New issue
Advanced search Search tips

Issue 667026 link

Starred by 1 user
Status: Fixed
Owner:
emir...@chromium.org
Closed: Nov 2016
Cc:
mflodman@chromium.org
sprang@chromium.org
brandtr@chromium.org
terelius@chromium.org
holmer@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 1
Type: Bug



Sign in to add a comment

Uninitialized memory in WebMediaPlayerMS::naturalSize()

Project Member Reported by thestig@chromium.org, Nov 19 2016 
From r433356: https://build.chromium.org/p/chromium.memory.full/builders/Linux%20MSan%20Tests/builds/3374

==1==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x1ccbb4d8 in naturalSize content/renderer/media/webmediaplayer_ms.cc:377:51
    #1 0x1a10b9c8 in calculateIntrinsicSize third_party/WebKit/Source/core/layout/LayoutVideo.cpp:90:36
    #2 0x1a10c42e in updateIntrinsicSize third_party/WebKit/Source/core/layout/LayoutVideo.cpp:57:21
    #3 0x1a10cfae in updatePlayer third_party/WebKit/Source/core/layout/LayoutVideo.cpp:152:3

  Uninitialized value was stored to memory at
    #0 0x1ccbe5c5 in OnFirstFrameReceived content/renderer/media/webmediaplayer_ms.cc:607:19
    #1 0xac3e400 in Run base/callback.h:47:12
    #2 0xac3e400 in RunTask base/debug/task_annotator.cc:52:0

  Uninitialized value was stored to memory at
    #0 0x1ccbfd73 in __tuple_leaf\u003Cmedia::VideoRotation &, void> buildtools/third_party/libc++/trunk/include/tuple:225:15
    ...
    #7 0x1ccbfd73 in OnVideoFrame content/renderer/media/webmediaplayer_ms.cc:91:0

  Uninitialized value was created by an allocation of 'video_rotation' in the stack frame of function '_ZN7content16WebMediaPlayerMS14FrameDeliverer12OnVideoFrameE13scoped_refptrIN5media10VideoFrameEE'
    #0 0x1ccbece0 in OnVideoFrame content/renderer/media/webmediaplayer_ms.cc:66:0

I'll comment on the CL and point out where this went wrong.
Project Member

Comment 1 by bugdroid1@chromium.org, Nov 19 2016 

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/0f1c02cb0f2c11787d784bd05a36dc4a2661d7f5

commit 0f1c02cb0f2c11787d784bd05a36dc4a2661d7f5
Author: emircan <emircan@chromium.org>
Date: Sat Nov 19 08:48:57 2016

Fix uninitialized media::VideoRotation variable issue

This CL addresses MSAN bot issue by initializing media::VideoRotation variable.

BUG= 667026 
TBR=mcasas@chromium.org

Review-Url: https://codereview.chromium.org/2512383002
Cr-Commit-Position: refs/heads/master@{#433414}

[modify] https://crrev.com/0f1c02cb0f2c11787d784bd05a36dc4a2661d7f5/content/renderer/media/webmediaplayer_ms.cc

Comment 2 by thestig@chromium.org, Nov 19 2016

Status: Fixed (was: Untriaged)
Thanks for the quick fix.

Sign in to add a comment