GitLab

This reverts commit a58af821.

Reason for revert: Relanding the original CL since the revert did not fix the error.

Original change's description:
> Revert "v8binding: Refactors MutationObserver and MutationCallback."
> 
> This reverts commit e4d81dae.
> 
> Reason for revert: Speculative revert.
> 
> Layout test tables/mozilla_expected_failures/marvin/backgr_fixed-bg.html started failing reliably on WebKit Mac10.9 bot following this CL.
> It does not look very related, so I will reland it if the failure continues.
> 
> Original change's description:
> > v8binding: Refactors MutationObserver and MutationCallback.
> > 
> > Major changes in this CL are:
> > - Drops [CustomConstructor] from MutationObserver.idl.
> > - Replaces hand-written V8MutationCallback with code-generated
> >   MutationCallback. Note that the new (code-generated)
> >   MutationCallback is different from the old (hand-written)
> >   MutationCallback.
> > - Rewrote the old (hand-written) MutationCallback as
> >   MutationObserver::Delegate.  Note that the name
> >   "MutationCallback" is taken by the new (code-generated)
> >   MutationCallback.
> > 
> > This CL mostly follows the same way as https://crrev.com/c/581128 .
> > 
> > Bug: 
> > Change-Id: I3f8b36044499c50baade331e2bfafbbed4271e0d
> > Reviewed-on: https://chromium-review.googlesource.com/590832
> > Reviewed-by: Kentaro Hara <haraken@chromium.org>
> > Reviewed-by: Kenichi Ishibashi <bashi@chromium.org>
> > Commit-Queue: Yuki Shiino <yukishiino@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#491297}
> 
> TBR=yukishiino@chromium.org,bashi@chromium.org,haraken@chromium.org
> 
> Change-Id: Ie6aeebac4741cd3a7cac1dacd15c6f709e15ecab
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Reviewed-on: https://chromium-review.googlesource.com/597708
> Reviewed-by: Guido Urdaneta <guidou@chromium.org>
> Commit-Queue: Guido Urdaneta <guidou@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#491333}

TBR=yukishiino@chromium.org,bashi@chromium.org,haraken@chromium.org,guidou@chromium.org

Change-Id: I4e2fba2f191aeb2caea234af1307b1a9dde144dc
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/597887Reviewed-by: Guido Urdaneta <guidou@chromium.org>
Commit-Queue: Guido Urdaneta <guidou@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491343}

Bug: 
Change-Id: I972758628679b0be7ec8627aade1d850fe0f5f3a
Reviewed-on: https://chromium-review.googlesource.com/597532Reviewed-by: Kentaro Hara <haraken@chromium.org>
Commit-Queue: Takeshi Yoshino <tyoshino@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491342}

Reland of Make rendering of MediaStreams reflect changes to its set of tracks. (patchset #1 id:1 of https://codereview.chromium.org/2985393002/ )

Reason for revert:
BUILD files have been fixed in a separate CL, so this is safe to reland.

Original issue's description:
> Revert of Make rendering of MediaStreams reflect changes to its set of tracks. (patchset #6 id:120001 of https://codereview.chromium.org/2969093002/ )
>
> Reason for revert:
> Breaking build https://uberchromegw.corp.google.com/i/chromium.linux/builders/Cast%20Audio%20Linux/builds/3356
>
> Original issue's description:
> > Make rendering of MediaStreams reflect changes to its set of tracks.
> >
> > Before this CL, MediaStreams assigned to a media element required
> > reassignment of the stream to the element in order to make changes
> > to the set of tracks visible.
> >
> > This CL fixes this problem by making WebMediaPlayerMS subscribe to
> > changes in the set of tracks of a MediaStream, and correspondingly
> > update audio and video renderers.
> >
> > BUG=720258
> >
> > Review-Url: https://codereview.chromium.org/2969093002
> > Cr-Commit-Position: refs/heads/master@{#490906}
> > Committed: https://chromium.googlesource.com/chromium/src/+/c9612ba8bf66e48a32301e35425dd3384f48a3d8
>
> TBR=dalecurtis@chromium.org,emircan@chromium.org,foolip@chromium.org,mkwst@chromium.org,guidou@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=720258
>
> Review-Url: https://codereview.chromium.org/2985393002
> Cr-Commit-Position: refs/heads/master@{#490920}
> Committed: https://chromium.googlesource.com/chromium/src/+/b35b4c271b7819e3661942ab2c72083673722910

TBR=dalecurtis@chromium.org,emircan@chromium.org,foolip@chromium.org,mkwst@chromium.org,jkrcal@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=720258

Review-Url: https://codereview.chromium.org/2994473002
Cr-Commit-Position: refs/heads/master@{#491341}

Related to https://chromium-review.googlesource.com/c/568492/,
stores tile data into sections. The tiles are still transmitted
from the native side as a flat array, but when we load them we
arrange them in a map of tiles.

It should keep the current UI functioning just like before.

Some of the current assumptions are affected:
- We can have more than one tile per URL, but only one per section
- We should not wait for all the tiles before we consider the tile
load to be complete (some of the tiles will not be displayed at all)

Bug: 740905
Change-Id: Ia91c3c7abb5d05a946d0b9baff95b5a05c9e3581
Reviewed-on: https://chromium-review.googlesource.com/571753
Commit-Queue: Nicolas Dossou-Gbété <dgn@chromium.org>
Reviewed-by: Michael van Ouwerkerk <mvanouwerkerk@chromium.org>
Reviewed-by: Bernhard Bauer <bauerb@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491340}

This CL adds second BroadcastReceiver to SystemAccountManagerDelegate to listen
for GooglePlayServices package updates. These updates can change data returned
by getAccountsSync, so observers should be notified. This CL also suppresses
deprecation warning for SystemAccountManagerDelegate constructor
(LOGIN_ACCOUNTS_CHANGED_ACTION is deprecated).

Bug: 698258
Change-Id: I09c00c2527984fda36f606f332e8cf215a74eb4b
Reviewed-on: https://chromium-review.googlesource.com/594767Reviewed-by: Mihai Sardarescu <msarda@chromium.org>
Commit-Queue: Boris Sazonov <bsazonov@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491339}

Reland of RTCVideoEncoder: Report H264 profile information to WebRTC (patchset #1 id:1 of https://codereview.chromium.org/2973253002/ )

Reason for revert:
Update test to still use HW version of H264.

Original issue's description:
> Revert of TCVideoEncoder: Report H264 profile information to WebRTC (patchset #1 id:190001 of https://codereview.chromium.org/2548443002/ )
>
> Reason for revert:
> Reverting this since it's causing multiple perf regression on mac, looks like HW encode/decode might get disabled.
>
> Original issue's description:
> > Reland of RTCVideoEncoder: Report H264 profile information to WebRTC (patchset #1 id:1 of https://codereview.chromium.org/2521923002/ )
> >
> > Reason for revert:
> > Try again.
> >
> > Original issue's description:
> > > Revert of RTCVideoEncoder: Report H264 profile information to WebRTC (patchset #3 id:60001 of https://codereview.chromium.org/2499973002/ )
> > >
> > > Reason for revert:
> > > Causes these tests to fail on chromium.webrtc bots for Win and Mac:
> > > WebRtcPerfBrowserTest.MANUAL_RunsAudioVideoCall60SecsAndLogsInternalMetricsH264
> > > WebRtcVideoQualityBrowserTests/WebRtcVideoQualityBrowserTest.MANUAL_TestVideoQualityH264
> > > https://build.chromium.org/p/chromium.webrtc/builders/Win8%20Tester/builds/30367
> > > https://build.chromium.org/p/chromium.webrtc/builders/Mac%20Tester/builds/62661
> > >
> > > Original issue's description:
> > > > RTCVideoEncoder: Report H264 profile information to WebRTC
> > > >
> > > > This CL updates RTCVideoEncoderFactory to report cricket::VideoCodecs
> > > > instead of WebRtcVideoEncoderFactory::VideoCodecs. The H264 profile
> > > > information is added to the cricket::VideoCodec so that WebRTC receives
> > > > this information. Also, the mapping between media::VideoCodecProfiles
> > > > and cricket::VideoCodecs is cached so that we can send the
> > > > media::VideoCodecProfile to RTCVideoEncoder instead of having to deal
> > > > with webrtc::VideoCodecType.
> > > >
> > > > BUG=webrtc:6337
> > > >
> > > > Committed: https://crrev.com/510eddede44cb4b67c8f17fdd68cefb780a668c5
> > > > Cr-Commit-Position: refs/heads/master@{#433508}
> > >
> > > TBR=emircan@chromium.org,posciak@chromium.org
> > > # Skipping CQ checks because original CL landed less than 1 days ago.
> > > NOPRESUBMIT=true
> > > NOTREECHECKS=true
> > > NOTRY=true
> > > BUG=webrtc:6337
> > >
> > > Committed: https://crrev.com/c2564bc627cb950b124ac8e41bc5fd3187f7ad9c
> > > Cr-Commit-Position: refs/heads/master@{#433828}
> >
> > TBR=emircan@chromium.org,posciak@chromium.org
> > # Not skipping CQ checks because original CL landed more than 1 days ago.
> > BUG=688541,735959
> >
> > Review-Url: https://codereview.chromium.org/2548443002
> > Cr-Commit-Position: refs/heads/master@{#484874}
> > Committed: https://chromium.googlesource.com/chromium/src/+/829b1d57525c3c6549d18a2c85a96527d59ea5e9
>
> TBR=emircan@chromium.org,magjed@chromium.org
> # Skipping CQ checks because original CL landed less than 1 days ago.
> NOPRESUBMIT=true
> NOTREECHECKS=true
> NOTRY=true
> BUG=688541,735959
>
> Review-Url: https://codereview.chromium.org/2973253002
> Cr-Commit-Position: refs/heads/master@{#484960}
> Committed: https://chromium.googlesource.com/chromium/src/+/df6e5a5c7e7c665603f9619930a1d7106b55160d

