Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Predator could not provide any possible suspects.

From the below CL observing some changes related to 'layout test' , hence suspecting the same
https://chromium.googlesource.com/chromium/src/+log/bfc75c0a27fff772ed4d96ef40dfd6f127ee29fa..8e611f8193870af6243afe04c8845c2dda01b752?pretty=fuller&n=10000

Suspect CL: https://chromium.googlesource.com/chromium/src/+/2c863229da24ed1cb180759c9342e7a5125fd6f5

zakerinasab@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

This should not be related to this CL. The CL only introduces a new API, which is used in consequent CLs. Assigning to chrishtr@ for triage.

More reduced testcase.

The problem is that floats can't be contained by relatively positioned inlines,
so the code gets confused.

Deleted: test2.html 190 bytes

test2.html 190 bytes View Download

ClusterFuzz testcase 6367817843343360 appears to be flaky, updating reproducibility label.

ClusterFuzz testcase 6367817843343360 is flaky and no longer crashes, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

The CL to special-case floats to not be contained by positioned inlines is here:

https://codereview.chromium.org/2575423003

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/80f6578864d46f8545ffbbafa1d6f73478c2e23c

commit 80f6578864d46f8545ffbbafa1d6f73478c2e23c
Author: Chris Harrelson <chrishtr@chromium.org>
Date: Wed Aug 01 01:41:16 2018

Account for float under positioned inline when computing offsets.

The containing block of a float is the containing *block*,
meaning that it is an actual block and therefore does not include
inlines. This means that floats and positioned elements can have
mutually inconsistent containing block chains. Example:

<div id=root>
  <span style='position: relative'>
    <div style='float: left'>
       <span style='position: absolute'></span>
    </div>
  </span>
</div>

In this example, the containing block of the abs-pos span
is the rel-pos span. However, the containing block of the float
is the root element. Therefore the containing block chains
mutually cross each other.

Other than floats, containing blocks do not have this behavior.
IOW if there are no floats, and ContainingBlock(A) = B, then
for any element C between A and B in the DOM parent chain, B is
in its containing block chain.

Bug:  823748 

Cq-Include-Trybots: luci.chromium.try:linux_layout_tests_slimming_paint_v2;master.tryserver.blink:linux_trusty_blink_rel
Change-Id: I4038aa6db33af53b04721760d6ee32904ac7a727
Reviewed-on: https://chromium-review.googlesource.com/1156136
Reviewed-by: Stephen Chenney <schenney@chromium.org>
Commit-Queue: Chris Harrelson <chrishtr@chromium.org>
Cr-Commit-Position: refs/heads/master@{#579662}
[modify] https://crrev.com/80f6578864d46f8545ffbbafa1d6f73478c2e23c/third_party/blink/renderer/core/layout/layout_box.cc
[modify] https://crrev.com/80f6578864d46f8545ffbbafa1d6f73478c2e23c/third_party/blink/renderer/core/layout/layout_box_model_object.cc
[modify] https://crrev.com/80f6578864d46f8545ffbbafa1d6f73478c2e23c/third_party/blink/renderer/core/layout/layout_object.cc
[modify] https://crrev.com/80f6578864d46f8545ffbbafa1d6f73478c2e23c/third_party/blink/renderer/core/layout/layout_object.h
[modify] https://crrev.com/80f6578864d46f8545ffbbafa1d6f73478c2e23c/third_party/blink/renderer/core/layout/layout_object_test.cc
[modify] https://crrev.com/80f6578864d46f8545ffbbafa1d6f73478c2e23c/third_party/blink/renderer/core/paint/paint_property_tree_builder.cc
[modify] https://crrev.com/80f6578864d46f8545ffbbafa1d6f73478c2e23c/third_party/blink/renderer/core/paint/theme_painter_default.cc