Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Symbol not found: _CVPixelBufferPoolFlush #14

Closed
Wowfunhappy opened this issue Mar 16, 2021 · 2 comments
Closed

Symbol not found: _CVPixelBufferPoolFlush #14

Wowfunhappy opened this issue Mar 16, 2021 · 2 comments

Comments

@Wowfunhappy
Copy link

In video conferencing webapps, Chromium will sometimes crash due to Symbol not found: _CVPixelBufferPoolFlush. This does not happen frequently—I run into this problem maybe once a week, as a very heavy user—but it does happen.

But although the crash is annoyingly difficult to replicate, the cause (I think) is relatively straightforward: CVPixelBufferPoolFlush is only available in macOS 10.11 and above, and Chromium calls it in exactly one place:

CVPixelBufferPoolFlush(buffer_pool_, kCVPixelBufferPoolFlushExcessBuffers);

Could this be guarded behind a if (__builtin_available(macOS 10.11, *)), assuming nothing too terrible will happen if the PixelBufferPool isn't flushed?

@blueboxd
Copy link
Owner

Thank you for the detailed reporting!
As you stated, flushing is probably unnecessary:

// Flushing before freeing probably isn't needed, but it can't hurt.

That hurts us...:pensive:
CVPixelBufferPoolFlush is now dynamically loaded only on supported OS.

Should be fixed at r863114, but I'll leave this issue open, so please close if you feel not crashing.

@Wowfunhappy
Copy link
Author

Thanks as always! I'll close, and re-open if I run into the crash again (which seems unlikely!)

blueboxd pushed a commit that referenced this issue Apr 9, 2021
This reverts commit c787d2a.

Reason for revert:

Causes flaky failures on some Linux bots, e.g., https://ci.chromium.org/p/chromium/builders/ci/Linux%20Ozone%20Tester%20%28Wayland%29
Example failure:
browser_tests_wayland failed because of:
ExtensionBackForwardCacheContentScriptDisabledBrowserTest.CSSDisallowed

pattern of failures on this bot:
https://screenshot.googleplex.com/87iSx5FiDVGZRmF

Failure error is
../../chrome/browser/extensions/back_forward_cache_browsertest.cc:110: Failure
Value of: delete_observer_rfh_a.deleted()
  Actual: false
Expected: true
Stack trace:
#0 0x563563bb7efc extensions::ExtensionBackForwardCacheContentScriptDisabledBrowserTest_CSSDisallowed_Test::RunTestOnMainThread()
#1 0x563567b440ce content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
#2 0x5635676da77d ChromeBrowserMainParts::PreMainMessageLoopRunImpl()
#3 0x5635676d9d54 ChromeBrowserMainParts::PreMainMessageLoopRun()
#4 0x56356561f0df content::BrowserMainLoop::PreMainMessageLoopRun()
#5 0x563565a4e6a3 content::StartupTaskRunner::RunAllTasksNow()
#6 0x56356561ed5d content::BrowserMainLoop::CreateStartupTasks()
#7 0x563565621228 content::BrowserMainRunnerImpl::Initialize()
#8 0x56356561d610 content::BrowserMain()
#9 0x563566297393 content::ContentMainRunnerImpl::RunBrowser()
#10 0x563566296f1d content::ContentMainRunnerImpl::Run()
#11 0x5635662944ad content::RunContentProcess()
#12 0x563566294e4d content::ContentMain()
#13 0x563567b43778 content::BrowserTestBase::SetUp()
#14 0x563567587576 InProcessBrowserTest::SetUp()

The same error appears on other bots when this fails too, e.g.,
https://ci.chromium.org/p/chromium/builders/ci/Linux%20Ozone%20Tester%20%28X11%29/29058 
https://logs.chromium.org/logs/chromium/buildbucket/cr-buildbucket.appspot.com/8850497656556318928/+/steps/browser_tests_x11/0/logs/Deterministic_failure:_ExtensionBackForwardCacheContentScriptDisabledBrowserTest.CSSDisallowed__status_FAILURE_/0

Original change's description:
> If an extension does a content injection disable bf cache.
>
> This code tracks whether a content injection (insertCSS, contentScript,
> executeScript) has occurred for a WebFrame. If so then turn off
> BFCache for the frame.
>
> BUG=1192785
>
> Change-Id: I682a9efb247aae358023e3a591368c84d47001ce
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2787195
> Reviewed-by: Reilly Grant <reillyg@chromium.org>
> Reviewed-by: Takashi Toyoshima <toyoshim@chromium.org>
> Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
> Reviewed-by: Avi Drissman <avi@chromium.org>
> Reviewed-by: Kentaro Hara <haraken@chromium.org>
> Reviewed-by: Kouhei Ueno <kouhei@chromium.org>
> Commit-Queue: Dave Tapuska <dtapuska@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#870582}

Bug: 1192785
Change-Id: Ib122b1d64155d85009038d961306ac620053564b
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2816001
Auto-Submit: Mark Pearson <mpearson@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Mark Pearson <mpearson@chromium.org>
Reviewed-by: Mark Pearson <mpearson@chromium.org>
Reviewed-by: anthonyvd <anthonyvd@chromium.org>
Owners-Override: Mark Pearson <mpearson@chromium.org>
Cr-Commit-Position: refs/heads/master@{#870681}
blueboxd pushed a commit that referenced this issue Apr 19, 2021
This reverts commit 7ae3611.

Reason for revert: cast_shell+browsertests failing on Cast [Audio] Linux
 First failure https://ci.chromium.org/ui/p/chromium/builders/ci/Cast%20Audio%20Linux/103652/overview

Example crash stack
BrowserTestBase received signal: Segmentation fault. Backtrace:
#0 0x55bcce76b6a9 base::debug::CollectStackTrace()
#1 0x55bcce6dfda3 base::debug::StackTrace::StackTrace()
#2 0x55bcd0fb5cac content::(anonymous namespace)::DumpStackTraceSignalHandler()
#3 0x7fd872d664c0 (/lib/x86_64-linux-gnu/libc-2.23.so+0x354bf)
#4 0x55bcccba88b0 _ZNSt3__17find_ifINS_11__wrap_iterIPKN4base8internal24UncheckedObserverAdapterEEEZNS3_23ProjectedUnaryPredicateIZNKS2_12ObserverListIN3net16MDnsListenerImplELb0ELb1ES4_E11HasObserverEPKSB_EUlRKT_E_NS2_8identityEEEDaRSF_RT0_EUlOSF_E_EESF_SF_SF_SL_
#5 0x55bcccba889e _ZN4base6ranges7find_ifINSt3__111__wrap_iterIPKNS_8internal24UncheckedObserverAdapterEEEZNKS_12ObserverListIN3net16MDnsListenerImplELb0ELb1ES5_E11HasObserverEPKSB_EUlRKT_E_NS_8identityENS2_26random_access_iterator_tagEEEDaSF_SF_T0_T1_
#6 0x55bcccba6dca base::ObserverList<>::RemoveObserver()
#7 0x55bccd28a44e chromecast::DisplayConfiguratorObserver::~DisplayConfiguratorObserver()
#8 0x55bccd26fbcd chromecast::shell::CastBrowserMainParts::~CastBrowserMainParts()
#9 0x55bccd26fc7c chromecast::shell::CastBrowserMainParts::~CastBrowserMainParts()
#10 0x55bccd3a6836 content::BrowserMainLoop::~BrowserMainLoop()
#11 0x55bccd3a6920 content::BrowserMainLoop::~BrowserMainLoop()
#12 0x55bccd3a9c06 content::BrowserMainRunnerImpl::Shutdown()
#13 0x55bccd3a65aa content::BrowserMain()
#14 0x55bcce68bc80 content::RunBrowserProcessMain()
#15 0x55bcce68c9a6 content::ContentMainRunnerImpl::RunBrowser()
#16 0x55bcce68c62c content::ContentMainRunnerImpl::Run()
#17 0x55bcce68ad93 content::RunContentProcess()
#18 0x55bcce68b49a content::ContentMain()
#19 0x55bcd0fb50e1 content::BrowserTestBase::SetUp()
#20 0x55bccc9fdf90 chromecast::WebviewTest::SetUp()
#21 0x55bcce69a89c testing::Test::Run()
#22 0x55bcce69adb8 testing::TestInfo::Run()
#23 0x55bcce69b27d testing::TestSuite::Run()
#24 0x55bcce6a2233 testing::internal::UnitTestImpl::RunAllTests()
#25 0x55bcce6a1f87 testing::UnitTest::Run()
#26 0x55bcd0fa57ef base::TestSuite::Run()
#27 0x55bccc9de2a4 chromecast::shell::CastTestLauncherDelegate::RunTestSuite()
#28 0x55bcd0fb930e content::LaunchTests()
#29 0x55bccc9de23c main
#30 0x7fd872d51840 __libc_start_main
#31 0x55bccc9de12a _start

Original change's description:
> Add display change observer.
>
> Centralize the logic to force a repaint post display changes in an
> observer. This way the complexity of refreshing the display is
> handled in the observer rather than in every piece of code that
> needs to update the display state.
>
> Bug: b/180040068
> Test: Ran cast_shell on the desktop to verify there are no crashes
> Change-Id: I022850322c8b9177463bdc0526121016ebf0f330
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2727577
> Reviewed-by: Daniel Nicoara <dnicoara@chromium.org>
> Commit-Queue: Shiv Sakhuja <shivsak@google.com>
> Cr-Commit-Position: refs/heads/master@{#873512}

Bug: b/180040068
Change-Id: Id01a6e537f2285a9c35ce90acc9eba81b0ea6c1f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2835019
Owners-Override: Olga Sharonova <olka@google.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Olga Sharonova <olka@chromium.org>
Cr-Commit-Position: refs/heads/master@{#873746}
blueboxd pushed a commit that referenced this issue Apr 27, 2021
This reverts commit 59bae41.

Reason for revert: Broken on Linux Chromium OS ASan LSan Tests (1)
https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20Chromium%20OS%20ASan%20LSan%20Tests%20(1)/39927/

<div><pre>[ RUN      ] PrerenderBrowserTest.PrerenderBlankIframe
2021-04-26T19:40:32.221868Z INFO content_browsertests[5132:5132]: [content_main_runner_impl.cc(1077)] Chrome is running in full browser mode.

DevTools listening on ws://127.0.0.1:36659/devtools/browser/21b92715-e642-49fe-98ef-4b69eea3f8b2
2021-04-26T19:40:32.847975Z ERROR content_browsertests[5132:5132]: [browser_test_utils.cc(837)] No committed entry.
2021-04-26T19:40:34.078783Z WARNING content_browsertests[5132:5132]: [render_frame_host_impl.cc(977)] InterfaceRequest was dropped, the document is no longer active: blink.mojom.AppCacheBackend
2021-04-26T19:40:34.281683Z FATAL content_browsertests[5285:1]: [document.cc(8103)] Check failed: is_prerendering_.
    #0 0x55b148a133cb in backtrace /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:4205:13
    #1 0x55b1586bd249 in base::debug::CollectStackTrace(void**, unsigned long) ./../../base/debug/stack_trace_posix.cc:840:39
    #2 0x55b1583f3f03 in StackTrace ./../../base/debug/stack_trace.cc:198:12
    #3 0x55b1583f3f03 in base::debug::StackTrace::StackTrace() ./../../base/debug/stack_trace.cc:195:28
    #4 0x55b158448eb2 in logging::LogMessage::~LogMessage() ./../../base/logging.cc:589:29
    #5 0x55b15844adde in logging::LogMessage::~LogMessage() ./../../base/logging.cc:583:27
    #6 0x55b15e0d8fa6 in blink::Document::ActivateForPrerendering() ./../../third_party/blink/renderer/core/dom/document.cc:8103:3
    #7 0x55b15392c60c in Run ./../../base/callback.h:101:12
    #8 0x55b15392c60c in RunInternal ./../../third_party/blink/renderer/platform/wtf/functional.h:221:33
    #9 0x55b15392c60c in WTF::ThreadCheckingCallbackWrapper<base::OnceCallback<void ()>, void ()>::Run() ./../../third_party/blink/renderer/platform/wtf/functional.h:206:12
    #10 0x55b1585795fa in Run ./../../base/callback.h:101:12
    #11 0x55b1585795fa in base::TaskAnnotator::RunTask(char const*, base::PendingTask*) ./../../base/task/common/task_annotator.cc:173:33
    #12 0x55b1585e197a in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::sequence_manager::LazyNow*) ./../../base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:351:25
    #13 0x55b1585e071f in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() ./../../base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:264:36
    #14 0x55b158468934 in base::MessagePumpDefault::Run(base::MessagePump::Delegate*) ./../../base/message_loop/message_pump_default.cc:39:55
    #15 0x55b1585e36d9 in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, base::TimeDelta) ./../../base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:460:12
    #16 0x55b158503839 in base::RunLoop::Run(base::Location const&) ./../../base/run_loop.cc:133:14
    #17 0x55b1671389dc in content::RendererMain(content::MainFunctionParams const&) ./../../content/renderer/renderer_main.cc:261:16
    #18 0x55b15003c45a in content::RunZygote(content::ContentMainDelegate*) ./../../content/app/content_main_runner_impl.cc:572:14
    #19 0x55b15003f244 in content::ContentMainRunnerImpl::Run(bool) ./../../content/app/content_main_runner_impl.cc:958:10
    #20 0x55b150039a30 in content::RunContentProcess(content::ContentMainParams const&, content::ContentMainRunner*) ./../../content/app/content_main.cc:372:36
    #21 0x55b150039f11 in content::ContentMain(content::ContentMainParams const&) ./../../content/app/content_main.cc:398:10
    #22 0x55b157438e9c in content::LaunchTests(content::TestLauncherDelegate*, unsigned long, int, char**) ./../../content/public/test/test_launcher.cc:372:12
    #23 0x55b1572a1d21 in main ./../../content/test/content_test_launcher.cc:91:10
    #24 0x7f772d1ad840 in __libc_start_main ??:0:0
    #25 0x55b1489dcaaa in _start ??:0:0
Task trace:
    #0 0x55b15ea7ff11 in blink::LocalFrame::ActivateForPrerendering() ./../../third_party/blink/renderer/core/frame/local_frame.cc:3766:18
    #1 0x55b15780d116 in IPC::(anonymous namespace)::ChannelAssociatedGroupController::Accept(mojo::Message*) ./../../ipc/ipc_mojo_bootstrap.cc:904:13
IPC message handler context: 0xA60C9B35

Received signal 6
    #0 0x55b148a133cb in backtrace /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/../sanitizer_common/sanitizer_common_interceptors.inc:4205:13
    #1 0x55b1586bd249 in base::debug::CollectStackTrace(void**, unsigned long) ./../../base/debug/stack_trace_posix.cc:840:39
    #2 0x55b1583f3f03 in StackTrace ./../../base/debug/stack_trace.cc:198:12
    #3 0x55b1583f3f03 in base::debug::StackTrace::StackTrace() ./../../base/debug/stack_trace.cc:195:28
    #4 0x55b1586bbd47 in base::debug::(anonymous namespace)::StackDumpSignalHandler(int, siginfo_t*, void*) ./../../base/debug/stack_trace_posix.cc:345:3
    #5 0x7f7730097390 in __funlockfile ??:?
    #6 0x7f7730097390 in ?? ??:0
    #7 0x7f772d1c2438 in raise ??:0:0
    #8 0x7f772d1c403a in abort ??:0:0
    #9 0x55b1586b9f6a in base::debug::BreakDebugger() ./../../base/debug/debugger_posix.cc:326:3
    #10 0x55b158449863 in logging::LogMessage::~LogMessage() ./../../base/logging.cc:891:7
    #11 0x55b15844adde in logging::LogMessage::~LogMessage() ./../../base/logging.cc:583:27
    #12 0x55b15e0d8fa6 in blink::Document::ActivateForPrerendering() ./../../third_party/blink/renderer/core/dom/document.cc:8103:3
    #13 0x55b15392c60c in Run ./../../base/callback.h:101:12
    #14 0x55b15392c60c in RunInternal ./../../third_party/blink/renderer/platform/wtf/functional.h:221:33
    #15 0x55b15392c60c in WTF::ThreadCheckingCallbackWrapper<base::OnceCallback<void ()>, void ()>::Run() ./../../third_party/blink/renderer/platform/wtf/functional.h:206:12
    #16 0x55b1585795fa in Run ./../../base/callback.h:101:12
    #17 0x55b1585795fa in base::TaskAnnotator::RunTask(char const*, base::PendingTask*) ./../../base/task/common/task_annotator.cc:173:33
    #18 0x55b1585e197a in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(base::sequence_manager::LazyNow*) ./../../base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:351:25
    #19 0x55b1585e071f in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork() ./../../base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:264:36
    #20 0x55b158468934 in base::MessagePumpDefault::Run(base::MessagePump::Delegate*) ./../../base/message_loop/message_pump_default.cc:39:55
    #21 0x55b1585e36d9 in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, base::TimeDelta) ./../../base/task/sequence_manager/thread_controller_with_message_pump_impl.cc:460:12
    #22 0x55b158503839 in base::RunLoop::Run(base::Location const&) ./../../base/run_loop.cc:133:14
    #23 0x55b1671389dc in content::RendererMain(content::MainFunctionParams const&) ./../../content/renderer/renderer_main.cc:261:16
    #24 0x55b15003c45a in content::RunZygote(content::ContentMainDelegate*) ./../../content/app/content_main_runner_impl.cc:572:14
    #25 0x55b15003f244 in content::ContentMainRunnerImpl::Run(bool) ./../../content/app/content_main_runner_impl.cc:958:10
    #26 0x55b150039a30 in content::RunContentProcess(content::ContentMainParams const&, content::ContentMainRunner*) ./../../content/app/content_main.cc:372:36
    #27 0x55b150039f11 in content::ContentMain(content::ContentMainParams const&) ./../../content/app/content_main.cc:398:10
    #28 0x55b157438e9c in content::LaunchTests(content::TestLauncherDelegate*, unsigned long, int, char**) ./../../content/public/test/test_launcher.cc:372:12
    #29 0x55b1572a1d21 in main ./../../content/test/content_test_launcher.cc:91:10
    #30 0x7f772d1ad840 in __libc_start_main ??:0:0
    #31 0x55b1489dcaaa in _start ??:0:0
  r8: 0000000000003000  r9: 00000feee51a2840 r10: 0000000000000008 r11: 0000000000000202
 r12: 00000fef65260c00 r13: 00000feee5268e48 r14: 00007f7729347230 r15: 00007f77293472b0
  di: 0000000000000001  si: 0000000000000001  bp: 00007ffcf0a97110  bx: 00007ffcf0a97120
  dx: 0000000000000006  ax: 0000000000000000  cx: 00007f772d1c2438  sp: 00007ffcf0a96fd8
  ip: 00007f772d1c2438 efl: 0000000000000202 cgf: 002b000000000033 erf: 0000000000000000
 trp: 0000000000000000 msk: 0000000000000000 cr2: 0000000000000000
[end of stack trace]
Calling _exit(EXIT_FAILURE). Core file will not be generated.
../../content/public/test/no_renderer_crashes_assertion.cc:101: Failure
Failed
Unexpected termination of a renderer process; status: 1, exit_code: 256
Stack trace:
    #0 0x556300884c70 in content::NoRendererCrashesAssertion::Observe(int, content::NotificationSource const&, content::NotificationDetails const&) ./../../content/public/test/no_renderer_crashes_assertion.cc:101:5
    #1 0x5562fe8a511c in content::NotificationServiceImpl::Notify(int, content::NotificationSource const&, content::NotificationDetails const&) ./../../content/browser/notification_service_impl.cc:123:16
    #2 0x5562fed854dc in content::RenderProcessHostImpl::ProcessDied(bool, content::ChildProcessTerminationInfo*) ./../../content/browser/renderer_host/render_process_host_impl.cc:4468:35
    #3 0x5562fed84d46 in content::RenderProcessHostImpl::FastShutdownIfPossible(unsigned long, bool) ./../../content/browser/renderer_host/render_process_host_impl.cc:3480:3
    #4 0x5563007096fd in content::ContentBrowserTest::PostRunTestOnMainThread() ./../../content/public/test/content_browser_test.cc:159:26
    #5 0x55630081ddfd in content::BrowserTestBase::ProxyRunTestOnMainThreadLoop() ./../../content/public/test/browser_test_base.cc:833:3
    #6 0x5562f23f595a in base::OnceCallback<void ()>::Run() && ./../../base/callback.h:101:12
    #7 0x556300a86450 in content::ShellBrowserMainParts::PreMainMessageLoopRun() ./../../content/shell/browser/shell_browser_main_parts.cc:200:37
    #8 0x5562fe06aed1 in content::BrowserMainLoop::PreMainMessageLoopRun() ./../../content/browser/browser_main_loop.cc:961:28
    #9 0x5562f78e60d9 in base::OnceCallback<int ()>::Run() && ./../../base/callback.h:101:12
    #10 0x5562ff118ca5 in content::StartupTaskRunner::RunAllTasksNow() ./../../content/browser/startup_task_runner.cc:41:29
    #11 0x5562fe06a59d in content::BrowserMainLoop::CreateStartupTasks() ./../../content/browser/browser_main_loop.cc:869:25
    #12 0x5562fe0715f3 in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) ./../../content/browser/browser_main_runner_impl.cc:131:15
    #13 0x5562fe066342 in content::BrowserMain(content::MainFunctionParams const&) ./../../content/browser/browser_main.cc:43:32
    #14 0x5562f94bb63d in content::RunBrowserProcessMain(content::MainFunctionParams const&, content::ContentMainDelegate*) ./../../content/app/content_main_runner_impl.cc:598:10
    #15 0x5562f94bded9 in content::ContentMainRunnerImpl::RunBrowser(content::MainFunctionParams&, bool) ./../../content/app/content_main_runner_impl.cc:1081:10
    #16 0x5562f94bd258 in content::ContentMainRunnerImpl::Run(bool) ./../../content/app/content_main_runner_impl.cc:956:12
    #17 0x5562f94b7a30 in content::RunContentProcess(content::ContentMainParams const&, content::ContentMainRunner*) ./../../content/app/content_main.cc:372:36
    #18 0x5562f94b7f11 in content::ContentMain(content::ContentMainParams const&) ./../../content/app/content_main.cc:398:10
    #19 0x55630081c4bd in content::BrowserTestBase::SetUp() ./../../content/public/test/browser_test_base.cc:696:3

2021-04-26T19:40:34.692356Z WARNING content_browsertests[5132:5174]: [discardable_shared_memory_manager.cc(432)] Some MojoDiscardableSharedMemoryManagerImpls are still alive. They will be leaked.
[  FAILED  ] PrerenderBrowserTest.PrerenderBlankIframe, where TypeParam =  and GetParam() =  (2830 ms)

Original change's description:
> Prerender: Enable PrerenderBrowserTest.PrerenderBlankIframe
>
> To sheriffs: Feel free to revert this CL if the test is flaky.
>
> The CL author tried to reproduce this on local environments but
> failed. For further investigation, this CL enables the test again to see
> how it works on the try bots.
>
> Bug: 1185965
> Change-Id: Ie7f65ef094a815e72b93091c8b3d0ab9b361e593
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2850329
> Reviewed-by: Lingqi Chi <lingqi@chromium.org>
> Commit-Queue: Hiroki Nakagawa <nhiroki@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#876111}

Bug: 1185965
Change-Id: I245d5e5f2715c75ead3a50389cbd0e9a4ad49aed
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2853351
Auto-Submit: Thiemo Nagel <tnagel@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Thiemo Nagel <tnagel@chromium.org>
Owners-Override: Thiemo Nagel <tnagel@chromium.org>
Cr-Commit-Position: refs/heads/master@{#876535}
blueboxd pushed a commit that referenced this issue Jun 19, 2021
This will make compile step faster.
Previously symbol_level=0 means no symbol. But llvm changed the
behavior. Now it contains function names, which in general is
fine for developers.

This is the result for linux-lacros-rel:
symbol_level=0: https://ci.chromium.org/p/chromium/builders/try/linux-lacros-rel/247920?
The browser_tests shard 0 contains:
../../chrome/browser/profiles/profile_manager_browsertest.cc:616: Failure
Expected equality of these values:
  2U
    Which is: 2
  chrome::GetTotalBrowserCount()
    Which is: 1
Stack trace:
#0 0x56441415eea1 ProfileManagerBrowserTest_PRE_AddMultipleProfiles_Test::RunTestOnMainThread()
#1 0x56441a1d278c content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
#2 0x564413970763 chrome_service_worker_browser_test::ChromeServiceWorkerLinkFetchTest::ManifestCallbackAndRun()
#3 0x5644199f3cce ChromeBrowserMainParts::PreMainMessageLoopRunImpl()
#4 0x5644199f3024 ChromeBrowserMainParts::PreMainMessageLoopRun()
#5 0x564416e69bef content::BrowserMainLoop::PreMainMessageLoopRun()
#6 0x56441740a676 content::StartupTaskRunner::RunAllTasksNow()
#7 0x564416e69855 content::BrowserMainLoop::CreateStartupTasks()
#8 0x564416e6c10b content::BrowserMainRunnerImpl::Initialize()
#9 0x564416e67dd7 content::BrowserMain()
#10 0x564417d95478 content::ContentMainRunnerImpl::RunBrowser()
#11 0x564417d94ec0 content::ContentMainRunnerImpl::Run()
#12 0x564417d92d1c content::RunContentProcess()
#13 0x564417d92ded content::ContentMain()
#14 0x56441a1d1a78 content::BrowserTestBase::SetUp()
#15 0x5644197edc5e InProcessBrowserTest::SetUp()

symbol_level=1: https://ci.chromium.org/p/chromium/builders/try/linux-lacros-rel/248772
The browser_tests shard 0 contains:
../../chrome/browser/profiles/profile_manager_browsertest.cc:616: Failure
Expected equality of these values:
  2U
    Which is: 2
  chrome::GetTotalBrowserCount()
    Which is: 1
Stack trace:
#0 0x5565d9f0f621 ProfileManagerBrowserTest_PRE_AddMultipleProfiles_Test::RunTestOnMainThread()
#1 0x5565dff88ebc content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
#2 0x5565d971fe93 chrome_service_worker_browser_test::ChromeServiceWorkerLinkFetchTest::ManifestCallbackAndRun()
#3 0x5565df7aa9ce ChromeBrowserMainParts::PreMainMessageLoopRunImpl()
#4 0x5565df7a9d24 ChromeBrowserMainParts::PreMainMessageLoopRun()
#5 0x5565dcc1fbdf content::BrowserMainLoop::PreMainMessageLoopRun()
#6 0x5565dd1c09c6 content::StartupTaskRunner::RunAllTasksNow()
#7 0x5565dcc1f845 content::BrowserMainLoop::CreateStartupTasks()
#8 0x5565dcc220fb content::BrowserMainRunnerImpl::Initialize()
#9 0x5565dcc1ddc7 content::BrowserMain()
#10 0x5565ddb4ce78 content::ContentMainRunnerImpl::RunBrowser()
#11 0x5565ddb4c8c0 content::ContentMainRunnerImpl::Run()
#12 0x5565ddb4a71c content::RunContentProcess()
#13 0x5565ddb4a7ed content::ContentMain()
#14 0x5565dff881a8 content::BrowserTestBase::SetUp()
#15 0x5565df5a494e InProcessBrowserTest::SetUp()
It's the same debug information.

Bug: 1221324
Change-Id: I96a0768508cf9bd073a5522e792a4120606bddb8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2965870
Reviewed-by: Erik Staab <estaab@chromium.org>
Reviewed-by: Yuke Liao <liaoyuke@chromium.org>
Commit-Queue: Sven Zheng <svenzheng@chromium.org>
Cr-Commit-Position: refs/heads/master@{#893997}
blueboxd pushed a commit that referenced this issue Jun 22, 2021
…API support."

This reverts commit 97e3106.

Reason for revert: Crashing on DUT.

Here's the stack trace:

#0 0x5b1fdc2d8989 base::debug::CollectStackTrace()
#1 0x5b1fdc1e9d53 base::debug::StackTrace::StackTrace()
#2 0x5b1fdc2d84e1 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x7a7b96fd29f0 (/lib64/libpthread-2.32.so+0x129ef)
#4 0x5b1fdef55c2b _sys_cr_finisheddevice::UsbDeviceLinux::Open()
#5 0x5b1fdef50b0f device::UsbServiceLinux::OnDeviceAdded()
#6 0x5b1fdef52570 base::internal::FunctorTraits<>::Invoke<>()
#7 0x5b1fdc263e50 base::TaskAnnotator::RunTask()
#8 0x5b1fdc289291 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#9 0x5b1fdc28ace2 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#10 0x5b1fdc36060b base::MessagePumpLibevent::Run()
#11 0x5b1fdc28b226 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run()
#12 0x5b1fdc2427b0 base::RunLoop::Run()
#13 0x5b1fd94e4ce6 content::BrowserMainLoop::RunMainMessageLoop()
#14 0x5b1fd94e6b92 content::BrowserMainRunnerImpl::Run()
#15 0x5b1fd94e1df8 content::BrowserMain()
#16 0x5b1fdc1b6810 content::ContentMainRunnerImpl::RunBrowser()
#17 0x5b1fdc1b6173 content::ContentMainRunnerImpl::Run()
#18 0x5b1fdc1b3d94 content::RunContentProcess()
#19 0x5b1fdc1b3e6c content::ContentMain()
#20 0x5b1fd7dafa1f ChromeMain
#21 0x7a7b96861e05 __libc_start_main
#22 0x5b1fd7daf8aa _start
  r8: 00007fffb9571db0  r9: 00007fffb9571dd8 r10: 0000000000000058 r11: 0000000000000293
 r12: 00001de68aaf7460 r13: 00007fffb9571dd8 r14: 00007fffb9571db0 r15: 00007fffb9571d88
  di: 0000000000000000  si: 00005b1fddf84260  bp: 00007fffb9571f50  bx: 00001de689a4ad20
  dx: 00005b1fddf84210  ax: 00001de689f0cb00  cx: 00001de689f0cfc0  sp: 00007fffb9571d60
  ip: 00005b1fdef55c2b efl: 0000000000010202 cgf: 002b000000000033 erf: 0000000000000004
 trp: 000000000000000e msk: 0000000000000000 cr2: 0000000000000000


Original change's description:
> [Lacros] Enable WebUSB, WebSerial, chrome.usb, chrome.serial API support.
>
> This CL enables USB and Serial related API on Lacros, by applying the
> broad stroke of switching Lacros to use code that was previously
> Ash-only. More work might be needed later to iron out details.
>
> Bug: 1195247, 1195248
> Change-Id: I04579cf60ca263907407abdc12cf7a9d5f9d10c6
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2939830
> Commit-Queue: Samuel Huang <huangs@chromium.org>
> Reviewed-by: Theodore Olsauskas-Warren <sauski@google.com>
> Reviewed-by: Tom Sepez <tsepez@chromium.org>
> Reviewed-by: Reilly Grant <reillyg@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#893539}

Bug: 1195247, 1195248
Change-Id: I57c7a0dabb64c1ac25a4569fea5559778fe3e547
Owners-Override: Theodore Olsauskas-Warren <sauski@google.com>
Owners-Override: Tom Sepez <tsepez@chromium.org>
Owners-Override: Reilly Grant <reillyg@chromium.org>
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2972361
Reviewed-by: Samuel Huang <huangs@chromium.org>
Reviewed-by: Theodore Olsauskas-Warren <sauski@google.com>
Commit-Queue: Joshua Pawlicki <waffles@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Joshua Pawlicki <waffles@chromium.org>
Auto-Submit: Hidehiko Abe <hidehiko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#894279}
blueboxd pushed a commit that referenced this issue Jul 27, 2021
This reverts commit 0d437e0.

Reason for revert: Breaks Lacros.
[343589:343589:0726/205512.291579:FATAL:sandbox_seccomp_bpf_linux.cc(239)] Check failed: BPFBasePolicy::GetFSDeniedErrno() == (*__errno_location ()) (1 vs. 13)
#0 0x7fa2e2e3a8af base::debug::CollectStackTrace()
#1 0x7fa2e2baee0a base::debug::StackTrace::StackTrace()
#2 0x7fa2e2baedc5 base::debug::StackTrace::StackTrace()
#3 0x7fa2e2bfe239 logging::LogMessage::~LogMessage()
#4 0x7fa2e2bfe959 logging::LogMessage::~LogMessage()
#5 0x7fa2e2b6e5eb logging::CheckError::~CheckError()
#6 0x7fa2cc927b2f sandbox::policy::SandboxSeccompBPF::RunSandboxSanityChecks()
#7 0x7fa2cc91fc71 sandbox::policy::SandboxLinux::StartSeccompBPF()
#8 0x7fa2cc9206fd sandbox::policy::SandboxLinux::InitializeSandbox()
#9 0x7fa2d83e65a3 content::(anonymous namespace)::StartSandboxLinux()
#10 0x7fa2d83e62b9 content::(anonymous namespace)::ContentSandboxHelper::EnsureSandboxInitialized()
#11 0x7fa2a32de13e gpu::GpuInit::InitializeAndStartSandbox()
#12 0x7fa2d83e5ca0 content::GpuMain()
#13 0x7fa2dbd8a5ad content::RunZygote()
#14 0x7fa2dbd8aa3a content::RunOtherNamedProcessTypeMain()
#15 0x7fa2dbd8b7b4 content::ContentMainRunnerImpl::Run()
#16 0x7fa2dbd889ae content::RunContentProcess()
#17 0x7fa2dbd892fd content::ContentMain()
#18 0x5588c3250966 ChromeMain
#19 0x5588c3250812 main
#20 0x7fa2a56aed0a __libc_start_main
#21 0x5588c325072a _start
To repro the failure, follow go/lacros-build and build
linux Lacros. Lacros can't be launched with the failure above.

Original change's description:
> Use EACCES over EPERM for broker process denied errno
>
> When dlopen is called without an absolute path, it looks in a number
> of search paths for the requested library (e.g. /lib64/libfoo.so,
> /usr/lib/libfoo.so). Often, these files don't exist and the
> corresponding openat syscall should return ENOENT, but because of
> the GPU sandbox, the syscall returns EPERM instead [1]. glibc's
> implementation of dlopen, however, early-exits when it sees an
> unexpected errno [2] and terminates without attempting the remaining
> search paths. Thus, even if the library *is* allowlisted in a later
> path, dlopen will still exit with a failure.
>
> This CL fixes this issue by changing the denied errno to EACCES for
> the broker process.
>
> Bug: 1233028
> Change-Id: I192098eb072f2ee6fb18aa7da3d1998f8328149f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3054490
> Reviewed-by: Matthew Denton <mpdenton@chromium.org>
> Reviewed-by: Robert Sesek <rsesek@chromium.org>
> Commit-Queue: Brian Ho <hob@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#905330}

Bug: 1233028
Change-Id: I111ff2bf802615e1299aee7feb88471d49a238e7
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3055402
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Victor Vianna <victorvianna@google.com>
Owners-Override: Victor Vianna <victorvianna@google.com>
Cr-Commit-Position: refs/heads/master@{#905685}
blueboxd pushed a commit that referenced this issue Aug 11, 2021
Update UserSessionInitializer::PreStartSession() to take bool
is_primary_session and only call
NetworkCertLoader::MarkUserNSSDBWillBeInitialized() when true.

Fixes crash:
2021-08-08T22:59:06.505936Z FATAL chrome[21728:21728]: [network_cert_loader.cc(148)] Check failed: state_ == State::kNotInitialized || state_ == State::kMarkedWillBeInitialized.
#0 0x57e49567eb89 base::debug::CollectStackTrace()
#1 0x57e4955c5c93 base::debug::StackTrace::StackTrace()
#2 0x57e48fd06890 logging::LogMessage::~LogMessage()
#3 0x57e4955d904e logging::LogMessage::~LogMessage()
#4 0x57e497827697 chromeos::NetworkCertLoader::CertCache::MarkWillBeInitialized()
#5 0x57e4978277d2 chromeos::NetworkCertLoader::MarkUserNSSDBWillBeInitialized()
#6 0x57e4937607ac ash::UserSessionManager::StartSession()
#7 0x57e493712814 chromeos::ExistingUserController::OnAuthSuccess()
#8 0x57e498a7a9e5 chromeos::LoginPerformer::OnAuthSuccess()
#9 0x57e498a72c39 chromeos::CryptohomeAuthenticator::OnAuthSuccess()
#10 0x57e490df73f4 base::TaskAnnotator::RunTask()
#11 0x57e48fe5bc9d base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#12 0x57e4956477c2 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#13 0x57e4909e2445 base::MessagePumpLibevent::Run()
#14 0x57e495647a83 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run()
#15 0x57e49560bb56 base::RunLoop::Run()
#16 0x57e4924d69f1 content::BrowserMainLoop::RunMainMessageLoop()
#17 0x57e4924d8840 content::BrowserMainRunnerImpl::Run()
#18 0x57e4924d3ce8 content::BrowserMain()
#19 0x57e495082b38 content::RunBrowserProcessMain()
#20 0x57e495083e3b content::ContentMainRunnerImpl::RunBrowser()
#21 0x57e4950838c6 content::ContentMainRunnerImpl::Run()
#22 0x57e49508123e content::RunContentProcess()
#23 0x57e495081c40 content::ContentMain()
#24 0x57e4910cf23e ChromeMain
#25 0x789c45710e05 __libc_start_main
#26 0x57e4910cf0da _start
Task trace:
#0 0x57e498a73fcc chromeos::CryptohomeAuthenticator::Resolve()
#1 0x57e496c95be1 dbus::ObjectProxy::OnPendingCallIsComplete()
#2 0x57e496c91b91 dbus::Bus::OnDispatchStatusChanged()
#3 0x57e49567fa66 base::FileDescriptorWatcher::Controller::Watcher::OnFileCanReadWithoutBlocking()


Change-Id: I4b250f807ca8f3fff35cb380b3a47ce98b7ade09
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3080039
Auto-Submit: Joel Hockey <joelhockey@chromium.org>
Reviewed-by: Alexander Alekseev <alemate@chromium.org>
Reviewed-by: Pavol Marko <pmarko@chromium.org>
Commit-Queue: Joel Hockey <joelhockey@chromium.org>
Cr-Commit-Position: refs/heads/master@{#910647}
blueboxd pushed a commit that referenced this issue Sep 25, 2021
This reverts commit 77e9679.

Reason for revert:
Likely cause of failure
Step "browser_tests on Ubuntu-18.04" failing on builder "linux-chromeos-chrome"

The failure is a crash in browser_tests.

This failure is fairly but not perfectly consistent.  In three of the last four runs on this bot, browser_tests failed with something in the NativeInputMethodEngineTest.EmojiSuggestion* suite.  It's not always the same test that fails each time.  Nevertheless, this is pretty indicative that nowadays something is wrong in this suite.  This is the obvious candidate, submitted right when the test became mostly-failing.

Here is the first failure as an example:
Retrying 1 test (retry #0)
[ RUN      ] NativeInputMethodEngineTest.EmojiSuggestionDisabledReasonkUrlOrAppNotAllowed
2021-09-24T11:30:01.258384Z WARNING browser_tests[27592:27592]: [audio_manager_linux.cc(60)] Falling back to ALSA for audio output. PulseAudio is not available or could not be initialized.
[434.616] default_socket.cc:58    /run/perfetto/ exists but cannot be accessed. Falling back on /tmp/  (errno: 13, Permission denied)
2021-09-24T11:30:01.293097Z WARNING browser_tests[27592:27609]: [wallpaper_decoder.cc(29)] Failed reading file
2021-09-24T11:30:01.304548Z ERROR browser_tests[27592:27592]: [print_job_reporting_service_factory.cc(47)] DMToken must be valid
2021-09-24T11:30:01.309314Z ERROR browser_tests[27592:27592]: [proximity_auth_profile_pref_manager.cc(194)] Failed to find local state prefs for current user.
2021-09-24T11:30:01.332070Z WARNING browser_tests[27592:27592]: [remote_commands_service.cc(188)] Client is not registered.
2021-09-24T11:30:01.358975Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T11:30:01.359074Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Cache: 0MB
2021-09-24T11:30:01.359110Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.README: 0MB
2021-09-24T11:30:01.359138Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T11:30:01.359147Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.WebData: 0MB
2021-09-24T11:30:01.359429Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.CodeCache: 0MB
2021-09-24T11:30:01.359547Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.SiteCharacteristicsDatabase: 0MB
2021-09-24T11:30:01.359581Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Favicons: 0MB
2021-09-24T11:30:01.359621Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LoginDataForAccount: 0MB
2021-09-24T11:30:01.360073Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.GCache: 0MB
2021-09-24T11:30:01.360118Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.History: 0MB
2021-09-24T11:30:01.360147Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T11:30:01.360161Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T11:30:01.360173Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T11:30:01.360234Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T11:30:01.360415Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.SyncData: 0MB
2021-09-24T11:30:01.361882Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LOCK: 0MB
2021-09-24T11:30:01.361936Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LoginData: 0MB
2021-09-24T11:30:01.361964Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LOG: 0MB
2021-09-24T11:30:01.362091Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T11:30:01.412518Z ERROR browser_tests[27592:27592]: [plugin_vm_manager_impl.cc(150)] New session has dispatcher unexpected already running. Perhaps Chrome crashed?
2021-09-24T11:30:01.433615Z INFO browser_tests[27592:27592]: [key_permissions_manager_impl.cc(509)] One-time key permissions migration started for token: 0.
2021-09-24T11:30:01.451071Z WARNING browser_tests[27592:27592]: [drivefs_session.cc(65)] DriveFs mount failed with error: 3
2021-09-24T11:30:01.458878Z WARNING browser_tests[27592:27592]: [login_unlock_throughput_recorder.cc(58)] Zero frames expected in login animation throughput data
2021-09-24T11:30:01.464809Z INFO browser_tests[27592:27592]: [android_sms_pairing_state_tracker_impl.cc(71)] No Pairing cookie found
2021-09-24T11:30:01.470495Z INFO browser_tests[27592:27592]: [ui_test_utils.cc(224)] NavigateToURL: chrome://newtab/
2021-09-24T11:30:01.473373Z WARNING browser_tests[27592:27639]: [google_brand_chromeos.cc(40)] Brand code file missing: /opt/oem/etc/BRAND_CODE
2021-09-24T11:30:01.535229Z ERROR browser_tests[27592:27639]: [als_reader.cc(52)] Missing num of als
2021-09-24T11:30:01.535643Z ERROR browser_tests[27592:27639]: [chrome_browser_main_extra_parts_metrics.cc(230)] crbug.com/1216328: Checking Bluetooth availability started. Please report if there is no report that this ends.
2021-09-24T11:30:01.535680Z ERROR browser_tests[27592:27639]: [chrome_browser_main_extra_parts_metrics.cc(233)] crbug.com/1216328: Checking Bluetooth availability ended.
2021-09-24T11:30:01.535688Z ERROR browser_tests[27592:27639]: [chrome_browser_main_extra_parts_metrics.cc(236)] crbug.com/1216328: Checking default browser status started. Please report if there is no report that this ends.
2021-09-24T11:30:01.535695Z ERROR browser_tests[27592:27639]: [chrome_browser_main_extra_parts_metrics.cc(240)] crbug.com/1216328: Checking default browser status ended.
2021-09-24T11:30:01.555145Z INFO browser_tests[27592:27592]: [key_permissions_manager_impl.cc(534)] One-time key permissions migration succeeded for token: 0.
BrowserTestBase received signal: Segmentation fault. Backtrace:
#0 0x556151f72449 base::debug::CollectStackTrace()
#1 0x556151ed9d73 base::debug::StackTrace::StackTrace()
#2 0x5561525e4683 content::(anonymous namespace)::DumpStackTraceSignalHandler()
#3 0x7f7dd56e2040 (/lib/x86_64-linux-gnu/libc-2.27.so+0x3f03f)
#4 0x5561556c8304 ChromeOmniboxNavigationObserver::DidFinishNavigation()
#5 0x5561503c8362 content::WebContentsImpl::WebContentsObserverList::NotifyObservers<>()
#6 0x5561503d05f0 content::WebContentsImpl::DidFinishNavigation()
#7 0x5561502a5093 content::NavigationRequest::~NavigationRequest()
#8 0x5561502a59dc content::NavigationRequest::~NavigationRequest()
#9 0x5561502b8919 content::Navigator::DidNavigate()
#10 0x5561502caeed content::RenderFrameHostImpl::DidCommitNavigationInternal()
#11 0x5561502ca24a content::RenderFrameHostImpl::DidCommitNavigation()
#12 0x5561502e9d60 base::internal::FunctorTraits<>::Invoke<>()
#13 0x5561502e9d0f base::internal::Invoker<>::RunOnce()
#14 0x55614fd53470 content::mojom::NavigationClient_CommitFailedNavigation_ForwardToCallback::Accept()
#15 0x55615301c6e0 mojo::InterfaceEndpointClient::HandleValidatedMessage()
#16 0x5561530201e0 mojo::MessageDispatcher::Accept()
#17 0x55615301d435 mojo::InterfaceEndpointClient::HandleIncomingMessage()
#18 0x5561531dc3e2 IPC::(anonymous namespace)::ChannelAssociatedGroupController::AcceptOnEndpointThread()
#19 0x55615301e323 base::internal::Invoker<>::RunOnce()
#20 0x556151f35f23 base::TaskAnnotator::RunTask()
#21 0x556151f467b3 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl()
#22 0x556151f46569 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#23 0x556151f46b32 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#24 0x556151fa9c4b base::MessagePumpLibevent::Run()
#25 0x556151f46d6d base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run()
#26 0x556151f18c1b base::RunLoop::Run()
#27 0x556151ec159d InProcessBrowserTest::RunUntilBrowserProcessQuits()
#28 0x556151ec207f InProcessBrowserTest::QuitBrowsers()
#29 0x556151ec1fce InProcessBrowserTest::PostRunTestOnMainThread()
#30 0x5561525e3d34 content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
#31 0x556152012479 ChromeBrowserMainParts::PreMainMessageLoopRunImpl()
#32 0x55615201197e ChromeBrowserMainParts::PreMainMessageLoopRun()
#33 0x55614efa9b98 chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun()
#34 0x5561500381cd content::BrowserMainLoop::PreMainMessageLoopRun()
#35 0x5561503a1a9c content::StartupTaskRunner::RunAllTasksNow()
chromium#36 0x556150037e4a content::BrowserMainLoop::CreateStartupTasks()
#37 0x55615003a147 content::BrowserMainRunnerImpl::Initialize()
#38 0x556150036912 content::BrowserMain()
chromium#39 0x556150bf6aed content::RunBrowserProcessMain()
#40 0x556150bf79bd content::ContentMainRunnerImpl::RunBrowser()
#41 0x556150bf752e content::ContentMainRunnerImpl::Run()
chromium#42 0x556150bf5b38 content::RunContentProcess()
#43 0x556150bf5c08 content::ContentMain()
#44 0x5561525e3543 content::BrowserTestBase::SetUp()
#45 0x556151ec12c1 InProcessBrowserTest::SetUp()
#46 0x55614e1c8786 ash::input_method::(anonymous namespace)::NativeInputMethodEngineTest::SetUp()
#47 0x55614f308e8f testing::Test::Run()
#48 0x55614f3097c5 testing::TestInfo::Run()
#49 0x55614f309f21 testing::TestSuite::Run()
#50 0x55614f313798 testing::internal::UnitTestImpl::RunAllTests()
#51 0x55614f31338b testing::UnitTest::Run()
#52 0x556151fd7ff2 base::TestSuite::Run()
#53 0x556151e96409 BrowserTestSuiteRunnerChromeOS::RunTestSuite()
#54 0x556152613c1f content::LaunchTests()
#55 0x556151e98224 LaunchChromeTests()
#56 0x556151e9638b main
#57 0x7f7dd56c4bf7 __libc_start_main
#58 0x55614cca11ea _start
from
https://ci.chromium.org/p/chrome/builders/ci/linux-chromeos-chrome/17628

Here is the fourth:  (different test in the same suite, different stack trace):
[ RUN      ] NativeInputMethodEngineTest.EmojiSuggestionDisabledReasonkUserSettingsOff
2021-09-24T16:19:05.593039Z WARNING browser_tests[31407:31407]: [audio_manager_linux.cc(60)] Falling back to ALSA for audio output. PulseAudio is not available or could not be initialized.
[959.207] default_socket.cc:58    /run/perfetto/ exists but cannot be accessed. Falling back on /tmp/  (errno: 13, Permission denied)
2021-09-24T16:19:05.646514Z WARNING browser_tests[31407:31423]: [wallpaper_decoder.cc(29)] Failed reading file
2021-09-24T16:19:05.673272Z ERROR browser_tests[31407:31407]: [print_job_reporting_service_factory.cc(47)] DMToken must be valid
2021-09-24T16:19:05.678360Z ERROR browser_tests[31407:31407]: [proximity_auth_profile_pref_manager.cc(194)] Failed to find local state prefs for current user.
2021-09-24T16:19:05.728926Z WARNING browser_tests[31407:31407]: [remote_commands_service.cc(188)] Client is not registered.
2021-09-24T16:19:05.763864Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T16:19:05.763999Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Cache: 0MB
2021-09-24T16:19:05.764049Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.README: 0MB
2021-09-24T16:19:05.764094Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T16:19:05.764120Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.WebData: 0MB
2021-09-24T16:19:05.764270Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.CodeCache: 0MB
2021-09-24T16:19:05.764446Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.SiteCharacteristicsDatabase: 0MB
2021-09-24T16:19:05.765718Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Favicons: 0MB
2021-09-24T16:19:05.765751Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LoginDataForAccount: 0MB
2021-09-24T16:19:05.766067Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.GCache: 0MB
2021-09-24T16:19:05.766094Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.History: 0MB
2021-09-24T16:19:05.766115Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T16:19:05.766123Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T16:19:05.766131Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T16:19:05.766199Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T16:19:05.766336Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LocalStorage: 0MB
2021-09-24T16:19:05.766472Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.SyncData: 0MB
2021-09-24T16:19:05.766498Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LOCK: 0MB
2021-09-24T16:19:05.766524Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LoginData: 0MB
2021-09-24T16:19:05.766552Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LOG: 0MB
2021-09-24T16:19:05.766909Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
2021-09-24T16:19:05.880798Z ERROR browser_tests[31407:31407]: [plugin_vm_manager_impl.cc(150)] New session has dispatcher unexpected already running. Perhaps Chrome crashed?
2021-09-24T16:19:05.921761Z INFO browser_tests[31407:31407]: [key_permissions_manager_impl.cc(509)] One-time key permissions migration started for token: 0.
2021-09-24T16:19:05.932877Z WARNING browser_tests[31407:31407]: [drivefs_session.cc(65)] DriveFs mount failed with error: 3
2021-09-24T16:19:05.951965Z WARNING browser_tests[31407:31407]: [login_unlock_throughput_recorder.cc(58)] Zero frames expected in login animation throughput data
2021-09-24T16:19:05.973007Z INFO browser_tests[31407:31407]: [android_sms_pairing_state_tracker_impl.cc(71)] No Pairing cookie found
2021-09-24T16:19:05.977396Z WARNING browser_tests[31407:31428]: [google_brand_chromeos.cc(40)] Brand code file missing: /opt/oem/etc/BRAND_CODE
2021-09-24T16:19:05.981581Z INFO browser_tests[31407:31407]: [ui_test_utils.cc(224)] NavigateToURL: chrome://newtab/
2021-09-24T16:19:06.072941Z ERROR browser_tests[31407:31457]: [als_reader.cc(52)] Missing num of als
2021-09-24T16:19:06.073283Z ERROR browser_tests[31407:31457]: [chrome_browser_main_extra_parts_metrics.cc(230)] crbug.com/1216328: Checking Bluetooth availability started. Please report if there is no report that this ends.
2021-09-24T16:19:06.073310Z ERROR browser_tests[31407:31457]: [chrome_browser_main_extra_parts_metrics.cc(233)] crbug.com/1216328: Checking Bluetooth availability ended.
2021-09-24T16:19:06.073337Z ERROR browser_tests[31407:31457]: [chrome_browser_main_extra_parts_metrics.cc(236)] crbug.com/1216328: Checking default browser status started. Please report if there is no report that this ends.
2021-09-24T16:19:06.073358Z ERROR browser_tests[31407:31457]: [chrome_browser_main_extra_parts_metrics.cc(240)] crbug.com/1216328: Checking default browser status ended.
2021-09-24T16:19:06.085536Z INFO browser_tests[31407:31407]: [key_permissions_manager_impl.cc(534)] One-time key permissions migration succeeded for token: 0.
BrowserTestBase received signal: Segmentation fault. Backtrace:
#0 0x564f24b8af29 base::debug::CollectStackTrace()
#1 0x564f24af2843 base::debug::StackTrace::StackTrace()
#2 0x564f251fd373 content::(anonymous namespace)::DumpStackTraceSignalHandler()
#3 0x7f03d338d040 (/lib/x86_64-linux-gnu/libc-2.27.so+0x3f03f)
#4 0x564f282e0d94 ChromeOmniboxNavigationObserver::DidFinishNavigation()
#5 0x564f22fe1042 content::WebContentsImpl::WebContentsObserverList::NotifyObservers<>()
#6 0x564f22fe92d0 content::WebContentsImpl::DidFinishNavigation()
#7 0x564f22ebdd73 content::NavigationRequest::~NavigationRequest()
#8 0x564f22ebe6bc content::NavigationRequest::~NavigationRequest()
#9 0x564f22ed15f9 content::Navigator::DidNavigate()
#10 0x564f22ee3bcd content::RenderFrameHostImpl::DidCommitNavigationInternal()
#11 0x564f22ee2f2a content::RenderFrameHostImpl::DidCommitNavigation()
#12 0x564f22f02a40 base::internal::FunctorTraits<>::Invoke<>()
#13 0x564f22f029ef base::internal::Invoker<>::RunOnce()
#14 0x564f2296c430 content::mojom::NavigationClient_CommitFailedNavigation_ForwardToCallback::Accept()
#15 0x564f25c35100 mojo::InterfaceEndpointClient::HandleValidatedMessage()
#16 0x564f25c38c00 mojo::MessageDispatcher::Accept()
#17 0x564f25c35e55 mojo::InterfaceEndpointClient::HandleIncomingMessage()
#18 0x564f25df4e02 IPC::(anonymous namespace)::ChannelAssociatedGroupController::AcceptOnEndpointThread()
#19 0x564f25c36d43 base::internal::Invoker<>::RunOnce()
#20 0x564f24b4ea03 base::TaskAnnotator::RunTask()
#21 0x564f24b5f293 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl()
#22 0x564f24b5f049 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#23 0x564f24b5f612 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
#24 0x564f24bc28cb base::MessagePumpLibevent::Run()
#25 0x564f24b5f84d base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run()
#26 0x564f24b316fb base::RunLoop::Run()
#27 0x564f22f433f3 content::BrowserTaskExecutor::RunAllPendingTasksOnThreadForTesting()
#28 0x564f2522df45 content::RunAllPendingInMessageLoop()
#29 0x564f24adaa96 InProcessBrowserTest::PostRunTestOnMainThread()
#30 0x564f251fca24 content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
#31 0x564f24c2b0f9 ChromeBrowserMainParts::PreMainMessageLoopRunImpl()
#32 0x564f24c2a5fe ChromeBrowserMainParts::PreMainMessageLoopRun()
#33 0x564f21bc1f38 chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun()
#34 0x564f22c510ed content::BrowserMainLoop::PreMainMessageLoopRun()
#35 0x564f22fba77c content::StartupTaskRunner::RunAllTasksNow()
chromium#36 0x564f22c50d6a content::BrowserMainLoop::CreateStartupTasks()
#37 0x564f22c53067 content::BrowserMainRunnerImpl::Initialize()
#38 0x564f22c4f832 content::BrowserMain()
chromium#39 0x564f2380f5bd content::RunBrowserProcessMain()
#40 0x564f2381048d content::ContentMainRunnerImpl::RunBrowser()
#41 0x564f2380fffe content::ContentMainRunnerImpl::Run()
chromium#42 0x564f2380e608 content::RunContentProcess()
#43 0x564f2380e6d8 content::ContentMain()
#44 0x564f251fc233 content::BrowserTestBase::SetUp()
#45 0x564f24ad9d91 InProcessBrowserTest::SetUp()
#46 0x564f20de0a86 ash::input_method::(anonymous namespace)::NativeInputMethodEngineTest::SetUp()
#47 0x564f21f21e4f testing::Test::Run()
#48 0x564f21f22785 testing::TestInfo::Run()
#49 0x564f21f22ee1 testing::TestSuite::Run()
#50 0x564f21f2c758 testing::internal::UnitTestImpl::RunAllTests()
#51 0x564f21f2c34b testing::UnitTest::Run()
#52 0x564f24bf0c72 base::TestSuite::Run()
#53 0x564f24aaeed9 BrowserTestSuiteRunnerChromeOS::RunTestSuite()
#54 0x564f2522c62f content::LaunchTests()
#55 0x564f24ab0cf4 LaunchChromeTests()
#56 0x564f24aaee5b main
#57 0x7f03d336fbf7 __libc_start_main
#58 0x564f1f8b94ea _start
from
https://ci.chromium.org/p/chrome/builders/ci/linux-chromeos-chrome/17631

Original change's description:
> Privatise unnecessarily public current_input_method in
> InputMethodManagerImpl::StateImpl.
>
> This involves replacing some direct pokes of current_input_method
> with public GetCurrentInputMethod() that employs a fallback onto
> InputMethodUtil::GetFallbackInputMethodDescriptor() when ID is
> blank. This should be more reasonable and consistent.
>
> Bug: 1134465
> Change-Id: I2c423a58547cc7249efdf8056624623998765aba
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3177760
> Commit-Queue: Bao-Duy Tran <tranbaoduy@chromium.org>
> Reviewed-by: Keith Lee <keithlee@chromium.org>
> Reviewed-by: Curtis McMullan <curtismcmullan@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#924702}

Bug: 1134465
Change-Id: I6144a0ebd7472f31d4b937d9e99b6a6c8bc0eee1
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3182806
Auto-Submit: Mark Pearson <mpearson@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Mark Pearson <mpearson@chromium.org>
Owners-Override: Mark Pearson <mpearson@chromium.org>
Cr-Commit-Position: refs/heads/main@{#924810}
blueboxd pushed a commit that referenced this issue Sep 27, 2021
… CrosState"

This reverts commit 3895114.

Reason for revert: likely cause of failures
Step "chromeos_components_unittests on Ubuntu-18.04" failing on builder "Linux Chromium OS ASan LSan Tests (1)"

The first run with the relevant failures:
https://ci.chromium.org/ui/p/chromium/builders/ci/Linux%20Chromium%20OS%20ASan%20LSan%20Tests%20(1)/40730/overview

The following tests consistently fail starting after this first run:
CrosStateSenderTest.NotificationFeatureStateChanged
CrosStateSenderTest.PerformUpdateCrosStateRetrySequence

The first fails with this stack trace:
---
[ RUN      ] CrosStateSenderTest.NotificationFeatureStateChanged
=================================================================
==4136==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700004b31c at pc 0x5559c16fed11 bp 0x7fffb87b9250 sp 0x7fffb87b9248
READ of size 4 at 0x60700004b31c thread T0
    #0 0x5559c16fed10 in chromeos::multidevice_setup::MultiDeviceSetupClient::GetFeatureState(chromeos::multidevice_setup::mojom::Feature) const ./../../chromeos/services/multidevice_setup/public/cpp/multidevice_setup_client.cc:51:44
    #1 0x5559ce6da0ed in chromeos::phonehub::CrosStateSender::PerformUpdateCrosState() ./../../chromeos/components/phonehub/cros_state_sender.cc:93:34
    #2 0x5559ce6d9e1d in chromeos::phonehub::CrosStateSender::AttemptUpdateCrosState() ./../../chromeos/components/phonehub/cros_state_sender.cc:85:3
    #3 0x5559c17102b7 in chromeos::secure_channel::ConnectionManager::NotifyStatusChanged() ./../../chromeos/services/secure_channel/public/cpp/client/connection_manager.cc:23:14
    #4 0x5559ba7314dc in chromeos::phonehub::CrosStateSenderTest_NotificationFeatureStateChanged_Test::TestBody() ./../../chromeos/components/phonehub/cros_state_sender_unittest.cc:146:29
    #5 0x5559baf612a1 in HandleExceptionsInMethodIfSupported<testing::Test, void> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0
    #6 0x5559baf612a1 in testing::Test::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2706:5
    #7 0x5559baf62ca4 in testing::TestInfo::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2885:11
    #8 0x5559baf647b3 in testing::TestSuite::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:3044:30
    #9 0x5559baf87628 in testing::internal::UnitTestImpl::RunAllTests() ./../../third_party/googletest/src/googletest/src/gtest.cc:5903:44
    #10 0x5559baf86d49 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0
    #11 0x5559baf86d49 in testing::UnitTest::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:5470:10
    #12 0x5559c6e8422f in RUN_ALL_TESTS ./../../third_party/googletest/src/googletest/include/gtest/gtest.h:2492:46
    #13 0x5559c6e8422f in base::TestSuite::Run() ./../../base/test/test_suite.cc:465:16
    #14 0x5559bd07db0e in base::OnceCallback<int ()>::Run() && ./../../base/callback.h:99:12
    #15 0x5559c6e8a853 in base::(anonymous namespace)::LaunchUnitTestsInternal(base::OnceCallback<int ()>, unsigned long, int, unsigned long, bool, base::OnceCallback<void ()>) ./../../base/test/launcher/unit_test_launcher.cc:177:38
    #16 0x5559c6e8a4d5 in base::LaunchUnitTests(int, char**, base::OnceCallback<int ()>, unsigned long) ./../../base/test/launcher/unit_test_launcher.cc:247:10
    #17 0x5559ba482d45 in main ./../../chromeos/components/run_all_unittests.cc:22:10
    #18 0x7f002b751bf6 in __libc_start_main ??:0:0

0x60700004b31c is located 4 bytes to the right of 72-byte region [0x60700004b2d0,0x60700004b318)
allocated by thread T0 here:
    #0 0x5559ba47faed in operator new(unsigned long) /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/asan_new_delete.cpp:95:3
    #1 0x5559c14ad498 in __libcpp_operator_new<unsigned long> ./../../buildtools/third_party/libc++/trunk/include/new:235:10
    #2 0x5559c14ad498 in __libcpp_allocate ./../../buildtools/third_party/libc++/trunk/include/new:261:10
    #3 0x5559c14ad498 in allocate ./../../buildtools/third_party/libc++/trunk/include/__memory/allocator.h:82:38
    #4 0x5559c14ad498 in allocate ./../../buildtools/third_party/libc++/trunk/include/__memory/allocator_traits.h:261:20
    #5 0x5559c14ad498 in std::__1::vector<std::__1::pair<chromeos::multidevice_setup::mojom::Feature, chromeos::multidevice_setup::mojom::FeatureState>, std::__1::allocator<std::__1::pair<chromeos::multidevice_setup::mojom::Feature, chromeos::multidevice_setup::mojom::FeatureState> > >::__vallocate(unsigned long) ./../../buildtools/third_party/libc++/trunk/include/vector:994:37
    #6 0x5559c16fdfe3 in vector<const std::__1::pair<chromeos::multidevice_setup::mojom::Feature, chromeos::multidevice_setup::mojom::FeatureState> *> ./../../buildtools/third_party/libc++/trunk/include/vector:1224:9
    #7 0x5559c16fdfe3 in flat_tree<const std::__1::pair<chromeos::multidevice_setup::mojom::Feature, chromeos::multidevice_setup::mojom::FeatureState> *> ./../../base/containers/flat_tree.h:571:20
    #8 0x5559c16fdfe3 in flat_tree ./../../base/containers/flat_tree.h:595:7
    #9 0x5559c16fdfe3 in flat_tree ./../../base/containers/flat_map.h:211:15
    #10 0x5559c16fdfe3 in chromeos::multidevice_setup::MultiDeviceSetupClient::GenerateDefaultFeatureStatesMap() ./../../chromeos/services/multidevice_setup/public/cpp/multidevice_setup_client.cc:21:10
    #11 0x5559d736b57e in chromeos::multidevice_setup::FakeMultiDeviceSetupClient::FakeMultiDeviceSetupClient() ./../../chromeos/services/multidevice_setup/public/cpp/fake_multidevice_setup_client.cc:13:27
    #12 0x5559ba733ad7 in make_unique<chromeos::multidevice_setup::FakeMultiDeviceSetupClient> ./../../buildtools/third_party/libc++/trunk/include/__memory/unique_ptr.h:725:32
    #13 0x5559ba733ad7 in chromeos::phonehub::CrosStateSenderTest::SetUp() ./../../chromeos/components/phonehub/cros_state_sender_unittest.cc:40:9
    #14 0x5559baf6118e in HandleExceptionsInMethodIfSupported<testing::Test, void> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0
    #15 0x5559baf6118e in testing::Test::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2701:3
    #16 0x5559baf62ca4 in testing::TestInfo::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2885:11
    #17 0x5559baf647b3 in testing::TestSuite::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:3044:30
    #18 0x5559baf87628 in testing::internal::UnitTestImpl::RunAllTests() ./../../third_party/googletest/src/googletest/src/gtest.cc:5903:44
    #19 0x5559baf86d49 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0
    #20 0x5559baf86d49 in testing::UnitTest::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:5470:10
    #21 0x5559c6e8422f in RUN_ALL_TESTS ./../../third_party/googletest/src/googletest/include/gtest/gtest.h:2492:46
    #22 0x5559c6e8422f in base::TestSuite::Run() ./../../base/test/test_suite.cc:465:16
    #23 0x5559bd07db0e in base::OnceCallback<int ()>::Run() && ./../../base/callback.h:99:12
    #24 0x5559c6e8a853 in base::(anonymous namespace)::LaunchUnitTestsInternal(base::OnceCallback<int ()>, unsigned long, int, unsigned long, bool, base::OnceCallback<void ()>) ./../../base/test/launcher/unit_test_launcher.cc:177:38
    #25 0x5559c6e8a4d5 in base::LaunchUnitTests(int, char**, base::OnceCallback<int ()>, unsigned long) ./../../base/test/launcher/unit_test_launcher.cc:247:10
    #26 0x5559ba482d45 in main ./../../chromeos/components/run_all_unittests.cc:22:10
    #27 0x7f002b751bf6 in __libc_start_main ??:0:0

SUMMARY: AddressSanitizer: heap-buffer-overflow (/b/s/w/ir/out/Release/chromeos_components_unittests+0x15f40d10)
Shadow bytes around the buggy address:
  0x0c0e80001610: fa fa fa fa fd fd fd fd fd fd fd fd fd fd fa fa
  0x0c0e80001620: fa fa fd fd fd fd fd fd fd fd fd fd fa fa fa fa
  0x0c0e80001630: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fd fd
  0x0c0e80001640: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd
  0x0c0e80001650: fd fd fd fd fd fd fa fa fa fa 00 00 00 00 00 00
=>0x0c0e80001660: 00 00 00[fa]fa fa fa fa fd fd fd fd fd fd fd fd
  0x0c0e80001670: fd fa fa fa fa fa fd fd fd fd fd fd fd fd fd fd
  0x0c0e80001680: fa fa fa fa 00 00 00 00 00 00 00 00 00 00 fa fa
  0x0c0e80001690: fa fa fd fd fd fd fd fd fd fd fd fd fa fa fa fa
  0x0c0e800016a0: fd fd fd fd fd fd fd fd fd fd fa fa fa fa 00 00
  0x0c0e800016b0: 00 00 00 00 00 00 00 00 fa fa fa fa 00 00 00 00
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==4136==ABORTING
---

The second fails with this one:
---
[ RUN      ] CrosStateSenderTest.PerformUpdateCrosStateRetrySequence
=================================================================
==3811==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700005f9ec at pc 0x5579c6175d11 bp 0x7ffd5e6a0e10 sp 0x7ffd5e6a0e08
READ of size 4 at 0x60700005f9ec thread T0
    #0 0x5579c6175d10 in chromeos::multidevice_setup::MultiDeviceSetupClient::GetFeatureState(chromeos::multidevice_setup::mojom::Feature) const ./../../chromeos/services/multidevice_setup/public/cpp/multidevice_setup_client.cc:51:44
    #1 0x5579d31510ed in chromeos::phonehub::CrosStateSender::PerformUpdateCrosState() ./../../chromeos/components/phonehub/cros_state_sender.cc:93:34
    #2 0x5579d3150e1d in chromeos::phonehub::CrosStateSender::AttemptUpdateCrosState() ./../../chromeos/components/phonehub/cros_state_sender.cc:85:3
    #3 0x5579c61872b7 in chromeos::secure_channel::ConnectionManager::NotifyStatusChanged() ./../../chromeos/services/secure_channel/public/cpp/client/connection_manager.cc:23:14
    #4 0x5579bf1a3085 in chromeos::phonehub::CrosStateSenderTest_PerformUpdateCrosStateRetrySequence_Test::TestBody() ./../../chromeos/components/phonehub/cros_state_sender_unittest.cc:63:29
    #5 0x5579bf9d82a1 in HandleExceptionsInMethodIfSupported<testing::Test, void> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0
    #6 0x5579bf9d82a1 in testing::Test::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2706:5
    #7 0x5579bf9d9ca4 in testing::TestInfo::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2885:11
    #8 0x5579bf9db7b3 in testing::TestSuite::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:3044:30
    #9 0x5579bf9fe628 in testing::internal::UnitTestImpl::RunAllTests() ./../../third_party/googletest/src/googletest/src/gtest.cc:5903:44
    #10 0x5579bf9fdd49 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0
    #11 0x5579bf9fdd49 in testing::UnitTest::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:5470:10
    #12 0x5579cb8fb22f in RUN_ALL_TESTS ./../../third_party/googletest/src/googletest/include/gtest/gtest.h:2492:46
    #13 0x5579cb8fb22f in base::TestSuite::Run() ./../../base/test/test_suite.cc:465:16
    #14 0x5579c1af4b0e in base::OnceCallback<int ()>::Run() && ./../../base/callback.h:99:12
    #15 0x5579cb901853 in base::(anonymous namespace)::LaunchUnitTestsInternal(base::OnceCallback<int ()>, unsigned long, int, unsigned long, bool, base::OnceCallback<void ()>) ./../../base/test/launcher/unit_test_launcher.cc:177:38
    #16 0x5579cb9014d5 in base::LaunchUnitTests(int, char**, base::OnceCallback<int ()>, unsigned long) ./../../base/test/launcher/unit_test_launcher.cc:247:10
    #17 0x5579beef9d45 in main ./../../chromeos/components/run_all_unittests.cc:22:10
    #18 0x7fc58b24bbf6 in __libc_start_main ??:0:0

0x60700005f9ec is located 4 bytes to the right of 72-byte region [0x60700005f9a0,0x60700005f9e8)
allocated by thread T0 here:
    #0 0x5579beef6aed in operator new(unsigned long) /b/s/w/ir/cache/builder/src/third_party/llvm/compiler-rt/lib/asan/asan_new_delete.cpp:95:3
    #1 0x5579c5f24498 in __libcpp_operator_new<unsigned long> ./../../buildtools/third_party/libc++/trunk/include/new:235:10
    #2 0x5579c5f24498 in __libcpp_allocate ./../../buildtools/third_party/libc++/trunk/include/new:261:10
    #3 0x5579c5f24498 in allocate ./../../buildtools/third_party/libc++/trunk/include/__memory/allocator.h:82:38
    #4 0x5579c5f24498 in allocate ./../../buildtools/third_party/libc++/trunk/include/__memory/allocator_traits.h:261:20
    #5 0x5579c5f24498 in std::__1::vector<std::__1::pair<chromeos::multidevice_setup::mojom::Feature, chromeos::multidevice_setup::mojom::FeatureState>, std::__1::allocator<std::__1::pair<chromeos::multidevice_setup::mojom::Feature, chromeos::multidevice_setup::mojom::FeatureState> > >::__vallocate(unsigned long) ./../../buildtools/third_party/libc++/trunk/include/vector:994:37
    #6 0x5579c6174fe3 in vector<const std::__1::pair<chromeos::multidevice_setup::mojom::Feature, chromeos::multidevice_setup::mojom::FeatureState> *> ./../../buildtools/third_party/libc++/trunk/include/vector:1224:9
    #7 0x5579c6174fe3 in flat_tree<const std::__1::pair<chromeos::multidevice_setup::mojom::Feature, chromeos::multidevice_setup::mojom::FeatureState> *> ./../../base/containers/flat_tree.h:571:20
    #8 0x5579c6174fe3 in flat_tree ./../../base/containers/flat_tree.h:595:7
    #9 0x5579c6174fe3 in flat_tree ./../../base/containers/flat_map.h:211:15
    #10 0x5579c6174fe3 in chromeos::multidevice_setup::MultiDeviceSetupClient::GenerateDefaultFeatureStatesMap() ./../../chromeos/services/multidevice_setup/public/cpp/multidevice_setup_client.cc:21:10
    #11 0x5579dbde257e in chromeos::multidevice_setup::FakeMultiDeviceSetupClient::FakeMultiDeviceSetupClient() ./../../chromeos/services/multidevice_setup/public/cpp/fake_multidevice_setup_client.cc:13:27
    #12 0x5579bf1aaad7 in make_unique<chromeos::multidevice_setup::FakeMultiDeviceSetupClient> ./../../buildtools/third_party/libc++/trunk/include/__memory/unique_ptr.h:725:32
    #13 0x5579bf1aaad7 in chromeos::phonehub::CrosStateSenderTest::SetUp() ./../../chromeos/components/phonehub/cros_state_sender_unittest.cc:40:9
    #14 0x5579bf9d818e in HandleExceptionsInMethodIfSupported<testing::Test, void> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0
    #15 0x5579bf9d818e in testing::Test::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2701:3
    #16 0x5579bf9d9ca4 in testing::TestInfo::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:2885:11
    #17 0x5579bf9db7b3 in testing::TestSuite::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:3044:30
    #18 0x5579bf9fe628 in testing::internal::UnitTestImpl::RunAllTests() ./../../third_party/googletest/src/googletest/src/gtest.cc:5903:44
    #19 0x5579bf9fdd49 in HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool> ./../../third_party/googletest/src/googletest/src/gtest.cc:0:0
    #20 0x5579bf9fdd49 in testing::UnitTest::Run() ./../../third_party/googletest/src/googletest/src/gtest.cc:5470:10
    #21 0x5579cb8fb22f in RUN_ALL_TESTS ./../../third_party/googletest/src/googletest/include/gtest/gtest.h:2492:46
    #22 0x5579cb8fb22f in base::TestSuite::Run() ./../../base/test/test_suite.cc:465:16
    #23 0x5579c1af4b0e in base::OnceCallback<int ()>::Run() && ./../../base/callback.h:99:12
    #24 0x5579cb901853 in base::(anonymous namespace)::LaunchUnitTestsInternal(base::OnceCallback<int ()>, unsigned long, int, unsigned long, bool, base::OnceCallback<void ()>) ./../../base/test/launcher/unit_test_launcher.cc:177:38
    #25 0x5579cb9014d5 in base::LaunchUnitTests(int, char**, base::OnceCallback<int ()>, unsigned long) ./../../base/test/launcher/unit_test_launcher.cc:247:10
    #26 0x5579beef9d45 in main ./../../chromeos/components/run_all_unittests.cc:22:10
    #27 0x7fc58b24bbf6 in __libc_start_main ??:0:0

SUMMARY: AddressSanitizer: heap-buffer-overflow (/b/s/w/ir/out/Release/chromeos_components_unittests+0x15f40d10)
Shadow bytes around the buggy address:
  0x0c0e80003ee0: fd fd fd fd fd fd fd fd fd fd fa fa fa fa fd fd
  0x0c0e80003ef0: fd fd fd fd fd fd fd fd fa fa fa fa fd fd fd fd
  0x0c0e80003f00: fd fd fd fd fd fd fa fa fa fa fd fd fd fd fd fd
  0x0c0e80003f10: fd fd fd fd fa fa fa fa fd fd fd fd fd fd fd fd
  0x0c0e80003f20: fd fd fa fa fa fa fd fd fd fd fd fd fd fd fd fd
=>0x0c0e80003f30: fa fa fa fa 00 00 00 00 00 00 00 00 00[fa]fa fa
  0x0c0e80003f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c0e80003f50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c0e80003f60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c0e80003f70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
  0x0c0e80003f80: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07
  Heap left redzone:       fa
  Freed heap region:       fd
  Stack left redzone:      f1
  Stack mid redzone:       f2
  Stack right redzone:     f3
  Stack after return:      f5
  Stack use after scope:   f8
  Global redzone:          f9
  Global init order:       f6
  Poisoned by user:        f7
  Container overflow:      fc
  Array cookie:            ac
  Intra object redzone:    bb
  ASan internal:           fe
  Left alloca redzone:     ca
  Right alloca redzone:    cb
==3811==ABORTING
---

Original change's description:
> [CameraRoll]Send camera roll setting to the Android device in CrosState
>
> Include camera roll setting state as part of CrosState,
> so connected mobile device would be able to get update
> when setting value is toggled.
>
> Change-Id: I04d0ed3872d5adeff5e8f8dc76c6eb6df3a50b9c
> Bug: https://crbug.com/1221297
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3173740
> Commit-Queue: Jianbing Wu <jianbing@google.com>
> Auto-Submit: Jianbing Wu <jianbing@google.com>
> Reviewed-by: Jon Mann <jonmann@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#924995}

Bug: https://crbug.com/1221297
Change-Id: Ic87d96786b4244b27b1e284f801df8799911b1fa
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3184482
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Mark Pearson <mpearson@chromium.org>
Commit-Queue: Jon Mann <jonmann@chromium.org>
Reviewed-by: Jon Mann <jonmann@chromium.org>
Cr-Commit-Position: refs/heads/main@{#925118}
blueboxd pushed a commit that referenced this issue Sep 27, 2021
This reverts commit 37ea471.

Reason for revert: Reverted CL is unrelated to the cited "reason for revert".

