This predates any changes I've made in the last week. This looks like a crash related to the old mechanism for passing textures from pepper to cc, which is good because it means it's probably fixed. 

I'm going to tentatively mark this as fixed. Feel free to reopen if this is still a problem, although I'll probably end up forwarding the issue to piman@.

ClusterFuzz has detected this issue as fixed in range 394769:394784.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5307619509534720

Fuzzer: lcamtuf_cross_fuzz
Job Type: linux_lsan_chrome_mp
Platform Id: linux

Crash Type: UNKNOWN WRITE
Crash Address: 0x000000000030
Crash State:
  gpu::gles2::GLES2DecoderImpl::ReleaseAllBackTextures
  gpu::gles2::GLES2DecoderImpl::Destroy
  gpu::GpuCommandBufferStub::Destroy
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=209699:209703
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_lsan_chrome_mp&range=394769:394784

Minimized Testcase (103.02 Kb): https://cluster-fuzz.appspot.com/download/AMIfv96mYY95h9Kly_E46Mt22SxAWsEE6RGndAlaMW4lvrrRLmCppwOOYj-XxyzMKuy-wlZGmCr_HmTe3lvHJBp-UMV8-NPw8N5eZxvbkiu-SjR5dm308oi4aNft48xuQlEal-WLNmzKILDIB5eDMHvHkbNdHy2i4ElyRDiibu7F9FQgFij1dSY

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot