New issue
Advanced search Search tips

Issue 659225 link

Starred by 1 user
Status: Fixed
Owner:
hlundin@chromium.org
Closed: Nov 2016
Cc:
hlundin@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Crash in webrtc::Normal::Process

Project Member Reported by ClusterFuzz, Oct 25 2016 
Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6691429595480064

Fuzzer: libfuzzer_neteq_rtp_fuzzer
Job Type: libfuzzer_chrome_asan_debug
Platform Id: linux

Crash Type: UNKNOWN
Crash Address: 0x03e900007947
Crash State:
  webrtc::Normal::Process
  webrtc::NetEqImpl::DoNormal
  webrtc::NetEqImpl::GetAudioInternal
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_asan_debug&range=423119:423135

Minimized Testcase (0.07 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95DRbdKWZxEFdRMsaJA5vgeZFQmr8OLzkI1SmKWlessCyC2roTS27s2dxEa632byIDtXlLx5S1IZw8Qb8DcTFuk02wOQKi9PGd0QGmZgVHj0k6-iPyJxgQL9NORYya1PO2FekbYdGT0tDo-0vbMRcCCfpzNhg?testcase_id=6691429595480064

Issue filed automatically.

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

Comment 1 by durga.behera@chromium.org, Oct 27 2016

Components: Blink>WebRTC
Labels: Test-Predator-Wrong
Suspected CLs
==================
Git blame below is NOT necessarily who introduced the crash nor the owner for it. Please check the code before assigning to anyone.(No CL in the regression range changed the crashing files.)

Author: henrik.lundin@webrtc.org
Project: chromium-webrtc
Changelist: https://chromium.googlesource.com/external/webrtc/trunk/webrtc.git/+/9a400812ca0006d12e538d465ab6728a8ecd07aa
Time: Tue Jan 29 12:09:21 2013
The CL last changed line 139 of file normal.cc, which is stack frame 4.

Author: henrik.lundin@webrtc.org
Project: chromium-webrtc
Changelist: https://chromium.googlesource.com/external/webrtc/trunk/webrtc.git/+/671d90b3a081efdd20c5a3fbdf052b033bf21d57
Time: Wed Sep 18 12:19:50 2013
The CL last changed line 1541 of file neteq_impl.cc, which is stack frame 5.

Author: henrik.lundin@webrtc.org
Project: chromium-webrtc
Changelist: https://chromium.googlesource.com/external/webrtc/trunk/webrtc.git/+/797eb64497dc3417013e973cde6c66aca7da16c2
Time: Mon Sep 02 07:59:30 2013
The CL last changed line 897 of file neteq_impl.cc, which is stack frame 6.

==================
Suspected Project: chromium

Unable to find any suspect,could anyone from WebRTC team take a look into this to help further triage it.

Comment 2 by guidou@chromium.org, Oct 28 2016

Cc: hlundin@chromium.org
Components: -Blink>WebRTC Blink>WebRTC>Audio
This looks like a duplicate of  issue 659384 .

Comment 3 by grunell@chromium.org, Oct 28 2016

Cc: -hlundin@chromium.org
Owner: hlundin@chromium.org
Status: Assigned (was: Untriaged)

Comment 4 by hlundin@chromium.org, Nov 14 2016

Status: Started (was: Assigned)

Comment 5 by hlundin@chromium.org, Nov 14 2016

Cc: hlundin@chromium.org
 Issue 659384  has been merged into this issue.
Project Member

Comment 6 by bugdroid1@chromium.org, Nov 14 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/external/webrtc.git/+/80c06fa5745a6ff1f03034dfd3fc29a33d12c578

commit 80c06fa5745a6ff1f03034dfd3fc29a33d12c578
Author: henrik.lundin <henrik.lundin@webrtc.org>
Date: Mon Nov 14 16:18:52 2016

NetEq: Don't interpolate longer than the output size

This can happen in rare and strange cases.

Also taking the opportunity to replace all asserts with DCHECKs in
that file.

BUG= chromium:659225 

Review-Url: https://codereview.webrtc.org/2499013002
Cr-Commit-Position: refs/heads/master@{#15070}

[modify] https://crrev.com/80c06fa5745a6ff1f03034dfd3fc29a33d12c578/webrtc/modules/audio_coding/neteq/normal.cc

Comment 7 by hlundin@chromium.org, Nov 16 2016 

The fix was rolled into Chrome in https://crrev.com/361abd5fba1cc8e0e47f95e7f77aea8a325276d7. Waiting for fuzzer to find this and mark as fixed.

Comment 8 by hlundin@chromium.org, Nov 17 2016

Labels: M-56

Comment 9 by hlundin@chromium.org, Nov 22 2016

Status: Fixed (was: Started)
This is fixed, but clusterfuzz seems unable to verify. I'm closing this manually, based on local testing.
Project Member

Comment 10 by sheriffbot@chromium.org, Nov 22 2016

Labels: -Restrict-View-EditIssue
Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot

Sign in to add a comment