Issue 731521 link

Starred by 1 user

Issue metadata

Status:	Duplicate
Merged:	issue 731568
Owner:	rtoy@chromium.org
Closed:	Jun 2017
Cc:	█ sigbjo...@opera.com █ ranjitkan@chromium.org
Components:	Blink>WebAudio
EstimatedDays:	----
NextAction:	----
OS:	Linux
Pri:	2
Type:	Bug-Regression
Reproducible Stability-ThreadSanitizer Clusterfuzz Test-Predator-Wrong M-61

Data race in blink::AudioBufferSourceHandler::ComputePlaybackRate

Project Member Reported by ClusterFuzz, Jun 9 2017

Issue description

Detailed report: https://clusterfuzz.com/testcase?key=4786020456595456

Fuzzer: inferno_layout_test_unmodified
Job Type: linux_tsan_chrome_mp
Platform Id: linux

Crash Type: Data race WRITE 8
Crash Address: 0x7b4400004c28
Crash State:
  blink::AudioBufferSourceHandler::ComputePlaybackRate
  blink::AudioBufferSourceHandler::RenderFromBuffer
  blink::AudioBufferSourceHandler::Process
  
Sanitizer: thread (TSAN)

Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=4786020456595456


Issue filed automatically.

See https://dev.chromium.org/Home/chromium-security/bugs/reproducing-clusterfuzz-bugs for more information.

Comment 1 by ranjitkan@chromium.org, Jun 9 2017

Cc: ranjitkan@chromium.org
Components: Blink>Media>Audio
Labels: -Type-Bug M-61 Test-Predator-Wrong Type-Bug-Regression
Owner: binji@chromium.org
Status: Assigned (was: Untriaged)

Predator did not generate any regression range or suspect Cl.

Using code search suspecting below change could be a possible culprit which could have resulted in this crash:

https://chromium.googlesource.com/chromium/src/+/1438f63f369fed3766fa5031e7a252c986c69be6

@ binji: Assigning to you, kindly take a look into it. Please help us to find an owner if not with respect to your change.

Thanks.!

Comment 2 by binji@chromium.org, Jun 12 2017

Owner: rtoy@chromium.org

I'm pretty sure this isn't related to my change (but I could be wrong!)

Assigning to rtoy to find a better owner.

Comment 3 by rtoy@chromium.org, Jun 12 2017

Cc: sigbjo...@opera.com
Components: -Blink>Media>Audio Blink>WebAudio
Mergedinto: 731568
Status: Duplicate (was: Assigned)

I thinnk this is the same underlying cause as  issue 731568 , which just fix for min_playback_rate_, which is the same areas as this repro case is pointing to.

►

Issue 731521 link

Issue metadata

Data race in blink::AudioBufferSourceHandler::ComputePlaybackRate

Issue description

Comment 1 by ranjitkan@chromium.org, Jun 9 2017

Comment 1 Deleted

Comment 2 by binji@chromium.org, Jun 12 2017

Comment 2 Deleted

Comment 3 by rtoy@chromium.org, Jun 12 2017

Comment 3 Deleted

Sign in to add a comment