Suspected CLs	Regression information is not available. The result is the blame information.

Author: leviw
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/472398196d9109be16d13f3af4e8c423ce45d2e3
Time: Tue Dec 15 06:20:14 2015
The CL last changed line 53 of file CompositingInputsUpdater.cpp, which is stack frame 0.

Author: chrishtr
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/2d26c609b7854bb646101cdb7494c9bf0a0e8915
Time: Fri Oct 02 23:10:55 2015
The CL last changed line 151 of file CompositingInputsUpdater.cpp, which is stack frame 1.

Author: abarth@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/dc46981faf924c3fbecf6aaffede85559364d3a9
Time: Tue Jun 24 20:03:35 2014
The CL last changed line 198 of file CompositingInputsUpdater.cpp, which is stack frame 2.

Author: abarth@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/dc46981faf924c3fbecf6aaffede85559364d3a9
Time: Tue Jun 24 20:03:35 2014
The CL last changed line 198 of file CompositingInputsUpdater.cpp, which is stack frame 3.

Author: abarth@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/dc46981faf924c3fbecf6aaffede85559364d3a9
Time: Tue Jun 24 20:03:35 2014
The CL last changed line 198 of file CompositingInputsUpdater.cpp, which is stack frame 4.

Author: abarth@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/dc46981faf924c3fbecf6aaffede85559364d3a9
Time: Tue Jun 24 20:03:35 2014
The CL last changed line 198 of file CompositingInputsUpdater.cpp, which is stack frame 5.

Author: dsinclair@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/655de97058736371d3aeefb4f298a6556669ae49
Time: Wed Feb 04 20:41:30 2015
The CL last changed line 30 of file CompositingInputsUpdater.cpp, which is stack frame 6.

Suspected Project: chromium
Suspected Component: Blink>Compositing

----------------------------------------

@leviw: Hey, would you mind checking the above issue and see if it is related to your recent change ?

Feel free to re-assign if that is not the case.

Thank you!

Do not assign to leviw@, he no longer works on Chrome.

The root cause is the same as issue 613929, but a different code path.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/73a56783feab40c659c22a4e2d664f20b9e06198

commit 73a56783feab40c659c22a4e2d664f20b9e06198
Author: chrishtr <chrishtr@chromium.org>
Date: Tue Jun 14 06:36:22 2016

Fix asserts to account for the fact that SVG may have contains: paint.

BUG= 619032 

Review-Url: https://codereview.chromium.org/2060273004
Cr-Commit-Position: refs/heads/master@{#399658}

[modify] https://crrev.com/73a56783feab40c659c22a4e2d664f20b9e06198/third_party/WebKit/Source/core/layout/compositing/CompositingInputsUpdater.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/73a56783feab40c659c22a4e2d664f20b9e06198

commit 73a56783feab40c659c22a4e2d664f20b9e06198
Author: chrishtr <chrishtr@chromium.org>
Date: Tue Jun 14 06:36:22 2016

Fix asserts to account for the fact that SVG may have contains: paint.

BUG= 619032 

Review-Url: https://codereview.chromium.org/2060273004
Cr-Commit-Position: refs/heads/master@{#399658}

[modify] https://crrev.com/73a56783feab40c659c22a4e2d664f20b9e06198/third_party/WebKit/Source/core/layout/compositing/CompositingInputsUpdater.cpp

ClusterFuzz has detected this issue as fixed in range 399276:400924.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6430773439889408

Fuzzer: inferno_twister
Job Type: linux_debug_content_shell_drt
Platform Id: linux

Crash Type: ASSERT
Crash Address: 
Crash State:
  !current->hasClipRelatedProperty()
  blink::findParentLayerOnClippingContainerChain
  blink::CompositingInputsUpdater::updateRecursive
  
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_debug_content_shell_drt&range=399276:400924

Minimized Testcase (4.84 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96QW4cgGqMIAD8xwzmDBhy62SbqqQ7KerDDi9vt-vtGQ-flcDdAff2GwFkAzFy1zMeEz60ObJqgpOzb6eIlKcute42eoPnqRKZ5gaZGK9PRzgmpIxQJWnnm-cnyzOXnTEagv00dOZ4SxML7nLB2DJJf0fxjVw?testcase_id=6430773439889408

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot