Fix silent truncations when extracting values from CheckedNumeric

Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

TBR=vmiura@chromium.org,nparker@chromium.org
BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel

Committed: https://crrev.com/23a4b06b83fe4b11f6d5a48078eb543ea88c747b
Cr-Commit-Position: refs/heads/master@{#435834}

[jschuh, 2016-11-27 21:35:19]

Description was changed from

==========
WIP: Fix silent truncations when extracting values from CheckedNumeric

This is a big ugly WIP, but it actually works for the chrome target.
Mostly it needs to be cleaned up and split into smaller CLs

BUG=668713
==========

to

==========
WIP: Fix silent truncations when extracting values from CheckedNumeric

This is a big ugly WIP, but it actually works for the chrome target.
Mostly it needs to be cleaned up and split into smaller CLs

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

[jschuh, 2016-11-27 21:35:20]

Description was changed from

==========
WIP: Fix silent truncations when extracting values from CheckedNumeric

This is a big ugly WIP, but it actually works for the chrome target.
Mostly it needs to be cleaned up and split into smaller CLs

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

to

==========
WIP: Fix silent truncations when extracting values from CheckedNumeric

This is a big ugly WIP, but it actually works for the chrome target.
Mostly it needs to be cleaned up and split into smaller CLs

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng
==========

[jschuh, 2016-11-27 21:35:20]

Description was changed from

==========
WIP: Fix silent truncations when extracting values from CheckedNumeric

This is a big ugly WIP, but it actually works for the chrome target.
Mostly it needs to be cleaned up and split into smaller CLs

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.win:win10_chromium_x64_rel_ng
==========

to

==========
WIP: Fix silent truncations when extracting values from CheckedNumeric

This is a big ugly WIP, but it actually works for the chrome target.
Mostly it needs to be cleaned up and split into smaller CLs

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

[jschuh, 2016-11-28 05:56:25]

Patchset #4 (id:60001) has been deleted

[jschuh, 2016-11-29 14:56:30]

Patchset #8 (id:160001) has been deleted

[Tom Sepez, 2016-11-29 20:06:25]

tsepez@chromium.org changed reviewers:
+ tsepez@chromium.org

[Tom Sepez, 2016-11-29 20:06:26]

https://codereview.chromium.org/2528243002/diff/200001/base/numerics/safe_con...
File base/numerics/safe_conversions.h (right):

https://codereview.chromium.org/2528243002/diff/200001/base/numerics/safe_con...
base/numerics/safe_conversions.h:211: // We allow simple pointer arithmetic.
For extra credit: Can we make this blow up if R is larger than SIZE_T max?

https://codereview.chromium.org/2528243002/diff/200001/components/webcrypto/a...
File components/webcrypto/algorithms/aes_cbc.cc (right):

https://codereview.chromium.org/2528243002/diff/200001/components/webcrypto/a...
components/webcrypto/algorithms/aes_cbc.cc:60: if (remainder != 0)
I'm not grokking this.  Can you explain?  May be too complicate for mere mortals
to use.

[jschuh, 2016-11-29 21:04:47]

https://codereview.chromium.org/2528243002/diff/200001/base/numerics/safe_con...
File base/numerics/safe_conversions.h (right):

https://codereview.chromium.org/2528243002/diff/200001/base/numerics/safe_con...
base/numerics/safe_conversions.h:211: // We allow simple pointer arithmetic.
On 2016/11/29 20:06:26, Tom Sepez wrote:
> For extra credit: Can we make this blow up if R is larger than SIZE_T max?

It would be very easy to just call the corresponding checked math operation
here, if that's what you mean. But I'll have to think about whether or not it's
ok to trigger a crash here.

https://codereview.chromium.org/2528243002/diff/200001/components/webcrypto/a...
File components/webcrypto/algorithms/aes_cbc.cc (right):

https://codereview.chromium.org/2528243002/diff/200001/components/webcrypto/a...
components/webcrypto/algorithms/aes_cbc.cc:60: if (remainder != 0)
On 2016/11/29 20:06:26, Tom Sepez wrote:
> I'm not grokking this.  Can you explain?  May be too complicate for mere
mortals
> to use.

It's the template disambiguator for dependent names. Without the template
keyword the compiler may assume it's getting a less-than token rather than a
dependent template parameter. MSVS doesn't need it, but clang and GCC both do.
However, I assume at some point in the future this will be fixed (like how
nested template brackets no longer get treated as right shift operations).

It's described in the last section of this page:
http://en.cppreference.com/w/cpp/language/dependent_name

[jschuh, 2016-11-30 18:48:44]

Patchset #4 (id:80001) has been deleted

[jschuh, 2016-11-30 18:49:06]

Patchset #3 (id:40001) has been deleted

[jschuh, 2016-11-30 18:52:25]

Patchset #8 (id:220001) has been deleted

[jschuh, 2016-11-30 18:52:34]

Patchset #8 (id:240001) has been deleted

[jschuh, 2016-11-30 18:52:41]

Patchset #8 (id:260001) has been deleted

[jschuh, 2016-11-30 18:52:49]

Patchset #8 (id:280001) has been deleted

[jschuh, 2016-11-30 18:53:00]

Patchset #8 (id:300001) has been deleted

[jschuh, 2016-11-30 18:57:09]

Patchset #8 (id:320001) has been deleted

[jschuh, 2016-11-30 21:51:30]

Patchset #10 (id:380001) has been deleted

[jschuh, 2016-11-30 21:51:39]

Patchset #10 (id:400001) has been deleted

[jschuh, 2016-11-30 21:52:05]

Patchset #8 (id:340001) has been deleted

[jschuh, 2016-11-30 23:34:34]

Description was changed from

==========
WIP: Fix silent truncations when extracting values from CheckedNumeric

This is a big ugly WIP, but it actually works for the chrome target.
Mostly it needs to be cleaned up and split into smaller CLs

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

to

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

[jschuh, 2016-11-30 23:38:52]

I think this is ready for an actual review pass. All the remaining dependent CLs
actually require the changes in this CL, so I'm just going to add those
reviewers directly.

https://codereview.chromium.org/2528243002/diff/200001/base/numerics/safe_con...
File base/numerics/safe_conversions.h (right):

https://codereview.chromium.org/2528243002/diff/200001/base/numerics/safe_con...
base/numerics/safe_conversions.h:211: // We allow simple pointer arithmetic.
On 2016/11/29 21:04:47, jschuh (very slow) wrote:
> On 2016/11/29 20:06:26, Tom Sepez wrote:
> > For extra credit: Can we make this blow up if R is larger than SIZE_T max?
> 
> It would be very easy to just call the corresponding checked math operation
> here, if that's what you mean. But I'll have to think about whether or not
it's
> ok to trigger a crash here.

Okay, I decided that wrapping here is always unsafe. So, I moved this after the
CheckedNumeric declaration and use it to compute the offset and crash on a wrap.

https://codereview.chromium.org/2528243002/diff/200001/components/webcrypto/a...
File components/webcrypto/algorithms/aes_cbc.cc (right):

https://codereview.chromium.org/2528243002/diff/200001/components/webcrypto/a...
components/webcrypto/algorithms/aes_cbc.cc:60: if (remainder != 0)
On 2016/11/29 21:04:47, jschuh (very slow) wrote:
> On 2016/11/29 20:06:26, Tom Sepez wrote:
> > I'm not grokking this.  Can you explain?  May be too complicate for mere
> mortals
> > to use.
> 
> It's the template disambiguator for dependent names. Without the template
> keyword the compiler may assume it's getting a less-than token rather than a
> dependent template parameter. MSVS doesn't need it, but clang and GCC both do.
> However, I assume at some point in the future this will be fixed (like how
> nested template brackets no longer get treated as right shift operations).
> 
> It's described in the last section of this page:
> http://en.cppreference.com/w/cpp/language/dependent_name

I added some helpers and am using those at the call sites.

[Tom Sepez, 2016-11-30 23:58:27]

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
File base/numerics/safe_conversions.h (right):

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
base/numerics/safe_conversions.h:30: //      The default CHECK triggers a crash,
but the handler can be overriden.
Nit: can saturated_cast cause a CHECK?

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
base/numerics/safe_conversions.h:36: //      if the type supplied to the
template parameter can represent in the
nit: s/represent in/represent/

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
base/numerics/safe_conversions.h:149: // from a source type a destination type
that has insufficient range.
nit: to a destination type.

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
base/numerics/safe_conversions.h:150: // The solution may simply be to change
the destination type you're assigning
nit: s/simply//

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_num...
File base/numerics/safe_numerics_unittest.cc (right):

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_num...
base/numerics/safe_numerics_unittest.cc:127: }
Can we have a test that adding numeric_limits<uinptr_t> ::max() overflows?

https://codereview.chromium.org/2528243002/diff/440001/content/renderer/peppe...
File content/renderer/pepper/pepper_media_stream_track_host_base.cc (right):

https://codereview.chromium.org/2528243002/diff/440001/content/renderer/peppe...
content/renderer/pepper/pepper_media_stream_track_host_base.cc:50:
base::CheckedNumeric<uint32_t> size = number_of_buffers * buffer_size_aligned;
nice catch.

[jschuh, 2016-12-01 00:58:56]

ptal

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
File base/numerics/safe_conversions.h (right):

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
base/numerics/safe_conversions.h:30: //      The default CHECK triggers a crash,
but the handler can be overriden.
On 2016/11/30 23:58:27, Tom Sepez wrote:
> Nit: can saturated_cast cause a CHECK?  

Nope. Good catch.

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
base/numerics/safe_conversions.h:36: //      if the type supplied to the
template parameter can represent in the
On 2016/11/30 23:58:27, Tom Sepez wrote:
> nit: s/represent in/represent/

Done.

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
base/numerics/safe_conversions.h:149: // from a source type a destination type
that has insufficient range.
On 2016/11/30 23:58:27, Tom Sepez wrote:
> nit: to a destination type.

Done.

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_con...
base/numerics/safe_conversions.h:150: // The solution may simply be to change
the destination type you're assigning
On 2016/11/30 23:58:27, Tom Sepez wrote:
> nit: s/simply//

Done.

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_num...
File base/numerics/safe_numerics_unittest.cc (right):

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_num...
base/numerics/safe_numerics_unittest.cc:127: }
On 2016/11/30 23:58:27, Tom Sepez wrote:
> Can we have a test that adding numeric_limits<uinptr_t> ::max() overflows?

Unfortunately, no, because I don't have have a way to pass an alternate check
handler here. I'm toying with how to make that possible, but they all involve
significant refactors.

https://codereview.chromium.org/2528243002/diff/440001/content/renderer/peppe...
File content/renderer/pepper/pepper_media_stream_track_host_base.cc (right):

https://codereview.chromium.org/2528243002/diff/440001/content/renderer/peppe...
content/renderer/pepper/pepper_media_stream_track_host_base.cc:50:
base::CheckedNumeric<uint32_t> size = number_of_buffers * buffer_size_aligned;
On 2016/11/30 23:58:27, Tom Sepez wrote:
> nice catch.

Thanks. Had to fix about a dozen like this. Better situation than I expected.

[Tom Sepez, 2016-12-01 01:00:15]

lgtm

[danakj, 2016-12-01 01:00:25]

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_num...
File base/numerics/safe_numerics_unittest.cc (right):

https://codereview.chromium.org/2528243002/diff/440001/base/numerics/safe_num...
base/numerics/safe_numerics_unittest.cc:127: }
On 2016/12/01 00:58:55, jschuh (very slow) wrote:
> On 2016/11/30 23:58:27, Tom Sepez wrote:
> > Can we have a test that adding numeric_limits<uinptr_t> ::max() overflows?
> 
> Unfortunately, no, because I don't have have a way to pass an alternate check
> handler here. I'm toying with how to make that possible, but they all involve
> significant refactors.

Death tests are a possibility if I'm understanding right.

[jschuh, 2016-12-01 01:13:55]

jschuh@chromium.org changed reviewers:
+ bbudge@chromium.org, dalecurtis@chromium.org, rsleevi@chromium.org,
scottmg@chromium.org, vmiura@chromium.org

[jschuh, 2016-12-01 01:13:56]

PTAL - These should all be mechanical changes that don't have any real impact on
how the code itself functions.

dalecurtis:
  media\base\video_util.cc
bbudge:
  content\renderer\pepper\pepper_audio_encoder_host.cc
  content\renderer\pepper\pepper_media_stream_track_host_base.cc
vmiura:
  gpu\command_buffer\client\gles2_implementation.cc
  gpu\command_buffer\service\gles2_cmd_decoder.cc
rsleevi:
  components\webcrypto\algorithms\aes_cbc.cc
  components\webcrypto\algorithms\aes_ctr.cc
scottmg:
  third_party\crashpad\README.chromium
  third_party\crashpad\crashpad\util\file\string_file.cc

[Ryan Sleevi, 2016-12-01 01:19:54]

lgtm

[Tom Sepez, 2016-12-01 01:30:04]

NIT: Update CL description to not say WIP.

[jschuh, 2016-12-01 01:36:16]

Description was changed from

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

to

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

[jschuh, 2016-12-01 01:36:31]

The CQ bit was checked by jschuh@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-12-01 01:36:48]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[bbudge, 2016-12-01 01:51:45]

content/renderer/pepper lgtm w/2 comments

https://codereview.chromium.org/2528243002/diff/460001/content/renderer/peppe...
File content/renderer/pepper/pepper_audio_encoder_host.cc (right):

https://codereview.chromium.org/2528243002/diff/460001/content/renderer/peppe...
content/renderer/pepper/pepper_audio_encoder_host.cc:376:
base::ValueOrDieForType<int>(total_audio_buffer_size),
Why not int32_t?

https://codereview.chromium.org/2528243002/diff/460001/content/renderer/peppe...
content/renderer/pepper/pepper_audio_encoder_host.cc:401:
base::ValueOrDieForType<int>(bitstream_buffer_size),
Why not int32_t?

[commit-bot: I haz the power, 2016-12-01 02:41:20]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-12-01 02:41:21]

Dry run: Try jobs failed on following builders:
  mac_chromium_rel_ng on master.tryserver.chromium.mac (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.mac/builders/mac_chromium_rel_...)

[DaleCurtis, 2016-12-01 05:05:36]

lgtm

[jschuh, 2016-12-01 05:40:36]

Patchset #13 (id:500001) has been deleted

[jschuh, 2016-12-01 06:06:24]

Patchset #14 (id:540001) has been deleted

[jschuh, 2016-12-01 06:37:58]

Patchset #13 (id:520001) has been deleted

[jschuh, 2016-12-01 07:06:03]

jschuh@chromium.org changed reviewers:
+ mtomasz@chromium.org, nparker@chromium.org, rockot@chromium.org

[jschuh, 2016-12-01 07:06:04]

Had to fix a few more call sites. So, adding some more reviewers, but these are
all mechanical changes.

rockot:
  device\hid\hid_connection_mac.cc
mtomasz:
 
chrome\browser\chromeos\file_system_provider\fileapi\file_stream_reader_unittest.cc
nparker:
  chrome\utility\safe_browsing\mac\hfs.cc
  chrome\utility\safe_browsing\mac\udif.cc

Also, added the death test as Dana suggested.

https://codereview.chromium.org/2528243002/diff/460001/content/renderer/peppe...
File content/renderer/pepper/pepper_audio_encoder_host.cc (right):

https://codereview.chromium.org/2528243002/diff/460001/content/renderer/peppe...
content/renderer/pepper/pepper_audio_encoder_host.cc:376:
base::ValueOrDieForType<int>(total_audio_buffer_size),
On 2016/12/01 01:51:45, bbudge wrote:
> Why not int32_t?

Done.

https://codereview.chromium.org/2528243002/diff/460001/content/renderer/peppe...
content/renderer/pepper/pepper_audio_encoder_host.cc:401:
base::ValueOrDieForType<int>(bitstream_buffer_size),
On 2016/12/01 01:51:45, bbudge wrote:
> Why not int32_t?

Done.

[jschuh, 2016-12-01 07:06:35]

The CQ bit was checked by jschuh@chromium.org to run a CQ dry run

[commit-bot: I haz the power, 2016-12-01 07:06:45]

Dry run: CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[mtomasz, 2016-12-01 07:08:21]

lgtm

[commit-bot: I haz the power, 2016-12-01 10:33:31]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-12-01 10:33:32]

Dry run: This issue passed the CQ dry run.

[jschuh, 2016-12-01 15:24:29]

tsepez@ - I just realized I can specialize the StrictNumeric conversion operator
to only the supported types and eliminate most of the ambiguous overload cases.
I've already cleaned those up for us, but it should save some pain for
downstream users.

[Ken Rockot(use gerrit already), 2016-12-01 17:57:53]

lgtm

[scottmg, 2016-12-01 20:16:00]

crashpad lgtm

[jschuh, 2016-12-01 22:57:50]

Description was changed from

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

to

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

TBR=vmiura@chromium.org,nparker@chromium.org
BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

[jschuh, 2016-12-01 23:06:40]

Since the two outstanding reviews are mechanical changes, I'm just going to TBR
this.

[jschuh, 2016-12-01 23:07:00]

The CQ bit was checked by jschuh@chromium.org

[jschuh, 2016-12-01 23:07:00]

The patchset sent to the CQ was uploaded after l-g-t-m from bbudge@chromium.org,
rsleevi@chromium.org, dalecurtis@chromium.org, tsepez@chromium.org,
mtomasz@chromium.org, rockot@chromium.org, scottmg@chromium.org
Link to the patchset: https://codereview.chromium.org/2528243002/#ps570001
(title: "compile fix")

[commit-bot: I haz the power, 2016-12-01 23:07:42]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-12-02 01:09:47]

The CQ bit was unchecked by commit-bot@chromium.org

[commit-bot: I haz the power, 2016-12-02 01:09:49]

Try jobs failed on following builders:
  linux_chromium_chromeos_rel_ng on master.tryserver.chromium.linux (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.linux/builders/linux_chromium_...)
  mac_chromium_rel_ng on master.tryserver.chromium.mac (JOB_FAILED,
http://build.chromium.org/p/tryserver.chromium.mac/builders/mac_chromium_rel_...)

[jschuh, 2016-12-02 01:12:44]

The CQ bit was checked by jschuh@chromium.org

[commit-bot: I haz the power, 2016-12-02 01:13:16]

CQ is trying da patch. Follow status at
 
https://chromium-cq-status.appspot.com/v2/patch-status/codereview.chromium.or...

[commit-bot: I haz the power, 2016-12-02 02:55:12]

CQ is committing da patch.

Bot data: {"patchset_id": 570001, "attempt_start_ts": 1480641164599710,
"parent_rev": "a0a1e39c837a0a04a052325b21b0fa4c882545a4", "commit_rev":
"72025d8acf88f290b0d16a977cfe767dd93a30e5"}

[commit-bot: I haz the power, 2016-12-02 02:55:46]

Description was changed from

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

TBR=vmiura@chromium.org,nparker@chromium.org
BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

to

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

TBR=vmiura@chromium.org,nparker@chromium.org
BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

[commit-bot: I haz the power, 2016-12-02 02:55:49]

Committed patchset #15 (id:570001)

[commit-bot: I haz the power, 2016-12-02 02:58:24]

Description was changed from

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

TBR=vmiura@chromium.org,nparker@chromium.org
BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
==========

to

==========
Fix silent truncations when extracting values from CheckedNumeric

This CL does a few closely intertwined things:
 - CheckedNumeric value functions now return a StrictNumeric proxy class
 - ValueFloating function is now removed (it was unused)
 - StrictNumeric now supports comparisons, ostream, and pointer math
 - Remaining callsites are fixed to support the new proxy class

TBR=vmiura@chromium.org,nparker@chromium.org
BUG=668713
CQ_INCLUDE_TRYBOTS=master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel

Committed: https://crrev.com/23a4b06b83fe4b11f6d5a48078eb543ea88c747b
Cr-Commit-Position: refs/heads/master@{#435834}
==========

[commit-bot: I haz the power, 2016-12-02 02:58:27]

Patchset 15 (id:??) landed as
https://crrev.com/23a4b06b83fe4b11f6d5a48078eb543ea88c747b
Cr-Commit-Position: refs/heads/master@{#435834}

[Nathan Parker, 2016-12-03 17:59:34]

lgtm