CL : https://chromium.googlesource.com/chromium/src/+log/6cfa6305dc22be1489cec97f8ddcf595d75f2a75..7f57e73a09d9ad84fb64d60c6dbcaf25506fca95?pretty=fuller

Possible suspect : https://codereview.chromium.org/1850703002

Please reassign if this is not related to your change.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5938186194255872

Fuzzer: inferno_twister_custom_bundle
Job Type: linux_lsan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  blink::LayoutObject::willBeDestroyed
  blink::LayoutBoxModelObject::willBeDestroyed
  blink::LayoutPart::willBeDestroyed
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703

Minimized Testcase (6.58 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96jcMmR6J8VHNSmut83d8TqQg7UzRKyTlwSYAybgYfpmvxGZuyQORvfalAGtbFwKQH5IutaIhstS3DZN3-M8L8nawegTccQFsZLnf4SFYOQvaXUs7_DivaoP14SZU3SiYQKAsOQanniD52dwXnx57Jc-y_kpw

Additional requirements: Requires HTTP

Filer: ligimole

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

This change seems unlikely to have caused the failure as it's a revert of my CL which introduced a crash. This crash looks unrelated as well.

Right, sorry, no idea what's going on here.

Moving this nonessential bug to the next milestone.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5938186194255872

Fuzzer: inferno_twister_custom_bundle
Job Type: linux_lsan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  blink::LayoutObject::willBeDestroyed
  blink::LayoutText::willBeDestroyed
  blink::LayoutObject::destroy
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=383194:384397

Minimized Testcase (0.15 Kb):
Download: https://cluster-fuzz.appspot.com/download/AMIfv94G2RX6DWVl3qsVjnhwFi8Qxx6z_KK-qFwkRlhhl-piLOl4-rs29-lFEL6HmxssG8gcXIbJsi5MCR6slLVEXhnls4W67nZb1837a7XGGoVMhKWf3hjs5VFdnJRvkD8pooLDscQilitswnrb8z9-tRpst_5EFA
    }<style>
* { background-clip: content-box; content: url("chrome://does-not-exist")");</style><script>
setTimeout("window.location.reload();");
</script>


Additional requirements: Requires HTTP

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6339560736292864

Fuzzer: inferno_twister_custom_bundle
Job Type: linux_asan_chrome_chromeos
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  blink::LayoutObject::willBeDestroyed
  blink::LayoutBoxModelObject::willBeDestroyed
  blink::LayoutBlock::willBeDestroyed
  

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv950KlzbHqbRCz-stBevVMFAwkVaKYyiPghU1t4nRTHsma_GrgMADRZSe4Oy4hNbIr8xeNLnOyqx_PTba8Le-5iMlRUiBcQXNRIoDffB7AWeVNwyvBAAFbmtik0DG9T3vcekqMEs_vtvdA_WsyibmUkNcxDgxKh-wQOl55WU-dXcZnx3mq4?testcase_id=6339560736292864


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Marking as WontFix as per comment 6 and 7.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot