 base::debug::StackTrace::StackTrace() [../../base/debug/stack_trace.cc:224:28] #3 0x7f7062c2e590 logging::LogMessage::Flush() [../../base/logging.cc:703:29] #4 0x7f7062c2e4d7 logging::LogMessage::~LogMessage() [../../base/logging.cc:694:3] #5 0x7f7062bd9fd5 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() [../../base/check.cc:166:3] #6 0x7f7062bd9ff9 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() [../../base/check.cc:161:32] Original change's description: > [QuickStart][OOBE] Bug fixes on network screen > > Fix an issue on the network screen that caused a brief 'Network not > available' error when adding WiFi credentials using QuickStart. A > short artificial delay (2 seconds) was introduced between the moment > when we are notified that we are connected and the actual > transition to the next screen. This will ensure that the network screen > remains showing the WiFi being transferred a bit longer. > > Also move the binding of the Mojo pipe for configuring the network > from a method and into the screen's constructor. Previously, it > would trigger a crash when attempting to set a network for the second > time. > > Test: Browsertests & manual verification using Pixelbook & Pixel 7 > > Bug: b/328677262 > Change-Id: Idf5f126a70a52799709d7da4a92aec647b4e5c6f > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5366560 > Commit-Queue: Renato Silva <rrsilva@google.com> > Reviewed-by: Danila Kuzmin <dkuzmin@google.com> > Cr-Commit-Position: refs/heads/main@{#1278415} Bug: b/328677262 Change-Id: I61830fdf37dfa41d7ae781711f54bc3999cfab11 No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5399119 Commit-Queue: Devlin Cronin <rdevlin.cronin@chromium.org> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Owners-Override: Devlin Cronin <rdevlin.cronin@chromium.org> Cr-Commit-Position: refs/heads/main@{#1278588}

While investigating a black stripe that appears on the right border of a lacros window while it is been resized horizontally from the opposite border (left), it was figured that depending on the values of the window `origin`, `size` and `scale factor`, the black line was appearing or hidden. A continuous interactive window resize is the perfect scenario to replicate the bug intermittently, and give users the impression of a flashing black line. As an easy way to illustrate the issue, lets assume a lacros window with the following bounds in DIPS, `330,0 596x664`, and a device scale factor of `1.62574` - these values can replicate the problem of the vertical stripe appearing even without triggering a window resize. For instance, this bounds in DIPS becomes `536,0 970x1080` in pixels using DesktopWindowTreeHostPlatform::ConvertRectToPixels(). 1.1) During the window creation, the `ui::Compositor` instance gets its scale factor and size set in pixels. It happens when `Compositor::SetScaleAndSize()` is called. This is the stracktrace: ```` #1 0x592718b9d713 base::debug::StackTrace::StackTrace() #2 0x5927205f4655 ui::Compositor::SetScaleAndSize() #3 0x5927205eac3e aura::WindowTreeHost::UpdateCompositorScaleAndSize() #4 0x5927205ec714 aura::WindowTreeHost::OnHostResizedInPixels() #5 0x592721d2dc2e aura::WindowTreeHostPlatform::OnBoundsChanged() #6 0x592721d2cc40 views::DesktopWindowTreeHostLacros::OnBoundsChanged() #7 0x592721d2e1b9 aura::WindowTreeHostPlatform::OnStateUpdate() #8 0x592719b83731 ui::WaylandWindow::MaybeApplyLatestStateRequest() #9 0x592719b83074 ui::WaylandWindow::RequestState() #10 0x592719b7e189 ui::WaylandWindow::SetWindowScale() #11 0x592719b7d985 ui::WaylandWindow::UpdateWindowScale() #12 0x592719b789ad ui::WaylandToplevelWindow::UpdateWindowScale() #13 0x592719b77f15 ui::WaylandToplevelWindow::Show() #14 0x592721d3139d views::DesktopWindowTreeHostPlatform::Show() #15 0x592721d18b24 views::DesktopNativeWidgetAura::Show() #16 0x592721cd0a7c views::Widget::Show() #17 0x592724d06ffb BrowserView::Show() (...) ```` In practice, `aura::WindowTreeHostPlatform::OnBoundsChanged()` (frame #4) calls out to `WaylandWindow::GetBoundsInPixels()`, that translates `330,0 596x664` in DIPS to `536,0 970x1080` in pixels - see the method below. Ultimately, only the size is set to the ui::Compositor instance, ie `970x1080`. ```` void WindowTreeHostPlatform::OnBoundsChanged(const BoundsChange& change) { (...) float current_scale = compositor()->device_scale_factor(); float new_scale = ui::GetScaleFactorForNativeView(window()); auto weak_ref = GetWeakPtr(); auto new_size = GetBoundsInPixels().size(); <------ ````` 1.2) Meanwhile, `cc::Layer` instances for the window are also being created. During the layer tree creation, the layers' bounds are all set in DIPs. For instance, the root layer is created with an origin of `0,0` and bounds `596x664`, eg: ```` 2024-03-11T18:42:45.387311Z WARNING chrome[29500:29500]: [layer.cc(390)] #0 0x59271e998ce2 base::debug::CollectStackTrace() #1 0x592718b9d713 base::debug::StackTrace::StackTrace() #2 0x592725cc29d7 cc::Layer::SetBounds() #3 0x592725e2ee96 ui::Layer::SetBoundsFromAnimation() #4 0x5927265c0177 ui::LayerAnimator::SetBounds() #5 0x5927205d8fe0 aura::Window::SetBoundsInternal() #6 0x5927205d8f67 aura::Window::SetBounds() #7 0x5927205ea78e aura::WindowTreeHost::UpdateRootWindowSize() #8 0x5927205ea6df aura::WindowTreeHost::InitHost() #9 0x592721d30b36 views::DesktopWindowTreeHostPlatform::Init() #10 0x592721d16336 views::DesktopNativeWidgetAura::InitNativeWidget() #11 0x592725142c44 DesktopBrowserFrameAura::InitNativeWidget() #12 0x592721ccdd41 views::Widget::Init() #13 0x592724cf68af BrowserFrame::InitBrowserFrame() #14 0x592724db9f30 BrowserWindow::CreateBrowserWindow() #15 0x592724951ce0 Browser::Browser() #16 0x5927249511c6 Browser::Create() (...) ```` The layers' bounds get translated at places like `draw_property_utils.cc` `ComputeLocalRectInTargetSpace()`, with MathUtils::MapXXX() functions. In practice, `596x664` translates to `968.942x1079.49`, and finally gets rounded to `969x1080`. Hence, we have a root ui::Compositor size of 970x1080 and a root cc:Layer bounds of 969x1080. Using the visual debugger tool attached to lacros, one can see that all window-wide tiles's width are 969 [1]. OTOH, with the visual debugger tool attached to ash/chrome, we can see that the width the the root surface (lacros) is 970 [2]. This 1px different creates a "punch role" effect in the lacros window, and user sees whatever is underneath it rendered [3]. In the case of this bug, what the user sees is a trailing 1px wide line part of the so called "resize shadow". The user sees it through this unintentionally "punch hole" explained above. This CL changes the way PlatformWindowDelegate::State::size_px variable gets set in WaylandWindow::RequestState(), translating only its size from DIPs to pixels. This way we match how this variable is used in ui::Compositor level and cc::Layers et al (tiles, quads, overlayers, etc). As a way to illustrate the problem, see video [4]. It forcibly paints the 1px lacros root layer transparent buffer red with viz_debugger, so one can clearly see it "flashing" due to the rounding error being fixed here. [1] https://issues.chromium.org/u/0/action/issues/40876438/attachments/54873934 [2] https://issues.chromium.org/u/0/action/issues/40876438/attachments/54878944 [3] https://issues.chromium.org/u/0/action/issues/40876438/attachments/54873933 [4] https://issues.chromium.org/action/issues/40876438/attachments/54936907 Bug: 40876438 Change-Id: Id36476d41e7a2c90f8a44337731a4cfad93e6a13 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5384752 Reviewed-by: Maksim Sisov <msisov@igalia.com> Commit-Queue: Antonio Gomes <tonikitoo@igalia.com> Cr-Commit-Position: refs/heads/main@{#1281135}

This reverts commit fe5ffc2. Reason for revert: Reland with CursorController changed to use std::vector too. Original change's description: > Revert "Mark WeakLinkNode sequence checking expensive" > > This reverts commit 6f447d5. > > Reason for revert: Crashes on ChromeOS as soon as I touch the > device's touchpad > > 2024-03-26T00:58:16.588106Z FATAL chrome[5433:5496]: [sequence_checker.cc(21)] Check failed: checker.CalledOnValidSequence(&bound_at). > #0 0x56f06aa34da2 base::debug::CollectStackTrace() > #1 0x56f06aa19ba2 base::debug::StackTrace::StackTrace() > #2 0x56f06a934073 logging::LogMessage::Flush() > #3 0x56f063de6fcd logging::LogMessage::~LogMessage() > #4 0x56f06a92053c logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() > #5 0x56f06a9205ae logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() > #6 0x56f063dc2ba6 logging::CheckError::~CheckError() > #7 0x56f063de9d22 base::ScopedValidateSequenceChecker::ScopedValidateSequenceChecker() > #8 0x56f063de4706 base::ObserverList<>::begin() > #9 0x56f06bfa75eb ui::CursorController::SetCursorLocation() > #10 0x56f0646d9be5 ui::DrmCursor::SetCursorLocationLocked() > #11 0x56f0646da6bf ui::DrmCursor::MoveCursor() > #12 0x56f06bfd76e6 ui::GestureInterpreterLibevdevCros::OnGestureMove() > > > Original change's description: > > Mark WeakLinkNode sequence checking expensive > > > > This makes for-each-node sequence checking expensive (which seems > > redundant). As a compromise we do non-"expensive" sequence checking in > > ObserverList::begin(), which should provide the same level of protection > > unless iterators are passed between sequences, which would be one heck > > of a thing to try to do. > > > > This accounts for about 60% of sequence checking in a profile I did way > > back. I have not profiled to see how much sequence checking remains with > > the sequence checking moved to begin() nor do I know the average > > ObserverList size. Let's try it out. > > > > In the same profile (though I don't remember what I profiled) sequence > > checking accounted for 1.2% of cycles. Hopefully this explains some of > > the performance gap between a DCHECK and regular Canary build. > > > > Bug: 40241607 > > Change-Id: Id80d3363771e05e6f38c1432ae66b4c352acf8b8 > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5319909 > > Reviewed-by: François Degros <fdegros@chromium.org> > > Commit-Queue: Peter Boström <pbos@chromium.org> > > Reviewed-by: danakj <danakj@chromium.org> > > Reviewed-by: Vasiliy Telezhnikov <vasilyt@chromium.org> > > Reviewed-by: Colin Blundell <blundell@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#1277148} > > Bug: 40241607 > Change-Id: I8e11a7d796ba10a38453dff336f46e3aba04ab97 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5394849 > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> > Owners-Override: François Degros <fdegros@chromium.org> > Commit-Queue: François Degros <fdegros@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1278133} Bug: 40241607 Change-Id: I7aedf2194f8cc17a56ffa79c1824e33a7072c1f1 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5406313 Reviewed-by: danakj <danakj@chromium.org> Reviewed-by: Colin Blundell <blundell@chromium.org> Reviewed-by: Michael Spang <spang@chromium.org> Reviewed-by: Vasiliy Telezhnikov <vasilyt@chromium.org> Reviewed-by: François Degros <fdegros@chromium.org> Commit-Queue: Peter Boström <pbos@chromium.org> Cr-Commit-Position: refs/heads/main@{#1281466}

…sktop / CrOS." This reverts commit 8815b8a. Reason for revert: Fix crash due to IdentityManager not being available for Guest profiles. Original change's description: > Revert "Add Family Link Settings to feedback system information on Desktop / CrOS." > > This reverts commit d0e1380. > > Reason for revert: crash on guest mode (https://crbug.com/332257918). > > Original change's description: > > Add Family Link Settings to feedback system information on Desktop / CrOS. > > > > Bug: 326898497 > > Change-Id: I8df27f17a6fff9ba42492c31406f83c71b957795 > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5371934 > > Reviewed-by: Xiangdong Kong <xiangdongkong@google.com> > > Commit-Queue: Nohemi Fernandez <fernandex@chromium.org> > > Reviewed-by: Alex Ilin <alexilin@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#1279794} > > (cherry picked from commit c7c6271) > > Bug: 326898497,332257918 > Change-Id: Ic51d8b76b5487a169347d65743f2cde1e7028a7c > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5415436 > Commit-Queue: Di Wu <diwux@google.com> > Reviewed-by: Di Wu <diwux@google.com> > Auto-Submit: Xiangdong Kong <xiangdongkong@google.com> > Owners-Override: Fergal Daly <fergal@google.com> > Reviewed-by: Lei Zhang <thestig@chromium.org> > Cr-Original-Commit-Position: refs/heads/main@{#1281678} > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5420528 > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> > Commit-Queue: Prudhvikumar Bommana <pbommana@google.com> > Owners-Override: Prudhvikumar Bommana <pbommana@google.com> > Cr-Commit-Position: refs/branch-heads/6396@{#4} > Cr-Branched-From: b54c770-refs/heads/main@{#1281591} Bug: 326898497,332257918 Change-Id: Ieee329b2774066e1de39175e5fb31142409f33f0 Revert "Add Family Link Settings to feedback system information on Desktop / CrOS." This reverts commit d0e1380. Reason for revert: crash on guest mode (https://crbug.com/332257918). Original change's description: > Add Family Link Settings to feedback system information on Desktop / CrOS. > > Bug: 326898497 > Change-Id: I8df27f17a6fff9ba42492c31406f83c71b957795 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5371934 > Reviewed-by: Xiangdong Kong <xiangdongkong@google.com> > Commit-Queue: Nohemi Fernandez <fernandex@chromium.org> > Reviewed-by: Alex Ilin <alexilin@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1279794} (cherry picked from commit c7c6271) Bug: 326898497,332257918 Change-Id: Ic51d8b76b5487a169347d65743f2cde1e7028a7c Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5415436 Commit-Queue: Di Wu <diwux@google.com> Reviewed-by: Di Wu <diwux@google.com> Auto-Submit: Xiangdong Kong <xiangdongkong@google.com> Owners-Override: Fergal Daly <fergal@google.com> Reviewed-by: Lei Zhang <thestig@chromium.org> Cr-Original-Commit-Position: refs/heads/main@{#1281678} Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5420528 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Prudhvikumar Bommana <pbommana@google.com> Owners-Override: Prudhvikumar Bommana <pbommana@google.com> Cr-Commit-Position: refs/branch-heads/6396@{#4} Cr-Branched-From: b54c770-refs/heads/main@{#1281591} Incrementing VERSION to 125.0.6396.2 Change-Id: I16499c249d577c91f6f5515a879ca666c05c1805 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5418074 Bot-Commit: Chrome Release Bot (LUCI) <chrome-official-brancher@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/branch-heads/6396@{#3} Cr-Branched-From: b54c770-refs/heads/main@{#1281591} Incrementing VERSION to 125.0.6396.1 Change-Id: Ib6c169282b11d2a7c5646e4bd66996661fe0bd5b Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5418333 Bot-Commit: Chrome Release Bot (LUCI) <chrome-official-brancher@chops-service-accounts.iam.gserviceaccount.com> Cr-Commit-Position: refs/branch-heads/6396@{#2} Cr-Branched-From: b54c770-refs/heads/main@{#1281591} Create chrome_branch_deps.json for branch 6396. Change-Id: I27e45c4412507dd7f765461a6332a10ae6aa9af2 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5418016 Bot-Commit: Chrome Release Bot (LUCI) <chrome-official-brancher@chops-service-accounts.iam.gserviceaccount.com> Cr-Original-Commit-Position: refs/branch-heads/6396@{#1} Cr-Original-Branched-From: b54c770-refs/heads/main@{#1281591} Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5440514 Commit-Queue: Nohemi Fernandez <fernandex@chromium.org> Reviewed-by: Xiangdong Kong <xiangdongkong@google.com> Reviewed-by: Alex Ilin <alexilin@chromium.org> Cr-Commit-Position: refs/heads/main@{#1285071}

This is part of the work to get cast on starboard building out of chromium. See go/moving-cwr-to-chromium for more information on the high-level goal. This is the crash that occurs without this CL: FATAL:event_factory_evdev.cc(247)] Check failed: user_input_task_runner_. #0 0x5643c4c23ed2 base::debug::CollectStackTrace() [../../base/debug/stack_trace_posix.cc:1039:7] #1 0x5643c4c0dc62 base::debug::StackTrace::StackTrace() [../../base/debug/stack_trace.cc:229:20] #2 0x5643c4b15369 logging::LogMessage::Flush() [../../base/logging.cc:703:29] #3 0x5643c4b1524d logging::LogMessage::~LogMessage() [../../base/logging.cc:694:3] #4 0x5643c4afb6bf logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() [../../base/check.cc:166:3] #5 0x5643c4afb71e logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() [../../base/check.cc:161:32] #6 0x5643c4afb173 logging::CheckError::~CheckError() [../../third_party/libc++/src/include/__memory/unique_ptr.h:67:5] #7 0x5643c611fca5 ui::EventFactoryEvdev::Init() [../../ui/events/ozone/evdev/event_factory_evdev.cc:247:3] #8 0x5643c5f275f7 ui::PlatformEventSource::AddPlatformEventDispatcher() [../../ui/events/platform/platform_event_source.cc:54:3] #9 0x5643c11edb81 ui::(anonymous namespace)::OzonePlatformCast::CreatePlatformWindow() [../../third_party/libc++/src/include/__memory/unique_ptr.h:620:30] #10 0x5643c67cf017 aura::WindowTreeHostPlatform::CreatePlatformWindow() [../../ui/aura/window_tree_host_platform.cc:222:44] #11 0x5643c67cef76 aura::WindowTreeHostPlatform::CreateAndSetPlatformWindow() [../../ui/aura/window_tree_host_platform.cc:93:22] #12 0x5643c67cef2a aura::WindowTreeHostPlatform::WindowTreeHostPlatform() [../../ui/aura/window_tree_host_platform.cc:71:3] #13 0x5643c24eb8d1 chromecast::CastWindowTreeHostAura::CastWindowTreeHostAura() [../../chromecast/graphics/cast_window_tree_host_aura.cc:17:7] #14 0x5643c24e937e chromecast::CastWindowManagerAura::Setup() [../../third_party/libc++/src/include/__memory/unique_ptr.h:620:30] #15 0x5643c24a324d chromecast::shell::CastBrowserMainParts::PreMainMessageLoopRun() [../../chromecast/browser/cast_browser_main_parts.cc:627:20] Bug: b/333571227 Change-Id: I7fd21eec0708282fc14d1b6dd578032ba06187c9 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5439606 Reviewed-by: Luke Halliwell <halliwell@chromium.org> Reviewed-by: Yuchen Liu <yucliu@chromium.org> Commit-Queue: Antonio Rivera <antoniori@google.com> Cr-Commit-Position: refs/heads/main@{#1285202}

This reverts commit c07cbfe. Reason for revert: relanding with tests and fixes Original change's description: > Revert "Get WrapperTypeInfo via ScriptWrappable" > > This reverts commit 81b6e3d. > > Reason for revert: Breaks AutotestPrivateApiTest.AutotestPrivate on linux-chromeos-rel > > https://ci.chromium.org/ui/p/chromium/builders/luci.chromium.ci/linux-chromeos-rel > Sample failure: https://ci.chromium.org/ui/p/chromium/builders/ci/linux-chromeos-rel/75905/overview > > I think this is the relevant part of the stack trace: > > ../../content/public/test/no_renderer_crashes_assertion.cc:102: Failure > Failed > Unexpected termination of a renderer process; status: 3, exit_code: 139 > Stack trace: > #0 0x563e8b77c0da content::NoRendererCrashesAssertion::RenderProcessExited() > #1 0x563e8967d8c4 content::RenderProcessHostImpl::ProcessDied() > #2 0x563e8967d72c content::RenderProcessHostImpl::OnChannelError() > #3 0x563e8ae3ecb5 base::TaskAnnotator::RunTaskImpl() > #4 0x563e8ae583dd base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl() > #5 0x563e8ae57e60 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() > #6 0x563e8ae58845 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() > #7 0x563e8aec2fef base::MessagePumpEpoll::Run() > #8 0x563e8ae58bb2 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run() > #9 0x563e8ae1e7fd base::RunLoop::Run() > #10 0x563e91a0c6c9 extensions::ResultCatcher::GetNextResult() > #11 0x563e8ad7fcf6 extensions::ExtensionApiTest::RunExtensionTest() > #12 0x563e8ad7f999 extensions::ExtensionApiTest::RunExtensionTest() > #13 0x563e854402ed extensions::AutotestPrivateApiTest::RunAutotestPrivateExtensionTest() > > Original change's description: > > Get WrapperTypeInfo via ScriptWrappable > > > > as opposed to using a dedicated internal field for that. > > > > Bug: 328117814 > > Change-Id: I01f9aff3ad8a41fafbd2655d23f076a0f76fdc57 > > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5455405 > > Reviewed-by: Nate Chapin <japhet@chromium.org> > > Commit-Queue: Andrey Kosyakov <caseq@chromium.org> > > Cr-Commit-Position: refs/heads/main@{#1288405} > > Bug: 328117814 > Change-Id: Id0ad5b6bcab7a99cf31d551df00928708dd93465 > No-Presubmit: true > No-Tree-Checks: true > No-Try: true > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5459075 > Reviewed-by: Jiacheng Guo <gjc@google.com> > Auto-Submit: Timothy Loh <timloh@chromium.org> > Commit-Queue: Jiacheng Guo <gjc@google.com> > Owners-Override: Timothy Loh <timloh@chromium.org> > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> > Cr-Commit-Position: refs/heads/main@{#1288546} Bug: 328117814 Change-Id: Icc69d23b24b71adc9332e3a01c91f336506c035f Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5466905 Commit-Queue: Andrey Kosyakov <caseq@chromium.org> Reviewed-by: Michael Lippautz <mlippautz@chromium.org> Cr-Commit-Position: refs/heads/main@{#1290020}

Example builder failure: https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20Tests%20(dbg)(1)/119860/overview. crash log for renderer (pid <unknown>): STDOUT: <empty> STDERR: [840814:1:0419/092311.735189:FATAL:ax_object.cc(3129)] Check failed: !IsDetached(). STDERR: #0 0x7f57ed36492c base::debug::CollectStackTrace() [../../base/debug/stack_trace_posix.cc:1039:7] STDERR: #1 0x7f57ed316545 base::debug::StackTrace::StackTrace() [../../base/debug/stack_trace.cc:236:20] STDERR: #2 0x7f57ed3164d5 base::debug::StackTrace::StackTrace() [../../base/debug/stack_trace.cc:231:28] STDERR: #3 0x7f57ed0349bf logging::LogMessage::Flush() [../../base/logging.cc:710:29] STDERR: #4 0x7f57ed0348e7 logging::LogMessage::~LogMessage() [../../base/logging.cc:698:3] STDERR: #5 0x7f57ecfdbfc5 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() [../../base/check.cc:166:3] STDERR: #6 0x7f57ecfdbfe9 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() [../../base/check.cc:161:32] STDERR: #7 0x7f57ecfdcdcc std::__Cr::default_delete<>::operator()() [../../third_party/libc++/src/include/__memory/unique_ptr.h:67:5] STDERR: #8 0x7f57ecfdc32a std::__Cr::unique_ptr<>::reset() [../../third_party/libc++/src/include/__memory/unique_ptr.h:278:7] STDERR: #9 0x7f57ecfdb90d logging::CheckError::~CheckError() [../../base/check.cc:349:16] STDERR: #10 0x7f57bb3ae68b blink::AXObject::IsIncludedInTree() [../../third_party/blink/renderer/modules/accessibility/ax_object.cc:3129:3] STDERR: #11 0x7f57bb3a43a4 blink::AXObject::ToString() [../../third_party/blink/renderer/modules/accessibility/ax_object.cc:8108:30] STDERR: #12 0x7f57bb3a2a52 blink::AXObject::Detach() [../../third_party/blink/renderer/modules/accessibility/ax_object.cc:782:35] STDERR: #13 0x7f57bb3556e6 blink::AXNodeObject::Detach() [../../third_party/blink/renderer/modules/accessibility/ax_node_object.cc:2377:13] STDERR: #14 0x7f57bb3ec319 blink::AXObjectCacheImpl::Remove() .... Bug: 40933623 Change-Id: Ic447ade12398f7666c4f6f4def61c2e3723feb43 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5466669 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Reviewed-by: Liviu Tinta <liviutinta@chromium.org> Auto-Submit: Liviu Tinta <liviutinta@chromium.org> Owners-Override: Liviu Tinta <liviutinta@chromium.org> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#1290248}

This reverts commit 6578c4f. Reason for revert: Offending DCHECK was fixed and removed with https://crrev.com/c/5464203. Tests can probably be re-enabled. Original change's description: > [Gardener] Disable tests failing !IsDetached check > > Example builder failure: https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20Tests%20(dbg)(1)/119860/overview. > > crash log for renderer (pid <unknown>): > STDOUT: <empty> > STDERR: [840814:1:0419/092311.735189:FATAL:ax_object.cc(3129)] Check failed: !IsDetached(). > STDERR: #0 0x7f57ed36492c base::debug::CollectStackTrace() [../../base/debug/stack_trace_posix.cc:1039:7] > STDERR: #1 0x7f57ed316545 base::debug::StackTrace::StackTrace() [../../base/debug/stack_trace.cc:236:20] > STDERR: #2 0x7f57ed3164d5 base::debug::StackTrace::StackTrace() [../../base/debug/stack_trace.cc:231:28] > STDERR: #3 0x7f57ed0349bf logging::LogMessage::Flush() [../../base/logging.cc:710:29] > STDERR: #4 0x7f57ed0348e7 logging::LogMessage::~LogMessage() [../../base/logging.cc:698:3] > STDERR: #5 0x7f57ecfdbfc5 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() [../../base/check.cc:166:3] > STDERR: #6 0x7f57ecfdbfe9 logging::(anonymous namespace)::DCheckLogMessage::~DCheckLogMessage() [../../base/check.cc:161:32] > STDERR: #7 0x7f57ecfdcdcc std::__Cr::default_delete<>::operator()() [../../third_party/libc++/src/include/__memory/unique_ptr.h:67:5] > STDERR: #8 0x7f57ecfdc32a std::__Cr::unique_ptr<>::reset() [../../third_party/libc++/src/include/__memory/unique_ptr.h:278:7] > STDERR: #9 0x7f57ecfdb90d logging::CheckError::~CheckError() [../../base/check.cc:349:16] > STDERR: #10 0x7f57bb3ae68b blink::AXObject::IsIncludedInTree() [../../third_party/blink/renderer/modules/accessibility/ax_object.cc:3129:3] > STDERR: #11 0x7f57bb3a43a4 blink::AXObject::ToString() [../../third_party/blink/renderer/modules/accessibility/ax_object.cc:8108:30] > STDERR: #12 0x7f57bb3a2a52 blink::AXObject::Detach() [../../third_party/blink/renderer/modules/accessibility/ax_object.cc:782:35] > STDERR: #13 0x7f57bb3556e6 blink::AXNodeObject::Detach() [../../third_party/blink/renderer/modules/accessibility/ax_node_object.cc:2377:13] > STDERR: #14 0x7f57bb3ec319 blink::AXObjectCacheImpl::Remove() > .... > > Bug: 40933623 > Change-Id: Ic447ade12398f7666c4f6f4def61c2e3723feb43 > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5466669 > Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> > Reviewed-by: Liviu Tinta <liviutinta@chromium.org> > Auto-Submit: Liviu Tinta <liviutinta@chromium.org> > Owners-Override: Liviu Tinta <liviutinta@chromium.org> > Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> > Cr-Commit-Position: refs/heads/main@{#1290248} Bug: 40933623 Change-Id: Ib77c888c8c8a1209a18ddd93f7c07d17c50a04a5 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5465688 Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Commit-Queue: Simon Zünd <szuend@chromium.org> Cr-Commit-Position: refs/heads/main@{#1290555}

This reverts commit 5b98671. Reason for revert: browser_test failures starting at https://ci.chromium.org/ui/p/chrome/builders/ci/linux-chromeos-chrome/41245/blamelist The failures all have stack: 2024-05-01T22:20:26.913799Z ERROR browser_tests[68320:68386]: [object_proxy.cc(576)] Failed to call method: org.chromium.debugd.GetPerfOutputV2: object_path= /org/chromium/debugd: org.freedesktop.DBus.Error.ServiceUnknown: The name org.chromium.debugd was not provided by any .service files #0 0x55f5d4f55172 base::debug::CollectStackTrace() [../../base/debug/stack_trace_posix.cc:1043:7] #1 0x55f5d4f4139e base::debug::StackTrace::StackTrace() [../../base/debug/stack_trace.cc:241:20] #2 0x55f5d57d3a8a content::(anonymous namespace)::SignalHandler() [../../content/public/test/browser_test_base.cc:177:24] #3 0x7f9d71a42520 (/usr/lib/x86_64-linux-gnu/libc.so.6+0x4251f) #4 0x55f5db0e82e7 ash::FwupdDownloadClientImpl::GetURLLoaderFactory() [../../chrome/browser/ui/ash/fwupd_download_client_impl.cc:21:44] #5 0x55f5d833381c ash::FirmwareUpdateManager::DownloadLvfsMirrorFile() [../../chromeos/ash/components/fwupd/firmware_update_manager.cc:1051:35] #6 0x55f5d83350c1 base::internal::DecayedFunctorTraits<>::Invoke<>() [../../base/functional/bind_internal.h:738:12] #7 0x55f5d8334f93 base::internal::Invoker<>::RunOnce() [../../base/functional/bind_internal.h:954:5] Original change's description: > fwupd: Add refresh metadata logic > > Download the jcat file from chromeos local mirror and store it in cache. > Copy the file to a gz file and unzip it. Read the contents to get the > latest firmware file name. Download that file from chromeos local mirror > and call UpdateMetadata on those 2 files. > > BUG=b:328637488 > TEST=autoninja chrome; manually check from logs > chromeos_unittests --gtest_filter=FwupdClientTest.* && > FirmwareUpdateManager* > > Change-Id: I5673ad909963c4436a580746db9b94dd1c1a4f1b > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5444929 > Commit-Queue: Rishabh Agrawal <rishabhagr@chromium.org> > Reviewed-by: Scott Violet <sky@chromium.org> > Reviewed-by: Adenilson Cavalcanti <cavalcantii@chromium.org> > Reviewed-by: Jimmy Gong <jimmyxgong@chromium.org> > Reviewed-by: Steven Bennetts <stevenjb@chromium.org> > Cr-Commit-Position: refs/heads/main@{#1295074} Bug: b:328637488 Change-Id: Ib753c1db9048f1acf693606ff7058d9820942f3b No-Presubmit: true No-Tree-Checks: true No-Try: true Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5508951 Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com> Auto-Submit: Joel Hockey <joelhockey@chromium.org> Owners-Override: Joel Hockey <joelhockey@chromium.org> Cr-Commit-Position: refs/heads/main@{#1295258}

@page

Since @page border box layout objects aren't in the the layout tree, any code that wants to walk up the tree to find the containing block will be in for a surprise. This would happen if percentage-based @page padding was used [1]. Recomputing padding during painting when we have already done it during layout is rather pointless anyway. Read it out directly from the fragment. [1] #1 blink::LayoutBox::ContainingBlockLogicalWidthForContent() #2 blink::LayoutBoxModelObject::ComputedCSSPadding() #3 blink::LayoutBoxModelObject::PaddingTop() #4 blink::LayoutBoxModelObject::PaddingOutsets() #5 blink::BoxPainterBase::PaintFillLayer() #6 blink::BoxPainterBase::PaintFillLayers() #7 blink::BoxFragmentPainter::PaintBackground() Bug: 40286153 Change-Id: I1e6e92c2ce1d81aab2673ec9a877eac455534102 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5526469 Commit-Queue: Morten Stenshorne <mstensho@chromium.org> Reviewed-by: Xianzhu Wang <wangxianzhu@chromium.org> Reviewed-by: Ian Kilpatrick <ikilpatrick@chromium.org> Cr-Commit-Position: refs/heads/main@{#1300711}

