Timeout in neteq_signal_fuzzer |
||||||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5447619453911040 Fuzzer: libFuzzer_neteq_signal_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: neteq_signal_fuzzer Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=583284:583299 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5447619453911040 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information.
,
Oct 13
Automatically adding ccs based on OWNERS file / target commit history. If this is incorrect, please add ClusterFuzz-Wrong label.
,
Oct 15
Unable to find actual suspect through code search and also observing no CL's under regression range, hence adding appropriate label and requesting someone from dev team to look in to this issue. Thanks!
,
Oct 15
Only CL in the specified WebRTC range is this one: https://webrtc.googlesource.com/src/+/b336c2784f5e1e6e2f59e62a18b2d0e21a555b41
,
Oct 15
I'm pretty sure steveanton's CL is not to blame. The fuzzer sometimes finds an unusually long input that just happens to take too long to process. Or it has found an actual rabbit hole to go down. I'll take a look.
,
Oct 15
,
Oct 15
The failing test case is 92 kB long. The current limit prevents the fuzzer from using inputs longer than 100 kB, which seems a bit too long. Nothing goes wrong when running the test case locally, but it causes clusterfuzz to time-out. The solution is to dial down the max size a bit.
,
Oct 15
The following revision refers to this bug: https://webrtc.googlesource.com/src.git/+/961dbeac824687624c788179fd81dfc53455eeef commit 961dbeac824687624c788179fd81dfc53455eeef Author: Henrik Lundin <henrik.lundin@webrtc.org> Date: Mon Oct 15 15:36:55 2018 NetEq fuzzer: Restrict fuzzer input to 90000 bytes This is to avoid very long runs, resulting in time-outs. NOTRY=True Bug: chromium:895082 Change-Id: Iafdc3d10b3fb52f2d487547c954dca8ae7edb783 Reviewed-on: https://webrtc-review.googlesource.com/c/105960 Reviewed-by: Sam Zackrisson <saza@webrtc.org> Commit-Queue: Henrik Lundin <henrik.lundin@webrtc.org> Cr-Commit-Position: refs/heads/master@{#25175} [modify] https://crrev.com/961dbeac824687624c788179fd81dfc53455eeef/test/fuzzers/BUILD.gn
,
Oct 15
The above CL should sort the issue. However, since clusterfuzz usually doesn't detect when timeout problems are fixed (presumably because the fix itself prevents it from re-running the test case), I'm marking this as fixed now.
,
Oct 16
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/5826ca3ce2a627c12fd2a1c79cb4f8a07365d5f7 commit 5826ca3ce2a627c12fd2a1c79cb4f8a07365d5f7 Author: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Date: Tue Oct 16 06:08:25 2018 Roll src/third_party/webrtc f7fee39547d8..c9e6b969a452 (42 commits) https://webrtc.googlesource.com/src.git/+log/f7fee39547d8..c9e6b969a452 git log f7fee39547d8..c9e6b969a452 --date=short --no-merges --format='%ad %ae %s' 2018-10-15 ouj@fb.com Add necessary frameworks to sdk objc audio targets. 2018-10-15 mbonadei@webrtc.org Export symbols needed by the Chromium component build (part 2). 2018-10-15 benwright@webrtc.org Formatting and style guide improvements for opensslstreamadapter.cc 2018-10-15 mbonadei@webrtc.org Revert "Deprecates legacy transport feedback adapter." 2018-10-15 srte@webrtc.org Deprecates legacy transport feedback adapter. 2018-10-15 srte@webrtc.org Removes analyzer dependency on legacy congestion controller. 2018-10-15 niklas.enbom@webrtc.org Revert "Modernize rtc::SSLCertificate" 2018-10-15 eladalon@webrtc.org Fix force_fieldtrials documentation in video_loopback 2018-10-15 srte@webrtc.org Removing forward declarations in paced_sender.h. 2018-10-15 srte@webrtc.org Adds unit test for RTT based backoff. 2018-10-15 srte@webrtc.org Merges ControlHandler and PacerController. 