hubbe@, could you please look into this change (https://chromium.googlesource.com/chromium/src/+/27f498752cca014632745af4bc9d8f3ea95bb920%5E%21/media/blink/multibuffer_data_source.cc) if possible?

Thank you!

My change isn't the problem here, this bug could have happened before that.
(The BufferedDataSource contains the same DCHECK.)

I'm not sure how "wouldTaintOrigin" is supposed to work, given that <video> tags can go cross-origin pretty much at any time. Seems like we have a race condition here.

ClusterFuzz has detected this testcase as flaky and is unable to reproduce it in the original crash revision. Skipping fixed testing check and marking it as potentially fixed.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4995919514173440

Fuzzer: inferno_layout_test_unmodified
Job Type: linux_debug_content_shell_drt
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  init_cb_.is_null() && reader_.get(). Initialize() must complete before calling H
  media::MultibufferDataSource::HasSingleOrigin
  media::WebMediaPlayerImpl::hasSingleSecurityOrigin
  

Minimized Testcase (12.63 Kb): https://cluster-fuzz.appspot.com/download/AMIfv973jaLWf0lzRW2nUVaKC8hY0kefRsMgCJsjarI0U0Jl18D_F_9VySZpXKcdPRNnPM5DIc-05BT-3dB1rrA-0uRHZWyDxMPFDkrfBqsHTiN1yOy57_DSN8LZnNjIQsmsLOsJ_ge8JgKhShxNmA-5hD38DbSz4w?testcase_id=4995919514173440

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Marking 'WontFix' as per c#3.

Thank you!

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot