Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/8819ce57fd3cc5506c3a386bf08949d54094c190 (Place list markers correctly when floats are present).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

This is a serious security regression. If you are not able to fix this quickly, please revert the change that introduced it.

If this doesn't affect a release branch, or has not been properly classified for severity, please update the Security_Impact or Security_Severity labels, and remove the ReleaseBlock label. To disable this altogether, apply ReleaseBlock-NA.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/8266c1681920886fdab67399b11da2d1cb0e285c

commit 8266c1681920886fdab67399b11da2d1cb0e285c
Author: Robert Hogan <robhogan@gmail.com>
Date: Tue Jan 09 21:01:06 2018

Revert "Place list markers correctly when floats are present"

This reverts commit 8819ce57fd3cc5506c3a386bf08949d54094c190.

Reason for revert:  crbug.com/800025 

Original change's description:
> Place list markers correctly when floats are present
> 
> Bug: 784793
> Change-Id: If176229f0af62fb61a40a7e4ef119057fe05449c
> Reviewed-on: https://chromium-review.googlesource.com/844084
> Commit-Queue: Emil A Eklund <eae@chromium.org>
> Reviewed-by: Emil A Eklund <eae@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#526370}

TBR=robhogan@gmail.com,eae@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug: 784793,  800025 
Change-Id: I420a7b86bc80937d8c1420e5f45548e105ee48e0
Reviewed-on: https://chromium-review.googlesource.com/857996
Reviewed-by: Robert Hogan <robhogan@gmail.com>
Commit-Queue: Robert Hogan <robhogan@gmail.com>
Cr-Commit-Position: refs/heads/master@{#528100}
[delete] https://crrev.com/164f122a9b2ee9d10bc3c155e943aad85e2e0a7f/third_party/WebKit/LayoutTests/fast/lists/list-marker-avoid-float-7-expected.html
[delete] https://crrev.com/164f122a9b2ee9d10bc3c155e943aad85e2e0a7f/third_party/WebKit/LayoutTests/fast/lists/list-marker-avoid-float-7.html
[modify] https://crrev.com/8266c1681920886fdab67399b11da2d1cb0e285c/third_party/WebKit/Source/core/layout/LayoutBlockFlow.h
[modify] https://crrev.com/8266c1681920886fdab67399b11da2d1cb0e285c/third_party/WebKit/Source/core/layout/LayoutListItem.cpp
[modify] https://crrev.com/8266c1681920886fdab67399b11da2d1cb0e285c/third_party/WebKit/Source/core/layout/LayoutListItem.h

ClusterFuzz has detected this issue as fixed in range 528089:528100.

Detailed report: https://clusterfuzz.com/testcase?key=5789037402259456

Fuzzer: mbarbella_webcomponents
Job Type: windows_asan_content_shell
Platform Id: windows

Crash Type: Heap-use-after-free READ 8
Crash Address: 0x11624863c058
Crash State:
  blink::ShapeOutsideInfo::IsEnabledFor
  blink::LayoutBox::GetShapeOutsideInfo
  blink::ComputeFloatOffsetForLineLayoutAdapter<1>::UpdateOffsetIfNeeded
  
Sanitizer: address (ASAN)

Recommended Security Severity: High

Regressed: https://clusterfuzz.com/revisions?job=windows_asan_content_shell&range=526369:526370
Fixed: https://clusterfuzz.com/revisions?job=windows_asan_content_shell&range=528089:528100

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5789037402259456

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5789037402259456 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot