Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically adding ccs based on suspected regression changelists:

Updating trunk VERSION from 3470.0 to 3471.0 by chrome-release-bot@chromium.org - https://chromium.googlesource.com/chromium/src/+/d23e33081122f79de9ef059f4cdedc4c4fb96458

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label.

trchen@, is this something we need to have as P1? If so set back. Also re-assign if this is someone else's territory.

Hmm, this is very sketchy. Obviously the bisect is wrong, but I can reliably repro this locally so it's probably not a flake.

I also guessed that it is probably clamping problem, but the raw (unnormalized) value of paint_offset was (-1, 0). While I don't think this is a big issue, but worth to be investigated when I have spare cycles.

ClusterFuzz has detected this issue as fixed in range 572098:572099.

Detailed report: https://clusterfuzz.com/testcase?key=6639051885772800

Fuzzer: ifratric-browserfuzzer-v3
Job Type: linux_debug_chrome
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  LayoutPoint(IntPoint(paint_offset.X().ToInt(), paint_offset.Y().ToInt())) == pai
  blink::ViewPainter::Paint
  blink::LayoutView::Paint
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=569874:569875
Fixed: https://clusterfuzz.com/revisions?job=linux_debug_chrome&range=572098:572099

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6639051885772800

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6639051885772800 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.