Providing Findit details for internal purpose:
Suspected CLs	
---------------
The result is a list of CLs that change the crashed files.

Author: hubbe
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/9e40ea52847b6303c81c6e2e64566791a2c960c8
Time: Wed Aug 17 02:25:37 2016
File vpx_video_decoder.cc is changed in this cl (and is part of stack frame #3, "media::VpxVideoDecoder::CopyVpxImageToVideoFrame"; frame #4, "media::VpxVideoDecoder::VpxDecode"; frame #5, "media::VpxVideoDecoder::DecodeBuffer"; frame #6, "media::VpxVideoDecoder::Decode")
Minimum distance from crash line to modified line: 14. (file: vpx_video_decoder.cc, crashed on: 572, modified: 586).

Suspected Project: chromium

using codesearch, seeing observing same changes related to vpx_video_decoder.cc in https://codereview.chromium.org/2247403002

hubbe@, Could you please check the above issue & help us in finding an owner if its not yours.

I'm confused, my change isn't in the range listed on the cluster-fuzz report.
It seems unlikely that my change is causing the problem, and I don't see anything obvious in the range listed. Given that the first CL in the range is "fixed clusterfuzz on mac", perhaps the problem occured before that?
If we can't bisect it, we're just going to have to debug it I guess.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2ba53c9cf88833aabbb642e53de195fb150e28f0

commit 2ba53c9cf88833aabbb642e53de195fb150e28f0
Author: hubbe <hubbe@chromium.org>
Date: Thu Sep 22 20:24:00 2016

Fix a fuzzer crash in VideoFramePool

It seems that providing random data to the VPX parser can make it call the video
frame pool with illegal parameters. This currently causes a crash, let's make it
return null, and the calling code already seems to handle that well.

BUG= 648849 

Review-Url: https://codereview.chromium.org/2360373002
Cr-Commit-Position: refs/heads/master@{#420443}

[modify] https://crrev.com/2ba53c9cf88833aabbb642e53de195fb150e28f0/media/base/video_frame_pool.cc

ClusterFuzz has detected this issue as fixed in range 420414:420443.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6494221957857280

Fuzzer: libfuzzer_media_vpx_video_decoder_fuzzer
Job Type: mac_libfuzzer_chrome_asan
Platform Id: mac

Crash Type: UNKNOWN READ
Crash Address: 0x00000000000c
Crash State:
  format
  media::VideoFramePool::PoolImpl::CreateFrame
  media::VideoFramePool::CreateFrame
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=mac_libfuzzer_chrome_asan&range=410288:412598
Fixed: https://cluster-fuzz.appspot.com/revisions?job=mac_libfuzzer_chrome_asan&range=420414:420443

Minimized Testcase (390.62 Kb): https://cluster-fuzz.appspot.com/download/AMIfv943aH8Dk5omGt8p4g5GH2uFbQ6vBX_As18MmxDzy81OuTAqKiOoREePOCYA3MdOWnK2OdTLrQgO5ZuRzZbhnn19VJShTHNvf3T_jlQi5dRzCz9GvJy_Bk2M4WDaN2Xp8GjjHStDrWxGlrkOVSHg_sN5C50_C5kxOPMaNZxQHwQ7voybRbg?testcase_id=6494221957857280

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase is verified as fixed, closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

 Issue 593265  has been merged into this issue.

Automatically applying components based on crash stacktrace and information from OWNERS files. If this is incorrect, please apply the Test-Predator-Wrong-Components label.