TBR=emircan@chromium.org,niklase@chromium.org,phoglund@chromium.org
# Not skipping CQ checks because original CL landed more than 1 days ago.
BUG=688541,735959

Review-Url: https://codereview.chromium.org/2985263002
Cr-Commit-Position: refs/heads/master@{#491338}

This CL adds AccountsChangeObserver to AccountSigninView to update it whenever
account list changes.

Bug: 693611
Change-Id: Ib888d43f2abf879a259b46e6dd781d909020fab3
Reviewed-on: https://chromium-review.googlesource.com/594388Reviewed-by: Mihai Sardarescu <msarda@chromium.org>
Commit-Queue: Boris Sazonov <bsazonov@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491337}

https://chromium.googlesource.com/external/github.com/catapult-project/catapult.git/+log/95988f787423..0327c967ed7f

$ git log 95988f787..0327c967e --date=short --no-merges --format='%ad %ae %s'
2017-08-02 achuith Use linux binaries on chromeos.

Created with:
  roll-dep src/third_party/catapult
BUG=750323


Documentation for the AutoRoller is here:
https://skia.googlesource.com/buildbot/+/master/autoroll/README.md

If the roll is causing failures, see:
http://www.chromium.org/developers/tree-sheriffs/sheriff-details-chromium#TOC-Failures-due-to-DEPS-rolls


CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.android:android_optional_gpu_tests_rel
TBR=sullivan@chromium.org

Change-Id: I501c4bfc339b126254ac10f685238e2adece9462
Reviewed-on: https://chromium-review.googlesource.com/597727
Reviewed-by: <catapult-deps-roller@chromium.org>
Commit-Queue: <catapult-deps-roller@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491336}

Have ExtensionsBrowserClient provide the application locale instead of
using g_browser_process.

Bug: 446329
Change-Id: Ibbab77cf385b2d11c1e6ee093c9118d652324635
Reviewed-on: https://chromium-review.googlesource.com/587420
Commit-Queue: Michael Giuffrida <michaelpg@chromium.org>
Reviewed-by: Devlin <rdevlin.cronin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491335}

Bug: 748491
Change-Id: I302fe1c5dbd95926ab5cd96d3fb7d53463f15d53
Reviewed-on: https://chromium-review.googlesource.com/588039Reviewed-by: Tom Sepez <tsepez@chromium.org>
Reviewed-by: Matt Menke <mmenke@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Yutaka Hirano <yhirano@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491334}

This reverts commit e4d81dae.

Reason for revert: Speculative revert.

Layout test tables/mozilla_expected_failures/marvin/backgr_fixed-bg.html started failing reliably on WebKit Mac10.9 bot following this CL.
It does not look very related, so I will reland it if the failure continues.

Original change's description:
> v8binding: Refactors MutationObserver and MutationCallback.
> 
> Major changes in this CL are:
> - Drops [CustomConstructor] from MutationObserver.idl.
> - Replaces hand-written V8MutationCallback with code-generated
>   MutationCallback. Note that the new (code-generated)
>   MutationCallback is different from the old (hand-written)
>   MutationCallback.
> - Rewrote the old (hand-written) MutationCallback as
>   MutationObserver::Delegate.  Note that the name
>   "MutationCallback" is taken by the new (code-generated)
>   MutationCallback.
> 
> This CL mostly follows the same way as https://crrev.com/c/581128 .
> 
> Bug: 
> Change-Id: I3f8b36044499c50baade331e2bfafbbed4271e0d
> Reviewed-on: https://chromium-review.googlesource.com/590832
> Reviewed-by: Kentaro Hara <haraken@chromium.org>
> Reviewed-by: Kenichi Ishibashi <bashi@chromium.org>
> Commit-Queue: Yuki Shiino <yukishiino@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#491297}

TBR=yukishiino@chromium.org,bashi@chromium.org,haraken@chromium.org

Change-Id: Ie6aeebac4741cd3a7cac1dacd15c6f709e15ecab
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Reviewed-on: https://chromium-review.googlesource.com/597708Reviewed-by: Guido Urdaneta <guidou@chromium.org>
Commit-Queue: Guido Urdaneta <guidou@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491333}

Make ServiceWorkerNetworkProvider's ctors private, adds
specific creation methods like:
- CreateForSharedWorker
- CreateForController

Bug: 740070
Change-Id: Ib17d50f2bf49b3895569551f805892b4c3706d38
Reviewed-on: https://chromium-review.googlesource.com/597553Reviewed-by: Matt Falkenhagen <falken@chromium.org>
Commit-Queue: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491332}

This CL removes auto-restart of SyncTaskManager. It used to restart
a chain of asynchronous task on an unexpected chaing breakage unless
the browser is in the shutdown sequence. However, as the shutdown
detection is unstable, that causes a restart loop.

Bug: 750800
Change-Id: I2ca231b84908f7c015b4cd97ad02a43f423b20e4
Reviewed-on: https://chromium-review.googlesource.com/597552Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491331}

This patch changes |SelectionControlle::SelectClosestWordOrLinkFromMouseEvent()|
to use |SelectionInFlatTree| instead of |VisibleSelection| since it is
redundant, for improving code health.

This is follow-up of the patch[1].

[1] http://crrev.com/c/595309: Make ExpandSelectionToRespectUserSelectAll() to
take SelectionInFlatTree

Bug: 657237
Change-Id: I4fb3c71c27f3b32322311724a99a44f61376b5ec
Reviewed-on: https://chromium-review.googlesource.com/597091Reviewed-by: Yoichi Osato <yoichio@chromium.org>
Commit-Queue: Yoichi Osato <yoichio@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491330}

Change-Id: I7ecaf4c2924ad4f8937f607b9478ab3636d3459b
Reviewed-on: https://chromium-review.googlesource.com/597559Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Taiju Tsuiki <tzik@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491329}

For simplifying CSP handling in WebEmbeddedWorkerImpl, this CL...

- parses ContentSecurityPolicyResponseHeaders in ServiceWorkerGlobalScopeProxy
  instead of WorkerShadowPage,
- excludes signal handling from WebEmbeddedWorkerImpl to
  ServiceWorkerGlobalScopeProxy, and
- unifies CSP handling between regular script loading (network) and installed
  script loading (script streaming) as
  WebEmbeddedWorkerImpl::SetContentSecurityPolicyAndReferrerPolicy().

Bug: 683037
Change-Id: Id530b30fc0bc8ead0ff29f631dd4f2a52a8ecf72
Reviewed-on: https://chromium-review.googlesource.com/597033Reviewed-by: Makoto Shimazu <shimazu@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Commit-Queue: Hiroki Nakagawa <nhiroki@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491328}

This reverts commit b9e3aebd.

