Assigning to concern owner from Predator results --
The result is a list of CLs that change the crashed files. 

Author: csharrison
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/166d82710cf7ee3212dd839e46547a3ce83e35aa
Time: Thu Feb 02 06:05:06 2017

File TextResourceDecoder.cpp is changed in this cl (and is part of stack frame #6, "blink::TextResourceDecoder::Decode")

Minimum distance from crash line to modified line: 31. (file: TextResourceDecoder.cpp, crashed on: 486, modified: 455).

@csharrison: Assigning to you, kindly have a look into it. Please help us to find an owner if not with respect to your change.

Thanks.!

Can't repro on linux (I also tried adding in the main thread TLS optimization). I can try to repro on Mac tonight / tomorrow.

Successfully repro'd on mac at TOT (#473864).

Pretty sure this is a dupe of  issue 693760 , the fuzzing performs fine when moving initialization out of LLVMFuzzerInitialize

ClusterFuzz has detected this issue as fixed in range 474926:474952.

Detailed report: https://clusterfuzz.com/testcase?key=6486786720399360

Fuzzer: libfuzzer_text_resource_decoder_fuzzer
Job Type: mac_libfuzzer_chrome_asan
Platform Id: mac

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  blink::TextResourceDecoder::Decode
  blink::LLVMFuzzerTestOneInput
  start
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=447701:448014
Fixed: https://clusterfuzz.com/revisions?job=mac_libfuzzer_chrome_asan&range=474926:474952

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6486786720399360


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.