New issue
Advanced search Search tips
Note: Color blocks (like or ) mean that a user may not be available. Tooltip shows the reason.

Issue 820818 link

Starred by 1 user

Issue metadata

Status: Verified
Owner:
Closed: Mar 2018
Cc:
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug-Regression



Sign in to add a comment

Null-dereference READ in webrtc::OveruseFrameDetector::FrameSent

Project Member Reported by ClusterFuzz, Mar 11 2018

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=5456560311238656

Fuzzer: phoglund_webrtc_peerconnection
Job Type: linux_cfi_chrome
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000080
Crash State:
  webrtc::OveruseFrameDetector::FrameSent
  webrtc::VideoStreamEncoder::OnEncodedImage
  _ZN3rtc11ClosureTaskIZN6webrtc18VideoStreamEncoder14OnEncodedImageERKNS1_12Encod
  
Sanitizer: cfi (CFI)

Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=542244:542280

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5456560311238656

Additional requirements: Requires HTTP

Issue filed automatically.

See https://github.com/google/clusterfuzz-tools for more information.
 
Cc: brajkumar@chromium.org
Components: Blink>WebRTC
Labels: -Type-Bug M-67 Test-Predator-Wrong Type-Bug-Regression
Owner: tommi@chromium.org
Status: Assigned (was: Untriaged)
Predator could not provide any possible suspects.

From the below CL observing some changes related to 'WebRTC' , hence suspecting the same
https://chromium.googlesource.com/chromium/src/+log/df21c2237e036a49218269e5ca1b27e9518646f4..a012da09659098354c4f176d208427fac2e241e3?pretty=fuller&n=100000

Suspect CL: https://chromium.googlesource.com/chromium/src/+/5773863a93f2b00e2a40fa134ad32f1da48ae588

tommi@ -- Could you please check whether this is caused with respect to your change, if not please help us in assigning it to the right owner.

Thanks!

Comment 2 by tommi@chromium.org, Mar 13 2018

Yes, this should be fixed now, as of yesterday.
Project Member

Comment 3 by ClusterFuzz, Mar 13 2018

ClusterFuzz has detected this issue as fixed in range 542482:542507.

Detailed report: https://clusterfuzz.com/testcase?key=5456560311238656

Fuzzer: phoglund_webrtc_peerconnection
Job Type: linux_cfi_chrome
Platform Id: linux

Crash Type: Null-dereference READ
Crash Address: 0x000000000080
Crash State:
  webrtc::OveruseFrameDetector::FrameSent
  webrtc::VideoStreamEncoder::OnEncodedImage
  _ZN3rtc11ClosureTaskIZN6webrtc18VideoStreamEncoder14OnEncodedImageERKNS1_12Encod
  
Sanitizer: cfi (CFI)

Regressed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=542244:542280
Fixed: https://clusterfuzz.com/revisions?job=linux_cfi_chrome&range=542482:542507

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5456560311238656

Additional requirements: Requires HTTP

See https://github.com/google/clusterfuzz-tools for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Comment 4 by tommi@chromium.org, Mar 13 2018

Status: Fixed (was: Assigned)
Project Member

Comment 5 by ClusterFuzz, Mar 13 2018

Labels: ClusterFuzz-Verified
Status: Verified (was: Fixed)
ClusterFuzz testcase 5456560311238656 is verified as fixed, so closing issue as verified.

If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.

Sign in to add a comment