The code touched here wasn't consistent in its use of const, but
generally used it in a shallow-const fashion where even vending write
access to a block of memory could be done via a const method.
This causes problems when trying to enforce stricter lifetime checks on
writable spans, because either the code gets confused about whether the
accesses are read-only (it tries to look for the constness of the
returned pointers and can't figure out what to do if things don't
match everywhere) or it thinks something unsafe or non-sane is happening
(write access to rvalues makes no sense, for example, but read access
might in the context of a short-lived call).
Instead consistently model deep constness, which is compliant with
Chrome's style rules on const and fixes all these issues. Mostly, this
means changing const members/ref args to non-const ones.
Bug: 372381413
Change-Id: I2735c52fbf0f32b813055cbb46f7c15b09eb025f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5939406
Reviewed-by: Daniel Cheng <dcheng@chromium.org>
Owners-Override: Daniel Cheng <dcheng@chromium.org>
Auto-Submit: Peter Kasting <pkasting@chromium.org>
Reviewed-by: Fred Shih <ffred@chromium.org>
Reviewed-by: Alex Gough <ajgo@chromium.org>
Commit-Queue: Daniel Cheng <dcheng@chromium.org>
Code-Coverage: findit-for-me@appspot.gserviceaccount.com <findit-for-me@appspot.gserviceaccount.com>
Cr-Commit-Position: refs/heads/main@{#1373012}
There were two subclasses creating their own SiteInstances. This
consolidates those calls into the base class instead, since there's no
real benefit to separating them.
Bug: 374253381
Change-Id: I1f32bcb0bac03685e2904e1e6fd5dc88a5a027fb
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5958008
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Commit-Queue: mmenke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372996}
Update the Web Bluetooth Mojo interface to use the ReadOnlyBuffer type
so that the generated C++ bindings use base::span, which doesn't require
copying the GATT characteristic or descriptor value out of the Mojo
message just so that it can be put into an std::vector.
Right now in the write case the value still needs to be copied into a
std::vector in order to call into //device/bluetooth. Updating this
interface to use base::span can be done in a follow-up patch to remove
the now explicit std::vector constructor invocations.
Change-Id: I1f21e97ebf28ea38ddb49bed9e7500ee04809968
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5954717
Auto-Submit: Reilly Grant <reillyg@chromium.org>
Reviewed-by: Jack Hsieh <chengweih@chromium.org>
Reviewed-by: Matthew Denton <mpdenton@chromium.org>
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Commit-Queue: Reilly Grant <reillyg@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372994}
This CL moves the SetBrowserClientForTesting() call,
StartIsolatingSite() call, and TestBrowserContext construction from
subclasses up to AuctionProcessManagerTestBase, further consolidating
test setup into one place.
Bug: 374253381
Change-Id: I5599288bde13002a54edd947be5be96a0e0c2e12
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5958267
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Commit-Queue: mmenke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372981}
This will be used as a start trigger for recording Chrometto traces,
which will only be uploaded if the navigation experienced a renderer
hang.
Bug: 40615943
Change-Id: I2b7df6c335692faef251f74ce235a8e1716988a4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5953177
Reviewed-by: Charlie Reis <creis@chromium.org>
Auto-Submit: Rakina Zata Amni <rakina@chromium.org>
Commit-Queue: Rakina Zata Amni <rakina@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372973}
Importing blink mojo types into other directories that aren't blink causes imports of internal blink header files (WTF::String/Vector/HashMap). This can then be abused by the caller to create structures that it shouldn't have access to. This is preliminary cleanup for adding an enforcement to the blink mojo header files.
Change-Id: I0aa1e30f07f595023191af1c96cdf58a258dc118
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5953880
Commit-Queue: Dave Tapuska <dtapuska@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372961}
This reverts commit 5a9b8c0acd.
Reason for revert: https://crbug.com/374940921 -- somehow crashing WebRTC.
