Timeout in mediasource_MP4_AVC1_pipeline_integration_fuzzer |
||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=4845008625336320 Fuzzer: libFuzzer_mediasource_MP4_AVC1_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: mediasource_MP4_AVC1_pipeline_integration_fuzzer Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=509426:509655 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4845008625336320 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Oct 4
Unable to find actual suspect through code search and also observing no CL's under regression range, hence adding appropriate label and requesting someone from Dev team to look in to this issue. Thanks!
,
Oct 10
,
Oct 12
,
Oct 12
dalecurtis@, can you please look into this change (https://chromium.googlesource.com/chromium/src/+/356d76e89ecc9fa38632aedf2d8b306d35485bb1) if it's related? Thank you!
,
Oct 12
=>chcunningham as part of next roll. I'd guess this is the same infinite trun issues as we see elsewhere. It has nothing to do with the CL in c#5 since that's ANdroid only.
,
Oct 12
,
Oct 13
This is classic infinite trun generated by zero size; no real check we can do here unfortunately :/
,
Oct 13
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/75cba529525fee4b6b5c7a6b7d5b113ed80dd59d commit 75cba529525fee4b6b5c7a6b7d5b113ed80dd59d Author: Dale Curtis <dalecurtis@chromium.org> Date: Sat Oct 13 01:58:16 2018 Skip noop loop if there is no data to actually read. The trun element is capable of generating sample information from zero data, in these cases there's no reason to iterate 0..sample_count. Hopefully this can help reduce timeouts in the fuzzers too; though now they'll probably just OOM instead. BUG= 891900 TEST=none R=chcunningham Change-Id: I9466bbbc1238cba2c5d28f12f5efff506568ac28 Reviewed-on: https://chromium-review.googlesource.com/c/1279360 Commit-Queue: Dale Curtis <dalecurtis@chromium.org> Commit-Queue: Chrome Cunningham <chcunningham@chromium.org> Reviewed-by: Chrome Cunningham <chcunningham@chromium.org> Cr-Commit-Position: refs/heads/master@{#599465} [modify] https://crrev.com/75cba529525fee4b6b5c7a6b7d5b113ed80dd59d/media/formats/mp4/box_definitions.cc
,
Oct 13
ClusterFuzz has detected this issue as fixed in range 599464:599465. Detailed report: https://clusterfuzz.com/testcase?key=4845008625336320 Fuzzer: libFuzzer_mediasource_MP4_AVC1_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_msan Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: mediasource_MP4_AVC1_pipeline_integration_fuzzer Sanitizer: memory (MSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=509426:509655 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_msan&range=599464:599465 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4845008625336320 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page. |
||||||||
►
Sign in to add a comment |
||||||||
Comment 1 by stsl1981...@gmail.com
, Oct 3