Predator and CL could not provide any possible suspects.

Using Code Search for the file, "network_context.cc" suspecting the below Cl might have caused this issue

Suspect CL: https://chromium.googlesource.com/chromium/src/+/1d5637afbb6fa46221fb1f1c3f83dd9b9ede144f%5E%21/services/network/network_context.cc

ericorth@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

My best guess is that the issue existed under a different stack trace before the suspect CL.  I added a layer of indirection, but the same call was being made before: https://cs.chromium.org/chromium/src/content/browser/browsing_data/browsing_data_remover_impl.cc?rcl=800caa657a5f63df7d426f28fc8031409553c814&l=145

Maybe we can find a previous bug for the old stack trace to dupe this one to?

Don't see any bugs under the old stacktrace, but I did find https://bugs.chromium.org/p/chromium/issues/detail?id=841685 covering multiple other similar issues with null dereference in GetChannelIDStore().

Looks like https://chromium.googlesource.com/chromium/src/+/bd3d1ea0e6c3f9450fb4fce34b06a64eab528ab7 broke a bunch of code that assumed non-null channel_id_store_, including the code that I moved to NetworkContext.

Eric, did you want to add the null check to fix this bug, or do you want me to?

Adding the labels for tracking. Windows canary 68.0.3426.0 so far has reported 11 crashes from 11 clients for 'network::NetworkContext::ClearChannelIds'. 

I'll add the null check for this specific instance of the issue and send you a cl shortly.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/66cd5a13c1bb9b1a004ba61108625275888f9539

commit 66cd5a13c1bb9b1a004ba61108625275888f9539
Author: Eric Orth <ericorth@chromium.org>
Date: Thu May 10 22:16:19 2018

Fix for null channel id service in networkcontext.

Bug:  841278 
Cq-Include-Trybots: master.tryserver.chromium.linux:linux_mojo
Change-Id: Ibc169428f34de3f291756f360a09ee22d4aa2308
Reviewed-on: https://chromium-review.googlesource.com/1053835
Commit-Queue: Eric Orth <ericorth@chromium.org>
Reviewed-by: Nick Harper <nharper@chromium.org>
Reviewed-by: Helen Li <xunjieli@chromium.org>
Cr-Commit-Position: refs/heads/master@{#557684}
[modify] https://crrev.com/66cd5a13c1bb9b1a004ba61108625275888f9539/services/network/network_context.cc
[modify] https://crrev.com/66cd5a13c1bb9b1a004ba61108625275888f9539/services/network/network_context_unittest.cc

ClusterFuzz has detected this issue as fixed in range 557632:557635.

Detailed report: https://clusterfuzz.com/testcase?key=6243292363358208

Fuzzer: meacer_extension_apis
Job Type: linux_asan_chrome_mp
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  network::NetworkContext::ClearChannelIds
  network::mojom::NetworkContextStubDispatch::AcceptWithResponder
  network::mojom::NetworkContextStub<mojo::RawPtrImplRefTraits<network::mojom::Net
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_mp&range=556898:556902
Fixed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_mp&range=557632:557635

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6243292363358208

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6243292363358208 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.