Testcase 5605399970185216 is a top crash on ClusterFuzz for windows platform. Please prioritize fixing this crash.

Marking this crash as a Beta release blocker.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/6ed531bd5ae325f1964ab2db962c4bf75625c95f (dom: Remove PresentationAttributeCacheCleaner).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

Seems like this is 
Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_media&range=535301:535307 (66.0.3344.0:66.0.3344.0). Not sure why  ClusterFuzz is adding M65 label to the bug instead of M66.

I'm not planning to block M65 beta promotion for this bug. +awhalley@, pls let me know if there is any concern here. Thank you.

govind@, we have a fix for c#7. this is due to incorrect milestone calculation on linux, we just used dev milestone for canary (since there is no canary for linux). instead we should be using canary from other platform like win.

This crash occurs very frequently on windows platform and is likely preventing the fuzzer inferno_webbot from making much progress. Fixing this will allow more bugs to be found.

Marking this bug as a blocker for next Beta release.

If this is incorrect, please add ClusterFuzz-Wrong label and remove the ReleaseBlock-Beta label.

Thank you  inferno@ for clarification at #8. Yeah, pls use canary version of windows/Mac as no canary for Linux.

 Issue 810866  has been merged into this issue.

 Issue 810819  has been merged into this issue.

 Issue 810870  has been merged into this issue.

Revert in progress - https://chromium-review.googlesource.com/c/chromium/src/+/912091.

Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

 Issue 810915  has been merged into this issue.

 Issue 810994  has been merged into this issue.

 Issue 810995  has been merged into this issue.

ClusterFuzz has detected this issue as fixed in range 535922:535929.

Detailed report: https://clusterfuzz.com/testcase?key=5605399970185216

Fuzzer: inferno_webbot
Job Type: linux_asan_chrome_media
Platform Id: linux

Crash Type: Use-after-poison READ 8
Crash Address: 0x7ec2e5b5d6d0
Crash State:
  blink::ComputePresentationAttributeStyle
  blink::Element::UpdatePresentationAttributeStyle
  blink::StyleResolver::MatchAllRules
  
Sanitizer: address (ASAN)

Recommended Security Severity: High

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_media&range=535301:535307
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_media&range=535922:535929

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5605399970185216

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5605399970185216 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug requires manual review: M66 has already been promoted to the beta branch, so this requires manual review
Please contact the milestone owner if you have questions.
Owners: cmasso@(Android), cmasso@(iOS), josafat@(ChromeOS), abdulsyed@(Desktop)

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Does anything need to be merged here? Looks like revert already landed in #14.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot