New issue
Advanced search Search tips

Issue 880890 link

Starred by 2 users
Status: Assigned
Owner:
tmathmeyer@chromium.org
Cc:
kkaluri@chromium.org
dalecur...@chromium.org
wolenetz@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux , Windows , Chrome , Mac
Pri: 3
Type: Bug



Sign in to add a comment

Out-of-memory in mediasource_MP4_AVC1_pipeline_integration_fuzzer

Project Member Reported by ClusterFuzz, Sep 5 
Detailed report: https://clusterfuzz.com/testcase?key=5582292538621952

Fuzzer: libFuzzer_mediasource_MP4_AVC1_pipeline_integration_fuzzer
Job Type: libfuzzer_chrome_msan
Platform Id: linux

Crash Type: Out-of-memory (exceeds 2048 MB)
Crash Address: 
Crash State:
  mediasource_MP4_AVC1_pipeline_integration_fuzzer
  
Sanitizer: memory (MSAN)

Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=497057:497112

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5582292538621952

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.

Comment 1 by kkaluri@chromium.org, Sep 6

Cc: kkaluri@chromium.org
Components: Internals>Media>Source
Labels: M-69 Test-Predator-Wrong CF-NeedsTriage
Unable to find actual suspect through code search and also observing no CL's under regression range, hence adding appropriate label and requesting someone from Dev team to look in to this issue.

Thanks!

Comment 2 by dalecur...@chromium.org, Sep 6

Cc: dalecur...@chromium.org wolenetz@chromium.org
Owner: tmathmeyer@chromium.org
Status: Assigned (was: Untriaged)
=> ted since he was just looking at one like this.

Comment 3 by dalecur...@chromium.org, Sep 6

Labels: -Pri-1 Pri-3
Project Member

Comment 4 by ClusterFuzz, Oct 9

Labels: OS-Windows

Comment 5 by tmathmeyer@chromium.org, Oct 9 

I can repro the crash when using 2GB of ram, but as when I tell it to use a max of 4GB, i no longer get OOM. I'm skeptical that this is a leak, and leaning towards it just being a big file and a lot of controlled allocation.

Comment 6 by dalecur...@chromium.org, Oct 10 

Is it just massive trun count again?
Project Member

Comment 7 by ClusterFuzz, Oct 13

Labels: OS-Mac

Comment 8 by manoranj...@chromium.org, Oct 18

Labels: -CF-NeedsTriage
Project Member

Comment 9 by ClusterFuzz, Dec 1

Labels: -Reproducible Unreproducible
ClusterFuzz testcase 5582292538621952 appears to be flaky, updating reproducibility label.

Comment 10 by infe...@chromium.org, Dec 1

Labels: -Unreproducible Reproducible
Please ignore the last comment about testcase being unreproducible. The testcase is still reproducible. This happened due to a code refactoring on ClusterFuzz side, and the underlying root cause is now fixed. Resetting the label back to Reproducible. Sorry about the inconvenience caused from these incorrect notifications.

Comment 11 by infe...@chromium.org, Dec 1

Labels: -Unreproducible Reproducible
Please ignore the last comment about testcase being unreproducible. The testcase is still reproducible. This happened due to a code refactoring on ClusterFuzz side, and the underlying root cause is now fixed. Resetting the label back to Reproducible. Sorry about the inconvenience caused from these incorrect notifications.
Project Member

Comment 12 by ClusterFuzz, Dec 7

Labels: OS-Chrome

Sign in to add a comment