2018-10-15 srte@webrtc.org Moves functionality to TransportFeedbackAdapter. 2018-10-15 ivoc@webrtc.org Stop simulations when a LOG_END event is reached. 2018-10-15 henrik.lundin@webrtc.org NetEq fuzzer: Restrict fuzzer input to 90000 bytes 2018-10-15 ivoc@webrtc.org Make ivoc owner of audio_coding. 2018-10-15 mbonadei@webrtc.org Revert "Reland: Use unique_ptr and ArrayView in SSLFingerprint" 2018-10-15 titovartem@webrtc.org Extract functionality of test_main into separate library. 2018-10-15 ivoc@webrtc.org Add command-line flag for setting the max number of packets in the buffer. 2018-10-15 sprang@webrtc.org Move MockVideoDecoder to api/test. 2018-10-15 gustaf@webrtc.org AEC3: Simplify render buffering 2018-10-15 srte@webrtc.org Moves rtc::SentPacket to separate target. 2018-10-15 crodbro@webrtc.org New method for precise packet reception time measurement. 2018-10-15 asapersson@webrtc.org Add field trial to disable unsignalled video. 2018-10-15 ilnik@webrtc.org Fix FakeEncoder to produce correct bitrate for several temporal layers 2018-10-15 ssilkin@webrtc.org Set frame duration per spatial layer. 2018-10-15 kron@webrtc.org Refactor of extmap-allow-mixed in SessionDescription 2018-10-15 phoglund@webrtc.org Delete force_mic_volume_max. 2018-10-15 jakobi@webrtc.org Add field trials for configuring Opus encoder packet loss rate. 2018-10-15 danilchap@webrtc.org in RtpPacketizers separate case 'frame fits into single packet'. 2018-10-15 asapersson@webrtc.org Add field trial for normalized simulcast size. 2018-10-15 mbonadei@webrtc.org Remove ios32_sim_ios9_dbg from CQ. 2018-10-15 oprypin@webrtc.org cq: explicitly mark presubmit tryjob as not re-usable in CQ. 2018-10-15 mbonadei@webrtc.org Remove rtc_base/Dummy.java. 2018-10-15 chromium-webrtc-autoroll@webrtc-ci.iam.gserviceaccount.com Roll chromium_revision 03013c95df..0df2607f98 (599460:599562) 2018-10-14 oprypin@webrtc.org Revert "Propagate media transport to media channel." 2018-10-13 chromium-webrtc-autoroll@webrtc-ci.iam.gserviceaccount.com Roll chromium_revision 3b54b6aa8b..03013c95df (599343:599460) 2018-10-12 sukhanov@google.com Propagate media transport to media channel. 2018-10-12 chromium-webrtc-autoroll@webrtc-ci.iam.gserviceaccount.com Roll chromium_revision c12ec9eedc..3b54b6aa8b (599188:599343) 2018-10-12 steveanton@webrtc.org Modernize rtc::SSLCertificate 2018-10-12 steveanton@webrtc.org Reland: Use unique_ptr and ArrayView in SSLFingerprint 2018-10-12 benwright@webrtc.org Removes backwards compatability CryptoOptions support. 2018-10-12 terelius@webrtc.org Move expectations from eventlog unittests to helper functions. Created with: gclient setdep -r src/third_party/webrtc@c9e6b969a452 The AutoRoll server is located here: https://autoroll.skia.org/r/webrtc-chromium-autoroll Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. CQ_INCLUDE_TRYBOTS=luci.chromium.try:linux_chromium_archive_rel_ng;luci.chromium.try:mac_chromium_archive_rel_ng BUG=chromium:None,chromium:895082,chromium:None,chromium:895338,chromium:none,chromium:880074,chromium:none,chromium:893955,chromium:None,chromium:None,chromium:None TBR=webrtc-chromium-sheriffs-robots@google.com Change-Id: I91bb7f65d2d749ab95ddcc51e5391973e6c6deca Reviewed-on: https://chromium-review.googlesource.com/c/1282323 Reviewed-by: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Commit-Queue: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#599886} [modify] https://crrev.com/5826ca3ce2a627c12fd2a1c79cb4f8a07365d5f7/DEPS
,
Oct 22
ClusterFuzz testcase 5447619453911040 is still reproducing on tip-of-tree build (trunk). Please re-test your fix against this testcase and if the fix was incorrect or incomplete, please re-open the bug. Otherwise, ignore this notification and add ClusterFuzz-Wrong label.
