The result is a list of CLs that change the crashed files. 
Author: Nicholas Verne
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/1b5b587f547319a4dc72d06fc25b0494826fd9cd
Time: Wed Jun 21 01:49:57 2017
The CL last changed line 81 of file AXMenuList.cpp, which is stack frame 3. 

@Nicholas: Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

I suspect this is a flake. The change in question was a renaming of AXObjectImpl to AXObject. Don't know who should look.

Dominic, any idea what might be happening here?

Seems related to 688085, note that https://codereview.chromium.org/2939933002 ("Only call TextChanged on existing AXObjects.") is in the blamelist

Automatically applying components based on information from OWNERS files. If this seems incorrect, please apply the Test-Predator-Wrong-Components label.

 Issue 772898  has been merged into this issue.

ClusterFuzz testcase 5661748119207936 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

ClusterFuzz has detected this issue as fixed in range 514498:517702.

Detailed report: https://clusterfuzz.com/testcase?key=5801145229639680

Fuzzer: inferno_layout_test_unmodified
Job Type: mac_asan_content_shell
Platform Id: mac

Crash Type: Null-dereference READ
Crash Address: 0x0000000000a8
Crash State:
  blink::AXObjectCacheImpl::GetOrCreateAXID
  blink::AXObjectCacheImpl::GetOrCreate
  blink::AXMenuList::AddChildren
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=480776:480824
Fixed: https://clusterfuzz.com/revisions?job=mac_asan_content_shell&range=514498:517702

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5801145229639680

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.