Reason for revert: I think this is breaking TranslateTestCase.testLanguageDetectionInfobar. I cannot reproduce the error locally.

Original change's description:
> Add AX ID for Cancel and Done button on Translate Language Picker.
> 
> Currently, the test uses the following matchers to find the cancel and
> done button on language picker:
> 
> grey_allOf(chrome_test_util::ButtonWithAccessibilityLabel(@"Cancel"),
>                     grey_userInteractionEnabled(), nil);
> 
> This is not bullet proof and may break any time, and this CL fixes the
> issue by adding AX ID to both the cancel and done buttons.
> 
> Bug: 750344
> Change-Id: I4fda45961b684b877adf29a5bf0fee6e03f1ba8d
> Reviewed-on: https://chromium-review.googlesource.com/594831
> Reviewed-by: Eugene But <eugenebut@chromium.org>
> Commit-Queue: Yuke Liao <liaoyuke@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#490840}

TBR=eugenebut@chromium.org,liaoyuke@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: 750344
Change-Id: Ibb4f68af8e0c502000d063d6b19ff185fc1b1a42
Reviewed-on: https://chromium-review.googlesource.com/597627Reviewed-by: Gauthier Ambard <gambard@chromium.org>
Commit-Queue: Gauthier Ambard <gambard@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491327}

Wayland server in Chrome assumes events have aura::Window as their target.
However DropTargetEvent did not have target previously.

BUG=750997, b:31988797
TEST=NONE

Change-Id: I2912fe1fb3b1c73ceb08989e8e9a00c0d4892fd2
Reviewed-on: https://chromium-review.googlesource.com/593512
Commit-Queue: Daichi Hirono <hirono@chromium.org>
Reviewed-by: Sadrul Chowdhury <sadrul@chromium.org>
Reviewed-by: Scott Violet <sky@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491326}

Bug: 747026
Change-Id: If3154377583d9617516d6c2f4596d1da35272b97
Reviewed-on: https://chromium-review.googlesource.com/595352Reviewed-by: Ned Nguyen <nednguyen@google.com>
Reviewed-by: Juan Antonio Navarro Pérez <perezju@chromium.org>
Commit-Queue: Vovo Yang <vovoy@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491325}

It's a waste of time reimplementing assert() every time you need it. Instead,
include a definition of assert() in CommonOperations.js. The implementation is
commented-out so it will have no runtime overhead (comments are not included in
the V8 snapshot).

https://bugs.chromium.org/p/chromium/issues/detail?id=662542 aims to find
the long-term solution to making asserts work. This is just a stop-gap to
make them less painful in the short term.

Bug: 
Change-Id: Ib62851d19183b805f164a281c2f5c79a33d92c4b
Reviewed-on: https://chromium-review.googlesource.com/594127Reviewed-by: Takeshi Yoshino <tyoshino@chromium.org>
Commit-Queue: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491324}

This reverts commit 7a948ec8.

Reason for revert: This fix was reverted because the CL it fixes was reverted. The original CL has been relanded and now the fix should work.


Original change's description:
> Revert "Initialize LayoutTableCell.is_spanning_collapsed_row_ to avoid MSAN error"
> 
> This reverts commit b25f768c.
> 
> Reason for revert: Caused compile error.
> 
> https://luci-logdog.appspot.com/v/?s=chromium%2Fbb%2Fchromium.webkit%2FWebKit_Mac_Builder__dbg_%2F209280%2F%2B%2Frecipes%2Fsteps%2Fcompile%2F0%2Fstdout
> 
> ../../third_party/WebKit/Source/core/layout/LayoutTableCell.cpp:63:7: error: member initializer 'is_spanning_collapsed_row_' does not name a non-static data member or base class
>       is_spanning_collapsed_row_(false),
>       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 1 error generated.
> 
> Original change's description:
> > Initialize LayoutTableCell.is_spanning_collapsed_row_ to avoid MSAN error
> > 
> > TBR: joysyu@google.com
> > Bug: 751407
> > Change-Id: I3bb805d6f6c2a555925ce3ccf514e1e4b2d8df0a
> > Reviewed-on: https://chromium-review.googlesource.com/597031
> > Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
> > Cr-Commit-Position: refs/heads/master@{#491295}
> 
> TBR=horo@chromium.org,joysyu@google.com
> 
> Change-Id: Ice425494d4c1de47a48497636401616d9fe6cc89
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: 751407
> Reviewed-on: https://chromium-review.googlesource.com/597093
> Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
> Commit-Queue: Tsuyoshi Horo <horo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#491318}

TBR=horo@chromium.org,joysyu@google.com

Change-Id: Ic130312825f08f443d5f3bf5fbddac556607d4aa
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 751407
Reviewed-on: https://chromium-review.googlesource.com/597707Reviewed-by: Guido Urdaneta <guidou@chromium.org>
Commit-Queue: Guido Urdaneta <guidou@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491323}

This reverts commit 0814d71d.

Reason for revert: A fix is ready, but requires this reland.