Attempting to initialize the GPU triggers MSan failures in GL with eager checks enabled in MSan: Uninitialized bytes in strlen at offset 0 inside [0x70200013dec0, 30) ==589==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x7fffeeba96de in glLabelObjectEXT (/lib/x86_64-linux-gnu/libGLX_mesa.so.0+0x4f6de) #1 0x7fffeeba9b10 in glLabelObjectEXT (/lib/x86_64-linux-gnu/libGLX_mesa.so.0+0x4fb10) #2 0x7fffeeb879a3 (/lib/x86_64-linux-gnu/libGLX_mesa.so.0+0x2d9a3) #3 0x7fffeeb894c0 (/lib/x86_64-linux-gnu/libGLX_mesa.so.0+0x2f4c0) #4 0x7fffeeb8e400 (/lib/x86_64-linux-gnu/libGLX_mesa.so.0+0x34400) #5 0x7fffeeb8f384 (/lib/x86_64-linux-gnu/libGLX_mesa.so.0+0x35384) #6 0x7fffeeb8bd9a (/lib/x86_64-linux-gnu/libGLX_mesa.so.0+0x31d9a) #7 0x7fffecceb484 in queryExtensionsString third_party/angle/src/libANGLE/renderer/gl/glx/FunctionsGLX.cpp:354:12 #8 0x7fffecceb484 in rx::FunctionsGLX::initialize(_XDisplay*, int, std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>>*) third_party/angle/src/libANGLE/renderer/gl/glx/FunctionsGLX.cpp:223:30 #9 0x7fffeccdada2 in rx::DisplayGLX::initialize(egl::Display*) third_party/angle/src/libANGLE/renderer/gl/glx/DisplayGLX.cpp:114:15 #10 0x7fffec70f649 in egl::Display::initialize() third_party/angle/src/libANGLE/Display.cpp:1082:36 #11 0x7fffec0bed17 in egl::Initialize(egl::Thread*, egl::Display*, int*, int*) third_party/angle/src/libGLESv2/egl_stubs.cpp:514:5 #12 0x7fffec0c6319 in EGL_Initialize third_party/angle/src/libGLESv2/entry_points_egl_autogen.cpp:571:27 #13 0x7fffefc4000d in eglInitialize third_party/angle/src/libEGL/libEGL_autogen.cpp:177:12 #14 0x5555868ec92a in gl::GLDisplayEGL::InitializeDisplay(bool, std::__Cr::vector<gl::DisplayType, std::__Cr::allocator<gl::DisplayType>>, gl::EGLDisplayPlatform, gl::GLDisplayEGL*) ui/gl/gl_display.cc:769:10 #15 0x5555868eb310 in gl::GLDisplayEGL::Initialize(bool, std::__Cr::vector<gl::DisplayType, std::__Cr::allocator<gl::DisplayType>>, gl::EGLDisplayPlatform) ui/gl/gl_display.cc:660:8 #16 0x55556c6f1957 in ui::GLOzoneEGL::InitializeGLOneOffPlatform(bool, std::__Cr::vector<gl::DisplayType, std::__Cr::allocator<gl::DisplayType>>, gl::GpuPreference) ui/ozone/common/gl_ozone_egl.cc:25:17 #17 0x55558b1a8999 in gl::init::InitializeGLOneOffPlatform(gl::GpuPreference) ui/gl/init/gl_initializer_ozone.cc:27:26 #18 0x55558b1a6978 in gl::init::InitializeGLOneOffPlatformImplementation(bool, bool, bool, gl::GpuPreference) ui/gl/init/gl_factory.cc:211:24 #19 0x55558b1a6208 in gl::init::(anonymous namespace)::InitializeGLOneOffPlatformHelper(bool, gl::GpuPreference) ui/gl/init/gl_factory.cc:135:10 #20 0x55558b1a662d in gl::init::InitializeGLNoExtensionsOneOff(bool, gl::GpuPreference) ui/gl/init/gl_factory.cc:166:10 #21 0x55558b227379 in gpu::GpuInit::InitializeAndStartSandbox(base::CommandLine*, gpu::GpuPreferences const&) gpu/ipc/service/gpu_init.cc:495:18 #22 0x55559ab41ce4 in content::GpuMain(content::MainFunctionParams) content/gpu/gpu_main.cc:358:39 #23 0x55557b5888da in content::RunZygote(content::ContentMainDelegate*) content/app/content_main_runner_impl.cc:685:14 #24 0x55557b58abad in content::RunOtherNamedProcessTypeMain(std::__Cr::basic_string<char, std::__Cr::char_traits<char>, std::__Cr::allocator<char>> const&, content::MainFunctionParams, content::ContentMainDelegate*) content/app/content_main_runner_impl.cc:789:12 #25 0x55557b58e4fe in content::ContentMainRunnerImpl::Run() content/app/content_main_runner_impl.cc:1156:10 #26 0x55557b585aaf in content::RunContentProcess(content::ContentMainParams, content::ContentMainRunner*) content/app/content_main.cc:332:36 #27 0x55557b58644a in content::ContentMain(content::ContentMainParams) content/app/content_main.cc:345:10 #28 0x555580df9c37 in content::LaunchTestsInternal(content::TestLauncherDelegate*, unsigned long, int, char**) content/public/test/test_launcher.cc:385:12 #29 0x555580dfab58 in content::LaunchTests(content::TestLauncherDelegate*, unsigned long, int, char**) content/public/test/test_launcher.cc:504:10 #30 0x555582b8afec in LaunchChromeTests(unsigned long, content::TestLauncherDelegate*, int, char**) chrome/test/base/chrome_test_launcher.cc:392:10 #31 0x55557d422a0e in main chrome/test/base/browser_tests_main.cc:60:10 #32 0x7ffff48456c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 #33 0x7ffff4845784 in __libc_start_main csu/../csu/libc-start.c:360:3 #34 0x55555e647029 in _start (/usr/local/google/home/dcheng/src/chrome/src/out/msan/browser_tests+0x90f3029) (BuildId: 6cbc295b16ac1107) Uninitialized value was created by a heap allocation #0 0x55555e675a22 in malloc /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/msan/msan_interceptors.cpp:1021:3 #1 0x7ffff489b087 in __vasprintf_internal libio/vasprintf.c:116:16 #2 0x4ae8d349882b18ff (<unknown module>) Bug: 40240570 Change-Id: If59faa297e214b7219ebb4c5c9572b44a33ee070 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5548826 Reviewed-by: Elad Alon <eladalon@chromium.org> Commit-Queue: Daniel Cheng <dcheng@chromium.org> Cr-Commit-Position: refs/heads/main@{#1303583}

BluetoothLowEnergyApiTestChromeOs.NotifyCharacteristicValueChanged fails when run in MSan mode with eager checks, which validates that uninit values are not passed as params or return values: ==1002568==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x561d07debefa in floss::BluetoothLocalGattCharacteristicFloss::CccdNotificationType() ./../../device/bluetooth/floss/bluetooth_local_gatt_characteristic_floss.cc:398:1 #1 0x561d07daf88b in floss::BluetoothAdapterFloss::SendValueChanged(floss::BluetoothLocalGattCharacteristicFloss*, std::__Cr::vector<unsigned char, std::__Cr::allocator<unsigned char>> const&) ./../../device/bluetooth/floss/bluetooth_adapter_floss.cc:1468:23 #2 0x561d07de5eb7 in floss::BluetoothLocalGattCharacteristicFloss::NotifyValueChanged(device::BluetoothDevice const*, std::__Cr::vector<unsigned char, std::__Cr::allocator<unsigned char>> const&, bool) ./../../device/bluetooth/floss/bluetooth_local_gatt_characteristic_floss.cc:104:34 #3 0x561cf920f095 in extensions::api::BluetoothLowEnergyNotifyCharacteristicValueChangedFunction::DoWork() ./../../extensions/browser/api/bluetooth_low_energy/bluetooth_low_energy_api.cc:1427:23 <...> Uninitialized value was created by a heap allocation #0 0x561cdea7d49c in operator new(unsigned long) /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/msan/msan_new_delete.cpp:51:35 #1 0x561d07dede02 in floss::BluetoothLocalGattDescriptorFloss::Create(device::BluetoothUUID const&, unsigned int, floss::BluetoothLocalGattCharacteristicFloss*) ./../../device/bluetooth/floss/bluetooth_local_gatt_descriptor_floss.cc:26:22 #2 0x561d07de4ce6 in floss::BluetoothLocalGattCharacteristicFloss::Create(device::BluetoothUUID const&, unsigned int, unsigned int, floss::BluetoothLocalGattServiceFloss*) ./../../device/bluetooth/floss/bluetooth_local_gatt_characteristic_floss.cc:35:5 #3 0x561d07df5fec in floss::BluetoothLocalGattServiceFloss::CreateCharacteristic(device::BluetoothUUID const&, unsigned int, unsigned int) ./../../device/bluetooth/floss/bluetooth_local_gatt_service_floss.cc:142:10 #4 0x561cf920c91f in extensions::api::BluetoothLowEnergyCreateCharacteristicFunction::DoWork() ./../../extensions/browser/api/bluetooth_low_energy/bluetooth_low_energy_api.cc:1310:16 Bug: 40240570 Change-Id: I3dd8d46b5750bc881ada08560943151dac294c08 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5553870 Reviewed-by: Katherine Lai <laikatherine@chromium.org> Commit-Queue: Daniel Cheng <dcheng@chromium.org> Cr-Commit-Position: refs/heads/main@{#1303901}

Passing uninit values as function arguments is undefined behavior in C++, but MSan previously did not catch these types of checks. These types of bugs are now detected by MSan; in this case, the audio bus channel data is uninitialized, so MSan reporst the use of uninitialized data when reading out the channel data and trying to compute a running max on it. [----------] 1 test from AudioStreamCoordinatorTest [ RUN ] AudioStreamCoordinatorTest.ConnectToAudioCaptuerAndReceiveBuses [201807:201832:WARNING:gpu_memory_buffer_support_x11.cc(49)] dri3 extension not supported. [201807:201807:ERROR:audio_capturer.cc(99)] AudioCaptureError: code=0, Maximum allowed input device limit reached or an OS failure occurred. ==201807==WARNING: MemorySanitizer: use-of-uninitialized-value #0 0x55ae78614dca in AudioStreamCoordinator::OnAudioCaptured(...) chrome/browser/ui/views/media_preview/mic_preview/audio_stream_coordinator.cc:85:11 #1 0x55ae78614fa7 in Invoke<void (AudioStreamCoordinator::*)(...), const base::WeakPtr<AudioStreamCoordinator> &, std::__Cr::unique_ptr<media::AudioBus, std::__Cr::default_delete<media::AudioBus> >, base::TimeTicks> base/functional/bind_internal.h:738:12 #2 0x55ae78614fa7 in MakeItSo<void (AudioStreamCoordinator::*const &)(...), const std::__Cr::tuple<base::WeakPtr<AudioStreamCoordinator> > &, std::__Cr::unique_ptr<media::AudioBus, std::__Cr::default_delete<media::AudioBus> >, base::TimeTicks> base/functional/bind_internal.h:954:5 #3 0x55ae78614fa7 in RunImpl<void (AudioStreamCoordinator::*const &)(...), const std::__Cr::tuple<base::WeakPtr<AudioStreamCoordinator> > &, 0UL> base/functional/bind_internal.h:1067:14 #4 0x55ae78614fa7 in base::internal::Invoker<base::internal::FunctorTraits<void (AudioStreamCoordinator::* const&)(...), base::WeakPtr<AudioStreamCoordinator> const&>, base::internal::BindState<true, true, false, void (AudioStreamCoordinator::*)(...), base::WeakPtr<AudioStreamCoordinator>>, void (std::__Cr::unique_ptr<media::AudioBus, std::__Cr::default_delete<media::AudioBus>>, base::TimeTicks)>::Run(...) base/functional/bind_internal.h:987:12 #5 0x55ae78615e6c in base::RepeatingCallback<void (...)>::Run(...) && base/functional/callback.h:361:12 [...] Uninitialized value was stored to memory at #0 0x55ae3895e8fa in __msan_memcpy /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/msan/msan_interceptors.cpp:1729:3 #1 0x55ae66021782 in media::AudioBus::CopyPartialFramesTo(...) const media/base/audio_bus.cc:319:5 #2 0x55ae7a23fc71 in capture_mode::AudioCapturer::Capture(...) components/capture_mode/audio_capturer.cc:71:17 #3 0x55ae442930c4 in AudioStreamCoordinatorTest_ConnectToAudioCaptuerAndReceiveBuses_Test::TestBody() chrome/browser/ui/views/media_preview/mic_preview/audio_stream_coordinator_unittest.cc:81:46 [...] Uninitialized value was created by a heap allocation #0 0x55ae3895ecd3 in posix_memalign /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/msan/msan_interceptors.cpp:162:3 #1 0x55ae5fa9819a in base::AlignedAlloc(...) base/memory/aligned_memory.cc:34:13 #2 0x55ae6601f8ae in AudioBus media/base/audio_bus.cc:69:35 #3 0x55ae6601f8ae in media::AudioBus::Create(...) media/base/audio_bus.cc:115:11 #4 0x55ae44292fe0 in AudioStreamCoordinatorTest_ConnectToAudioCaptuerAndReceiveBuses_Test::TestBody() chrome/browser/ui/views/media_preview/mic_preview/audio_stream_coordinator_unittest.cc:76:50 [...] SUMMARY: MemorySanitizer: use-of-uninitialized-value chrome/browser/ui/views/media_preview/mic_preview/audio_stream_coordinator.cc:85:11 in AudioStreamCoordinator::OnAudioCaptured(std::__Cr::unique_ptr<media::AudioBus, std::__Cr::default_delete<media::AudioBus>>, base::TimeTicks) Bug: 40240570 Change-Id: I05434a83fbdf0b4ba5ca41f60a1a4509a58db5a5 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5561909 Reviewed-by: Ahmed Moussa <ahmedmoussa@google.com> Commit-Queue: Daniel Cheng <dcheng@chromium.org> Cr-Commit-Position: refs/heads/main@{#1304896}

