Predator could not provide any possible suspects.
Using the CL search for the file, “source_buffer_state.cc” assigning to concern owner.

Suspecting Commit# https://chromium.googlesource.com/chromium/src/+/5cb94df5a3071ca7d7edbb707f0689cebe826437

xhwang@ -- Could you please look into this issue, kindly reassign if it has nothing to do with your changes.


Thank You.

 Issue 779375  has been merged into this issue.

Testcase 4865451552407552 is a top crash on ClusterFuzz for linux platform. Please prioritize fixing this crash.

Marking this crash as a Beta release blocker.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

I added the code to cause crash on append failure, which is expected to crash on fuzzer tests with fuzzed data. See issue 778363.

I'll land the revert shortly once I confirmed that I've collected enough crash reports.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/5ee49b9b6e8ba9624da48bb2f72da0639de6dd7e

commit 5ee49b9b6e8ba9624da48bb2f72da0639de6dd7e
Author: Xiaohan Wang <xhwang@chromium.org>
Date: Tue Oct 31 19:01:52 2017

media: Revert crash on SourceBufferState::Append() failure

This partially reverts
https://chromium-review.googlesource.com/c/chromium/src/+/739743
that added crash code to investigate the BUG.

TBR=dalecurtis@chromium.org,wolenetz@chromium.org
BUG=778363, 779379 

Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel
Change-Id: I246f7f3f82763b8dc6ae5c00eb01714419e5fdec
Reviewed-on: https://chromium-review.googlesource.com/742229
Reviewed-by: Matthew Wolenetz <wolenetz@chromium.org>
Reviewed-by: Xiaohan Wang <xhwang@chromium.org>
Commit-Queue: Xiaohan Wang <xhwang@chromium.org>
Cr-Commit-Position: refs/heads/master@{#512892}
[modify] https://crrev.com/5ee49b9b6e8ba9624da48bb2f72da0639de6dd7e/media/filters/source_buffer_state.cc

ClusterFuzz has detected this issue as fixed in range 512869:512907.

Detailed report: https://clusterfuzz.com/testcase?key=5374467881828352

Fuzzer: libFuzzer_mediasource_MP3_pipeline_integration_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: CHECK failure
Crash Address: 
Crash State:
  n != 2 in source_buffer_state.cc
  SignalHandler
  media::SourceBufferState::Append
  
Sanitizer: memory (MSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=512407:512408
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=512869:512907

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5374467881828352

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.