Undefined-shift in WebRtcSpl_LevinsonDurbin |
|||
Issue descriptionDetailed report: https://cluster-fuzz.appspot.com/testcase?key=5333271484563456 Fuzzer: libfuzzer_neteq_rtp_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: WebRtcSpl_LevinsonDurbin webrtc::Expand::AnalyzeSignal webrtc::Expand::Process Sanitizer: undefined (UBSAN) Minimized Testcase (3.01 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97HGKE8vKqhN50jE-MVySyImAFaqpn4Ad5As9b5XQbNtpqTuI-llCeNobiPriM5PazXeoZlJo03dXRLbRp4evO2JwdyNi0bX6IwPq9Xo15P6YlSSBdpWdNJlLZwUu7BzuPI2ZIEYZwvQ3F-g4nWtaCJ_yTZ-QWZO6Vp0goCY5kmn11FNN0ljEF6Qr3SRHQgMyb7OMWS-hZyXpqoIwb1r2Nu_ugJkxXlXVLPKB0tOuojZAuzGsMdu6_AwAnWxSnp963iBt7WICkFhADpYsHsL6EOBYjJhwx1HyXyeye4_cCjFhj3Z2Ex8VvWkaJAky42OlXcM80BtKfcFQl_-HklYzaaOOb8MqSNo1pi5KJPbyFxYGLbQJ4?testcase_id=5333271484563456 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Feb 6 2017
Sorry, I was on vacation for the past couple of weeks. I'll have a look at this soon.
,
Feb 9 2017
The following revision refers to this bug: https://chromium.googlesource.com/external/webrtc.git/+/a48e1b6bc3d26dfc70748f05112617e8fddb32fa commit a48e1b6bc3d26dfc70748f05112617e8fddb32fa Author: ivoc <ivoc@webrtc.org> Date: Thu Feb 09 11:05:59 2017 Fix for left shift of potentially negative value. Left shifting of negative integers is undefined behavior, and should be prevented. This CL fixes one such instance in the Levinson Durbin function. BUG= chromium:681377 Review-Url: https://codereview.webrtc.org/2680973005 Cr-Commit-Position: refs/heads/master@{#16507} [modify] https://crrev.com/a48e1b6bc3d26dfc70748f05112617e8fddb32fa/webrtc/common_audio/signal_processing/levinson_durbin.c
,
Feb 15 2017
ClusterFuzz has detected this issue as fixed in range 450309:450324. Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5333271484563456 Fuzzer: libfuzzer_neteq_rtp_fuzzer Job Type: libfuzzer_chrome_ubsan Platform Id: linux Crash Type: Undefined-shift Crash Address: Crash State: WebRtcSpl_LevinsonDurbin webrtc::Expand::AnalyzeSignal webrtc::Expand::Process Sanitizer: undefined (UBSAN) Fixed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=450309:450324 Reproducer Testcase: https://cluster-fuzz.appspot.com/download/AMIfv943GN1JbnVqFez_2eFb_42qxGyITVkK37weIuV5BIzAP14Xk170vZjx9K1WHinoKiFVNQrO8OXqLc46QYyrZ-j9j90UYD4o4t91gOWzpzI0vZTaA1fHulFhG_VwV7Li5QWkYk-PLCznqdkLe4EcJ3DwZ1GBZ7vU0CJ4ik7Tm-oaIzHjsfNm-prHCwZKLEGnA5MRF4hxxM-2ys0o9LEMkkMJjE4-7Dm60be4Pla39JYHyOcjuGCKsVwBa0i23QvW9Q1GdDuOWVZNLiTFXnOcvK9NVtzHrNTycOTmOZvaqOahjCzOx2wWytH9YXz6Wa-mEunrDsG4F9df-7y2GmzaMya1ox9BQ6oYjqMRD6dXzrjx630hXS0?testcase_id=5333271484563456 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Feb 15 2017
ClusterFuzz testcase 5333271484563456 is verified as fixed, so closing issue. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue.
,
Mar 21 2017
|
|||
►
Sign in to add a comment |
|||
Comment 1 by mummare...@chromium.org
, Jan 18 2017Labels: Test-Predator-Wrong M-56
Owner: ivoc@chromium.org
Status: Assigned (was: Untriaged)