Automatically applying components based on crash stacktrace and information from OWNERS files.

If this is incorrect, please apply the Test-Predator-Wrong-Components label.

Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/27d21eb0af100f86a2dfca5bccecf60e2d71f70e (Unify SetRemoteDescription track and SRD resolve events in one callback.).

If this is incorrect, please remove the owner and apply the Test-Predator-Wrong-CLs label.

Reported at the same time blaming the same CL:  https://crbug.com/788809 .
May be related, investigating there.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/1aa2887ffca8e6ce3a74891e71720bc3e0ad809c

commit 1aa2887ffca8e6ce3a74891e71720bc3e0ad809c
Author: Henrik Boström <hbos@chromium.org>
Date: Mon Nov 27 18:55:09 2017

WebRtcSetRemoteDescriptionObserverImpl: Reset WebRTCVoidRequest on main thread

This prevents a race between the main thread and the webrtc signaling
thread dictating on which thread the observer is destroyed, and by
extension which thread destroys WebRTCVoidRequest.

It is not safe to reset the request on the webrtc signaling thread, by
explicitly calling Reset in the callback we ensure it has already been
reset when the destructor runs.

The referenced bugs are suspected to be caused by this bug.

NOTRY=True
TBR=guidou@chromium.org

Bug:  788809 ,  788802 
Change-Id: Ie725fc9af85fbb4e925f1410f1c728da7173350e
Reviewed-on: https://chromium-review.googlesource.com/791350
Commit-Queue: Henrik Boström <hbos@chromium.org>
Reviewed-by: Henrik Boström <hbos@chromium.org>
Cr-Commit-Position: refs/heads/master@{#519354}
[modify] https://crrev.com/1aa2887ffca8e6ce3a74891e71720bc3e0ad809c/content/renderer/media/rtc_peer_connection_handler.cc

Speculatively marking this as Fixed, without having been able to verify because I couldn't repro.

ClusterFuzz has detected this issue as fixed in range 519344:519369.

Detailed report: https://clusterfuzz.com/testcase?key=4760437647474688

Fuzzer: inferno_twister
Job Type: windows_asan_content_shell
Platform Id: windows

Crash Type: Null-dereference READ
Crash Address: 0x00000008
Crash State:
  blink::ThreadState::FreePersistentNode
  blink::PersistentBase<blink::Permissions,blink::WeaknessPersistentConfiguration:
  blink::PtrStorageImpl<blink::HistoryItem,blink::WebPrivatePtrDestruction::kWebPr
  
Sanitizer: address (ASAN)

Regressed: https://clusterfuzz.com/revisions?job=windows_asan_content_shell&range=519268:519279
Fixed: https://clusterfuzz.com/revisions?job=windows_asan_content_shell&range=519344:519369

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4760437647474688

Additional requirements: Requires Gestures

Additional requirements: Requires HTTP

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4760437647474688 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

 Issue 788809  has been merged into this issue.

 Issue 788760  has been merged into this issue.