Unable to find actual suspect through code search and also observing no CL's under regression range, hence adding appropriate label and requesting someone from Dev team to look in to this issue.

Thanks!

rockot@, just wondering do you have any inputs here?

I don't know what to make of this. I don't think it's a Mojo bug. I see two stacks, one in allocation by some histograms code, and one what looks like a nullptr dereference reading an IPC message (which in turn could just be another symptom of allocation failure?)

ClusterFuzz has detected this issue as fixed in range 612597:612609.

Detailed report: https://clusterfuzz.com/testcase?key=5731894204039168

Fuzzer: inferno_twister_c
Job Type: mac_asan_chrome
Platform Id: mac

Crash Type: Null-dereference READ
Crash Address: 0x000000000000
Crash State:
  /usr/lib/libc++.1.dylib:x86_64
  /usr/lib/libc++.1.dylib:x86_64
  chrome::mojom::RendererConfigurationStubDispatch::Accept
  
Sanitizer: address (ASAN)

Fixed: https://clusterfuzz.com/revisions?job=mac_asan_chrome&range=612597:612609

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5731894204039168

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 5731894204039168 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.