Original change's description:
> Revert "Privatise unnecessarily public current_input_method in"
>
> This reverts commit 77e9679.
>
> Reason for revert:
> Likely cause of failure
> Step "browser_tests on Ubuntu-18.04" failing on builder "linux-chromeos-chrome"
>
> The failure is a crash in browser_tests.
>
> This failure is fairly but not perfectly consistent.  In three of the last four runs on this bot, browser_tests failed with something in the NativeInputMethodEngineTest.EmojiSuggestion* suite.  It's not always the same test that fails each time.  Nevertheless, this is pretty indicative that nowadays something is wrong in this suite.  This is the obvious candidate, submitted right when the test became mostly-failing.
>
> Here is the first failure as an example:
> Retrying 1 test (retry #0)
> [ RUN      ] NativeInputMethodEngineTest.EmojiSuggestionDisabledReasonkUrlOrAppNotAllowed
> 2021-09-24T11:30:01.258384Z WARNING browser_tests[27592:27592]: [audio_manager_linux.cc(60)] Falling back to ALSA for audio output. PulseAudio is not available or could not be initialized.
> [434.616] default_socket.cc:58    /run/perfetto/ exists but cannot be accessed. Falling back on /tmp/  (errno: 13, Permission denied)
> 2021-09-24T11:30:01.293097Z WARNING browser_tests[27592:27609]: [wallpaper_decoder.cc(29)] Failed reading file
> 2021-09-24T11:30:01.304548Z ERROR browser_tests[27592:27592]: [print_job_reporting_service_factory.cc(47)] DMToken must be valid
> 2021-09-24T11:30:01.309314Z ERROR browser_tests[27592:27592]: [proximity_auth_profile_pref_manager.cc(194)] Failed to find local state prefs for current user.
> 2021-09-24T11:30:01.332070Z WARNING browser_tests[27592:27592]: [remote_commands_service.cc(188)] Client is not registered.
> 2021-09-24T11:30:01.358975Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T11:30:01.359074Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Cache: 0MB
> 2021-09-24T11:30:01.359110Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.README: 0MB
> 2021-09-24T11:30:01.359138Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T11:30:01.359147Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.WebData: 0MB
> 2021-09-24T11:30:01.359429Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.CodeCache: 0MB
> 2021-09-24T11:30:01.359547Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.SiteCharacteristicsDatabase: 0MB
> 2021-09-24T11:30:01.359581Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Favicons: 0MB
> 2021-09-24T11:30:01.359621Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LoginDataForAccount: 0MB
> 2021-09-24T11:30:01.360073Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.GCache: 0MB
> 2021-09-24T11:30:01.360118Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.History: 0MB
> 2021-09-24T11:30:01.360147Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T11:30:01.360161Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T11:30:01.360173Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T11:30:01.360234Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T11:30:01.360415Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.SyncData: 0MB
> 2021-09-24T11:30:01.361882Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LOCK: 0MB
> 2021-09-24T11:30:01.361936Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LoginData: 0MB
> 2021-09-24T11:30:01.361964Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LOG: 0MB
> 2021-09-24T11:30:01.362091Z WARNING browser_tests[27592:27639]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T11:30:01.412518Z ERROR browser_tests[27592:27592]: [plugin_vm_manager_impl.cc(150)] New session has dispatcher unexpected already running. Perhaps Chrome crashed?
> 2021-09-24T11:30:01.433615Z INFO browser_tests[27592:27592]: [key_permissions_manager_impl.cc(509)] One-time key permissions migration started for token: 0.
> 2021-09-24T11:30:01.451071Z WARNING browser_tests[27592:27592]: [drivefs_session.cc(65)] DriveFs mount failed with error: 3
> 2021-09-24T11:30:01.458878Z WARNING browser_tests[27592:27592]: [login_unlock_throughput_recorder.cc(58)] Zero frames expected in login animation throughput data
> 2021-09-24T11:30:01.464809Z INFO browser_tests[27592:27592]: [android_sms_pairing_state_tracker_impl.cc(71)] No Pairing cookie found
> 2021-09-24T11:30:01.470495Z INFO browser_tests[27592:27592]: [ui_test_utils.cc(224)] NavigateToURL: chrome://newtab/
> 2021-09-24T11:30:01.473373Z WARNING browser_tests[27592:27639]: [google_brand_chromeos.cc(40)] Brand code file missing: /opt/oem/etc/BRAND_CODE
> 2021-09-24T11:30:01.535229Z ERROR browser_tests[27592:27639]: [als_reader.cc(52)] Missing num of als
> 2021-09-24T11:30:01.535643Z ERROR browser_tests[27592:27639]: [chrome_browser_main_extra_parts_metrics.cc(230)] crbug.com/1216328: Checking Bluetooth availability started. Please report if there is no report that this ends.
> 2021-09-24T11:30:01.535680Z ERROR browser_tests[27592:27639]: [chrome_browser_main_extra_parts_metrics.cc(233)] crbug.com/1216328: Checking Bluetooth availability ended.
> 2021-09-24T11:30:01.535688Z ERROR browser_tests[27592:27639]: [chrome_browser_main_extra_parts_metrics.cc(236)] crbug.com/1216328: Checking default browser status started. Please report if there is no report that this ends.
> 2021-09-24T11:30:01.535695Z ERROR browser_tests[27592:27639]: [chrome_browser_main_extra_parts_metrics.cc(240)] crbug.com/1216328: Checking default browser status ended.
> 2021-09-24T11:30:01.555145Z INFO browser_tests[27592:27592]: [key_permissions_manager_impl.cc(534)] One-time key permissions migration succeeded for token: 0.
> BrowserTestBase received signal: Segmentation fault. Backtrace:
> #0 0x556151f72449 base::debug::CollectStackTrace()
> #1 0x556151ed9d73 base::debug::StackTrace::StackTrace()
> #2 0x5561525e4683 content::(anonymous namespace)::DumpStackTraceSignalHandler()
> #3 0x7f7dd56e2040 (/lib/x86_64-linux-gnu/libc-2.27.so+0x3f03f)
> #4 0x5561556c8304 ChromeOmniboxNavigationObserver::DidFinishNavigation()
> #5 0x5561503c8362 content::WebContentsImpl::WebContentsObserverList::NotifyObservers<>()
> #6 0x5561503d05f0 content::WebContentsImpl::DidFinishNavigation()
> #7 0x5561502a5093 content::NavigationRequest::~NavigationRequest()
> #8 0x5561502a59dc content::NavigationRequest::~NavigationRequest()
> #9 0x5561502b8919 content::Navigator::DidNavigate()
> #10 0x5561502caeed content::RenderFrameHostImpl::DidCommitNavigationInternal()
> #11 0x5561502ca24a content::RenderFrameHostImpl::DidCommitNavigation()
> #12 0x5561502e9d60 base::internal::FunctorTraits<>::Invoke<>()
> #13 0x5561502e9d0f base::internal::Invoker<>::RunOnce()
> #14 0x55614fd53470 content::mojom::NavigationClient_CommitFailedNavigation_ForwardToCallback::Accept()
> #15 0x55615301c6e0 mojo::InterfaceEndpointClient::HandleValidatedMessage()
> #16 0x5561530201e0 mojo::MessageDispatcher::Accept()
> #17 0x55615301d435 mojo::InterfaceEndpointClient::HandleIncomingMessage()
> #18 0x5561531dc3e2 IPC::(anonymous namespace)::ChannelAssociatedGroupController::AcceptOnEndpointThread()
> #19 0x55615301e323 base::internal::Invoker<>::RunOnce()
> #20 0x556151f35f23 base::TaskAnnotator::RunTask()
> #21 0x556151f467b3 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl()
> #22 0x556151f46569 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
> #23 0x556151f46b32 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
> #24 0x556151fa9c4b base::MessagePumpLibevent::Run()
> #25 0x556151f46d6d base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run()
> #26 0x556151f18c1b base::RunLoop::Run()
> #27 0x556151ec159d InProcessBrowserTest::RunUntilBrowserProcessQuits()
> #28 0x556151ec207f InProcessBrowserTest::QuitBrowsers()
> #29 0x556151ec1fce InProcessBrowserTest::PostRunTestOnMainThread()
> #30 0x5561525e3d34 content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
> #31 0x556152012479 ChromeBrowserMainParts::PreMainMessageLoopRunImpl()
> #32 0x55615201197e ChromeBrowserMainParts::PreMainMessageLoopRun()
> #33 0x55614efa9b98 chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun()
> #34 0x5561500381cd content::BrowserMainLoop::PreMainMessageLoopRun()
> #35 0x5561503a1a9c content::StartupTaskRunner::RunAllTasksNow()
> chromium#36 0x556150037e4a content::BrowserMainLoop::CreateStartupTasks()
> #37 0x55615003a147 content::BrowserMainRunnerImpl::Initialize()
> #38 0x556150036912 content::BrowserMain()
> chromium#39 0x556150bf6aed content::RunBrowserProcessMain()
> #40 0x556150bf79bd content::ContentMainRunnerImpl::RunBrowser()
> #41 0x556150bf752e content::ContentMainRunnerImpl::Run()
> chromium#42 0x556150bf5b38 content::RunContentProcess()
> #43 0x556150bf5c08 content::ContentMain()
> #44 0x5561525e3543 content::BrowserTestBase::SetUp()
> #45 0x556151ec12c1 InProcessBrowserTest::SetUp()
> #46 0x55614e1c8786 ash::input_method::(anonymous namespace)::NativeInputMethodEngineTest::SetUp()
> #47 0x55614f308e8f testing::Test::Run()
> #48 0x55614f3097c5 testing::TestInfo::Run()
> #49 0x55614f309f21 testing::TestSuite::Run()
> #50 0x55614f313798 testing::internal::UnitTestImpl::RunAllTests()
> #51 0x55614f31338b testing::UnitTest::Run()
> #52 0x556151fd7ff2 base::TestSuite::Run()
> #53 0x556151e96409 BrowserTestSuiteRunnerChromeOS::RunTestSuite()
> #54 0x556152613c1f content::LaunchTests()
> #55 0x556151e98224 LaunchChromeTests()
> #56 0x556151e9638b main
> #57 0x7f7dd56c4bf7 __libc_start_main
> #58 0x55614cca11ea _start
> from
> https://ci.chromium.org/p/chrome/builders/ci/linux-chromeos-chrome/17628
>
> Here is the fourth:  (different test in the same suite, different stack trace):
> [ RUN      ] NativeInputMethodEngineTest.EmojiSuggestionDisabledReasonkUserSettingsOff
> 2021-09-24T16:19:05.593039Z WARNING browser_tests[31407:31407]: [audio_manager_linux.cc(60)] Falling back to ALSA for audio output. PulseAudio is not available or could not be initialized.
> [959.207] default_socket.cc:58    /run/perfetto/ exists but cannot be accessed. Falling back on /tmp/  (errno: 13, Permission denied)
> 2021-09-24T16:19:05.646514Z WARNING browser_tests[31407:31423]: [wallpaper_decoder.cc(29)] Failed reading file
> 2021-09-24T16:19:05.673272Z ERROR browser_tests[31407:31407]: [print_job_reporting_service_factory.cc(47)] DMToken must be valid
> 2021-09-24T16:19:05.678360Z ERROR browser_tests[31407:31407]: [proximity_auth_profile_pref_manager.cc(194)] Failed to find local state prefs for current user.
> 2021-09-24T16:19:05.728926Z WARNING browser_tests[31407:31407]: [remote_commands_service.cc(188)] Client is not registered.
> 2021-09-24T16:19:05.763864Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T16:19:05.763999Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Cache: 0MB
> 2021-09-24T16:19:05.764049Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.README: 0MB
> 2021-09-24T16:19:05.764094Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T16:19:05.764120Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.WebData: 0MB
> 2021-09-24T16:19:05.764270Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.CodeCache: 0MB
> 2021-09-24T16:19:05.764446Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.SiteCharacteristicsDatabase: 0MB
> 2021-09-24T16:19:05.765718Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Favicons: 0MB
> 2021-09-24T16:19:05.765751Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LoginDataForAccount: 0MB
> 2021-09-24T16:19:05.766067Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.GCache: 0MB
> 2021-09-24T16:19:05.766094Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.History: 0MB
> 2021-09-24T16:19:05.766115Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T16:19:05.766123Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T16:19:05.766131Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T16:19:05.766199Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T16:19:05.766336Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LocalStorage: 0MB
> 2021-09-24T16:19:05.766472Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.SyncData: 0MB
> 2021-09-24T16:19:05.766498Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LOCK: 0MB
> 2021-09-24T16:19:05.766524Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LoginData: 0MB
> 2021-09-24T16:19:05.766552Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.LOG: 0MB
> 2021-09-24T16:19:05.766909Z WARNING browser_tests[31407:31433]: [user_data_stats_recorder.cc(186)] Ash.UserDataStatsRecorder.DataSize.Unknown: 0MB
> 2021-09-24T16:19:05.880798Z ERROR browser_tests[31407:31407]: [plugin_vm_manager_impl.cc(150)] New session has dispatcher unexpected already running. Perhaps Chrome crashed?
> 2021-09-24T16:19:05.921761Z INFO browser_tests[31407:31407]: [key_permissions_manager_impl.cc(509)] One-time key permissions migration started for token: 0.
> 2021-09-24T16:19:05.932877Z WARNING browser_tests[31407:31407]: [drivefs_session.cc(65)] DriveFs mount failed with error: 3
> 2021-09-24T16:19:05.951965Z WARNING browser_tests[31407:31407]: [login_unlock_throughput_recorder.cc(58)] Zero frames expected in login animation throughput data
> 2021-09-24T16:19:05.973007Z INFO browser_tests[31407:31407]: [android_sms_pairing_state_tracker_impl.cc(71)] No Pairing cookie found
> 2021-09-24T16:19:05.977396Z WARNING browser_tests[31407:31428]: [google_brand_chromeos.cc(40)] Brand code file missing: /opt/oem/etc/BRAND_CODE
> 2021-09-24T16:19:05.981581Z INFO browser_tests[31407:31407]: [ui_test_utils.cc(224)] NavigateToURL: chrome://newtab/
> 2021-09-24T16:19:06.072941Z ERROR browser_tests[31407:31457]: [als_reader.cc(52)] Missing num of als
> 2021-09-24T16:19:06.073283Z ERROR browser_tests[31407:31457]: [chrome_browser_main_extra_parts_metrics.cc(230)] crbug.com/1216328: Checking Bluetooth availability started. Please report if there is no report that this ends.
> 2021-09-24T16:19:06.073310Z ERROR browser_tests[31407:31457]: [chrome_browser_main_extra_parts_metrics.cc(233)] crbug.com/1216328: Checking Bluetooth availability ended.
> 2021-09-24T16:19:06.073337Z ERROR browser_tests[31407:31457]: [chrome_browser_main_extra_parts_metrics.cc(236)] crbug.com/1216328: Checking default browser status started. Please report if there is no report that this ends.
> 2021-09-24T16:19:06.073358Z ERROR browser_tests[31407:31457]: [chrome_browser_main_extra_parts_metrics.cc(240)] crbug.com/1216328: Checking default browser status ended.
> 2021-09-24T16:19:06.085536Z INFO browser_tests[31407:31407]: [key_permissions_manager_impl.cc(534)] One-time key permissions migration succeeded for token: 0.
> BrowserTestBase received signal: Segmentation fault. Backtrace:
> #0 0x564f24b8af29 base::debug::CollectStackTrace()
> #1 0x564f24af2843 base::debug::StackTrace::StackTrace()
> #2 0x564f251fd373 content::(anonymous namespace)::DumpStackTraceSignalHandler()
> #3 0x7f03d338d040 (/lib/x86_64-linux-gnu/libc-2.27.so+0x3f03f)
> #4 0x564f282e0d94 ChromeOmniboxNavigationObserver::DidFinishNavigation()
> #5 0x564f22fe1042 content::WebContentsImpl::WebContentsObserverList::NotifyObservers<>()
> #6 0x564f22fe92d0 content::WebContentsImpl::DidFinishNavigation()
> #7 0x564f22ebdd73 content::NavigationRequest::~NavigationRequest()
> #8 0x564f22ebe6bc content::NavigationRequest::~NavigationRequest()
> #9 0x564f22ed15f9 content::Navigator::DidNavigate()
> #10 0x564f22ee3bcd content::RenderFrameHostImpl::DidCommitNavigationInternal()
> #11 0x564f22ee2f2a content::RenderFrameHostImpl::DidCommitNavigation()
> #12 0x564f22f02a40 base::internal::FunctorTraits<>::Invoke<>()
> #13 0x564f22f029ef base::internal::Invoker<>::RunOnce()
> #14 0x564f2296c430 content::mojom::NavigationClient_CommitFailedNavigation_ForwardToCallback::Accept()
> #15 0x564f25c35100 mojo::InterfaceEndpointClient::HandleValidatedMessage()
> #16 0x564f25c38c00 mojo::MessageDispatcher::Accept()
> #17 0x564f25c35e55 mojo::InterfaceEndpointClient::HandleIncomingMessage()
> #18 0x564f25df4e02 IPC::(anonymous namespace)::ChannelAssociatedGroupController::AcceptOnEndpointThread()
> #19 0x564f25c36d43 base::internal::Invoker<>::RunOnce()
> #20 0x564f24b4ea03 base::TaskAnnotator::RunTask()
> #21 0x564f24b5f293 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl()
> #22 0x564f24b5f049 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
> #23 0x564f24b5f612 base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork()
> #24 0x564f24bc28cb base::MessagePumpLibevent::Run()
> #25 0x564f24b5f84d base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run()
> #26 0x564f24b316fb base::RunLoop::Run()
> #27 0x564f22f433f3 content::BrowserTaskExecutor::RunAllPendingTasksOnThreadForTesting()
> #28 0x564f2522df45 content::RunAllPendingInMessageLoop()
> #29 0x564f24adaa96 InProcessBrowserTest::PostRunTestOnMainThread()
> #30 0x564f251fca24 content::BrowserTestBase::ProxyRunTestOnMainThreadLoop()
> #31 0x564f24c2b0f9 ChromeBrowserMainParts::PreMainMessageLoopRunImpl()
> #32 0x564f24c2a5fe ChromeBrowserMainParts::PreMainMessageLoopRun()
> #33 0x564f21bc1f38 chromeos::ChromeBrowserMainPartsChromeos::PreMainMessageLoopRun()
> #34 0x564f22c510ed content::BrowserMainLoop::PreMainMessageLoopRun()
> #35 0x564f22fba77c content::StartupTaskRunner::RunAllTasksNow()
> chromium#36 0x564f22c50d6a content::BrowserMainLoop::CreateStartupTasks()
> #37 0x564f22c53067 content::BrowserMainRunnerImpl::Initialize()
> #38 0x564f22c4f832 content::BrowserMain()
> chromium#39 0x564f2380f5bd content::RunBrowserProcessMain()
> #40 0x564f2381048d content::ContentMainRunnerImpl::RunBrowser()
> #41 0x564f2380fffe content::ContentMainRunnerImpl::Run()
> chromium#42 0x564f2380e608 content::RunContentProcess()
> #43 0x564f2380e6d8 content::ContentMain()
> #44 0x564f251fc233 content::BrowserTestBase::SetUp()
> #45 0x564f24ad9d91 InProcessBrowserTest::SetUp()
> #46 0x564f20de0a86 ash::input_method::(anonymous namespace)::NativeInputMethodEngineTest::SetUp()
> #47 0x564f21f21e4f testing::Test::Run()
> #48 0x564f21f22785 testing::TestInfo::Run()
> #49 0x564f21f22ee1 testing::TestSuite::Run()
> #50 0x564f21f2c758 testing::internal::UnitTestImpl::RunAllTests()
> #51 0x564f21f2c34b testing::UnitTest::Run()
> #52 0x564f24bf0c72 base::TestSuite::Run()
> #53 0x564f24aaeed9 BrowserTestSuiteRunnerChromeOS::RunTestSuite()
> #54 0x564f2522c62f content::LaunchTests()
> #55 0x564f24ab0cf4 LaunchChromeTests()
> #56 0x564f24aaee5b main
> #57 0x7f03d336fbf7 __libc_start_main
> #58 0x564f1f8b94ea _start
> from
> https://ci.chromium.org/p/chrome/builders/ci/linux-chromeos-chrome/17631
>
> Original change's description:
> > Privatise unnecessarily public current_input_method in
> > InputMethodManagerImpl::StateImpl.
> >
> > This involves replacing some direct pokes of current_input_method
> > with public GetCurrentInputMethod() that employs a fallback onto
> > InputMethodUtil::GetFallbackInputMethodDescriptor() when ID is
> > blank. This should be more reasonable and consistent.
> >
> > Bug: 1134465
> > Change-Id: I2c423a58547cc7249efdf8056624623998765aba
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3177760
> > Commit-Queue: Bao-Duy Tran <tranbaoduy@chromium.org>
> > Reviewed-by: Keith Lee <keithlee@chromium.org>
> > Reviewed-by: Curtis McMullan <curtismcmullan@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#924702}
>
> Bug: 1134465
> Change-Id: I6144a0ebd7472f31d4b937d9e99b6a6c8bc0eee1
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3182806
> Auto-Submit: Mark Pearson <mpearson@chromium.org>
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Commit-Queue: Mark Pearson <mpearson@chromium.org>
> Owners-Override: Mark Pearson <mpearson@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#924810}

Bug: 1134465
Change-Id: I358d66835e54d67d8d151e3da38da9a8f33d83bc
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3184801
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Darren Shen <shend@chromium.org>
Commit-Queue: Bao-Duy Tran <tranbaoduy@chromium.org>
Cr-Commit-Position: refs/heads/main@{#925158}
blueboxd pushed a commit that referenced this issue Oct 16, 2021
This reverts commit 842626c.

Reason for revert: [sheriff] suspected to cause multiple failures in 
SafetyTipPageInfoBubbleViewBrowserTests on linux-ubsan-vptr:

https://ci.chromium.org/p/chromium/builders/ci/linux-ubsan-vptr/6970

Sample failure:
[ RUN      ] All/SafetyTipPageInfoBubbleViewBrowserTest.BubbleWaitsForVisible/1
[...]
../../chrome/browser/ui/views/page_info/safety_tip_page_info_bubble_view_browsertest.cc:390:23: runtime error: downcast of address 0x180601885e00 which does not point to an object of type 'PageInfoBubbleView'
0x180601885e00: note: object is of type 'PageInfoNewBubbleView'
 00 00 00 00  18 70 11 10 50 56 00 00  80 68 50 01 06 18 00 00  b8 00 00 00 30 00 00 00  00 00 00 00
              ^~~~~~~~~~~~~~~~~~~~~~~
              vptr for 'PageInfoNewBubbleView'
    #0 0x564ffa77d440 in SafetyTipPageInfoBubbleViewBrowserTest::CheckPageInfoShowsSafetyTipInfo(Browser*, security_state::SafetyTipStatus, GURL const&) chrome/browser/ui/views/page_info/safety_tip_page_info_bubble_view_browsertest.cc:390:23
    #1 0x564ffa788397 in SafetyTipPageInfoBubbleViewBrowserTest_BubbleWaitsForVisible_Test::RunTestOnMainThread() chrome/browser/ui/views/page_info/safety_tip_page_info_bubble_view_browsertest.cc:837:3
    #2 0x565002ae1026 in content::BrowserTestBase::ProxyRunTestOnMainThreadLoop() content/public/test/browser_test_base.cc:868:7
    #3 0x565001aae15a in Run base/callback.h:142:12
    #4 0x565001aae15a in ChromeBrowserMainParts::PreMainMessageLoopRunImpl() chrome/browser/chrome_browser_main.cc:1745:38
    #5 0x565001aaba50 in ChromeBrowserMainParts::PreMainMessageLoopRun() chrome/browser/chrome_browser_main.cc:1083:18
    #6 0x564ffd8e2f00 in content::BrowserMainLoop::PreMainMessageLoopRun() content/browser/browser_main_loop.cc:957:28
    #7 0x564ffe307f82 in Run base/callback.h:142:12
    #8 0x564ffe307f82 in content::StartupTaskRunner::RunAllTasksNow() content/browser/startup_task_runner.cc:41:29
    #9 0x564ffd8e2368 in content::BrowserMainLoop::CreateStartupTasks() content/browser/browser_main_loop.cc:865:25
    #10 0x564ffd8e889c in content::BrowserMainRunnerImpl::Initialize(content::MainFunctionParams const&) content/browser/browser_main_runner_impl.cc:131:15
    #11 0x564ffd8dec1e in content::BrowserMain(content::MainFunctionParams const&) content/browser/browser_main.cc:45:32
    #12 0x564fff2a06e8 in content::RunBrowserProcessMain(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner_impl.cc:641:10
    #13 0x564fff2a2e90 in content::ContentMainRunnerImpl::RunBrowser(content::MainFunctionParams&, bool) content/app/content_main_runner_impl.cc:1137:10
    #14 0x564fff2a1f18 in content::ContentMainRunnerImpl::Run(bool) content_main_runner_impl.cc
    #15 0x564fff29dde0 in content::RunContentProcess(content::ContentMainParams const&, content::ContentMainRunner*) content_main.cc
    #16 0x564fff29e7dd in content::ContentMain(content::ContentMainParams const&) content_main.cc
    #17 0x565002adfcff in content::BrowserTestBase::SetUp() content/public/test/browser_test_base.cc:712:3
    #18 0x5650018271c4 in InProcessBrowserTest::SetUp() chrome/test/base/in_process_browser_test.cc:401:20
    #19 0x564ffa79d759 in SafetyTipPageInfoBubbleViewBrowserTest::SetUp() chrome/browser/ui/views/page_info/safety_tip_page_info_bubble_view_browsertest.cc:306:27
    #20 0x564ffb8f8c7d in testing::Test::Run() third_party/googletest/src/googletest/src/gtest.cc:2701:3
    #21 0x564ffb8fa600 in testing::TestInfo::Run() third_party/googletest/src/googletest/src/gtest.cc:2885:11
    #22 0x564ffb8fc1bb in testing::TestSuite::Run() third_party/googletest/src/googletest/src/gtest.cc:3044:30
    #23 0x564ffb9115ca in testing::internal::UnitTestImpl::RunAllTests() third_party/googletest/src/googletest/src/gtest.cc:5903:44
    #24 0x564ffb90fd8c in testing::UnitTest::Run() third_party/googletest/src/googletest/src/gtest.cc:5470:10
    #25 0x565001a12e28 in RUN_ALL_TESTS third_party/googletest/src/googletest/include/gtest/gtest.h:2492:46
    #26 0x565001a12e28 in base::TestSuite::Run() base/test/test_suite.cc:445:16
    #27 0x5650017d0bac in ChromeTestSuiteRunner::RunTestSuiteInternal(ChromeTestSuite*) chrome/test/base/chrome_test_launcher.cc:88:22
    #28 0x5650017d0c1b in ChromeTestSuiteRunner::RunTestSuite(int, char**) chrome_test_launcher.cc
    #29 0x565002b8529b in content::LaunchTests(content::TestLauncherDelegate*, unsigned long, int, char**) content/public/test/test_launcher.cc:409:31
    #30 0x5650017d11b1 in LaunchChromeTests(unsigned long, content::TestLauncherDelegate*, int, char**) chrome/test/base/chrome_test_launcher.cc:284:10
    #31 0x5650017c9dcc in main chrome/test/base/browser_tests_main.cc:61:10
    #32 0x7fc242b01bf6 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21bf6)
    #33 0x564ff76da7e9 in _start (/b/s/w/ir/out/Release/browser_tests+0xe8af7e9)

SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior ../../chrome/browser/ui/views/page_info/safety_tip_page_info_bubble_view_browsertest.cc:390:23 in 

Original change's description:
> Enable PageInfoV2Desktop by default
>
> Enable flag and remove testing config.
>
> Bug: 1188101
> Change-Id: Ifd839436f3d4c0127d15b449bbca84855ccd858f
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3217207
> Reviewed-by: Balazs Engedy <engedy@chromium.org>
> Reviewed-by: Christian Dullweber <dullweber@chromium.org>
> Reviewed-by: Theodore Olsauskas-Warren <sauski@google.com>
> Reviewed-by: Xinghui Lu <xinghuilu@chromium.org>
> Commit-Queue: Olesia Marukhno <olesiamarukhno@google.com>
> Cr-Commit-Position: refs/heads/main@{#931972}

Bug: 1188101
Change-Id: Ic51b9fdc730b7046e24b4d394248218b86eef09d
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3226638
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Owners-Override: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#932067}
blueboxd pushed a commit that referenced this issue Oct 16, 2021
… off"

This reverts commit 7db902d.

Reason for revert: [sheriff] suspected to cause multiple AccountProfileMapperTest failures on linux-lacros-tester-rel:

First failing build: https://ci.chromium.org/p/chromium/builders/ci/linux-lacros-tester-rel/16078

Sample failure:
[ RUN      ] AccountProfileMapperTest.RemovePrimaryAccountFromPrimaryProfile

Received signal 11 SEGV_MAPERR 209300000105
#0 0x5584a2716cd9 base::debug::CollectStackTrace()
#1 0x5584a2684db3 base::debug::StackTrace::StackTrace()
#2 0x5584a2716823 base::debug::(anonymous namespace)::StackDumpSignalHandler()
#3 0x7f9750773980 (/lib/x86_64-linux-gnu/libpthread-2.27.so+0x1297f)
#4 0x5584a269ec4c base::internal::WeakReference::IsValid()
#5 0x55849d569978 base::ObserverList<>::RemoveObserver()
#6 0x5584a2edaf01 ProfileAccountManager::Shutdown()
#7 0x5584a377e0bc DependencyManager::PerformInterlockedTwoPhaseShutdown()
#8 0x5584a1be43ae TestingProfile::~TestingProfile()
#9 0x55849cf239ae (anonymous namespace)::PermissionManagerTestingProfile::~PermissionManagerTestingProfile()
#10 0x5584a2d094bf ProfileDestroyer::DestroyOriginalProfileNow()
#11 0x5584a2d091ed ProfileDestroyer::DestroyProfileWhenAppropriate()
#12 0x5584a2d1a886 ProfileManager::ProfileInfo::~ProfileInfo()
#13 0x5584a1be6fef std::__1::__tree<>::destroy()
#14 0x5584a2d1ca09 ProfileManager::~ProfileManager()
#15 0x5584a1be14ae FakeProfileManager::~FakeProfileManager()
#16 0x5584a1be5d12 TestingProfileManager::~TestingProfileManager()
#17 0x55849dc1309b AccountProfileMapperTest_GetAccounts_Test::~AccountProfileMapperTest_GetAccounts_Test()
#18 0x55849ef2f92c testing::TestInfo::Run()
#19 0x55849ef30617 testing::TestSuite::Run()


Original change's description:
> [Lacros] Do not create AccountProfileMapper if the feature is off
>
> AccountProfileMapper should only be created if the
> kMultiProfileAccountConsistency feature is enabled. Otherwise, it might
> have negative side-effects like deleting user profiles.
>
> To add a DCHECK(kMultiProfileAccountConsistency) to
> AccountProfileMapper,
> this CL also enables kMultiProfileAccountConsistency in all related
> unit tests. This appears to be a non-trivial task because ProfileManager
> will now create its own instance of AccountProfileMapper that doesn't
> use an AccountManagerFacade mock.
>
> This CL adds a TestingProfileManager::SetAccountProfileMapper() methods
> to inject a fake instance for testing.
>
> Bug: 1226045
> Change-Id: I69f74aed3f4bd9bdb107912d5e92872d53691a07
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3222809
> Reviewed-by: David Roger <droger@chromium.org>
> Commit-Queue: Alex Ilin <alexilin@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#931942}

Bug: 1226045
Change-Id: If5ee60910f6cba1aabc407dba814448f538a2d39
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3227179
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Alex Moshchuk <alexmos@chromium.org>
Owners-Override: Alex Moshchuk <alexmos@chromium.org>
Cr-Commit-Position: refs/heads/main@{#932071}
blueboxd pushed a commit that referenced this issue Nov 26, 2021
(cherry picked from commit 1ef26d2)

Bug: 1258348
Change-Id: I955b2ac1120d7477e940ba56e6f2e765d95e4234
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3216926
Commit-Queue: Joel Hockey <joelhockey@chromium.org>
Reviewed-by: Timothy Loh <timloh@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#930029}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3216776
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/4664@{#14}
Cr-Branched-From: 24dc4ee-refs/heads/main@{#929512}
blueboxd pushed a commit that referenced this issue Jan 5, 2022
It turns out that exo::ExtendedDragSource class can benefit from
overriding both OnWindowVisibilityChanging() and
OnWindowVisibilityChanged() hooks.

In [1], the use of OnWindowVisibilityChanging() hook was changed by
OnWindowVisibilityChanged(), since according to the existing Ash's
drag'n drop logic, by the time
ash::ToplevelWindowEventHandler::AttemptToStartDrag() is called
the window state should be up to date, something that occurs in
ash::TabletModeWindowManager::OnWindowVisibilityChanged().

However, it turns how that Lacros needs to set ash::kIsDraggingTabsKey
property as soon as possible, so that undesirable window resizes don't
take place during the drag'n drop beginning - causing the window to
flicker.

This CL reintroduces OnWindowVisibilityChanging() hook, and
moves some of the logic in OnWindowVisibilityChanged() into it,
In practice, it avoids Lacros from flicking when starting a drag'n
drop (see stack trace below)

[1] https://crrev.com/c/3254858

 #9 0x7f8f4dda154a ash::TabletModeWindowState::UpdateBounds() <-- calls aura::Window::SetBounds()
 #10 0x7f8f4dda0e0e ash::TabletModeWindowState::UpdateWindow()
 #11 0x7f8f4dda16ef ash::TabletModeWindowState::AttachState()
 #12 0x7f8f4ddcd304 ash::WindowState::SetStateObject()
 #13 0x7f8f4dda03b1 ash::TabletModeWindowState::TabletModeWindowState()
 #14 0x7f8f4dd98830 ash::TabletModeWindowManager::TrackWindow()
 #15 0x7f8f4dd995a7 ash::TabletModeWindowManager::OnWindowVisibilityChanged()
 #16 0x7f8f4ff664fc aura::Window::NotifyWindowVisibilityChangedAtReceiver()
 #17 0x7f8f4ff661c6 aura::Window::NotifyWindowVisibilityChangedDown()
 #18 0x7f8f4ff652d7 aura::Window::NotifyWindowVisibilityChanged()
 #19 0x7f8f4ff6002a aura::Window::SetVisibleInternal()
 #20 0x7f8f4ff5fcaa aura::Window::Show()
 #21 0x7f8f4f371b3b views::NativeWidgetAura::Show()
 #22 0x7f8f4f3260b8 views::Widget::Show()
 #23 0x55d01acb6fd6 exo::ShellSurfaceBase::CommitWidget()
 #24 0x55d01acb6b78 exo::ShellSurfaceBase::OnSurfaceCommit()
 #25 0x55d01ac7d90d exo::Surface::Commit()
 (..)

BUG=1252941
R=oshima@chromium.org

Change-Id: Ib6ba73d3bb2a90a3ac180c974f292bec39c1b3d4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3365554
Reviewed-by: Mitsuru Oshima <oshima@chromium.org>
Commit-Queue: Antonio Gomes <tonikitoo@igalia.com>
Cr-Commit-Position: refs/heads/main@{#955327}
blueboxd pushed a commit that referenced this issue Jan 15, 2022
This reverts commit 6ff1599.

Reason for revert: Seems to have caused browser_test failures on linux-chromeos-chrome 

https://ci.chromium.org/p/chrome/builders/ci/linux-chromeos-chrome/19698
rowserTestBase received signal: Segmentation fault. Backtrace:
#0 0x563ae696f899 base::debug::CollectStackTrace()
#1 0x563ae68d6683 base::debug::StackTrace::StackTrace()
#2 0x563ae6ff8293 content::(anonymous namespace)::DumpStackTraceSignalHandler()
#3 0x7f9ac9026040 (/lib/x86_64-linux-gnu/libc-2.27.so+0x3f03f)
#4 0x563ae7720266 PrefChangeRegistrar::RemoveAll()
#5 0x563ae7720222 PrefChangeRegistrar::~PrefChangeRegistrar()
#6 0x563ae2f37095 std::__1::unique_ptr<>::reset()
#7 0x563ae3696a1b policy::ActiveDirectoryMigrationManager::~ActiveDirectoryMigrationManager()
#8 0x563ae3696a38 policy::ActiveDirectoryMigrationManager::~ActiveDirectoryMigrationManager()
#9 0x563ae369a699 policy::BrowserPolicyConnectorAsh::~BrowserPolicyConnectorAsh()
#10 0x563ae369a6fe policy::BrowserPolicyConnectorAsh::~BrowserPolicyConnectorAsh()
#11 0x563ae6a0edbd BrowserProcessImpl::~BrowserProcessImpl()
#12 0x563ae6a0edea BrowserProcessImpl::~BrowserProcessImpl()
#13 0x563ae6a668e9 browser_shutdown::ShutdownPostThreadsStop()
#14 0x563ae6a0e226 ChromeBrowserMainParts::PostDestroyThreads()
#15 0x563ae349ef9b ash::ChromeBrowserMainPartsAsh::PostDestroyThreads()
#16 0x563ae495d2d9 content::BrowserMainLoop::ShutdownThreadsAndCleanUp()
#17 0x563ae495e53c content::BrowserMainRunnerImpl::Shutdown()
#18 0x563ae495a9ce content::BrowserMain()
#19 0x563ae555e819 content::RunBrowserProcessMain()
#20 0x563ae555f8e0 content::ContentMainRunnerImpl::RunBrowser()
#21 0x563ae555f431 content::ContentMainRunnerImpl::Run()
#22 0x563ae555d209 content::RunContentProcess()
#23 0x563ae555d861 content::ContentMain()
#24 0x563ae6ff6f2b content::BrowserTestBase::SetUp()
#25 0x563ae68bf947 InProcessBrowserTest::SetUp()
#26 0x563ae3b0fbed testing::Test::Run()
#27 0x563ae3b10520 testing::TestInfo::Run()
#28 0x563ae3b10ce1 testing::TestSuite::Run()
#29 0x563ae3b1a61a testing::internal::UnitTestImpl::RunAllTests()
#30 0x563ae3b1a219 testing::UnitTest::Run()
#31 0x563ae69d5af8 base::TestSuite::Run()
#32 0x563ae688bfa1 BrowserTestSuiteRunnerChromeOS::RunTestSuite()
#33 0x563ae70407b7 content::LaunchTests()
#34 0x563ae688e77a LaunchChromeTests()
#35 0x563ae688bf23 main
chromium#36 0x7f9ac9008bf7 __libc_start_main
#37 0x563ae134462a _start

Original change's description:
> Remote powerwash on Chromad via policy
>
> Implement remote powerwash on Chromad, using the recently added
> ChromadToCloudMigrationEnabled policy. The powerwash will be used to
> start the migration of AD managed devices into cloud management. Besides
> having the new policy enabled, the device needs to be on the login
> screen and the enrollment ID must have already been uploaded to
> DMServer.
>
> Bug: 1209246
> Change-Id: I6a67b8a8a43c28bc5f03f27e96d0415f69b6bc83
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3141873
> Reviewed-by: Maksim Ivanov <emaxx@chromium.org>
> Reviewed-by: Roman Sorokin <rsorokin@chromium.org>
> Reviewed-by: Colin Blundell <blundell@chromium.org>
> Commit-Queue: Felipe Andrade <fsandrade@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#959123}

Bug: 1209246
Change-Id: If067abcf2a9289ebacaeb240b1f67749c305509c
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3389555
Auto-Submit: Scott Violet <sky@chromium.org>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#959243}
blueboxd pushed a commit that referenced this issue Jan 20, 2022
This reverts commit 65b9357.

