Suspecting:

Author: danakj
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src//+/bda5037a1df2390c268493f608ca9b88b38ca715
Time: Thu Feb 25 10:22:52 2016
The CL last changed line 846 of file Range.cpp, which is stack frame 0.

@danakj: Could you please look into this issue.

Thank you.

"Range" object is unrelated to Blink>Forms>Range.

That was "Rename enums/functions that collide in chromium style in core/dom/".

This should go to the owners of the DOM component I guess. tkent do you know who that would be?

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

It is still not possible to access Minimized Testcase.

I cannot reproduce it, tried with AddressSanitizer. It is probably fixed already.

I can't reproduce this at r435888.

lcamtuf, I'm curious how stable these repros are over time--it seems like they would change behavior when we add or remove properties from browser host objects?

a.obzhirov, re: comment 8, clusterfuzz's repros can be quite involved; there's a lot of state not in the callstack.

CF says this is fixed in 407408:407421.