Predator did not find any possible suspects.
Assigning to the concern owner from CL --
https://chromium.googlesource.com/chromium/src/+log/f88569b6a113509e7e7245ca297221701d07d4a3..b4bd8b431ace8883d071235502e716233e44d69f?pretty=fuller

Suspecting Commit#
https://chromium.googlesource.com/chromium/src/+/020397fbdf70bb4398dab310bccb437ba5b2377a

My CL didn't change any behavior.  Route to Editing triage.

Lower to Pri-2 since real world usage of "JustifyRight" command is low.



BODY
E	BUTTON id="htmlvar00002" (editable) (focused)
		DIV (editable)
			BR (editable)
S		#text "JnrM~I2geGN\\` L*A>"
	#text "\n"
	VIDEO
		#shadow-root
			DIV
				DIV
					INPUT style="display: none;"
						#shadow-root
							#text ""
				DIV
					DIV style="display: none;"
						INPUT style="display: none;"
							#shadow-root
								#text ""
						DIV style="display: none;"
							#text "0:00"
						DIV style="display: none;"
							#text "/ 0:00"
						INPUT style="display: none;"
							#shadow-root
								DIV style="-webkit-appearance:inherit"
									DIV id="track"
										DIV id="thumb"
						INPUT style="display: none;"
							#shadow-root
								#text ""
						INPUT style="display: none;"
							#shadow-root
								DIV style="-webkit-appearance:inherit"
									DIV id="track"
										DIV id="thumb"
						INPUT style="display: none;"
							#shadow-root
								#text ""
						INPUT style="display: none;"
							#shadow-root
								#text ""
						INPUT style="display: none;"
							#shadow-root
								#text ""
						INPUT style="display: none;"
							#shadow-root
								#text ""
						INPUT style="display: none;"
							#shadow-root
								#text ""
				DIV style="display: none;"
				DIV style="display: none;"
					LABEL
						INPUT style="display: none;"
							#shadow-root
								#text ""
						#text "Play"
					LABEL
						INPUT style="display: none;"
							#shadow-root
								#text ""
						#text "Fullscreen"
					LABEL
						INPUT style="display: none;"
							#shadow-root
								#text ""
						#text "Download"
					LABEL
						INPUT style="display: none;"
							#shadow-root
								#text ""
						#text "Mute"
					LABEL
						INPUT style="display: none;"
							#shadow-root
								#text ""
						#text "Cast"
					LABEL
						INPUT style="display: none;"
							#shadow-root
								#text ""
						#text "Captions"
		#text "\n"
		SOURCE

Bulk set to Pri-3 for cluster fuzz bugs.
Since these issues are happens with unusual HTML.

ClusterFuzz has detected this issue as fixed in range 510370:510391.

Detailed report: https://clusterfuzz.com/testcase?key=6053422156742656

Fuzzer: ifratric-browserfuzzer-v3
Job Type: mac_asan_chrome
Platform Id: mac

Crash Type: CHECK failure
Crash Address: 
Crash State:
  start_position.CompareTo(end_position) <= 0 in Serialization.cpp
  blink::CreateMarkupAlgorithm<blink::EditingAlgorithm<blink::NodeTraversal> >::Cr
  blink::CreateMarkup
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=454203:454233
Fixed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=510370:510391

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6053422156742656

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6053422156742656 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.