Reason for revert: Made linux-chromeos-rel very unhappy

First failure:
https://ci.chromium.org/ui/p/chromium/builders/ci/linux-chromeos-rel/54339/overview

Example stack trace:
BrowserTestBase received signal: Segmentation fault. Backtrace:
#0 0x5602878b1df9 base::debug::CollectStackTrace()
#1 0x560287814a63 base::debug::StackTrace::StackTrace()
#2 0x560287f236f9 content::(anonymous namespace)::DumpStackTraceSignalHandler()
#3 0x7f5dca479040 (/lib/x86_64-linux-gnu/libc-2.27.so+0x3f03f)
#4 0x56028382eb06 std::__1::__tree<>::__erase_unique<>()
#5 0x5602849cda7e crosapi::BrowserManager::StopKeepAlive()
#6 0x5602877e163f std::__1::unique_ptr<>::reset()
#7 0x5602877e0fa2 crosapi::test::AshBrowserTestStarter::~AshBrowserTestStarter()
#8 0x5602877ff1b3 std::__1::unique_ptr<>::reset()
#9 0x560287f22469 content::BrowserTestBase::SetUp()
#10 0x5602877fd219 InProcessBrowserTest::SetUp()
#11 0x560284bb448d testing::Test::Run()
#12 0x560284bb4e28 testing::TestInfo::Run()
#13 0x560284bb55e3 testing::TestSuite::Run()
#14 0x560284bbecd5 testing::internal::UnitTestImpl::RunAllTests()
#15 0x560284bbe8e7 testing::UnitTest::Run()
#16 0x560287919f5a base::TestSuite::Run()
#17 0x5602877c996f BrowserTestSuiteRunnerChromeOS::RunTestSuite()
#18 0x560287f6ba53 content::LaunchTests()
#19 0x5602877cc08e LaunchChromeTests()
#20 0x5602877c98f1 main
#21 0x7f5dca45bbf7 __libc_start_main
#22 0x56028236e7ea _start


Original change's description:
> Make Lacros lifetime closer to real use.
>
> We started to enable Lacros's KeepAlive for AppService.
> Following that, now AshBrowserTestStarter uses it to make it
> closer to the real use cases.
>
> To avoid name conflict, put AshBrowserTestStarter to crosapi::test
> namespace.
>
> BUG=1277898
> TEST=Ran browser_tests.
>
> Change-Id: I007e2cf5dc75cf581b3fdca595c18b2a9fbc8c5c
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3386527
> Reviewed-by: Sven Zheng <svenzheng@chromium.org>
> Reviewed-by: David Tseng <dtseng@chromium.org>
> Commit-Queue: Hidehiko Abe <hidehiko@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#960880}

Bug: 1277898
Change-Id: I5d1b9053bb82d0a5593f8ffaf5a70ff66cd72618
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3401559
Auto-Submit: Leonard Grey <lgrey@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Owners-Override: Leonard Grey <lgrey@chromium.org>
Commit-Queue: Leonard Grey <lgrey@chromium.org>
Cr-Commit-Position: refs/heads/main@{#960983}
blueboxd pushed a commit that referenced this issue Feb 3, 2022
This reverts commit 07167c1.

Reason for revert: break version skew testing

Original change's description:
> [lacros skew tests] Refresh skew tests for M94
>
> This CL updates the ash version 94.0.4606.124 for Lacros version skew testing.
> If this CL caused regressions, please revert and stop the autoroller
> at https://luci-scheduler.appspot.com/jobs/chrome/lacros-version-skew-roller
> Also please file a bug to OS>LaCrOS>Partner, and CC svenzheng@chromium.org,
> liaoyuke@chromium.org, yjt@google.com.
>
> R=​rubber-stamper@appspot.gserviceaccount.com
>
> Bug: None
> Change-Id: I12f7af0c3d0e5a65ceb1121f229e5d64e4a332cd
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3328895
> Auto-Submit: chrome-weblayer-builder <chrome-weblayer-builder@chops-service-accounts.iam.gserviceaccount.com>
> Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
> Cr-Commit-Position: refs/branch-heads/4758@{#2}
> Cr-Branched-From: 4a2cf4b-refs/heads/main@{#950365}

No-Presubmit: True
No-Try: True
Bug: 1279481
Change-Id: Iaaf28345835d4405f31c4a8336c73129886b655a
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3335185
Reviewed-by: Garrett Beaty <gbeaty@google.com>
Commit-Queue: Sven Zheng <svenzheng@chromium.org>
Cr-Commit-Position: refs/branch-heads/4758@{#14}
Cr-Branched-From: 4a2cf4b-refs/heads/main@{#950365}
blueboxd pushed a commit that referenced this issue Mar 30, 2022
This CL is used to prepare for CL:3547984 to enable the
AppServiceOnAppUpdateWithoutMojom flag.

With the mojom AppService, web apps are not published to
AppRegistryCache until the web app registry becomes ready, because
subscribers_ is empty:
https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/web_applications/app_service/web_apps.cc;l=296

Only when WebApps::StartPublishingWebApps is called after web app
provider is ready, subscribers_ has valid subscriber and can publish web
apps:
https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/web_applications/app_service/web_apps.cc;l=351

With non mojom AppService, even if the web app registry is not ready,
the web apps can be published to the non mojom AppRegistryCache, because
subscribers_ is not used to publish the non mojom web apps.

This different behavior might break the test
SystemWebAppManagerUninstallBrowserTest::Uninstall, which verifies the
mock system web app added in the pre test is removed:
https://source.chromium.org/chromium/chromium/src/+/main:chrome/browser/web_applications/web_app_id_constants.cc;l=105
Call stack:
#6 0x55e407b17a54 web_app::WebApps::PublishWebApp()
#7 0x55e407b1410b web_app::WebAppPublisherHelper::OnWebAppWillBeUninstalled()
#8 0x55e40a479ec9 web_app::WebAppInstallManager::NotifyWebAppWillBeUninstalled()
#9 0x55e40a4951d4 web_app::WebAppUninstallJob::Start()
#10 0x55e40a472bee web_app::WebAppInstallFinalizer::UninstallWebAppInternal()
#11 0x55e40a472659 web_app::WebAppInstallFinalizer::UninstallExternalWebAppOrRemoveSource()
#12 0x55e40a4725d0 web_app::WebAppInstallFinalizer::UninstallExternalWebApp()
#13 0x55e40a4727ad web_app::WebAppInstallFinalizer::UninstallExternalWebAppByUrl()
#14 0x55e40a43a988 web_app::ExternallyManagedAppManagerImpl::UninstallApps()
#15 0x55e40a438c37 web_app::ExternallyManagedAppManager::SynchronizeInstalledApps()

In the test, SynchronizeInstalledApps is called at the very early stage,
before StartPublishingWebApps is called, so actually the mock system web
app is neither removed, nor added with mojom AppService, but it is added
to the non mojom AppRegistryCache as kUninstallByUser status.

This CL modifies the web apps for the non mojom AppService, to add a
flag to check whether the web app registry becomes ready. And publish
the non mojom web apps only when the the web app registry becomes ready,
to keep the consistent behavior as the mojom AppService.

BUG=1253250

Change-Id: I8f4ddd292747f2f7fb9c10a855684bd0d091a307
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3555225
Reviewed-by: Dominick Ng <dominickn@chromium.org>
Commit-Queue: Nancy Wang <nancylingwang@chromium.org>
Cr-Commit-Position: refs/heads/main@{#986874}
blueboxd pushed a commit that referenced this issue Jun 22, 2022
(cherry picked from commit 22916a3)

Bug: 1317113
Change-Id: Ic653d0ce82f1c801716588da964751ae76b5684f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3646813
Reviewed-by: Ben Pastene <bpastene@chromium.org>
Commit-Queue: Struan Shrimpton <sshrimp@google.com>
Cr-Original-Commit-Position: refs/heads/main@{#1003789}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3650996
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5060@{#14}
Cr-Branched-From: b83393d-refs/heads/main@{#1002911}
blueboxd pushed a commit that referenced this issue Aug 31, 2022
This reverts commit 395b2b1.

Reason for revert: the following test cases fail
- MediaFoundationRendererIntegrationTest.BasicPlayback
- MediaFoundationRendererIntegrationTest.BasicPlayback_MediaSource

on Windows 10/Asan

with the failure log:

[ RUN      ] MediaFoundationRendererIntegrationTest.BasicPlayback
=================================================================
==644==ERROR: AddressSanitizer: access-violation on unknown address 0x000000000008 (pc 0x7ff6889a1e92 bp 0x00c26c4fe5f0 sp 0x00c26c4fe560 T0)
==644==The signal is caused by a READ memory access.
==644==Hint: address points to the zero page.
==644==*** WARNING: Failed to initialize DbgHelp!              ***
==644==*** Most likely this means that the app is already      ***
==644==*** using DbgHelp, possibly with incompatible flags.    ***
==644==*** Due to technical reasons, symbolization might crash ***
==644==*** or produce wrong results.                           ***
    #0 0x7ff6889a1e91 in base::RepeatingCallback<void (const base::UnguessableToken &, const gfx::Size &, base::TimeDelta)>::Run C:\b\s\w\ir\cache\builder\src\base\callback.h:263
    #1 0x7ff6889a1e91 in media::MediaFoundationRenderer::RequestNextFrame(void) C:\b\s\w\ir\cache\builder\src\media\renderers\win\media_foundation_renderer.cc:1022:23
    #2 0x7ff68899bed8 in media::MediaFoundationRenderer::OnPlaying(void) C:\b\s\w\ir\cache\builder\src\media\renderers\win\media_foundation_renderer.cc:838:3
    #3 0x7ff68a04bb3a in base::OnceCallback<void ()>::Run C:\b\s\w\ir\cache\builder\src\base\callback.h:145
    #4 0x7ff68a04bb3a in base::TaskAnnotator::RunTaskImpl(struct base::PendingTask &) C:\b\s\w\ir\cache\builder\src\base\task\common\task_annotator.cc:133:32
    #5 0x7ff68ac91059 in base::TaskAnnotator::RunTask C:\b\s\w\ir\cache\builder\src\base\task\common\task_annotator.h:72
    #6 0x7ff68ac91059 in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWorkImpl(class base::LazyNow *) C:\b\s\w\ir\cache\builder\src\base\task\sequence_manager\thread_controller_with_message_pump_impl.cc:422:21
    #7 0x7ff68ac90046 in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::DoWork(void) C:\b\s\w\ir\cache\builder\src\base\task\sequence_manager\thread_controller_with_message_pump_impl.cc:292:41
    #8 0x7ff68acc53da in base::MessagePumpDefault::Run(class base::MessagePump::Delegate *) C:\b\s\w\ir\cache\builder\src\base\message_loop\message_pump_default.cc:39:55
    #9 0x7ff68ac9316b in base::sequence_manager::internal::ThreadControllerWithMessagePumpImpl::Run(bool, class base::TimeDelta) C:\b\s\w\ir\cache\builder\src\base\task\sequence_manager\thread_controller_with_message_pump_impl.cc:575:12
    #10 0x7ff68960a00c in base::RunLoop::Run(class base::Location const &) C:\b\s\w\ir\cache\builder\src\base\run_loop.cc:141:14
    #11 0x7ff68942c9a7 in media::PipelineIntegrationTestBase::RunUntilQuitOrError(class base::RunLoop *) C:\b\s\w\ir\cache\builder\src\media\test\pipeline_integration_test_base.cc:697:13
    #12 0x7ff689424636 in media::PipelineIntegrationTestBase::RunUntilQuitOrEndedOrError(class base::RunLoop *) C:\b\s\w\ir\cache\builder\src\media\test\pipeline_integration_test_base.cc:709:3
    #13 0x7ff689424449 in media::PipelineIntegrationTestBase::WaitUntilEndedOrError(void) C:\b\s\w\ir\cache\builder\src\media\test\pipeline_integration_test_base.cc:226:5
    #14 0x7ff689423ac4 in media::PipelineIntegrationTestBase::WaitUntilOnEnded(void) C:\b\s\w\ir\cache\builder\src\media\test\pipeline_integration_test_base.cc:217:27
    #15 0x7ff686ce4597 in media::MediaFoundationRendererIntegrationTest_BasicPlayback_Test::TestBody(void) C:\b\s\w\ir\cache\builder\src\media\renderers\win\media_foundation_renderer_integration_test.cc:92:3
    #16 0x7ff6870b0c77 in testing::Test::Run(void) C:\b\s\w\ir\cache\builder\src\third_party\googletest\src\googletest\src\gtest.cc:2670:5
    #17 0x7ff6870b2c3b in testing::TestInfo::Run(void) C:\b\s\w\ir\cache\builder\src\third_party\googletest\src\googletest\src\gtest.cc:2849:11
    #18 0x7ff6870b498e in testing::TestSuite::Run(void) C:\b\s\w\ir\cache\builder\src\third_party\googletest\src\googletest\src\gtest.cc:3008:30
    #19 0x7ff6870d772f in testing::internal::UnitTestImpl::RunAllTests(void) C:\b\s\w\ir\cache\builder\src\third_party\googletest\src\googletest\src\gtest.cc:5866:44
    #20 0x7ff6870d6bd5 in testing::UnitTest::Run(void) C:\b\s\w\ir\cache\builder\src\third_party\googletest\src\googletest\src\gtest.cc:5440:10
    #21 0x7ff6896d7a69 in RUN_ALL_TESTS C:\b\s\w\ir\cache\builder\src\third_party\googletest\src\googletest\include\gtest\gtest.h:2284
    #22 0x7ff6896d7a69 in base::TestSuite::Run(void) C:\b\s\w\ir\cache\builder\src\base\test\test_suite.cc:463:16
    #23 0x7ff6896dc4ed in base::OnceCallback<int ()>::Run C:\b\s\w\ir\cache\builder\src\base\callback.h:145
    #24 0x7ff6896dc4ed in base::`anonymous namespace'::LaunchUnitTestsInternal C:\b\s\w\ir\cache\builder\src\base\test\launcher\unit_test_launcher.cc:181:38
    #25 0x7ff6896dc0ba in base::LaunchUnitTests(int, char **, class base::OnceCallback<(void)>, unsigned __int64) C:\b\s\w\ir\cache\builder\src\base\test\launcher\unit_test_launcher.cc:272:10
    #26 0x7ff686dcc7f9 in main C:\b\s\w\ir\cache\builder\src\media\test\run_all_unittests.cc:52:10
    #27 0x7ff68c67712b in invoke_main d:\a01\_work\12\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:78
    #28 0x7ff68c67712b in __scrt_common_main_seh d:\a01\_work\12\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
    #29 0x7fff384a2773  (C:\Windows\System32\KERNEL32.DLL+0x180012773)
    #30 0x7fff386e0d50  (C:\Windows\SYSTEM32\ntdll.dll+0x180070d50)

AddressSanitizer can not provide additional info.
SUMMARY: AddressSanitizer: access-violation C:\b\s\w\ir\cache\builder\src\base\callback.h:263 in base::RepeatingCallback<void (const base::UnguessableToken &, const gfx::Size &, base::TimeDelta)>::Run
==644==ABORTING

Original change's description:
> [MediaFoundation] Request next frame during onPlaying event
>
> OS: Win10, Win11
>
> During OnPlaying event, a frame request should be called to get
> the first frame to output at the earliest possible time. This
> is the earliest time when a frame is available. Current
> implementation waits for render to be called, while
> StartPlayingFrom's call for RequestNextFrameBetweenTimestamps
> may not output a result if the media engine is not yet ready
> to output a frame.
>
> Bug: 1355520
> Change-Id: Ice60ac41ca4b8cae9b0687626e93017d0a4406f0
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3852409
> Reviewed-by: Xiaohan Wang <xhwang@chromium.org>
> Commit-Queue: Daoyuan Li <daoyuanli@microsoft.com>
> Reviewed-by: Daniel Cheng <dcheng@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1041097}

Bug: 1355520
Change-Id: Ic483e314ce14e3f187691df772515eacea387cb1
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3863075
Commit-Queue: Asami Doi <asamidoi@chromium.org>
Owners-Override: Asami Doi <asamidoi@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Auto-Submit: Asami Doi <asamidoi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1041256}
blueboxd pushed a commit that referenced this issue Aug 31, 2022
The change addresses a problem where the zero-prefix suggestions have
disappeared from the shortcuts widget.

The shortcuts widget is in a transitional state, where it may soon
be presenting content with on-focus suggestions for the SRP, but
until that time comes, it's not exactly matching the "typical"
scenario where the zero-prefix suggestions are shown.

The goal is to be sure we continue to present suggestions on this
surface.

(cherry picked from commit ca0a3c7)

Bug: 1346402
Change-Id: I1bf93c74c05ce09d8acb1250d61950825a20cf5c
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3781747
Reviewed-by: Moe Ahmadi <mahmadi@chromium.org>
Commit-Queue: Tomasz Wiszkowski <ender@google.com>
Cr-Original-Commit-Position: refs/heads/main@{#1027044}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3784759
Commit-Queue: Moe Ahmadi <mahmadi@chromium.org>
Auto-Submit: Tomasz Wiszkowski <ender@google.com>
Cr-Commit-Position: refs/branch-heads/5195@{#14}
Cr-Branched-From: 7aa3f07-refs/heads/main@{#1027018}
blueboxd pushed a commit that referenced this issue Aug 31, 2022
branched fuchsia-binary-size is builderless, but we don't have 16-core
builderless try machines. This changes it so that the branched versions
will use 8 cores.

(cherry picked from commit 9dd5127)

Bug: 1355319
Change-Id: Ia46843d2d9c65bb3f746bd89931e87f37ea2ad70
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3846410
Auto-Submit: Garrett Beaty <gbeaty@google.com>
Commit-Queue: Ben Pastene <bpastene@chromium.org>
Reviewed-by: Ben Pastene <bpastene@chromium.org>
Cr-Original-Commit-Position: refs/branch-heads/5249@{#14}
Cr-Original-Branched-From: 4f7bea5-refs/heads/main@{#1036826}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3846294
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5195@{#800}
Cr-Branched-From: 7aa3f07-refs/heads/main@{#1027018}
blueboxd pushed a commit that referenced this issue Sep 2, 2022
Enabling ozone_unittests on linux bots revealed some problems
with downcasting. In particular, linux-ubsan-vptr bot started to
fail with the following error message -

./../ui/ozone/platform/wayland/host/wayland_data_drag_controller.cc:515:10: runtime error: downcast of address 0x2ccc00349e00 which does not point to an object of type 'const WaylandExchangeDataProvider'
0x2ccc00349e00: note: object is of type 'ui::OSExchangeDataProviderNonBacked'
 00 00 00 00  28 3b f6 e3 f0 55 00 00  01 00 00 00 00 00 00 00  20 b1 26 00 cc 2c 00 00  28 00 00 00
              ^~~~~~~~~~~~~~~~~~~~~~~
              vptr for 'ui::OSExchangeDataProviderNonBacked'
    #0 0x55f0e331831c in GetOfferedExchangeDataProvider ui/ozone/platform/wayland/host/wayland_data_drag_controller.cc:515:10
    #1 0x55f0e331831c in ui::WaylandDataDragController::StartSession(ui::OSExchangeData const&, int, ui::mojom::DragEventSource) ui/ozone/platform/wayland/host/wayland_data_drag_controller.cc:133:23
    #2 0x55f0e3366bbc in ui::WaylandWindow::StartDrag(ui::OSExchangeData const&, int, ui::mojom::DragEventSource, ui::Cursor, bool, base::OnceCallback<void (ui::mojom::DragOperation)>, ui::WmDragHandler::LocationDelegate*) ui/ozone/platform/wayland/host/wayland_window.cc:227:45
    #3 0x55f0e2b28c32 in ui::WaylandDataDragControllerTest_AsyncNoopStartDrag_Test::TestBody() ui/ozone/platform/wayland/host/wayland_data_drag_controller_unittest.cc:973:28
    #4 0x55f0e2e26ab1 in testing::Test::Run() third_party/googletest/src/googletest/src/gtest.cc:2670:5
    #5 0x55f0e2e28046 in testing::TestInfo::Run() third_party/googletest/src/googletest/src/gtest.cc:2849:11
    #6 0x55f0e2e29beb in testing::TestSuite::Run() third_party/googletest/src/googletest/src/gtest.cc:3008:30
    #7 0x55f0e2e3fafe in testing::internal::UnitTestImpl::RunAllTests() third_party/googletest/src/googletest/src/gtest.cc:5866:44
    #8 0x55f0e2e3e604 in testing::UnitTest::Run() third_party/googletest/src/googletest/src/gtest.cc:5440:10
    #9 0x55f0e34276d1 in RUN_ALL_TESTS third_party/googletest/src/googletest/include/gtest/gtest.h:2284:73
    #10 0x55f0e34276d1 in base::TestSuite::Run() base/test/test_suite.cc:463:16
    #11 0x55f0e342b9dc in Run base/callback.h:145:12
    #12 0x55f0e342b9dc in base::(anonymous namespace)::LaunchUnitTestsInternal(base::OnceCallback<int ()>, unsigned long, int, unsigned long, bool, base::RepeatingCallback<void ()>, base::OnceCallback<void ()>) base/test/launcher/unit_test_launcher.cc:181:38
    #13 0x55f0e342b877 in base::LaunchUnitTests(int, char**, base::OnceCallback<int ()>, unsigned long) base/test/launcher/unit_test_launcher.cc:272:10
    #14 0x55f0e2acc2cc in main mojo/core/test/run_all_unittests.cc:69:10
    #15 0x7ff7560d4082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16
    #16 0x55f0e2ab4169 in _start (/home/msisov/code/chromium/src/out/asan/ozone_unittests+0xb13169) (BuildId: 77bfee5b71bd92da)

It turned out that WaylandDataDragController was getting a non-backed provider
as a Wayland one wasn't set (it's set during OzonePlatformWayland initialization
in production). As a result, downcasting to WaylandExchangeDataProvider
was illegal in tests. It's unknown why tests didn't fail. Probably,
the result of the WaylandDataDragController::GetOfferedExchangeDataProvider
was never used. And the problem with downcasting was only caught with
this new bot.

Bug: 1358123
Change-Id: I4c8deb16a57b485de1fabd91fdcaab136d5da639
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3865512
Commit-Queue: Maksim Sisov <msisov@igalia.com>
Reviewed-by: Alexander Dunaev <adunaev@igalia.com>
Cr-Commit-Position: refs/heads/main@{#1041976}
blueboxd pushed a commit that referenced this issue Sep 29, 2022
branched fuchsia-binary-size is builderless, but we don't have 16-core
builderless try machines. This changes it so that the branched versions
will use 8 cores.

Bug: 1355319
Change-Id: Ia46843d2d9c65bb3f746bd89931e87f37ea2ad70
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3846410
Auto-Submit: Garrett Beaty <gbeaty@google.com>
Commit-Queue: Ben Pastene <bpastene@chromium.org>
Reviewed-by: Ben Pastene <bpastene@chromium.org>
Cr-Commit-Position: refs/branch-heads/5249@{#14}
Cr-Branched-From: 4f7bea5-refs/heads/main@{#1036826}
blueboxd pushed a commit that referenced this issue Oct 21, 2022
`char16_t` (which `UChar` is defined as) cannot be used to alias general memory.
Yet we try to use it to read a `blink::QualifiedName::QualifiedNameImpl` among other things.

This is UB, and gcc -O2 misoptimizes it. When chromium is compiled with allocator shim, this manifests as an immediate crash:

  * frame #0: 0x0000556e1280927b electron`FreelistCorruptionDetected [inlined] operator() at partition_freelist_entry.h:31
    frame #1: 0x0000556e1280927a electron`FreelistCorruptionDetected(extra=48) at partition_freelist_entry.h:31
    frame #2: 0x0000556e129dd167 electron`partition_alloc::internal::PartitionBucket<true>::SlowPathAlloc(partition_alloc::PartitionRoot<true>*, unsigned int, unsigned long, unsigned long, bool*) at partition_freelist_entry.h:303
    frame #3: 0x0000556e129dd162 electron`partition_alloc::internal::PartitionBucket<true>::SlowPathAlloc(partition_alloc::PartitionRoot<true>*, unsigned int, unsigned long, unsigned long, bool*) [inlined] partition_alloc::internal::PartitionFreelistEntry::GetNext(unsigned long) const at partition_freelist_entry.h:328
    frame #4: 0x0000556e129dd162 electron`partition_alloc::internal::PartitionBucket<true>::SlowPathAlloc(partition_alloc::PartitionRoot<true>*, unsigned int, unsigned long, unsigned long, bool*) [inlined] partition_alloc::internal::SlotSpanMetadata<true>::PopForAlloc(unsigned long) at partition_page.h:739
    frame #5: 0x0000556e129dd162 electron`partition_alloc::internal::PartitionBucket<true>::SlowPathAlloc(this=0x0000556e19292598, root=0x0000556e19292500, flags=33, raw_size=<unavailable>, slot_span_alignment=48, is_already_zeroed=0x00007ffe8f1196f7) at partition_bucket.cc:1354
    frame #6: 0x0000556e129ddbc0 electron`partition_alloc::ThreadCache::FillBucket(unsigned long) at partition_root.h:1076
    frame #7: 0x0000556e129ddbbb electron`partition_alloc::ThreadCache::FillBucket(this=<unavailable>, bucket_index=5755259732000) at thread_cache.cc:607
    frame #8: 0x0000556e129dfd3a electron`base::internal::PartitionMalloc(base::allocator::AllocatorDispatch const*, unsigned long, void*) at thread_cache.h:525
    frame #9: 0x0000556e129dfd18 electron`base::internal::PartitionMalloc(base::allocator::AllocatorDispatch const*, unsigned long, void*) at partition_root.h:1742
    frame #10: 0x0000556e129dfb18 electron`base::internal::PartitionMalloc((null)=<unavailable>, size=40, context=<unavailable>) at allocator_shim_default_dispatch_to_partition_alloc.cc:304
    frame #11: 0x0000556e128dbe43 electron`::malloc(unsigned long) at allocator_shim.cc:201:37
    frame #12: 0x0000556e128dbe30 electron`::malloc(size=40) at allocator_shim_override_libc_symbols.h:35:20
    frame #13: 0x0000556e16c0f6e6 electron`WTF::HashTableAddResult<WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>, blink::QualifiedName::QualifiedNameImpl*> WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>::InsertPassingHashCode<WTF::HashSetTranslatorAdapter<blink::QNameComponentsTranslator>, blink::QualifiedNameData&, blink::QualifiedNameData&>(blink::QualifiedNameData&, blink::QualifiedNameData&) (.constprop.0) [inlined] WTF::RefCounted<blink::QualifiedName::QualifiedNameImpl, WTF::DefaultRefCountedTraits<blink::QualifiedName::QualifiedNameImpl>>::operator new(unsigned long) at ref_counted.h:44
    frame #14: 0x0000556e16c0f6e1 electron`WTF::HashTableAddResult<WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>, blink::QualifiedName::QualifiedNameImpl*> WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>::InsertPassingHashCode<WTF::HashSetTranslatorAdapter<blink::QNameComponentsTranslator>, blink::QualifiedNameData&, blink::QualifiedNameData&>(blink::QualifiedNameData&, blink::QualifiedNameData&) (.constprop.0) [inlined] blink::QualifiedName::QualifiedNameImpl::Create((null)=<unavailable>, (null)=<unavailable>, (null)=<unavailable>, (null)=<unavailable>) at qualified_name.h:62
    frame #15: 0x0000556e16c0f6dd electron`WTF::HashTableAddResult<WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>, blink::QualifiedName::QualifiedNameImpl*> WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>::InsertPassingHashCode<WTF::HashSetTranslatorAdapter<blink::QNameComponentsTranslator>, blink::QualifiedNameData&, blink::QualifiedNameData&>(blink::QualifiedNameData&, blink::QualifiedNameData&) (.constprop.0) at qualified_name.cc:69
    frame #16: 0x0000556e16c0f6ba electron`WTF::HashTableAddResult<WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>, blink::QualifiedName::QualifiedNameImpl*> WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>::InsertPassingHashCode<WTF::HashSetTranslatorAdapter<blink::QNameComponentsTranslator>, blink::QualifiedNameData&, blink::QualifiedNameData&>(blink::QualifiedNameData&, blink::QualifiedNameData&) (.constprop.0) [inlined] void WTF::HashSetTranslatorAdapter<blink::QNameComponentsTranslator>::Translate<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedNameData&, blink::QualifiedNameData>(blink::QualifiedName::QualifiedNameImpl*&, blink::QualifiedNameData&, blink::QualifiedNameData const&, unsigned int) at hash_set.h:184
    frame #17: 0x0000556e16c0f6ba electron`WTF::HashTableAddResult<WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>, blink::QualifiedName::QualifiedNameImpl*> WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>::InsertPassingHashCode<WTF::HashSetTranslatorAdapter<blink::QNameComponentsTranslator>, blink::QualifiedNameData&, blink::QualifiedNameData&>((null)=<unavailable>, (null)=<unavailable>, (null)=<unavailable>) (.constprop.0) at hash_table.h:1481
    frame #18: 0x0000556e1492f9cf electron`blink::QualifiedName::QualifiedName(WTF::AtomicString const&, WTF::AtomicString const&, WTF::AtomicString const&) [inlined] WTF::HashTableAddResult<WTF::HashTable<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedName::QualifiedNameImpl*, WTF::IdentityExtractor, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>, blink::QualifiedName::QualifiedNameImpl*> WTF::HashSet<blink::QualifiedName::QualifiedNameImpl*, blink::QualifiedNameHash, WTF::HashTraits<blink::QualifiedName::QualifiedNameImpl*>, WTF::PartitionAllocator>::AddWithTranslator<blink::QNameComponentsTranslator, blink::QualifiedNameData&>(blink::QualifiedNameData&) at hash_set.h:307
    frame #19: 0x0000556e1492f9ca electron`blink::QualifiedName::QualifiedName((null)=<unavailable>, (null)=<unavailable>, (null)=<unavailable>, (null)=<unavailable>) at qualified_name.cc:81

When chromium is compiled with system malloc, this manifests as graphical glitches, followed by a crash much later on.

It is worth noting that this exact code snippet was discussed on the GCC bugtracker in 2014
(predating the forking of Chromium from WebKit):
https://gcc.gnu.org/bugzilla/show_bug.cgi?id=60546#c21

The corresponding code no longer exists in WebKit.

Attached patch makes the HashMemory function type-safe without changing the API for other users of StringHasher.

Bug: 819294
Change-Id: Iac11ec77501c2f1d6d01db85d5b9d544adeaf71d
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/3968507
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Kentaro Hara <haraken@chromium.org>
Auto-Submit: Bruno Pitrus <brunopitrus@hotmail.com>
Cr-Commit-Position: refs/heads/main@{#1061939}
blueboxd pushed a commit that referenced this issue Nov 30, 2022
In View::HandleAccessibleAction, accessibility sends both a press and
release mouse event to the view instance.

Unfortunately, if the view deletes itself immediately after receiving
the mouse press event, the subsequent mouse release event causes a UAF.

e.g. for illustrative purposes, here's the flow:

bool HandleAccessibleAction(...) {
  view->OnEvent(mouse_press);
  // |view| is now deleted.
  view->OnEvent(mouse_release);
  // UAF.
}

Fix this by overriding HandleAccessibleAction in the self-deleting view.

Notes:
The deletion stack for the WindowCycleItemView is
    #3 0x560338183db8 in operator() buildtools/third_party/libc++/trunk/include/__memory/unique_ptr.h:49:5
    #4 0x560338183db8 in reset buildtools/third_party/libc++/trunk/include/__memory/unique_ptr.h:281:7
    #5 0x560338183db8 in ~unique_ptr buildtools/third_party/libc++/trunk/include/__memory/unique_ptr.h:247:75
    #6 0x560338183db8 in views::View::DoRemoveChildView(views::View*, bool, bool, views::View*) ui/views/view.cc:2739:1
    #7 0x560338183fe4 in views::View::RemoveAllChildViews() ui/views/view.cc:341:5
    #8 0x560333f50cbb in ash::WindowCycleView::DestroyContents() ash/wm/window_cycle/window_cycle_view.cc:379:3
    #9 0x560333f4b3e7 in ash::WindowCycleList::~WindowCycleList() ash/wm/window_cycle/window_cycle_list.cc:139:18
    #10 0x560333f4b747 in ash::WindowCycleList::~WindowCycleList() ash/wm/window_cycle/window_cycle_list.cc:117:37
    #11 0x560333f475e8 in operator() buildtools/third_party/libc++/trunk/include/__memory/unique_ptr.h:49:5
    #12 0x560333f475e8 in reset buildtools/third_party/libc++/trunk/include/__memory/unique_ptr.h:281:7
    #13 0x560333f475e8 in ash::WindowCycleController::StopCycling() ash/wm/window_cycle/window_cycle_controller.cc:421:22
    #14 0x560333f5944c in ash::WindowCycleItemView::OnMousePressed(ui::MouseEvent const&) ash/wm/window_cycle/window_cycle_item_view.cc:53:44
    #15 0x560338193ae2 in views::View::ProcessMousePressed(ui::MouseEvent const&) ui/views/view.cc:3109:23
    #16 0x56033819362d in views::View::OnMouseEvent(ui::MouseEvent*) ui/views/view.cc:1492:11

Bug: 1380602
Change-Id: I2533dc299c0f5f5bb32efa130e6d564cb70d4613
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4046647
Commit-Queue: David Tseng <dtseng@chromium.org>
Reviewed-by: Xiaoqian Dai <xdai@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1076637}
blueboxd pushed a commit that referenced this issue Feb 8, 2023
Adds additional image ref for a client if it has never had a decode/
upload task requested. Otherwise, the client will try to unref the
image more times than the image's ref count's number is and the process
will crash as the image will not be presented in the cache.

(cherry picked from commit c7aa039)

Bug: 1400712
Change-Id: Ia9268a7621b2860ca776cbd6c43880c7607ff379
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4110588
Reviewed-by: Kyle Charbonneau <kylechar@chromium.org>
Commit-Queue: Maksim Sisov <msisov@igalia.com>
Cr-Original-Commit-Position: refs/heads/main@{#1084396}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4114024
Cr-Commit-Position: refs/branch-heads/5481@{#14}
Cr-Branched-From: 130f3e4-refs/heads/main@{#1084008}
blueboxd pushed a commit that referenced this issue Feb 21, 2023
Change-Id: I4472b985c1e3e86fdb11513b94014f57c1c60696
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4246538
Bot-Commit: Chrome Release Bot (LUCI) <chrome-official-brancher@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5481_77@{#14}
Cr-Branched-From: 65ed616-refs/branch-heads/5481@{#839}
Cr-Branched-From: 130f3e4-refs/heads/main@{#1084008}
blueboxd pushed a commit that referenced this issue Mar 7, 2023
Change-Id: Iade55a57fdb94772bcb4d298d325bfd5d10e6771
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4197709
Bot-Commit: Chrome Release Bot (LUCI) <chrome-official-brancher@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5563@{#14}
Cr-Branched-From: 3ac59a6-refs/heads/main@{#1097615}
blueboxd pushed a commit that referenced this issue Apr 14, 2023
…112.0.5599.0-r1 to 112-5594.0-1676889839-benchmark-112.0.5615.5-r1

If this roll has caused a breakage, revert this CL and stop the roller
using the controls here:
https://autoroll.skia.org/r/cros-afdo-atom-chromium-beta
Please CC c-compiler-chrome@google.com on the revert to ensure that a human
is aware of the problem.

To file a bug in Chromium Beta Branch: https://bugs.chromium.org/p/chromium/issues/entry

To report a problem with the AutoRoller itself, please file a bug:
https://bugs.chromium.org/p/skia/issues/entry?template=Autoroller+Bug

Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+doc/main/autoroll/README.md

Tbr: c-compiler-chrome@google.com
Change-Id: I3d85275e67dbd906a5c386efb70fc292cbb80ae8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4292761
Commit-Queue: Chrome Release Autoroll <chromium-release-autoroll@skia-public.iam.gserviceaccount.com>
Bot-Commit: Chrome Release Autoroll <chromium-release-autoroll@skia-public.iam.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5615@{#14}
Cr-Branched-From: 9c6408e-refs/heads/main@{#1109224}
blueboxd pushed a commit that referenced this issue May 9, 2023
Change-Id: I082416a0820002adf622afa8e5e2c7aa72a47be8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4368620
Bot-Commit: Chrome Release Bot (LUCI) <chrome-official-brancher@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5672@{#14}
Cr-Branched-From: 5f2a724-refs/heads/main@{#1121455}
blueboxd pushed a commit that referenced this issue May 27, 2023
Change-Id: Ic1ff28d4ce78dd5c038d35a40ce3d33cdac966e7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4481798
Bot-Commit: Chrome Release Bot (LUCI) <chrome-official-brancher@chops-service-accounts.iam.gserviceaccount.com>
Cr-Commit-Position: refs/branch-heads/5735@{#14}
Cr-Branched-From: 2f562e4-refs/heads/main@{#1135570}
blueboxd pushed a commit that referenced this issue Jul 29, 2023
…enderer"

This reverts commit 758e5e4.

Reason for revert: https://bugs.chromium.org/p/chromium/issues/detail?id=1466474

Original change's description:
> Don't bounds-check a history API navigation's offset in the renderer
>
> When a history API navigation occurs (e.g., history.go(-2)), we
> currently check whether the given offset is in-bounds before sending
> the navigation to the browser. The spec and WPT expect an async step
> to occur (i.e., going to the browser) so that we can take into
> account any pending back/forward navigations in offset calculation.
>
> However, when a history API navigation begins, we pause virtual time
> if the navigation is in-bounds only. If we can't check that in
> the renderer, we need of notifying the renderer that a history API
> navigation was out of bounds so that we can unpause virtual time.
> Add a case to the TraverseCancelled() message to unpause virtual
> time and call it for out-of-bounds history API navigations.
> (Note that TraverseCancelled() is currently only used for navigation
> API traversals, but there's nothing stopping us from using the same
> plumbing for this case).
>
> This change gives us the correct behavior when history.back()
> and history.forward() are called in rapid succession while at the
> front of the back/forward list. The forward() should be calculated
> from the pending entry for the back() navigation, resulting in
> the two navigations cancelling each other out. The renderer doesn't
> know what the pending offset is, so it thinks the forward() is trying
> to go out-of-bounds and incorrectly rejects that navigation.
>
> Change-Id: I36bfbe8211df5cad9f6cefeee659514299805434
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4496257
> Reviewed-by: Nasko Oskov <nasko@chromium.org>
> Commit-Queue: Nate Chapin <japhet@chromium.org>
> Reviewed-by: Andrey Kosyakov <caseq@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1138110}

(cherry picked from commit bb74c5a)

Change-Id: I7470d39396b2cd93f220eafbe99b352e299075ad
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4708547
Commit-Queue: Nate Chapin <japhet@chromium.org>
Reviewed-by: Alex Moshchuk <alexmos@chromium.org>
Cr-Original-Commit-Position: refs/heads/main@{#1173757}
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/4711868
Reviewed-by: Krishna Govind <govind@chromium.org>
Commit-Queue: Prudhvikumar Bommana <pbommana@google.com>
Owners-Override: Krishna Govind <govind@chromium.org>
Cr-Commit-Position: refs/branch-heads/5790_90@{#14}
Cr-Branched-From: 86fb9d0-refs/branch-heads/5790@{#1583}
Cr-Branched-From: 1d71a33-refs/heads/main@{#1148114}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants