Suspected CLs	No CL in the regression range changes the crashed files. The result is the blame information.

Author: wibling@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/a4c3a7dd738ac5789cbdbf82b6c63627154ec46a
Time: Thu Apr 03 13:08:44 2014
The CL last changed line 744 of file Handle.h, which is stack frame 0.

Author: morrita@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/b57ba7fbed657ef1db910b324ad76baaa0072c81
Time: Thu Dec 12 03:58:25 2013
The CL last changed line 457 of file Node.h, which is stack frame 1.

Author: yosin@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/c3d074c5e481efa3db5524ad68de2d1d2da84e80
Time: Mon Apr 13 01:24:17 2015
The CL last changed line 110 of file TextIterator.cpp, which is stack frame 2.

Author: yosin@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/c3d074c5e481efa3db5524ad68de2d1d2da84e80
Time: Mon Apr 13 01:24:17 2015
The CL last changed line 171 of file TextIterator.cpp, which is stack frame 3.

Author: yosin@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/4bcb76d1b050f0921cd852d96b2c61addc1ca67d
Time: Tue Jul 14 06:36:07 2015
The CL last changed line 1148 of file TextIterator.cpp, which is stack frame 4.

Author: yosin@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/4bcb76d1b050f0921cd852d96b2c61addc1ca67d
Time: Tue Jul 14 06:36:07 2015
The CL last changed line 1170 of file TextIterator.cpp, which is stack frame 5.

Author: sigbjornf@opera.com
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/9bc725c0c136c2749ba5caff77fa649908c10f5e
Time: Fri Sep 11 08:07:06 2015
The CL last changed line 212 of file TextCheckingHelper.cpp, which is stack frame 6.

Suspected Project: chromium-blink
Suspected Component: Blink>Editing

=======================================================================

None of the changes from the above Find it result looks related.

Assigning to yosin@ for similar work on  Issue 600378  and for further investigation if both are same.

Thank you!

Lower to Pri-2, since real world usage of InsertPargrapha command is low.

I could not reproduce with ToT.

ClusterFuzz has detected this issue as fixed in range 413791:414128.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6391929218007040

Fuzzer: bj_broddelwerk
Job Type: linux_lsan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000020
Crash State:
  blink::TextIteratorAlgorithm<blink::EditingAlgorithm<blink::NodeTraversal> >::in
  blink::plainText
  blink::TextCheckingParagraph::text
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=413791:414128

Unminimized Testcase: https://cluster-fuzz.appspot.com/download/AMIfv97S7v6K8bpdv96h5aGOEPtxD58iBzQW1iAaF6qcBxwU5piWySo7I1l6-YtcuSOqZLybzb05gffCuLleFnlhv7RahH9honGgz-CCPRwQjTn9bIlFMVN59KTzrrFvlE7Z4dhCVMM-UuUD_S4bsKu-Y-TSQvi4Itv34NumFoCVBBHQUrQpOMA?testcase_id=6391929218007040


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot