Crash in base::debug::DebugBreak |
|||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=4525746342330368 Fuzzer: libfuzzer_media_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: UNKNOWN Crash Address: 0x03e900006544 Crash State: base::debug::DebugBreak media::FFmpegDemuxerStream::EnqueuePacket media::FFmpegDemuxer::OnReadFrameDone Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=413124:413277 Minimized Testcase (0.01 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97KXiBVlEO1Ed0YxlTNMQP2l57rftnH5gjLw-FFkdH3Y1ECdgr24kUrSUrfQ1JVYELyafyV0xJ7VTj4_PIz0xns5_tfhJvRjjoAJk5IE_9JSwJKJRo7VtFUUxxrIO6AO513uaFAaO6a1Vmim7zY7wXImz07Tg?testcase_id=4525746342330368 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Dec 12 2016
=> frank who is already fixing this for another issue.
,
Dec 12 2016
verified that https://codereview.chromium.org/2563183002/ fixes this too.
,
Dec 20 2016
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/722dfe42527ed575678e5145ef3e58f03013030a commit 722dfe42527ed575678e5145ef3e58f03013030a Author: liberato <liberato@chromium.org> Date: Tue Dec 20 23:49:57 2016 Fix up missing timestamps in FFmpegDemuxer. Previously, we would DCHECK if FFmpeg provded no timestamp for a buffer. We now replace this with zero for the first packet, and with an advance over the previous buffer for later ones. The rationale is that bad media might cause this, and we previously had a DCHECK to catch it. This makes the behavior consistent even in releaes builds. BUG= 665305 , 673079 TEST=ffmpeg_regression_tests Review-Url: https://codereview.chromium.org/2563183002 Cr-Commit-Position: refs/heads/master@{#439933} [modify] https://crrev.com/722dfe42527ed575678e5145ef3e58f03013030a/media/ffmpeg/ffmpeg_regression_tests.cc [modify] https://crrev.com/722dfe42527ed575678e5145ef3e58f03013030a/media/filters/ffmpeg_demuxer.cc [modify] https://crrev.com/722dfe42527ed575678e5145ef3e58f03013030a/media/filters/ffmpeg_demuxer.h
,
Dec 21 2016
ClusterFuzz has detected this issue as fixed in range 439885:439988. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=4525746342330368 Fuzzer: libfuzzer_media_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: UNKNOWN Crash Address: 0x03e900006544 Crash State: base::debug::DebugBreak media::FFmpegDemuxerStream::EnqueuePacket media::FFmpegDemuxer::OnReadFrameDone Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=413124:413277 Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=439885:439988 Minimized Testcase (0.01 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97KXiBVlEO1Ed0YxlTNMQP2l57rftnH5gjLw-FFkdH3Y1ECdgr24kUrSUrfQ1JVYELyafyV0xJ7VTj4_PIz0xns5_tfhJvRjjoAJk5IE_9JSwJKJRo7VtFUUxxrIO6AO513uaFAaO6a1Vmim7zY7wXImz07Tg?testcase_id=4525746342330368 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Dec 21 2016
ClusterFuzz testcase 4525746342330368 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||
►
Sign in to add a comment |
|||
Comment 1 by msrchandra@chromium.org
, Dec 12 2016Labels: Test-Predator-Wrong-CLs
Owner: dalecur...@chromium.org
Status: Assigned (was: Untriaged)