Original change's description:
> Video: Ensure Android report correct framerate and resolution support
>
> Similar to crrev.com/c/5850062, we should query a list of
> the max supported resolution and framerates instead of using
> only one. MediaCodec already provides the API for us to query
> the max supported framerate using a given resolution, so this
> CL changed to use that API, using a list of the possible
> resolutions to query the framerate, which could makes the
> framerate result accurate.
>
> Bug: 371247952
> Change-Id: I99c4e49cfe6a2680fddede2d414c3216150c6135
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5943936
> Reviewed-by: Dale Curtis <dalecurtis@chromium.org>
> Commit-Queue: Sida Zhu <zhusida@bytedance.com>
> Cr-Commit-Position: refs/heads/main@{#1371781}
Bug: 371247952
Change-Id: Ib9e64b549b29bc1538e6ab3a71851ecab6cb534f
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5956141
Auto-Submit: Dale Curtis <dalecurtis@chromium.org>
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Commit-Queue: Dale Curtis <dalecurtis@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372856}
This CL introduces a ProcessMode enum to the AuctionProcessManagerTests
to distinguish the three modes of operation under test, and consolidates
the configuration for the three states in AuctionProcessManagerTestBase,
which takes the enum as an argument from subclasses.
In a followup CL, that enum will also be used to create the correct
type of AuctionProcessManager.
Bug: 374253381
Change-Id: Iefb85c7f7537da190f09c7f9e12cd1318c477037
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5954804
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Commit-Queue: mmenke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372812}
Local font indexing has moved to Fontations since M129. Now that this
ran for one stable release cycle, remove the previous FreeType
implementation and the respective flag.
Bug: chromium:349952802
Change-Id: Id4ba883204e24bb5142bc1112e41d32c5d366815
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5952467
Commit-Queue: Dominik Röttsches <drott@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372803}
The CL adds stylus handwriting event properties,
handwriting_pointer_id and handwriting_stroke_id, to
ui::TouchEvent. Both properties are essential for
communication with ShellHandwriting API to request
handwriting for a pointer and initiate the experience.
The handwriting pointer id is an unmapped pointer id
supplied by the OS. The handwriting stroke id is supplied by
the OS based on the pointer id. The browser calls
`GetHandwritingStrokeIdForPointer()` from
shellhandwriting.h to retrieve the id for the given pointer.
Both fields are intended to stay within the browser process
and not to be shared with other processes or used outside
stylus handwriting feature context.
Bug: 355578906
Change-Id: I7768586f9b5d6d4f2ee80923e64c5ccd18005da8
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5912139
Reviewed-by: Allen Bauer <kylixrd@chromium.org>
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Reviewed-by: Hidehiko Abe <hidehiko@chromium.org>
Commit-Queue: Yaroslav Shalivskyy <yshalivskyy@microsoft.com>
Cr-Commit-Position: refs/heads/main@{#1372776}
- Use forward declarations where possible
- Use more concise/precise local variable names
- Reduce local variable scope
- Consolidate flat_map find/erase operations
- Remove obsolete field trial param
- Introduce helper methods/lambdas to reduce duplicated code
- Inline single-use anonymous-namespace functions
- Replace unnecessary iterator parameters with references
- Move optionals before dereferencing for better use-after-move
detection
- Clean up includes and using aliases
NO_IFTTT=minor code reorganization
Change-Id: I2732d0fec920bc3bad1c725ae852a38c3d9ff4d5
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5952148
Commit-Queue: Andrew Paseltiner <apaseltiner@chromium.org>
Reviewed-by: Nan Lin <linnan@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372766}
Make AXTreeSnapshotterImpl a subclass of RenderFrameObserver, and call
RenderFrameObserver::render_frame() to get access to the RenderFrame
pointer. Then AXTreeSnapshotterImpl does not need to manage a
RenderFrame pointer itself, which can then become dangling.
Fix lint errors along the way.
Bug: 371445200
Change-Id: I8a4726590ed49de2740d48b52201b3623590d68a
Low-Coverage-Reason: TESTS_IN_SEPARATE_CL need to fix the bug first, otherwise test will crash.
