Predator and CL could not provide any possible suspects.
Using Code Search for the file, "track_run_iterator.cc" assigning to the concern owner.

Suspecting Commit#
https://chromium.googlesource.com/chromium/src/+/15d1b34174529968cac05a8902c96368687a8fd4

@servolk -- Could you please look into the issue, kindly re-assign if this is not related to your changes.
Thank You.

Matt, I don't think this failure has anything to do with my commit. Could you take a look?

With additional logging code added to the faulting method:

debug asan (ditto for non-debug ubsan with dcheck_always_on):
numer=0x800000000000000, denom=0xac44
a=0xbe37c63a8f8
Check failed: (a > 0 ? a : -a) <= std::numeric_limits<int64_t>::max() / base::Time::kMicrosecondsPerSecond (13071672387832 vs. 9223372036854)

(And if I hadn't enabled dcheck_always_on (needed for how I obtained logs and check similar  bug 759241  repro), the resulting multiplication would have repro'ed the ubsan overflow on the next line.)


This method is really ugly.
=> sandersd@ please take a look. Thanks!

 Issue 759241  has been merged into this issue.

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/2a46bc6d26418be826941cbe12b4bbf9c57cb186

commit 2a46bc6d26418be826941cbe12b4bbf9c57cb186
Author: Dan Sanders <sandersd@chromium.org>
Date: Wed Sep 06 00:03:04 2017

[media] Report overflow from media::mp4::TimeDeltaFromRational()

This CL adds overflow checks in TimeDeltaFromRational(), which now
returns kNoTimestamp in such cases.

MP4StreamParser::ParseMoov() and MP4StreamParser::EnqueueSample() now
check for kNoTimestamp, record a log message, and fail parsing in
these cases.

Bug:  758810 
Change-Id: Ic6ff53fcbbf5ff59a5e29723dcec0c5f6c39686c
Reviewed-on: https://chromium-review.googlesource.com/651167
Commit-Queue: Matthew Wolenetz <wolenetz@chromium.org>
Reviewed-by: Matthew Wolenetz <wolenetz@chromium.org>
Cr-Commit-Position: refs/heads/master@{#499807}
[modify] https://crrev.com/2a46bc6d26418be826941cbe12b4bbf9c57cb186/media/formats/mp4/mp4_stream_parser.cc
[modify] https://crrev.com/2a46bc6d26418be826941cbe12b4bbf9c57cb186/media/formats/mp4/track_run_iterator.cc
[modify] https://crrev.com/2a46bc6d26418be826941cbe12b4bbf9c57cb186/media/formats/mp4/track_run_iterator_unittest.cc

ClusterFuzz has detected this issue as fixed in range 499756:499820.

Detailed report: https://clusterfuzz.com/testcase?key=5622044405530624

Fuzzer: libFuzzer_mediasource_MP4_FLAC_pipeline_integration_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  media::mp4::TimeDeltaFromRational
  media::mp4::MP4StreamParser::EnqueueSample
  media::mp4::MP4StreamParser::Parse
  
Sanitizer: undefined (UBSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=497087:497155
Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=499756:499820

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5622044405530624

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

ClusterFuzz testcase 4844342597648384 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.