Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/e7316d0c2c1a3ea146197778d926502c9646e4bf (Prefer walking the LayoutTreeBuilder tree when building the Accessibility tree.).

If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.

The computed layout tree is:
LayoutView 0xba426404010                #document
  LayoutBlockFlow 0xba426424010         HTML
    LayoutBlockFlow 0xba426424140       BODY
      LayoutBlockFlow (anonymous) 0xba4264244d0
        LayoutInline 0xba426434010 continuation=0xba426434190   MARKER
          LayoutInline 0xba4264340d0 continuation=0xba4264243a0 MAP
*     LayoutBlockFlow (anonymous) 0xba4264243a0 continuation=0xba426434250
        LayoutBlockFlow 0xba426424270   LEGEND
      LayoutBlockFlow (anonymous) 0xba426424600
        LayoutInline 0xba426434190 continuation=0xba426434310   MARKER
          LayoutInline 0xba426434250 continuation=0xba426424860 MAP
            LayoutText 0xba426440010    #text "A000A0000AA0000A0AA"
      LayoutBlockFlow (anonymous) 0xba426424860 continuation=0xba4264343d0
        LayoutBlockFlow 0xba426424730   OPTGROUP
          LayoutBlockFlow 0xba426424ac0 DIV id="optgroup-label" style="padding: 0px 2px 1px; min-height: 1.2em;"
      LayoutBlockFlow (anonymous) 0xba426424990
        LayoutInline 0xba426434310      MARKER
          LayoutInline 0xba4264343d0    MAP

When we were using the layout tree as the primary tree, this wouldn't have been a problem, but now the multiple copies of MARKER and MAP means we end up in an infinite loop.

I'm planning to just try and ensure that things don't end up in their own descendant tree regardless of pathological layout trees like this.

Actually, I wonder if it's the continuations that are causing issues.

Plot twist: we have a <map> element with no associated <img>.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e930a44114a7f687fe434483f1754d07b99d3337

commit e930a44114a7f687fe434483f1754d07b99d3337
Author: Alice Boxhall <aboxhall@chromium.org>
Date: Wed Nov 21 23:39:28 2018

Fix infinite loop with <map> and continuations

Bug:  906310 
Change-Id: I62438e397d3551c7cc0787df4ff5faa985fb3f56
Reviewed-on: https://chromium-review.googlesource.com/c/1345714
Commit-Queue: Alice Boxhall <aboxhall@chromium.org>
Reviewed-by: Dominic Mazzoni <dmazzoni@chromium.org>
Cr-Commit-Position: refs/heads/master@{#610265}
[add] https://crrev.com/e930a44114a7f687fe434483f1754d07b99d3337/third_party/WebKit/LayoutTests/accessibility/map-infinite-loop.html
[modify] https://crrev.com/e930a44114a7f687fe434483f1754d07b99d3337/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc

ClusterFuzz has detected this issue as fixed in range 610260:610265.

Detailed report: https://clusterfuzz.com/testcase?key=5881947764817920

Fuzzer: inferno_layout_test_fuzzer
Job Type: linux_asan_content_shell_drt
Platform Id: linux

Crash Type: Stack-overflow
Crash Address: 0x7ffe5a6ade78
Crash State:
  blink::AXLayoutObject::AddChildren
  blink::AXObject::Children
  blink::AXNodeObject::InsertChild
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_content_shell_drt&range=607151:607152
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_content_shell_drt&range=610260:610265

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5881947764817920

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5881947764817920 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/448f584928a7b2814fb4b26ebd21c3ddbda6966d

commit 448f584928a7b2814fb4b26ebd21c3ddbda6966d
Author: Alice Boxhall <aboxhall@chromium.org>
Date: Thu Nov 29 22:35:26 2018

Revert change preferring LayoutTreeBuilder tree, and dependent changes.

Original reviews:
https://chromium-review.googlesource.com/c/chromium/src/+/1206050
https://chromium-review.googlesource.com/c/chromium/src/+/1242572
https://chromium-review.googlesource.com/c/chromium/src/+/1345714

TBR=dmazzoni@chromium.org

Bug:  906310 , 908916
Change-Id: Ie56e5030db4bb3039816c5d5d9576279435835e6
Reviewed-on: https://chromium-review.googlesource.com/c/1353062
Reviewed-by: Dominic Mazzoni <dmazzoni@chromium.org>
Reviewed-by: Alice Boxhall <aboxhall@chromium.org>
Commit-Queue: Alice Boxhall <aboxhall@chromium.org>
Cr-Commit-Position: refs/heads/master@{#612411}
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/shell/test_runner/accessibility_controller.cc
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/aria/aria-owns-expected-blink.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/aria/aria-owns-expected-mac.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/css/inline-position-relative-expected-blink.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/input-checkbox-label-expected-blink.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/input-checkbox-label-expected-mac.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-opened-expected-android.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-opened-expected-auralinux.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-opened-expected-blink.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-opened-expected-mac.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-opened-expected-win.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-stack-expected-android.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-stack-expected-auralinux.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-stack-expected-blink.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-stack-expected-mac.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/content/test/data/accessibility/html/modal-dialog-stack-expected-win.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/renderer/modules/accessibility/ax_layout_object.cc
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/renderer/modules/accessibility/ax_layout_object.h
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/renderer/modules/accessibility/ax_list_box_option.cc
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/renderer/modules/accessibility/ax_menu_list.cc
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/renderer/modules/accessibility/ax_node_object.cc
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/renderer/modules/accessibility/ax_node_object.h
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/renderer/modules/accessibility/ax_object.cc
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/renderer/modules/accessibility/ax_object_cache_impl.cc
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/web_tests/accessibility/aria-hidden-updates-alldescendants.html
[delete] https://crrev.com/5177c350b8ac9b6a631d4e4f2813f8be49e121a2/third_party/blink/web_tests/accessibility/display-contents.html
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/web_tests/accessibility/editable-anonymous-block.html
[delete] https://crrev.com/5177c350b8ac9b6a631d4e4f2813f8be49e121a2/third_party/blink/web_tests/accessibility/map-infinite-loop.html
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/web_tests/accessibility/title-ui-element-correctness-expected.txt
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/web_tests/accessibility/title-ui-element-correctness.html
[modify] https://crrev.com/448f584928a7b2814fb4b26ebd21c3ddbda6966d/third_party/blink/web_tests/inspector-protocol/accessibility/accessibility-ignoredNodes-expected.txt