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5955671
Reviewed-by: Abigail Klein <abigailbklein@google.com>
Commit-Queue: Lei Zhang <thestig@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372759}
On some builders the death test was failing because an assert had an
unexpected message. Removed the death test: there's no need to test for
an invalid handle since it's blocked at the Mojo layer.
Bug: 375065072
Change-Id: I09d0882e9a207b5440d3018edf5b2db8ab579980
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5953918
Commit-Queue: Nasko Oskov <nasko@chromium.org>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Auto-Submit: Joe Mason <joenotcharles@google.com>
Cr-Commit-Position: refs/heads/main@{#1372758}
Before this CL, we run the cancel animation if the navigation is
waiting for the BeforeUnload message. This is very conservative as a
page can register a BeforeUnload listener but doesn't perform anything.
This CL changes the behavior, in that we only play the cancel animation
to bring the active page back if a BeforeUnload dialog is shown.
Cq-Include-Trybots: luci.chromium.try:android-12-x64-rel,android-12l-x64-dbg,android-13-x64-rel,android-14-x64-rel,android-15-x64-rel,android-pie-x86-rel,android-oreo-x86-rel
Fixed: 364694410
Change-Id: Idbe86b5ae5879965fd0559a60ebb47e5b82d3de7
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5919513
Reviewed-by: Khushal Sagar <khushalsagar@chromium.org>
Commit-Queue: William Liu <liuwilliam@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372747}
GetNavigationEntryScreenshotCache() asserts the frame tree is primary.
However during WebContents destruction, the frame tree is reset before
the animator, so the navigation controller (owned by the FrameTree) back
pointer is a UAF.
This CL adds a shortcut to destroy the animator as the "first" thing
during the WebContents's destruction. Then the animator can still
perform the clean up tasks while the navigation controller is still
valid.
Bug: 373898450
Change-Id: I0d793d536ca99700cf7f8c324f562131f2a480c4
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5948024
Commit-Queue: William Liu <liuwilliam@chromium.org>
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372744}
In particular, switch to using GetWorkletType() instead of GetParam()
in preparation for adding a second parameter.
Also rename GetParamInverse() to GetOtherWorkletType() and
GetPendingRequestsOfParamType() to GetPendingRequestsOfWorkletType().
Merge GetActiveProcesses() and GetActiveProcessesOfParamType() to a
single GetActiveProcessesOfWorkletType() method that takes an optional
worklet type.
Bug: 374253381
Change-Id: I3e9eeaf5dfa523542217f5bd148dbde548bac072
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5953094
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Commit-Queue: mmenke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372725}
Remove unused Layer attachment/detachment APIs from the Shell management
system. This includes:
- Removing forward declaration of cc::Layer
- Removing ShellAttachLayer() and ShellRemoveLayer() functions
These APIs are no longer needed as layer management is now handled
elsewhere in the system.
Bug: None
Change-Id: I7e161d7dbb70100b6e40c254b710d4f5adfbaf09
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5952671
Reviewed-by: Avi Drissman <avi@chromium.org>
Commit-Queue: Abhijeet Kandalkar <abhijeet@igalia.com>
Cr-Commit-Position: refs/heads/main@{#1372722}
handling on Viz.
This CL does the following:
* Hooks up creation of appropriate RenderInputRouterSupport* class to mirror
RenderWidgetHostViewInput interface implementation in Viz for a FrameSinkId.
This information is stored in FrameSinkMetadata structure.
* Adds traversal methods, namely Get(Parent|Root)RenderInputRouterSupport to
InputManager, allowing getting parent/root RenderInputRouterSupportBase* class
from a child frame. Added tests for the traversals.
* Refactors RenderWidgetHostViewInput interface and implements some additional
methods for the same interface in RenderInputRouterSupportBase.
Doc Link:
https://docs.google.com/document/d/1tRPUd11fuPcXxb2ep_kGYPahgv0OOlV7DvsGkbom7VA/
Bug: b:367695776, b:373888054
Change-Id: Ia61f1848abc0598f7f385a6b4d1202109ca3fa71
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5941108
Reviewed-by: Jonathan Ross <jonross@chromium.org>
Commit-Queue: Aman Verma <amanvr@google.com>
Cr-Commit-Position: refs/heads/main@{#1372706}
A couple of them were still using TEST_F, which works in parameterized
tests as long as you don't call GetParam(), but we'll soon be calling
GetParam() in all tests, whe we add a second parameter to control the
base AuctionProcessManager being tested.