This CL is trivial (contextualized by its downstream counterpart). Some PA unit tests will `free()` an object and subsequently use the address as a slot start. PA's standard mechanism for asserting that an address is a slot start is incompatible with this, and so the test should be performed with an explicitly unchecked variant. Sample backtrace from LUD unit tests: ``` (lldb) bt * thread #1, name = 'base_unittests', stop reason = signal SIGTRAP * frame #0: 0x0000555559e206b9 base_unittests`partition_alloc::internal::logging::LogMessage::~LogMessage()::$_0::operator()(this=0x00007fffffffbaa7) const at log_message.cc:128:5 frame #1: 0x0000555559e20682 base_unittests`partition_alloc::internal::logging::LogMessage::~LogMessage(this=0x00007fffffffbc28) at log_message.cc:128:5 frame #2: 0x0000555559e1fdf6 base_unittests`partition_alloc::internal::logging::CheckError::~CheckError(this=0x00007fffffffbc28) at check.cc:74:18 frame #3: 0x0000555557311045 base_unittests`partition_alloc::internal::logging::check_error::DCheck::~DCheck(this=0x00007fffffffbc28) at check.h:120:49 frame #4: 0x0000555557313786 base_unittests`partition_alloc::internal::IsReservationStart(address=67723054809088) at reservation_offset_table.h:265:3 frame #5: 0x0000555557313524 base_unittests`partition_alloc::internal::PartitionPageMetadata::FromAddr(address=67723054825472) at partition_page.h:485:3 frame #6: 0x0000555557312fd6 base_unittests`partition_alloc::internal::SlotSpanMetadata::FromAddr(address=67723054825472) at partition_page.h:534:25 frame #7: 0x00005555573157c0 base_unittests`partition_alloc::internal::SlotStart<true>::CheckIsSlotStart(this=0x00007fffffffc8b0) at partition_page.h:852:32 frame #8: 0x0000555557315780 base_unittests`partition_alloc::internal::SlotStart<true>::SlotStart(this=0x00007fffffffc8b0, untagged_slot_start=67723054825472) at partition_page.h:846:7 frame #9: 0x0000555557316708 base_unittests`partition_alloc::PartitionRoot::ObjectToSlotStart(this=0x00002b6c0005c000, object=0x00003d9800a04000) const at partition_root.h:832:12 frame #10: 0x0000555559e2cb74 base_unittests`partition_alloc::internal::LightweightQuarantineBranch::IsQuarantinedForTesting(this=0x00002b6c000146d8, object=0x00003d9800a04000) at lightweight_quarantine.cc:108:48 frame #11: 0x0000555558c26758 base_unittests`partition_alloc::PartitionAllocLightweightQuarantineTest_TooLargeAllocation_Test::TestBody(this=0x00002b6c00014680) at lightweight_quarantine_unittest.cc:129:3 ``` Bug: 337078970 Change-Id: I08592544b79be323a724b139f642105316cfdf30 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5584938 Reviewed-by: Keishi Hattori <keishi@chromium.org> Commit-Queue: Kalvin Lee <kdlee@chromium.org> Cr-Commit-Position: refs/heads/main@{#1309767}

The Browser class allows arbitrary classes that inherit from BrowserUserData to attach themselves to a Browser instance. However, BrowserUserData instances are destroyed after Browser's fields are already destroyed. If a BrowserUserData subclass tries to use the Browser in its destructor, this is a use-after-destroy. An example of such an error caught by MSan's use-after-dtor check: #0 BrowserView::GetBrowserViewForBrowser(Browser const*) chrome/browser/ui/views/frame/browser_view.cc:1103:26 #1 ReadAnythingCoordinator::~ReadAnythingCoordinator() chrome/browser/ui/views/side_panel/read_anything/read_anything_coordinator.cc:176:31 #2 ReadAnythingCoordinator::~ReadAnythingCoordinator() chrome/browser/ui/views/side_panel/read_anything/read_anything_coordinator.cc:161:53 #3 operator() third_party/libc++/src/include/__memory/unique_ptr.h:67:5 #4 reset third_party/libc++/src/include/__memory/unique_ptr.h:278:7 #5 ~unique_ptr third_party/libc++/src/include/__memory/unique_ptr.h:248:71 #6 ~pair third_party/libc++/src/include/__utility/pair.h:63:29 <...> #18 0x559686690082 in base::SupportsUserData::~SupportsUserData() base/supports_user_data.cc:122:1 #19 0x55968264e074 in Browser::~Browser() chrome/browser/ui/browser.cc:726:1 #20 0x55968264eb53 in Browser::~Browser() chrome/browser/ui/browser.cc:638:21 Browser now explicitly destroys BrowserUserData instances as the first step of its destruction, to avoid BrowserUserData instances from using a partially-destroyed Browser. However, this reveals an additional issue in ReadAnythingCoordinator, which registers itself as a BrowserList observer, but never unregisters itself. It is unclear what the semantics should be for something that is both a BrowserUserData and a BrowserList observer; fortunately, ReadAnythingCoordinator does not care about the OnBrowserRemoved() event, so this particular question can be punted down the road... Fixing this second issue requires removing the early return in the ReadAnythingCoordinator destructor to avoid skipping observer unregistrations; unfortunately, this reveals one last bug in ReadAnythingCoordinator: it tries to use SidePanelRegistry from its destructor, but both ReadAnythingCoordinator and SidePanelRegistry are BrowserUserData instances. In an ancestor CL, SupportsUserData has been updated so Browser now consistently appears to have no attached BrowserUserData when clearing BrowserUserData instances, whether that's during destruction or during an explicit `ClearAllUserData()` call. While it is an antipattern for a BrowserUserData's destructor to try using another BrowserUserData, fixing that is out of scope of this CL—so just add a null check for now. Bug: 40222690 Change-Id: I3144ca6225f0c739365d065db8bfe1db55db7560 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5590095 Reviewed-by: Abigail Klein <abigailbklein@google.com> Reviewed-by: Mike Wasserman <msw@chromium.org> Commit-Queue: Daniel Cheng <dcheng@chromium.org> Reviewed-by: Erik Chen <erikchen@chromium.org> Cr-Commit-Position: refs/heads/main@{#1313680}

Since the classes only hold a raw reference to AutofillClient, they don't hold any state and therefore don't need to be classes. This CL prepares for the transition by doing some changes that will be needed when the classes will be removed, to simplify the diff afterwards, namely: - Moving duplicated function to anonymous namespace. Bug: 41484171 Change-Id: I5106754a49789c61962fc63261ceee958d01c4b3 Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5630589 Reviewed-by: Christoph Schwering <schwering@google.com> Commit-Queue: Jihad Hanna <jihadghanna@google.com> Code-Coverage: findit-for-me@appspot.gserviceaccount.com <findit-for-me@appspot.gserviceaccount.com> Cr-Commit-Position: refs/heads/main@{#1315505}

yoshikig and others added 30 commits August 30, 2021 05:46

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[pull] master from chromium:master #4

[pull] master from chromium:master #4

pull bot commented Aug 30, 2021 •

edited

Loading

[pull] master from chromium:master #4

[pull] master from chromium:master #4

Conversation

pull bot commented Aug 30, 2021 • edited Loading

pull bot commented Aug 30, 2021 •

edited

Loading