Git blame below is NOT necessarily who introduced the crash nor the owner for it. Please check the code before assigning to anyone.(No CL in the regression range changed the crashing files.)

Author: dcheng
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/16d6f53c350781fc725ea33d8e74c66a4b49c9bf
Time: Thu Aug 25 16:07:11 2016
The CL last changed line 440 of file values.cc, which is stack frame 3.

Author: dcheng
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/093de9b30c0ba6ded896506a297314e5ed818b89
Time: Mon Apr 04 21:25:51 2016
The CL last changed line 445 of file values.cc, which is stack frame 4.

Author: estade@chromium.org
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/b54e6259cc91acf5c1f37ae5f7126a47a9447b1f
Time: Thu Jan 30 10:32:41 2014
The CL last changed line 455 of file values.cc, which is stack frame 5.

Author: miu
Project: chromium
Changelist: https://chromium.googlesource.com/chromium/src/+/78807dc7968c9a397326aef113435cbca486f96c
Time: Tue Mar 03 23:07:39 2015
The CL last changed line 38 of file video_frame_metadata.cc, which is stack frame 6.

Suspected Project: chromium-buildtools
===========================

From the above find it tool information the changes made to the file " values.cc" of frmae 1 & 2 are more related to this.

dcheng@ could you please look into this issue if it is related to your change,else please help us in finding the appropriate owner for this issue.

Thanks,

The relevant log is:
[1:7:0923/104841:ERROR:video_frame_pool.cc(87)] Failed to create a video frame

In https://cs.chromium.org/chromium/src/media/filters/ffmpeg_video_decoder.cc?rcl=1474860215&l=141, we don't check that we successfully created a video frame, so we end up trying to deref a null pointer when updating the video frame's metadata.

hubbe: Looks like your change (TOTALLY NOT YOUR FAULT, THOUGH) to fix a fuzzer issue is causing this:

commit 2ba53c9cf88833aabbb642e53de195fb150e28f0
Author: hubbe <hubbe@chromium.org>
Date:   Thu Sep 22 13:24:00 2016

    Fix a fuzzer crash in VideoFramePool

You started returning nullptr, but because of an interface design choice (one that that I warned people about in the past), the callee (FFmpegVideoDecoder::GetVideoBuffer()) is not checking for nullptr.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6f4c79b2b5a767a56d7fc3158697cd3941e001ac

commit 6f4c79b2b5a767a56d7fc3158697cd3941e001ac
Author: hubbe <hubbe@chromium.org>
Date: Wed Oct 05 21:14:49 2016

Fix crash in fuzz test.

When provided with odd configurations, the video frame pool can return null, causing
a crash. Add a simple workaround.

BUG= 650191 

Review-Url: https://codereview.chromium.org/2390823006
Cr-Commit-Position: refs/heads/master@{#423294}

[modify] https://crrev.com/6f4c79b2b5a767a56d7fc3158697cd3941e001ac/media/filters/ffmpeg_video_decoder.cc

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/6f4c79b2b5a767a56d7fc3158697cd3941e001ac

commit 6f4c79b2b5a767a56d7fc3158697cd3941e001ac
Author: hubbe <hubbe@chromium.org>
Date: Wed Oct 05 21:14:49 2016

Fix crash in fuzz test.

When provided with odd configurations, the video frame pool can return null, causing
a crash. Add a simple workaround.

BUG= 650191 

Review-Url: https://codereview.chromium.org/2390823006
Cr-Commit-Position: refs/heads/master@{#423294}

[modify] https://crrev.com/6f4c79b2b5a767a56d7fc3158697cd3941e001ac/media/filters/ffmpeg_video_decoder.cc

[Automated comment] removing mislabelled merge-merged-2840

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot