Predator could not provide any possible suspects.

From the below CL observing some changes related to 'LocalCaretRect.cpp' , hence suspecting the same
https://chromium.googlesource.com/chromium/src/+log/a624656678a7b779d4f87584b98303f96ef94623..30cc48f2412329c94b7fcfe98bd942f9fad098b5?pretty=fuller&n=10000

Suspect CL: https://chromium.googlesource.com/chromium/src/+/0cca13625be692fc10b4bdad3369a4eae7388eaf

yoichio@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

 Issue 829364  has been merged into this issue.

The test case is using minor API document.execCommnad(InsertList).
Impact is low.

Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

ClusterFuzz has detected this issue as fixed in range 550562:550563.

Detailed report: https://clusterfuzz.com/testcase?key=5500066073411584

Fuzzer: bj_broddelwerk
Job Type: windows_asan_chrome_no_sandbox
Platform Id: windows

Crash Type: Null-dereference READ
Crash Address: 0x000000000020
Crash State:
  blink::InlineBox::Root
  blink::LocalCaretRectOfPosition
  blink::RendersInDifferentPosition
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=547638:547640
Fixed: https://clusterfuzz.com/revisions?job=windows_asan_chrome_no_sandbox&range=550562:550563

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5500066073411584

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5500066073411584 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.