Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/b33a9282728898428632c036f2c09e258bfcd888 ([Spellchecker] Stop cold mode spellchecker from checking beyond editable element).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Unable to reproduce on either ToT or r571372, even with the reproduce tool.

Rerunning cluster fuzz to check reproducibility.

While CF reports reproducible on ToT, I still can't reproduce locally, either manually or with CF repro tool.

And CF can't minimize the test case, either...

Deprioritize to P3 for the above reasons. Will revisit before M69 branch.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/9afcc1e595f00ea24c962ef767e35aa912df0242

commit 9afcc1e595f00ea24c962ef767e35aa912df0242
Author: Xiaocheng Hu <xiaochengh@chromium.org>
Date: Tue Jul 03 02:15:51 2018

Revert "Remove cold mode idle time spellchecker flag"

This reverts commit d1c99618c03544f0c8734c7340471b30ac67b1f1.

Reason for revert: Observed many crashes in M68 & M69. Not ready
for shipping.

Original change's description:
> Remove cold mode idle time spellchecker flag
>
> As cold mode idle time spellchecker is shipped into M68
> and no regression is obversed, this patch removes the flag
> from M69 as cleanup.
>
> Bug:  716642 
> Change-Id: I8f850c52469590ee9d5e542c14f4dae842a6163a
> Reviewed-on: https://chromium-review.googlesource.com/1072953
> Reviewed-by: Kent Tamura <tkent@chromium.org>
> Reviewed-by: Yoshifumi Inoue <yosin@chromium.org>
> Commit-Queue: Xiaocheng Hu <xiaochengh@chromium.org>
> Cr-Commit-Position: refs/heads/master@{#561951}

TBR=yosin@chromium.org,tkent@chromium.org,xiaochengh@chromium.org

# Not skipping CQ checks because original CL landed > 1 day ago.

Bug:  716642 , 856376,  859056 , 859443
Change-Id: I91426509a315a07bf4f548ebafe825c2ef856999
Reviewed-on: https://chromium-review.googlesource.com/1123120
Commit-Queue: Xiaocheng Hu <xiaochengh@chromium.org>
Reviewed-by: Yoshifumi Inoue <yosin@chromium.org>
Reviewed-by: Xiaocheng Hu <xiaochengh@chromium.org>
Cr-Commit-Position: refs/heads/master@{#572086}
[modify] https://crrev.com/9afcc1e595f00ea24c962ef767e35aa912df0242/third_party/blink/renderer/core/editing/spellcheck/idle_spell_check_callback.cc
[modify] https://crrev.com/9afcc1e595f00ea24c962ef767e35aa912df0242/third_party/blink/renderer/core/editing/spellcheck/idle_spell_check_callback_test.cc
[modify] https://crrev.com/9afcc1e595f00ea24c962ef767e35aa912df0242/third_party/blink/renderer/platform/runtime_enabled_features.json5

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/56f5ddbda1820847ab5db4bf68512a0e29281fa0

commit 56f5ddbda1820847ab5db4bf68512a0e29281fa0
Author: Xiaocheng Hu <xiaochengh@chromium.org>
Date: Tue Jul 10 19:39:31 2018

[M68] Disable cold mode spellchecker

Cold mode spellchecker was introduced in M68 as a bug fix to some
spellcheck completeness issues. For risk control, it is implemented
behind a flag.

Now that we found many related crashes in M68 and M69, it turns out
that cold mode spellchecker is not ready to be pushed to the stable
channel. Hence, this patch disables it by default on M68.

It will remain enabled by default in M69 for more observation.

Bug:  716642 , 856376,  859056 , 859443
Change-Id: I8984de679d0c7c0de61123f50dabc535b2b3c3fb
Reviewed-on: https://chromium-review.googlesource.com/1124021
Reviewed-by: Kent Tamura <tkent@chromium.org>
Reviewed-by: Yoshifumi Inoue <yosin@chromium.org>
Cr-Commit-Position: refs/branch-heads/3440@{#638}
Cr-Branched-From: 010ddcfda246975d194964ccf20038ebbdec6084-refs/heads/master@{#561733}
[modify] https://crrev.com/56f5ddbda1820847ab5db4bf68512a0e29281fa0/third_party/blink/renderer/platform/runtime_enabled_features.json5

ClusterFuzz has detected this issue as fixed in range 574092:574093.

Detailed report: https://clusterfuzz.com/testcase?key=5279175213318144

Fuzzer: bj_broddelwerk
Job Type: linux_asan_chrome_v8_arm
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x00000000
Crash State:
  blink::TextIteratorAlgorithm<blink::EditingAlgorithm<blink::NodeTraversal> >::Te
  blink::CalculateCharacterSubrange
  blink::ColdModeSpellCheckRequester::RequestCheckingForNextChunk
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=571363:571366
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_v8_arm&range=574092:574093

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5279175213318144

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5279175213318144 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

The NextAction date has arrived: 2018-07-13