Suspected CLs	Regression information is not available. The result is the blame information.

Author: wibling@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/a4c3a7dd738ac5789cbdbf82b6c63627154ec46a
Time: Thu Apr 03 13:08:44 2014
The CL last changed line 728 of file Handle.h, which is stack frame 0.

Author: tkent
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/45632fb469f9738299adf8f0877812138bd6d682
Time: Tue Feb 16 07:06:59 2016
The CL last changed line 269 of file InsertParagraphSeparatorCommand.cpp, which is stack frame 1.

Author: tkent
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/141f0e9340ec887e341ba89a712c6539205a8292
Time: Tue Feb 09 12:09:23 2016
The CL last changed line 254 of file CompositeEditCommand.cpp, which is stack frame 2.

Author: tkent
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/f30215cd15c1afe7c6dd6ace0f7bc434bcef5e0a
Time: Tue Feb 16 07:04:24 2016
The CL last changed line 300 of file CompositeEditCommand.cpp, which is stack frame 3.

Author: tkent
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/f30215cd15c1afe7c6dd6ace0f7bc434bcef5e0a
Time: Tue Feb 16 07:04:24 2016
The CL last changed line 1058 of file ReplaceSelectionCommand.cpp, which is stack frame 4.

Author: tkent
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/141f0e9340ec887e341ba89a712c6539205a8292
Time: Tue Feb 09 12:09:23 2016
The CL last changed line 208 of file CompositeEditCommand.cpp, which is stack frame 5.

Author: tkent
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/7840a79114afc7071c77cf3b7337570a6fbb156d
Time: Fri Feb 19 04:15:19 2016
The CL last changed line 262 of file EditorCommand.cpp, which is stack frame 6.

Suspected Project: chromium
Suspected Component: Blink>Editing

Route to Editing triage.

Lower to Pri-2 because usage of InsertHTML w/ Apple-Interchange-Newline is low.

Below is DOM tree at assertion:
BODY	0000013E14F632F8 (editable) (focused)
	A	0000013E14F63D88 (editable)
		BLOCKQUOTE	0000013E14F63868 (editable)
			DIV	0000013E14F63690 (editable)
				#text	0000013E14F636F8 "Two"
	BLOCKQUOTE	0000013E14F63A88 STYLE="display: inline !important;" (editable)
		DIV	0000013E14F63AF0 STYLE="display: inline !important;" (editable)
			A	0000013E14F63E18 STYLE="display: inline !important;" (editable)
SE				#text	0000013E14F63B58 "Three"

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

ClusterFuzz has detected this issue as fixed in range 455091:455392.

Detailed report: https://clusterfuzz.com/testcase?key=5415502242906112

Fuzzer: ochang_domfuzzer
Job Type: linux_asan_chrome_v8_arm
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x00000024
Crash State:
  blink::CompositeEditCommand::insertNodeAfter
  blink::InsertParagraphSeparatorCommand::doApply
  blink::CompositeEditCommand::applyCommandToComposite
  
Sanitizer: address (ASAN)

Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=455091:455392

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv95VifM5eq1PmozIBwz7vlQqcyN5Wz2tES25tJokQMOm5uXO0IQ4FZFPsgylJD41jF9e9jCgqSYWJsr61-8Ma04YE0a_nDF9TD3QhVHki4J8PUCKZ_gLf561mvazlTriIQS930H9UmkeFEvVNYpNhsBYMBjAAw?testcase_id=5415502242906112


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5415502242906112 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.