Open
Bug 1584407
Opened 6 years ago
Updated 10 months ago
undefined shift in media/libogg/src/ogg_bitwise.c:399
Categories
(Core :: Audio/Video: Playback, defect, P3)
Core
Audio/Video: Playback
Tracking
()
NEW
| Tracking | Status | |
|---|---|---|
| firefox71 | --- | affected |
People
(Reporter: tsmith, Unassigned)
References
(Blocks 1 open bug)
Details
(Keywords: csectype-undefined, testcase)
Attachments
(1 file)
|
18.31 KB,
video/webm
|
Details |
This is triggered with an UBSan build. To enable this check add the following to your mozconfig:
ac_add_options --enable-address-sanitizer
ac_add_options --enable-undefined-sanitizer="shift"
ac_add_options --disable-jemalloc
src/media/libogg/src/ogg_bitwise.c:399:25: runtime error: left shift of 7 by 29 places cannot be represented in type 'int'
#0 0x7f86a7059fca in oggpack_read src/media/libogg/src/ogg_bitwise.c
#1 0x7f86a61a4b6f in vorbis_staticbook_unpack src/media/libvorbis/lib/vorbis_codebook.c:232:14
#2 0x7f86a61b2bd4 in _vorbis_unpack_books src/media/libvorbis/lib/vorbis_info.c:275:23
#3 0x7f86a61b2bd4 in vorbis_synthesis_headerin src/media/libvorbis/lib/vorbis_info.c:429
#4 0x7f86a3ed913c in DecodeHeader src/dom/media/platforms/agnostic/VorbisDecoder.cpp:130:11
#5 0x7f86a3ed913c in mozilla::VorbisDataDecoder::Init() src/dom/media/platforms/agnostic/VorbisDecoder.cpp:77
#6 0x7f86a3ceaaf6 in mozilla::RemoteDecoderParent::RecvInit() src/dom/media/ipc/RemoteDecoderParent.cpp:45:13
#7 0x7f869eb2471a in mozilla::PRemoteDecoderParent::OnMessageReceived(IPC::Message const&) src/objdir-ff-ubsan/ipc/ipdl/PRemoteDecoderParent.cpp:307:63
#8 0x7f869eb1dafc in mozilla::PRemoteDecoderManagerParent::OnMessageReceived(IPC::Message const&) src/objdir-ff-ubsan/ipc/ipdl/PRemoteDecoderManagerParent.cpp:179:32
#9 0x7f869e0b5952 in mozilla::ipc::MessageChannel::DispatchAsyncMessage(mozilla::ipc::ActorLifecycleProxy*, IPC::Message const&) src/ipc/glue/MessageChannel.cpp:2185:25
#10 0x7f869e0b05d6 in mozilla::ipc::MessageChannel::DispatchMessage(IPC::Message&&) src/ipc/glue/MessageChannel.cpp:2109:9
#11 0x7f869e0b27bf in mozilla::ipc::MessageChannel::RunMessage(mozilla::ipc::MessageChannel::MessageTask&) src/ipc/glue/MessageChannel.cpp:1954:3
#12 0x7f869e0b37f0 in mozilla::ipc::MessageChannel::MessageTask::Run() src/ipc/glue/MessageChannel.cpp:1985:13
#13 0x7f869ccffc1f in nsThread::ProcessNextEvent(bool, bool*) src/xpcom/threads/nsThread.cpp:1225:14
#14 0x7f869cd05afd in NS_ProcessNextEvent(nsIThread*, bool) src/xpcom/threads/nsThreadUtils.cpp:486:10
#15 0x7f869e0c2dbc in mozilla::ipc::MessagePumpForNonMainThreads::Run(base::MessagePump::Delegate*) src/ipc/glue/MessagePump.cpp:333:5
#16 0x7f869df56687 in RunInternal src/ipc/chromium/src/base/message_loop.cc:315:10
#17 0x7f869df56687 in RunHandler src/ipc/chromium/src/base/message_loop.cc:308
#18 0x7f869df56687 in MessageLoop::Run() src/ipc/chromium/src/base/message_loop.cc:290
#19 0x7f869ccf9430 in nsThread::ThreadFunc(void*) src/xpcom/threads/nsThread.cpp:458:11
#20 0x7f86bfe91fde in _pt_root src/nsprpub/pr/src/pthreads/ptthread.c:198:5
#21 0x7f86bfae36da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da)
#22 0x7f86beac188e in clone /build/glibc-OTsEL5/glibc-2.27/misc/../sysdeps/unix/sysv/linux/x86_64/clone.S:95
```
```
Flags: in-testsuite?
|
Reporter | |
Updated•6 years ago
|
Priority: P2 → --
|
||
Updated•6 years ago
|
Priority: -- → P3
|
|
||
Updated•6 years ago
|
Priority: P3 → P2
|
||
Updated•3 years ago
|
Severity: normal → S3
|
||
Updated•10 months ago
|
Priority: P2 → P3
You need to log in
before you can comment on or make changes to this bug.
Description
•