Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Unable to find actual suspect through code search and also from the provided CL under regression range, hence adding appropriate label and leaving it as untriaged for further updates.

Thanks!

Looks like parent_clip_node is null. Property tree issues? ->weiliangc if she has an idea

 Issue 817019  has been merged into this issue.

duped bug suggests 
[Blink] Fixing a series of composited clip bug by trchen@chromium.org - https://chromium.googlesource.com/chromium/src/+/09dd9e06d4c19f4702597e8563d9b956e4dac9ae might be at fault. ->trchen

 Issue 820843  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/ffc26d979f5e1b236278ab23f5f9e9c32a0ae9bb

commit ffc26d979f5e1b236278ab23f5f9e9c32a0ae9bb
Author: Tien-Ren Chen <trchen@chromium.org>
Date: Mon Mar 12 21:32:02 2018

[Blink] Avoid O(n) lookup during clip parent computation

Similar to the previous alike-titled CL "[Blink] Avoid O(n) lookup during
scroll parent computation", this CL changes CompositingInputsUpdater to
keep track of clip chain information in recursion context for different
type of positioned descendants to achieve O(1) lookup.

And conveniently workaround  crbug.com/817175 

BUG= 818768 , 817175 

Cq-Include-Trybots: master.tryserver.blink:linux_trusty_blink_rel;master.tryserver.chromium.linux:linux_layout_tests_slimming_paint_v2
Change-Id: Ib8bb76eb219a7056d6488484cc8439d44e7d7aac
Reviewed-on: https://chromium-review.googlesource.com/956503
Commit-Queue: Tien-Ren Chen <trchen@chromium.org>
Reviewed-by: Philip Rogers <pdr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#542605}
[modify] https://crrev.com/ffc26d979f5e1b236278ab23f5f9e9c32a0ae9bb/third_party/WebKit/LayoutTests/FlagExpectations/enable-slimming-paint-v2
[modify] https://crrev.com/ffc26d979f5e1b236278ab23f5f9e9c32a0ae9bb/third_party/WebKit/LayoutTests/TestExpectations
[add] https://crrev.com/ffc26d979f5e1b236278ab23f5f9e9c32a0ae9bb/third_party/WebKit/LayoutTests/compositing/overflow/clip-escaping-reverse-order-should-not-crash-expected.html
[add] https://crrev.com/ffc26d979f5e1b236278ab23f5f9e9c32a0ae9bb/third_party/WebKit/LayoutTests/compositing/overflow/clip-escaping-reverse-order-should-not-crash.html
[modify] https://crrev.com/ffc26d979f5e1b236278ab23f5f9e9c32a0ae9bb/third_party/WebKit/Source/core/paint/compositing/CompositingInputsUpdater.cpp
[modify] https://crrev.com/ffc26d979f5e1b236278ab23f5f9e9c32a0ae9bb/third_party/WebKit/Source/core/paint/compositing/CompositingInputsUpdater.h

ClusterFuzz testcase 5728937272147968 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

ClusterFuzz has detected this issue as fixed in range 542596:542607.

Detailed report: https://clusterfuzz.com/testcase?key=5807055143960576

Fuzzer: inferno_layout_test_unmodified
Job Type: linux_msan_chrome
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000098
Crash State:
  __msan_memcpy
  cc::draw_property_utils::ComputeClips
  cc::LayerTreeHost::DoUpdateLayers
  
Sanitizer: memory (MSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=518240:518474
Fixed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=542596:542607

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5807055143960576

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.