CHECK failure: default_duration_ == kNoTimestamp || default_duration_ > base::TimeDelta() in we |
|||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4688363289575424 Fuzzer: libFuzzer_mediasource_WEBM_OPUS_VP9_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: default_duration_ == kNoTimestamp || default_duration_ > base::TimeDelta() in we base::debug::DebugBreak media::WebMClusterParser::Track::Track Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=499783:499873 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4688363289575424 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Sep 11 2017
Predator and CL could not provide any possible suspects. Using the code search for the file, “webm_cluster_parser.cc” assigning to concern owner from GIT revision log. Suspecting Commit# https://chromium.googlesource.com/chromium/src/+/9cddc0b9cd174242d365e9d64615687384b73c89 @dalecurtis -- Could you please look into this issue, kindly reassign if it has nothing to do with your changes. Please ignore the Comment#1, which is wrongly assigned. Thank You.
,
Sep 11 2017
=>chcunningham
,
Oct 1 2017
Automatically applying components based on information from OWNERS files. If this seems incorrect, please apply the Test-Predator-Wrong-Components label.
,
Oct 24 2017
For more information, please see https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md. The link referenced in the description is no longer valid.
,
Nov 7 2017
,
Jan 4 2018
,
Jan 5 2018
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/47d8c2edcf9282c1a5b8074b02bf5d60c54d275d commit 47d8c2edcf9282c1a5b8074b02bf5d60c54d275d Author: Chris Cunningham <chcunningham@chromium.org> Date: Fri Jan 05 04:34:49 2018 MSE: Fail WebM parsing for TimeCodeScale <= 0 TimeCodeScale is the timestamp scale in nanoseconds. The TimeCodes in each cluster are multiplied by this value to get the real media time. Therefore any value <= 0 is not reasonable. Typically this value is 1,000,000 (millisecond precision). This was found via clusterfuzz hitting the DCHECK below. We cap the precision of default duration to that of TimeCodeScale, which ends up multiplying by 0 when TimeCodeScale == 0. https://cs.chromium.org/chromium/src/media/formats/webm/webm_cluster_parser.cc?rcl=ce5726c2c20db76a083c1b7874e429ec7fedc384&l=627 Bug: 763719 Test: Clusterfuzz repro, YouTube, unittests. Change-Id: I5ce115f058d328032a55fd72bfe6be1e3c6d5214 Reviewed-on: https://chromium-review.googlesource.com/851066 Commit-Queue: Chrome Cunningham <chcunningham@chromium.org> Reviewed-by: Matthew Wolenetz <wolenetz@chromium.org> Cr-Commit-Position: refs/heads/master@{#527213} [modify] https://crrev.com/47d8c2edcf9282c1a5b8074b02bf5d60c54d275d/media/formats/webm/webm_info_parser.cc
,
Jan 5 2018
ClusterFuzz has detected this issue as fixed in range 527199:527221. Detailed report: https://clusterfuzz.com/testcase?key=4688363289575424 Fuzzer: libFuzzer_mediasource_WEBM_OPUS_VP9_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: default_duration_ == kNoTimestamp || default_duration_ > base::TimeDelta() in we media::WebMClusterParser::Track::Track media::WebMClusterParser::WebMClusterParser Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=499783:499873 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=527199:527221 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4688363289575424 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Jan 5 2018
ClusterFuzz testcase 4688363289575424 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
|||||||
►
Sign in to add a comment |
|||||||
Comment 1 by pnangunoori@chromium.org
, Sep 11 2017Labels: Test-Predator-Wrong-CLs M-63
Owner: wolenetz@chromium.org
Status: Assigned (was: Untriaged)