tguilbert @ could you please look into this.please feel free to re-assigned back if needed. thanks in advance !

Taking a look!

The attached video file produces a timestamp with the value -2^63-1, which can be seen if one adds logging at this line:
https://cs.chromium.org/chromium/src/media/filters/video_renderer_algorithm.cc?type=cs&sq=package:chromium&rcl=1476717412&l=462

chcunningham mentioned that this was ffmpeg's value for "no timestamp".

I am not sure what the right fix ATM but will look into it some more.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

The future fix for  crbug.com/665305  might fix this issue.

(which is receiving frames with kNoTimeStamp as far as the VideoRendererImpl::FrameReady())

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/067e03ca0fc3a4f64fc5f324d665e5c10268cd14

commit 067e03ca0fc3a4f64fc5f324d665e5c10268cd14
Author: tguilbert <tguilbert@chromium.org>
Date: Sat Jan 14 02:14:25 2017

Fix int-overflow due to absent stream timestamp

 crbug.com/665305  introduced some fixes for buffers with no timestamps.
However, if we did not receive a valid stream timestamp from the
demuxer, the first buffer that we output can still end up having no
timestamp (which eventually leads to an integer overflow in
VideoRendererAlgorithm).

This CL fixes the issue by reporting a demuxer error, rather than
emitting a buffer with no timestamp and relying on the decoder to error
out.

BUG= 665305 ,  656763 
TEST= fixes media_pipeline_integration_fuzzer. Ran ffmpeg_integration_tests as ASAN/MSAN/UBSAN. Ran Media UTs

Review-Url: https://codereview.chromium.org/2635573002
Cr-Commit-Position: refs/heads/master@{#443769}

[modify] https://crrev.com/067e03ca0fc3a4f64fc5f324d665e5c10268cd14/media/ffmpeg/ffmpeg_regression_tests.cc
[modify] https://crrev.com/067e03ca0fc3a4f64fc5f324d665e5c10268cd14/media/filters/ffmpeg_demuxer.cc

ClusterFuzz has detected this issue as fixed in range 443650:443891.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4633277136896000

Fuzzer: ochang_search_index_mutator
Job Type: linux_ubsan_chrome
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  media::VideoRendererAlgorithm::UpdateFrameStatistics
  media::VideoRendererAlgorithm::Render
  media::VideoRendererImpl::Render
  
Sanitizer: undefined (UBSAN)

Regressed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=370022:370027
Fixed: https://cluster-fuzz.appspot.com/revisions?job=linux_ubsan_chrome&range=443650:443891

Minimized Testcase (7599.22 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95K3loEPwZ5BBfT1siyfFfXLMPBs2MRuifDoCUcJ0gRHEsBuH1Vv7Gh_HYtuYMXx80FwMgey4pYfDW3nDXhM8KPUOhRV3BjZ0KbtyWm7q2oo1Kmsz_PUf03D58idwkGJVW7OslLuKgl7BZ0EC5Dj7dNbALJd8el4AfvdACIwYYw7RWV5P4?testcase_id=4633277136896000

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4633277136896000 is verified as fixed, so closing issue.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.