Issue 787121  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/84c9ecb20735c69ed258ac33b8208b8c99365866

commit 84c9ecb20735c69ed258ac33b8208b8c99365866
Author: Jonathan <jonross@chromium.org>
Date: Tue Nov 21 17:12:40 2017

Disable flaking PreferencesTest.MultiProfiles Everywhere

PreferencesTest.MultiProfiles is flaking both on ChromeOS as well as with mash.
This change disables the test everywhere until the flake can be resolved.

This also reverts having the test filtered out for mash.

TBR=jamescook@chromium.org
TEST=PreferencesTest,MultiProfiles

Bug:  787050 
Change-Id: Iaa651e1dd23b836f6d8354fbe9e9d2834f855e0b
Reviewed-on: https://chromium-review.googlesource.com/782041
Reviewed-by: Jonathan Ross <jonross@chromium.org>
Commit-Queue: Jonathan Ross <jonross@chromium.org>
Cr-Commit-Position: refs/heads/master@{#518285}
[modify] https://crrev.com/84c9ecb20735c69ed258ac33b8208b8c99365866/chrome/browser/chromeos/preferences_chromeos_browsertest.cc
[modify] https://crrev.com/84c9ecb20735c69ed258ac33b8208b8c99365866/testing/buildbot/filters/mojo.fyi.mash.browser_tests.filter

This may be sunk cost bias, but I spent a while making this test work at all under mash, so I'll try to get it working again. Potential UAF seems bad.

rockot says the call stacks look like issue 788713 ("Crash Report - mojo::edk::WatcherDispatcher::NotifyHandleState"), which is probably memory corruption somewhere that happens to hit mojo.

I'm going to try to repro locally with asan, but given similar stacks on Android it's possible this issue is unrelated to this test or mash.

Given that there are multiple such stacks from this test I'm hoping it's
simply more prone to triggering whatever the offending codepath is. There
are also similar stacks on Windows FWIW, though I haven't seen any on bots.

I found the mash problem -- it's a heap buffer overwrite, caused by incorrectly static_cast-ing a stub object to a real impl and writing into it. That's consistent with other "mojo crashes" that are caused by unrelated memory corruption.

I've run the fixed test hundreds of times, both with --mash and without. I suspect the crash yzshen@ saw is unrelated and may have been fixed separately.

I'm going to fix the test for --mash and re-enable everywhere.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0b38d85981910c08d453b4823fdf467c26b429f5

commit 0b38d85981910c08d453b4823fdf467c26b429f5
Author: James Cook <jamescook@chromium.org>
Date: Sat Dec 02 00:04:03 2017

cros: Fix PreferencesTest.MultiProfiles and re-enable everywhere

The crashes under --mash are due to heap corruption from code trying
to disable multi-user switching animations. That code does not seem
necessary any more. Per crrev.com/223823004 when it was added this
test was reliably failing. The multi-user switch animations have
been recently refactored and a shelf animation removed. The test
now passes even without the animation disabling code.

I cannot reproduce failures or crashes without --mash. I've done
ASAN runs as well. I suspect the non-mash problem in the bug is
unrelated to this test and may have been fixed separately.

Bug:  787050 
Test: browser_tests --gtest_filter=PreferencesTest.* --gtest_repeat=100
Change-Id: I08dc3897361440fdbd49df1a11429e06fb9bac51
Reviewed-on: https://chromium-review.googlesource.com/804401
Reviewed-by: Michael Wasserman <msw@chromium.org>
Commit-Queue: James Cook <jamescook@chromium.org>
Cr-Commit-Position: refs/heads/master@{#521134}
[modify] https://crrev.com/0b38d85981910c08d453b4823fdf467c26b429f5/chrome/browser/chromeos/preferences_chromeos_browsertest.cc

Please re-disable the test and reopen this bug if you see flake.

I haven't seen any flake in the last 3 days, so I think this is fixed.

https://test-results.appspot.com/dashboards/flakiness_dashboard.html#tests=PreferencesTest.MultiProfiles