Bug: 374253381
Change-Id: Ie04e820460bdd078f6ef7de1cac33a99b5f8aeea
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5954132
Reviewed-by: Maks Orlovich <morlovich@chromium.org>
Commit-Queue: mmenke <mmenke@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372695}
Apparently, blink handles key down and raw key down events the same way.
Some pieces of content/browser apparently should use blink-like logic but they do not.
This change tries to address it by adding missing key down handling.
Also it includes a necessary change outside of content/browser.
Bug: 40881497
Change-Id: Ic22435674d7054034a3a12d1d5b017248f5508c0
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5928666
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Commit-Queue: Mariusz Domżał <mdomzal@google.com>
Reviewed-by: Mustafa Emre Acer <meacer@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372533}
This CL moves following classes into the "on_device_translation"
namespace.
- OnDeviceTranslationServiceController
- TranslationManagerImpl
- Translator
This CL should not introduce any behavior change.
Bug: 374631433
Change-Id: I58a469953abea7a585825a0fe6fc5afcf89420c1
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5953006
Reviewed-by: Alex Gough <ajgo@chromium.org>
Commit-Queue: Tsuyoshi Horo <horo@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372530}
The filtered out accounts are not filtered in the case where the user
just logged in to the IDP and there are no new unfiltered accounts. This
includes the case where all accounts are filtered out. On desktop, the
HoverButton is disabled, but the UI still needs to be updated. On
Android, the UI is not updated at all, but it is behind the flag.
Followups will implement proper disabled accounts UI on both.
Bug: 40945672
Change-Id: Ie436542d12b87b17c461102edfedad85066ecf83
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5867640
Commit-Queue: Rakina Zata Amni <rakina@chromium.org>
Reviewed-by: Rakina Zata Amni <rakina@chromium.org>
Auto-Submit: Nicolás Peña <npm@chromium.org>
Reviewed-by: Yi Gu <yigu@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372517}
When SwiftShader is not enabled for the GPU process, the GPU process has
no need for the `com.apple.security.cs.allow-jit` entitlement. It can be
run using a normal, unentitled helper app instead.
Bug: 374064153
Change-Id: Ia67e21d99b5fafddc8ddd16275e9b216e7053370
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5952835
Reviewed-by: Kenneth Russell <kbr@chromium.org>
Commit-Queue: Kenneth Russell <kbr@chromium.org>
Reviewed-by: Geoff Lang <geofflang@chromium.org>
Auto-Submit: Mark Rowe <markrowe@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372375}
Following a suggestion by Nasko in https://crrev.com/c/5867574, this
handles performance scenario shared memory completely in the blink and
components/performance_manager layers, getting rid of a shim through
content/ and chrome/.
This will unblock a followup CL to attach the browser-side
StructuredSharedMemory region to ProcessNode instead of
RenderProcessHost, which is blocked by the content/ shim accessing it
synchronously on the UI thread. The cost is an extra IPC roundtrip on
process startup.
Includes a partial revert of https://crrev.com/c/5867574 that returns
mojom::Renderer::TransferSharedMemoryRegions to TransferSharedLastForegroundTime.
Bug: 365586676
Change-Id: I681a3c941661ebba7c10b7abaf54aa5c4e430a9e
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5949866
Commit-Queue: Joe Mason <joenotcharles@google.com>
Reviewed-by: Nasko Oskov <nasko@chromium.org>
Auto-Submit: Joe Mason <joenotcharles@google.com>
Cr-Commit-Position: refs/heads/main@{#1372300}
This CL:
a. Move DeviceConnectionType into WebContents and rename it to CapabilityType
b. Merge all IsConnectedToXXX() functions into a single IsCapabilityActive() function
c. Rename OnDeviceConnectionTypesChanged() method to OnCapabilityTypesChanged().