Original change's description:
> Revert "Fix Heap-use-after-free Bug"
> 
> This reverts commit d09047bc.
> 
> Reason for revert: 
> This CL breaks Linux Trusty MSAN bot.
> See
> https://luci-milo.appspot.com/buildbot/chromium.webkit/WebKit%20Linux%20Trusty%20MSAN/2350
> and successive builds.
> 
> Sample logs:
> 17:44:44.594 32438   ==1:1==WARNING: MemorySanitizer: use-of-uninitialized-value
> 17:44:44.594 32438       #0 0xf548000 in blink::LayoutTableCell::ShouldClipOverflow() const third_party/WebKit/Source/core/layout/LayoutTableCell.cpp:459:35
> 17:44:44.594 32438       #1 0xfdd1161 in NeedsOverflowClip third_party/WebKit/Source/core/paint/PaintPropertyTreeBuilder.cpp:803:48
> 17:44:44.594 32438       #2 0xfdd1161 in UpdatePaintProperties third_party/WebKit/Source/core/paint/PaintPropertyTreeBuilder.cpp:1208:0
> 17:44:44.594 32438       #3 0xfdd1161 in blink::PaintPropertyTreeBuilder::UpdatePropertiesForSelf(blink::LayoutObject const&, blink::PaintPropertyTreeBuilderContext&) third_party/WebKit/Source/core/paint/PaintPropertyTreeBuilder.cpp:1244:0
> 17:44:44.594 32438       #4 0xfd6963c in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:190:28
> 17:44:44.594 32438       #5 0xfd6a1bb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:215:5
> 17:44:44.594 32438       #6 0xfd6a1bb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:215:5
> 17:44:44.594 32438       #7 0xfd6a1bb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:215:5
> 17:44:44.594 32438       #8 0xfd6a1bb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:215:5
> 17:44:44.594 32438       #9 0xfd68046 in blink::PrePaintTreeWalk::Walk(blink::LocalFrameView&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:92:5
> 17:44:44.594 32438       #10 0xfd674b4 in blink::PrePaintTreeWalk::Walk(blink::LocalFrameView&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:66:3
> 17:44:44.594 32438       #11 0xe513327 in blink::LocalFrameView::PrePaint() third_party/WebKit/Source/core/frame/LocalFrameView.cpp:3255:24
> 17:44:44.594 32438       #12 0xe50d013 in blink::LocalFrameView::UpdateLifecyclePhasesInternal(blink::DocumentLifecycle::LifecycleState) third_party/WebKit/Source/core/frame/LocalFrameView.cpp:3186:9
> 17:44:44.594 32438       #13 0xfb2ff7c in blink::PageAnimator::UpdateAllLifecyclePhases(blink::LocalFrame&) third_party/WebKit/Source/core/page/PageAnimator.cpp:100:9
> 17:44:44.594 32438       #14 0x1451947d in blink::WebViewImpl::UpdateAllLifecyclePhases() third_party/WebKit/Source/core/exported/WebViewImpl.cpp:1984:3
> 17:44:44.594 32438       #15 0x6b9e8bb in content::BlinkTestRunner::TestFinished() content/shell/renderer/layout_test/blink_test_runner.cc:606:11
> 17:44:44.594 32438       #16 0x11d957ed in test_runner::TestRunner::WorkQueue::ProcessWorkSoon() content/shell/test_runner/test_runner.cc:1572:29
> 17:44:44.595 32438       #17 0x11d9db51 in LocationChangeDone content/shell/test_runner/test_runner.cc:2819:17
> 17:44:44.595 32438       #18 0x11d9db51 in test_runner::TestRunner::tryToClearTopLoadingFrame(blink::WebFrame*) content/shell/test_runner/test_runner.cc:1951:0
> 17:44:44.595 32438       #19 0xf9a560e in blink::ProgressTracker::ProgressCompleted() third_party/WebKit/Source/core/loader/ProgressTracker.cpp:122:26
> 17:44:44.595 32438       #20 0xf94bfe5 in blink::FrameLoader::DidFinishNavigation() third_party/WebKit/Source/core/loader/FrameLoader.cpp:478:24
> 17:44:44.595 32438       #21 0xdbf17f7 in blink::Document::CheckCompleted() third_party/WebKit/Source/core/dom/Document.cpp:3234:20
> 17:44:44.595 32438       #22 0xf94b490 in blink::FrameLoader::FinishedParsing() third_party/WebKit/Source/core/loader/FrameLoader.cpp:448:26
> 17:44:44.595 32438       #23 0xdc2c180 in blink::Document::FinishedParsing() third_party/WebKit/Source/core/dom/Document.cpp:5636:21
> 17:44:44.595 32438       #24 0x10359be3 in blink::XMLDocumentParser::end() third_party/WebKit/Source/core/xml/parser/XMLDocumentParser.cpp:413:18
> 17:44:44.595 32438       #25 0xf9134e4 in blink::DocumentWriter::end() third_party/WebKit/Source/core/loader/DocumentWriter.cpp:109:12
> 17:44:44.595 32438       #26 0xf8f9e7f in EndWriting third_party/WebKit/Source/core/loader/DocumentLoader.cpp:896:12
> 17:44:44.595 32438       #27 0xf8f9e7f in blink::DocumentLoader::FinishedLoading(double) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:455:0
> 17:44:44.595 32438       #28 0x45cfb05 in blink::Resource::CheckNotify() third_party/WebKit/Source/platform/loader/fetch/Resource.cpp:336:8
> 17:44:44.595 32438       #29 0x46125d0 in blink::ResourceFetcher::HandleLoaderFinish(blink::Resource*, double, blink::ResourceFetcher::LoaderFinishType) third_party/WebKit/Source/platform/loader/fetch/ResourceFetcher.cpp:1333:15
> 17:44:44.595 32438       #30 0x1375febb in content::WebURLLoaderImpl::Context::OnCompletedRequest(int, bool, bool, base::TimeTicks const&, long, long, long) content/child/web_url_loader_impl.cc:904:16
> 17:44:44.595 32438       #31 0xc0c93f5 in content::ResourceDispatcher::OnRequestComplete(int, content::ResourceRequestCompletionStatus const&) content/child/resource_dispatcher.cc:374:9
> 17:44:44.595 32438       #32 0xc0d0e07 in DispatchToMethodImpl<content::ResourceDispatcher *, void (content::ResourceDispatcher::*)(int, const content::ResourceRequestCompletionStatus &), const std::__1::tuple<int, content::ResourceRequestCompletionStatus> &, 0, 1> base/tuple.h:77:3
> 17:44:44.595 32438       #33 0xc0d0e07 in DispatchToMethod<content::ResourceDispatcher *, void (content::ResourceDispatcher::*)(int, const content::ResourceRequestCompletionStatus &), const std::__1::tuple<int, content::ResourceRequestCompletionStatus> &> base/tuple.h:84:0
> 17:44:44.595 32438       #34 0xc0d0e07 in DispatchToMethod<content::ResourceDispatcher, void (content::ResourceDispatcher::*)(int, const content::ResourceRequestCompletionStatus &), void, std::__1::tuple<int, content::ResourceRequestCompletionStatus> > ipc/ipc_message_templates.h:26:0
> 17:44:44.595 32438       #35 0xc0d0e07 in bool IPC::MessageT<ResourceMsg_RequestComplete_Meta, std::__1::tuple<int, content::ResourceRequestCompletionStatus>, void>::Dispatch<content::ResourceDispatcher, content::ResourceDispatcher, void, void (content::ResourceDispatcher::*)(int, content::ResourceRequestCompletionStatus const&)>(IPC::Message const*, content::ResourceDispatcher*, content::ResourceDispatcher*, void*, void (content::ResourceDispatcher::*)(int, content::ResourceRequestCompletionStatus const&)) ipc/ipc_message_templates.h:121:0
> 17:44:44.595 32438       #36 0xc0bfe8a in content::ResourceDispatcher::DispatchMessage(IPC::Message const&) content/child/resource_dispatcher.cc:535:5
> 17:44:44.595 32438       #37 0xc0bd497 in content::ResourceDispatcher::OnMessageReceived(IPC::Message const&) content/child/resource_dispatcher.cc:136:3
> 17:44:44.595 32438       #38 0xc0d86f9 in content::ResourceSchedulingFilter::DispatchMessage(IPC::Message const&) content/child/resource_scheduling_filter.cc:74:27
> 17:44:44.595 32438       #39 0x6c8e490 in Run base/callback.h:91:12
> 17:44:44.595 32438       #40 0x6c8e490 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) base/debug/task_annotator.cc:59:0
> 17:44:44.595 32438       #41 0x46c2540 in blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(blink::scheduler::internal::WorkQueue*, bool, blink::scheduler::LazyNow, base::TimeTicks*) third_party/WebKit/Source/platform/scheduler/base/task_queue_manager.cc:532:19
> 17:44:44.595 32438       #42 0x46b600a in blink::scheduler::TaskQueueManager::DoWork(bool) third_party/WebKit/Source/platform/scheduler/base/task_queue_manager.cc:330:13
> 17:44:44.595 32438       #43 0x6c8e490 in Run base/callback.h:91:12
> 17:44:44.595 32438       #44 0x6c8e490 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) base/debug/task_annotator.cc:59:0
> 17:44:44.595 32438       #45 0x6d1f88e in base::MessageLoop::RunTask(base::PendingTask*) base/message_loop/message_loop.cc:404:19
> 17:44:44.595 32438       #46 0x6d22ad9 in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) base/message_loop/message_loop.cc:415:5
> 17:44:44.595 32438       #47 0x6d23ad6 in base::MessageLoop::DoWork() base/message_loop/message_loop.cc:522:13
> 17:44:44.595 32438       #48 0x6d3023a in base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_loop/message_pump_default.cc:33:31
> 17:44:44.595 32438       #49 0x6dbef5b in base::RunLoop::Run() base/run_loop.cc:112:14
> 17:44:44.595 32438       #50 0x113da4bf in content::RendererMain(content::MainFunctionParams const&) content/renderer/renderer_main.cc:219:23
> 17:44:44.595 32438       #51 0x4821509 in content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:337:14
> 17:44:44.595 32438       #52 0x48240fa in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:12
> 17:44:44.595 32438       #53 0x4826d77 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:687:12
> 17:44:44.595 32438       #54 0xbfb00ba in service_manager::Main(service_manager::MainParams const&) services/service_manager/embedder/main.cc:469:29
> 17:44:44.595 32438       #55 0x16265ee in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:19:10
> 17:44:44.595 32438       #56 0x4a904f in main content/shell/app/shell_main.cc:48:10
> 17:44:44.595 32438       #57 0x7fa0d53baf44 in __libc_start_main /build/eglibc-SvCtMH/eglibc-2.19/csu/libc-start.c:287:0
> 17:44:44.595 32438       #58 0x43cf9a in _start ??:0:0
> 17:44:44.595 32438   
> 17:44:44.595 32438     Uninitialized value was stored to memory at
> 17:44:44.596 32438       #0 0xf5430fb in SetCellWidthChanged third_party/WebKit/Source/core/layout/LayoutTableCell.h:235:65
> 17:44:44.596 32438       #1 0xf5430fb in blink::LayoutTableCell::UpdateLayout() third_party/WebKit/Source/core/layout/LayoutTableCell.cpp:327:0
> 17:44:44.596 32438       #2 0xf59d164 in LayoutIfNeeded third_party/WebKit/Source/core/layout/LayoutObject.h:1110:7
> 17:44:44.596 32438       #3 0xf59d164 in blink::LayoutTableSection::LayoutRows() third_party/WebKit/Source/core/layout/LayoutTableSection.cpp:1252:0
> 17:44:44.596 32438       #4 0xf524b1c in blink::LayoutTable::UpdateLayout() third_party/WebKit/Source/core/layout/LayoutTable.cpp:717:16
> 17:44:44.596 32438       #5 0xf185d49 in LayoutIfNeeded third_party/WebKit/Source/core/layout/LayoutObject.h:1110:7
> 17:44:44.596 32438       #6 0xf185d49 in blink::LayoutBlock::LayoutPositionedObject(blink::LayoutBox*, bool, blink::LayoutBlock::PositionedLayoutBehavior) third_party/WebKit/Source/core/layout/LayoutBlock.cpp:828:0
> 17:44:44.596 32438       #7 0xf184ef7 in blink::LayoutBlock::LayoutPositionedObjects(bool, blink::LayoutBlock::PositionedLayoutBehavior) third_party/WebKit/Source/core/layout/LayoutBlock.cpp:773:5
> 17:44:44.596 32438       #8 0xf1b1e0e in blink::LayoutBlockFlow::UpdateBlockLayout(bool) third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:485:3
> 17:44:44.596 32438       #9 0xf17eb46 in blink::LayoutBlock::UpdateLayout() third_party/WebKit/Source/core/layout/LayoutBlock.cpp:427:3
> 17:44:44.596 32438       #10 0xf645987 in LayoutContent third_party/WebKit/Source/core/layout/LayoutView.cpp:224:20
> 17:44:44.596 32438       #11 0xf645987 in blink::LayoutView::UpdateLayout() third_party/WebKit/Source/core/layout/LayoutView.cpp:316:0
> 17:44:44.596 32438       #12 0xe4eadff in blink::LocalFrameView::PerformLayout(bool) third_party/WebKit/Source/core/frame/LocalFrameView.cpp:1082:22
> 17:44:44.596 32438       #13 0xe4dee95 in blink::LocalFrameView::UpdateLayout() third_party/WebKit/Source/core/frame/LocalFrameView.cpp:1265:10
> 17:44:44.596 32438       #14 0xdbf2315 in blink::Document::ImplicitClose() third_party/WebKit/Source/core/dom/Document.cpp:3155:15
> 17:44:44.596 32438       #15 0xdbf1070 in blink::Document::CheckCompleted() third_party/WebKit/Source/core/dom/Document.cpp:3212:5
> 17:44:44.596 32438       #16 0xf94b490 in blink::FrameLoader::FinishedParsing() third_party/WebKit/Source/core/loader/FrameLoader.cpp:448:26
> 17:44:44.596 32438       #17 0xdc2c180 in blink::Document::FinishedParsing() third_party/WebKit/Source/core/dom/Document.cpp:5636:21
> 17:44:44.596 32438       #18 0x10359be3 in blink::XMLDocumentParser::end() third_party/WebKit/Source/core/xml/parser/XMLDocumentParser.cpp:413:18
> 17:44:44.596 32438       #19 0xf9134e4 in blink::DocumentWriter::end() third_party/WebKit/Source/core/loader/DocumentWriter.cpp:109:12
> 17:44:44.596 32438       #20 0xf8f9e7f in EndWriting third_party/WebKit/Source/core/loader/DocumentLoader.cpp:896:12
> 17:44:44.596 32438       #21 0xf8f9e7f in blink::DocumentLoader::FinishedLoading(double) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:455:0
> 17:44:44.596 32438       #22 0x45cfb05 in blink::Resource::CheckNotify() third_party/WebKit/Source/platform/loader/fetch/Resource.cpp:336:8
> 17:44:44.596 32438       #23 0x46125d0 in blink::ResourceFetcher::HandleLoaderFinish(blink::Resource*, double, blink::ResourceFetcher::LoaderFinishType) third_party/WebKit/Source/platform/loader/fetch/ResourceFetcher.cpp:1333:15
> 17:44:44.596 32438       #24 0x1375febb in content::WebURLLoaderImpl::Context::OnCompletedRequest(int, bool, bool, base::TimeTicks const&, long, long, long) content/child/web_url_loader_impl.cc:904:16
> 17:44:44.596 32438   
> 
> 
> Original change's description:
> > Fix Heap-use-after-free Bug
> > 
> > Add a new member variable LayoutTableCell::is_spanning_collapsed_row_ so that
> > there is no need to access LayoutTableSection::RowHasVisibilityCollapse
> > in LayoutTableCell. This avoids using the memory that has already been
> > freed.
> > 
> > Bug: 750016
> > Change-Id: I1838a775f3b45315b2dee3e15942af0dff0c5955
> > Reviewed-on: https://chromium-review.googlesource.com/594935
> > Reviewed-by: Morten Stenshorne <mstensho@opera.com>
> > Commit-Queue: Joy Yu <joysyu@google.com>
> > Cr-Commit-Position: refs/heads/master@{#491139}
> 
> TBR=dgrogan@chromium.org,mstensho@opera.com,joysyu@google.com
> 
> Change-Id: Idaad8aba8647775eb2387688919c25b6ad4a8eda
> No-Presubmit: true
> No-Tree-Checks: true
> No-Try: true
> Bug: 750016
> Reviewed-on: https://chromium-review.googlesource.com/597667
> Reviewed-by: Guido Urdaneta <guidou@chromium.org>
> Commit-Queue: Guido Urdaneta <guidou@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#491315}

