Predator and CL did not provide any possible suspects.
Using Code Search for the file "parser.c",assigning to the concern owner who might be related to your changes.

@dominicc -- Could you please look into the issue, kindly re-assign if this is not related to your changes.

Thank You.

Automatically applying components based on information from OWNERS files. If this seems incorrect, please apply the Test-Predator-Wrong-Components label.

Test causes stack overflow with a large nested xml input.  Locally, I could reproduce this error.  However when I increase stack size to around 16MB using setrlimit(), this test runs fine.

Closing, wont fix.  Pathalogical input exceeds process stack limit.  This is not a security problem.

code:

extern "C" int LLVMFuzzerTestOneInput(const uint8_t* data, size_t size) {
  struct rlimit rl = {16*1024*1024, 16*1024*1024};
  if (setrlimit(RLIMIT_STACK, &rl) == -1)
    exit(printf("failed\n"));

  ...

 Issue 757159  has been merged into this issue.

 Issue 738947  has been merged into this issue.

Marty, here is an interesting case with labels assignment.

CF has just added "OS-Windows" to this crash, but we neither run this fuzzer on windows nor have similar crashes found on Windows. 

I suspect that has happened because one of the issues merged above (c#4 and c#5) is a stack overflow crash without stacktrace: https://clusterfuzz.com/v2/testcase-detail/5153707431034880?noredirect=1

As per crash stats, CF believes that it sees the same crash happening on Windows. Should we fix that?

ClusterFuzz has detected this issue as fixed in range 509033:509059.

Detailed report: https://clusterfuzz.com/testcase?key=6025693933862912

Fuzzer: libFuzzer_libxml_xml_read_memory_fuzzer
Job Type: libfuzzer_chrome_asan
Platform Id: linux

Crash Type: Stack-overflow
Crash Address: 0x7ffc86d11f48
Crash State:
  xmlParseElement
  xmlParseContent
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=450672:450717
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan&range=509033:509059

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6025693933862912

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.