Lower to Pri-2 since it is caused by unusual HTML, e.g. having SLOT in main document.

BODY (editable) (focused)
	#shadow-root
	#text "table-layout: 5%;"
	SCRIPT (editable)
		#text "... script ..."
	MY-HOST3 class="c7" (editable)
*	SLOT
	#text ",9S4 8 J-X+\u007F g^  Wp {He; O| \u007F* yvM ta/(IvB`-$c I o|Xk X\tg4x` 9 XfF+\tV_[~j&5wBg(tW K q.:% _ @?th82i|b7p m* )ta+? ow^P[aD# M1_];IP/  g|?^zr6}F 3^nh}z_  Lp=L(G+ hh#FI{mC+ D7$ Mm)Db~c _*5hS `hzl\t+F^ 0!XG)T. z9D4be66  6/A_~q$uM0:|^R-ofSUgZ OAWwK/soke5 +-3bNB G5%k*  "

ClusterFuzz has detected this issue as fixed in range 458746:463137.

Detailed report: https://clusterfuzz.com/testcase?key=5379538868764672

Fuzzer: inferno_layout_test_unmodified
Job Type: mac_asan_chrome
Platform Id: mac

Crash Type: UNKNOWN READ
Crash Address: 0x000000000010
Crash State:
  blink::isVisuallyEquivalentCandidate
  blink::canonicalPositionOf
  blink::VisiblePositionTemplate<blink::EditingAlgorithm<blink::FlatTreeTraversal>
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=450347:450401
Fixed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=458746:463137

Reproducer Testcase: https://clusterfuzz.com/download/AMIfv94ia-EZoZvlvA5jAk3mKoK5ZaLk7BB76ZEyGNV7JkFUyewzOkVJwFaYIy7XLZNhFvKRDUAjCaZ8gaWEGuCcd9xAiNwkZzTFNCHfGuD_8zxClzhMW99lPoHtKrs0TMjM1Ax2ijQoQux8ExHA42HBF4gfgoLZdTpyOMZGt7X5rJwpVIsQ7JzhC2YhXCFxfqtqO78v24JrYr6t_pcRpI-X6S2RQCzY8y_j2usD-ZV5uvkTXIL9duqr44feZvusL2cQYkbumhx0dks5a4LBo9D5zkYcrCg6UobCfiazh81r4IgLG4Dluf2pd8xYuMphVFhV65w8PEFg4QtXsaHAAnWREBiOUP15H9_-lGBXOGiS6_tppD3BLgo?testcase_id=5379538868764672


See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5379538868764672 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.