TBR=dgrogan@chromium.org,mstensho@opera.com,guidou@chromium.org,joysyu@google.com

Change-Id: I4e1b4c59275699a5aa610d9ff338c062d8982268
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 750016
Reviewed-on: https://chromium-review.googlesource.com/597687Reviewed-by: Guido Urdaneta <guidou@chromium.org>
Commit-Queue: Guido Urdaneta <guidou@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491322}

When WebRTC is disabled, MediaStream and its supporting classes are not
compiled. In these builds, WebMediaPlayerMS is never usec.

Moreover, some spec-compliance improvements to WebMediaPlayerMS require
access to MediaStream methods. This causes non-WebRTC builds to break.

BUG=751054

Change-Id: Ia10362e082d88ba6a56a206eaf8126a4ca39ef81
Reviewed-on: https://chromium-review.googlesource.com/595727Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Commit-Queue: Guido Urdaneta <guidou@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491321}

- Remove DEPS entries that are already inherited from the parent
- Move the media/midi/ entry to public/platform/modules/webmidi/
- Add a comment for the +platform entry to note that it's allowed only
  inside the INSIDE_BLINK preprocessor macro

Bug: 
Change-Id: Iad7811b4ee7ff0926c0f81a44975772266d9e80a
Reviewed-on: https://chromium-review.googlesource.com/593515
Commit-Queue: Takeshi Yoshino <tyoshino@chromium.org>
Reviewed-by: Kent Tamura <tkent@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491320}

This is a workaround to https://crbug.com/700809.

BUG=700809,745825

Change-Id: Ifba9aef86b8218a97d4f5abe1b979fb0305562ab
Reviewed-on: https://chromium-review.googlesource.com/589168Reviewed-by: Daniel Jacques <dnj@chromium.org>
Reviewed-by: Owen Min <zmin@chromium.org>
Commit-Queue: Greg Thompson <grt@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491319}

This reverts commit b25f768c.

Reason for revert: Caused compile error.

https://luci-logdog.appspot.com/v/?s=chromium%2Fbb%2Fchromium.webkit%2FWebKit_Mac_Builder__dbg_%2F209280%2F%2B%2Frecipes%2Fsteps%2Fcompile%2F0%2Fstdout

../../third_party/WebKit/Source/core/layout/LayoutTableCell.cpp:63:7: error: member initializer 'is_spanning_collapsed_row_' does not name a non-static data member or base class
      is_spanning_collapsed_row_(false),
      ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 error generated.

