Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/7aeceb41754fa0ff6d577a72463bbe5a6a978b8e (Fix regression that ComputeInlineBoxPosition no longer enters inline blocks).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

Although bisection points at my patch r570791, which is correct, this is not really a regression.

Old patch r517766 caused a regression (crbug.com/856417) since M64, but remains uncaught till recently. Then r570791 reverted it on M69.

The same crash occurs on 64.0.3273.0, which is before r517766. r517766 broke the recursion path so the stack overflow stopped reproducing; and it becomes reproduciable again after the reversion r570791.

Since this is actually an old bug, marking it P3/Available.

ClusterFuzz has detected this issue as fixed in range 582653:582655.

Detailed report: https://clusterfuzz.com/testcase?key=6029023118098432

Fuzzer: inferno_layout_test_unmodified
Job Type: linux_msan_content_shell_drt
Platform Id: linux

Crash Type: Stack-overflow
Crash Address: 0x7fff6e58df38
Crash State:
  blink::PositionWithAffinityTemplate<blink::EditingAlgorithm<blink::NodeTraversal
  
Sanitizer: memory (MSAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_msan_content_shell_drt&range=570790:570791
Fixed: https://clusterfuzz.com/revisions?job=linux_msan_content_shell_drt&range=582653:582655

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6029023118098432

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6029023118098432 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

 Issue 875583  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/350d547ef349b9f187ae4972280e15f3c2a762d8

commit 350d547ef349b9f187ae4972280e15f3c2a762d8
Author: Xiaocheng Hu <xiaochengh@chromium.org>
Date: Wed Aug 22 20:34:05 2018

Break infinite recursion in AdjustBlockFlowPositionToInline

Bug:  857266 
Cq-Include-Trybots: luci.chromium.try:linux_layout_tests_layout_ng
Change-Id: I58c2cb9e7b2ddf90dc9609945e418b27047f1e34
Reviewed-on: https://chromium-review.googlesource.com/1184043
Commit-Queue: Xiaocheng Hu <xiaochengh@chromium.org>
Reviewed-by: Yoshifumi Inoue <yosin@chromium.org>
Cr-Commit-Position: refs/heads/master@{#585232}
[modify] https://crrev.com/350d547ef349b9f187ae4972280e15f3c2a762d8/third_party/blink/renderer/core/editing/inline_box_position.cc