avi@ could you please look into this.please feel free to re-assigned back if needed. thanks in advance !

If we go to the report we see the stack trace:

#2 0x0000005d3c24 logging::LogMessage::~LogMessage()
#3 0x00000053803c url::(anonymous namespace)::UIDNAWrapper::UIDNAWrapper()
#4 0x000000537c26 base::DefaultLazyInstanceTraits<>::New()
#5 0x00000053760c base::LazyInstance<>::Pointer()
#6 0x000000537247 base::LazyInstance<>::Get()
#7 0x000000536bc0 url::IDNToASCII()
#8 0x00000051f78f url::(anonymous namespace)::DoIDNHost()
#9 0x00000051cdb6 url::(anonymous namespace)::DoComplexHost()
#10 0x00000051b154 url::(anonymous namespace)::DoHost<>()
#11 0x00000051ac17 url::CanonicalizeHost()
#12 0x0000005300f5 url::(anonymous namespace)::DoCanonicalizeStandardURL<>()
#13 0x00000052fada url::CanonicalizeStandardURL()
#14 0x000000533b38 url::(anonymous namespace)::DoCanonicalize<>()
#15 0x00000050dd07 GURL::InitCanonical<>()
#16 0x0000004fe0f5 net::(anonymous namespace)::ParseHPKPHeaderImpl()
#17 0x0000004ff0b7 net::ParseHPKPReportOnlyHeader()
#18 0x00000048beee LLVMFuzzerTestOneInput

So the HPKP fuzzer is trying to initialize a URL with an IDN URL, and deep inside the URL code, the IDN code is attempting to open a required data file and failing.

Apparently HPKP fuzzer needs to give the URL code a required data file.

martijn added the fuzzer yesterday (https://codereview.chromium.org/2448603002) but I can't assign this to him, so assigning to a reviewer of that CL.

+martijn

I was able to reproduce this and uploaded a fix: https://codereview.chromium.org/2457443006

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/15387afb2a0737dc7f78ac4fe3f50f3cb7128399

commit 15387afb2a0737dc7f78ac4fe3f50f3cb7128399
Author: martijn <martijn@martijnc.be>
Date: Thu Oct 27 22:21:04 2016

Initialize ICU before running HPKP fuzzers.

Add a net_fuzzer_test_support dependency to the HPKP fuzzers to initialize ICU.

BUG= 659878 

Review-Url: https://codereview.chromium.org/2457443006
Cr-Commit-Position: refs/heads/master@{#428166}

[modify] https://crrev.com/15387afb2a0737dc7f78ac4fe3f50f3cb7128399/net/BUILD.gn

ClusterFuzz has detected this issue as fixed in range 428123:428230.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6279882574397440

Fuzzer: libfuzzer_net_http_security_headers_hpkp_report_only_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  false. failed to open UTS46 data with error: 4 in url_canon_icu.cc
  url::UIDNAWrapper::UIDNAWrapper
  base::DefaultLazyInstanceTraits<>::New
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=427722:427783
Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_msan&range=428123:428230

Minimized Testcase (1.94 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95K2ugz0jukz72RFO6JueA-hbES-hMF_ncBWVHFRLTq611aUwjI_1IE8Iz_uwSJ9O9qvjZA6nZdKxwuI5Tob_s94c2_Y__Krl5DlZyB1bnXEvpzaUjk26vlsxRDhyBkA6wGCbg6NtdHVgPvA1QOLGGM0ow8jQ?testcase_id=6279882574397440

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot