Findit tool information
==============
Exception while running FindIt:
Traceback (most recent call last):
File "/mnt/scratch0/clusterfuzz/src/tools/suspected_cl.py", line 197, in main
**keyword_args))
File "/mnt/scratch0/clusterfuzz/src/tools/findit/findit_for_clusterfuzz.py", line 331, in FindCulpritCLs
crashing_component_repo_url)
File "/mnt/scratch0/clusterfuzz/src/tools/findit/deps_wrapper.py", line 361, in GetParsedDeps
GetChromiumComponentToCrashRevisionDict(chrome_crash_revision))
File "/mnt/scratch0/clusterfuzz/src/tools/findit/deps_wrapper.py", line 167, in GetChromiumComponentToCrashRevisionDict
chrome_crash_revision)
File "/mnt/scratch0/clusterfuzz/src/tools/findit/chromium_deps.py", line 142, in GetChromiumComponents
deps, deps_os = _ParseDEPS(deps_content)
File "/mnt/scratch0/clusterfuzz/src/tools/findit/chromium_deps.py", line 39, in _ParseDEPS
exec(content, global_scope, local_scope)
File "", line 91, in 
NameError: name 'From' is not defined
===================

Through code search seen some recent changes to the file "decoder_stream.cc" 

Possible suspect
==================
https://chromium.googlesource.com/chromium/src/+/e384d5d6be1ee2c196df5dc94c50419faf82f2a2%5E%21/

tguilbert @ could you please look into this issue if it is related to your change,else please route this to an appropriate dev person.

Thanks,

Taking a look now.

    #0 0x7f951b329df6 in media::DecoderStream<(media::DemuxerStream::Type)2>::ResetDecoder() media/filters/decoder_stream.cc:714:3
    #1 0x7f951b329ad3 in media::DecoderStream<(media::DemuxerStream::Type)2>::Reset(base::Callback<void (), (base::internal::CopyMode)1> const&) media/filters/decoder_stream.cc:184:3
    #2 0x7f951b27d623 in media::VideoRendererImpl::Flush(base::Callback<void (), (base::internal::CopyMode)1> const&) media/renderers/video_renderer_impl.cc:105:3
    #3 0x7f951b2706f9 in media::RendererImpl::FlushVideoRenderer() media/renderers/renderer_impl.cc:448:3
    #4 0x7f951b271d17 in Run<> base/bind_internal.h:181:12
    #5 0x7f951b271d17 in MakeItSo<base::WeakPtr<media::RendererImpl>> base/bind_internal.h:334
    #6 0x7f951b271d17 in base::internal::Invoker<base::IndexSequence<0ul>, base::internal::BindState<base::internal::RunnableAdapter<void (media::RendererImpl::*)()>, void (media::RendererImpl*), base::WeakPtr<media::RendererImpl>&>, base::internal::InvokeHelper<true, void, base::internal::RunnableAdapter<void (media::RendererImpl::*)()> >, void ()>::Run(base::internal::BindStateBase*) base/bind_internal.h:372
    #7 0x7f9508cd6e92 in Run base/callback.h:397:12
    #8 0x7f9508cd6e92 in base::debug::TaskAnnotator::RunTask(char const*, base::PendingTask const&) base/debug/task_annotator.cc:51

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1a359d181818d87fbef52d5b003972877aa4bc1d

commit 1a359d181818d87fbef52d5b003972877aa4bc1d
Author: tguilbert <tguilbert@chromium.org>
Date: Wed May 04 22:00:27 2016

Ignore calls to Reset() when in error state

No checks are made for STATE_ERROR in DecoderStream::Reset(). This leads
to some problems when:
- The Decoder is succesfully initialized, but falls back to a new
  decoder on first decode error, and the fallback decoder initialization
  fails, right before a call to Reset() is executed.
- The Decoder sends a DECODE_ERROR when there is a pending demuxer read,
  right before a call to Reset() is executed.

This CL shortcircuits calls to Reset() when the DecoderStream is in
STATE_ERROR. This changes the behavior of Reset(): calling it will
no longer change the STATE_ERROR to STATE_NORMAL upon successful reset.
This is acceptable, since no one is calling Reset() to recover from
errors. It is only being called by AudioRendererImpl and
VideoRendererImpl when flushing.

BUG=597605,  607454 
TEST=media unit passed, extensive runs of fuzzed faulty media passed for 607454

Review-Url: https://codereview.chromium.org/1939993002
Cr-Commit-Position: refs/heads/master@{#391650}

[modify] https://crrev.com/1a359d181818d87fbef52d5b003972877aa4bc1d/media/filters/decoder_stream.cc
[modify] https://crrev.com/1a359d181818d87fbef52d5b003972877aa4bc1d/media/filters/decoder_stream.h

ClusterFuzz has detected this issue as fixed in range 391535:391652.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5211849691234304

Fuzzer: inferno_flicker
Job Type: linux_asan_chrome_media
Platform Id: linux

Crash Type: UNKNOWN READ
Crash Address: 0x000000000000
Crash State:
  media::DecoderStream<
  media::DecoderStream<
  media::VideoRendererImpl::Flush
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_media&range=388749:389333
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_asan_chrome_media&range=391535:391652

Minimized Testcase (80.55 Kb): https://cluster-fuzz.appspot.com/download/AMIfv94Rz-5uh6YACuVB42a-PHWimXyt_KsDllBEI9EAmWqwVogaXSUNTuaR3ZqdI7V7QQC8a9NBHhjmWfFuOBMo9nPEaQOP_kfD1ocOI-goXF-Lby8XXYYCVpi5_sJQUz3USdC4YlNcv10yq6Vk0aCiJjY1LCoJFhBoCMmctcDecwhxvQApmNI

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot