This issue is a security regression. If you are not able to fix this quickly, please revert the change that introduced it.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

I can't figure out what the supposed uninitialized value is.
The most plausible variable based on the stack trace is nss_config_dir, which is initialized earlier in the function.

rsleevi last touched that function with https://chromium.googlesource.com/chromium/src/+/a3ad8d0bc490d62f9de55216f40f0135bdafd9dd , but it doesn't look like a functional change as far as this bug is concerned.

Seems like a dupe of  Issue 728998 

Sounds like something flaky with ClusterFuzz, then?
Removing from the security queue, but leaving with Marty in case you want to follow up.

Sorry for the inactivity here. This was indeed a recent issue on the CF side.

ClusterFuzz has detected this issue as fixed in range 479223:479293.

Detailed report: https://clusterfuzz.com/testcase?key=5834026064805888

Fuzzer: libFuzzer_net_host_resolver_impl_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  libnss3.so
  NSS_InitReadWrite
  crypto::NSSInitSingleton::NSSInitSingleton
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=477623:477664
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=479223:479293

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5834026064805888


See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot