CHECK failure: channel_layout == CHANNEL_LAYOUT_DISCRETE || ChannelLayoutToChannelCount(channel |
||||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5952835966730240 Fuzzer: libfuzzer_media_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: channel_layout == CHANNEL_LAYOUT_DISCRETE || ChannelLayoutToChannelCount(channel base::debug::DebugBreak media::AudioBuffer::AudioBuffer Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=475011:475073 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5952835966730240 Issue filed automatically. See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.
,
Sep 14 2017
,
Sep 14 2017
Can pick this one up.
,
Sep 27 2017
,
Sep 27 2017
The following revision refers to this bug: https://chromium.googlesource.com/chromium/src.git/+/de6207dc6fd2b3cade49e973cbe85e9bc492304a commit de6207dc6fd2b3cade49e973cbe85e9bc492304a Author: Dale Curtis <dalecurtis@chromium.org> Date: Wed Sep 27 21:11:48 2017 Actually check if the channel layout is unsupported. The conditional in FFmpegAudioDecoder checking for unsupported channel layouts was not using the right variable. It used the one from the config rather than the one for the frame (which is required for config change support). I think there's no real harm in this besides a DCHECK failure, but might be worth merging back anyways. This regressed in M62 with 162236743c74fa040e822ea4d846215e4543791e. BUG= 726971 TEST=none Cq-Include-Trybots: master.tryserver.chromium.android:android_optional_gpu_tests_rel;master.tryserver.chromium.linux:linux_optional_gpu_tests_rel;master.tryserver.chromium.mac:mac_optional_gpu_tests_rel;master.tryserver.chromium.win:win_optional_gpu_tests_rel Change-Id: Ibcdc5ceeb263c3e247742b4fbfe07a45e64297de Reviewed-on: https://chromium-review.googlesource.com/686064 Commit-Queue: Dale Curtis <dalecurtis@chromium.org> Reviewed-by: Thomas Guilbert <tguilbert@chromium.org> Cr-Commit-Position: refs/heads/master@{#504770} [modify] https://crrev.com/de6207dc6fd2b3cade49e973cbe85e9bc492304a/media/filters/ffmpeg_audio_decoder.cc
,
Sep 27 2017
,
Sep 28 2017
ClusterFuzz has detected this issue as fixed in range 504733:504774. Detailed report: https://clusterfuzz.com/testcase?key=5952835966730240 Fuzzer: libFuzzer_media_pipeline_integration_fuzzer Job Type: libfuzzer_chrome_asan_debug Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: channel_layout == CHANNEL_LAYOUT_DISCRETE || ChannelLayoutToChannelCount(channel media::AudioBuffer::AudioBuffer media::AudioBuffer::CreateBuffer Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=475011:475073 Fixed: https://clusterfuzz.com/revisions?job=libfuzzer_chrome_asan_debug&range=504733:504774 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5952835966730240 See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information. If you suspect that the result above is incorrect, try re-doing that job on the test case report page.
,
Sep 28 2017
ClusterFuzz testcase 5952835966730240 is verified as fixed, so closing issue as verified. If this is incorrect, please add ClusterFuzz-Wrong label and re-open the issue. |
||||||
►
Sign in to add a comment |
||||||
Comment 1 by msrchandra@chromium.org
, Sep 11 2017Components: Blink>Media>Audio
Labels: Test-Predator-Wrong-CLs M-63 CF-NeedsTriage