Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/b30a67726d61312f337145310c81678c8e0ab20d (Only copy parsed properties over when mutating a rule.).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

 Issue 775799  has been merged into this issue.

Issue 775914 has been merged into this issue.

Reverting the CL in question immediately

 Issue 775762  has been merged into this issue.

Users experienced this crash on the following builds:

Mac Canary 64.0.3243.0 -  75.55 CPM, 54 reports, 41 clients (signature blink::StyleRule::ShouldConsiderForMatchingRules)

If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates.

- Go/Fracas

This crash has high impact on Chrome's stability.
Signature: blink::StyleRule::ShouldConsiderForMatchingRules.
Channel: canary. Platform: mac.
Labeling  issue 775922  with ReleaseBlock-Dev.


If this update was incorrect, please add "Fracas-Wrong" label to prevent future updates.

- Go/Fracas

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/c6dfaf800108be95ccd9c5c8cb73bed66e80ba1f

commit c6dfaf800108be95ccd9c5c8cb73bed66e80ba1f
Author: nainar <nainar@chromium.org>
Date: Thu Oct 19 00:26:27 2017

Revert "Only copy parsed properties over when mutating a rule."

This reverts commit b30a67726d61312f337145310c81678c8e0ab20d.

Reason for revert: Not a stable enough change as it causes  crbug.com/775922 

Original change's description:
> Only copy parsed properties over when mutating a rule.
> 
> Currently when we copy over a StyleRule we parse all proeprties
> greedily. This should only be the already parsed properties. The greedy
> method may result in a dangerous state.
> 
> This is a speculative fix for the ClusterFuzz issue.
> 
> Bug:  774061 
> Change-Id: I0b7f09018c7cf2d8ca75ea5d705016fbcce6f0ae
> Reviewed-on: https://chromium-review.googlesource.com/722579
> Reviewed-by: Darren Shen <shend@chromium.org>
> Commit-Queue: nainar <nainar@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#509352}

TBR=nainar@chromium.org,shend@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug:  774061 ,  775922 
Change-Id: I49f536965359f14793eba4f952d216a04dd07df6
Reviewed-on: https://chromium-review.googlesource.com/726679
Reviewed-by: nainar <nainar@chromium.org>
Commit-Queue: nainar <nainar@chromium.org>
Cr-Commit-Position: refs/heads/master@{#509941}
[delete] https://crrev.com/9e77a8ed0f573731a9e4b8376d188541b989eb70/third_party/WebKit/LayoutTests/fast/css/lazy-parsing-delete-rule-crash.html
[delete] https://crrev.com/9e77a8ed0f573731a9e4b8376d188541b989eb70/third_party/WebKit/LayoutTests/fast/css/resources/lazy-pasing-delete-rule-crash.css
[modify] https://crrev.com/c6dfaf800108be95ccd9c5c8cb73bed66e80ba1f/third_party/WebKit/Source/core/css/StyleRule.cpp

ClusterFuzz has detected this issue as fixed in range 509932:509960.

Detailed report: https://clusterfuzz.com/testcase?key=6262227094208512

Fuzzer: inferno_twister
Job Type: mac_asan_content_shell
Platform Id: mac

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  blink::StyleRule::Properties
  blink::CSSStyleRule::cssText
  blink::V8CSSRule::cssTextAttributeGetterCallback
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=509326:509389
Fixed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=509932:509960

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6262227094208512

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5424998214008832 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.