,
Oct 25
The following revision refers to this bug: https://webrtc.googlesource.com/src.git/+/262047055dcf8c7b6ec65eefe952138b4e04054b commit 262047055dcf8c7b6ec65eefe952138b4e04054b Author: Sam Zackrisson <saza@webrtc.org> Date: Thu Oct 25 12:19:18 2018 Update fuzzer max input length handling The docs have been updated. max_len is libfuzzer specific, new way is fuzzer agnostic. Docs: https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/getting_started.md#improving-your-fuzz-target Bug: chromium:895082 Test: flexfec_sender_fuzzer input size still converges at <=200 after running locally for 5-10 minutes. Change-Id: I7a5ce95cb4d8b8ca461f6e502b81b599daa855f9 Reviewed-on: https://webrtc-review.googlesource.com/c/107883 Commit-Queue: Sam Zackrisson <saza@webrtc.org> Reviewed-by: Alex Loiko <aleloi@webrtc.org> Cr-Commit-Position: refs/heads/master@{#25361} [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/BUILD.gn [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/agc_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/audio_decoder_ilbc_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/audio_decoder_isac_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/audio_decoder_isac_incoming_packet_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/audio_decoder_isacfix_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/comfort_noise_decoder_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/flexfec_receiver_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/flexfec_sender_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/forward_error_correction_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/frame_buffer2_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/neteq_rtp_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/neteq_signal_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/packet_buffer_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/rtp_frame_reference_finder_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/sdp_parser_fuzzer.cc [modify] https://crrev.com/262047055dcf8c7b6ec65eefe952138b4e04054b/test/fuzzers/ulpfec_receiver_fuzzer.cc
,
Oct 25
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/c25522b9d6ec3e34929715860b99e3cccc383fe0 commit c25522b9d6ec3e34929715860b99e3cccc383fe0 Author: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Date: Thu Oct 25 16:39:42 2018 Roll src/third_party/webrtc 3eb1c72bb647..1803bb247055 (6 commits) https://webrtc.googlesource.com/src.git/+log/3eb1c72bb647..1803bb247055 git log 3eb1c72bb647..1803bb247055 --date=short --no-merges --format='%ad %ae %s' 2018-10-25 crodbro@webrtc.org Fix for clock read race in FakeNetworkPipe. 2018-10-25 crodbro@webrtc.org Fix for packet loss tracking in network emulation. 2018-10-25 saza@webrtc.org Update fuzzer max input length handling 2018-10-25 danilchap@webrtc.org Publish function_video_(en|de)coder_factory into api 2018-10-25 kron@webrtc.org Add HDR metadata struct 2018-10-25 mbonadei@webrtc.org Export symbols needed by the Chromium component build (part 7). Created with: gclient setdep -r src/third_party/webrtc@1803bb247055 The AutoRoll server is located here: https://autoroll.skia.org/r/webrtc-chromium-autoroll Documentation for the AutoRoller is here: https://skia.googlesource.com/buildbot/+/master/autoroll/README.md If the roll is causing failures, please contact the current sheriff, who should be CC'd on the roll, and stop the roller if necessary. CQ_INCLUDE_TRYBOTS=luci.chromium.try:linux_chromium_archive_rel_ng;luci.chromium.try:mac_chromium_archive_rel_ng BUG=chromium:none,chromium:895082,chromium:None TBR=webrtc-chromium-sheriffs-robots@google.com Change-Id: Icc0c2a5c60cf1fe951d518237e22fadb65976df4 Reviewed-on: https://chromium-review.googlesource.com/c/1298798 Reviewed-by: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Commit-Queue: chromium-autoroll <chromium-autoroll@skia-public.iam.gserviceaccount.com> Cr-Commit-Position: refs/heads/master@{#602747} [modify] https://crrev.com/c25522b9d6ec3e34929715860b99e3cccc383fe0/DEPS
,
Oct 26
ClusterFuzz has detected this issue as fixed in range 602744:602765. Detailed report: https://clusterfuzz.com/testcase?key=5447619453911040 Fuzzer: libFuzzer_neteq_signal_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Timeout (exceeds 25 secs) Crash Address: Crash State: neteq_signal_fuzzer Sanitizer: undefined (UBSAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=583284:583299 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_ubsan&range=602744:602765 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5447619453911040 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reference.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Oct 26
ClusterFuzz testcase 5447619453911040 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||||||
►
Sign in to add a comment |
||||||||||
Comment 1 by ClusterFuzz
, Oct 13