The result is a list of CLs that change the crashed files.

Author: kcc
Project: chromium-libfuzzer
Changelist: https://chromium.googlesource.com/chromium/llvm-project/llvm/lib/Fuzzer.git/+/3e02228ebfee620dd4a2db0ee15a8084ca349183
Time: Thu Oct 06 05:14:00 2016
Lines 519 of file FuzzerDriver.cpp which potentially caused crash are changed in this cl (frame #4, "fuzzer::FuzzerDriver").

File FuzzerLoop.cpp is changed in this cl (and is part of stack frame #2, "fuzzer::Fuzzer::ExecuteCallback"; frame #3, "fuzzer::Fuzzer::ShuffleAndMinimize")
Minimum distance from crash line to modified line: 0. (file: FuzzerDriver.cpp, crashed on: 519, modified: 519).

Suspected Project: chromium-libfuzzer

Max, looks like this is a part of ubsan you've recently enabled? 

Yes, I think this is due to:

-fsanitize=function: Indirect call of a function through a function pointer of the wrong type (Linux, C++ and x86/x86_64 only).

We should add more crash types for this. I'll file a bug.

Gentle Ping! Do we have any further update on this?

Thank you!

behdad, could you please take a look? 

../../third_party/harfbuzz-ng/src/hb-font.cc:1245:5: runtime error: call to function _hb_ot_font_destroy(hb_ot_font_t*) through pointer to incorrect function type void (*)(void *)
18	third_party/harfbuzz-ng/src/hb-ot-font.cc:398: note: _hb_ot_font_destroy(hb_ot_font_t*) defined here

Humm.  This is common C paradigm we use all over our codebase.  What's the correct C++ way to do this?

Other than using the correct types? Hm... not sure there is such a way ... 

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

The testcase has been marked as non reproducible. Let's close it. If CF finds a reproducible crash again, it'll find another bug with more precise information.