Several recent changes here, none in the regression range, but https://chromium.googlesource.com/chromium/src/+/926b354d460cbd6222a5c088dc42fd666f462d69 seems plausible.

(Oh, actually https://chromium.googlesource.com/chromium/src/+/49bbfa2c69b0e6f8e87c2ce234b09ec7fd1d3fa1 is in range and possibly relevant.)

Issue 756995 has been merged into this issue.

 Issue 756968  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/e5e426797ade05d16b97247061d7e19b2f5797bd

commit e5e426797ade05d16b97247061d7e19b2f5797bd
Author: erikchen <erikchen@chromium.org>
Date: Fri Aug 18 21:12:24 2017

Don't try to RemoveConnectionFilter in destructor of MemlogClient.

By the time the MemlogClient is destroyed, the ServiceManagerConnection has
already been destroyed, so there's no point in removing the ConnectionFilter.
This appears to match the behavior of other callers of AddConnectionFilter.

Bug:  756959 
Change-Id: I464983243bc259f7d6d6743f28ea198dc06d294e
Reviewed-on: https://chromium-review.googlesource.com/621781
Reviewed-by: Brett Wilson <brettw@chromium.org>
Commit-Queue: Erik Chen <erikchen@chromium.org>
Cr-Commit-Position: refs/heads/master@{#495686}
[modify] https://crrev.com/e5e426797ade05d16b97247061d7e19b2f5797bd/chrome/common/profiling/memlog_client.cc
[modify] https://crrev.com/e5e426797ade05d16b97247061d7e19b2f5797bd/chrome/common/profiling/memlog_client.h

This should be fixed.

ClusterFuzz testcase 5643861698543616 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

ClusterFuzz has detected this issue as fixed in range 495650:495694.

Detailed report: https://clusterfuzz.com/testcase?key=4764620689768448

Fuzzer: attekett_surku_fuzzer
Job Type: linux_msan_chrome
Platform Id: linux

Crash Type: Use-of-uninitialized-value
Crash Address: 
Crash State:
  profiling::MemlogClient::~MemlogClient
  ChromeContentClient::~ChromeContentClient
  ChromeMain
  
Sanitizer: memory (MSAN)

Recommended Security Severity: Low

Regressed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=495503:495507
Fixed: https://clusterfuzz.com/revisions?job=linux_msan_chrome&range=495650:495694

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4764620689768448

Additional requirements: Requires Gestures

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

(also found by internal fuzzer)

This bug has been closed for more than 14 weeks. Removing security view restrictions.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot