Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/2394d0acf8bf0b0236b2646e4c823a57de7bd941 (Floats and out-of-flow objects may not be adjacent to anonymous blocks.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

 Issue 853522  has been merged into this issue.
 Issue 853537  has been merged into this issue.
 Issue 853538  has been merged into this issue.
 Issue 853540  has been merged into this issue.

Reverted in https://chromium.googlesource.com/chromium/src/+/e9d1ed958ab494661acc228f31d879e490352d7a

 Issue 853567  has been merged into this issue.

ClusterFuzz has detected this issue as fixed in range 567913:567914.

Detailed report: https://clusterfuzz.com/testcase?key=5627573481242624

Fuzzer: mbarbella_webcomponents
Job Type: windows_asan_content_shell
Platform Id: windows

Crash Type: Heap-use-after-free READ 4
Crash Address: 0x11e70c3d1fc0
Crash State:
  blink::LayoutObject::ContainingBlock
  blink::LayoutObject::Container
  blink::LayoutObject::MarkContainerChainForLayout
  
Sanitizer: address (ASAN)

Recommended Security Severity: High

Regressed: https://clusterfuzz.com/revisions?job=windows_asan_content_shell&range=567880:567882
Fixed: https://clusterfuzz.com/revisions?job=windows_asan_content_shell&range=567913:567914

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5627573481242624

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5627573481242624 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Retrying here: https://chromium-review.googlesource.com/c/chromium/src/+/1104900

ClusterFuzz testcase 5352322314797056 is still reproducing on tip-of-tree build (trunk).

Please re-test your fix against this testcase and if the fix was incorrect or incomplete, please re-open the bug. Otherwise, ignore this notification and add ClusterFuzz-Wrong label.

That testcase was for  bug 853538 , which was incorrectly marked as duplicate of this bug. I have reopened it.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot