This crash occurs very frequently on linux platform and is likely preventing the fuzzer ksakamoto_woff2_fuzzer from making much progress. Fixing this will allow more bugs to be found.

Marking this bug as a blocker for next Beta release.

If this is incorrect, please add ClusterFuzz-Wrong label and remove the ReleaseBlock-Beta label.

Looks like this file was recently added (https://chromium.googlesource.com/chromium/src/+/18c7186d821de890abcc39dfd8cc8ad5bbb28e08).

Is |record.worst_case_ratio| initialised any where?

THe patch was reverted, then relanded with a fix. To my knowledge the fix stuck.

ClusterFuzz has detected this issue as fixed in range 594189:594190.

Detailed report: https://clusterfuzz.com/testcase?key=6343390151835648

Fuzzer: ksakamoto_woff2_fuzzer
Job Type: linux_msan_chrome
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  blink::LocalFrameUkmAggregator::RecordPrimarySample
  cc::ProxyMain::BeginMainFrame
  void base::internal::Invoker<base::internal::BindState<void
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Medium

Fixed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=594189:594190

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=6343390151835648

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 6343390151835648 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot