This crash occurs very frequently on linux platform and is likely preventing the fuzzer ksakamoto_woff2_fuzzer from making much progress. Fixing this will allow more bugs to be found.

Marking this bug as a blocker for next Beta release.

If this is incorrect, please add ClusterFuzz-Wrong label and remove the ReleaseBlock-Beta label.

This is also reproducible on buildbots, see e.g. https://uberchromegw.corp.google.com/i/chromium.memory/builders/Linux%20MSan%20Tests/builds/8633 (MSan report in https://logs.chromium.org/v/?s=chromium%2Fbb%2Fchromium.memory%2FLinux_MSan_Tests%2F8633%2F%2B%2Frecipes%2Fsteps%2Fextensions_browsertests%2F0%2Flogs%2FWebViewAPITest.ReloadEmbedder%2F0)

The problem has been caused by https://chromium-review.googlesource.com/c/chromium/src/+/952303, which I'm now reverting.
Most likely |root_background_color| isn't always being properly initialized.

BTW should be ok to remove Restrict-View-SecurityTeam (or change to Google)

Reverted the offending CL in https://chromium-review.googlesource.com/c/chromium/src/+/970405

https://chromium-review.googlesource.com/c/chromium/src/+/971541

It's landed again. 

Thank you for debugging and reverting it.

ClusterFuzz has detected this issue as fixed in range 544332:544333.

Detailed report: https://clusterfuzz.com/testcase?key=5728908683771904

Fuzzer: ksakamoto_woff2_fuzzer
Job Type: linux_msan_chrome
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  content::RenderFrameMetadataObserverImpl::OnRenderFrameSubmission
  cc::LayerTreeHostImpl::DrawLayers
  cc::ProxyImpl::DrawInternal
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Regressed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=544160:544179
Fixed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=544332:544333

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5728908683771904

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5728908683771904 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Adding label for posterity.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot