Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/34579e910de11b9663c7431ba06d8559b61d3cc7 (Move unguessable_token.mojom from common to base).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

CHECK failures not P1.

The bug is because of inconsistent IsStacked status of ComputedStyle and PaintLayerStackingNode, and the root cause is that ComputedStyle's IsStackingContext status can change without notifying LayoutObject through SetStyle(). UpdateIsStackingContext() may happen too late after LayoutObject::SetStyle(), and the changed IsStackingContext() status is unknown by LayoutObject until the next SetStyle().

Suspecting https://codereview.chromium.org/2035793007.

The test definitely crash in my local test and in most cases it crashes at the reported place. However, occasionally it crashes at a different place:
[1:1:0323/170049.482745:FATAL:ElementAnimations.cpp(131)] Check failed: *base_computed_style_ == *computed_style. 
#0 0x00000342859c base::debug::StackTrace::StackTrace()
#1 0x00000344723b logging::LogMessage::~LogMessage()
#2 0x000004e29418 blink::ElementAnimations::UpdateBaseComputedStyle()
#3 0x00000504ba67 blink::StyleResolver::StyleForElement()
#4 0x0000050f72fa blink::Element::OriginalStyleForLayoutObject()
#5 0x0000050f6d94 blink::Element::StyleForLayoutObject()
#6 0x0000050f8caf blink::Element::RecalcStyleForReattach()
#7 0x00000508028f blink::ContainerNode::RecalcDescendantStylesForReattach()
#8 0x0000050f8b58 blink::Element::RecalcShadowIncludingDescendantStylesForReattach()
#9 0x0000050f7e7a blink::Element::RecalcOwnStyle()
#10 0x0000050f7707 blink::Element::RecalcStyle()
#11 0x000005080153 blink::ContainerNode::RecalcDescendantStyles()
#12 0x0000050f7564 blink::Element::RecalcStyle()
#13 0x000005080153 blink::ContainerNode::RecalcDescendantStyles()
#14 0x0000050f7564 blink::Element::RecalcStyle()
#15 0x0000050abf02 blink::Document::UpdateStyle()
#16 0x0000050a7639 blink::Document::UpdateStyleAndLayoutTree()
Not sure if the crash is of the same reason.

It doesn't look like https://codereview.chromium.org/2035793007 landed.

ClusterFuzz has detected this issue as fixed in range 547405:547406.

Detailed report: https://clusterfuzz.com/testcase?key=6065178073104384

Fuzzer: marty_html_twiddler
Job Type: linux_debug_chrome
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  context.paint_invalidation_container == object.ContainerForPaintInvalidation() i
  blink::PaintInvalidator::UpdatePaintInvalidationContainer
  blink::PaintInvalidator::InvalidatePaint
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=545300:545301
Fixed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=547405:547406

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6065178073104384

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6065178073104384 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.