Fixes crash when suggesting in Private window.

[mkarolin]

Fixes brave/brave-browser#9119

When search suggestions are turned on and a user types into the omnibox
in a Private window a crash would occur. This started happening with the
upgrade to Chromium 81 because the check for BitmapFetchService bein
null has been removed in ChromeOmniboxClient::OnResultChanged (and other
places). This is because the code there isn't expected to be triggered
for an OTR profile.

Updated BraveAutocompleteProviderClient to override 2 additional
methods:

1. IsOffTheRecord
2. StartServiceWorker

These methods regulate when it is suitable to make suggestions and
should use the real profile (OTR or regular) instead of using regular
profile that we send to the base class even when the profile is OTR.

Submitter Checklist:

• Submitted a ticket for my issue if one did not already exist.
• Used Github auto-closing keywords in the commit message.
• Added/updated tests for this change (for new code or code which already has tests).
• Verified that these changes build without errors on
  • Android
  • iOS
  • Linux
  • macOS
  • Windows
• Verified that these changes pass automated tests (unit, browser, security tests) on
  • iOS
  • Linux
  • macOS
  • Windows
• Verified that all lint errors/warnings are resolved (npm run lint)
• Ran git rebase master (if needed).
• Ran git rebase -i to squash commits (if needed).
• Tagged reviewers and labelled the pull request as needed.
• Request a security/privacy review as needed.
• Add appropriate QA labels (QA/Yes or QA/No) to include the closed issue in milestone
• Public documentation has been updated as necessary. For instance:
  • https://github.com/brave/brave-browser/wiki/Deviations-from-Chromium-(features-we-disable-or-remove)
  • https://github.com/brave/brave-browser/wiki/Proxy-redirected-URLs
  • https://github.com/brave/brave-browser/wiki/Fingerprinting-Protections
  • https://github.com/brave/brave-browser/wiki/Brave%E2%80%99s-Use-of-Referral-Codes
  • https://github.com/brave/brave-browser/wiki/Custom-Headers
  • https://github.com/brave/brave-browser/wiki/Web-compatibility-issues-with-tracking-protection
  • https://github.com/brave/brave-browser/wiki/QA-Guide

Test Plan:

See STR in brave/brave-browser#9119

Reviewer Checklist:

• New files have MPL-2.0 license header.
• Request a security/privacy review as needed.
• Adequate test coverage exists to prevent regressions
• Verify test plan is specified in PR before merging to source

After-merge Checklist:

• The associated issue milestone is set to the smallest version that the
  changes has landed on.
• All relevant documentation has been updated.

[simonhong]

I'm confusing with this method. Is it possible that ChromeAutocompleteProviderClient::profile_ is OTR?
It's always initialized by ChromeAutocompleteProviderClient(profile->GetOriginalProfile()).
So, I'm curious why this method should be overridden? (Maybe I'm missing something..?)

[simonhong]

ChromeAutocompleteProvider::IsOffTheRecored() can return true?

[simonhong]

I think the root cause of this issue is below code.

BraveAutocompleteProviderClient::BraveAutocompleteProviderClient(
    Profile* profile)
    : ChromeAutocompleteProviderClient(profile->GetOriginalProfile()),
      profile_(profile) {
}

We made all ChromeAutocompleteProviderClient uses original profile.
I think using original profile was valid fix for handling web search in context menu(#757).
However, this made side-effect.
I think all other places should instantiate it with use passed profile (not original profile)
For example, we should not use same code for below.

std::unique_ptr<AutocompleteProviderClient>
ChromeOmniboxClient::CreateAutocompleteProviderClient() {
  return std::make_unique<ChromeAutocompleteProviderClient>(profile_);
}

We overrides it with BraveAutocompleteProviderClient. So, SearchProvider gets wrong condition.
I think we should use different kinds of sub classes for ChromeAutocompleteProviderClient. WDYT?

[simonhong]

@mkarolin I added one commit based on my above comment.
If you think this is not a right way, feel free to delete.

[mkarolin]

@simonhong, yes that makes sense to me. I assumed it was the way it was for #757 and didn't try to dig into it, but if only the classifier needs the original profile instead of the OTR, then it's definitely a better solution.

[mkarolin]

CI: known unrelated failure on Android (dist). Unrelated browser test failure on Mac.

[bridiver]

I'm fairly certain we're leaking private autocomplete into the regular profile here in the old code and here in the updated code https://github.com/brave/brave-core/pull/5221/files#diff-2325211a427ac6f007ad338411e100aaR14 cc @diracdeltas @simonhong

[bridiver]

approving to fix the crash, but this needs a follow-up to fix the private -> public leak

[kjozwiak]

Verification PASSED on macOS 10.15.3 x64 Catalina using the following build:

Brave | 1.9.26 Chromium: 81.0.4044.92 (Official Build) nightly (64-bit)
-- | --
Revision | 32921c79b6f01a0fb2deef0e1d45b42f96581051-refs/branch-heads/4044@{#883}
OS | macOS Version 10.15.3 (Build 19D76)

Prerequisites:

Ensure that Google is the default search engine and Autocomplete searches and URLs is enabled

Cases:

• ensured that PB doesn't crash when typing into the URL bar
• ensured Tor windows aren't crashing when typing into the URL bar
• ensured that Guest windows aren't crashing when typing into the URL bar

[rebron]

Looks good to me too.

Brave	1.9.26 Chromium: 81.0.4044.92 (Official Build) nightly (64-bit)
Revision	32921c79b6f01a0fb2deef0e1d45b42f96581051-refs/branch-heads/4044@{#883}
OS	macOS Version 10.15.5 (Build 19F53f)

Following same steps as above.