Bug: 372836924
Change-Id: Ib8be8821dff459c3788aeeb0fc4921f3996ec069
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5938280
Reviewed-by: Patrick Monette <pmonette@chromium.org>
Commit-Queue: Yifan Luo <lyf@chromium.org>
Reviewed-by: Matt Reynolds <mattreynolds@chromium.org>
Reviewed-by: Avi Drissman <avi@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372240}
To show geolocation usage in the left-hand indicator. We need to expose
it to PageSpecifiedContentSetting.
In this CL, this usage information is exposed with the same method as
HID/bluetooth with the web contents observer.
Change-Id: I730547e07955cd07913c49e92abd6ce01bbde05d
Bug: 372836924
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5920698
Reviewed-by: Alexander Timin <altimin@chromium.org>
Reviewed-by: Elias Klim <elklm@chromium.org>
Reviewed-by: Matt Reynolds <mattreynolds@chromium.org>
Commit-Queue: Yifan Luo <lyf@chromium.org>
Reviewed-by: Francois Pierre Doray <fdoray@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372239}
Dump without crashes can be noisy in stable. This flag will enable us to
turn it off and on in different versions of Chrome avoiding extra noises
while being informed about them happening.
Bug: 374365779, 373617224
Change-Id: Iee0536c303a571f962b1816667d2fbc67da8ff46
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5950247
Reviewed-by: William Liu <liuwilliam@chromium.org>
Reviewed-by: Khushal Sagar <khushalsagar@chromium.org>
Commit-Queue: Baran Erfani <baranerf@google.com>
Cr-Commit-Position: refs/heads/main@{#1372216}
This reverts commit fffe2c8c47.
Reason for revert: We have fixed all known HitTestOpaqueness bugs
on M132 and M131, so we enable HitTestOpaqueness it by default
again.
The original CL (Revert "[HitTestOpaqueness] Enable by default")
has been merged into M130 (but not M131). We have also landed a kill
switch to disable HitTestOpaqueness on M130 via finch.
Original change's description:
> Revert "[HitTestOpaqueness] Enable by default"
>
> This reverts commit a56e352a2b.
>
> Reason for revert: There are several bugs, some fixed on ToT
> (crbug.com/348520453, crbug.com/367166494), some
> still need investigation (crbug.com/372722559). We need to unlaunch
> the feature and restart the experiment after all bugs are fixed.
>
> Original change's description:
> > [HitTestOpaqueness] Enable by default
> >
> > Also change status of FastNonCompositedScrollHitTest to stable to make
> > it merely depend on the status of RasterInducingScroll, to simplify
> > dependencies.
> >
> > Bug: 40062957, 40256365, 329115115
> > Change-Id: Ia675bf7a2e833f26f3c113bda12735317d218a07
> > Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5824528
> > Reviewed-by: Philip Rogers <pdr@chromium.org>
> > Commit-Queue: Xianzhu Wang <wangxianzhu@chromium.org>
> > Reviewed-by: Jonathan Ross <jonross@chromium.org>
> > Cr-Commit-Position: refs/heads/main@{#1348709}
>
> Bug: 40062957, 40256365, 329115115
> Change-Id: Ibeeeed2eda9365c850c174ca0854bba9ba77855a
> Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5941138
> Commit-Queue: Xianzhu Wang <wangxianzhu@chromium.org>
> Reviewed-by: Philip Rogers <pdr@chromium.org>
> Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
> Reviewed-by: Jonathan Ross <jonross@chromium.org>
> Cr-Commit-Position: refs/heads/main@{#1370123}
Bug: 40062957, 40256365, 329115115
Change-Id: I5545ded5322d6c0552868a28f12664eb6f1ee543
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/5954707
Bot-Commit: Rubber Stamper <rubber-stamper@appspot.gserviceaccount.com>
Reviewed-by: Dave Tapuska <dtapuska@chromium.org>
Commit-Queue: Xianzhu Wang <wangxianzhu@chromium.org>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Cr-Commit-Position: refs/heads/main@{#1372207}