Suspected CLs	
==============
Findit failed to find any stack trace. Is it in a new format?

This is currently impacting the Head.

Unable to find the suspect from the stack trace, hence cced few owners from the below.
https://cs.chromium.org/chromium/src/third_party/pdfium/OWNERS
brucedawson@/jam@ : Could you please take a look into this and assign to an appropriate owner for this.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6438469184520192

Fuzzer: libfuzzer_pdf_psengine_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Undefined-shift
Crash Address: 
Crash State:
  CPDF_PSEngine::DoOperator
  CPDF_PSProc::Execute
  _start
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=413192:413325

Minimized Testcase (0.23 Kb): https://cluster-fuzz.appspot.com/download/AMIfv95p8-AwIeKbLkbhOAXELMYzqpOQRhQBbqZd_vJITxjZlVd2i6K-mXzvtUlShzLdL3h0DaQEfqcrpgHAmk75Zsy-4GJHdRx_F1OclZpCMcp0tDolKBrtkGsw-kqVuhTSzB5ejphqixTtLVxQR1RSjSF-umDSPg?testcase_id=6438469184520192

Issue manually filed by: durga.behera

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

tsepez: Your fuzzer is hard at work.

durga.behera@chromium.org: Please note, the correct bug component is Internals>Plugins>PDF, not Infra>Client>Pdfium.

Strange, the code to fix this should have landed with the fuzzer since we check now before dividing.

Nevermind, this is an undefined shift, not the div by 0 bug.

thestig@ : Thank you for the update, will follow the same going further.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=6276286807015424

Fuzzer: libfuzzer_pdf_psengine_fuzzer
Job Type: libfuzzer_chrome_ubsan
Platform Id: linux

Crash Type: Integer-overflow
Crash Address: 
Crash State:
  CPDF_PSEngine::DoOperator
  CPDF_PSProc::Execute
  _start
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=libfuzzer_chrome_ubsan&range=413192:413325

Minimized Testcase (0.10 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97AyrqZ66ytyddJ9GiiOSNo1kDW41GszyTR2FUXdvvq0aOg555u8awatymvoUTgp_BfA1DcJ-Nq7v7McED6Vpa-mtZEDkplVUl3Q6z96OtWequsYaAXEyjWSStWO3iEOZ4BGx4kVPq8E0GYgdhnQEQHDhpJZg?testcase_id=6276286807015424

Issue manually filed by: durga.behera

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

https://codereview.chromium.org/2415483002

The following revision refers to this bug:
  https://pdfium.googlesource.com/pdfium.git/+/8bc9b8b2ddeb3ffa904d8f35039550c55706ba86

commit 8bc9b8b2ddeb3ffa904d8f35039550c55706ba86
Author: thestig <thestig@chromium.org>
Date: Wed Oct 12 16:59:35 2016

Check for more undefined behavior in CPDF_PSEngine.

BUG= chromium:639792 

Review-Url: https://codereview.chromium.org/2415483002

[modify] https://crrev.com/8bc9b8b2ddeb3ffa904d8f35039550c55706ba86/core/fpdfapi/page/fpdf_page_func.cpp

The following revision refers to this bug:
  https://chromium.googlesource.com/chromium/src.git/+/67d2dc3a7b5541b718bb1383be73dc4479f9a83c

commit 67d2dc3a7b5541b718bb1383be73dc4479f9a83c
Author: pdfium-deps-roller <pdfium-deps-roller@chromium.org>
Date: Wed Oct 12 19:04:23 2016

Roll src/third_party/pdfium/ a30537f8b..8bc9b8b2d (3 commits).

https://pdfium.googlesource.com/pdfium.git/+log/a30537f8b074..8bc9b8b2ddeb

$ git log a30537f8b..8bc9b8b2d --date=short --no-merges --format='%ad %ae %s'
2016-10-12 thestig Check for more undefined behavior in CPDF_PSEngine.
2016-10-12 tsepez Get rid of CFX_ArrayTemplate<CPDF_Object*>
2016-10-12 thestig Optimize roll operator in CPDF_PSEngine.

BUG= 639792 , 648077 

TBR=dsinclair@chromium.org

Review-Url: https://codereview.chromium.org/2411923003
Cr-Commit-Position: refs/heads/master@{#424810}

[modify] https://crrev.com/67d2dc3a7b5541b718bb1383be73dc4479f9a83c/DEPS

ClusterFuzz has detected this issue as fixed in range 424762:424841.

Detailed report: https://cluster-fuzz.appspot.com/testcase?key=5928946476777472

Fuzzer: afl_pdf_psengine_fuzzer
Job Type: afl_chrome_asan
Platform Id: linux

Crash Type: Floating-point-exception
Crash Address: 
Crash State:
  CPDF_PSEngine::DoOperator
  CPDF_PSProc::Execute
  
Regressed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=413168:413317
Fixed: https://cluster-fuzz.appspot.com/revisions?job=afl_chrome_asan&range=424762:424841

Minimized Testcase (2.07 Kb): https://cluster-fuzz.appspot.com/download/AMIfv97X3f4V1MqAHQxdMq3P2VC2s0U2OL6PeYfSjehNTOiljNzBSHI1LRJGglJCk9l4dwhZjkZgAE7nM3340fVrIKvbtLaGGMtb76zP8ai9orpUQJUgV6OZvNKtk2zn6cvWiLJEwgpSGNwDRQeo_UdzpnvCFjMkLQ?testcase_id=5928946476777472

See https://chromium.googlesource.com/chromium/src/+/master/testing/libfuzzer/reproducing.md for more information.

If you suspect that the result above is incorrect, try re-doing that job on the test case report page.

Removing EditIssue view restrictions from ClusterFuzz filed bugs. If you believe that this issue should still be restricted, please reapply the label.

For more details visit https://www.chromium.org/issue-tracking/autotriage - Your friendly Sheriffbot