Original change's description:
> Initialize LayoutTableCell.is_spanning_collapsed_row_ to avoid MSAN error
> 
> TBR: joysyu@google.com
> Bug: 751407
> Change-Id: I3bb805d6f6c2a555925ce3ccf514e1e4b2d8df0a
> Reviewed-on: https://chromium-review.googlesource.com/597031
> Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#491295}

TBR=horo@chromium.org,joysyu@google.com

Change-Id: Ice425494d4c1de47a48497636401616d9fe6cc89
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 751407
Reviewed-on: https://chromium-review.googlesource.com/597093Reviewed-by: Tsuyoshi Horo <horo@chromium.org>
Commit-Queue: Tsuyoshi Horo <horo@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491318}

This CL uses Status::Success() instead of a Status constructor in
RemoteSuggestionsProviderImpl tests. Basically, the occurences were
automatically replaced and autoformated.

Bug: 
Change-Id: I98239e045cbdaaec0771da17a5d11ee49987c98a
Reviewed-on: https://chromium-review.googlesource.com/597601Reviewed-by: Chris Pickel <sfiera@chromium.org>
Commit-Queue: vitaliii <vitaliii@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491317}

R: jbroman@chromium.org, rmcilroy@chromium.org
Change-Id: I718479d15517b9b19b5171f163d107995d15bc61
Reviewed-on: https://chromium-review.googlesource.com/596971Reviewed-by: Ross McIlroy <rmcilroy@chromium.org>
Commit-Queue: Jochen Eisinger <jochen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491316}

This reverts commit d09047bc.

Reason for revert: 
This CL breaks Linux Trusty MSAN bot.
See
https://luci-milo.appspot.com/buildbot/chromium.webkit/WebKit%20Linux%20Trusty%20MSAN/2350
and successive builds.

Sample logs:
17:44:44.594 32438   ==1:1==WARNING: MemorySanitizer: use-of-uninitialized-value
17:44:44.594 32438       #0 0xf548000 in blink::LayoutTableCell::ShouldClipOverflow() const third_party/WebKit/Source/core/layout/LayoutTableCell.cpp:459:35
17:44:44.594 32438       #1 0xfdd1161 in NeedsOverflowClip third_party/WebKit/Source/core/paint/PaintPropertyTreeBuilder.cpp:803:48
17:44:44.594 32438       #2 0xfdd1161 in UpdatePaintProperties third_party/WebKit/Source/core/paint/PaintPropertyTreeBuilder.cpp:1208:0
17:44:44.594 32438       #3 0xfdd1161 in blink::PaintPropertyTreeBuilder::UpdatePropertiesForSelf(blink::LayoutObject const&, blink::PaintPropertyTreeBuilderContext&) third_party/WebKit/Source/core/paint/PaintPropertyTreeBuilder.cpp:1244:0
17:44:44.594 32438       #4 0xfd6963c in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:190:28
17:44:44.594 32438       #5 0xfd6a1bb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:215:5
17:44:44.594 32438       #6 0xfd6a1bb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:215:5
17:44:44.594 32438       #7 0xfd6a1bb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:215:5
17:44:44.594 32438       #8 0xfd6a1bb in blink::PrePaintTreeWalk::Walk(blink::LayoutObject const&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:215:5
17:44:44.594 32438       #9 0xfd68046 in blink::PrePaintTreeWalk::Walk(blink::LocalFrameView&, blink::PrePaintTreeWalkContext const&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:92:5
17:44:44.594 32438       #10 0xfd674b4 in blink::PrePaintTreeWalk::Walk(blink::LocalFrameView&) third_party/WebKit/Source/core/paint/PrePaintTreeWalk.cpp:66:3
17:44:44.594 32438       #11 0xe513327 in blink::LocalFrameView::PrePaint() third_party/WebKit/Source/core/frame/LocalFrameView.cpp:3255:24
17:44:44.594 32438       #12 0xe50d013 in blink::LocalFrameView::UpdateLifecyclePhasesInternal(blink::DocumentLifecycle::LifecycleState) third_party/WebKit/Source/core/frame/LocalFrameView.cpp:3186:9
17:44:44.594 32438       #13 0xfb2ff7c in blink::PageAnimator::UpdateAllLifecyclePhases(blink::LocalFrame&) third_party/WebKit/Source/core/page/PageAnimator.cpp:100:9
17:44:44.594 32438       #14 0x1451947d in blink::WebViewImpl::UpdateAllLifecyclePhases() third_party/WebKit/Source/core/exported/WebViewImpl.cpp:1984:3
17:44:44.594 32438       #15 0x6b9e8bb in content::BlinkTestRunner::TestFinished() content/shell/renderer/layout_test/blink_test_runner.cc:606:11
17:44:44.594 32438       #16 0x11d957ed in test_runner::TestRunner::WorkQueue::ProcessWorkSoon() content/shell/test_runner/test_runner.cc:1572:29
17:44:44.595 32438       #17 0x11d9db51 in LocationChangeDone content/shell/test_runner/test_runner.cc:2819:17
17:44:44.595 32438       #18 0x11d9db51 in test_runner::TestRunner::tryToClearTopLoadingFrame(blink::WebFrame*) content/shell/test_runner/test_runner.cc:1951:0
17:44:44.595 32438       #19 0xf9a560e in blink::ProgressTracker::ProgressCompleted() third_party/WebKit/Source/core/loader/ProgressTracker.cpp:122:26
17:44:44.595 32438       #20 0xf94bfe5 in blink::FrameLoader::DidFinishNavigation() third_party/WebKit/Source/core/loader/FrameLoader.cpp:478:24
17:44:44.595 32438       #21 0xdbf17f7 in blink::Document::CheckCompleted() third_party/WebKit/Source/core/dom/Document.cpp:3234:20
17:44:44.595 32438       #22 0xf94b490 in blink::FrameLoader::FinishedParsing() third_party/WebKit/Source/core/loader/FrameLoader.cpp:448:26
17:44:44.595 32438       #23 0xdc2c180 in blink::Document::FinishedParsing() third_party/WebKit/Source/core/dom/Document.cpp:5636:21
17:44:44.595 32438       #24 0x10359be3 in blink::XMLDocumentParser::end() third_party/WebKit/Source/core/xml/parser/XMLDocumentParser.cpp:413:18
17:44:44.595 32438       #25 0xf9134e4 in blink::DocumentWriter::end() third_party/WebKit/Source/core/loader/DocumentWriter.cpp:109:12
17:44:44.595 32438       #26 0xf8f9e7f in EndWriting third_party/WebKit/Source/core/loader/DocumentLoader.cpp:896:12
17:44:44.595 32438       #27 0xf8f9e7f in blink::DocumentLoader::FinishedLoading(double) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:455:0
17:44:44.595 32438       #28 0x45cfb05 in blink::Resource::CheckNotify() third_party/WebKit/Source/platform/loader/fetch/Resource.cpp:336:8
17:44:44.595 32438       #29 0x46125d0 in blink::ResourceFetcher::HandleLoaderFinish(blink::Resource*, double, blink::ResourceFetcher::LoaderFinishType) third_party/WebKit/Source/platform/loader/fetch/ResourceFetcher.cpp:1333:15
17:44:44.595 32438       #30 0x1375febb in content::WebURLLoaderImpl::Context::OnCompletedRequest(int, bool, bool, base::TimeTicks const&, long, long, long) content/child/web_url_loader_impl.cc:904:16
17:44:44.595 32438       #31 0xc0c93f5 in content::ResourceDispatcher::OnRequestComplete(int, content::ResourceRequestCompletionStatus const&) content/child/resource_dispatcher.cc:374:9
17:44:44.595 32438       #32 0xc0d0e07 in DispatchToMethodImpl<content::ResourceDispatcher *, void (content::ResourceDispatcher::*)(int, const content::ResourceRequestCompletionStatus &), const std::__1::tuple<int, content::ResourceRequestCompletionStatus> &, 0, 1> base/tuple.h:77:3
17:44:44.595 32438       #33 0xc0d0e07 in DispatchToMethod<content::ResourceDispatcher *, void (content::ResourceDispatcher::*)(int, const content::ResourceRequestCompletionStatus &), const std::__1::tuple<int, content::ResourceRequestCompletionStatus> &> base/tuple.h:84:0
17:44:44.595 32438       #34 0xc0d0e07 in DispatchToMethod<content::ResourceDispatcher, void (content::ResourceDispatcher::*)(int, const content::ResourceRequestCompletionStatus &), void, std::__1::tuple<int, content::ResourceRequestCompletionStatus> > ipc/ipc_message_templates.h:26:0
17:44:44.595 32438       #35 0xc0d0e07 in bool IPC::MessageT<ResourceMsg_RequestComplete_Meta, std::__1::tuple<int, content::ResourceRequestCompletionStatus>, void>::Dispatch<content::ResourceDispatcher, content::ResourceDispatcher, void, void (content::ResourceDispatcher::*)(int, content::ResourceRequestCompletionStatus const&)>(IPC::Message const*, content::ResourceDispatcher*, content::ResourceDispatcher*, void*, void (content::ResourceDispatcher::*)(int, content::ResourceRequestCompletionStatus const&)) ipc/ipc_message_templates.h:121:0
17:44:44.595 32438       #36 0xc0bfe8a in content::ResourceDispatcher::DispatchMessage(IPC::Message const&) content/child/resource_dispatcher.cc:535:5
17:44:44.595 32438       #37 0xc0bd497 in content::ResourceDispatcher::OnMessageReceived(IPC::Message const&) content/child/resource_dispatcher.cc:136:3
17:44:44.595 32438       #38 0xc0d86f9 in content::ResourceSchedulingFilter::DispatchMessage(IPC::Message const&) content/child/resource_scheduling_filter.cc:74:27
17:44:44.595 32438       #39 0x6c8e490 in Run base/callback.h:91:12
17:44:44.595 32438       #40 0x6c8e490 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) base/debug/task_annotator.cc:59:0
17:44:44.595 32438       #41 0x46c2540 in blink::scheduler::TaskQueueManager::ProcessTaskFromWorkQueue(blink::scheduler::internal::WorkQueue*, bool, blink::scheduler::LazyNow, base::TimeTicks*) third_party/WebKit/Source/platform/scheduler/base/task_queue_manager.cc:532:19
17:44:44.595 32438       #42 0x46b600a in blink::scheduler::TaskQueueManager::DoWork(bool) third_party/WebKit/Source/platform/scheduler/base/task_queue_manager.cc:330:13
17:44:44.595 32438       #43 0x6c8e490 in Run base/callback.h:91:12
17:44:44.595 32438       #44 0x6c8e490 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask*) base/debug/task_annotator.cc:59:0
17:44:44.595 32438       #45 0x6d1f88e in base::MessageLoop::RunTask(base::PendingTask*) base/message_loop/message_loop.cc:404:19
17:44:44.595 32438       #46 0x6d22ad9 in base::MessageLoop::DeferOrRunPendingTask(base::PendingTask) base/message_loop/message_loop.cc:415:5
17:44:44.595 32438       #47 0x6d23ad6 in base::MessageLoop::DoWork() base/message_loop/message_loop.cc:522:13
17:44:44.595 32438       #48 0x6d3023a in base::MessagePumpDefault::Run(base::MessagePump::Delegate*) base/message_loop/message_pump_default.cc:33:31
17:44:44.595 32438       #49 0x6dbef5b in base::RunLoop::Run() base/run_loop.cc:112:14
17:44:44.595 32438       #50 0x113da4bf in content::RendererMain(content::MainFunctionParams const&) content/renderer/renderer_main.cc:219:23
17:44:44.595 32438       #51 0x4821509 in content::RunZygote(content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:337:14
17:44:44.595 32438       #52 0x48240fa in content::RunNamedProcessTypeMain(std::__1::basic_string<char, std::__1::char_traits<char>, std::__1::allocator<char> > const&, content::MainFunctionParams const&, content::ContentMainDelegate*) content/app/content_main_runner.cc:416:12
17:44:44.595 32438       #53 0x4826d77 in content::ContentMainRunnerImpl::Run() content/app/content_main_runner.cc:687:12
17:44:44.595 32438       #54 0xbfb00ba in service_manager::Main(service_manager::MainParams const&) services/service_manager/embedder/main.cc:469:29
17:44:44.595 32438       #55 0x16265ee in content::ContentMain(content::ContentMainParams const&) content/app/content_main.cc:19:10
17:44:44.595 32438       #56 0x4a904f in main content/shell/app/shell_main.cc:48:10
17:44:44.595 32438       #57 0x7fa0d53baf44 in __libc_start_main /build/eglibc-SvCtMH/eglibc-2.19/csu/libc-start.c:287:0
17:44:44.595 32438       #58 0x43cf9a in _start ??:0:0
17:44:44.595 32438   
17:44:44.595 32438     Uninitialized value was stored to memory at
17:44:44.596 32438       #0 0xf5430fb in SetCellWidthChanged third_party/WebKit/Source/core/layout/LayoutTableCell.h:235:65
17:44:44.596 32438       #1 0xf5430fb in blink::LayoutTableCell::UpdateLayout() third_party/WebKit/Source/core/layout/LayoutTableCell.cpp:327:0
17:44:44.596 32438       #2 0xf59d164 in LayoutIfNeeded third_party/WebKit/Source/core/layout/LayoutObject.h:1110:7
17:44:44.596 32438       #3 0xf59d164 in blink::LayoutTableSection::LayoutRows() third_party/WebKit/Source/core/layout/LayoutTableSection.cpp:1252:0
17:44:44.596 32438       #4 0xf524b1c in blink::LayoutTable::UpdateLayout() third_party/WebKit/Source/core/layout/LayoutTable.cpp:717:16
17:44:44.596 32438       #5 0xf185d49 in LayoutIfNeeded third_party/WebKit/Source/core/layout/LayoutObject.h:1110:7
17:44:44.596 32438       #6 0xf185d49 in blink::LayoutBlock::LayoutPositionedObject(blink::LayoutBox*, bool, blink::LayoutBlock::PositionedLayoutBehavior) third_party/WebKit/Source/core/layout/LayoutBlock.cpp:828:0
17:44:44.596 32438       #7 0xf184ef7 in blink::LayoutBlock::LayoutPositionedObjects(bool, blink::LayoutBlock::PositionedLayoutBehavior) third_party/WebKit/Source/core/layout/LayoutBlock.cpp:773:5
17:44:44.596 32438       #8 0xf1b1e0e in blink::LayoutBlockFlow::UpdateBlockLayout(bool) third_party/WebKit/Source/core/layout/LayoutBlockFlow.cpp:485:3
17:44:44.596 32438       #9 0xf17eb46 in blink::LayoutBlock::UpdateLayout() third_party/WebKit/Source/core/layout/LayoutBlock.cpp:427:3
17:44:44.596 32438       #10 0xf645987 in LayoutContent third_party/WebKit/Source/core/layout/LayoutView.cpp:224:20
17:44:44.596 32438       #11 0xf645987 in blink::LayoutView::UpdateLayout() third_party/WebKit/Source/core/layout/LayoutView.cpp:316:0
17:44:44.596 32438       #12 0xe4eadff in blink::LocalFrameView::PerformLayout(bool) third_party/WebKit/Source/core/frame/LocalFrameView.cpp:1082:22
17:44:44.596 32438       #13 0xe4dee95 in blink::LocalFrameView::UpdateLayout() third_party/WebKit/Source/core/frame/LocalFrameView.cpp:1265:10
17:44:44.596 32438       #14 0xdbf2315 in blink::Document::ImplicitClose() third_party/WebKit/Source/core/dom/Document.cpp:3155:15
17:44:44.596 32438       #15 0xdbf1070 in blink::Document::CheckCompleted() third_party/WebKit/Source/core/dom/Document.cpp:3212:5
17:44:44.596 32438       #16 0xf94b490 in blink::FrameLoader::FinishedParsing() third_party/WebKit/Source/core/loader/FrameLoader.cpp:448:26
17:44:44.596 32438       #17 0xdc2c180 in blink::Document::FinishedParsing() third_party/WebKit/Source/core/dom/Document.cpp:5636:21
17:44:44.596 32438       #18 0x10359be3 in blink::XMLDocumentParser::end() third_party/WebKit/Source/core/xml/parser/XMLDocumentParser.cpp:413:18
17:44:44.596 32438       #19 0xf9134e4 in blink::DocumentWriter::end() third_party/WebKit/Source/core/loader/DocumentWriter.cpp:109:12
17:44:44.596 32438       #20 0xf8f9e7f in EndWriting third_party/WebKit/Source/core/loader/DocumentLoader.cpp:896:12
17:44:44.596 32438       #21 0xf8f9e7f in blink::DocumentLoader::FinishedLoading(double) third_party/WebKit/Source/core/loader/DocumentLoader.cpp:455:0
17:44:44.596 32438       #22 0x45cfb05 in blink::Resource::CheckNotify() third_party/WebKit/Source/platform/loader/fetch/Resource.cpp:336:8
17:44:44.596 32438       #23 0x46125d0 in blink::ResourceFetcher::HandleLoaderFinish(blink::Resource*, double, blink::ResourceFetcher::LoaderFinishType) third_party/WebKit/Source/platform/loader/fetch/ResourceFetcher.cpp:1333:15
17:44:44.596 32438       #24 0x1375febb in content::WebURLLoaderImpl::Context::OnCompletedRequest(int, bool, bool, base::TimeTicks const&, long, long, long) content/child/web_url_loader_impl.cc:904:16
17:44:44.596 32438   


