This is triggered with an UBSan build. To enable this check add the following to your mozconfig:
```
ac_add_options --enable-address-sanitizer
ac_add_options --enable-undefined-sanitizer="pointer-overflow"
ac_add_options --disable-jemalloc
```
```
INFO - TEST-START | browser/components/resistfingerprinting/test/mochitest/test_bug1354633_media_error.html
...
src/dom/media/BitReader.cpp:44:22: runtime error: shift exponent 32 is too large for 32-bit type 'uint32_t' (aka 'unsigned int')
#0 0x7faf95184aa7 in mozilla::BitReader::ReadBits(unsigned long) src/dom/media/BitReader.cpp:44:22
#1 0x7faf9585030d in mozilla::H264::vui_parameters(mozilla::BitReader&, mozilla::SPSData&) src/dom/media/platforms/agnostic/bytestreams/H264.cpp:888:9
#2 0x7faf9584f1d1 in mozilla::H264::DecodeSPS(mozilla::MediaByteBuffer const*, mozilla::SPSData&) src/dom/media/platforms/agnostic/bytestreams/H264.cpp:646:10
#3 0x7faf9585071a in GetSPSData src/dom/media/platforms/agnostic/bytestreams/H264.cpp:378:12
#4 0x7faf9585071a in mozilla::H264::DecodeSPSFromExtraData(mozilla::MediaByteBuffer const*, mozilla::SPSData&) src/dom/media/platforms/agnostic/bytestreams/H264.cpp:902
#5 0x7faf95b12cfe in mozilla::MP4TrackDemuxer::MP4TrackDemuxer(mozilla::MediaResource*, mozilla::UniquePtr<mozilla::TrackInfo, mozilla::DefaultDelete<mozilla::TrackInfo> >&&, mozilla::IndiceWrapper const&) src/dom/media/mp4/MP4Demuxer.cpp:323:9
#6 0x7faf95b0a4b4 in mozilla::MP4Demuxer::Init() src/dom/media/mp4/MP4Demuxer.cpp:225:45
#7 0x7faf953945e9 in operator() src/dom/media/MediaFormatReader.cpp:722:47
#8 0x7faf953945e9 in mozilla::detail::ProxyFunctionRunnable<mozilla::MediaFormatReader::DemuxerProxy::Init()::$_13, mozilla::MozPromise<mozilla::MediaResult, mozilla::MediaResult, true> >::Run() src/obj-firefox/dist/include/mozilla/MozPromise.h:1450
#9 0x7faf8fbc8cbb in mozilla::TaskQueue::Runner::Run() src/xpcom/threads/TaskQueue.cpp:199:12
#10 0x7faf8fc03f58 in nsThreadPool::Run() src/xpcom/threads/nsThreadPool.cpp:246:14
#11 0x7faf8fc04c4c in non-virtual thunk to nsThreadPool::Run() src/xpcom/threads/nsThreadPool.cpp
#12 0x7faf8fbf9106 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1225:14
#13 0x7faf8fc004dd in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:486:10
#14 0x7faf90bc1cea in mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) src/ipc/glue/MessagePump.cpp:303:20
#15 0x7faf90af5767 in RunInternal src/ipc/chromium/src/base/message_loop.cc:315:10
#16 0x7faf90af5767 in RunHandler src/ipc/chromium/src/base/message_loop.cc:308
#17 0x7faf90af5767 in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:290
#18 0x7faf8fbf24e2 in nsThread::ThreadFunc(void*) src/xpcom/threads/nsThread.cpp:458:11
#19 0x7fafac1d272e in _pt_root src/nsprpub/pr/src/pthreads/ptthread.c:198:5
#20 0x7fafaff4a6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
#21 0x7fafaefd341c in clone /build/glibc-LK5gWL/glibc-2.23/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:109
```
Bug 1413750 Comment 1 Edit History
Note: The actual edited comment in the bug view page will always show the original commenter’s name and original timestamp.
This is triggered with an UBSan build. To enable this check add the following to your mozconfig:
```
ac_add_options --enable-address-sanitizer
ac_add_options --enable-undefined-sanitizer="shift"
ac_add_options --disable-jemalloc
```
```
INFO - TEST-START | browser/components/resistfingerprinting/test/mochitest/test_bug1354633_media_error.html
...
src/dom/media/BitReader.cpp:44:22: runtime error: shift exponent 32 is too large for 32-bit type 'uint32_t' (aka 'unsigned int')
#0 0x7faf95184aa7 in mozilla::BitReader::ReadBits(unsigned long) src/dom/media/BitReader.cpp:44:22
#1 0x7faf9585030d in mozilla::H264::vui_parameters(mozilla::BitReader&, mozilla::SPSData&) src/dom/media/platforms/agnostic/bytestreams/H264.cpp:888:9
#2 0x7faf9584f1d1 in mozilla::H264::DecodeSPS(mozilla::MediaByteBuffer const*, mozilla::SPSData&) src/dom/media/platforms/agnostic/bytestreams/H264.cpp:646:10
#3 0x7faf9585071a in GetSPSData src/dom/media/platforms/agnostic/bytestreams/H264.cpp:378:12
#4 0x7faf9585071a in mozilla::H264::DecodeSPSFromExtraData(mozilla::MediaByteBuffer const*, mozilla::SPSData&) src/dom/media/platforms/agnostic/bytestreams/H264.cpp:902
#5 0x7faf95b12cfe in mozilla::MP4TrackDemuxer::MP4TrackDemuxer(mozilla::MediaResource*, mozilla::UniquePtr<mozilla::TrackInfo, mozilla::DefaultDelete<mozilla::TrackInfo> >&&, mozilla::IndiceWrapper const&) src/dom/media/mp4/MP4Demuxer.cpp:323:9
#6 0x7faf95b0a4b4 in mozilla::MP4Demuxer::Init() src/dom/media/mp4/MP4Demuxer.cpp:225:45
#7 0x7faf953945e9 in operator() src/dom/media/MediaFormatReader.cpp:722:47
#8 0x7faf953945e9 in mozilla::detail::ProxyFunctionRunnable<mozilla::MediaFormatReader::DemuxerProxy::Init()::$_13, mozilla::MozPromise<mozilla::MediaResult, mozilla::MediaResult, true> >::Run() src/obj-firefox/dist/include/mozilla/MozPromise.h:1450
#9 0x7faf8fbc8cbb in mozilla::TaskQueue::Runner::Run() src/xpcom/threads/TaskQueue.cpp:199:12
#10 0x7faf8fc03f58 in nsThreadPool::Run() src/xpcom/threads/nsThreadPool.cpp:246:14
#11 0x7faf8fc04c4c in non-virtual thunk to nsThreadPool::Run() src/xpcom/threads/nsThreadPool.cpp
#12 0x7faf8fbf9106 in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1225:14
#13 0x7faf8fc004dd in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:486:10
#14 0x7faf90bc1cea in mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) src/ipc/glue/MessagePump.cpp:303:20
#15 0x7faf90af5767 in RunInternal src/ipc/chromium/src/base/message_loop.cc:315:10
#16 0x7faf90af5767 in RunHandler src/ipc/chromium/src/base/message_loop.cc:308
#17 0x7faf90af5767 in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:290
#18 0x7faf8fbf24e2 in nsThread::ThreadFunc(void*) src/xpcom/threads/nsThread.cpp:458:11
#19 0x7fafac1d272e in _pt_root src/nsprpub/pr/src/pthreads/ptthread.c:198:5
#20 0x7fafaff4a6b9 in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76b9)
#21 0x7fafaefd341c in clone /build/glibc-LK5gWL/glibc-2.23/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:109
```