CHECK failure: VerifySubRange<T>(buffer.get(), byte_offset, length) in typed_array_base.h |
||||
Issue descriptionDetailed report: https://clusterfuzz.com/testcase?key=5733679628025856 Fuzzer: ochang_domfuzzer Job Type: linux_asan_chrome_mp Platform Id: linux Crash Type: CHECK failure Crash Address: Crash State: VerifySubRange<T>(buffer.get(), byte_offset, length) in typed_array_base.h scoped_refptr<WTF::Float32Array> WTF::TypedArrayBase<float>::Create<WTF::Float32 scoped_refptr<WTF::Float32Array> WTF::TypedArrayBase<float>::CreateOrNull<WTF::F Sanitizer: address (ASAN) Regressed: https://clusterfuzz.com/revisions?job=linux_asan_chrome_mp&range=600009:600013 Reproducer Testcase: https://clusterfuzz.com/download?testcase_id=5733679628025856 Issue filed automatically. See https://github.com/google/clusterfuzz-tools for instructions to reproduce this bug locally.
,
Today
(18 hours ago)
Automatically applying components based on crash stacktrace and information from OWNERS files. If this is incorrect, please apply the Test-Predator-Wrong-Components label.
,
Today
(18 hours ago)
Automatically assigning owner based on suspected regression changelist https://chromium.googlesource.com/chromium/src/+/5efc05f69bb9d2800efd18afa258bcfb3c9f8fde (Fix 64 bit truncation errors in wtf/typed_arrays). If this is incorrect, please let us know why and apply the Test-Predator-Wrong-CLs label. If you aren't the correct owner for this issue, please unassign yourself as soon as possible so it can be re-triaged.
,
Today
(63 minutes ago)
WebAudio code may be causing an overflow. |
||||
►
Sign in to add a comment |
||||
Comment 1 by ClusterFuzz
, Today (18 hours ago)