Original change's description:
> Fix Heap-use-after-free Bug
> 
> Add a new member variable LayoutTableCell::is_spanning_collapsed_row_ so that
> there is no need to access LayoutTableSection::RowHasVisibilityCollapse
> in LayoutTableCell. This avoids using the memory that has already been
> freed.
> 
> Bug: 750016
> Change-Id: I1838a775f3b45315b2dee3e15942af0dff0c5955
> Reviewed-on: https://chromium-review.googlesource.com/594935
> Reviewed-by: Morten Stenshorne <mstensho@opera.com>
> Commit-Queue: Joy Yu <joysyu@google.com>
> Cr-Commit-Position: refs/heads/master@{#491139}

TBR=dgrogan@chromium.org,mstensho@opera.com,joysyu@google.com

Change-Id: Idaad8aba8647775eb2387688919c25b6ad4a8eda
No-Presubmit: true
No-Tree-Checks: true
No-Try: true
Bug: 750016
Reviewed-on: https://chromium-review.googlesource.com/597667Reviewed-by: Guido Urdaneta <guidou@chromium.org>
Commit-Queue: Guido Urdaneta <guidou@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491315}

EG cannot interact with Share menu on iOS11.
Add a workaround that is as close as possible from the normal behavior.

Bug: 747443
Change-Id: I08d5e9cb5462bea13f216b551e9b3e1f860b1a9e
Reviewed-on: https://chromium-review.googlesource.com/597602Reviewed-by: Gauthier Ambard <gambard@chromium.org>
Commit-Queue: Olivier Robin <olivierrobin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491314}

This CL continues to remove asserts from AssertMatchingEnums.cpp and
place them in files nearer their internal definitions.

Bug: 712963
Change-Id: I8cda3922744b053ecbbcb5b6c94a685f419defa4
Reviewed-on: https://chromium-review.googlesource.com/597382
Commit-Queue: Nicholas Verne <nverne@chromium.org>
Reviewed-by: Kentaro Hara <haraken@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491313}

This CL has no behavior changes.

NOTRY=true

Change-Id: Ic62d65a5574e79120e3a2ac69cd5f0871978c613
Reviewed-on: https://chromium-review.googlesource.com/597034Reviewed-by: Yoshifumi Inoue <yosin@chromium.org>
Commit-Queue: Yoshifumi Inoue <yosin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491312}

In the context menu, we have "More actions..." menu item to open a task
picker dialog for all actions.
We are going to have separated following two menu items to organize them.
"Open with..."    <= Open a task picker for OPEN actions.
"More actions..." <= Open a task picker for any other actions.

Bug: 740821
Cq-Include-Trybots: master.tryserver.chromium.linux:closure_compilation
Change-Id: I4e75c27ac32c2a6da23adfc787db9078662fa19f
Reviewed-on: https://chromium-review.googlesource.com/594759
Commit-Queue: Naoki Fukino <fukino@chromium.org>
Reviewed-by: Tatsuhisa Yamaguchi <yamaguchi@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491311}

V8's current behavior is to not throw when __defineGetter__ fails, but
it is being changed to throw. The tests now pass whether or not
__defineGetter__ throws.

Bug: v8:5070
Change-Id: I219a4d2665edc886c040578ba1108c36cafa3bc6
Reviewed-on: https://chromium-review.googlesource.com/595240
Commit-Queue: Yuki Shiino <yukishiino@chromium.org>
Reviewed-by: Yuki Shiino <yukishiino@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491310}

On iOS11, |UIApplicationDelegate application:openURL:options:| is always
called on active app.
It means that if launching Chrome from inactive state by opening a
chrome:// URL, applicationDidBecomeActive will be called before openURL.
It was the opposite before iOS10.

Fix the handling of openURL to open correctly the tab.

Note: A lot of the code handling openURL on inactive state can be
removed once iOS10 is deprecated.

Bug: 749037
Change-Id: I29e8e1fb17ea02a0d28dee43382a35d9d1b01377
Reviewed-on: https://chromium-review.googlesource.com/586593Reviewed-by: Elodie Banel <lod@chromium.org>
Reviewed-by: Mark Cogan <marq@chromium.org>
Reviewed-by: Justin Cohen <justincohen@chromium.org>
Commit-Queue: Olivier Robin <olivierrobin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491309}

Creating an AudioContext with a latencyHint of 'playback' on some
Android devices could cause glitching as the context was created
with an audio buffer size less than the hardware buffer size.

BUG=745960

Change-Id: I1db4efe934f427c878ad30bfb3507c535383b82d
Reviewed-on: https://chromium-review.googlesource.com/579068Reviewed-by: Pavel Feldman <pfeldman@chromium.org>
Reviewed-by: Raymond Toy <rtoy@chromium.org>
Reviewed-by: Dale Curtis <dalecurtis@chromium.org>
Commit-Queue: Andrew MacPherson <andrew.macpherson@soundtrap.com>
Cr-Commit-Position: refs/heads/master@{#491308}

The compositor does not use an alpha channel on its surface when it does
not need to, for power efficiency reasons. AndroidOverlays require the
compositor's surface to not be opaque, in order to draw a transparent
quad, through which the AO surface (and video) can be seen. We are
calling this transparency mode 'overlay mode'.

This CL adds the necessary plumbing to let WebContents embedders know
when to enter overlay mode. It also adds overlay mode support to
content shell and Chrome.

Bug: 710186
Change-Id: Ib873b553e7cda8edafc535ed730c18d3e8d44b2a
Reviewed-on: https://chromium-review.googlesource.com/567773
Commit-Queue: Thomas Guilbert <tguilbert@chromium.org>
Reviewed-by: Charlie Reis <creis@chromium.org>
Reviewed-by: Frank Liberato <liberato@chromium.org>
Reviewed-by: Bo Liu <boliu@chromium.org>
Reviewed-by: Ted Choc <tedchoc@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491307}

As a temporary workaround for http://crbug.com/750278, disable WebSocket
SafeBrowsing checks. They will be reenabled once the bug is fixed.

Relevant browser tests are also disabled.

BUG=750278, 644744

Change-Id: I8b1e731be567ac49e60b4a02c927c6bc57d9a736
Reviewed-on: https://chromium-review.googlesource.com/594750Reviewed-by: Jochen Eisinger <jochen@chromium.org>
Reviewed-by: Varun Khaneja <vakh@chromium.org>
Commit-Queue: Adam Rice <ricea@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491306}

For SaveLayer/DrawColor/Restore, just fold the alpha into the draw
color op instead of a save layer.

R=enne@chromium.org

Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel
Change-Id: Ibc9f23009c5fcb7ee873ce02718cd7782de7a480
Reviewed-on: https://chromium-review.googlesource.com/595135
Commit-Queue: Khushal <khushalsagar@chromium.org>
Reviewed-by: enne <enne@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491305}

- Remove one of the ShouldBlockFetch() method from MixedContentChecker.
  We can just pass the parameters directly to the other one extracted
  from ResourceRequest at the caller.

Bonus: Mark BaseFetchContext::CanRequestInternal() as private.

Bug: 736308
Change-Id: I6fe66e5df86cc97698d95ce37002a6ec7601dd02
Reviewed-on: https://chromium-review.googlesource.com/594128
Commit-Queue: Takeshi Yoshino <tyoshino@chromium.org>
Reviewed-by: Kinuko Yasuda <kinuko@chromium.org>
Cr-Commit-Position: refs/heads/master@{#491304}